package edu.harvard.med.countway.tools;

import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import org.apache.log4j.Logger;

/* loaded from: input_file:edu/harvard/med/countway/tools/SignatureUtil.class */
public class SignatureUtil {
    private static final Logger log = Logger.getLogger(SignatureUtil.class);
    private static final String certificateFormat = "X.509";
    private static final String publicKeyAlgorithm = "DSA";
    private static final String signatureAlgorithm = "SHA1withDSA";
    private static final String keystoreType = "JKS";
    private static final String keystoreFilename = "countway.keystore";
    private static final String keystorePassword = "changeit";
    public static final String privateKeyAlias = "countway";
    private static SignatureUtil instance;
    private final KeyStore keystore;
    private final PrivateKey privateKey;
    private final Map<String, Certificate> certMap;

    /* loaded from: input_file:edu/harvard/med/countway/tools/SignatureUtil$SignatureUtilException.class */
    public static class SignatureUtilException extends RuntimeException {
        public SignatureUtilException(Throwable th) {
            super(th);
        }
    }

    public static synchronized SignatureUtil getInstance() {
        if (instance == null) {
            instance = new SignatureUtil();
        }
        return instance;
    }

    private SignatureUtil() {
        try {
            this.keystore = KeyStore.getInstance(keystoreType);
            this.keystore.load(FileUtil.getResourceStream(keystoreFilename), keystorePassword.toCharArray());
            this.privateKey = (PrivateKey) this.keystore.getKey(privateKeyAlias, keystorePassword.toCharArray());
            this.certMap = new HashMap();
            Enumeration<String> aliases = this.keystore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                this.certMap.put(nextElement, this.keystore.getCertificate(nextElement));
            }
        } catch (IOException e) {
            throw new SignatureUtilException(e);
        } catch (KeyStoreException e2) {
            throw new SignatureUtilException(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new SignatureUtilException(e3);
        } catch (UnrecoverableKeyException e4) {
            throw new SignatureUtilException(e4);
        } catch (CertificateException e5) {
            throw new SignatureUtilException(e5);
        }
    }

    public KeyStore getKeyStore() {
        return this.keystore;
    }

    public Map<String, Certificate> getCertMap() {
        return this.certMap;
    }

    public boolean verifySignature(String str, String str2, String str3) {
        try {
            X509Certificate x509Certificate = (X509Certificate) this.certMap.get(str);
            Signature signature = Signature.getInstance(signatureAlgorithm);
            signature.initVerify(x509Certificate);
            signature.update(str2.getBytes());
            return signature.verify(Base64Util.decodeBase64(str3.getBytes()));
        } catch (InvalidKeyException e) {
            throw new SignatureUtilException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new SignatureUtilException(e2);
        } catch (SignatureException e3) {
            throw new SignatureUtilException(e3);
        }
    }

    public String sign(String str) {
        try {
            Signature signature = Signature.getInstance(signatureAlgorithm);
            signature.initSign(this.privateKey);
            signature.update(str.getBytes());
            return new String(Base64Util.encodeBase64(signature.sign()));
        } catch (InvalidKeyException e) {
            throw new SignatureUtilException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new SignatureUtilException(e2);
        } catch (SignatureException e3) {
            throw new SignatureUtilException(e3);
        }
    }
}
