package com.unbound.provider;

import com.unbound.client.Client;
import com.unbound.client.Partition;
import com.unbound.client.PrivateKeyObject;
import com.unbound.common.Log;
import com.unbound.provider.UBSecretKeyFactory;
import com.unbound.provider.UBSecretKeyGenerator;
import java.math.BigInteger;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

/* loaded from: input_file:com/unbound/provider/UBCryptoProvider.class */
public final class UBCryptoProvider extends Provider {
    private static final String name = "UNBOUND";
    private static final double version = 1.0d;
    private static final String info = "UnboundTech UKC security provider";
    static boolean allowedPrivateKeyWithoutCertificate = false;
    static boolean allowedPublicKey = false;

    /* loaded from: input_file:com/unbound/provider/UBCryptoProvider$KeyEntry.class */
    public static final class KeyEntry extends UBKeyStoreEntry {
        public KeyEntry(PrivateKey privateKey, com.dyadicsec.provider.KeyParameters keyParameters) {
            super(privateKey);
        }

        public KeyEntry(PublicKey publicKey, KeyParameters keyParameters) {
            super(publicKey);
        }

        public KeyEntry(PrivateKey privateKey) {
            super(privateKey);
        }

        public KeyEntry(PublicKey publicKey) {
            super(publicKey);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/unbound/provider/UBCryptoProvider$UBProviderService.class */
    public static final class UBProviderService extends Provider.Service {
        static final int KEY_STORE = 0;
        static final int RSA_GEN = 1;
        static final int RSA_IMPORT = 2;
        static final int EC_GEN = 3;
        static final int EC_IMPORT = 4;
        static final int AES_IMPORT = 5;
        static final int AES_GEN = 6;
        static final int HMAC_IMPORT = 7;
        static final int HMAC_GEN = 8;
        private Partition partition;
        int mode;

        UBProviderService(Provider provider, String str, String str2, String str3, Partition partition, int i) {
            super(provider, str, str2, str3, null, null);
            this.partition = partition;
            this.mode = i;
        }

        @Override // java.security.Provider.Service
        public boolean supportsParameter(Object obj) {
            return false;
        }

        @Override // java.security.Provider.Service
        public Object newInstance(Object obj) {
            switch (this.mode) {
                case 0:
                    return this.partition.getKeyStore();
                case 1:
                    return new UBRSAKeyPairGenerator(this.partition);
                case 2:
                    return new UBRSAKeyFactory(this.partition);
                case 3:
                    return new UBECKeyPairGenerator(this.partition);
                case 4:
                    return new UBECKeyFactory(this.partition);
                case 5:
                    return new UBSecretKeyFactory.AES(this.partition);
                case 6:
                    return new UBSecretKeyGenerator.AES(this.partition);
                case 7:
                    return new UBSecretKeyFactory.Hmac(this.partition);
                case 8:
                    return new UBSecretKeyGenerator.Hmac(this.partition);
                default:
                    return null;
            }
        }
    }

    public static void allowPrivateKeyWithoutCertificate(boolean z) {
        Log end = Log.func("UBCryptoProvider.allowPrivateKeyWithoutCertificate").log("allow", z).end();
        try {
            try {
                allowedPrivateKeyWithoutCertificate = z;
                end.leave();
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } catch (Throwable th) {
            end.leave();
            throw th;
        }
    }

    public static void allowPublicKey(boolean z) {
        Log end = Log.func("UBCryptoProvider.allowedPublicKey").log("allow", z).end();
        try {
            try {
                allowedPublicKey = z;
                end.leave();
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } catch (Throwable th) {
            end.leave();
            throw th;
        }
    }

    public static void initialize(String[] strArr, KeyStore keyStore) {
        Log end = Log.func("UBCryptoProvider.initialize").end();
        try {
            try {
                Client.getInstance().initProviders(strArr, keyStore);
                end.leave();
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } catch (Throwable th) {
            end.leave();
            throw th;
        }
    }

    public UBCryptoProvider(String str) {
        super(name, version, info);
        Log end = Log.func("UBCryptoProvider").log("configArg", str).end();
        try {
            try {
                Partition initProvider = Client.getInstance().initProvider(str);
                if (initProvider == null) {
                    return;
                }
                for (Provider.Service service : register(this, initProvider)) {
                    putService(service);
                }
                end.leave();
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } finally {
            end.leave();
        }
    }

    public UBCryptoProvider(KeyStore keyStore, String str) {
        super(name, version, info);
        Log end = Log.func("UBCryptoProvider-pfx").log("name", name).end();
        try {
            try {
                for (Provider.Service service : register(this, Client.getInstance().initProvider(keyStore, str))) {
                    putService(service);
                }
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } finally {
            end.leave();
        }
    }

    public Provider configure(String str) {
        return new UBCryptoProvider(str);
    }

    public UBCryptoProvider() {
        this(null);
    }

    public static X509Certificate selfSign(PrivateKey privateKey, String str, String str2, BigInteger bigInteger, int i) throws CertificateException {
        PrivateKeyObject object;
        if (privateKey instanceof UBECPrivateKey) {
            object = ((UBECPrivateKey) privateKey).getObject();
        } else {
            if (!(privateKey instanceof UBRSAPrivateKey)) {
                throw new IllegalArgumentException("Invalid key type");
            }
            object = ((UBRSAPrivateKey) privateKey).getObject();
        }
        return Client.getInstance().selfSign(object, str, str2, bigInteger, i);
    }

    public X509Certificate SelfSign(PrivateKey privateKey, String str, String str2, BigInteger bigInteger, int i) throws CertificateException {
        Log end = Log.func("UBCryptoProvider.SelfSign").log("subject", str2).end();
        try {
            try {
                X509Certificate selfSign = selfSign(privateKey, str, str2, bigInteger, i);
                end.leave();
                return selfSign;
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } catch (Throwable th) {
            end.leave();
            throw th;
        }
    }

    private static void appendMode(StringBuffer stringBuffer, String str) {
        if (stringBuffer.length() > 0) {
            stringBuffer.append("|");
        }
        stringBuffer.append(str);
    }

    public static Provider.Service[] register(Provider provider, Partition partition) {
        String str = UBCryptoProvider.class.getPackage().getName() + ".";
        provider.put("KeyFactory.RSA", str + "UBRSAKeyFactory");
        provider.put("KeyPairGenerator.RSA", str + "UBRSAKeyPairGenerator");
        provider.put("Alg.Alias.KeyPairGenerator.1.2.840.113549.1.1", "RSA");
        provider.put("Alg.Alias.KeyPairGenerator.OID.1.2.840.113549.1.1", "RSA");
        StringBuffer stringBuffer = new StringBuffer();
        appendMode(stringBuffer, "PKCS1PADDING");
        appendMode(stringBuffer, "NOPADDING");
        appendMode(stringBuffer, "OAEPPADDING|OAEPWITHSHA1ANDMGF1PADDING|OAEPWITHSHA-1ANDMGF1PADDING|OAEPWITHSHA-256ANDMGF1PADDING|OAEPWITHSHA-384ANDMGF1PADDING|OAEPWITHSHA-512ANDMGF1PADDING");
        if (stringBuffer.length() > 0) {
            provider.put("Cipher.RSA", str + "UBRSACipher");
            provider.put("Cipher.RSA SupportedModes", "ECB");
            provider.put("Cipher.RSA SupportedKeyClasses", "java.security.interfaces.RSAPrivateKey|java.security.interfaces.RSAPublicKey");
            provider.put("Cipher.RSA SupportedPaddings", stringBuffer.toString());
        }
        provider.put("Signature.NONEwithRSA SupportedKeyClasses", "java.security.interfaces.RSAPrivateKey|java.security.interfaces.RSAPublicKey");
        provider.put("Signature.NONEwithRSA", str + "UBRSASignature$NONE");
        provider.put("Signature.SHA1withRSA SupportedKeyClasses", "java.security.interfaces.RSAPrivateKey|java.security.interfaces.RSAPublicKey");
        provider.put("Signature.SHA1withRSA", str + "UBRSASignature$SHA1");
        provider.put("Alg.Alias.Signature.1.2.840.113549.1.1.5", "SHA1withRSA");
        provider.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.5", "SHA1withRSA");
        provider.put("Alg.Alias.Signature.1.3.14.3.2.29", "SHA1withRSA");
        provider.put("Signature.SHA256withRSA SupportedKeyClasses", "java.security.interfaces.RSAPrivateKey|java.security.interfaces.RSAPublicKey");
        provider.put("Signature.SHA256withRSA", str + "UBRSASignature$SHA256");
        provider.put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA256withRSA");
        provider.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.11", "SHA256withRSA");
        provider.put("Signature.SHA384withRSA SupportedKeyClasses", "java.security.interfaces.RSAPrivateKey|java.security.interfaces.RSAPublicKey");
        provider.put("Signature.SHA384withRSA", str + "UBRSASignature$SHA384");
        provider.put("Alg.Alias.Signature.1.2.840.113549.1.1.12", "SHA384withRSA");
        provider.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.12", "SHA384withRSA");
        provider.put("Signature.SHA512withRSA SupportedKeyClasses", "java.security.interfaces.RSAPrivateKey|java.security.interfaces.RSAPublicKey");
        provider.put("Signature.SHA512withRSA", str + "UBRSASignature$SHA512");
        provider.put("Alg.Alias.Signature.1.2.840.113549.1.1.13", "SHA512withRSA");
        provider.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.13", "SHA512withRSA");
        provider.put("Signature.RSASSA-PSS", str + "UBRSASignaturePSS");
        provider.put("Signature.RSASSA-PSS SupportedKeyClasses", "java.security.interfaces.RSAPrivateKey|java.security.interfaces.RSAPublicKey");
        provider.put("Alg.Alias.Signature.1.2.840.113549.1.1.10", "RSASSA-PSS");
        provider.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.10", "RSASSA-PSS");
        provider.put("Alg.Alias.KeyFactory.EllipticCurve", "EC");
        provider.put("Signature.NONEwithECDSA", str + "UBECDSASignature$Raw");
        provider.put("Signature.NONEwithECDSA SupportedKeyClasses", "java.security.interfaces.ECPrivateKey");
        provider.put("Signature.SHA1withECDSA", str + "UBECDSASignature$SHA1");
        provider.put("Signature.SHA1withECDSA SupportedKeyClasses", "java.security.interfaces.ECPrivateKey");
        provider.put("Signature.SHA256withECDSA", str + "UBECDSASignature$SHA256");
        provider.put("Signature.SHA256withECDSA SupportedKeyClasses", "java.security.interfaces.ECPrivateKey");
        provider.put("Signature.SHA384withECDSA", str + "UBECDSASignature$SHA384");
        provider.put("Signature.SHA384withECDSA SupportedKeyClasses", "java.security.interfaces.ECPrivateKey");
        provider.put("Signature.SHA512withECDSA", str + "UBECDSASignature$SHA512");
        provider.put("Signature.SHA512withECDSA SupportedKeyClasses", "java.security.interfaces.ECPrivateKey");
        provider.put("KeyAgreement.ECDH", str + "UBECDHKeyAgreement");
        provider.put("KeyAgreement.ECDH SupportedKeyClasses", "java.security.interfaces.ECPrivateKey");
        if (Client.isNative()) {
            provider.put("KeyPairGenerator.EDDSA", str + "UBEDDSAKeyPairGenerator");
            provider.put("Alg.Alias.KeyPairGenerator.EDDSA", "EDDSA");
            provider.put("Signature.NONEwithEDDSA", str + "EDDSASignature$Raw");
            provider.put("Signature.NONEwithEDDSA SupportedKeyClasses", "java.security.PublicKey|java.security.PrivateKey");
        }
        String str2 = str + "UBSecretKey";
        provider.put("KeyGenerator.AES", str + "UBSecretKeyGenerator$AES");
        provider.put("SecretKeyFactory.AES", str + "UBSecretKeyFactory$AES");
        provider.put("Cipher.AES", str + "UBSecretKeyCipher$AES");
        provider.put("Cipher.AES SupportedModes", "ECB|CBC|OFB128|CFB128|CTR|GCM|CCM");
        provider.put("Cipher.AES SupportedPaddings", "NOPADDING|PKCS5PADDING");
        provider.put("Cipher.AES SupportedKeyFormats", "RAW");
        provider.put("Cipher.AES SupportedKeyClasses", str2);
        if (Client.isNative()) {
            provider.put("Mac.CMAC", str + "UBMac$CMAC");
            provider.put("Mac.GMAC", str + "UBMac$GMAC");
        }
        provider.put("KeyGenerator.Hmac", str + "UBSecretKeyGenerator$Hmac");
        provider.put("SecretKeyFactory.Hmac", str + "UBSecretKeyFactory$Hmac");
        provider.put("Mac.Hmac SupportedKeyFormats", "RAW");
        provider.put("Mac.Hmac SupportedKeyClasses", str2);
        provider.put("Mac.HmacSHA1", str + "UBMac$HmacSHA1");
        provider.put("Alg.Alias.Mac.OID.1.2.840.113549.2.7", "HmacSHA1");
        provider.put("Alg.Alias.Mac.1.2.840.113549.2.7", "HmacSHA1");
        provider.put("Mac.HmacSHA256", str + "UBMac$HmacSHA256");
        provider.put("Alg.Alias.Mac.OID.1.2.840.113549.2.9", "HmacSHA256");
        provider.put("Alg.Alias.Mac.1.2.840.113549.2.9", "HmacSHA256");
        provider.put("Mac.HmacSHA384", str + "UBMac$HmacSHA384");
        provider.put("Alg.Alias.Mac.OID.1.2.840.113549.2.10", "HmacSHA384");
        provider.put("Alg.Alias.Mac.1.2.840.113549.2.10", "HmacSHA384");
        provider.put("Mac.HmacSHA512", str + "UBMac$HmacSHA512");
        provider.put("Alg.Alias.Mac.OID.1.2.840.113549.2.11", "HmacSHA512");
        provider.put("Alg.Alias.Mac.1.2.840.113549.2.11", "HmacSHA512");
        return new Provider.Service[]{new UBProviderService(provider, "KeyStore", "PKCS11", str + "UBKeyStore", partition, 0), new UBProviderService(provider, "KeyFactory", "RSA", str + "UBRSAKeyFactory", partition, 2), new UBProviderService(provider, "KeyPairGenerator", "RSA", str + "UBRSAKeyPairGenerator", partition, 1), new UBProviderService(provider, "KeyFactory", "EC", str + "UBECKeyFactory", partition, 4), new UBProviderService(provider, "KeyPairGenerator", "EC", str + "UBECKeyPairGenerator", partition, 3), new UBProviderService(provider, "SecretKeyFactory", "AES", str + "UBSecretKeyFactory$AES", partition, 5), new UBProviderService(provider, "KeyGenerator", "AES", str + "UBSecretKeyGenerator$AES", partition, 6), new UBProviderService(provider, "SecretKeyFactory", "HMAC", str + "UBSecretKeyFactory$Hmac", partition, 7), new UBProviderService(provider, "KeyGenerator", "HMAC", str + "UBSecretKeyGenerator$Hmac", partition, 8)};
    }
}
