package com.unbound.client.kmip;

import com.unbound.client.Client;
import com.unbound.client.ECPrivateKeyObject;
import com.unbound.client.ObjectType;
import com.unbound.common.Log;
import com.unbound.common.crypto.EC;
import com.unbound.common.crypto.SystemProvider;
import com.unbound.kmip.KMIP;
import com.unbound.kmip.attribute.BoolAttribute;
import com.unbound.kmip.attribute.EnumAttribute;
import com.unbound.kmip.attribute.IntAttribute;
import com.unbound.kmip.attribute.Name;
import com.unbound.kmip.attribute.TemplateAttribute;
import com.unbound.kmip.object.ManagedObject;
import com.unbound.kmip.object.PrivateKey;
import com.unbound.kmip.request.CreateKeyPairRequest;
import com.unbound.kmip.request.RegisterRequest;
import com.unbound.provider.KeyParameters;
import java.security.ProviderException;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECPoint;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;

/* loaded from: input_file:com/unbound/client/kmip/KMIPECPrivateKey.class */
public class KMIPECPrivateKey extends KMIPObject implements ECPrivateKeyObject {
    private EC.Curve curve;
    private ECPoint point;

    /* JADX INFO: Access modifiers changed from: package-private */
    public KMIPECPrivateKey(KMIPSession kMIPSession, long j) {
        super(ObjectType.ECPrv, j);
        this.curve = null;
        this.point = null;
        read(kMIPSession);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static TemplateAttribute getTemplate(String str, KeyParameters keyParameters) {
        TemplateAttribute templateAttribute = new TemplateAttribute();
        if (keyParameters != null) {
            if (str == null) {
                str = keyParameters.getName();
            }
            if (keyParameters.isSetDerive() && keyParameters.isAllowDerive() && !(keyParameters.isSetSign() && keyParameters.isAllowSign())) {
                templateAttribute.attrs.add(new BoolAttribute(KMIP.Tag.CKA_SIGN, false));
                templateAttribute.attrs.add(new BoolAttribute(KMIP.Tag.CKA_DERIVE, true));
                templateAttribute.attrs.add(new BoolAttribute(KMIP.Tag.CKA_DECRYPT, keyParameters.isAllowDecrypt()));
            } else {
                templateAttribute.attrs.add(new BoolAttribute(KMIP.Tag.CKA_SIGN, true));
                templateAttribute.attrs.add(new BoolAttribute(KMIP.Tag.CKA_DERIVE, false));
            }
            makeExportLevel(templateAttribute, keyParameters);
        } else {
            templateAttribute.attrs.add(new IntAttribute(KMIP.Tag.CryptographicUsageMask, 1));
        }
        templateAttribute.attrs.add(new EnumAttribute(KMIP.Tag.CryptographicAlgorithm, 26));
        if (str != null) {
            templateAttribute.attrs.add(new Name(str));
        }
        return templateAttribute;
    }

    @Override // com.unbound.client.kmip.KMIPObject
    void acceptManagedObject(ManagedObject managedObject) {
        try {
            ECPublicKey eCPublicKey = (ECPublicKey) SystemProvider.KeyFactory.getInstance("EC").generatePublic(new X509EncodedKeySpec(((PrivateKey) managedObject).keyBlock.buf));
            this.curve = EC.getCurve(eCPublicKey);
            this.point = eCPublicKey.getW();
        } catch (InvalidKeySpecException e) {
            throw new ProviderException(e);
        }
    }

    @Override // com.unbound.client.ECPrivateKeyObject
    public EC.Curve getCurve() {
        return this.curve;
    }

    @Override // com.unbound.client.ECPrivateKeyObject
    public ECPoint getPoint() {
        return this.point;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KMIPECPrivateKey importKey(KMIPSession kMIPSession, String str, ECPrivateKey eCPrivateKey, KeyParameters keyParameters) {
        long j = 0;
        Log end = Log.func("KMIPECPrivateKey.importKey").end();
        try {
            try {
                wipeDeletedObject(kMIPSession, Client.getEcUid(eCPrivateKey));
                RegisterRequest registerRequest = new RegisterRequest();
                registerRequest.objectType = 4;
                registerRequest.template = getTemplate(str, keyParameters);
                PrivateKey privateKey = new PrivateKey();
                registerRequest.object = privateKey;
                privateKey.keyBlock.formatType = 4;
                privateKey.keyBlock.buf = eCPrivateKey.getEncoded();
                privateKey.keyBlock.algorithm = 26;
                j = register(kMIPSession, registerRequest);
                KMIPECPrivateKey kMIPECPrivateKey = new KMIPECPrivateKey(kMIPSession, j);
                end.leavePrint().logHex("uid", j).end();
                return kMIPECPrivateKey;
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } catch (Throwable th) {
            end.leavePrint().logHex("uid", j).end();
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KMIPECPrivateKey generate(KMIPSession kMIPSession, String str, EC.Curve curve, KeyParameters keyParameters) {
        long j = 0;
        if (keyParameters != null && str == null) {
            str = keyParameters.getName();
        }
        Log end = Log.func("KMIPECPrivateKey.generate").log("curve", curve.name).end();
        try {
            try {
                TemplateAttribute template = getTemplate(str, keyParameters);
                template.attrs.add(new EnumAttribute(KMIP.Tag.RecommendedCurve, curve.kmipCode));
                CreateKeyPairRequest createKeyPairRequest = new CreateKeyPairRequest();
                createKeyPairRequest.prv = template;
                j = createKeyPair(kMIPSession, createKeyPairRequest);
                KMIPECPrivateKey kMIPECPrivateKey = new KMIPECPrivateKey(kMIPSession, j);
                end.leavePrint().logHex("UID", j).end();
                return kMIPECPrivateKey;
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } catch (Throwable th) {
            end.leavePrint().logHex("UID", j).end();
            throw th;
        }
    }
}
