package de.tsenger.vdstools;

import de.tsenger.vdstools.vds.DigitalSeal;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPublicKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Hex;
import org.tinylog.Logger;

/* loaded from: input_file:de/tsenger/vdstools/Verifier.class */
public class Verifier {
    private ECPublicKey ecPubKey;
    private int fieldBitLength;
    private byte[] messageBytes;
    private byte[] signatureBytes;
    String signatureAlgorithmName = "SHA256WITHECDSA";

    /* loaded from: input_file:de/tsenger/vdstools/Verifier$Result.class */
    public enum Result {
        SignatureValid,
        SignatureInvalid,
        VerifyError;

        /* renamed from: values, reason: to resolve conflict with enum method */
        public static Result[] valuesCustom() {
            Result[] valuesCustom = values();
            int length = valuesCustom.length;
            Result[] resultArr = new Result[length];
            System.arraycopy(valuesCustom, 0, resultArr, 0, length);
            return resultArr;
        }
    }

    public Verifier(DigitalSeal digitalSeal, X509Certificate x509Certificate) {
        this.fieldBitLength = 256;
        Security.addProvider(new BouncyCastleProvider());
        if (!(x509Certificate.getPublicKey() instanceof ECPublicKey)) {
            throw new IllegalArgumentException("Certificate should contain EC public key!");
        }
        this.ecPubKey = (ECPublicKey) x509Certificate.getPublicKey();
        this.fieldBitLength = this.ecPubKey.getParams().getCurve().getField().getFieldSize();
        this.messageBytes = digitalSeal.getHeaderAndMessageBytes();
        this.signatureBytes = digitalSeal.getSignatureBytes();
        Logger.debug("Public Key bytes: 0x{}", new Object[]{Hex.toHexString(this.ecPubKey.getEncoded())});
        Logger.debug("Field bit length: {}", new Object[]{Integer.valueOf(this.fieldBitLength)});
        Logger.debug("Message bytes: {}", new Object[]{Hex.toHexString(this.messageBytes)});
        Logger.debug("Signature bytes: {}", new Object[]{Hex.toHexString(this.signatureBytes)});
    }

    public Result verify() {
        if (this.fieldBitLength <= 224) {
            this.signatureAlgorithmName = "SHA224withPLAIN-ECDSA";
        } else if (this.fieldBitLength <= 256) {
            this.signatureAlgorithmName = "SHA256withPLAIN-ECDSA";
        } else if (this.fieldBitLength <= 384) {
            this.signatureAlgorithmName = "SHA384withPLAIN-ECDSA";
        } else {
            if (this.fieldBitLength > 512) {
                Logger.error("Bit length of Field is out of definied value: " + this.fieldBitLength);
                return Result.VerifyError;
            }
            this.signatureAlgorithmName = "SHA512withPLAIN-ECDSA";
        }
        try {
            Logger.debug("Verify with signatureAlgorithmName: " + this.signatureAlgorithmName);
            Signature signature = Signature.getInstance(this.signatureAlgorithmName, "BC");
            signature.initVerify(this.ecPubKey);
            signature.update(this.messageBytes);
            return signature.verify(this.signatureBytes) ? Result.SignatureValid : Result.SignatureInvalid;
        } catch (InvalidKeyException e) {
            Logger.error("InvalidKeyException: {}", new Object[]{e.getLocalizedMessage()});
            return Result.VerifyError;
        } catch (NoSuchAlgorithmException e2) {
            Logger.error("NoSuchAlgorithmException: {}", new Object[]{e2.getLocalizedMessage()});
            return Result.VerifyError;
        } catch (NoSuchProviderException e3) {
            Logger.error("NoSuchProviderException: {}", new Object[]{e3.getLocalizedMessage()});
            return Result.VerifyError;
        } catch (SignatureException e4) {
            Logger.error("SignatureException: {}", new Object[]{e4.getLocalizedMessage()});
            return Result.VerifyError;
        }
    }
}
