package at.asitplus.utils;

import at.asitplus.common.exception.internal.CryptoException;
import at.asitplus.utils.KeyStoreService;
import at.asitplus.utils.biometrics.BiometricCompatCallback;
import java.io.IOException;
import java.security.KeyPair;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.ECPublicKey;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.pkcs.CertificationRequest;
import org.bouncycastle.asn1.pkcs.CertificationRequestInfo;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes4.dex */
class CsrFingerprintCallback implements BiometricCompatCallback {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) CsrFingerprintCallback.class);
    private final String algorithm;
    private final KeyStoreService.GenerateCsrCallback callback;
    private final KeyStoreService.CallbackError error;
    private final KeyPair keyPair;
    private final String subjectStr;

    /* JADX INFO: Access modifiers changed from: package-private */
    public CsrFingerprintCallback(String str, KeyPair keyPair, String str2, KeyStoreService.GenerateCsrCallback generateCsrCallback, KeyStoreService.CallbackError callbackError) {
        this.subjectStr = str;
        this.keyPair = keyPair;
        this.algorithm = str2;
        this.callback = generateCsrCallback;
        this.error = callbackError;
    }

    private ContentSigner getContentSigner(KeyPair keyPair) throws OperatorCreationException {
        return keyPair.getPublic() instanceof ECPublicKey ? new JcaContentSignerBuilder("SHA256withECDSA").build(keyPair.getPrivate()) : new JcaContentSignerBuilder("SHA256withRSA").build(keyPair.getPrivate());
    }

    private byte[] sign(Signature signature, CertificationRequestInfo certificationRequestInfo) throws IOException, SignatureException {
        signature.update(certificationRequestInfo.getEncoded("DER"));
        return signature.sign();
    }

    @Override // at.asitplus.utils.biometrics.BiometricCompatCallback
    public void onAuthenticated(Signature signature) {
        try {
            log.debug("onAuthenticated: " + signature);
            X500Name x500Name = new X500Name(this.subjectStr);
            if (signature != null) {
                CertificationRequestInfo certificationRequestInfo = new CertificationRequestInfo(x500Name, SubjectPublicKeyInfo.getInstance(this.keyPair.getPublic().getEncoded()), new DERSet());
                this.callback.success(new PKCS10CertificationRequest(new CertificationRequest(certificationRequestInfo, new DefaultSignatureAlgorithmIdentifierFinder().find(this.algorithm), new DERBitString(sign(signature, certificationRequestInfo)))));
            } else {
                this.callback.success(new JcaPKCS10CertificationRequestBuilder(x500Name, this.keyPair.getPublic()).build(getContentSigner(this.keyPair)));
            }
        } catch (Throwable th) {
            log.error("onAuthenticated: error", th);
            this.error.error(new CryptoException(th));
        }
    }

    @Override // at.asitplus.utils.biometrics.BiometricCompatCallback
    public void onError(Throwable th) {
        this.error.error(th);
    }
}
