package org.xipki.security.pkcs11.proxy;

import java.security.PublicKey;
import java.security.cert.X509Certificate;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.DEROctetString;
import org.xipki.security.pkcs11.P11Identity;
import org.xipki.security.pkcs11.P11IdentityId;
import org.xipki.security.pkcs11.P11Params;
import org.xipki.security.pkcs11.P11TokenException;
import org.xipki.security.pkcs11.proxy.ProxyMessage;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/security-5.3.5.jar:org/xipki/security/pkcs11/proxy/ProxyP11Identity.class */
public class ProxyP11Identity extends P11Identity {
    private final ProxyMessage.ObjectIdentifier asn1KeyId;

    /* JADX INFO: Access modifiers changed from: package-private */
    public ProxyP11Identity(ProxyP11Slot proxyP11Slot, P11IdentityId p11IdentityId) {
        super(proxyP11Slot, p11IdentityId, 0);
        this.asn1KeyId = new ProxyMessage.ObjectIdentifier(p11IdentityId.getKeyId());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ProxyP11Identity(ProxyP11Slot proxyP11Slot, P11IdentityId p11IdentityId, PublicKey publicKey, X509Certificate[] x509CertificateArr) {
        super(proxyP11Slot, p11IdentityId, publicKey, x509CertificateArr);
        this.asn1KeyId = new ProxyMessage.ObjectIdentifier(p11IdentityId.getKeyId());
    }

    @Override // org.xipki.security.pkcs11.P11Identity
    protected byte[] sign0(long j, P11Params p11Params, byte[] bArr) throws P11TokenException {
        ProxyMessage.P11Params p11Params2 = null;
        if (p11Params != null) {
            if (p11Params instanceof P11Params.P11RSAPkcsPssParams) {
                p11Params2 = new ProxyMessage.P11Params(0, new ProxyMessage.RSAPkcsPssParams((P11Params.P11RSAPkcsPssParams) p11Params));
            } else if (p11Params instanceof P11Params.P11ByteArrayParams) {
                p11Params2 = new ProxyMessage.P11Params(1, new DEROctetString(((P11Params.P11ByteArrayParams) p11Params).getBytes()));
            } else {
                if (!(p11Params instanceof P11Params.P11IVParams)) {
                    throw new IllegalArgumentException("unkown parameter 'parameters'");
                }
                p11Params2 = new ProxyMessage.P11Params(2, new DEROctetString(((P11Params.P11IVParams) p11Params).getIV()));
            }
        }
        try {
            ASN1OctetString dEROctetString = DEROctetString.getInstance(((ProxyP11Slot) this.slot).getModule().send((short) 288, new ProxyMessage.SignTemplate(((ProxyP11Slot) this.slot).getAsn1SlotId(), this.asn1KeyId, j, p11Params2, bArr)));
            if (dEROctetString == null) {
                return null;
            }
            return dEROctetString.getOctets();
        } catch (IllegalArgumentException e) {
            throw new P11TokenException("the returned result is not OCTET STRING");
        }
    }

    @Override // org.xipki.security.pkcs11.P11Identity
    protected byte[] digestSecretKey0(long j) throws P11TokenException {
        try {
            ASN1OctetString dEROctetString = DEROctetString.getInstance(((ProxyP11Slot) this.slot).getModule().send((short) 308, new ProxyMessage.DigestSecretKeyTemplate(((ProxyP11Slot) this.slot).getAsn1SlotId(), this.asn1KeyId, j)));
            if (dEROctetString == null) {
                return null;
            }
            return dEROctetString.getOctets();
        } catch (IllegalArgumentException e) {
            throw new P11TokenException("the returned result is not OCTET STRING");
        }
    }
}
