package com.addc.commons.security.crypto;

import com.addc.commons.Constants;
import com.addc.commons.Mutex;
import com.addc.commons.i18n.I18nText;
import com.addc.commons.i18n.I18nTextFactory;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.Serializable;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Arrays;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/addc/commons/security/crypto/SignedObject.class */
public abstract class SignedObject implements Serializable {
    private static final long serialVersionUID = 1171219365022265258L;
    private static final Logger LOGGER = LoggerFactory.getLogger(SignedObject.class);
    private static final String SIG_WRONG_KEY = I18nText.markKey("The public key presented has changed since the last verification");
    private static final String DEF_ALGORITHM = "SHA256withRSA";
    private final Mutex mutex;
    private byte[] signature;
    private String signatureAlgorithm;
    private transient PublicKey lastPublicKey;
    private transient SignatureVerificationState signatureVerificationState;

    protected SignedObject() {
        this(null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SignedObject(String str) {
        this.mutex = new Mutex();
        this.signatureAlgorithm = str == null ? "SHA256withRSA" : str;
        this.signatureVerificationState = SignatureVerificationState.UNSIGNED;
    }

    protected abstract void doUpdateSig(Signature signature) throws SignatureException;

    protected abstract String getSignErrorText();

    protected abstract String getInvalidSignatureText();

    public byte[] getSignature() {
        byte[] bArr = null;
        synchronized (this.mutex) {
            if (this.signature != null) {
                bArr = Arrays.copyOf(this.signature, this.signature.length);
            }
        }
        return bArr;
    }

    public void setSignature(byte[] bArr) {
        synchronized (this.mutex) {
            this.signature = Arrays.copyOf(bArr, bArr.length);
            setSignatureVerificationState(SignatureVerificationState.UNVERIFIED);
        }
    }

    public String getSignatureAlgorithm() {
        return this.signatureAlgorithm;
    }

    public void setSignatureAlgorithm(String str) {
        synchronized (this.mutex) {
            this.signatureAlgorithm = str;
            setSignatureVerificationState(SignatureVerificationState.UNSIGNED);
        }
    }

    public SignatureVerificationState getSignatureVerificationState() {
        SignatureVerificationState signatureVerificationState;
        synchronized (this.mutex) {
            signatureVerificationState = this.signatureVerificationState;
        }
        return signatureVerificationState;
    }

    protected void setSignatureVerificationState(SignatureVerificationState signatureVerificationState) {
        synchronized (this.mutex) {
            this.signatureVerificationState = signatureVerificationState;
            if (signatureVerificationState != SignatureVerificationState.VERIFIED) {
                this.lastPublicKey = null;
            }
        }
    }

    public void checkSignature(PublicKey publicKey, CryptoSpec cryptoSpec) throws SignedObjectException {
        synchronized (this.mutex) {
            if (this.signatureVerificationState == SignatureVerificationState.UNSIGNED) {
                throw new SignedObjectException(getInvalidSignatureText());
            }
            if (this.signatureVerificationState == SignatureVerificationState.VERIFIED && !this.lastPublicKey.equals(publicKey)) {
                setSignatureVerificationState(SignatureVerificationState.VERIFY_FAILED);
                throw new SignedObjectException(I18nTextFactory.getTranslator("com.addc.commons.Messages").translate(SIG_WRONG_KEY));
            }
            try {
                Signature sigObject = getSigObject(cryptoSpec);
                sigObject.initVerify(publicKey);
                doUpdateSig(sigObject);
                sigObject.update(this.signatureAlgorithm.getBytes(Constants.UTF8));
                if (!sigObject.verify(getSignature())) {
                    this.lastPublicKey = null;
                    setSignatureVerificationState(SignatureVerificationState.VERIFY_FAILED);
                    throw new SignedObjectException(getInvalidSignatureText());
                }
                setSignatureVerificationState(SignatureVerificationState.VERIFIED);
                this.lastPublicKey = publicKey;
            } catch (GeneralSecurityException e) {
                LOGGER.warn("Error verifying signature", e);
                this.lastPublicKey = null;
                setSignatureVerificationState(SignatureVerificationState.VERIFY_FAILED);
                throw new SignedObjectException(getSignErrorText(), e);
            }
        }
    }

    public void sign(PrivateKey privateKey, CryptoSpec cryptoSpec) throws SignedObjectException {
        synchronized (this.mutex) {
            try {
                Signature sigObject = getSigObject(cryptoSpec);
                sigObject.initSign(privateKey);
                doUpdateSig(sigObject);
                sigObject.update(this.signatureAlgorithm.getBytes(Constants.UTF8));
                this.signature = sigObject.sign();
                setSignatureVerificationState(SignatureVerificationState.UNVERIFIED);
            } catch (GeneralSecurityException e) {
                LOGGER.warn("Error signing object", e);
                setSignatureVerificationState(SignatureVerificationState.SIGN_FAILED);
                this.signature = null;
                throw new SignedObjectException(getSignErrorText(), e);
            }
        }
    }

    public int hashCode() {
        return (31 * 1) + this.signatureAlgorithm.hashCode();
    }

    public boolean equals(Object obj) {
        return obj != null && (obj instanceof SignedObject) && this.signatureAlgorithm.equals(((SignedObject) obj).signatureAlgorithm);
    }

    private Signature getSigObject(CryptoSpec cryptoSpec) throws NoSuchAlgorithmException {
        Signature signature;
        if (this.signatureAlgorithm.equals(cryptoSpec.getSignatureName())) {
            signature = cryptoSpec.getSignatureObject();
        } else {
            LOGGER.info("Signing with algorithm {} instead of CryptoSpec algorithm {}", this.signatureAlgorithm, cryptoSpec.getSignatureAlgorithm());
            signature = cryptoSpec.getSignature(this.signatureAlgorithm);
        }
        return signature;
    }

    private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
        objectInputStream.defaultReadObject();
        if (this.signature == null) {
            this.signatureVerificationState = SignatureVerificationState.UNSIGNED;
        } else {
            this.signatureVerificationState = SignatureVerificationState.UNVERIFIED;
        }
        this.lastPublicKey = null;
    }
}
