package iaik.me.security.rsa;

import iaik.me.security.Cipher;
import iaik.me.security.CryptoException;
import iaik.me.security.MessageDigest;
import iaik.me.security.PrivateKey;
import iaik.me.security.PublicKey;
import iaik.me.security.SecureRandom;
import iaik.me.security.Signature;
import iaik.me.utils.CryptoUtils;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_jce_me4se-3.05.jar:iaik/me/security/rsa/RSAPssSignature.class */
public class RSAPssSignature extends Signature {
    private int b;
    private Cipher a;
    final int c = 20;
    final byte[] d = new byte[8];

    @Override // iaik.me.security.Signature
    public boolean verify(byte[] bArr) throws CryptoException {
        return a(this.a.doFinal(bArr), this.md.digest(), 20, b());
    }

    @Override // iaik.me.security.Signature
    public byte[] sign() throws CryptoException {
        return this.a.doFinal(a(this.md.digest(), 20, this.md));
    }

    private boolean a(byte[] bArr, byte[] bArr2, int i, MessageDigest messageDigest) throws CryptoException {
        int i2 = this.b - 1;
        int i3 = (i2 + 7) / 8;
        int digestLength = messageDigest.getDigestLength();
        int i4 = (i3 - digestLength) - 1;
        int i5 = (i4 - i) - 1;
        int i6 = (8 * i3) - i2;
        if ((bArr[0] & 0) != 0) {
            throw new CryptoException("Invalid signature. Leftmost 8emLen - emBits not all zero.");
        }
        MGF.mgf1(bArr, 0, i4, bArr, i4, digestLength, messageDigest);
        bArr[0] = (byte) (bArr[0] & (255 >> ((8 * i3) - i2)));
        int i7 = 0;
        while (i7 < i5) {
            if (bArr[i7] != 0) {
                throw new CryptoException("Bad PSS padding: wrong leading zeroes!");
            }
            i7++;
        }
        if (bArr[i7] != 1 || bArr[bArr.length - 1] != -68) {
            throw new CryptoException("Bad PSS padding: no 0x01 or 0xbc!");
        }
        byte[] bArr3 = new byte[i];
        System.arraycopy(bArr, i4 - i, bArr3, 0, i);
        messageDigest.reset();
        messageDigest.update(this.d);
        messageDigest.update(bArr2);
        return CryptoUtils.equalsBlock(messageDigest.digest(bArr3), 0, bArr, i4, digestLength - 1);
    }

    private byte[] a(byte[] bArr, int i, MessageDigest messageDigest) throws CryptoException {
        int i2 = this.b - 1;
        int i3 = (i2 + 7) / 8;
        byte[] bArr2 = new byte[i3];
        bArr2[bArr2.length - 1] = -68;
        int digestLength = (i3 - messageDigest.getDigestLength()) - 1;
        byte[] bArr3 = new byte[i];
        SecureRandom.getDefault().nextBytes(bArr3);
        messageDigest.update(bArr2, 0, 8);
        messageDigest.update(bArr);
        messageDigest.update(bArr3);
        messageDigest.digest(bArr2, digestLength);
        int i4 = (digestLength - 1) - i;
        CryptoUtils.zeroBlock(bArr2, 0, i4);
        bArr2[i4] = 1;
        System.arraycopy(bArr3, 0, bArr2, i4 + 1, i);
        MGF.mgf1(bArr2, 0, digestLength, bArr2, digestLength, messageDigest.getDigestLength(), messageDigest);
        bArr2[0] = (byte) (bArr2[0] & ((byte) (255 >> ((8 * i3) - i2))));
        return bArr2;
    }

    @Override // iaik.me.security.Signature
    public void initVerify(PublicKey publicKey) throws CryptoException {
        this.a = Cipher.getInstance("RSA/ECB/NoPadding");
        this.a.init(2, publicKey);
        this.md = b();
        this.b = publicKey.getKeyLength();
    }

    @Override // iaik.me.security.Signature
    public void initSign(PrivateKey privateKey, SecureRandom secureRandom) throws CryptoException {
        this.a = Cipher.getInstance("RSA/ECB/NoPadding");
        this.a.init(1, privateKey);
        this.md = b();
        this.b = privateKey.getKeyLength();
    }

    private MessageDigest b() throws CryptoException {
        if (this.md != null) {
            return this.md;
        }
        String algorithm = getAlgorithm();
        if (algorithm.endsWith("withRSAandMGF1")) {
            return MessageDigest.getInstance(algorithm.substring(0, algorithm.indexOf("with")));
        }
        throw new CryptoException(new StringBuffer("Invalid RSA signature algorithm: ").append(algorithm).toString());
    }
}
