package oracle.security.digsig;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Properties;
import java.util.Vector;

/* loaded from: input_file:oracle/security/digsig/Verifier.class */
public class Verifier {
    public static final boolean SUCCESS = true;
    public static final boolean FAILURE = false;
    private static final int VERIFIER_STATE_START = 1;
    private static final int VERIFIER_STATE_UPDATE_DOC = 2;
    private static final int VERIFIER_STATE_UPDATE_SIG = 3;
    private static final int VERIFIER_STATE_FINISH = 4;
    private int verifierState;
    protected int verifierMode;
    protected boolean verifierStatus;
    protected X509Certificate verifierSignerX509Cert;
    protected boolean verifierAttached;
    protected Properties verifierConfig;
    protected KeyStore verifierKeyStore;
    protected Vector verifierTrustPoints;
    protected int verifierSignatureFormat;
    protected String verifierErrorMessage;
    protected StringBuffer verifierSignature;
    protected ByteArrayOutputStream verifierDocBuffer;
    protected CertificateMapper verifierCertificateMapper;
    protected VerifierSPI verifierSPIImpl;

    /* JADX INFO: Access modifiers changed from: package-private */
    public Verifier() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Verifier(KeyStoreWrapper keyStoreWrapper, CertificateMapper certificateMapper, Properties properties) throws DigitalSignatureException {
        X509Certificate x509Certificate;
        if (keyStoreWrapper == null) {
            throw new DigitalSignatureException("KeyStore parameter is mandatory");
        }
        this.verifierConfig = properties;
        this.verifierKeyStore = keyStoreWrapper.getKeyStore();
        this.verifierCertificateMapper = certificateMapper;
        this.verifierSignature = new StringBuffer();
        this.verifierDocBuffer = new ByteArrayOutputStream(256);
        this.verifierErrorMessage = new String();
        try {
            this.verifierTrustPoints = new Vector();
            Enumeration<String> aliases = this.verifierKeyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (nextElement != null && this.verifierKeyStore.isCertificateEntry(nextElement) && (x509Certificate = (X509Certificate) this.verifierKeyStore.getCertificate(nextElement)) != null) {
                    this.verifierTrustPoints.addElement(Utilities.convertJCEX509CertificateToPhaosX509(x509Certificate));
                }
            }
            if (this.verifierTrustPoints.size() == 0) {
                throw new DigitalSignatureException("No trusted certificates in key store");
            }
        } catch (Exception e) {
            throw new DigitalSignatureException("Internal error - " + e);
        }
    }

    public void start() {
        this.verifierMode = -1;
        this.verifierDocBuffer.reset();
        this.verifierSignature.delete(0, this.verifierSignature.length());
        this.verifierStatus = false;
        this.verifierState = 1;
    }

    public boolean isAttached() throws DigitalSignatureException {
        if (this.verifierState != 4) {
            throw new DigitalSignatureException("Verifier in invalid state");
        }
        return this.verifierAttached;
    }

    public int getSignatureFormat() throws DigitalSignatureException {
        return this.verifierSignatureFormat;
    }

    public SignatureProperties getSignatureProperties() throws DigitalSignatureException {
        if (this.verifierState != 4) {
            throw new DigitalSignatureException("Verifier in invalid state");
        }
        return null;
    }

    public void getDocument(ByteArrayOutputStream byteArrayOutputStream) throws DigitalSignatureException {
        try {
            this.verifierDocBuffer.writeTo(byteArrayOutputStream);
            byteArrayOutputStream.flush();
            this.verifierDocBuffer.reset();
        } catch (IOException e) {
            throw new DigitalSignatureException("Internal error.", e);
        }
    }

    public void updateSignature(String str) throws DigitalSignatureException {
        updateSignature(str, 0, str.length());
    }

    public void updateSignature(String str, int i, int i2) throws DigitalSignatureException {
        this.verifierSignature.append(str.toCharArray(), i, i2);
    }

    public void update(byte b) throws DigitalSignatureException {
        update(new byte[]{b}, 0, 1);
    }

    public void update(byte[] bArr) throws DigitalSignatureException {
        update(bArr, 0, bArr.length);
    }

    public void update(byte[] bArr, int i, int i2) throws DigitalSignatureException {
        this.verifierDocBuffer.write(bArr, i, i2);
    }

    public int getSignatureMode() {
        return this.verifierMode;
    }

    public String getErrorMsg() throws DigitalSignatureException {
        if (this.verifierErrorMessage.trim().length() == 0) {
            throw new DigitalSignatureException("No previous error");
        }
        return this.verifierErrorMessage;
    }

    public boolean finish() throws DigitalSignatureException {
        if (this.verifierSignature.toString().trim().length() == 0) {
            throw new DigitalSignatureException("Insufficient signature data provided");
        }
        this.verifierState = 4;
        return true;
    }
}
