package com.diehl.metering.izar.com.lib.security;

import com.diehl.metering.izar.com.lib.security.xades.XadesManagerSantuario;
import com.diehl.metering.izar.module.tertiary.api.v1r0.bean.callback.IDeviceKeyFinder;
import com.diehl.metering.izar.module.tertiary.api.v1r0.bean.security.EnumKeyType;
import com.diehl.metering.izar.module.tertiary.api.v1r0.bean.security.EnumKeyUsage;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyPair;
import java.security.Provider;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import javax.xml.bind.DatatypeConverter;
import thirdparty.izar.slf4j.Logger;
import thirdparty.izar.slf4j.LoggerFactory;
import thirdparty.org.apache.commons.lang3.StringUtils;
import thirdparty.org.apache.commons.lang3.tuple.Pair;

/* compiled from: XadesManager.java */
/* loaded from: classes3.dex */
public final class g implements b {

    /* renamed from: b, reason: collision with root package name */
    private final b f334b;

    /* renamed from: a, reason: collision with root package name */
    private static final Logger f333a = LoggerFactory.getLogger((Class<?>) g.class);
    public static final g INSTANCE = new g();

    private g() {
        try {
            f333a.info("Apache santuario found {}", Class.forName("thirdparty.org.apache.xml.security.Init"));
            this.f334b = XadesManagerSantuario.INSTANCE;
        } catch (ClassNotFoundException unused) {
            f333a.info("Apache santuario not found !");
            this.f334b = com.diehl.metering.izar.com.lib.security.xades.b.INSTANCE;
        }
    }

    public static e a(Pair<String, PublicKey> pair, IDeviceKeyFinder iDeviceKeyFinder, String str, PublicKey publicKey, a aVar) {
        boolean z = false;
        String str2 = str.matches("[A-Z0-9]*#[A-Z0-9_]*#[A-Z0-9_]*") ? StringUtils.split(str, '#')[0] : str;
        EnumKeyType enumKeyType = null;
        if (publicKey != null) {
            if (publicKey instanceof RSAPublicKey) {
                int bitLength = ((RSAPublicKey) publicKey).getModulus().bitLength();
                if (bitLength == 2048) {
                    enumKeyType = EnumKeyType.RSA_2048;
                } else if (bitLength != 4096) {
                    f333a.debug("Unknown RSA Key Type.");
                } else {
                    enumKeyType = EnumKeyType.RSA_4096;
                }
            } else if (publicKey instanceof ECPublicKey) {
                int bitLength2 = ((ECPublicKey) publicKey).getParams().getOrder().bitLength();
                if (bitLength2 == 256) {
                    enumKeyType = EnumKeyType.ECDSA_256;
                } else if (bitLength2 == 384) {
                    enumKeyType = EnumKeyType.ECDSA_384;
                } else if (bitLength2 != 512) {
                    f333a.debug("Unknown EC Key Type.");
                } else {
                    enumKeyType = EnumKeyType.ECDSA_512;
                }
            } else {
                f333a.debug("Unsupported key type.");
            }
        }
        if (enumKeyType == null) {
            return e.f329a;
        }
        Logger logger = f333a;
        logger.debug("searching for remote device id {}, key {}", str2, publicKey);
        if (pair != null && pair.getLeft() != null && pair.getRight() != null) {
            logger.debug("awaiting id {}, key {}", pair.getLeft(), pair.getRight());
            return (pair.getLeft().equals(str2) && Arrays.equals(pair.getRight().getEncoded(), publicKey.getEncoded())) ? new e(aVar, enumKeyType, pair, Pair.of(str, publicKey)) : e.f329a;
        }
        if (iDeviceKeyFinder == null) {
            logger.warn("there was no keyfinder in the context, can not validate signature");
            return e.f329a;
        }
        logger.debug("checking remote key against all keys of {}", str2);
        if (enumKeyType == EnumKeyType.RSA_2048) {
            PublicKey pukKeyOfDevice = iDeviceKeyFinder.getPukKeyOfDevice(EnumKeyType.RSA_2048, EnumKeyUsage.SIGN, str2);
            PublicKey pukKeyOfDevice2 = iDeviceKeyFinder.getPukKeyOfDevice(EnumKeyType.RSA_2048, EnumKeyUsage.CIPHER_SIGN, str2);
            if (pukKeyOfDevice == null) {
                if (pukKeyOfDevice2 != null) {
                    z = Arrays.equals(publicKey.getEncoded(), pukKeyOfDevice2.getEncoded());
                }
            } else if (Arrays.equals(publicKey.getEncoded(), pukKeyOfDevice.getEncoded())) {
                z = true;
            } else if (pukKeyOfDevice2 != null) {
                z = Arrays.equals(publicKey.getEncoded(), pukKeyOfDevice2.getEncoded());
            }
        } else {
            PublicKey pukKeyOfDevice3 = iDeviceKeyFinder.getPukKeyOfDevice(enumKeyType, EnumKeyUsage.SIGN, str2);
            if (pukKeyOfDevice3 == null) {
                logger.debug("device does not have the {} key for SIGN", enumKeyType);
            } else {
                z = Arrays.equals(publicKey.getEncoded(), pukKeyOfDevice3.getEncoded());
                logger.debug("device has the {} key for SIGN, matches {}", enumKeyType, Boolean.valueOf(z));
                if (!z) {
                    logger.debug("signature was generated with {}, key on file was {}", DatatypeConverter.printHexBinary(publicKey.getEncoded()), DatatypeConverter.printHexBinary(pukKeyOfDevice3.getEncoded()));
                }
            }
        }
        return z ? new e(aVar, enumKeyType, pair, Pair.of(str, publicKey)) : e.f329a;
    }

    private static EnumKeyType a(PublicKey publicKey) {
        if (publicKey == null) {
            return null;
        }
        if (publicKey instanceof RSAPublicKey) {
            int bitLength = ((RSAPublicKey) publicKey).getModulus().bitLength();
            if (bitLength == 2048) {
                return EnumKeyType.RSA_2048;
            }
            if (bitLength == 4096) {
                return EnumKeyType.RSA_4096;
            }
            f333a.debug("Unknown RSA Key Type.");
            return null;
        }
        if (!(publicKey instanceof ECPublicKey)) {
            f333a.debug("Unsupported key type.");
            return null;
        }
        int bitLength2 = ((ECPublicKey) publicKey).getParams().getOrder().bitLength();
        if (bitLength2 == 256) {
            return EnumKeyType.ECDSA_256;
        }
        if (bitLength2 == 384) {
            return EnumKeyType.ECDSA_384;
        }
        if (bitLength2 == 512) {
            return EnumKeyType.ECDSA_512;
        }
        f333a.debug("Unknown EC Key Type.");
        return null;
    }

    private static String a(String str) {
        return str.matches("[A-Z0-9]*#[A-Z0-9_]*#[A-Z0-9_]*") ? StringUtils.split(str, '#')[0] : str;
    }

    private static boolean a(IDeviceKeyFinder iDeviceKeyFinder, EnumKeyType enumKeyType, String str, PublicKey publicKey) {
        if (enumKeyType != EnumKeyType.RSA_2048) {
            PublicKey pukKeyOfDevice = iDeviceKeyFinder.getPukKeyOfDevice(enumKeyType, EnumKeyUsage.SIGN, str);
            if (pukKeyOfDevice == null) {
                f333a.debug("device does not have the {} key for SIGN", enumKeyType);
                return false;
            }
            boolean equals = Arrays.equals(publicKey.getEncoded(), pukKeyOfDevice.getEncoded());
            Logger logger = f333a;
            logger.debug("device has the {} key for SIGN, matches {}", enumKeyType, Boolean.valueOf(equals));
            if (!equals) {
                logger.debug("signature was generated with {}, key on file was {}", DatatypeConverter.printHexBinary(publicKey.getEncoded()), DatatypeConverter.printHexBinary(pukKeyOfDevice.getEncoded()));
            }
            return equals;
        }
        PublicKey pukKeyOfDevice2 = iDeviceKeyFinder.getPukKeyOfDevice(EnumKeyType.RSA_2048, EnumKeyUsage.SIGN, str);
        PublicKey pukKeyOfDevice3 = iDeviceKeyFinder.getPukKeyOfDevice(EnumKeyType.RSA_2048, EnumKeyUsage.CIPHER_SIGN, str);
        if (pukKeyOfDevice2 == null) {
            if (pukKeyOfDevice3 == null) {
                return false;
            }
            return Arrays.equals(publicKey.getEncoded(), pukKeyOfDevice3.getEncoded());
        }
        if (Arrays.equals(publicKey.getEncoded(), pukKeyOfDevice2.getEncoded())) {
            return true;
        }
        if (pukKeyOfDevice3 == null) {
            return false;
        }
        return Arrays.equals(publicKey.getEncoded(), pukKeyOfDevice3.getEncoded());
    }

    private static boolean a(IDeviceKeyFinder iDeviceKeyFinder, String str, PublicKey publicKey) {
        PublicKey pukKeyOfDevice = iDeviceKeyFinder.getPukKeyOfDevice(EnumKeyType.RSA_2048, EnumKeyUsage.SIGN, str);
        PublicKey pukKeyOfDevice2 = iDeviceKeyFinder.getPukKeyOfDevice(EnumKeyType.RSA_2048, EnumKeyUsage.CIPHER_SIGN, str);
        if (pukKeyOfDevice == null) {
            if (pukKeyOfDevice2 == null) {
                return false;
            }
            return Arrays.equals(publicKey.getEncoded(), pukKeyOfDevice2.getEncoded());
        }
        if (Arrays.equals(publicKey.getEncoded(), pukKeyOfDevice.getEncoded())) {
            return true;
        }
        if (pukKeyOfDevice2 == null) {
            return false;
        }
        return Arrays.equals(publicKey.getEncoded(), pukKeyOfDevice2.getEncoded());
    }

    @Override // com.diehl.metering.izar.com.lib.security.b
    public final String a(String str, String str2, KeyPair keyPair, String str3, String str4, Provider provider) throws IOException {
        return this.f334b.a(str, str2, keyPair, str3, str4, provider);
    }

    @Override // com.diehl.metering.izar.com.lib.security.b
    public final Pair<String, PublicKey> a(Pair<String, PublicKey> pair, InputStream inputStream, IDeviceKeyFinder iDeviceKeyFinder) {
        return this.f334b.a(pair, inputStream, iDeviceKeyFinder);
    }

    @Override // com.diehl.metering.izar.com.lib.security.b
    public final e b(Pair<String, PublicKey> pair, InputStream inputStream, IDeviceKeyFinder iDeviceKeyFinder) {
        return this.f334b.b(pair, inputStream, iDeviceKeyFinder);
    }
}
