package iaik.security.ssl;

import iaik.security.ssl.provider.SecurityProvider;
import java.io.IOException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPublicKey;
import javax.crypto.Cipher;

/* compiled from: iaik/security/ssl/CertificateVerify */
/* loaded from: input_file:iaik/security/ssl/CertificateVerify.class */
class CertificateVerify extends HandshakeMessage {

    /* renamed from: ë, reason: contains not printable characters */
    byte[] f54;

    /* renamed from: ê, reason: contains not printable characters */
    SecurityProvider f55;

    /* JADX INFO: Access modifiers changed from: protected */
    public CertificateVerify(String str, PrivateKey privateKey, byte[] bArr) throws SSLException {
        super(15);
        this.f55 = SSLContext.getSecurityProvider();
        if (str.startsWith("RSA") || str.startsWith("DHE_RSA")) {
            try {
                Cipher cipher = this.f55.getCipher("RSA/1/PKCS1Padding");
                cipher.init(1, privateKey);
                this.f54 = cipher.doFinal(bArr);
                return;
            } catch (Exception unused) {
                throw new SSLException("Unable to create certificate verify!");
            }
        }
        if (!str.startsWith("DHE_DSS")) {
            throw new SSLException("Wrong key exchange algorithm in CertificateVerify!");
        }
        try {
            Signature signature = this.f55.getSignature("RawDSA");
            signature.initSign(privateKey);
            signature.update(bArr);
            this.f54 = signature.sign();
        } catch (Exception e) {
            e.printStackTrace();
            throw new SSLException("Unable to create signature for CertificateVerify!");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CertificateVerify(InputRecord inputRecord) throws IOException {
        super(15);
        this.f55 = SSLContext.getSecurityProvider();
        readFrom(inputRecord);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean verifySignature(PublicKey publicKey, byte[] bArr) {
        if (publicKey instanceof RSAPublicKey) {
            try {
                Cipher cipher = this.f55.getCipher("RSA/1/PKCS1Padding");
                cipher.init(2, publicKey);
                return Utils.equalsBlock(bArr, cipher.doFinal(this.f54));
            } catch (Exception unused) {
                return false;
            }
        }
        if (!(publicKey instanceof DSAPublicKey)) {
            return false;
        }
        try {
            Signature signature = this.f55.getSignature("RawDSA");
            signature.initVerify(publicKey);
            signature.update(bArr);
            return signature.verify(this.f54);
        } catch (Exception unused2) {
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // iaik.security.ssl.SSLMessage
    public void writeTo(OutputRecord outputRecord) throws IOException {
        outputRecord.writeUInt8(15);
        outputRecord.writeUInt24(this.f54.length + 2);
        outputRecord.writeUInt16Array(this.f54);
    }

    protected void readFrom(InputRecord inputRecord) throws IOException {
        inputRecord.readUInt24();
        this.f54 = new byte[inputRecord.readUInt16()];
        inputRecord.read(this.f54);
    }
}
