package com.unbound.client;

import com.dyadicsec.cryptoki.Native;
import com.unbound.client.kmip.KMIPClient;
import com.unbound.client.pkcs11.PKCS11Client;
import com.unbound.common.Config;
import com.unbound.common.Converter;
import com.unbound.common.crypto.EC;
import com.unbound.common.crypto.RSA;
import com.unbound.common.crypto.SHA256;
import java.math.BigInteger;
import java.security.KeyStore;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;

/* loaded from: input_file:com/unbound/client/Client.class */
public abstract class Client {
    private static Client instance = null;
    private static int pkcs11Mode = -1;

    public static Client getInstance() {
        if (instance == null) {
            instance = isNative() ? PKCS11Client.getInstance() : KMIPClient.getInstance();
        }
        return instance;
    }

    public static boolean isNative() {
        if (pkcs11Mode == -1) {
            if (Config.getEnvBool("UKC_NO_NATIVE")) {
                pkcs11Mode = 0;
            } else {
                pkcs11Mode = Native.loaded ? 1 : 0;
            }
        }
        return pkcs11Mode > 0;
    }

    public abstract void initProviders(String[] strArr, KeyStore keyStore);

    public abstract Partition getPartition(String str);

    public abstract Partition initProvider(String str);

    public abstract Partition initProvider(KeyStore keyStore, String str);

    public abstract X509Certificate selfSign(PrivateKeyObject privateKeyObject, String str, String str2, BigInteger bigInteger, int i) throws CertificateException;

    public abstract CipherOper newCipherOperation();

    public abstract MacOper newMacOperation();

    public abstract SignatureOper newSignatureOperation();

    public abstract DeriveOper newDeriveOperation();

    static PublicKey getRsaPublicKey(RSAPrivateKeyObject rSAPrivateKeyObject) {
        return RSA.newPublicKey(rSAPrivateKeyObject.getModulus(), rSAPrivateKeyObject.getPublicExponent());
    }

    public static long getRsaUid(RSAPublicKey rSAPublicKey) {
        return getRsaUid(rSAPublicKey.getModulus());
    }

    public static long getRsaUid(BigInteger bigInteger) {
        return Converter.getBE8(SHA256.hash(bigInteger.toByteArray()), 0);
    }

    static PublicKey getRsaPublicKey(RSAPublicKeyObject rSAPublicKeyObject) {
        return RSA.newPublicKey(rSAPublicKeyObject.getModulus(), rSAPublicKeyObject.getPublicExponent());
    }

    public static long getEcUid(ECPublicKey eCPublicKey) {
        return Converter.getBE8(SHA256.hash(EC.getCurve(eCPublicKey).toDer(eCPublicKey.getW())), 0);
    }

    public static long getEcUid(ECPrivateKey eCPrivateKey) {
        return getEcUid(EC.getPublicKey(eCPrivateKey));
    }

    static PublicKey getEcPublicKey(ECPrivateKeyObject eCPrivateKeyObject) {
        return eCPrivateKeyObject.getCurve().getPublicKey(eCPrivateKeyObject.getPoint());
    }

    static PublicKey getEcPublicKey(ECPrivateKey eCPrivateKey) {
        return EC.getPublicKey(eCPrivateKey);
    }

    public static PublicKey getPublicKey(PrivateKeyObject privateKeyObject) {
        if (privateKeyObject.getType() == ObjectType.RSAPrv) {
            return getRsaPublicKey((RSAPrivateKeyObject) privateKeyObject);
        }
        if (privateKeyObject.getType() == ObjectType.ECPrv) {
            return getEcPublicKey((ECPrivateKeyObject) privateKeyObject);
        }
        throw new ProviderException("Unsupported key type");
    }

    public static long getCertKeyUid(X509Certificate x509Certificate) {
        PublicKey publicKey = x509Certificate.getPublicKey();
        if (publicKey instanceof RSAPublicKey) {
            return getRsaUid((RSAPublicKey) publicKey);
        }
        if (publicKey instanceof ECPublicKey) {
            return getEcUid((ECPublicKey) publicKey);
        }
        throw new ProviderException("Unsupported certificate type");
    }

    static PublicKey getPublicKey(PublicKeyObject publicKeyObject) {
        if (publicKeyObject.getType() == ObjectType.RSAPub) {
            return getRsaPublicKey((RSAPublicKeyObject) publicKeyObject);
        }
        throw new ProviderException("Unsupported key type");
    }
}
