package de.safe_ev.transparenzsoftware.verification.format.pcdf;

import de.safe_ev.transparenzsoftware.verification.ContainedPublicKeyParser;
import de.safe_ev.transparenzsoftware.verification.VerificationLogger;
import de.safe_ev.transparenzsoftware.verification.VerificationParser;
import de.safe_ev.transparenzsoftware.verification.VerificationType;
import de.safe_ev.transparenzsoftware.verification.result.Error;
import de.safe_ev.transparenzsoftware.verification.result.IntrinsicVerified;
import de.safe_ev.transparenzsoftware.verification.result.VerificationResult;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.AlgorithmParameters;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.DLSequence;
import org.bouncycastle.asn1.sec.SECNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.signers.ECDSASigner;

/* loaded from: input_file:de/safe_ev/transparenzsoftware/verification/format/pcdf/PcdfVerificationParser.class */
public class PcdfVerificationParser implements VerificationParser, ContainedPublicKeyParser {
    @Override // de.safe_ev.transparenzsoftware.verification.ContainedPublicKeyParser
    public String parsePublicKey(String str) {
        int indexOf = str.indexOf("(PK:");
        if (indexOf == -1) {
            return null;
        }
        String substring = str.substring(indexOf + 4);
        int indexOf2 = substring.indexOf(")(SG:");
        return indexOf2 != -1 ? substring.substring(0, indexOf2) : substring.substring(0, substring.length() - 1);
    }

    @Override // de.safe_ev.transparenzsoftware.verification.ContainedPublicKeyParser
    public String createFormattedKey(String str) {
        int indexOf = str.indexOf("(PK:");
        if (indexOf == -1) {
            return null;
        }
        return str.substring(indexOf + 4, str.indexOf(")", indexOf));
    }

    @Override // de.safe_ev.transparenzsoftware.verification.VerificationParser
    public VerificationType getVerificationType() {
        return VerificationType.PCDF;
    }

    @Override // de.safe_ev.transparenzsoftware.verification.VerificationParser
    public boolean canParseData(String str) {
        int indexOf = str.indexOf("128.8.0");
        return indexOf == 0 || indexOf == 1 || indexOf == 6 || str.indexOf("(RV:") > 0;
    }

    private boolean checkSignAndPublicKeyByte(String str, String str2, byte[] bArr) {
        try {
            int length = str2.length();
            byte[] bArr2 = new byte[length / 2];
            for (int i = 0; i < length / 2; i++) {
                bArr2[i] = (byte) Integer.parseInt(str2.substring(i * 2, (i * 2) + 2), 16);
            }
            System.arraycopy(bArr, 1, new byte[32], 0, 32);
            System.arraycopy(bArr, 33, new byte[32], 0, 32);
            try {
                X9ECParameters byName = SECNamedCurves.getByName("secp256r1");
                ECDomainParameters eCDomainParameters = new ECDomainParameters(byName.getCurve(), byName.getG(), byName.getN(), byName.getH());
                ECPublicKeyParameters eCPublicKeyParameters = new ECPublicKeyParameters(eCDomainParameters.getCurve().decodePoint(bArr), eCDomainParameters);
                ASN1InputStream aSN1InputStream = new ASN1InputStream(bArr2);
                ECDSASigner eCDSASigner = new ECDSASigner();
                eCDSASigner.init(false, eCPublicKeyParameters);
                DLSequence dLSequence = (DLSequence) aSN1InputStream.readObject();
                BigInteger positiveValue = ((ASN1Integer) dLSequence.getObjectAt(0)).getPositiveValue();
                BigInteger positiveValue2 = ((ASN1Integer) dLSequence.getObjectAt(1)).getPositiveValue();
                byte[] digest = MessageDigest.getInstance("SHA-256").digest(str.getBytes(StandardCharsets.UTF_8));
                boolean verifySignature = eCDSASigner.verifySignature(digest, positiveValue.abs(), positiveValue2.abs());
                VerificationLogger.log("PCDF", "secp256r1", bArr, digest, bArr2, verifySignature);
                return verifySignature;
            } catch (NoSuchAlgorithmException e) {
                return false;
            }
        } catch (Exception e2) {
            e2.printStackTrace();
            return false;
        }
    }

    private byte[] makePublicKeyByte(String str) {
        int length = str.length();
        byte[] bArr = new byte[length / 2];
        for (int i = 0; i < length / 2; i++) {
            bArr[i] = (byte) Integer.parseInt(str.substring(i * 2, (i * 2) + 2), 16);
        }
        return bArr;
    }

    private boolean checkTwoBytePublicKeys(byte[] bArr, byte[] bArr2) {
        if (bArr.length != bArr2.length) {
            return false;
        }
        for (int i = 0; i < bArr.length; i++) {
            if (bArr[i] != bArr2[i]) {
                return false;
            }
        }
        return true;
    }

    private boolean checkSignAndPublicKey(String str, String str2, String str3) {
        try {
            int length = str3.length();
            byte[] bArr = new byte[length / 2];
            for (int i = 0; i < length / 2; i++) {
                bArr[i] = (byte) Integer.parseInt(str3.substring(i * 2, (i * 2) + 2), 16);
            }
            int length2 = str2.length();
            byte[] bArr2 = new byte[length2 / 2];
            for (int i2 = 0; i2 < length2 / 2; i2++) {
                bArr2[i2] = (byte) Integer.parseInt(str2.substring(i2 * 2, (i2 * 2) + 2), 16);
            }
            byte[] bArr3 = new byte[32];
            byte[] bArr4 = new byte[32];
            System.arraycopy(bArr, 1, bArr3, 0, 32);
            System.arraycopy(bArr, 33, bArr4, 0, 32);
            try {
                KeyFactory keyFactory = KeyFactory.getInstance("EC");
                AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance("EC");
                algorithmParameters.init(new ECGenParameterSpec("secp256r1"));
                ECPublicKeySpec eCPublicKeySpec = new ECPublicKeySpec(new ECPoint(new BigInteger(bArr3), new BigInteger(bArr4)), (ECParameterSpec) algorithmParameters.getParameterSpec(ECParameterSpec.class));
                PublicKey generatePublic = keyFactory.generatePublic(eCPublicKeySpec);
                Signature signature = Signature.getInstance("SHA256withECDSA");
                signature.initVerify(generatePublic);
                signature.update(str.getBytes());
                return signature.verify(bArr2);
            } catch (NoSuchAlgorithmException | InvalidKeySpecException | InvalidParameterSpecException e) {
                return false;
            }
        } catch (Exception e2) {
            e2.printStackTrace();
            return false;
        }
    }

    @Override // de.safe_ev.transparenzsoftware.verification.VerificationParser
    public VerificationResult parseAndVerify(String str, byte[] bArr, IntrinsicVerified intrinsicVerified) {
        VerificationResult verificationResult;
        String parsePublicKey = parsePublicKey(str);
        PcdfVerifiedData pcdfVerifiedData = new PcdfVerifiedData(parsePublicKey, str);
        if (checkTwoBytePublicKeys(makePublicKeyByte(parsePublicKey), bArr)) {
            int indexOf = str.indexOf("(SG:");
            if (indexOf == -1) {
                Error error = new Error(Error.Type.VALIDATION, "No signature present in data tupple", "error.pcdf.missing.signature");
                verificationResult = new VerificationResult(pcdfVerifiedData, false, intrinsicVerified);
                verificationResult.addError(error);
            } else if (checkSignAndPublicKeyByte(str.substring(0, indexOf), str.substring(indexOf + 4, str.length() - 1), bArr)) {
                verificationResult = new VerificationResult(pcdfVerifiedData, true, intrinsicVerified);
            } else {
                Error error2 = new Error(Error.Type.VALIDATION, "Signature verification failed", "error.pcdf.verification.signature.failed");
                verificationResult = new VerificationResult(pcdfVerifiedData, false, intrinsicVerified);
                verificationResult.addError(error2);
            }
        } else {
            Error error3 = new Error(Error.Type.VALIDATION, "Wrong Public Key", "error.invalid.public.key.embedded");
            verificationResult = new VerificationResult(pcdfVerifiedData, false, intrinsicVerified);
            verificationResult.addError(error3);
        }
        return verificationResult;
    }

    @Override // de.safe_ev.transparenzsoftware.verification.VerificationParser
    public Class getVerfiedDataClass() {
        return PcdfVerifiedData.class;
    }
}
