package se.swedenconnect.ca.engine.configuration;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.Map;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import org.bouncycastle.operator.AlgorithmNameFinder;
import org.bouncycastle.operator.DefaultAlgorithmNameFinder;

/* loaded from: input_file:se/swedenconnect/ca/engine/configuration/CAAlgorithmRegistry.class */
public class CAAlgorithmRegistry {
    public static final String ALGO_ID_SIGNATURE_ECDSA_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256";
    public static final String ALGO_ID_SIGNATURE_ECDSA_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384";
    public static final String ALGO_ID_SIGNATURE_ECDSA_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512";
    public static final String ALGO_ID_SIGNATURE_RSA_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
    public static final String ALGO_ID_SIGNATURE_RSA_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384";
    public static final String ALGO_ID_SIGNATURE_RSA_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512";
    public static final String ALGO_ID_SIGNATURE_RSA_SHA256_MGF1 = "http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1";
    public static final String ALGO_ID_SIGNATURE_RSA_SHA384_MGF1 = "http://www.w3.org/2007/05/xmldsig-more#sha384-rsa-MGF1";
    public static final String ALGO_ID_SIGNATURE_RSA_SHA512_MGF1 = "http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1";
    public static final String ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1 = "http://www.w3.org/2007/05/xmldsig-more#sha3-256-rsa-MGF1";
    public static final String ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1 = "http://www.w3.org/2007/05/xmldsig-more#sha3-384-rsa-MGF1";
    public static final String ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1 = "http://www.w3.org/2007/05/xmldsig-more#sha3-512-rsa-MGF1";
    public static final String ALGO_ID_DIGEST_SHA256 = "http://www.w3.org/2001/04/xmlenc#sha256";
    public static final String ALGO_ID_DIGEST_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#sha384";
    public static final String ALGO_ID_DIGEST_SHA512 = "http://www.w3.org/2001/04/xmlenc#sha512";
    public static final String ALGO_ID_DIGEST_SHA3_256 = "http://www.w3.org/2007/05/xmldsig-more#sha3-256";
    public static final String ALGO_ID_DIGEST_SHA3_384 = "http://www.w3.org/2007/05/xmldsig-more#sha3-384";
    public static final String ALGO_ID_DIGEST_SHA3_512 = "http://www.w3.org/2007/05/xmldsig-more#sha3-512";
    public static final String RSAPSS_SHA1_NAME = "SHA1WITHRSAANDMGF1";
    public static final String RSAPSS_SHA224_NAME = "SHA224WITHRSAANDMGF1";
    public static final String RSAPSS_SHA256_NAME = "SHA256WITHRSAANDMGF1";
    public static final String RSAPSS_SHA384_NAME = "SHA384WITHRSAANDMGF1";
    public static final String RSAPSS_SHA512_NAME = "SHA512WITHRSAANDMGF1";
    public static final String RSAPSS_SHA3_224_NAME = "SHA3-224WITHRSAANDMGF1";
    public static final String RSAPSS_SHA3_256_NAME = "SHA3-256WITHRSAANDMGF1";
    public static final String RSAPSS_SHA3_384_NAME = "SHA3-384WITHRSAANDMGF1";
    public static final String RSAPSS_SHA3_512_NAME = "SHA3-512WITHRSAANDMGF1";
    private static AlgorithmNameFinder algorithmNameFinder = new DefaultAlgorithmNameFinder();
    private static Map<String, SignatureAlgorithmProperties> supportedAlgoMap = new HashMap();

    /* loaded from: input_file:se/swedenconnect/ca/engine/configuration/CAAlgorithmRegistry$SignatureAlgorithmProperties.class */
    public static class SignatureAlgorithmProperties {
        private final String sigAlgoId;
        private final ASN1ObjectIdentifier sigAlgoOID;
        private final String sigAlgoName;
        private final String algoType;
        private final String digestAlgoId;
        private final ASN1ObjectIdentifier digestAlgoOID;

        /* loaded from: input_file:se/swedenconnect/ca/engine/configuration/CAAlgorithmRegistry$SignatureAlgorithmProperties$SignatureAlgorithmPropertiesBuilder.class */
        public static class SignatureAlgorithmPropertiesBuilder {
            private String sigAlgoId;
            private ASN1ObjectIdentifier sigAlgoOID;
            private String sigAlgoName;
            private String algoType;
            private String digestAlgoId;
            private ASN1ObjectIdentifier digestAlgoOID;

            SignatureAlgorithmPropertiesBuilder() {
            }

            public SignatureAlgorithmPropertiesBuilder sigAlgoId(String str) {
                this.sigAlgoId = str;
                return this;
            }

            public SignatureAlgorithmPropertiesBuilder sigAlgoOID(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
                this.sigAlgoOID = aSN1ObjectIdentifier;
                return this;
            }

            public SignatureAlgorithmPropertiesBuilder sigAlgoName(String str) {
                this.sigAlgoName = str;
                return this;
            }

            public SignatureAlgorithmPropertiesBuilder algoType(String str) {
                this.algoType = str;
                return this;
            }

            public SignatureAlgorithmPropertiesBuilder digestAlgoId(String str) {
                this.digestAlgoId = str;
                return this;
            }

            public SignatureAlgorithmPropertiesBuilder digestAlgoOID(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
                this.digestAlgoOID = aSN1ObjectIdentifier;
                return this;
            }

            public SignatureAlgorithmProperties build() {
                return new SignatureAlgorithmProperties(this.sigAlgoId, this.sigAlgoOID, this.sigAlgoName, this.algoType, this.digestAlgoId, this.digestAlgoOID);
            }

            public String toString() {
                return "CAAlgorithmRegistry.SignatureAlgorithmProperties.SignatureAlgorithmPropertiesBuilder(sigAlgoId=" + this.sigAlgoId + ", sigAlgoOID=" + this.sigAlgoOID + ", sigAlgoName=" + this.sigAlgoName + ", algoType=" + this.algoType + ", digestAlgoId=" + this.digestAlgoId + ", digestAlgoOID=" + this.digestAlgoOID + ")";
            }
        }

        public static SignatureAlgorithmPropertiesBuilder builder() {
            return new SignatureAlgorithmPropertiesBuilder();
        }

        public String getSigAlgoId() {
            return this.sigAlgoId;
        }

        public ASN1ObjectIdentifier getSigAlgoOID() {
            return this.sigAlgoOID;
        }

        public String getSigAlgoName() {
            return this.sigAlgoName;
        }

        public String getAlgoType() {
            return this.algoType;
        }

        public String getDigestAlgoId() {
            return this.digestAlgoId;
        }

        public ASN1ObjectIdentifier getDigestAlgoOID() {
            return this.digestAlgoOID;
        }

        public SignatureAlgorithmProperties(String str, ASN1ObjectIdentifier aSN1ObjectIdentifier, String str2, String str3, String str4, ASN1ObjectIdentifier aSN1ObjectIdentifier2) {
            this.sigAlgoId = str;
            this.sigAlgoOID = aSN1ObjectIdentifier;
            this.sigAlgoName = str2;
            this.algoType = str3;
            this.digestAlgoId = str4;
            this.digestAlgoOID = aSN1ObjectIdentifier2;
        }
    }

    public static boolean isAlgoSupported(String str) {
        return supportedAlgoMap.containsKey(str);
    }

    public static String getAlgorithmURI(AlgorithmIdentifier algorithmIdentifier) throws NoSuchAlgorithmException {
        ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
        if (!algorithm.equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) {
            return (String) supportedAlgoMap.keySet().stream().map(str -> {
                return supportedAlgoMap.get(str);
            }).filter(signatureAlgorithmProperties -> {
                return signatureAlgorithmProperties.getSigAlgoOID().equals(algorithm);
            }).map((v0) -> {
                return v0.getSigAlgoId();
            }).findFirst().orElseThrow(() -> {
                return new NoSuchAlgorithmException("Non supported signature algorithm");
            });
        }
        try {
            AlgorithmIdentifier hashAlgorithm = RSASSAPSSparams.getInstance(algorithmIdentifier.getParameters()).getHashAlgorithm();
            return (String) supportedAlgoMap.keySet().stream().map(str2 -> {
                return supportedAlgoMap.get(str2);
            }).filter(signatureAlgorithmProperties2 -> {
                return signatureAlgorithmProperties2.getSigAlgoOID().equals(algorithm);
            }).filter(signatureAlgorithmProperties3 -> {
                return signatureAlgorithmProperties3.getDigestAlgoOID().equals(hashAlgorithm.getAlgorithm());
            }).map((v0) -> {
                return v0.getSigAlgoId();
            }).findFirst().orElseThrow(() -> {
                return new NoSuchAlgorithmException("Non supported RSA PSS algorithm parameters");
            });
        } catch (Exception e) {
            throw new NoSuchAlgorithmException("Illegal RSA PSS parameters", e);
        }
    }

    public static String getAlgorithmURI(ASN1ObjectIdentifier aSN1ObjectIdentifier, ASN1ObjectIdentifier aSN1ObjectIdentifier2) throws NoSuchAlgorithmException {
        return (String) supportedAlgoMap.keySet().stream().map(str -> {
            return supportedAlgoMap.get(str);
        }).filter(signatureAlgorithmProperties -> {
            return isSigAlgoEquivalent(signatureAlgorithmProperties.getSigAlgoOID(), aSN1ObjectIdentifier, aSN1ObjectIdentifier2) && signatureAlgorithmProperties.getDigestAlgoOID().equals(aSN1ObjectIdentifier2);
        }).map((v0) -> {
            return v0.getSigAlgoId();
        }).findFirst().orElseThrow(() -> {
            return new NoSuchAlgorithmException("Non supported combination of signature algorithm and hash algorithm");
        });
    }

    private static boolean isSigAlgoEquivalent(ASN1ObjectIdentifier aSN1ObjectIdentifier, ASN1ObjectIdentifier aSN1ObjectIdentifier2, ASN1ObjectIdentifier aSN1ObjectIdentifier3) {
        if (aSN1ObjectIdentifier2.equals(PKCSObjectIdentifiers.rsaEncryption)) {
            if (aSN1ObjectIdentifier3.equals(NISTObjectIdentifiers.id_sha224) && aSN1ObjectIdentifier.equals(PKCSObjectIdentifiers.sha224WithRSAEncryption)) {
                return true;
            }
            if (aSN1ObjectIdentifier3.equals(NISTObjectIdentifiers.id_sha256) && aSN1ObjectIdentifier.equals(PKCSObjectIdentifiers.sha256WithRSAEncryption)) {
                return true;
            }
            if (aSN1ObjectIdentifier3.equals(NISTObjectIdentifiers.id_sha384) && aSN1ObjectIdentifier.equals(PKCSObjectIdentifiers.sha384WithRSAEncryption)) {
                return true;
            }
            if (aSN1ObjectIdentifier3.equals(NISTObjectIdentifiers.id_sha512) && aSN1ObjectIdentifier.equals(PKCSObjectIdentifiers.sha512WithRSAEncryption)) {
                return true;
            }
        }
        return aSN1ObjectIdentifier.equals(aSN1ObjectIdentifier2);
    }

    public static SignatureAlgorithmProperties getAlgorithmProperties(String str) throws NoSuchAlgorithmException {
        if (isAlgoSupported(str)) {
            return supportedAlgoMap.get(str);
        }
        throw new NoSuchAlgorithmException("Unsupported Algorithm " + str);
    }

    public static MessageDigest getMessageDigestInstance(String str) throws NoSuchAlgorithmException {
        if (isAlgoSupported(str)) {
            return MessageDigest.getInstance(getDigestName(str));
        }
        throw new NoSuchAlgorithmException("Unsupported Signature Algorithm " + str);
    }

    public static String getDigestName(String str) throws NoSuchAlgorithmException {
        if (supportedAlgoMap.containsKey(str)) {
            return algorithmNameFinder.getAlgorithmName(supportedAlgoMap.get(str).getDigestAlgoOID());
        }
        throw new NoSuchAlgorithmException("No supported digest algorithm for " + str);
    }

    public static String getSigAlgoName(String str) throws NoSuchAlgorithmException {
        if (supportedAlgoMap.containsKey(str)) {
            return supportedAlgoMap.get(str).getSigAlgoName();
        }
        throw new NoSuchAlgorithmException("Unsupported algorithm: " + str);
    }

    public static void registerSupportedAlgorithm(SignatureAlgorithmProperties signatureAlgorithmProperties) {
        if (signatureAlgorithmProperties == null || signatureAlgorithmProperties.getSigAlgoId() == null) {
            throw new IllegalArgumentException("SignatureAlgorithmProperties must not be null");
        }
        putAlgo(signatureAlgorithmProperties);
    }

    public static void removeRegisteredAlgorithm(String str) {
        if (!isAlgoSupported(str)) {
            throw new IllegalArgumentException("Specified algorithm is not in registry");
        }
        supportedAlgoMap.remove(str);
    }

    public static String getAlgoFamilyFromAlgo(String str) throws IllegalArgumentException {
        if (supportedAlgoMap.containsKey(str)) {
            return supportedAlgoMap.get(str).getAlgoType();
        }
        throw new IllegalArgumentException("Unsupported algorithm family");
    }

    private CAAlgorithmRegistry() {
    }

    private static void putAlgo(SignatureAlgorithmProperties signatureAlgorithmProperties) {
        supportedAlgoMap.put(signatureAlgorithmProperties.getSigAlgoId(), signatureAlgorithmProperties);
    }

    static {
        putAlgo(SignatureAlgorithmProperties.builder().sigAlgoId(ALGO_ID_SIGNATURE_RSA_SHA256).sigAlgoOID(PKCSObjectIdentifiers.sha256WithRSAEncryption).sigAlgoName(algorithmNameFinder.getAlgorithmName(PKCSObjectIdentifiers.sha256WithRSAEncryption)).algoType(PKAlgorithmConstants.KEY_ALGO_RSA).digestAlgoId(ALGO_ID_DIGEST_SHA256).digestAlgoOID(NISTObjectIdentifiers.id_sha256).build());
        putAlgo(SignatureAlgorithmProperties.builder().sigAlgoId(ALGO_ID_SIGNATURE_RSA_SHA384).sigAlgoOID(PKCSObjectIdentifiers.sha384WithRSAEncryption).sigAlgoName(algorithmNameFinder.getAlgorithmName(PKCSObjectIdentifiers.sha384WithRSAEncryption)).algoType(PKAlgorithmConstants.KEY_ALGO_RSA).digestAlgoId(ALGO_ID_DIGEST_SHA384).digestAlgoOID(NISTObjectIdentifiers.id_sha384).build());
        putAlgo(SignatureAlgorithmProperties.builder().sigAlgoId(ALGO_ID_SIGNATURE_RSA_SHA512).sigAlgoOID(PKCSObjectIdentifiers.sha512WithRSAEncryption).sigAlgoName(algorithmNameFinder.getAlgorithmName(PKCSObjectIdentifiers.sha512WithRSAEncryption)).algoType(PKAlgorithmConstants.KEY_ALGO_RSA).digestAlgoId(ALGO_ID_DIGEST_SHA512).digestAlgoOID(NISTObjectIdentifiers.id_sha512).build());
        putAlgo(SignatureAlgorithmProperties.builder().sigAlgoId(ALGO_ID_SIGNATURE_RSA_SHA256_MGF1).sigAlgoOID(PKCSObjectIdentifiers.id_RSASSA_PSS).sigAlgoName(RSAPSS_SHA256_NAME).algoType(PKAlgorithmConstants.KEY_ALGO_RSA).digestAlgoId(ALGO_ID_DIGEST_SHA256).digestAlgoOID(NISTObjectIdentifiers.id_sha256).build());
        putAlgo(SignatureAlgorithmProperties.builder().sigAlgoId(ALGO_ID_SIGNATURE_RSA_SHA384_MGF1).sigAlgoOID(PKCSObjectIdentifiers.id_RSASSA_PSS).sigAlgoName(RSAPSS_SHA384_NAME).algoType(PKAlgorithmConstants.KEY_ALGO_RSA).digestAlgoId(ALGO_ID_DIGEST_SHA384).digestAlgoOID(NISTObjectIdentifiers.id_sha384).build());
        putAlgo(SignatureAlgorithmProperties.builder().sigAlgoId(ALGO_ID_SIGNATURE_RSA_SHA512_MGF1).sigAlgoOID(PKCSObjectIdentifiers.id_RSASSA_PSS).sigAlgoName(RSAPSS_SHA512_NAME).algoType(PKAlgorithmConstants.KEY_ALGO_RSA).digestAlgoId(ALGO_ID_DIGEST_SHA512).digestAlgoOID(NISTObjectIdentifiers.id_sha512).build());
        putAlgo(SignatureAlgorithmProperties.builder().sigAlgoId(ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1).sigAlgoOID(PKCSObjectIdentifiers.id_RSASSA_PSS).sigAlgoName(RSAPSS_SHA3_256_NAME).algoType(PKAlgorithmConstants.KEY_ALGO_RSA).digestAlgoId(ALGO_ID_DIGEST_SHA3_256).digestAlgoOID(NISTObjectIdentifiers.id_sha3_256).build());
        putAlgo(SignatureAlgorithmProperties.builder().sigAlgoId(ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1).sigAlgoOID(PKCSObjectIdentifiers.id_RSASSA_PSS).sigAlgoName(RSAPSS_SHA3_384_NAME).algoType(PKAlgorithmConstants.KEY_ALGO_RSA).digestAlgoId(ALGO_ID_DIGEST_SHA3_384).digestAlgoOID(NISTObjectIdentifiers.id_sha3_384).build());
        putAlgo(SignatureAlgorithmProperties.builder().sigAlgoId(ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1).sigAlgoOID(PKCSObjectIdentifiers.id_RSASSA_PSS).sigAlgoName(RSAPSS_SHA3_512_NAME).algoType(PKAlgorithmConstants.KEY_ALGO_RSA).digestAlgoId(ALGO_ID_DIGEST_SHA3_512).digestAlgoOID(NISTObjectIdentifiers.id_sha3_512).build());
        putAlgo(SignatureAlgorithmProperties.builder().sigAlgoId(ALGO_ID_SIGNATURE_ECDSA_SHA256).sigAlgoOID(X9ObjectIdentifiers.ecdsa_with_SHA256).sigAlgoName(algorithmNameFinder.getAlgorithmName(X9ObjectIdentifiers.ecdsa_with_SHA256)).algoType(PKAlgorithmConstants.KEY_ALGO_EC).digestAlgoId(ALGO_ID_DIGEST_SHA256).digestAlgoOID(NISTObjectIdentifiers.id_sha256).build());
        putAlgo(SignatureAlgorithmProperties.builder().sigAlgoId(ALGO_ID_SIGNATURE_ECDSA_SHA384).sigAlgoOID(X9ObjectIdentifiers.ecdsa_with_SHA384).sigAlgoName(algorithmNameFinder.getAlgorithmName(X9ObjectIdentifiers.ecdsa_with_SHA384)).algoType(PKAlgorithmConstants.KEY_ALGO_EC).digestAlgoId(ALGO_ID_DIGEST_SHA384).digestAlgoOID(NISTObjectIdentifiers.id_sha384).build());
        putAlgo(SignatureAlgorithmProperties.builder().sigAlgoId(ALGO_ID_SIGNATURE_ECDSA_SHA512).sigAlgoOID(X9ObjectIdentifiers.ecdsa_with_SHA512).sigAlgoName(algorithmNameFinder.getAlgorithmName(X9ObjectIdentifiers.ecdsa_with_SHA512)).algoType(PKAlgorithmConstants.KEY_ALGO_EC).digestAlgoId(ALGO_ID_DIGEST_SHA512).digestAlgoOID(NISTObjectIdentifiers.id_sha512).build());
    }
}
