package ch.ethz.inf.vs.scandium.dtls;

import ch.ethz.inf.vs.scandium.dtls.AlertMessage;
import ch.ethz.inf.vs.scandium.util.DatagramReader;
import ch.ethz.inf.vs.scandium.util.DatagramWriter;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.util.logging.Logger;

/* loaded from: input_file:ch/ethz/inf/vs/scandium/dtls/CertificateVerify.class */
public class CertificateVerify extends HandshakeMessage {
    private static final Logger LOGGER = Logger.getLogger(CertificateVerify.class.getCanonicalName());
    private static final int HASH_ALGORITHM_BITS = 8;
    private static final int SIGNATURE_ALGORITHM_BITS = 8;
    private static final int SIGNATURE_LENGTH_BITS = 16;
    private byte[] signatureBytes;
    private SignatureAndHashAlgorithm signatureAndHashAlgorithm;

    public CertificateVerify(SignatureAndHashAlgorithm signatureAndHashAlgorithm, PrivateKey privateKey, byte[] bArr) {
        this.signatureAndHashAlgorithm = signatureAndHashAlgorithm;
        this.signatureBytes = setSignature(privateKey, bArr);
    }

    public CertificateVerify(SignatureAndHashAlgorithm signatureAndHashAlgorithm, byte[] bArr) {
        this.signatureAndHashAlgorithm = signatureAndHashAlgorithm;
        this.signatureBytes = bArr;
    }

    @Override // ch.ethz.inf.vs.scandium.dtls.HandshakeMessage
    public HandshakeType getMessageType() {
        return HandshakeType.CERTIFICATE_VERIFY;
    }

    @Override // ch.ethz.inf.vs.scandium.dtls.HandshakeMessage
    public int getMessageLength() {
        return 4 + this.signatureBytes.length;
    }

    @Override // ch.ethz.inf.vs.scandium.dtls.HandshakeMessage
    public byte[] fragmentToByteArray() {
        DatagramWriter datagramWriter = new DatagramWriter();
        datagramWriter.write(this.signatureAndHashAlgorithm.getHash().getCode(), 8);
        datagramWriter.write(this.signatureAndHashAlgorithm.getSignature().getCode(), 8);
        datagramWriter.write(this.signatureBytes.length, 16);
        datagramWriter.writeBytes(this.signatureBytes);
        return datagramWriter.toByteArray();
    }

    public static HandshakeMessage fromByteArray(byte[] bArr) {
        DatagramReader datagramReader = new DatagramReader(bArr);
        return new CertificateVerify(new SignatureAndHashAlgorithm(datagramReader.read(8), datagramReader.read(8)), datagramReader.readBytes(datagramReader.read(16)));
    }

    private byte[] setSignature(PrivateKey privateKey, byte[] bArr) {
        this.signatureBytes = new byte[0];
        try {
            Signature signature = Signature.getInstance(this.signatureAndHashAlgorithm.toString());
            signature.initSign(privateKey);
            signature.update(bArr);
            this.signatureBytes = signature.sign();
        } catch (Exception e) {
            LOGGER.severe("Could not create signature.");
            e.printStackTrace();
        }
        return this.signatureBytes;
    }

    public void verifySignature(PublicKey publicKey, byte[] bArr) throws HandshakeException {
        boolean z = false;
        try {
            Signature signature = Signature.getInstance(this.signatureAndHashAlgorithm.toString());
            signature.initVerify(publicKey);
            signature.update(bArr);
            z = signature.verify(this.signatureBytes);
        } catch (Exception e) {
            LOGGER.severe("Could not verify the client's signature.");
            e.printStackTrace();
        }
        if (!z) {
            throw new HandshakeException("The client's CertificateVerify message could not be verified.", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE));
        }
    }
}
