package org.quantumbadger.redreader.receivers.announcements;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import org.quantumbadger.redreader.common.HexUtils;

/* loaded from: classes.dex */
public final class SignatureHandler {
    private static final String ALG = "EC";
    private static final String SIGNATURE_ALG = "SHA256withECDSA";

    /* loaded from: classes.dex */
    public static class SignatureInvalidException extends Exception {
    }

    private SignatureHandler() {
    }

    public static byte[] generateSignedPayload(PrivateKey privateKey, byte[] bArr) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        byte[] sign = sign(privateKey, bArr);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
        try {
            dataOutputStream.writeInt(bArr.length);
            dataOutputStream.write(bArr);
            dataOutputStream.writeInt(sign.length);
            dataOutputStream.write(sign);
            dataOutputStream.flush();
            dataOutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public static String keyToString(Key key) {
        return HexUtils.toHex(key.getEncoded());
    }

    public static byte[] readAndVerifySignedPayload(PublicKey publicKey, byte[] bArr) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, IOException, SignatureInvalidException {
        DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(bArr));
        try {
            byte[] bArr2 = new byte[dataInputStream.readInt()];
            dataInputStream.readFully(bArr2);
            byte[] bArr3 = new byte[dataInputStream.readInt()];
            dataInputStream.readFully(bArr3);
            verify(publicKey, bArr2, bArr3);
            return bArr2;
        } catch (Throwable th) {
            try {
                throw th;
            } finally {
                try {
                    dataInputStream.close();
                } catch (Throwable unused) {
                }
            }
        }
    }

    private static byte[] sign(PrivateKey privateKey, byte[] bArr) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance(SIGNATURE_ALG);
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    public static PrivateKey stringToPrivateKey(String str) throws NoSuchAlgorithmException, IOException, InvalidKeySpecException {
        return KeyFactory.getInstance(ALG).generatePrivate(new PKCS8EncodedKeySpec(HexUtils.fromHex(str)));
    }

    public static PublicKey stringToPublicKey(String str) throws NoSuchAlgorithmException, IOException, InvalidKeySpecException {
        return KeyFactory.getInstance(ALG).generatePublic(new X509EncodedKeySpec(HexUtils.fromHex(str)));
    }

    private static void verify(PublicKey publicKey, byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, SignatureInvalidException {
        Signature signature = Signature.getInstance(SIGNATURE_ALG);
        signature.initVerify(publicKey);
        signature.update(bArr);
        if (!signature.verify(bArr2)) {
            throw new SignatureInvalidException();
        }
    }
}
