package org.xwiki.crypto.signer.internal;

import java.io.IOException;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import javax.inject.Inject;
import javax.inject.Singleton;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.operator.ContentVerifier;
import org.bouncycastle.operator.ContentVerifierProvider;
import org.xwiki.component.annotation.Component;
import org.xwiki.component.manager.ComponentLookupException;
import org.xwiki.component.manager.ComponentManager;
import org.xwiki.crypto.params.cipher.CipherParameters;
import org.xwiki.crypto.params.cipher.asymmetric.PublicKeyParameters;
import org.xwiki.crypto.pkix.internal.BcUtils;
import org.xwiki.crypto.pkix.params.CertifiedPublicKey;
import org.xwiki.crypto.signer.Signer;
import org.xwiki.crypto.signer.SignerFactory;
import org.xwiki.crypto.signer.internal.factory.BcSignerFactory;

@Singleton
@Component
/* loaded from: input_file:WEB-INF/lib/xwiki-commons-crypto-pkix-9.11.2.jar:org/xwiki/crypto/signer/internal/DefaultBcContentVerifierProviderBuilder.class */
public class DefaultBcContentVerifierProviderBuilder implements BcContentVerifierProviderBuilder {

    @Inject
    private ComponentManager manager;

    @Override // org.xwiki.crypto.signer.internal.BcContentVerifierProviderBuilder
    public ContentVerifierProvider build(final CertifiedPublicKey certifiedPublicKey) {
        return new ContentVerifierProvider() { // from class: org.xwiki.crypto.signer.internal.DefaultBcContentVerifierProviderBuilder.1
            @Override // org.bouncycastle.operator.ContentVerifierProvider
            public boolean hasAssociatedCertificate() {
                return true;
            }

            @Override // org.bouncycastle.operator.ContentVerifierProvider
            public X509CertificateHolder getAssociatedCertificate() {
                return BcUtils.getX509CertificateHolder(certifiedPublicKey);
            }

            @Override // org.bouncycastle.operator.ContentVerifierProvider
            public ContentVerifier get(AlgorithmIdentifier algorithmIdentifier) {
                return DefaultBcContentVerifierProviderBuilder.this.getInstance(certifiedPublicKey.getPublicKeyParameters(), algorithmIdentifier);
            }
        };
    }

    @Override // org.xwiki.crypto.signer.internal.BcContentVerifierProviderBuilder
    public ContentVerifierProvider build(final PublicKeyParameters publicKeyParameters) {
        return new ContentVerifierProvider() { // from class: org.xwiki.crypto.signer.internal.DefaultBcContentVerifierProviderBuilder.2
            @Override // org.bouncycastle.operator.ContentVerifierProvider
            public boolean hasAssociatedCertificate() {
                return false;
            }

            @Override // org.bouncycastle.operator.ContentVerifierProvider
            public X509CertificateHolder getAssociatedCertificate() {
                return null;
            }

            @Override // org.bouncycastle.operator.ContentVerifierProvider
            public ContentVerifier get(AlgorithmIdentifier algorithmIdentifier) {
                return DefaultBcContentVerifierProviderBuilder.this.getInstance(publicKeyParameters, algorithmIdentifier);
            }
        };
    }

    /* JADX INFO: Access modifiers changed from: private */
    public ContentVerifier getInstance(CipherParameters cipherParameters, final AlgorithmIdentifier algorithmIdentifier) {
        SignerFactory factory = getFactory(algorithmIdentifier.getAlgorithm().getId());
        if (factory instanceof BcSignerFactory) {
            return (ContentVerifier) ((BcSignerFactory) factory).getInstance(false, cipherParameters, algorithmIdentifier);
        }
        try {
            final Signer signerFactory = factory.getInstance(false, cipherParameters, algorithmIdentifier.getEncoded());
            return new ContentVerifier() { // from class: org.xwiki.crypto.signer.internal.DefaultBcContentVerifierProviderBuilder.3
                @Override // org.bouncycastle.operator.ContentVerifier
                public AlgorithmIdentifier getAlgorithmIdentifier() {
                    return algorithmIdentifier;
                }

                @Override // org.bouncycastle.operator.ContentVerifier
                public OutputStream getOutputStream() {
                    return signerFactory.getOutputStream();
                }

                @Override // org.bouncycastle.operator.ContentVerifier
                public boolean verify(byte[] bArr) {
                    return DefaultBcContentVerifierProviderBuilder.verify(signerFactory, bArr);
                }
            };
        } catch (IOException e) {
            throw new IllegalArgumentException("Unable to encode algorithm identifier.");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean verify(Signer signer, byte[] bArr) {
        try {
            return signer.verify(bArr);
        } catch (GeneralSecurityException e) {
            return false;
        }
    }

    protected SignerFactory getFactory(String str) {
        try {
            return (SignerFactory) this.manager.getInstance(SignerFactory.class, str);
        } catch (ComponentLookupException e) {
            throw new UnsupportedOperationException("Signing algorithm not found.", e);
        }
    }
}
