package oracle.security.crypto.cmp;

import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import oracle.security.crypto.asn1.ASN1Object;
import oracle.security.crypto.cert.GeneralName;
import oracle.security.crypto.cmp.ProofOfPossession;
import oracle.security.crypto.core.AlgorithmIdentifier;
import oracle.security.crypto.core.AlgorithmIdentifierException;
import oracle.security.crypto.core.InvalidMACException;
import oracle.security.crypto.core.PasswordBasedMAC;
import oracle.security.crypto.util.CryptoUtils;
import oracle.security.crypto.util.Utils;

/* loaded from: input_file:oracle/security/crypto/cmp/SignaturePOP.class */
public class SignaturePOP extends ProofOfPossession {
    private static final ProofOfPossession.Type TYPE = ProofOfPossession.Type.SIGNATURE;
    private POPOSigningKey poposk;
    private transient ASN1Object contents;

    public SignaturePOP() {
    }

    public SignaturePOP(AlgorithmIdentifier algorithmIdentifier) {
        this.poposk = new POPOSigningKey(algorithmIdentifier);
    }

    public SignaturePOP(AlgorithmIdentifier algorithmIdentifier, PublicKey publicKey, GeneralName generalName) throws InvalidKeyException {
        this.poposk = new POPOSigningKey(algorithmIdentifier, publicKey, generalName);
    }

    public SignaturePOP(AlgorithmIdentifier algorithmIdentifier, PublicKey publicKey, byte[] bArr) throws NoSuchAlgorithmException, AlgorithmIdentifierException {
        this(algorithmIdentifier, publicKey, bArr, SecureRandom.getInstance(CMPUtils.DEFAULT_RandomGenerator_ALGO));
    }

    public SignaturePOP(AlgorithmIdentifier algorithmIdentifier, PublicKey publicKey, byte[] bArr, SecureRandom secureRandom) throws AlgorithmIdentifierException {
        this.poposk = new POPOSigningKey(algorithmIdentifier, publicKey, bArr, secureRandom);
    }

    public SignaturePOP(InputStream inputStream) throws IOException {
        input(inputStream);
    }

    @Override // oracle.security.crypto.cmp.ProofOfPossession
    public ProofOfPossession.Type getType() {
        return TYPE;
    }

    public void sign(PrivateKey privateKey, SecureRandom secureRandom) throws SignatureException {
        try {
            this.poposk.sign(privateKey, secureRandom != null ? secureRandom : SecureRandom.getInstance(CMPUtils.DEFAULT_RandomGenerator_ALGO));
        } catch (NoSuchAlgorithmException e) {
            throw new SignatureException(e.toString());
        }
    }

    public void sign(CertRequest certRequest, PrivateKey privateKey, SecureRandom secureRandom) throws SignatureException {
        try {
            this.poposk.sign(certRequest, privateKey, secureRandom != null ? secureRandom : SecureRandom.getInstance(CMPUtils.DEFAULT_RandomGenerator_ALGO));
        } catch (NoSuchAlgorithmException e) {
            throw new SignatureException(e.toString());
        }
    }

    public boolean verify(PublicKey publicKey, CertRequest certRequest) throws SignatureException {
        return this.poposk.verifySignature(publicKey, certRequest);
    }

    public boolean verify(PublicKey publicKey, GeneralName generalName) throws SignatureException {
        if (generalName.equals(this.poposk.getSenderName())) {
            return this.poposk.verifySignature(publicKey);
        }
        return false;
    }

    public boolean verify(PublicKey publicKey, byte[] bArr) throws SignatureException, InvalidMACException {
        try {
            if (Utils.areEqual(new PasswordBasedMAC(this.poposk.getMacAlgID(), bArr).computeDigest(Utils.toBytes(CryptoUtils.subjectPublicKeyInfo(CMPUtils.toPhaosPublicKey(publicKey)))), this.poposk.getMacBytes())) {
                return this.poposk.verifySignature(publicKey);
            }
            return false;
        } catch (AlgorithmIdentifierException e) {
            throw new InvalidMACException(e.toString());
        } catch (InvalidKeyException e2) {
            throw new SignatureException(e2.toString());
        }
    }

    public AlgorithmIdentifier getSignatureAlgID() {
        return this.poposk.getSignatureAlgID();
    }

    public byte[] getSignatureBytes() {
        return this.poposk.getSignatureBytes();
    }

    public GeneralName getSenderName() {
        return this.poposk.getSenderName();
    }

    public AlgorithmIdentifier getMacAlgID() {
        return this.poposk.getMacAlgID();
    }

    public byte[] getMacBytes() {
        return this.poposk.getMacBytes();
    }

    public PublicKey getPublicKey() {
        return this.poposk.getPublicKey();
    }

    public String toString() {
        return TYPE + " " + (this.poposk != null ? this.poposk.toString() : "= null");
    }

    public void input(InputStream inputStream) throws IOException {
        this.poposk = new POPOSigningKey(inputStream);
        update();
        this.contents = this.poposk;
    }

    @Override // oracle.security.crypto.cmp.ProofOfPossession
    ASN1Object toASN1Object() {
        if (this.contents == null) {
            this.contents = this.poposk;
        }
        return this.contents;
    }

    @Override // oracle.security.crypto.cmp.ProofOfPossession
    void clearCache() {
        this.contents = null;
    }
}
