package be.fgov.ehealth.technicalconnector.distributedkeys.jca;

import java.io.ByteArrayOutputStream;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.SignatureSpi;
import java.util.HashMap;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:be/fgov/ehealth/technicalconnector/distributedkeys/jca/DistributedKeySignature.class */
public class DistributedKeySignature extends SignatureSpi {
    private static final Logger LOG = LoggerFactory.getLogger(DistributedKeySignature.class);
    private static Map<String, String> digestAlgos = new HashMap();
    private final MessageDigest messageDigest;
    private DistributedPrivateKey privateKey;
    private Signature verifySignature;
    private final String signatureAlgorithm;
    private final ByteArrayOutputStream precomputedDigestOutputStream;

    public static void registerDigestAlgorithm(String str, String str2) {
        digestAlgos.put(str, str2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DistributedKeySignature(String str) throws NoSuchAlgorithmException {
        LOG.debug("constructor: " + str);
        this.signatureAlgorithm = str;
        if (!digestAlgos.containsKey(str)) {
            LOG.error("no such algo: " + str);
            throw new NoSuchAlgorithmException(str);
        }
        String str2 = digestAlgos.get(str);
        if (null != str2) {
            this.messageDigest = MessageDigest.getInstance(str2);
            this.precomputedDigestOutputStream = null;
        } else {
            LOG.debug("NONE message digest");
            this.messageDigest = null;
            this.precomputedDigestOutputStream = new ByteArrayOutputStream();
        }
    }

    @Override // java.security.SignatureSpi
    protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException {
        LOG.debug("engineInitSign");
        if (!(privateKey instanceof DistributedPrivateKey)) {
            throw new InvalidKeyException();
        }
        this.privateKey = (DistributedPrivateKey) privateKey;
        if (null != this.messageDigest) {
            this.messageDigest.reset();
        }
    }

    @Override // java.security.SignatureSpi
    protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException {
        LOG.debug("engineInitVerify");
        if (null == this.verifySignature) {
            try {
                this.verifySignature = Signature.getInstance(this.signatureAlgorithm);
            } catch (NoSuchAlgorithmException e) {
                throw new InvalidKeyException("no such algo: " + e.getMessage(), e);
            }
        }
        this.verifySignature.initVerify(publicKey);
    }

    @Override // java.security.SignatureSpi
    protected void engineUpdate(byte b) throws SignatureException {
        this.messageDigest.update(b);
        if (null != this.verifySignature) {
            this.verifySignature.update(b);
        }
    }

    @Override // java.security.SignatureSpi
    protected void engineUpdate(byte[] bArr, int i, int i2) throws SignatureException {
        if (null != this.messageDigest) {
            this.messageDigest.update(bArr, i, i2);
        }
        if (null != this.precomputedDigestOutputStream) {
            this.precomputedDigestOutputStream.write(bArr, i, i2);
        }
        if (null != this.verifySignature) {
            this.verifySignature.update(bArr, i, i2);
        }
    }

    @Override // java.security.SignatureSpi
    protected byte[] engineSign() throws SignatureException {
        byte[] byteArray;
        String str;
        LOG.debug("engineSign");
        if (null != this.messageDigest) {
            byteArray = this.messageDigest.digest();
            str = this.messageDigest.getAlgorithm();
            if (this.signatureAlgorithm.endsWith("andMGF1")) {
                str = str + "-PSS";
            }
        } else {
            if (null == this.precomputedDigestOutputStream) {
                throw new SignatureException();
            }
            byteArray = this.precomputedDigestOutputStream.toByteArray();
            str = "NONE";
        }
        return this.privateKey.sign(byteArray, str);
    }

    @Override // java.security.SignatureSpi
    protected boolean engineVerify(byte[] bArr) throws SignatureException {
        LOG.debug("engineVerify");
        if (null == this.verifySignature) {
            throw new SignatureException("initVerify required");
        }
        return this.verifySignature.verify(bArr);
    }

    @Override // java.security.SignatureSpi
    @Deprecated
    protected void engineSetParameter(String str, Object obj) throws InvalidParameterException {
    }

    @Override // java.security.SignatureSpi
    @Deprecated
    protected Object engineGetParameter(String str) throws InvalidParameterException {
        return null;
    }

    static {
        digestAlgos.put("SHA1withRSA", "SHA-1");
        digestAlgos.put("SHA224withRSA", "SHA-224");
        digestAlgos.put("SHA256withRSA", "SHA-256");
        digestAlgos.put("SHA384withRSA", "SHA-384");
        digestAlgos.put("SHA512withRSA", "SHA-512");
        digestAlgos.put("NONEwithRSA", null);
        digestAlgos.put("RIPEMD128withRSA", "RIPEMD128");
        digestAlgos.put("RIPEMD160withRSA", "RIPEMD160");
        digestAlgos.put("RIPEMD256withRSA", "RIPEMD256");
        digestAlgos.put("SHA1withRSAandMGF1", "SHA-1");
        digestAlgos.put("SHA256withRSAandMGF1", "SHA-256");
        digestAlgos.put("SHA256withECDSA", "SHA-256");
        digestAlgos.put("SHA384withECDSA", "SHA-384");
        digestAlgos.put("SHA512withECDSA", "SHA-512");
        digestAlgos.put("NONEwithECDSA", null);
    }
}
