package oracle.security.crypto.core;

import java.io.IOException;
import oracle.security.crypto.asn1.ASN1Integer;
import oracle.security.crypto.asn1.ASN1ObjectID;
import oracle.security.crypto.asn1.ASN1Sequence;
import oracle.security.crypto.core.math.BigInt;
import oracle.security.crypto.fips.FIPS_140_2;
import oracle.security.crypto.provider.TransitionMode;
import oracle.security.crypto.util.UnsyncByteArrayInputStream;
import oracle.security.crypto.util.Utils;
import oracle.security.pki.PKIConstants;

/* loaded from: input_file:oracle/security/crypto/core/DSA.class */
public final class DSA extends Signature {
    public static final ASN1ObjectID dsaKeyOID = AlgID.dsa.getOID();
    public static final ASN1ObjectID dsaKeyOldOID = AlgID.dsaOld.getOID();
    public static final ASN1ObjectID dsaSigOID = AlgID.dsaWithSHA1.getOID();
    public static final ASN1ObjectID dsaSigOldOID = AlgID.dsaWithSHA.getOID();
    public static final ASN1ObjectID dsaSigOldOID2 = AlgID.dsaWithSHA1Old.getOID();
    private ASN1ObjectID c;
    private DSAPublicKey d;
    private DSAPrivateKey e;
    private RandomBitsSource f;
    private MessageDigest g;
    private byte[] h;

    public DSA() {
        this.c = dsaSigOID;
    }

    public DSA(DSAPublicKey dSAPublicKey) {
        this();
        a.a(dSAPublicKey, 4096);
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        this.d = dSAPublicKey;
    }

    public DSA(DSAPublicKey dSAPublicKey, DSAPrivateKey dSAPrivateKey) {
        this(dSAPublicKey, dSAPrivateKey, RandomBitsSource.getDefault());
    }

    public DSA(DSAPublicKey dSAPublicKey, DSAPrivateKey dSAPrivateKey, RandomBitsSource randomBitsSource) {
        this();
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        a.a(dSAPublicKey, 4096);
        a.a(dSAPrivateKey, 4096);
        this.d = dSAPublicKey;
        this.e = dSAPrivateKey;
        this.f = randomBitsSource;
    }

    public DSA(DSAPublicKey dSAPublicKey, DSAPrivateKey dSAPrivateKey, byte[] bArr) throws SignatureException {
        this(dSAPublicKey, dSAPrivateKey, RandomBitsSource.getDefault(), bArr);
    }

    public DSA(DSAPublicKey dSAPublicKey, DSAPrivateKey dSAPrivateKey, RandomBitsSource randomBitsSource, byte[] bArr) throws SignatureException {
        this(dSAPublicKey, dSAPrivateKey, randomBitsSource);
        setDocument(bArr);
        sign();
    }

    public DSA(DSAPrivateKey dSAPrivateKey, byte[] bArr) throws SignatureException {
        this(dSAPrivateKey, RandomBitsSource.getDefault(), bArr);
    }

    public DSA(DSAPrivateKey dSAPrivateKey, RandomBitsSource randomBitsSource, byte[] bArr) throws SignatureException {
        this(null, dSAPrivateKey, randomBitsSource, bArr);
    }

    public DSA(DSAPublicKey dSAPublicKey, byte[] bArr, byte[] bArr2) {
        this(dSAPublicKey);
        setSigBytes(bArr);
        setDocument(bArr2);
    }

    @Override // oracle.security.crypto.core.Signature
    public void setAlgID(AlgorithmIdentifier algorithmIdentifier) throws AlgorithmIdentifierException {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        this.c = algorithmIdentifier.getOID();
    }

    @Override // oracle.security.crypto.core.Signature
    public AlgorithmIdentifier getAlgID() {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        return new AlgorithmIdentifier(this.c, false);
    }

    @Override // oracle.security.crypto.core.Signature
    public AlgorithmIdentifier getDigestEncryptionAlgID() {
        return AlgID.dsaWithSHA1;
    }

    @Override // oracle.security.crypto.core.Signature
    public String algName() {
        return PKIConstants.DSA;
    }

    @Override // oracle.security.crypto.core.Signature
    public void setHash(byte[] bArr) {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        this.h = bArr;
        this.b = null;
    }

    @Override // oracle.security.crypto.core.Signature
    public void setPublicKey(PublicKey publicKey) throws InvalidKeyException {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        if (!(publicKey instanceof DSAPublicKey)) {
            throw new InvalidKeyException();
        }
        a.a(publicKey, 4096);
        this.d = (DSAPublicKey) publicKey;
    }

    @Override // oracle.security.crypto.core.Signature
    public void setPrivateKey(PrivateKey privateKey) throws InvalidKeyException {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        if (!(privateKey instanceof DSAPrivateKey)) {
            throw new InvalidKeyException();
        }
        a.a(privateKey, 4096);
        this.e = (DSAPrivateKey) privateKey;
    }

    @Override // oracle.security.crypto.core.Signature
    public void setRandomBitsSource(RandomBitsSource randomBitsSource) {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        this.f = randomBitsSource;
    }

    @Override // oracle.security.crypto.core.Signature
    public boolean verify() throws AuthenticationException {
        byte[] digestBits;
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        try {
            BigInt a = this.d.a();
            DSAParams params = this.d.getParams();
            BigInt a2 = params.a();
            BigInt b = params.b();
            BigInt c = params.c();
            a.a(a2.bitLength(), 4096);
            ASN1Sequence aSN1Sequence = new ASN1Sequence(new UnsyncByteArrayInputStream(getSigBytes()));
            if (aSN1Sequence.size() != 2) {
                throw new AuthenticationException("Invalid signature format");
            }
            try {
                BigInt bigIntValue = ((ASN1Integer) aSN1Sequence.elementAt(0)).getBigIntValue();
                BigInt bigIntValue2 = ((ASN1Integer) aSN1Sequence.elementAt(1)).getBigIntValue();
                if (bigIntValue.signum() < 0 || bigIntValue.compareTo(b) > 0 || bigIntValue2.signum() < 0 || bigIntValue2.compareTo(b) > 0) {
                    throw new AuthenticationException("Invalid signature format");
                }
                if (this.h != null) {
                    digestBits = this.h;
                } else {
                    if (this.g == null) {
                        try {
                            this.g = MessageDigest.getInstance(AlgID.sha_1);
                        } catch (AlgorithmIdentifierException e) {
                            throw new RuntimeException("SHA1 class not found. " + e.toString());
                        }
                    }
                    if (getDocument() != null) {
                        this.g.init();
                        this.g.update(getDocument());
                    }
                    this.g.computeCurrent();
                    digestBits = this.g.getDigestBits();
                }
                BigInt bigInt = new BigInt(1, digestBits);
                BigInt modInverse = bigIntValue2.modInverse(b);
                return c.modPow(modInverse.multiply(bigInt).mod(b), a2).multiply(a.modPow(modInverse.multiply(bigIntValue).mod(b), a2)).mod(a2).mod(b).equals(bigIntValue);
            } catch (ClassCastException e2) {
                throw new AuthenticationException("Invalid signature format");
            }
        } catch (IOException e3) {
            throw new AuthenticationException(e3.toString());
        }
    }

    @Override // oracle.security.crypto.core.Signature
    public byte[] sign() throws SignatureException {
        byte[] a;
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        if (this.f == null) {
            this.f = RandomBitsSource.getDefault();
        }
        BigInt c = this.e.c();
        DSAParams params = this.e.getParams();
        BigInt a2 = params.a();
        BigInt b = params.b();
        BigInt c2 = params.c();
        a.a(a2.bitLength(), 4096);
        if (this.h != null) {
            a = this.h;
        } else {
            if (this.g == null) {
                try {
                    this.g = MessageDigest.getInstance(AlgID.sha_1);
                } catch (AlgorithmIdentifierException e) {
                    throw new RuntimeException("SHA1 class not found. " + e.toString());
                }
            }
            if (getDocument() != null) {
                this.g.init();
                this.g.update(getDocument());
            }
            this.g.computeCurrent();
            a = this.g.a();
        }
        BigInt bigInt = new BigInt(1, a);
        int bitLength = b.bitLength();
        while (true) {
            BigInt randomBigInt = this.f.randomBigInt(bitLength);
            if (randomBigInt.compareTo(BigInt.ONE) > 0 && randomBigInt.compareTo(b) < 0) {
                BigInt modInverse = randomBigInt.modInverse(b);
                BigInt mod = c2.modPow(randomBigInt, a2).mod(b);
                BigInt mod2 = bigInt.add(c.multiply(mod)).mod(b).multiply(modInverse).mod(b);
                ASN1Sequence aSN1Sequence = new ASN1Sequence();
                aSN1Sequence.addElement(new ASN1Integer(mod));
                aSN1Sequence.addElement(new ASN1Integer(mod2));
                setSigBytes(Utils.toBytes(aSN1Sequence));
                return getSigBytes();
            }
        }
    }
}
