package at.gv.egiz.bku.slcommands.impl.xsect;

import iaik.asn1.structures.AlgorithmID;
import iaik.cms.SecurityProvider;
import iaik.pki.pathvalidation.H;
import iaik.pki.pathvalidation.I;
import iaik.xml.crypto.XmldsigMore;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/bkucommon-1.4.1.jar:at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.class */
public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory {
    protected String signatureAlgorithmURI;
    protected AlgorithmID signatureAlgorithmID;
    protected String digestAlgorithmURI = "http://www.w3.org/2000/09/xmldsig#sha1";
    protected AlgorithmID digestAlgorithmID = AlgorithmID.sha1;
    protected SignatureMethodParameterSpec signatureMethodParameterSpec;

    public AlgorithmMethodFactoryImpl(X509Certificate x509Certificate, boolean z) throws NoSuchAlgorithmException {
        setAlgorithmURIs(x509Certificate, z);
    }

    protected void setAlgorithmURIs(X509Certificate x509Certificate, boolean z) throws NoSuchAlgorithmException {
        PublicKey publicKey = x509Certificate.getPublicKey();
        String algorithm = publicKey.getAlgorithm();
        if (H.E.equals(algorithm)) {
            this.signatureAlgorithmURI = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
            this.signatureAlgorithmID = AlgorithmID.dsaWithSHA1;
            return;
        }
        if (SecurityProvider.IMPLEMENTATION_NAME_RSA.equals(algorithm)) {
            int i = 0;
            if (publicKey instanceof RSAPublicKey) {
                i = ((RSAPublicKey) publicKey).getModulus().bitLength();
            }
            if (!z || i < 2048) {
                this.signatureAlgorithmURI = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
                this.signatureAlgorithmID = AlgorithmID.sha1WithRSAEncryption;
                return;
            } else {
                this.signatureAlgorithmURI = XmldsigMore.SIGNATURE_RSA_SHA256;
                this.signatureAlgorithmID = AlgorithmID.sha256WithRSAEncryption;
                this.digestAlgorithmURI = "http://www.w3.org/2001/04/xmlenc#sha256";
                this.digestAlgorithmID = AlgorithmID.sha256;
                return;
            }
        }
        if (!I.C.equals(algorithm) && !"ECDSA".equals(algorithm)) {
            throw new NoSuchAlgorithmException("Public key algorithm '" + algorithm + "' not supported.");
        }
        if (!(publicKey instanceof ECPublicKey)) {
            throw new NoSuchAlgorithmException("Public key type not supported.");
        }
        int fieldSize = ((ECPublicKey) publicKey).getParams().getCurve().getField().getFieldSize();
        if (z && fieldSize >= 512) {
            this.signatureAlgorithmURI = XmldsigMore.SIGNATURE_ECDSA_SHA512;
            this.signatureAlgorithmID = AlgorithmID.ecdsa_With_SHA512;
            this.digestAlgorithmURI = "http://www.w3.org/2001/04/xmlenc#sha512";
            this.digestAlgorithmID = AlgorithmID.sha512;
            return;
        }
        if (z && fieldSize >= 256) {
            this.signatureAlgorithmURI = XmldsigMore.SIGNATURE_ECDSA_SHA256;
            this.signatureAlgorithmID = AlgorithmID.ecdsa_With_SHA256;
            this.digestAlgorithmURI = "http://www.w3.org/2001/04/xmlenc#sha256";
            this.digestAlgorithmID = AlgorithmID.sha256;
            return;
        }
        if (!z) {
            this.signatureAlgorithmURI = XmldsigMore.SIGNATURE_ECDSA_SHA1;
            this.signatureAlgorithmID = AlgorithmID.ecdsa_With_SHA1;
        } else {
            this.signatureAlgorithmURI = XmldsigMore.SIGNATURE_ECDSA_RIPEMD160;
            this.signatureAlgorithmID = AlgorithmID.ecdsa_plain_With_RIPEMD160;
            this.digestAlgorithmURI = "http://www.w3.org/2001/04/xmlenc#ripemd160";
            this.digestAlgorithmID = AlgorithmID.ripeMd160;
        }
    }

    @Override // at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory
    public CanonicalizationMethod createCanonicalizationMethod(SignatureContext signatureContext) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        return signatureContext.getSignatureFactory().newCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#", (C14NMethodParameterSpec) null);
    }

    @Override // at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory
    public DigestMethod createDigestMethod(SignatureContext signatureContext) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        return signatureContext.getSignatureFactory().newDigestMethod(this.digestAlgorithmURI, (DigestMethodParameterSpec) null);
    }

    @Override // at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory
    public SignatureMethod createSignatureMethod(SignatureContext signatureContext) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        return new STALSignatureMethod(this.signatureAlgorithmURI, this.signatureMethodParameterSpec);
    }

    @Override // at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory
    public String getSignatureAlgorithmURI() {
        return this.signatureAlgorithmURI;
    }

    @Override // at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory
    public String getDigestAlgorithmURI() {
        return this.digestAlgorithmURI;
    }

    @Override // at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory
    public AlgorithmID getSignatureAlgorithmID() {
        return this.signatureAlgorithmID;
    }

    @Override // at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory
    public AlgorithmID getDigestAlgorithmID() {
        return this.digestAlgorithmID;
    }
}
