package at.asitplus.regkassen.core.modules.signature.rawsignatureprovider;

import at.asitplus.regkassen.common.RKSuite;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import sun.security.pkcs11.SunPKCS11;

/* loaded from: input_file:lib/registrierkassen-core-0.12.jar:at/asitplus/regkassen/core/modules/signature/rawsignatureprovider/PKSC11SystemSignatureModule.class */
public class PKSC11SystemSignatureModule implements SignatureModule {
    public static final String DLL_64 = "ENTER_PATH_TO_P11_LIB_64_HERE";
    public static final String DLL = "ENTER_PATH_TO_P11_LIB_HERE";
    public static final String KEY_ALIAS = "ENTER_KEY_ALIAS_HERE";
    private KeyStore ks;
    protected RKSuite rkSuite;
    protected boolean closedSystemSignatureDevice;
    protected String serialNumberOrKeyId;

    public PKSC11SystemSignatureModule(RKSuite rKSuite, String str) {
        if (rKSuite.getSuiteID().startsWith("AT0")) {
            this.closedSystemSignatureDevice = true;
        } else {
            this.closedSystemSignatureDevice = false;
        }
        this.serialNumberOrKeyId = str;
        initialize();
    }

    private void initialize() {
        String str;
        String property = System.getProperty("sun.arch.data.model");
        if (property.equalsIgnoreCase("64")) {
            str = "name=pkcs11\nlibrary=ENTER_PATH_TO_P11_LIB_64_HERE";
        } else {
            if (!property.equalsIgnoreCase("86")) {
                System.err.println("Error: unknown architecture: " + property);
                return;
            }
            str = "name=pkcs11\nlibrary=ENTER_PATH_TO_P11_LIB_HERE";
        }
        Security.addProvider(new SunPKCS11(new ByteArrayInputStream(str.getBytes())));
        try {
            this.ks = KeyStore.getInstance("PKCS11");
            this.ks.load(null, null);
        } catch (IOException e) {
            e.printStackTrace();
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
        } catch (CertificateException e4) {
            e4.printStackTrace();
        }
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public PrivateKey getSigningKey() {
        try {
            return (PrivateKey) this.ks.getKey(KEY_ALIAS, null);
        } catch (KeyStoreException e) {
            e.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
            return null;
        } catch (UnrecoverableKeyException e3) {
            e3.printStackTrace();
            return null;
        }
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public Certificate getSigningCertificate() {
        try {
            return this.ks.getCertificate(KEY_ALIAS);
        } catch (KeyStoreException e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public List<Certificate> getCertificateChain() {
        try {
            return new ArrayList(Arrays.asList(this.ks.getCertificateChain(KEY_ALIAS)));
        } catch (KeyStoreException e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public PublicKey getSigningPublicKey() {
        try {
            return ((X509Certificate) this.ks.getCertificate(KEY_ALIAS)).getPublicKey();
        } catch (KeyStoreException e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public byte[] signData(byte[] bArr) {
        try {
            Signature signature = Signature.getInstance("SHA256withECDSA");
            signature.initSign(getSigningKey());
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException e) {
            e.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
            return null;
        } catch (SignatureException e3) {
            e3.printStackTrace();
            return null;
        }
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public String getSerialNumberOfKeyID() {
        if (this.closedSystemSignatureDevice) {
            return this.serialNumberOrKeyId;
        }
        try {
            return Long.toHexString(((X509Certificate) this.ks.getCertificate(KEY_ALIAS)).getSerialNumber().longValue());
        } catch (KeyStoreException e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public boolean isClosedSystemSignatureDevice() {
        return this.closedSystemSignatureDevice;
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public RKSuite getRKSuite() {
        return this.rkSuite;
    }
}
