package de.cardcontact.scdp.gp.crypto;

import de.cardcontact.opencard.service.smartcardhsm.SmartCardHSMECPrivateKeySpec;
import de.cardcontact.opencard.service.smartcardhsm.SmartCardHSMKey;
import de.cardcontact.opencard.service.smartcardhsm.SmartCardHSMRSAKey;
import de.cardcontact.opencard.service.smartcardhsm.SmartCardHSMRSAPrivateKeySpec;
import de.cardcontact.scdp.gp.GPErrorException;
import de.cardcontact.scdp.gp.GPKey;
import de.cardcontact.smartcardhsmprovider.SmartCardHSMParameterSpec;
import de.cardcontact.smartcardhsmprovider.SmartCardHSMProvider;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Security;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.Cipher;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
import org.bouncycastle.jce.spec.ECParameterSpec;

/* loaded from: input_file:de/cardcontact/scdp/gp/crypto/CryptoSmartCardHSM.class */
public class CryptoSmartCardHSM extends AbstractCrypto {
    private SmartCardHSMProvider scHSM;

    public CryptoSmartCardHSM(String str) {
        this.scHSM = null;
        int indexOf = str.indexOf(47);
        String substring = indexOf != -1 ? str.substring(indexOf + 1) : null;
        this.scHSM = Security.getProvider(str);
        if (this.scHSM == null) {
            if (substring != null) {
                this.scHSM = new SmartCardHSMProvider(substring);
            } else {
                this.scHSM = new SmartCardHSMProvider();
            }
            Security.addProvider(this.scHSM);
        }
    }

    public void setPassword(String str) {
        try {
            this.scHSM.login((Subject) null, new PasswordCallbackHandler(str));
        } catch (LoginException e) {
            e.printStackTrace();
        }
    }

    protected void finalize() {
    }

    @Override // de.cardcontact.scdp.gp.crypto.AbstractCrypto
    public String getProviderName() {
        return this.scHSM.getName();
    }

    @Override // de.cardcontact.scdp.gp.crypto.AbstractCrypto, de.cardcontact.scdp.gp.crypto.ICrypto
    public byte[] generateRandom(int i) throws GPErrorException {
        byte[] bArr = new byte[i];
        try {
            SecureRandom.getInstance("NativePRNG", "SmartCardHSM").nextBytes(bArr);
            return bArr;
        } catch (GeneralSecurityException e) {
            throw new GPErrorException(5, 0, e.getMessage());
        }
    }

    @Override // de.cardcontact.scdp.gp.crypto.AbstractCrypto, de.cardcontact.scdp.gp.crypto.ICrypto
    public void generateKeyPair(int i, GPKey gPKey, GPKey gPKey2) throws GPErrorException {
        String str;
        SmartCardHSMRSAPrivateKeySpec smartCardHSMECPrivateKeySpec;
        try {
            if (i == 17 || i == 18) {
                str = "EC//ECDSA-SHA-1";
                ECParameterSpec eCParameter = gPKey.getECParameter();
                smartCardHSMECPrivateKeySpec = new SmartCardHSMECPrivateKeySpec("UTNONE00000", "UTNONE00000", EC5Util.convertSpec(EC5Util.convertCurve(eCParameter.getCurve(), eCParameter.getSeed()), eCParameter));
            } else {
                if (i != 14) {
                    throw new GPErrorException(14, 0, "Mechanism must be either RSA or ECDSA");
                }
                smartCardHSMECPrivateKeySpec = new SmartCardHSMRSAPrivateKeySpec("UTNONE00000", "UTNONE00000", 65537, gPKey.getKeySize());
                str = "RSA//PKCS1-v1-5-SHA-1";
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str, getProviderName());
            String keyId = gPKey2.getKeyId();
            if (keyId == null || keyId.length() == 0) {
                throw new GPErrorException(17, 0, "Private key object must define an identifier. Use Key.setID() to set one or define one in KeyInfo.ID element of key profile");
            }
            keyPairGenerator.initialize((AlgorithmParameterSpec) new SmartCardHSMParameterSpec(keyId, smartCardHSMECPrivateKeySpec, (SmartCardHSMKey) null));
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            gPKey2.setKeySize(gPKey.getKeySize());
            gPKey.setJCEKey(generateKeyPair.getPublic());
            gPKey2.setJCEKey(generateKeyPair.getPrivate());
        } catch (GeneralSecurityException e) {
            throw new GPErrorException(5, i, e.getMessage());
        }
    }

    @Override // de.cardcontact.scdp.gp.crypto.AbstractCrypto, de.cardcontact.scdp.gp.crypto.ICrypto
    public byte[] decrypt(GPKey gPKey, int i, byte[] bArr, byte[] bArr2) throws GPErrorException {
        try {
            Key jCEKey = gPKey.getJCEKey(getProviderName());
            if (i != 14) {
                if (i == 19) {
                }
                throw new GPErrorException(14, 0, "Mechanism must be either RSA or ECDH");
            }
            if (!(jCEKey instanceof SmartCardHSMRSAKey)) {
                throw new GPErrorException(12, 0, "Key must be type of SmartCardHSMRSAKey");
            }
            Key key = (SmartCardHSMRSAKey) jCEKey;
            Cipher cipher = Cipher.getInstance("RSA", getProviderName());
            cipher.init(2, key);
            return cipher.doFinal(bArr);
        } catch (GeneralSecurityException e) {
            throw new GPErrorException(5, i, e.getMessage());
        }
    }
}
