package fi.tkk.netlab.dtn.scampi.core.identity;

import fi.tkk.netlab.net.Util;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;

/* loaded from: classes.dex */
public class RSASHA256Peer implements PeerIdentity {
    private byte[] digestBytes;
    private String digestString;
    private boolean initialized;
    private PublicKey key;
    private static String PK_ALGORITHM = "RSA";
    private static String SIGNATURE_ALGORITHM = "SHA256withRSA";
    private static String DIGEST_ALGORITHM = "SHA-256";
    private static String PUBLIC_KEY_ENCODING = "X.509";

    public RSASHA256Peer() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RSASHA256Peer(PublicKey publicKey) throws NoSuchAlgorithmException {
        this.key = publicKey;
        setupDigest(this.key);
        this.initialized = true;
    }

    private void checkInitialized() {
        if (!this.initialized) {
            throw new IllegalStateException("Identity has not been initialized.");
        }
    }

    private PublicKey deserializePublicKey(byte[] bArr) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return KeyFactory.getInstance(PK_ALGORITHM).generatePublic(new X509EncodedKeySpec(bArr));
    }

    private byte[] getDigest(RSAPublicKey rSAPublicKey) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance(DIGEST_ALGORITHM);
        messageDigest.update(rSAPublicKey.getModulus().toByteArray());
        return messageDigest.digest();
    }

    private byte[] serializePublicKey(PublicKey publicKey) {
        if (publicKey.getFormat().equals(PUBLIC_KEY_ENCODING)) {
            return new X509EncodedKeySpec(publicKey.getEncoded()).getEncoded();
        }
        throw new IllegalArgumentException("Public key is not in the expected encoding (" + PUBLIC_KEY_ENCODING + ")");
    }

    private void setupDigest(PublicKey publicKey) throws NoSuchAlgorithmException {
        if (!(publicKey instanceof RSAPublicKey)) {
            throw new IllegalArgumentException("Public key is not RSAPublicKey.");
        }
        this.digestBytes = getDigest((RSAPublicKey) publicKey);
        this.digestString = Util.toHexString(this.digestBytes);
    }

    @Override // fi.tkk.netlab.dtn.scampi.core.identity.PeerIdentity
    public byte[] encrypt(byte[] bArr) throws GeneralSecurityException {
        checkInitialized();
        int bitLength = ((RSAPublicKey) this.key).getModulus().bitLength() / 8;
        int i = bitLength - 11;
        int ceil = (int) Math.ceil((1.0d * bArr.length) / i);
        Cipher cipher = Cipher.getInstance(PK_ALGORITHM);
        cipher.init(1, this.key);
        byte[] bArr2 = new byte[ceil * bitLength];
        for (int i2 = 0; i2 < ceil; i2++) {
            byte[] doFinal = cipher.doFinal(bArr, i2 * i, Math.min(bArr.length - (i2 * i), i));
            System.arraycopy(doFinal, 0, bArr2, i2 * bitLength, doFinal.length);
        }
        return bArr2;
    }

    @Override // fi.tkk.netlab.dtn.scampi.core.identity.PeerIdentity
    public String getEID() throws GeneralSecurityException {
        checkInitialized();
        return "dtn://RSASHA256-" + this.digestString;
    }

    @Override // fi.tkk.netlab.dtn.scampi.core.identity.PeerIdentity
    public void initFrom(byte[] bArr) throws GeneralSecurityException {
        this.key = deserializePublicKey(bArr);
        setupDigest(this.key);
        this.initialized = true;
    }

    @Override // fi.tkk.netlab.dtn.scampi.core.identity.PeerIdentity
    public byte[] serialize() throws GeneralSecurityException {
        checkInitialized();
        return serializePublicKey(this.key);
    }

    @Override // fi.tkk.netlab.dtn.scampi.core.identity.PeerIdentity
    public boolean validateSignature(InputStream inputStream, byte[] bArr) throws IOException, GeneralSecurityException {
        checkInitialized();
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        signature.initVerify(this.key);
        try {
            byte[] bArr2 = new byte[1024];
            while (true) {
                int read = inputStream.read(bArr2);
                if (read < 0) {
                    break;
                }
                signature.update(bArr2, 0, read);
            }
            return signature.verify(bArr);
        } finally {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e) {
                    Util.log_error("Failed to close input stream while verifying signature (" + e.getMessage() + ")", this);
                }
            }
        }
    }
}
