package weblogic.security;

import com.bea.utils.misc.ProcessBase;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import weblogic.security.ASN1.ASN1Header;
import weblogic.security.ASN1.ASN1Utils;

/* loaded from: input_file:weblogic.jar:weblogic/security/RSAMDSignature.class */
public final class RSAMDSignature extends Signature {
    protected RSAPublicKey publicKey;
    protected RSAPrivateKey privateKey;

    public RSAMDSignature() {
    }

    public RSAMDSignature(RSAPublicKey rSAPublicKey) {
        this();
        this.publicKey = rSAPublicKey;
        try {
            this.cipher = new RSApkcs1();
        } catch (CoderException e) {
        }
        this.cipher.setDecryptionKey(this.publicKey);
    }

    public RSAMDSignature(RSAPublicKey rSAPublicKey, RSAPrivateKey rSAPrivateKey) {
        this();
        this.publicKey = rSAPublicKey;
        this.privateKey = rSAPrivateKey;
        try {
            this.cipher = new RSApkcs1();
        } catch (CoderException e) {
        }
        this.cipher.setEncryptionKey(this.privateKey);
        this.cipher.setDecryptionKey(this.publicKey);
    }

    public RSAMDSignature(RSAPublicKey rSAPublicKey, RSAPrivateKey rSAPrivateKey, byte[] bArr) throws CipherException {
        this(rSAPublicKey, rSAPrivateKey);
        this.document = bArr;
        sign();
    }

    public RSAMDSignature(X509 x509, byte[] bArr, byte[] bArr2) {
        this((RSAPublicKey) x509.key);
        this.signer = x509.holder;
        this.signatureBytes = bArr;
        this.document = bArr2;
    }

    @Override // weblogic.security.Signature
    public boolean verify() throws AuthenticationException, CipherException {
        MessageDigest wLMessageDigest;
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.cipher.decrypt(this.signatureBytes));
            ASN1Header aSN1Header = new ASN1Header();
            aSN1Header.input(byteArrayInputStream);
            aSN1Header.input(byteArrayInputStream);
            aSN1Header.input(byteArrayInputStream);
            int[] inputASN1ObjectID = ASN1Utils.inputASN1ObjectID(aSN1Header, byteArrayInputStream);
            aSN1Header.input(byteArrayInputStream);
            aSN1Header.skipBody(byteArrayInputStream);
            aSN1Header.input(byteArrayInputStream);
            byte[] readBody = aSN1Header.readBody(byteArrayInputStream);
            if (ASN1Utils.isPrefix(new int[]{1, 3, 14, 3, 2, 26}, inputASN1ObjectID)) {
                wLMessageDigest = WLMessageDigest.getInstance("SHA");
            } else {
                if (!ASN1Utils.isPrefix(ASN1Utils.rsaID, inputASN1ObjectID)) {
                    throw new CipherException("Unknown digest algorithm");
                }
                if (inputASN1ObjectID[ASN1Utils.rsaID.length] != 2) {
                    throw new CipherException("Unknown digest algorithm");
                }
                switch (inputASN1ObjectID[ASN1Utils.rsaID.length + 1]) {
                    case 2:
                        wLMessageDigest = WLMessageDigest.getInstance(ProcessBase.DIG_ALG_MD2);
                        break;
                    case 5:
                        wLMessageDigest = WLMessageDigest.getInstance("MD5");
                        break;
                    default:
                        throw new AuthenticationException(new StringBuffer().append("Unsupported MD").append(inputASN1ObjectID[inputASN1ObjectID.length - 1]).toString());
                }
            }
            wLMessageDigest.update(this.document);
            return MessageDigestUtils.isEqual(wLMessageDigest.digest(), readBody);
        } catch (IOException e) {
            throw new CipherException(new StringBuffer().append(e.toString()).append(" possibly incorrect SSLServerCertificateChainFileName ").append("set for this server certificate").toString());
        } catch (CipherException e2) {
            SecurityLogger.logStackTrace(e2);
            throw new CipherException(new StringBuffer().append(e2.getMessage()).append(" possibly incorrect SSLServerCertificateChainFileName ").append("set for this server certificate").toString());
        }
    }

    @Override // weblogic.security.Signature
    public byte[] sign() {
        return new byte[0];
    }

    @Override // weblogic.security.Signature
    public String algName() {
        return "RSA_with_MD";
    }
}
