package nl.aeteurope.mpki.identity;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.List;
import nl.aeteurope.mpki.Constants;
import nl.aeteurope.mpki.ExtendedCertificate;
import nl.aeteurope.mpki.Logger;
import nl.aeteurope.mpki.backendclient.BackendClientFactory;
import nl.aeteurope.mpki.backendclient.DefaultBackendClientFactory;
import nl.aeteurope.mpki.enrollment.EnrollmentStorage;
import nl.aeteurope.mpki.secureelement.BaseSecureElement;
import nl.aeteurope.mpki.secureelement.IncorrectPasswordException;
import nl.aeteurope.mpki.workflow.MissingIdentityException;
import nl.aeteurope.mpki.workflow.PinState;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.cms.CMSException;
import org.spongycastle.cms.CMSProcessableByteArray;
import org.spongycastle.cms.CMSSignedDataGenerator;
import org.spongycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.operator.ContentSigner;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;
import org.spongycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;

/* loaded from: classes.dex */
public class SoftSecureElement extends BaseSecureElement {
    private static final String LOG = SoftSecureElement.class.getSimpleName();
    private EnrollmentStorage enrollmentStorage;
    private final Logger logger;

    public SoftSecureElement(EnrollmentStorage enrollmentStorage, Logger logger) {
        this.enrollmentStorage = enrollmentStorage;
        this.logger = logger;
        try {
            Security.addProvider(getProvider());
        } catch (MissingIdentityException e) {
            e.printStackTrace();
        }
    }

    @Override // nl.aeteurope.mpki.secureelement.SecureElement
    public BackendClientFactory getBackendClientFactory() {
        return new DefaultBackendClientFactory();
    }

    @Override // nl.aeteurope.mpki.secureelement.SecureElement
    public X509Certificate getCertificate(String str) {
        try {
            this.enrollmentStorage.getCertificate(str);
            return null;
        } catch (KeyStoreException e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // nl.aeteurope.mpki.secureelement.SecureElement
    public List<ExtendedCertificate> getExtendedCertificates(char[] cArr) throws MissingIdentityException {
        return this.enrollmentStorage.getExtendedCertificates();
    }

    @Override // nl.aeteurope.mpki.secureelement.SecureElement
    public KeyStore getKeyStore(char[] cArr) throws MissingIdentityException, IncorrectPasswordException {
        return this.enrollmentStorage.getKeyStore();
    }

    @Override // nl.aeteurope.mpki.secureelement.SecureElement
    public PinState getPinState() throws MissingIdentityException {
        this.logger.i(LOG, "getting PinState via SoftSecureElement");
        return this.enrollmentStorage.getPinState();
    }

    @Override // nl.aeteurope.mpki.secureelement.SecureElement
    public PrivateKey getPrivateKey(X509Certificate x509Certificate, char[] cArr) throws IncorrectPasswordException, MissingIdentityException {
        return this.enrollmentStorage.getPrivateKey(x509Certificate, cArr);
    }

    @Override // nl.aeteurope.mpki.secureelement.SecureElement
    public Provider getProvider() throws MissingIdentityException {
        return new BouncyCastleProvider();
    }

    @Override // nl.aeteurope.mpki.secureelement.SecureElement
    public boolean hasPrivateKey(String str) {
        return true;
    }

    @Override // nl.aeteurope.mpki.secureelement.SecureElement
    public boolean isValidPin(char[] cArr, CertificateWithPrivateKeyReference certificateWithPrivateKeyReference) throws IncorrectPasswordException, MissingIdentityException {
        return this.enrollmentStorage.isValidPin(cArr, certificateWithPrivateKeyReference.getCertificate());
    }

    @Override // nl.aeteurope.mpki.secureelement.SecureElement
    public void restoreSSLProvider() {
    }

    @Override // nl.aeteurope.mpki.secureelement.SecureElement
    public void setSSLProvider() {
    }

    @Override // nl.aeteurope.mpki.secureelement.SecureElement
    public byte[] signPKCS7(byte[] bArr, CertificateWithPrivateKeyReference certificateWithPrivateKeyReference, char[] cArr) throws GeneralSecurityException, CMSException, OperatorCreationException, IOException, MissingIdentityException, IncorrectPasswordException {
        Security.addProvider(getProvider());
        X509Certificate certificate = certificateWithPrivateKeyReference.getCertificate();
        ContentSigner build = new JcaContentSignerBuilder(Constants.SIGNATURE_ALGORITHM).setProvider("SC").build(getPrivateKey(certificate, cArr));
        CMSProcessableByteArray cMSProcessableByteArray = new CMSProcessableByteArray(bArr);
        CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
        cMSSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("SC").build()).setDirectSignature(true).build(build, certificate));
        cMSSignedDataGenerator.addCertificate(new X509CertificateHolder(certificate.getEncoded()));
        return cMSSignedDataGenerator.generate(cMSProcessableByteArray, true).getEncoded();
    }
}
