package com.amazonaws.encryptionsdk.internal;

import com.amazonaws.encryptionsdk.CryptoAlgorithm;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.Provider;
import java.security.PublicKey;
import java.security.spec.AlgorithmParameterSpec;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.jce.ECNamedCurveTable;
import org.bouncycastle.jce.interfaces.ECPublicKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;

/* loaded from: input_file:com/amazonaws/encryptionsdk/internal/TrailingSignatureAlgorithm.class */
public abstract class TrailingSignatureAlgorithm {
    private static final ECDSASignatureAlgorithm SHA256_ECDSA_P256 = new ECDSASignatureAlgorithm(ECNamedCurveTable.getParameterSpec("secp256r1"), "SHA256", null);
    private static final ECDSASignatureAlgorithm SHA384_ECDSA_P384 = new ECDSASignatureAlgorithm(ECNamedCurveTable.getParameterSpec("secp384r1"), "SHA384", null);

    /* renamed from: com.amazonaws.encryptionsdk.internal.TrailingSignatureAlgorithm$1, reason: invalid class name */
    /* loaded from: input_file:com/amazonaws/encryptionsdk/internal/TrailingSignatureAlgorithm$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$amazonaws$encryptionsdk$CryptoAlgorithm = new int[CryptoAlgorithm.values().length];

        static {
            try {
                $SwitchMap$com$amazonaws$encryptionsdk$CryptoAlgorithm[CryptoAlgorithm.ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256_ECDSA_P256.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$amazonaws$encryptionsdk$CryptoAlgorithm[CryptoAlgorithm.ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$amazonaws$encryptionsdk$CryptoAlgorithm[CryptoAlgorithm.ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    /* loaded from: input_file:com/amazonaws/encryptionsdk/internal/TrailingSignatureAlgorithm$ECDSASignatureAlgorithm.class */
    private static final class ECDSASignatureAlgorithm extends TrailingSignatureAlgorithm {
        private final ECNamedCurveParameterSpec ecSpec;
        private final String messageDigestAlgorithm;
        private final String hashAndSignAlgorithm;

        private ECDSASignatureAlgorithm(ECNamedCurveParameterSpec eCNamedCurveParameterSpec, String str) {
            super(null);
            this.ecSpec = eCNamedCurveParameterSpec;
            this.messageDigestAlgorithm = str;
            this.hashAndSignAlgorithm = str + "withECDSA";
        }

        public String toString() {
            return "ECDSASignatureAlgorithm(curve=" + this.ecSpec.getName() + ")";
        }

        @Override // com.amazonaws.encryptionsdk.internal.TrailingSignatureAlgorithm
        public String getMessageDigestAlgorithm() {
            return this.messageDigestAlgorithm;
        }

        @Override // com.amazonaws.encryptionsdk.internal.TrailingSignatureAlgorithm
        public String getRawSignatureAlgorithm() {
            return "NONEwithECDSA";
        }

        @Override // com.amazonaws.encryptionsdk.internal.TrailingSignatureAlgorithm
        public String getHashAndSignAlgorithm() {
            return this.hashAndSignAlgorithm;
        }

        @Override // com.amazonaws.encryptionsdk.internal.TrailingSignatureAlgorithm
        public PublicKey deserializePublicKey(String str) {
            return new BCECPublicKey("EC", new ECPublicKeyParameters(this.ecSpec.getCurve().decodePoint(Utils.decodeBase64String(str)), new ECDomainParameters(this.ecSpec.getCurve(), this.ecSpec.getG(), this.ecSpec.getN(), this.ecSpec.getH())), this.ecSpec, BouncyCastleProvider.CONFIGURATION);
        }

        @Override // com.amazonaws.encryptionsdk.internal.TrailingSignatureAlgorithm
        public String serializePublicKey(PublicKey publicKey) {
            return Utils.encodeBase64String(((ECPublicKey) publicKey).getQ().getEncoded(true));
        }

        @Override // com.amazonaws.encryptionsdk.internal.TrailingSignatureAlgorithm
        public KeyPair generateKey() throws GeneralSecurityException {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", (Provider) BouncyCastleConfiguration.INTERNAL_BOUNCY_CASTLE_PROVIDER);
            keyPairGenerator.initialize((AlgorithmParameterSpec) this.ecSpec, Utils.getSecureRandom());
            return keyPairGenerator.generateKeyPair();
        }

        /* synthetic */ ECDSASignatureAlgorithm(ECNamedCurveParameterSpec eCNamedCurveParameterSpec, String str, AnonymousClass1 anonymousClass1) {
            this(eCNamedCurveParameterSpec, str);
        }
    }

    private TrailingSignatureAlgorithm() {
    }

    public abstract String getMessageDigestAlgorithm();

    public abstract String getRawSignatureAlgorithm();

    public abstract String getHashAndSignAlgorithm();

    public abstract PublicKey deserializePublicKey(String str);

    public abstract String serializePublicKey(PublicKey publicKey);

    public abstract KeyPair generateKey() throws GeneralSecurityException;

    public static TrailingSignatureAlgorithm forCryptoAlgorithm(CryptoAlgorithm cryptoAlgorithm) {
        switch (AnonymousClass1.$SwitchMap$com$amazonaws$encryptionsdk$CryptoAlgorithm[cryptoAlgorithm.ordinal()]) {
            case VersionInfo.CURRENT_CIPHERTEXT_VERSION /* 1 */:
                return SHA256_ECDSA_P256;
            case 2:
            case 3:
                return SHA384_ECDSA_P384;
            default:
                throw new IllegalStateException("Algorithm does not support trailing signature");
        }
    }

    /* synthetic */ TrailingSignatureAlgorithm(AnonymousClass1 anonymousClass1) {
        this();
    }
}
