package br.jus.csjt.assinadorjt.provider;

import java.io.IOException;
import java.lang.reflect.Field;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.SignatureSpi;
import java.security.spec.AlgorithmParameterSpec;
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.DigestInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:br/jus/csjt/assinadorjt/provider/ASN1MD5withRSASignature.class */
public class ASN1MD5withRSASignature extends Signature implements Cloneable {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) ASN1MD5withRSASignature.class);
    private static final String PROVIDER_SUN_MSCAPI = "SunMSCAPI";
    private static final String PROVIDER_BC = "BC";
    private String provider;
    private Signature delegateSignature;

    public ASN1MD5withRSASignature() throws NoSuchAlgorithmException {
        super("ASN1MD5withRSA");
        this.provider = "";
    }

    @Override // java.security.SignatureSpi
    public void engineInitVerify(PublicKey publicKey) throws InvalidKeyException {
        throw new IllegalArgumentException("Para verificar assinatura, usar o MD5withRSA.");
    }

    @Override // java.security.SignatureSpi
    public void engineInitSign(PrivateKey privateKey) throws InvalidKeyException {
        try {
            if (privateKey.getClass().getCanonicalName().contains("sun.security.mscapi")) {
                Signature signature = Signature.getInstance("MD5withRSA", "SunMSCAPI");
                MessageDigest messageDigest = MessageDigest.getInstance("nullMD5");
                messageDigest.reset();
                Field declaredField = Class.forName("java.security.Signature$Delegate").getDeclaredField("sigSpi");
                declaredField.setAccessible(true);
                Field declaredField2 = Field.class.getDeclaredField("modifiers");
                declaredField2.setAccessible(true);
                declaredField2.setInt(declaredField, declaredField.getModifiers() & (-17));
                SignatureSpi signatureSpi = (SignatureSpi) declaredField.get(signature);
                Field messageDigestMSCAPI = getMessageDigestMSCAPI();
                messageDigestMSCAPI.setAccessible(true);
                Field declaredField3 = Field.class.getDeclaredField("modifiers");
                declaredField3.setAccessible(true);
                declaredField3.setInt(declaredField, declaredField.getModifiers() & (-17));
                messageDigestMSCAPI.set(signatureSpi, messageDigest);
                this.delegateSignature = signature;
                this.provider = "SunMSCAPI";
            } else {
                this.delegateSignature = Signature.getInstance("nonewithRSA");
                this.provider = "BC";
            }
            this.delegateSignature.initSign(privateKey);
        } catch (Exception e) {
            throw new IllegalArgumentException("Não foi possível assinar, utilizar fallback para garantir assinatura.");
        }
    }

    private Field getMessageDigestMSCAPI() throws NoSuchFieldException, SecurityException, ClassNotFoundException {
        try {
            log.info("Tentando recuperar MessageDigest do provider MSCAPI...");
            return Class.forName("sun.security.mscapi.CSignature").getDeclaredField("messageDigest");
        } catch (ClassNotFoundException e) {
            log.info("Versão do Java é anterior a 8u251. Tentando recuperar classe legada...");
            return Class.forName("sun.security.mscapi.RSASignature").getDeclaredField("messageDigest");
        }
    }

    @Override // java.security.SignatureSpi
    public void engineUpdate(byte b) throws SignatureException {
        try {
            if ("BC".equals(this.provider)) {
                throw new IllegalArgumentException("Operação não disponível, utilizar fallback para garantir assinatura.");
            }
            this.delegateSignature.update(b);
        } catch (NullPointerException e) {
            throw new SignatureException("No SHA digest found");
        }
    }

    @Override // java.security.SignatureSpi
    public void engineUpdate(byte[] bArr, int i, int i2) throws SignatureException {
        try {
            if ("BC".equals(this.provider)) {
                try {
                    this.delegateSignature.update(new DigestInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5, DERNull.INSTANCE), bArr).getEncoded(ASN1Encoding.DER));
                } catch (IOException e) {
                    throw new IllegalArgumentException("Erro ao gerar ASN.1 do provider 'BC', utilizar fallback para garantir assinatura.");
                }
            } else {
                this.delegateSignature.update(bArr, i, i2);
            }
        } catch (NullPointerException e2) {
            throw new SignatureException("No SHA digest found");
        }
    }

    @Override // java.security.SignatureSpi
    public byte[] engineSign() throws SignatureException {
        try {
            return this.delegateSignature.sign();
        } catch (NullPointerException e) {
            throw new SignatureException("No SHA digest found");
        }
    }

    @Override // java.security.SignatureSpi
    public boolean engineVerify(byte[] bArr) throws SignatureException {
        throw new IllegalArgumentException("Para verificar assinatura, usar o MD5withRSA.");
    }

    @Override // java.security.SignatureSpi
    public void engineSetParameter(String str, Object obj) {
        throw new InvalidParameterException("No parameters");
    }

    @Override // java.security.SignatureSpi
    public void engineSetParameter(AlgorithmParameterSpec algorithmParameterSpec) {
        throw new InvalidParameterException("No parameters");
    }

    @Override // java.security.SignatureSpi
    public Object engineGetParameter(String str) {
        throw new InvalidParameterException("No parameters");
    }

    public void engineReset() {
    }
}
