package com.google.android.gms.internal.ads;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Signature;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;

/* JADX INFO: loaded from: classes2.dex */
public final class l82 implements fw1 {

    /* JADX INFO: renamed from: f, reason: collision with root package name */
    public static final byte[] f13538f = new byte[0];

    /* JADX INFO: renamed from: g, reason: collision with root package name */
    public static final byte[] f13539g = {0};

    /* JADX INFO: renamed from: a, reason: collision with root package name */
    public final RSAPublicKey f13540a;

    /* JADX INFO: renamed from: b, reason: collision with root package name */
    public final String f13541b;

    /* JADX INFO: renamed from: c, reason: collision with root package name */
    public final byte[] f13542c;

    /* JADX INFO: renamed from: d, reason: collision with root package name */
    public final byte[] f13543d;

    /* JADX INFO: renamed from: e, reason: collision with root package name */
    public final Provider f13544e;

    public l82(RSAPublicKey rSAPublicKey, k72 k72Var, byte[] bArr, byte[] bArr2, Provider provider) throws GeneralSecurityException {
        if (!ih1.z(2)) {
            throw new GeneralSecurityException("Can not use RSA-PKCS1.5 in FIPS-mode, as BoringCrypto module is not available.");
        }
        h92.c(rSAPublicKey.getModulus().bitLength());
        h92.d(rSAPublicKey.getPublicExponent());
        this.f13540a = rSAPublicKey;
        this.f13541b = a(k72Var);
        this.f13542c = bArr;
        this.f13543d = bArr2;
        this.f13544e = provider;
    }

    public static String a(k72 k72Var) throws GeneralSecurityException {
        if (k72Var == k72.f13149b) {
            return "SHA256withRSA";
        }
        if (k72Var == k72.f13150c) {
            return "SHA384withRSA";
        }
        if (k72Var == k72.f13151d) {
            return "SHA512withRSA";
        }
        throw new GeneralSecurityException("unknown hash type");
    }

    public static l82 b(p72 p72Var, Provider provider) throws NoSuchAlgorithmException {
        KeyFactory keyFactory = KeyFactory.getInstance("RSA", provider);
        BigInteger bigInteger = p72Var.f15287c;
        m72 m72Var = p72Var.f15286b;
        return new l82((RSAPublicKey) keyFactory.generatePublic(new RSAPublicKeySpec(bigInteger, m72Var.f13998b)), m72Var.f14000d, p72Var.f15288d.b(), m72Var.f13999c.equals(l72.f13521d) ? f13539g : f13538f, provider);
    }

    @Override // com.google.android.gms.internal.ads.fw1
    public final void zza(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        byte[] bArr3 = this.f13542c;
        if (!q12.c(bArr3, bArr)) {
            throw new GeneralSecurityException("Invalid signature (output prefix mismatch)");
        }
        Signature signature = Signature.getInstance(this.f13541b, this.f13544e);
        signature.initVerify(this.f13540a);
        signature.update(bArr2);
        byte[] bArr4 = this.f13543d;
        if (bArr4.length > 0) {
            signature.update(bArr4);
        }
        try {
            if (signature.verify(Arrays.copyOfRange(bArr, bArr3.length, bArr.length))) {
                return;
            }
        } catch (RuntimeException unused) {
        }
        throw new GeneralSecurityException("Invalid signature");
    }
}
