package org.ofdrw.sign.verify.container;

import java.security.GeneralSecurityException;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.ofdrw.core.signatures.SigType;
import org.ofdrw.sign.verify.SignedDataValidateContainer;
import org.ofdrw.sign.verify.exceptions.InvalidSignedValueException;

/* loaded from: input_file:org/ofdrw/sign/verify/container/DigitalValidateContainer.class */
public class DigitalValidateContainer implements SignedDataValidateContainer {
    public PublicKey pk;

    public DigitalValidateContainer(PublicKey publicKey) {
        if (publicKey == null) {
            throw new IllegalArgumentException("验证使用的公钥参数(pk)不能为空");
        }
        this.pk = publicKey;
    }

    public DigitalValidateContainer(Certificate certificate) {
        this(certificate.getPublicKey());
    }

    @Override // org.ofdrw.sign.verify.SignedDataValidateContainer
    public void validate(SigType sigType, String str, byte[] bArr, byte[] bArr2) throws InvalidSignedValueException, GeneralSecurityException {
        if (sigType != SigType.Sign) {
            throw new IllegalArgumentException("签名类型(type)必须是 Sign，不支持电子印章验证");
        }
        Signature signature = Signature.getInstance(str, (Provider) new BouncyCastleProvider());
        signature.initVerify(this.pk);
        signature.update(bArr);
        if (!signature.verify(bArr2)) {
            throw new InvalidSignedValueException("签名值不一致");
        }
    }
}
