package de.cardcontact.opencard.eac.cvc;

import de.cardcontact.opencard.service.smartcardhsm.SmartCardHSMKey;
import de.cardcontact.tlv.ObjectIdentifier;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.ECKey;
import java.security.interfaces.ECPrivateKey;

/* loaded from: input_file:de/cardcontact/opencard/eac/cvc/CVCGenerator.class */
public abstract class CVCGenerator {
    protected CertificationAuthorityReference car;
    protected CertificateHolderReference chr;
    protected ObjectIdentifier pubAlgo = ECPublicKeyTLV.id_TA_ECDSA_SHA_256;
    protected Extensions extensions = null;
    protected PublicKey pub;
    protected Provider provider;

    public void setCertificationAuthorityReference(CertificationAuthorityReference certificationAuthorityReference) {
        this.car = certificationAuthorityReference;
    }

    public void setPublicKey(PublicKey publicKey) {
        this.pub = publicKey;
    }

    public void setPublicKey(PublicKey publicKey, ObjectIdentifier objectIdentifier) {
        this.pub = publicKey;
        this.pubAlgo = objectIdentifier;
    }

    public void setCertificateHolderReference(CertificateHolderReference certificateHolderReference) {
        this.chr = certificateHolderReference;
    }

    public void addExtension(Extension extension) {
        if (this.extensions == null) {
            this.extensions = new Extensions();
        }
        this.extensions.add(extension);
    }

    protected abstract CertificateBody getCertificateBody();

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v29, types: [int] */
    /* JADX WARN: Type inference failed for: r5v0, types: [java.security.PrivateKey] */
    public byte[] sign(PrivateKey privateKey, String str, byte[] bArr) throws GeneralSecurityException {
        short keySize;
        Signature signature = this.provider != null ? Signature.getInstance(str, this.provider) : Signature.getInstance(str);
        signature.initSign(privateKey);
        signature.update(bArr);
        byte[] sign = signature.sign();
        if (privateKey instanceof ECKey) {
            if (privateKey instanceof ECPrivateKey) {
                keySize = ((ECPrivateKey) privateKey).getParams().getCurve().getField().getFieldSize();
            } else {
                if (!(privateKey instanceof SmartCardHSMKey)) {
                    throw new GeneralSecurityException("Failed to determine size of private key");
                }
                keySize = ((SmartCardHSMKey) privateKey).getKeySize();
            }
            sign = ECSignature.unwrapSignature(sign, (keySize + 7) >> 3);
        }
        return sign;
    }

    public CVCertificate generate(PrivateKey privateKey, String str) throws GeneralSecurityException {
        CertificateBody certificateBody = getCertificateBody();
        if (this.extensions != null) {
            certificateBody.add(this.extensions);
        }
        return new CVCertificate(certificateBody, new SignatureTLV(sign(privateKey, str, getCertificateBody().getBytes())));
    }

    public CVCertificate generate(PrivateKey privateKey) throws GeneralSecurityException {
        return generate(privateKey, "SHA256withECDSA");
    }
}
