package de.osci.osci12.samples.impl.crypto;

import de.osci.osci12.common.Constants;
import de.osci.osci12.common.DialogHandler;
import de.osci.osci12.extinterfaces.crypto.Signer;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:de/osci/osci12/samples/impl/crypto/PKCS12Signer.class */
public class PKCS12Signer extends Signer {
    private static Log log = LogFactory.getLog(PKCS12Signer.class);
    private X509Certificate cert;
    private String alias;
    private char[] pin;
    private KeyStore keyStore;
    private boolean usePSSforRSAkey;

    public PKCS12Signer(String str, String str2) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        this(PKCS12Signer.class.getResourceAsStream(str), str2, false);
    }

    public PKCS12Signer(InputStream inputStream, String str) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        this(inputStream, str, false);
    }

    public PKCS12Signer(String str, String str2, boolean z) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        this(PKCS12Signer.class.getResourceAsStream(str), str2, z);
    }

    public PKCS12Signer(InputStream inputStream, String str, boolean z) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        this.pin = null;
        this.keyStore = null;
        this.usePSSforRSAkey = false;
        this.pin = str.toCharArray();
        if (DialogHandler.getSecurityProvider() == null) {
            this.keyStore = KeyStore.getInstance("PKCS12");
        } else {
            this.keyStore = KeyStore.getInstance("PKCS12", DialogHandler.getSecurityProvider());
        }
        this.keyStore.load(inputStream, this.pin);
        String str2 = null;
        Enumeration<String> aliases = this.keyStore.aliases();
        while (aliases.hasMoreElements()) {
            KeyStore keyStore = this.keyStore;
            String nextElement = aliases.nextElement();
            str2 = nextElement;
            if (keyStore.isKeyEntry(nextElement)) {
                break;
            }
        }
        if (str2 == null) {
            throw new NullPointerException("No private key found in keystore.");
        }
        this.alias = str2;
        this.cert = (X509Certificate) this.keyStore.getCertificate(this.alias);
        this.usePSSforRSAkey = z;
    }

    @Override // de.osci.osci12.extinterfaces.crypto.Signer
    public String getVendor() {
        return "BOS";
    }

    @Override // de.osci.osci12.extinterfaces.crypto.Signer
    public String getVersion() {
        return "1.5";
    }

    @Override // de.osci.osci12.extinterfaces.crypto.Signer
    public String getAlgorithm() {
        String signatureAlgorithm = DialogHandler.getSignatureAlgorithm();
        try {
            String algorithm = this.keyStore.getKey(this.alias, this.pin).getAlgorithm();
            if (signatureAlgorithm.endsWith("sha256") && algorithm.equals("EC")) {
                signatureAlgorithm = Constants.SIGNATURE_ALGORITHM_ECDSA_SHA256;
            } else if (signatureAlgorithm.endsWith("sha512") && algorithm.equals("EC")) {
                signatureAlgorithm = Constants.SIGNATURE_ALGORITHM_ECDSA_SHA512;
            } else if (algorithm.equals("RSA")) {
                if (this.usePSSforRSAkey) {
                    if (signatureAlgorithm.contains("sha256")) {
                        signatureAlgorithm = Constants.SIGNATURE_ALGORITHM_RSA_SHA256_PSS;
                    } else if (signatureAlgorithm.contains("sha512")) {
                        signatureAlgorithm = Constants.SIGNATURE_ALGORITHM_RSA_SHA512_PSS;
                    }
                } else if (signatureAlgorithm.endsWith("sha256")) {
                    signatureAlgorithm = Constants.SIGNATURE_ALGORITHM_RSA_SHA256;
                } else if (signatureAlgorithm.endsWith("sha512")) {
                    signatureAlgorithm = Constants.SIGNATURE_ALGORITHM_RSA_SHA512;
                }
            }
        } catch (Exception e) {
            log.error("Problem getting private key type, return to default", e);
        }
        return signatureAlgorithm;
    }

    @Override // de.osci.osci12.extinterfaces.crypto.Signer
    public X509Certificate getCertificate() {
        return this.cert;
    }

    @Override // de.osci.osci12.extinterfaces.crypto.Signer
    public byte[] sign(byte[] bArr, String str) throws SignatureException {
        try {
            if (log.isDebugEnabled()) {
                log.debug("Algorithm: " + str);
            }
            Signature signature = DialogHandler.getSecurityProvider() == null ? Signature.getInstance(Constants.JCA_JCE_MAP.get(str)) : Signature.getInstance(Constants.JCA_JCE_MAP.get(str), DialogHandler.getSecurityProvider());
            signature.initSign((PrivateKey) this.keyStore.getKey(this.alias, this.pin));
            signature.update(bArr);
            if (log.isDebugEnabled()) {
                log.debug("Fertig mit dem Signieren");
            }
            return signature.sign();
        } catch (Exception e) {
            throw new SignatureException(DialogHandler.text.getString("signature_creation_error") + " - " + e.getClass() + ": " + e.getLocalizedMessage());
        }
    }
}
