package net.netca.pki.encoding.json.jose.impl.jce;

import net.netca.pki.PkiException;
import net.netca.pki.encoding.asn1.pki.AlgorithmIdentifier;
import net.netca.pki.encoding.asn1.pki.ECDSASigValue;
import net.netca.pki.encoding.asn1.pki.JCEVerifier;
import net.netca.pki.encoding.asn1.pki.RSASSAPSSParams;
import net.netca.pki.encoding.asn1.pki.SubjectPublicKeyInfo;
import net.netca.pki.encoding.json.jose.IJWSVerify;
import net.netca.pki.encoding.json.jose.JWS;

/* loaded from: classes3.dex */
public class JCEJWSVerifier implements IJWSVerify {
    private JCEVerifier jceVerifier;

    public JCEJWSVerifier() {
        this.jceVerifier = null;
        this.jceVerifier = new JCEVerifier();
    }

    public JCEJWSVerifier(String str, String str2) {
        this.jceVerifier = null;
        this.jceVerifier = new JCEVerifier(str, str2);
    }

    public static AlgorithmIdentifier getAlgorithmIdentifierAlgo(String str) throws PkiException {
        if (str.equals(JWS.RSA_SHA256)) {
            return AlgorithmIdentifier.CreateAlgorithmIdentifier(AlgorithmIdentifier.SHA256WithRSA_OID);
        }
        if (str.equals(JWS.RSA_SHA384)) {
            return AlgorithmIdentifier.CreateAlgorithmIdentifier(AlgorithmIdentifier.SHA384WithRSA_OID);
        }
        if (str.equals(JWS.RSA_SHA512)) {
            return AlgorithmIdentifier.CreateAlgorithmIdentifier(AlgorithmIdentifier.SHA512WithRSA_OID);
        }
        if (str.equals(JWS.ECDSA_SHA256)) {
            return AlgorithmIdentifier.CreateAlgorithmIdentifier(AlgorithmIdentifier.ECDSAWithSHA256_OID);
        }
        if (str.equals(JWS.ECDSA_SHA384)) {
            return AlgorithmIdentifier.CreateAlgorithmIdentifier(AlgorithmIdentifier.ECDSAWithSHA384_OID);
        }
        if (str.equals(JWS.ECDSA_SHA512)) {
            return AlgorithmIdentifier.CreateAlgorithmIdentifier(AlgorithmIdentifier.ECDSAWithSHA512_OID);
        }
        if (str.equals(JWS.SM2_SM3)) {
            return AlgorithmIdentifier.CreateAlgorithmIdentifier(AlgorithmIdentifier.SM3WithSM2_OID);
        }
        if (str.equals(JWS.RSASSA_PSS_256)) {
            return new AlgorithmIdentifier(AlgorithmIdentifier.RSASSA_PSS_OID, new RSASSAPSSParams(AlgorithmIdentifier.SHA256_OID, AlgorithmIdentifier.SHA256_OID, 32).getASN1Object());
        }
        if (str.equals(JWS.RSASSA_PSS_384)) {
            return new AlgorithmIdentifier(AlgorithmIdentifier.RSASSA_PSS_OID, new RSASSAPSSParams(AlgorithmIdentifier.SHA384_OID, AlgorithmIdentifier.SHA384_OID, 48).getASN1Object());
        }
        if (str.equals(JWS.RSASSA_PSS_512)) {
            return new AlgorithmIdentifier(AlgorithmIdentifier.RSASSA_PSS_OID, new RSASSAPSSParams(AlgorithmIdentifier.SHA512_OID, AlgorithmIdentifier.SHA512_OID, 64).getASN1Object());
        }
        throw new PkiException("unsupport sign algo " + str);
    }

    public void addSignatureAlgorithmAlias(String str, String str2) {
        this.jceVerifier.addSignatureAlgorithmAlias(str, str2);
    }

    @Override // net.netca.pki.encoding.json.jose.IJWSVerify
    public boolean verifySignature(SubjectPublicKeyInfo subjectPublicKeyInfo, String str, byte[] bArr, byte[] bArr2) throws PkiException {
        if (str.equals(JWS.ECDSA_SHA256) || str.equals(JWS.ECDSA_SHA384) || str.equals(JWS.ECDSA_SHA512) || str.equals(JWS.SM2_SM3)) {
            bArr2 = ECDSASigValue.decodeNonASN1(bArr2).getASN1Object().encode();
        }
        return this.jceVerifier.verify(subjectPublicKeyInfo.getPublicKey(), getAlgorithmIdentifierAlgo(str), bArr, 0, bArr.length, bArr2);
    }
}
