package mx.gob.sat.sgi.SgiCripto.ara.criptografia;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.pkcs.RSAPrivateKeyStructure;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.DigestInfo;
import org.bouncycastle.asn1.x509.RSAPublicKeyStructure;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.engines.RSAEngine;
import org.bouncycastle.crypto.params.RSAKeyParameters;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: input_file:mx/gob/sat/sgi/SgiCripto/ara/criptografia/Firma.class */
public class Firma {
    private void ver_Firma() {
    }

    public static byte[] generaFirma(RSAPrivateKeyStructure rSAPrivateKeyStructure, byte[] bArr) throws CriptografiaException, InvalidCipherTextException {
        return Base64.encode(Encripcion.RSA(true, rSAPrivateKeyStructure, generaAntefirma(new ByteArrayInputStream(bArr), new AlgorithmIdentifier(new DERObjectIdentifier(AlgoritmoDigestion.idMD5), DERNull.INSTANCE), rSAPrivateKeyStructure)));
    }

    public static boolean verificaFirma(X509Certificate x509Certificate, byte[] bArr, byte[] bArr2) throws CriptografiaException {
        try {
            byte[] decode = Base64.decode(bArr2);
            RSAPublicKey rSAPublicKey = (RSAPublicKey) x509Certificate.getPublicKey();
            DigestInfo digestInfo = DigestInfo.getInstance(ASN1Object.fromByteArray(Encripcion.RSA(false, new RSAPublicKeyStructure(rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent()), decode)));
            return Arrays.equals(digestInfo.getDigest(), Digestion.generaDigestion(new ByteArrayInputStream(bArr), digestInfo.getAlgorithmId()));
        } catch (IOException e) {
            throw new CriptografiaException(-1, new StringBuffer().append("Firma.verificaFirma(...) I/O Exception. ").append(e.getMessage()).toString());
        }
    }

    private static byte[] quitaPadingPKCS1(byte[] bArr) throws CriptografiaException {
        if (bArr[0] == 1) {
            int i = 1;
            while (bArr[i] == -1 && i < bArr.length) {
                i++;
            }
            if (i < bArr.length && bArr[i] == 0) {
                int i2 = i + 1;
                byte[] bArr2 = new byte[bArr.length - i2];
                System.arraycopy(bArr, i2, bArr2, 0, bArr2.length);
                return bArr2;
            }
        }
        throw new CriptografiaException(-1, "Firma.quitaPaddingPKCS1(...): Formato de firma (padding) invï¿½lido");
    }

    private static byte[] generaAntefirma(Object obj, AlgorithmIdentifier algorithmIdentifier, RSAPrivateKeyStructure rSAPrivateKeyStructure) throws CriptografiaException {
        byte[] generaDigestion = Digestion.generaDigestion((InputStream) obj, algorithmIdentifier);
        RSAEngine rSAEngine = new RSAEngine();
        rSAEngine.init(true, new RSAKeyParameters(true, rSAPrivateKeyStructure.getModulus(), rSAPrivateKeyStructure.getPublicExponent()));
        int inputBlockSize = rSAEngine.getInputBlockSize();
        byte[] dEREncoded = new DigestInfo(algorithmIdentifier, generaDigestion).getDEREncoded();
        if (dEREncoded.length + 3 > inputBlockSize) {
            throw new CriptografiaException(-1, "Firma.generaAntefirma(...): Genera antefirma");
        }
        byte[] bArr = new byte[inputBlockSize];
        bArr[0] = 1;
        int i = 1;
        while (i < (inputBlockSize - dEREncoded.length) - 1) {
            bArr[i] = -1;
            i++;
        }
        bArr[i] = 0;
        System.arraycopy(dEREncoded, 0, bArr, i + 1, dEREncoded.length);
        return bArr;
    }
}
