package es.gob.jmulticard.jse.provider;

import es.gob.jmulticard.CryptoHelper;
import es.gob.jmulticard.jse.provider.digest.Digest;
import es.gob.jmulticard.jse.provider.digest.SHA1Digest;
import es.gob.jmulticard.jse.provider.digest.SHA256Digest;
import es.gob.jmulticard.jse.provider.digest.SHA384Digest;
import es.gob.jmulticard.jse.provider.digest.SHA512Digest;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:es/gob/jmulticard/jse/provider/JseCryptoHelper.class */
public final class JseCryptoHelper implements CryptoHelper {
    @Override // es.gob.jmulticard.CryptoHelper
    public byte[] digest(String str, byte[] bArr) {
        if (str == null) {
            throw new IllegalArgumentException("El algoritmo de huella digital no puede ser nulo");
        }
        try {
            Digest a = a(b(str));
            a.update(bArr, 0, bArr.length);
            byte[] bArr2 = new byte[a.getDigestSize()];
            a.doFinal(bArr2, 0);
            return bArr2;
        } catch (Exception e) {
            throw new IOException("Error obteniendo la huella digital de los datos: " + e, e);
        }
    }

    private static Digest a(String str) {
        if ("SHA-1".equals(str)) {
            return new SHA1Digest();
        }
        if ("SHA-256".equals(str)) {
            return new SHA256Digest();
        }
        if ("SHA-384".equals(str)) {
            return new SHA384Digest();
        }
        if ("SHA-512".equals(str)) {
            return new SHA512Digest();
        }
        return null;
    }

    private static String b(String str) {
        if ("SHA".equalsIgnoreCase(str) || "SHA1".equalsIgnoreCase(str) || "SHA-1".equalsIgnoreCase(str)) {
            return "SHA-1";
        }
        if ("SHA256".equalsIgnoreCase(str) || "SHA-256".equalsIgnoreCase(str)) {
            return "SHA-256";
        }
        if ("SHA384".equalsIgnoreCase(str) || "SHA-384".equalsIgnoreCase(str)) {
            return "SHA-384";
        }
        if ("SHA512".equalsIgnoreCase(str) || "SHA-512".equalsIgnoreCase(str)) {
            return "SHA-512";
        }
        return null;
    }

    private static byte[] a(byte[] bArr, byte[] bArr2, int i) {
        byte[] bArr3 = new byte[8];
        for (int i2 = 0; i2 < 8; i2++) {
            bArr3[i2] = 0;
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(a(bArr2), "DESede");
        try {
            Cipher cipher = Cipher.getInstance("DESede/CBC/NoPadding");
            cipher.init(i, secretKeySpec, new IvParameterSpec(bArr3));
            byte[] doFinal = cipher.doFinal(bArr);
            for (int i3 = 0; i3 < bArr.length; i3++) {
                bArr[i3] = 0;
            }
            return doFinal;
        } catch (Exception e) {
            for (int i4 = 0; i4 < bArr.length; i4++) {
                bArr[i4] = 0;
            }
            throw new IOException("Error encriptando datos: " + e, e);
        }
    }

    @Override // es.gob.jmulticard.CryptoHelper
    public byte[] desedeEncrypt(byte[] bArr, byte[] bArr2) {
        return a(bArr, bArr2, 1);
    }

    @Override // es.gob.jmulticard.CryptoHelper
    public byte[] desedeDecrypt(byte[] bArr, byte[] bArr2) {
        return a(bArr, bArr2, 2);
    }

    private static byte[] a(byte[] bArr) {
        if (bArr == null) {
            throw new IllegalArgumentException("La clave 3DES no puede ser nula");
        }
        if (bArr.length == 24) {
            return bArr;
        }
        if (bArr.length != 16) {
            throw new IllegalArgumentException("Longitud de clave invalida, se esperaba 16 o 24, pero se indico " + Integer.toString(bArr.length));
        }
        byte[] bArr2 = new byte[24];
        System.arraycopy(bArr, 0, bArr2, 0, 16);
        System.arraycopy(bArr, 0, bArr2, 16, 8);
        return bArr2;
    }

    private static byte[] b(byte[] bArr, byte[] bArr2, int i) {
        if (bArr2 == null) {
            throw new IllegalArgumentException("La clave DES no puede ser nula");
        }
        if (bArr2.length != 8) {
            throw new IllegalArgumentException("La clave DES debe ser de 8 octetos, pero la proporcionada es de " + bArr2.length);
        }
        try {
            Cipher cipher = Cipher.getInstance("DES/ECB/NoPadding");
            cipher.init(i, new SecretKeySpec(bArr2, "DES"));
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new IOException("Error cifrando los datos con DES: " + e, e);
        }
    }

    @Override // es.gob.jmulticard.CryptoHelper
    public byte[] desEncrypt(byte[] bArr, byte[] bArr2) {
        return b(bArr, bArr2, 1);
    }

    @Override // es.gob.jmulticard.CryptoHelper
    public byte[] desDecrypt(byte[] bArr, byte[] bArr2) {
        return b(bArr, bArr2, 2);
    }

    private static byte[] a(byte[] bArr, Key key, int i) {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/NOPADDING");
            cipher.init(i, key);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new IOException("Error descifrando los datos mediante la clave RSA: " + e, e);
        }
    }

    @Override // es.gob.jmulticard.CryptoHelper
    public byte[] rsaDecrypt(byte[] bArr, Key key) {
        return a(bArr, key, 2);
    }

    @Override // es.gob.jmulticard.CryptoHelper
    public byte[] rsaEncrypt(byte[] bArr, Key key) {
        return a(bArr, key, 1);
    }

    @Override // es.gob.jmulticard.CryptoHelper
    public Certificate generateCertificate(byte[] bArr) {
        return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
    }

    @Override // es.gob.jmulticard.CryptoHelper
    public byte[] generateRandomBytes(int i) {
        try {
            byte[] bArr = new byte[i];
            SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr);
            return bArr;
        } catch (NoSuchAlgorithmException e) {
            throw new IOException("Algoritmo de generacion de aleatorios no valido: " + e, e);
        }
    }
}
