package com.github.relucent.base.common.crypto.signature;

import com.github.relucent.base.common.crypto.CryptoException;
import com.github.relucent.base.common.crypto.asymmetric.KeyUtil;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Set;

/* loaded from: input_file:com/github/relucent/base/common/crypto/signature/SignatureCrypto.class */
public class SignatureCrypto {
    private static final String KEY_USAGE_OID = "2.5.29.15";
    protected String algorithm;
    protected PublicKey publicKey;
    protected PrivateKey privateKey;
    protected Signature signature;

    public SignatureCrypto(SignatureAlgorithm signatureAlgorithm) {
        this(signatureAlgorithm, (PrivateKey) null, (PublicKey) null);
    }

    public SignatureCrypto(SignatureAlgorithm signatureAlgorithm, PrivateKey privateKey) {
        this(signatureAlgorithm, privateKey, (PublicKey) null);
    }

    public SignatureCrypto(SignatureAlgorithm signatureAlgorithm, PublicKey publicKey) {
        this(signatureAlgorithm, (PrivateKey) null, publicKey);
    }

    public SignatureCrypto(SignatureAlgorithm signatureAlgorithm, PrivateKey privateKey, PublicKey publicKey) {
        this(signatureAlgorithm.getValue(), privateKey, publicKey);
    }

    protected SignatureCrypto(String str, PrivateKey privateKey, PublicKey publicKey) {
        initialize(str, privateKey, publicKey);
    }

    protected void initialize(String str, PrivateKey privateKey, PublicKey publicKey) {
        this.algorithm = str;
        try {
            this.signature = Signature.getInstance(str);
            if (privateKey != null || publicKey != null) {
                this.privateKey = privateKey;
                this.publicKey = publicKey;
            } else {
                KeyPair generateKeyPair = generateKeyPair();
                this.privateKey = generateKeyPair.getPrivate();
                this.publicKey = generateKeyPair.getPublic();
            }
        } catch (NoSuchAlgorithmException e) {
            throw new CryptoException(e);
        }
    }

    protected KeyPair generateKeyPair() {
        return KeyUtil.generateKeyPair(this.algorithm);
    }

    public byte[] sign(byte[] bArr) {
        try {
            this.signature.initSign(this.privateKey);
            this.signature.update(bArr);
            return this.signature.sign();
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    public boolean verify(byte[] bArr, byte[] bArr2) {
        try {
            this.signature.initVerify(this.publicKey);
            this.signature.update(bArr);
            return this.signature.verify(bArr2);
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    public SignatureCrypto setCertificate(Certificate certificate) {
        X509Certificate x509Certificate;
        Set<String> criticalExtensionOIDs;
        boolean[] keyUsage;
        if ((certificate instanceof X509Certificate) && (criticalExtensionOIDs = (x509Certificate = (X509Certificate) certificate).getCriticalExtensionOIDs()) != null && criticalExtensionOIDs.contains(KEY_USAGE_OID) && (keyUsage = x509Certificate.getKeyUsage()) != null && !keyUsage[0]) {
            throw new CryptoException("Certificate keyUsage Error");
        }
        this.publicKey = certificate.getPublicKey();
        return this;
    }

    public SignatureCrypto setParameter(AlgorithmParameterSpec algorithmParameterSpec) {
        try {
            this.signature.setParameter(algorithmParameterSpec);
            return this;
        } catch (InvalidAlgorithmParameterException e) {
            throw new CryptoException(e);
        }
    }

    public SignatureCrypto setPrivateKey(PrivateKey privateKey) {
        this.privateKey = privateKey;
        return this;
    }

    public SignatureCrypto setPublicKey(PublicKey publicKey) {
        this.publicKey = publicKey;
        return this;
    }

    public String getAlgorithm() {
        return this.algorithm;
    }

    public Signature getSignature() {
        return this.signature;
    }

    public PrivateKey getPrivateKey() {
        return this.privateKey;
    }

    public PublicKey getPublicKey() {
        return this.publicKey;
    }
}
