package org.openscdp.pkidm.cvc;

import de.cardcontact.opencard.service.smartcardhsm.SmartCardHSMECPrivateKeySpec;
import de.cardcontact.opencard.service.smartcardhsm.SmartCardHSMRSAPrivateKeySpec;
import de.cardcontact.smartcardhsmprovider.SmartCardHSMParameterSpec;
import de.cardcontact.smartcardhsmprovider.SmartCardHSMProvider;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.AlgorithmParameterSpec;

/* loaded from: input_file:org/openscdp/pkidm/cvc/HSMCryptoProvider.class */
public class HSMCryptoProvider implements CryptoProvider {
    private SmartCardHSMProvider provider;

    public HSMCryptoProvider(SmartCardHSMProvider smartCardHSMProvider) {
        this.provider = smartCardHSMProvider;
    }

    @Override // org.openscdp.pkidm.cvc.CryptoProvider
    public Provider getProvider() {
        return this.provider;
    }

    @Override // org.openscdp.pkidm.cvc.CryptoProvider
    public KeyPair generateKeyPair(AlgorithmParameterSpec algorithmParameterSpec, String str) throws CryptoProviderException {
        KeyPairGenerator keyPairGenerator;
        SmartCardHSMParameterSpec smartCardHSMParameterSpec = (SmartCardHSMParameterSpec) algorithmParameterSpec;
        smartCardHSMParameterSpec.setLabel(str);
        try {
            KeyStore keyStore = KeyStore.getInstance("SmartCardHSMKeyStore", getProvider());
            keyStore.load(null, null);
            if (keyStore.containsAlias(smartCardHSMParameterSpec.getLabel())) {
                keyStore.deleteEntry(smartCardHSMParameterSpec.getLabel());
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            e.printStackTrace();
        }
        try {
            if (smartCardHSMParameterSpec.getKeySpec() instanceof SmartCardHSMECPrivateKeySpec) {
                keyPairGenerator = KeyPairGenerator.getInstance("EC//ECDSA-SHA-256", getProvider());
            } else {
                if (!(smartCardHSMParameterSpec.getKeySpec() instanceof SmartCardHSMRSAPrivateKeySpec)) {
                    throw new InvalidParameterException("Invalid AlgorithmParameterSpec");
                }
                keyPairGenerator = KeyPairGenerator.getInstance("RSA", getProvider());
            }
            keyPairGenerator.initialize(algorithmParameterSpec, (SecureRandom) null);
            return keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException e2) {
            throw new CryptoProviderException("generate key pair failed with", e2);
        }
    }

    @Override // org.openscdp.pkidm.cvc.CryptoProvider
    public PrivateKey getPrivateKey(byte[] bArr, byte[] bArr2, byte[] bArr3) throws CryptoProviderException {
        try {
            KeyStore keyStore = KeyStore.getInstance("SmartCardHSMKeyStore", getProvider());
            keyStore.load(null, null);
            return (PrivateKey) keyStore.getKey(new String(bArr), null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            throw new CryptoProviderException("get private key failed with", e);
        }
    }
}
