package iaik.pkcs.pkcs11.provider.keyfactories;

import iaik.asn1.ASN;
import iaik.asn1.ASN1;
import iaik.asn1.ASN1Object;
import iaik.asn1.BIT_STRING;
import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.INTEGER;
import iaik.asn1.OCTET_STRING;
import iaik.asn1.ObjectID;
import iaik.asn1.SEQUENCE;
import iaik.asn1.structures.AlgorithmID;
import iaik.pkcs.pkcs11.objects.ByteArrayAttribute;
import iaik.pkcs.pkcs11.objects.ECDSAPrivateKey;
import iaik.pkcs.pkcs11.objects.ECDSAPublicKey;
import iaik.pkcs.pkcs11.objects.GenericTemplate;
import iaik.pkcs.pkcs11.objects.Object;
import iaik.pkcs.pkcs11.provider.IAIKPkcs11Exception;
import iaik.pkcs.pkcs11.provider.NonExtractableComponentException;
import iaik.pkcs.pkcs11.provider.keys.IAIKPKCS11Key;
import iaik.pkcs.pkcs11.provider.keys.IAIKPKCS11PrivateKey;
import iaik.pkcs.pkcs11.provider.keys.IAIKPKCS11PublicKey;
import iaik.pkcs.pkcs11.wrapper.Functions;
import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

/* loaded from: input_file:iaikPkcs11Provider.jar:iaik/pkcs/pkcs11/provider/keyfactories/EcDsaKeyFactory.class */
public class EcDsaKeyFactory extends PKCS11KeyFactory {
    private static final boolean DEBUG = false;
    protected static String KEY_FACTORY_ALGORITHM_NAME = IAIKPKCS11Key.ECDSA;
    protected static final ObjectID OBJECT_ID_EC_KEY = new ObjectID("1.2.840.10045.2.1");
    protected static final AlgorithmID EC_ALGORITHM_ID = new AlgorithmID(OBJECT_ID_EC_KEY);
    public static final INTEGER EC_PRIVATE_KEY_VERSION = new INTEGER(1);
    static Class class$java$security$spec$X509EncodedKeySpec;
    static Class class$java$security$spec$PKCS8EncodedKeySpec;

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    @Override // iaik.pkcs.pkcs11.provider.keyfactories.PKCS11KeyFactory
    protected String getAlgorithmName() {
        return KEY_FACTORY_ALGORITHM_NAME;
    }

    @Override // iaik.pkcs.pkcs11.provider.keyfactories.PKCS11KeyFactory
    protected String getSoftwareDelegateAlgorithm() {
        return KEY_FACTORY_ALGORITHM_NAME;
    }

    @Override // iaik.pkcs.pkcs11.provider.keyfactories.PKCS11KeyFactory
    protected PrivateKey pkcs11GeneratePrivate(KeySpec keySpec) throws InvalidKeySpecException {
        if (keySpec == null) {
            throw new NullPointerException("Argument \"keySpec\" must not be null.");
        }
        if (!(keySpec instanceof PKCS11KeySpec)) {
            throw new IllegalArgumentException("Argument \"keySpec\" must be of instance iaik.pkcs.pkcs11.provider.keyfactories.PKCS11KeySpec.");
        }
        this.pkcs11KeySpec_ = (PKCS11KeySpec) keySpec;
        KeySpec keySpec2 = this.pkcs11KeySpec_.getKeySpec();
        if (!(keySpec2 instanceof PKCS8EncodedKeySpec)) {
            throw new InvalidKeySpecException("The actual key spec inside the given PKCS11KeySpec must be of type java.security.spec.PKCS8EncodedKeySpec.");
        }
        try {
            ASN1 asn1 = new ASN1(((PKCS8EncodedKeySpec) keySpec2).getEncoded());
            byte[] encode = DerCoder.encode(new AlgorithmID(asn1.getComponentAt(1)).getParameter());
            SEQUENCE sequence = (SEQUENCE) DerCoder.decode((byte[]) ((OCTET_STRING) asn1.getComponentAt(2)).getValue());
            INTEGER integer = (INTEGER) sequence.getComponentAt(0);
            if (!integer.getValue().equals(EC_PRIVATE_KEY_VERSION.getValue())) {
                throw new InvalidKeySpecException(new StringBuffer("The encoded private key has an invalid version field: ").append(integer.toString()).toString());
            }
            byte[] bArr = (byte[]) ((OCTET_STRING) sequence.getComponentAt(1)).getValue();
            ECDSAPrivateKey eCDSAPrivateKey = new ECDSAPrivateKey();
            eCDSAPrivateKey.getEcdsaParams().setByteArrayValue(encode);
            eCDSAPrivateKey.getValue().setByteArrayValue(bArr);
            GenericTemplate genericTemplate = new GenericTemplate();
            genericTemplate.addAllPresentAttributes(eCDSAPrivateKey);
            Object keyTemplate = this.pkcs11KeySpec_.getKeyTemplate();
            if (keyTemplate != null) {
                genericTemplate.addAllPresentAttributes(keyTemplate);
            }
            return (PrivateKey) createKey(genericTemplate);
        } catch (InvalidKeySpecException e) {
            throw e;
        } catch (Exception e2) {
            throw new InvalidKeySpecException(new StringBuffer("The private key spec could not be parsed: ").append(e2.toString()).toString());
        }
    }

    @Override // iaik.pkcs.pkcs11.provider.keyfactories.PKCS11KeyFactory
    protected PublicKey pkcs11GeneratePublic(KeySpec keySpec) throws InvalidKeySpecException {
        if (keySpec == null) {
            throw new NullPointerException("Argument \"keySpec\" must not be null.");
        }
        if (!(keySpec instanceof PKCS11KeySpec)) {
            throw new IllegalArgumentException("Argument \"keySpec\" must be of instance iaik.pkcs.pkcs11.provider.keyfactories.PKCS11KeySpec.");
        }
        this.pkcs11KeySpec_ = (PKCS11KeySpec) keySpec;
        KeySpec keySpec2 = this.pkcs11KeySpec_.getKeySpec();
        if (!(keySpec2 instanceof X509EncodedKeySpec)) {
            throw new InvalidKeySpecException("The actual key spec inside the given PKCS11KeySpec must be of type java.security.spec.X509EncodedKeySpec.");
        }
        try {
            ASN1 asn1 = new ASN1(((X509EncodedKeySpec) keySpec2).getEncoded());
            byte[] encode = DerCoder.encode(new AlgorithmID(asn1.getComponentAt(0)).getParameter());
            byte[] encode2 = DerCoder.encode(new OCTET_STRING((byte[]) ((BIT_STRING) asn1.getComponentAt(1)).getValue()));
            ECDSAPublicKey eCDSAPublicKey = new ECDSAPublicKey();
            eCDSAPublicKey.getEcdsaParams().setByteArrayValue(encode);
            eCDSAPublicKey.getEcPoint().setByteArrayValue(encode2);
            GenericTemplate genericTemplate = new GenericTemplate();
            Object keyTemplate = this.pkcs11KeySpec_.getKeyTemplate();
            if (keyTemplate != null) {
                genericTemplate.addAllPresentAttributes(keyTemplate);
            }
            genericTemplate.addAllPresentAttributes(eCDSAPublicKey);
            return (PublicKey) createKey(genericTemplate);
        } catch (Exception e) {
            throw new InvalidKeySpecException(new StringBuffer("The public key spec could not be parsed: ").append(e.toString()).toString());
        }
    }

    @Override // iaik.pkcs.pkcs11.provider.keyfactories.PKCS11KeyFactory
    protected KeySpec pkcs11GetKeySpec(Key key, Class cls) throws InvalidKeySpecException {
        Class class$;
        Class class$2;
        KeySpec pKCS8EncodedKeySpec;
        if (key == null) {
            throw new NullPointerException("Argument \"key\" must not be null.");
        }
        if (cls == null) {
            throw new NullPointerException("Argument \"keySpecClass\" must not be null.");
        }
        if (class$java$security$spec$X509EncodedKeySpec != null) {
            class$ = class$java$security$spec$X509EncodedKeySpec;
        } else {
            class$ = class$("java.security.spec.X509EncodedKeySpec");
            class$java$security$spec$X509EncodedKeySpec = class$;
        }
        if (!cls.equals(class$)) {
            if (class$java$security$spec$PKCS8EncodedKeySpec != null) {
                class$2 = class$java$security$spec$PKCS8EncodedKeySpec;
            } else {
                class$2 = class$("java.security.spec.PKCS8EncodedKeySpec");
                class$java$security$spec$PKCS8EncodedKeySpec = class$2;
            }
            if (!cls.equals(class$2)) {
                throw new InvalidKeySpecException("The given key spec class is invalid. It must be of either X509EncodedKeySpec or PKCS8EncodedKeySpec.");
            }
            if (!(key instanceof IAIKPKCS11PrivateKey)) {
                throw new InvalidKeySpecException("For this factory, the key must be a IAIKPKCS11PrivateKey to get a PKCS8EncodedKeySpec.");
            }
            iaik.pkcs.pkcs11.objects.Key keyObject = ((IAIKPKCS11PrivateKey) key).getKeyObject();
            if (!(keyObject instanceof ECDSAPrivateKey)) {
                throw new InvalidKeySpecException(new StringBuffer("This factory does only accept ECDSA keys, but the PKCS#11 key object in the given key is: ").append(keyObject).toString());
            }
            ECDSAPrivateKey eCDSAPrivateKey = (ECDSAPrivateKey) keyObject;
            verifyPrivateKeyExtractable(eCDSAPrivateKey);
            ByteArrayAttribute ecdsaParams = eCDSAPrivateKey.getEcdsaParams();
            ByteArrayAttribute value = eCDSAPrivateKey.getValue();
            byte[] byteArrayValue = ecdsaParams.getByteArrayValue();
            byte[] byteArrayValue2 = value.getByteArrayValue();
            try {
                AlgorithmID algorithmID = (AlgorithmID) EC_ALGORITHM_ID.clone();
                algorithmID.setParameter(new ASN1(byteArrayValue).toASN1Object());
                SEQUENCE sequence = new SEQUENCE();
                sequence.addComponent(new INTEGER(0));
                sequence.addComponent(algorithmID.toASN1Object());
                SEQUENCE sequence2 = new SEQUENCE();
                sequence2.addComponent(EC_PRIVATE_KEY_VERSION);
                sequence2.addComponent(new OCTET_STRING(byteArrayValue2));
                sequence.addComponent(new OCTET_STRING(DerCoder.encode(sequence2)));
                pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(DerCoder.encode(sequence));
            } catch (CodingException e) {
                throw new InvalidKeySpecException(new StringBuffer("Error during encoding of ECDSA private key: ").append(e.toString()).toString());
            }
        } else {
            if (!(key instanceof IAIKPKCS11PublicKey)) {
                throw new InvalidKeySpecException("For this factory, the key must be a IAIKPKCS11PublicKey to get an X509EncodedKeySpec.");
            }
            iaik.pkcs.pkcs11.objects.Key keyObject2 = ((IAIKPKCS11PublicKey) key).getKeyObject();
            if (!(keyObject2 instanceof ECDSAPublicKey)) {
                throw new InvalidKeySpecException(new StringBuffer("This factory does only accept ECDSA keys, but the PKCS#11 key object in the given key is: ").append(keyObject2).toString());
            }
            ECDSAPublicKey eCDSAPublicKey = (ECDSAPublicKey) keyObject2;
            verifyPublicKeyExtractable(eCDSAPublicKey);
            ByteArrayAttribute ecdsaParams2 = eCDSAPublicKey.getEcdsaParams();
            ByteArrayAttribute ecPoint = eCDSAPublicKey.getEcPoint();
            byte[] byteArrayValue3 = ecdsaParams2.getByteArrayValue();
            byte[] byteArrayValue4 = ecPoint.getByteArrayValue();
            try {
                AlgorithmID algorithmID2 = (AlgorithmID) EC_ALGORITHM_ID.clone();
                algorithmID2.setParameter(new ASN1(byteArrayValue3).toASN1Object());
                ASN1Object decode = DerCoder.decode(byteArrayValue4);
                if (!decode.isA(ASN.OCTET_STRING)) {
                    throw new InvalidKeySpecException(new StringBuffer("The encoded public key value of the PKCS#11 key is no OCTET STRING: ").append(Functions.toHexString(byteArrayValue4)).toString());
                }
                BIT_STRING bit_string = new BIT_STRING((byte[]) ((OCTET_STRING) decode).getValue());
                SEQUENCE sequence3 = new SEQUENCE();
                sequence3.addComponent(algorithmID2.toASN1Object());
                sequence3.addComponent(bit_string);
                pKCS8EncodedKeySpec = new X509EncodedKeySpec(DerCoder.encode(sequence3));
            } catch (CodingException e2) {
                throw new InvalidKeySpecException(new StringBuffer("Error during encoding of ECDSA public key: ").append(e2.toString()).toString());
            }
        }
        return pKCS8EncodedKeySpec;
    }

    protected void verifyPrivateKeyExtractable(ECDSAPrivateKey eCDSAPrivateKey) throws NonExtractableComponentException, IAIKPkcs11Exception {
        ByteArrayAttribute ecdsaParams = eCDSAPrivateKey.getEcdsaParams();
        ByteArrayAttribute value = eCDSAPrivateKey.getValue();
        if (!ecdsaParams.isPresent()) {
            throw new IAIKPkcs11Exception("The PKCS#11 EC key object does not possess a parameters attribute.");
        }
        if (!value.isPresent()) {
            throw new IAIKPkcs11Exception("The PKCS#11 EC key object does not possess a private value attribute.");
        }
        if (ecdsaParams.isSensitive()) {
            throw new NonExtractableComponentException("The PKCS#11 EC key object's parameters attribute is sensitive.");
        }
        if (value.isSensitive()) {
            throw new NonExtractableComponentException("The PKCS#11 EC key object's private value attribute is sensitive.");
        }
    }

    protected void verifyPublicKeyExtractable(ECDSAPublicKey eCDSAPublicKey) throws NonExtractableComponentException, IAIKPkcs11Exception {
        ByteArrayAttribute ecdsaParams = eCDSAPublicKey.getEcdsaParams();
        ByteArrayAttribute ecPoint = eCDSAPublicKey.getEcPoint();
        if (!ecdsaParams.isPresent()) {
            throw new IAIKPkcs11Exception("The PKCS#11 EC key object does not possess a parameters attribute.");
        }
        if (!ecPoint.isPresent()) {
            throw new IAIKPkcs11Exception("The PKCS#11 EC key object does not possess a point attribute.");
        }
        if (ecdsaParams.isSensitive()) {
            throw new NonExtractableComponentException("The PKCS#11 EC key object's parameters attribute is sensitive.");
        }
        if (ecPoint.isSensitive()) {
            throw new NonExtractableComponentException("The PKCS#11 EC key object's point attribute is sensitive.");
        }
    }
}
