package net.netca.pki.encoding.asn1.pki;

import net.netca.pki.PkiException;
import net.netca.pki.algorithm.SM3;
import net.netca.pki.algorithm.ecc.Curve;
import net.netca.pki.algorithm.ecc.ECCSignature;
import net.netca.pki.encoding.asn1.ASN1Object;
import net.netca.pki.encoding.asn1.ObjectIdentifier;
import net.netca.pki.encoding.asn1.ObjectIdentifierType;

/* loaded from: classes3.dex */
public class SoftwareVerifier implements Verifible, MultiStepVerifible {
    private net.netca.pki.algorithm.ecc.ECCPublicKey sm2PublicKey;
    private SM3 sm3 = null;
    private JCEVerifier verifier = null;

    public static net.netca.pki.algorithm.ecc.ECCPublicKey ToSM2PublicKey(PublicKey publicKey) throws PkiException {
        SubjectPublicKeyInfo subjectPublicKeyInfo = publicKey.toSubjectPublicKeyInfo();
        AlgorithmIdentifier algorithm = subjectPublicKeyInfo.getAlgorithm();
        if (!algorithm.getOid().equals(AlgorithmIdentifier.ECPubKey_OID)) {
            throw new PkiException("bad sm2 publickey");
        }
        if (!algorithm.hasParam()) {
            throw new PkiException("unknown sm2 publickey");
        }
        ASN1Object aSN1Object = algorithm.getParam().to(ObjectIdentifierType.getInstance());
        if (aSN1Object == null) {
            throw new PkiException("unknown sm2 publickey");
        }
        if (!((ObjectIdentifier) aSN1Object).getString().equals(AlgorithmIdentifier.SM2Curve_OID)) {
            throw new PkiException("not sm2 publickey");
        }
        net.netca.pki.algorithm.ecc.ECCPublicKey Parse = net.netca.pki.algorithm.ecc.ECCPublicKey.Parse(Curve.getSM2Curve(), subjectPublicKeyInfo.getSubjectPublicKey().getValue());
        if (Parse != null) {
            return Parse;
        }
        throw new PkiException("bad sm2 publickey");
    }

    @Override // net.netca.pki.encoding.asn1.pki.MultiStepVerifible
    public void init(PublicKey publicKey, AlgorithmIdentifier algorithmIdentifier) throws PkiException {
        if (!algorithmIdentifier.getOid().equals(AlgorithmIdentifier.SM3WithSM2_OID)) {
            JCEVerifier jCEVerifier = new JCEVerifier();
            this.verifier = jCEVerifier;
            jCEVerifier.init(publicKey, algorithmIdentifier);
        } else {
            this.sm2PublicKey = ToSM2PublicKey(publicKey);
            this.sm3 = new SM3();
            this.sm3.update(this.sm2PublicKey.computeZ());
        }
    }

    @Override // net.netca.pki.encoding.asn1.pki.MultiStepVerifible
    public void update(byte[] bArr, int i2, int i3) throws PkiException {
        if (this.sm2PublicKey != null) {
            this.sm3.update(bArr, i2, i3);
            return;
        }
        JCEVerifier jCEVerifier = this.verifier;
        if (jCEVerifier == null) {
            throw new PkiException("init first");
        }
        jCEVerifier.update(bArr, i2, i3);
    }

    @Override // net.netca.pki.encoding.asn1.pki.Verifible
    public boolean verify(PublicKey publicKey, AlgorithmIdentifier algorithmIdentifier, byte[] bArr, int i2, int i3, byte[] bArr2) throws PkiException {
        init(publicKey, algorithmIdentifier);
        update(bArr, i2, i3);
        return verify(bArr2);
    }

    @Override // net.netca.pki.encoding.asn1.pki.MultiStepVerifible
    public boolean verify(byte[] bArr) throws PkiException {
        if (this.sm2PublicKey == null) {
            JCEVerifier jCEVerifier = this.verifier;
            if (jCEVerifier != null) {
                return jCEVerifier.verify(bArr);
            }
            throw new PkiException("init first");
        }
        byte[] doFinal = this.sm3.doFinal();
        ECCSignature parse = ECCSignature.parse(bArr);
        if (parse != null) {
            return this.sm2PublicKey.SM2VerifyHash(doFinal, parse);
        }
        throw new PkiException("bad sm2 signature format");
    }
}
