package at.asitplus.regkassen.core.modules.signature.rawsignatureprovider;

import at.asitplus.regkassen.common.RKSuite;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.X509Extension;
import org.bouncycastle.cert.CertIOException;
import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: input_file:lib/registrierkassen-core-0.12.jar:at/asitplus/regkassen/core/modules/signature/rawsignatureprovider/NEVER_USE_IN_A_REAL_SYSTEM_SoftwareCertificateOpenSystemSignatureModule.class */
public class NEVER_USE_IN_A_REAL_SYSTEM_SoftwareCertificateOpenSystemSignatureModule implements SignatureModule {
    protected PrivateKey signingKey;
    protected Certificate signingCertificate;
    protected List<Certificate> certificateChain;
    protected RKSuite rkSuite;
    protected String serialNumberOrKeyId;
    protected boolean closedSystemSignatureDevice;

    public NEVER_USE_IN_A_REAL_SYSTEM_SoftwareCertificateOpenSystemSignatureModule(RKSuite rKSuite, String str) {
        this.rkSuite = rKSuite;
        if (rKSuite.getZdaID().startsWith("AT0")) {
            this.closedSystemSignatureDevice = true;
        } else {
            this.closedSystemSignatureDevice = false;
        }
        this.serialNumberOrKeyId = str;
        intialise();
    }

    public void intialise() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
            keyPairGenerator.initialize(256);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            KeyPair generateKeyPair2 = keyPairGenerator.generateKeyPair();
            PrivateKey privateKey = generateKeyPair.getPrivate();
            this.signingKey = generateKeyPair2.getPrivate();
            X509v3CertificateBuilder x509v3CertificateBuilder = new X509v3CertificateBuilder(new X500Name("CN=RegKassa ZDA"), BigInteger.valueOf(new SecureRandom().nextLong()), new Date(System.currentTimeMillis() - 10000), new Date(System.currentTimeMillis() + 86400000), new X500Name("CN=RegKassa CA"), SubjectPublicKeyInfo.getInstance(generateKeyPair.getPublic().getEncoded()));
            x509v3CertificateBuilder.addExtension(X509Extension.basicConstraints, true, (ASN1Encodable) new BasicConstraints(false));
            x509v3CertificateBuilder.addExtension(X509Extension.keyUsage, true, (ASN1Encodable) new KeyUsage(128));
            X509Certificate certificate = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(x509v3CertificateBuilder.build(new JcaContentSignerBuilder("SHA256withECDSA").setProvider(BouncyCastleProvider.PROVIDER_NAME).build(privateKey)));
            this.certificateChain = new ArrayList();
            this.certificateChain.add(certificate);
            long nextLong = new SecureRandom().nextLong();
            if (!this.closedSystemSignatureDevice) {
                this.serialNumberOrKeyId = Long.toHexString(nextLong);
            }
            X509v3CertificateBuilder x509v3CertificateBuilder2 = new X509v3CertificateBuilder(new X500Name("CN=RegKassa CA"), BigInteger.valueOf(Math.abs(nextLong)), new Date(System.currentTimeMillis() - 10000), new Date(System.currentTimeMillis() + 86400000), new X500Name("CN=Signing certificate"), SubjectPublicKeyInfo.getInstance(generateKeyPair2.getPublic().getEncoded()));
            x509v3CertificateBuilder2.addExtension(X509Extension.basicConstraints, true, (ASN1Encodable) new BasicConstraints(false));
            x509v3CertificateBuilder2.addExtension(X509Extension.keyUsage, true, (ASN1Encodable) new KeyUsage(128));
            this.signingCertificate = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(x509v3CertificateBuilder2.build(new JcaContentSignerBuilder("SHA256withECDSA").setProvider(BouncyCastleProvider.PROVIDER_NAME).build(privateKey)));
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (CertificateException e2) {
            e2.printStackTrace();
        } catch (CertIOException e3) {
            e3.printStackTrace();
        } catch (OperatorCreationException e4) {
            e4.printStackTrace();
        }
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public PrivateKey getSigningKey() {
        return this.signingKey;
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public Certificate getSigningCertificate() {
        return this.signingCertificate;
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public PublicKey getSigningPublicKey() {
        return this.signingCertificate.getPublicKey();
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public byte[] signData(byte[] bArr) {
        try {
            Signature signature = Signature.getInstance("SHA256withECDSA");
            signature.initSign(getSigningKey());
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException e) {
            e.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
            return null;
        } catch (SignatureException e3) {
            e3.printStackTrace();
            return null;
        }
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public String getSerialNumberOfKeyID() {
        return this.serialNumberOrKeyId;
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public boolean isClosedSystemSignatureDevice() {
        return this.closedSystemSignatureDevice;
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public List<Certificate> getCertificateChain() {
        return this.certificateChain;
    }

    @Override // at.asitplus.regkassen.core.modules.signature.rawsignatureprovider.SignatureModule
    public RKSuite getRKSuite() {
        return this.rkSuite;
    }
}
