package org.glassfish.jersey.oauth1.signature;

import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.glassfish.jersey.oauth1.signature.internal.LocalizationMessages;

/* loaded from: input_file:jersey-all-2.22.2.jar:org/glassfish/jersey/oauth1/signature/RsaSha1Method.class */
public final class RsaSha1Method implements OAuth1SignatureMethod {
    private static final Logger LOGGER = Logger.getLogger(RsaSha1Method.class.getName());
    public static final String NAME = "RSA-SHA1";
    private static final String SIGNATURE_ALGORITHM = "SHA1withRSA";
    private static final String KEY_TYPE = "RSA";
    private static final String BEGIN_CERT = "-----BEGIN CERTIFICATE";

    @Override // org.glassfish.jersey.oauth1.signature.OAuth1SignatureMethod
    public String name() {
        return NAME;
    }

    @Override // org.glassfish.jersey.oauth1.signature.OAuth1SignatureMethod
    public String sign(String str, OAuth1Secrets oAuth1Secrets) throws InvalidSecretException {
        try {
            Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
            try {
                try {
                    try {
                        try {
                            signature.initSign((RSAPrivateKey) KeyFactory.getInstance(KEY_TYPE).generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(oAuth1Secrets.getConsumerSecret()))));
                            try {
                                signature.update(str.getBytes());
                                try {
                                    return Base64.encode(signature.sign());
                                } catch (SignatureException e) {
                                    throw new IllegalStateException(e);
                                }
                            } catch (SignatureException e2) {
                                throw new IllegalStateException(e2);
                            }
                        } catch (InvalidKeyException e3) {
                            throw new IllegalStateException(e3);
                        }
                    } catch (InvalidKeySpecException e4) {
                        throw new IllegalStateException(e4);
                    }
                } catch (NoSuchAlgorithmException e5) {
                    throw new IllegalStateException(e5);
                }
            } catch (IOException e6) {
                throw new InvalidSecretException(LocalizationMessages.ERROR_INVALID_CONSUMER_SECRET(e6));
            }
        } catch (NoSuchAlgorithmException e7) {
            throw new IllegalStateException(e7);
        }
    }

    @Override // org.glassfish.jersey.oauth1.signature.OAuth1SignatureMethod
    public boolean verify(String str, OAuth1Secrets oAuth1Secrets, String str2) throws InvalidSecretException {
        try {
            Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
            RSAPublicKey rSAPublicKey = null;
            String consumerSecret = oAuth1Secrets.getConsumerSecret();
            if (consumerSecret.startsWith(BEGIN_CERT)) {
                try {
                    Certificate certificate = null;
                    BufferedInputStream bufferedInputStream = new BufferedInputStream(new ByteArrayInputStream(consumerSecret.getBytes()));
                    CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                    while (bufferedInputStream.available() > 0) {
                        certificate = certificateFactory.generateCertificate(bufferedInputStream);
                    }
                    rSAPublicKey = (RSAPublicKey) certificate.getPublicKey();
                } catch (Exception e) {
                    LOGGER.log(Level.SEVERE, LocalizationMessages.ERROR_CANNOT_OBTAIN_PUBLIC_KEY(), (Throwable) e);
                    return false;
                }
            }
            try {
                byte[] decode = Base64.decode(str2);
                try {
                    signature.initVerify(rSAPublicKey);
                    try {
                        signature.update(str.getBytes());
                        try {
                            return signature.verify(decode);
                        } catch (SignatureException e2) {
                            throw new IllegalStateException(e2);
                        }
                    } catch (SignatureException e3) {
                        throw new IllegalStateException(e3);
                    }
                } catch (InvalidKeyException e4) {
                    throw new IllegalStateException(e4);
                }
            } catch (IOException e5) {
                return false;
            }
        } catch (NoSuchAlgorithmException e6) {
            throw new IllegalStateException(e6);
        }
    }
}
