package com.azure.security.attestation.models;

import com.azure.core.util.logging.ClientLogger;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.RSAPrivateKey;
import java.util.Objects;

/* loaded from: input_file:com/azure/security/attestation/models/AttestationSigningKey.class */
public final class AttestationSigningKey {
    private boolean weakKeyAllowed = false;
    private final X509Certificate certificate;
    private final PrivateKey privateKey;

    public AttestationSigningKey(X509Certificate x509Certificate, PrivateKey privateKey) {
        this.certificate = x509Certificate;
        this.privateKey = privateKey;
    }

    public X509Certificate getCertificate() {
        return this.certificate;
    }

    public PrivateKey getPrivateKey() {
        return this.privateKey;
    }

    public AttestationSigningKey setWeakKeyAllowed(boolean z) {
        this.weakKeyAllowed = z;
        return this;
    }

    public boolean isWeakKeyAllowed() {
        return this.weakKeyAllowed;
    }

    public void verify() {
        Signature signature;
        Signature signature2;
        Objects.requireNonNull(this.certificate);
        Objects.requireNonNull(this.privateKey);
        try {
            if (this.privateKey instanceof RSAPrivateKey) {
                signature = Signature.getInstance("SHA256WITHRSA");
                signature2 = Signature.getInstance("SHA256WITHRSA");
            } else {
                if (!(this.privateKey instanceof ECPrivateKey)) {
                    throw new ClientLogger(AttestationSigningKey.class).logExceptionAsError(new InvalidParameterException("AttestationSigningKey privateKey must be an RSA or DSA private key"));
                }
                signature = Signature.getInstance("SHA256WITHECDSA");
                signature2 = Signature.getInstance("SHA256WITHECDSA");
            }
            byte[] bArr = {1, 2, 3, 4, 5};
            signature.initSign(this.privateKey);
            signature.update(bArr);
            byte[] sign = signature.sign();
            signature2.initVerify(this.certificate);
            signature2.update(bArr);
            if (!signature2.verify(sign)) {
                throw new ClientLogger(AttestationSigningKey.class).logExceptionAsError(new IllegalArgumentException("AttestationSigningKey certificate cannot verify buffer signed with AttestationSigningKey key"));
            }
        } catch (InvalidKeyException e) {
            throw new ClientLogger(AttestationSigningKey.class).logExceptionAsError(new IllegalArgumentException("AttestationSigningKey certificate cannot verify buffer signed with AttestationSigningKey key", e));
        } catch (NoSuchAlgorithmException e2) {
            throw new ClientLogger(AttestationSigningKey.class).logExceptionAsError(new IllegalArgumentException("AttestationSigningKey certificate cannot verify buffer signed with AttestationSigningKey key", e2));
        } catch (SignatureException e3) {
            throw new ClientLogger(AttestationSigningKey.class).logExceptionAsError(new IllegalArgumentException("AttestationSigningKey certificate cannot verify buffer signed with AttestationSigningKey key", e3));
        }
    }
}
