package es.gob.jmulticard;

import es.gob.jmulticard.apdu.connection.ApduConnection;
import es.gob.jmulticard.apdu.connection.ApduConnectionException;
import es.gob.jmulticard.asn1.Tlv;
import es.gob.jmulticard.asn1.TlvException;
import es.gob.jmulticard.card.icao.IcaoException;
import es.gob.jmulticard.card.icao.WirelessInitializer;
import es.gob.jmulticard.de.tsenger.androsmex.iso7816.SecureMessaging;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAKey;
import java.security.spec.AlgorithmParameterSpec;
import java.util.logging.Logger;

/* loaded from: input_file:es/gob/jmulticard/CryptoHelper.class */
public abstract class CryptoHelper {
    private static final byte PKCS1_BLOCK_TYPE = 1;
    private static final byte PKCS1_FILL = -1;
    private static final byte PKCS1_DELIMIT = 0;

    /* loaded from: input_file:es/gob/jmulticard/CryptoHelper$BlockMode.class */
    public enum BlockMode {
        CBC,
        ECB
    }

    /* loaded from: input_file:es/gob/jmulticard/CryptoHelper$DigestAlgorithm.class */
    public enum DigestAlgorithm {
        SHA1("SHA1", 20),
        SHA256("SHA-256", 32),
        SHA384("SHA-384", 48),
        SHA512("SHA-512", 64);

        private final String name;
        private final int length;

        DigestAlgorithm(String str, int i) {
            this.name = str;
            this.length = i;
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.name;
        }

        public int getDigestLength() {
            return this.length;
        }

        public static DigestAlgorithm getDigestAlgorithm(String str) {
            if ("SHA1".equals(str) || "SHA-1".equals(str)) {
                return SHA1;
            }
            if ("SHA256".equals(str) || "SHA-256".equals(str)) {
                return SHA256;
            }
            if ("SHA384".equals(str) || "SHA-384".equals(str)) {
                return SHA384;
            }
            if ("SHA512".equals(str) || "SHA-512".equals(str)) {
                return SHA512;
            }
            throw new IllegalArgumentException("Algoritmo de huella no soportado: " + str);
        }
    }

    /* loaded from: input_file:es/gob/jmulticard/CryptoHelper$EcCurve.class */
    public enum EcCurve {
        BRAINPOOL_P256_R1("brainpoolp256r1");

        private final String name;

        EcCurve(String str) {
            this.name = str;
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.name;
        }
    }

    /* loaded from: input_file:es/gob/jmulticard/CryptoHelper$PaceChannelHelper.class */
    public static abstract class PaceChannelHelper {
        protected static final Logger LOGGER = Logger.getLogger("es.gob.jmulticard");
        protected static final byte[] CAN_MRZ_PADDING = {0, 0, 0, 3};
        protected static final byte[] KENC_PADDING = {0, 0, 0, CryptoHelper.PKCS1_BLOCK_TYPE};
        protected static final byte[] KMAC_PADDING = {0, 0, 0, 2};
        protected static final byte[] MAC_PADDING = {Byte.MAX_VALUE, 73, 79, 6};
        protected static final byte[] MAC2_PADDING = {-122, 65, 4};
        protected static final byte TAG_DYNAMIC_AUTHENTICATION_DATA = 124;
        protected static final byte TAG_GEN_AUTH_2 = -127;
        protected static final byte TAG_GEN_AUTH_3 = -125;
        protected static final byte TAG_GEN_AUTH_4 = -123;
        protected final transient CryptoHelper cryptoHelper;

        public PaceChannelHelper(CryptoHelper cryptoHelper) {
            this.cryptoHelper = cryptoHelper;
        }

        public abstract SecureMessaging openPaceChannel(byte b, WirelessInitializer wirelessInitializer, ApduConnection apduConnection) throws ApduConnectionException, IcaoException;

        protected static byte[] bigIntToByteArray(BigInteger bigInteger) {
            byte[] byteArray = bigInteger.toByteArray();
            if (byteArray[0] != 0) {
                return byteArray;
            }
            byte[] bArr = new byte[byteArray.length - CryptoHelper.PKCS1_BLOCK_TYPE];
            System.arraycopy(byteArray, CryptoHelper.PKCS1_BLOCK_TYPE, bArr, 0, bArr.length);
            return bArr;
        }

        protected static byte[] unwrapEcKey(byte[] bArr) throws TlvException {
            return new Tlv(new Tlv(bArr).getValue()).getValue();
        }
    }

    /* loaded from: input_file:es/gob/jmulticard/CryptoHelper$Padding.class */
    public enum Padding {
        NOPADDING("NOPADDING"),
        ISO7816_4PADDING("ISO7816-4Padding");

        private final String algName;

        Padding(String str) {
            this.algName = str;
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.algName;
        }
    }

    public static final byte[] addPkcs1PaddingForPrivateKeyOperation(byte[] bArr, int i) throws IOException {
        if (bArr == null) {
            throw new IllegalArgumentException("Los datos de entrada no pueden ser nulos");
        }
        int i2 = i / 8;
        if (bArr.length > i2 - 3) {
            throw new IllegalArgumentException("Los datos son demasiado grandes para el valor de clave indicado: " + bArr.length + " > " + i2 + "-3");
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(i2);
        byteArrayOutputStream.write(0);
        byteArrayOutputStream.write(PKCS1_BLOCK_TYPE);
        while (byteArrayOutputStream.size() < i2 - (PKCS1_BLOCK_TYPE + bArr.length)) {
            byteArrayOutputStream.write(PKCS1_FILL);
        }
        byteArrayOutputStream.write(0);
        byteArrayOutputStream.write(bArr);
        return byteArrayOutputStream.toByteArray();
    }

    public abstract byte[] digest(DigestAlgorithm digestAlgorithm, byte[] bArr) throws IOException;

    public abstract byte[] desedeEncrypt(byte[] bArr, byte[] bArr2) throws IOException;

    public abstract byte[] desedeDecrypt(byte[] bArr, byte[] bArr2) throws IOException;

    public abstract byte[] desEncrypt(byte[] bArr, byte[] bArr2) throws IOException;

    public abstract byte[] desDecrypt(byte[] bArr, byte[] bArr2) throws IOException;

    public abstract byte[] aesDecrypt(byte[] bArr, byte[] bArr2, byte[] bArr3, BlockMode blockMode, Padding padding) throws IOException;

    public abstract byte[] aesEncrypt(byte[] bArr, byte[] bArr2, byte[] bArr3, BlockMode blockMode, Padding padding) throws IOException;

    public abstract byte[] rsaDecrypt(byte[] bArr, RSAKey rSAKey) throws IOException;

    public abstract byte[] rsaEncrypt(byte[] bArr, RSAKey rSAKey) throws IOException;

    public abstract byte[] generateRandomBytes(int i) throws IOException;

    public abstract KeyPair generateEcKeyPair(EcCurve ecCurve) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException;

    public abstract byte[] doAesCmac(byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException, InvalidKeyException;

    public abstract AlgorithmParameterSpec getEcPoint(byte[] bArr, byte[] bArr2, EcCurve ecCurve);

    public abstract byte[] getCmsSignatureSignedContent(byte[] bArr) throws IOException;

    public abstract X509Certificate[] validateCmsSignature(byte[] bArr) throws SignatureException, IOException, CertificateException;

    public abstract X509Certificate generateCertificate(byte[] bArr) throws CertificateException;

    public abstract X509Certificate generateCertificate(InputStream inputStream) throws CertificateException;

    public abstract PaceChannelHelper getPaceChannelHelper();
}
