package de.carne.lwjsd.runtime.security;

import de.carne.check.Check;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

/* loaded from: input_file:de/carne/lwjsd/runtime/security/EC256SignatureFactory.class */
public class EC256SignatureFactory extends SignatureFactory {
    private static final String KEY_PAIR_ALG = "EC";
    private static final int KEY_SIZE = 256;
    private static final String SIGNATURE_ALG = "SHA256withECDSA";
    public static final String SIGNATURE_NAME = "ec256-signature";

    /* loaded from: input_file:de/carne/lwjsd/runtime/security/EC256SignatureFactory$EC256Signature.class */
    private class EC256Signature extends Signature {
        private final KeyPair keyPair;

        EC256Signature(KeyPair keyPair) {
            this.keyPair = keyPair;
        }

        @Override // de.carne.lwjsd.runtime.security.Signature
        public SignatureFactory factory() {
            return EC256SignatureFactory.this;
        }

        @Override // de.carne.lwjsd.runtime.security.Secret
        public ByteSecret getEncoded() {
            return EC256SignatureFactory.this.signatureGetEncoded0(this.keyPair);
        }

        @Override // de.carne.lwjsd.runtime.security.Signature
        public byte[] sign(InputStream inputStream) throws IOException, GeneralSecurityException {
            return EC256SignatureFactory.this.signatureSign0(this.keyPair, inputStream);
        }

        @Override // de.carne.lwjsd.runtime.security.Signature
        public boolean verify(InputStream inputStream, byte[] bArr) throws IOException, GeneralSecurityException {
            return EC256SignatureFactory.this.signatureVerify0(this.keyPair, inputStream, bArr);
        }

        @Override // java.lang.AutoCloseable
        public void close() throws Exception {
            EC256SignatureFactory.this.signatureClose0(this.keyPair);
        }
    }

    public EC256SignatureFactory() {
        super(SIGNATURE_NAME);
    }

    @Override // de.carne.lwjsd.runtime.security.SignatureFactory
    public Signature createSignature() throws GeneralSecurityException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_PAIR_ALG);
        keyPairGenerator.initialize(KEY_SIZE, getRandom());
        return new EC256Signature(keyPairGenerator.generateKeyPair());
    }

    @Override // de.carne.lwjsd.runtime.security.SignatureFactory
    public Signature createSignature(ByteSecret byteSecret) throws GeneralSecurityException {
        byte[] bArr = byteSecret.get();
        Check.assertTrue(bArr.length > 4);
        int i = (bArr[0] & 255) | ((bArr[1] & 255) << 8) | ((bArr[3] & 255) << 16) | ((bArr[3] & 255) << 24);
        Check.assertTrue(bArr.length > 4 + i);
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_PAIR_ALG);
        int length = bArr.length - (4 + i);
        byte[] bArr2 = new byte[i];
        byte[] bArr3 = new byte[length];
        ByteSecret wrap = ByteSecret.wrap(bArr2);
        try {
            ByteSecret wrap2 = ByteSecret.wrap(bArr3);
            Throwable th = null;
            try {
                try {
                    System.arraycopy(bArr, 4, bArr2, 0, i);
                    System.arraycopy(bArr, 4 + i, bArr3, 0, length);
                    PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(bArr2);
                    X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(bArr3);
                    if (wrap2 != null) {
                        $closeResource(null, wrap2);
                    }
                    return new EC256Signature(new KeyPair(keyFactory.generatePublic(x509EncodedKeySpec), keyFactory.generatePrivate(pKCS8EncodedKeySpec)));
                } finally {
                }
            } catch (Throwable th2) {
                if (wrap2 != null) {
                    $closeResource(th, wrap2);
                }
                throw th2;
            }
        } finally {
            if (wrap != null) {
                $closeResource(null, wrap);
            }
        }
    }

    ByteSecret signatureGetEncoded0(KeyPair keyPair) {
        ByteSecret wrap = ByteSecret.wrap(keyPair.getPrivate().getEncoded());
        try {
            ByteSecret wrap2 = ByteSecret.wrap(keyPair.getPublic().getEncoded());
            try {
                int length = wrap.length();
                int length2 = wrap2.length();
                byte[] bArr = new byte[4 + length + length2];
                bArr[0] = (byte) (length & 255);
                bArr[1] = (byte) ((length >>> 8) & 255);
                bArr[2] = (byte) ((length >>> 16) & 255);
                bArr[3] = (byte) ((length >>> 24) & 255);
                System.arraycopy(wrap.get(), 0, bArr, 4, length);
                System.arraycopy(wrap2.get(), 0, bArr, 4 + length, length2);
                if (wrap2 != null) {
                    $closeResource(null, wrap2);
                }
                return ByteSecret.wrap(bArr);
            } catch (Throwable th) {
                if (wrap2 != null) {
                    $closeResource(null, wrap2);
                }
                throw th;
            }
        } finally {
            if (wrap != null) {
                $closeResource(null, wrap);
            }
        }
    }

    byte[] signatureSign0(KeyPair keyPair, InputStream inputStream) throws IOException, GeneralSecurityException {
        java.security.Signature signature = java.security.Signature.getInstance(SIGNATURE_ALG);
        signature.initSign(keyPair.getPrivate(), getRandom());
        byte[] bArr = new byte[4096];
        while (true) {
            int read = inputStream.read(bArr);
            if (read < 0) {
                return signature.sign();
            }
            signature.update(bArr, 0, read);
        }
    }

    boolean signatureVerify0(KeyPair keyPair, InputStream inputStream, byte[] bArr) throws IOException, GeneralSecurityException {
        java.security.Signature signature = java.security.Signature.getInstance(SIGNATURE_ALG);
        signature.initVerify(keyPair.getPublic());
        byte[] bArr2 = new byte[4096];
        while (true) {
            int read = inputStream.read(bArr2);
            if (read < 0) {
                return signature.verify(bArr);
            }
            signature.update(bArr2, 0, read);
        }
    }

    void signatureClose0(KeyPair keyPair) {
        safeDestroy(keyPair.getPrivate());
    }

    private static /* synthetic */ void $closeResource(Throwable th, AutoCloseable autoCloseable) {
        if (th == null) {
            autoCloseable.close();
            return;
        }
        try {
            autoCloseable.close();
        } catch (Throwable th2) {
            th.addSuppressed(th2);
        }
    }
}
