package de.governikus.mcard.jce.sig.delegate;

import de.bos_bremen.gov2.jca_provider.OCFPrivateKey;
import de.bos_bremen.gov2.jca_provider.OCFProvider;
import de.bos_bremen.gov2.jca_provider.OCFSignature;
import de.bos_bremen.gov2.jca_provider.OCF_PSS_Signature;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.util.Map;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:de/governikus/mcard/jce/sig/delegate/JCEDelegateMCardBCProvider.class */
public class JCEDelegateMCardBCProvider extends Provider {
    private static final String PROVIDER_NAME_SUN_JCE = "SunJCE";
    private static final String PROVIDER_NAME_SUN_RSA_SIGN = "SunRsaSign";
    public static final String KEYSTORE_TYPE = "DELEGATE";
    private static final Logger LOG = LogManager.getLogger(JCEDelegateMCardBCProvider.class);
    public static final String PROVIDER_INFO = "Delegating MCard (signature creation) / BouncyCastleProvider (signature verification) - additional algorithms might be used as required for BouncyCastle JSSE Provider TLS authentication using smartcards";
    public static final String PROVIDER_NAME = "JDMCBC";
    public static final double PROVIDER_VERSION = 1.0d;
    private static final long serialVersionUID = 1;

    public static void copyEntryWithOneCrit(Provider provider, Provider provider2, String str) {
        if (str == null || str.isEmpty()) {
            return;
        }
        provider.keySet().stream().filter(obj -> {
            return obj.toString().contains(str);
        }).forEach(obj2 -> {
            provider2.put(obj2.toString(), provider.get(obj2.toString()));
        });
    }

    public static void copyEntryWithOneCritKeyOrValue(Provider provider, Provider provider2, String str) {
        if (str == null || str.isEmpty()) {
            return;
        }
        provider.keySet().stream().filter(obj -> {
            return obj.toString().contains(str) || provider.getProperty(obj.toString(), "").contains(str);
        }).forEach(obj2 -> {
            provider2.put(obj2.toString(), provider.get(obj2.toString()));
        });
    }

    public static void copyEntryWithTwoCritAnd(Provider provider, Provider provider2, String str, String str2) {
        if (str == null || str.isEmpty()) {
            copyEntryWithOneCrit(provider, provider2, str2);
        } else if (str2 == null || str2.isEmpty()) {
            copyEntryWithOneCrit(provider, provider2, str);
        } else {
            provider.keySet().stream().filter(obj -> {
                return obj.toString().contains(str) && obj.toString().contains(str2);
            }).forEach(obj2 -> {
                provider2.put(obj2.toString(), provider.get(obj2.toString()));
            });
        }
    }

    public static void copyEntryWithThreeCritOr(Provider provider, Provider provider2, String str, String str2, String str3) {
        provider.keySet().stream().filter(obj -> {
            return ((str == null || str.isEmpty() || !obj.toString().contains(str)) && (str2 == null || str2.isEmpty() || !obj.toString().contains(str2)) && (str3 == null || str3.isEmpty() || !obj.toString().contains(str3))) ? false : true;
        }).forEach(obj2 -> {
            provider2.put(obj2.toString(), provider.get(obj2.toString()));
        });
    }

    public JCEDelegateMCardBCProvider() {
        this(null, null);
    }

    public JCEDelegateMCardBCProvider(Map<?, ?> map) {
        this(null, map);
    }

    public JCEDelegateMCardBCProvider(Map<?, ?> map, Map<?, ?> map2) {
        super(PROVIDER_NAME, 1.0d, PROVIDER_INFO);
        if (map != null && !map.isEmpty()) {
            super.putAll(map);
        }
        put("Signature.NONEwithRSA", JCEDelegateRawRSASignature.class.getName());
        registerMCardOCFProviderAlgorithms();
        registerSunJCEAlgorithms();
        registerBCAlgorithms();
        registerAdditionals();
        if (map2 == null || map2.isEmpty()) {
            return;
        }
        super.putAll(map2);
    }

    @Override // java.security.Provider, java.util.Hashtable, java.util.Dictionary, java.util.Map
    public synchronized Object put(Object obj, Object obj2) {
        if (obj2 == null) {
            LOG.debug("skip overwriting existing key value not with null: {}", obj);
            return super.get(obj);
        }
        if (super.contains(obj) && super.get(obj) != null && !obj2.equals(super.get(obj))) {
            LOG.debug("changing/overwriting existing key: {}, old value: {}, new value: {}", obj, super.get(obj), obj2);
        }
        LOG.debug("set key: {}, value: {}", obj, obj2);
        return super.put(obj, obj2);
    }

    private void registerSunJCEAlgorithms() {
        Provider provider = Security.getProvider(PROVIDER_NAME_SUN_JCE);
        if (provider == null) {
            throw new IllegalArgumentException("missing required registered provider: SunJCE");
        }
        for (String str : new String[]{JCEDelegateDiffieHellmanKeyAgreement.ALGORITHM, "DH"}) {
            copyEntryWithOneCritKeyOrValue(provider, this, str);
        }
        put("KeyPairGenerator.DiffieHellman", provider.getProperty("KeyPairGenerator.DH"));
        put("KeyFactory.DiffieHellman", provider.getProperty("KeyFactory.DH"));
    }

    private void registerBCAlgorithms() {
        BouncyCastleProvider bouncyCastleProvider = Security.getProvider("BC") == null ? new BouncyCastleProvider() : Security.getProvider("BC");
        if (Security.getProvider("BC") == null) {
            LOG.warn("missing required registered  provider: BC");
        }
        for (String str : new String[]{"MessageDigest", "SecureRandom", "Agreement", "AlgorithmParameters", "AES", "GCM", "CertificateFactory", "Mac", "NONEwithRSA"}) {
            copyEntryWithOneCrit(bouncyCastleProvider, this, str);
        }
        copyEntryWithTwoCritAnd(bouncyCastleProvider, this, "KeyPairGenerator", "X25519");
        copyEntryWithTwoCritAnd(bouncyCastleProvider, this, "KeyFactory", "X25519");
        for (String str2 : new String[]{JCEDelegateDiffieHellmanKeyAgreement.ALGORITHM, "DH"}) {
            copyEntryWithOneCritKeyOrValue(bouncyCastleProvider, this, str2);
        }
    }

    private void registerAdditionals() {
        put("KeyStore.DELEGATE", JCEDelegateKeyStore.class.getName());
        put("KeyAggreement.DiffieHellman", JCEDelegateDiffieHellmanKeyAgreement.class.getName());
    }

    private void registerMCardOCFProviderAlgorithms() {
        OCFProvider oCFProvider = new OCFProvider();
        oCFProvider.keySet().stream().filter(obj -> {
            return obj.toString().contains("Signature") && (oCFProvider.get(obj.toString()).toString().contains(OCFSignature.class.getName()) || oCFProvider.get(obj.toString()).toString().contains(OCF_PSS_Signature.class.getName()));
        }).forEach(obj2 -> {
            put(obj2.toString(), oCFProvider.get(obj2.toString()).toString().replace(OCFSignature.class.getName(), JCEDelegateSignature.class.getName()).replace(OCF_PSS_Signature.class.getName(), JCEDelegatePSSSignature.class.getName()));
        });
        oCFProvider.keySet().stream().filter(obj3 -> {
            return obj3.toString().contains("Signature") && obj3.toString().contains("SupportedKeyClasses") && oCFProvider.get(obj3.toString()).toString().contains(OCFPrivateKey.class.getName());
        }).forEach(obj4 -> {
            put(obj4.toString(), oCFProvider.get(obj4.toString()).toString().replace(OCFPrivateKey.class.getName(), OCFPrivateKey.class.getName() + "|" + PrivateKey.class.getName() + "|" + PublicKey.class.getName()));
        });
        for (String str : new String[]{"Agreement", "AlgorithmParameters", "AES", "GCM"}) {
            copyEntryWithOneCrit(oCFProvider, this, str);
        }
        copyEntryWithThreeCritOr(oCFProvider, this, "RSA/ECB/PKCS1Padding", "OCFDECRYPTRSA", "Cipher.RSA");
    }
}
