package xdi2.core.features.signatures;

import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.PublicKey;
import org.apache.commons.codec.binary.Base64;
import xdi2.core.LiteralNode;
import xdi2.core.constants.XDIAuthenticationConstants;
import xdi2.core.features.nodetypes.XdiAbstractContext;
import xdi2.core.features.nodetypes.XdiAttribute;
import xdi2.core.features.nodetypes.XdiAttributeInstance;
import xdi2.core.features.nodetypes.XdiAttributeSingleton;
import xdi2.core.features.signatures.Signatures;
import xdi2.core.io.Normalization;

/* loaded from: input_file:WEB-INF/lib/xdi2-core-0.7.1.jar:xdi2/core/features/signatures/KeyPairSignature.class */
public final class KeyPairSignature extends Signature<PrivateKey, PublicKey> {
    private static final long serialVersionUID = 5144184647292934979L;
    public static final String KEY_ALGORITHM_RSA = "rsa";
    public static final String KEY_ALGORITHM_DSA = "dsa";
    public static final String DIGEST_ALGORITHM_SHA = "sha";

    protected KeyPairSignature(XdiAttribute xdiAttribute) {
        super(xdiAttribute);
    }

    public static boolean isValid(XdiAttribute xdiAttribute) {
        if (xdiAttribute instanceof XdiAttributeSingleton) {
            if (!((XdiAttributeSingleton) xdiAttribute).getBaseXDIArc().equals(XdiAbstractContext.getBaseXDIArc(XDIAuthenticationConstants.XDI_ARC_SIGNATURE))) {
                return false;
            }
        } else if (!(xdiAttribute instanceof XdiAttributeInstance) || !((XdiAttributeInstance) xdiAttribute).getXdiCollection().getBaseXDIArc().equals(XdiAbstractContext.getBaseXDIArc(XDIAuthenticationConstants.XDI_ARC_SIGNATURE))) {
            return false;
        }
        String keyAlgorithm = Signatures.getKeyAlgorithm(xdiAttribute);
        return ("rsa".equalsIgnoreCase(keyAlgorithm) || "dsa".equalsIgnoreCase(keyAlgorithm)) && "sha".equalsIgnoreCase(Signatures.getDigestAlgorithm(xdiAttribute));
    }

    public static KeyPairSignature fromXdiAttribute(XdiAttribute xdiAttribute) {
        if (isValid(xdiAttribute)) {
            return new KeyPairSignature(xdiAttribute);
        }
        return null;
    }

    @Override // xdi2.core.features.signatures.Signature
    public String getAlgorithm() {
        return getDigestAlgorithm().toUpperCase() + getDigestLength() + "with" + getKeyAlgorithm().toUpperCase();
    }

    @Override // xdi2.core.features.signatures.Signature
    public void sign(PrivateKey privateKey) throws GeneralSecurityException {
        try {
            byte[] bytes = Normalization.serialize(getBaseContextNode(), new Signatures.NoSignaturesCopyStrategy()).getBytes("UTF-8");
            java.security.Signature signature = java.security.Signature.getInstance(getAlgorithm());
            signature.initSign(privateKey);
            signature.update(bytes);
            getXdiAttribute().setLiteralDataString(Base64.encodeBase64String(signature.sign()));
        } catch (Exception e) {
            throw new RuntimeException(e.getMessage(), e);
        }
    }

    @Override // xdi2.core.features.signatures.Signature
    public boolean validate(PublicKey publicKey) throws GeneralSecurityException {
        LiteralNode literalNode = getXdiAttribute().getLiteralNode();
        if (literalNode == null) {
            throw new GeneralSecurityException("No signature literal node.");
        }
        String literalDataString = literalNode.getLiteralDataString();
        if (literalDataString == null) {
            throw new GeneralSecurityException("No signature literal string.");
        }
        byte[] decodeBase64 = Base64.decodeBase64(literalDataString);
        try {
            byte[] bytes = Normalization.serialize(getBaseContextNode(), new Signatures.NoSignaturesCopyStrategy()).getBytes("UTF-8");
            java.security.Signature signature = java.security.Signature.getInstance(getAlgorithm());
            signature.initVerify(publicKey);
            signature.update(bytes);
            return signature.verify(decodeBase64);
        } catch (Exception e) {
            throw new RuntimeException(e.getMessage(), e);
        }
    }
}
