package com.bea.sslplus;

import com.ncipher.nfast.connect.NFConnection;
import com.ncipher.nfast.marshall.M_ByteBlock;
import com.ncipher.nfast.marshall.M_Cmd_Args_Sign;
import com.ncipher.nfast.marshall.M_Cmd_Reply_Sign;
import com.ncipher.nfast.marshall.M_Command;
import com.ncipher.nfast.marshall.M_PlainText;
import com.ncipher.nfast.marshall.M_PlainTextType_Data_Bytes;
import com.ncipher.nfast.marshall.M_Reply;
import com.ncipher.nfast.marshall.M_Status;
import com.ncipher.nfast.marshall.M_Tag;
import com.ncipher.provider.Utils;
import com.ncipher.provider.km.KMKey;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.interfaces.RSAPublicKey;

/* loaded from: input_file:com/bea/sslplus/NCipherAPI.class */
public class NCipherAPI {
    private NCipherAPI() {
    }

    public static byte[] rsaNCipherSignHandshakeMessageHashes(PrivateKey privateKey, byte[] bArr, byte[] bArr2, PublicKey publicKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        int bitLength = (((RSAPublicKey) publicKey).getModulus().bitLength() + 7) / 8;
        if (WeblogicHandler.isDebugEnabled(WeblogicHandler.DEBUG_INFO)) {
            WeblogicHandler.debug(WeblogicHandler.DEBUG_INFO, "Public key modulus size: " + bitLength, (Exception) null);
        }
        try {
            NFConnection connection = Utils.getConnection();
            M_Command m_Command = new M_Command();
            m_Command.tag = new M_Tag(0L);
            m_Command.cmd = 55L;
            m_Command.args = new M_Cmd_Args_Sign(0L, ((KMKey) privateKey).getKeyID(), 2L, new M_PlainText(1L, new M_PlainTextType_Data_Bytes(new M_ByteBlock(bArr3))));
            M_Reply transact = connection.transact(m_Command);
            if (transact != null && transact.reply != null && transact.errorinfo == null && transact.status == 0) {
                M_Cmd_Reply_Sign m_Cmd_Reply_Sign = transact.reply;
                if (m_Cmd_Reply_Sign.sig != null && m_Cmd_Reply_Sign.sig.data != null) {
                    return fixupBigIntegerPadding(m_Cmd_Reply_Sign.sig.data.m.value.toByteArray(), bitLength);
                }
                if (WeblogicHandler.isDebugEnabled(WeblogicHandler.DEBUG_INFO)) {
                    WeblogicHandler.debug(WeblogicHandler.DEBUG_INFO, "No signature data was returned, but no errors seemed to be specified", (Exception) null);
                }
                throw new SignatureException();
            }
            if (WeblogicHandler.isDebugEnabled(WeblogicHandler.DEBUG_INFO)) {
                WeblogicHandler.debug(WeblogicHandler.DEBUG_INFO, "Failure processing Signature using nCipher", (Exception) null);
            }
            if (transact != null) {
                if (WeblogicHandler.isDebugEnabled(WeblogicHandler.DEBUG_INFO)) {
                    WeblogicHandler.debug(WeblogicHandler.DEBUG_INFO, "Reply status from ncipher is: " + M_Status.toString(transact.status), (Exception) null);
                }
                if (transact.errorinfo != null && WeblogicHandler.isDebugEnabled(WeblogicHandler.DEBUG_INFO)) {
                    WeblogicHandler.debug(WeblogicHandler.DEBUG_INFO, "Reply errorinfo from ncipher is: " + transact.errorinfo, (Exception) null);
                }
            }
            throw new SignatureException();
        } catch (Exception e) {
            if (WeblogicHandler.isDebugEnabled(WeblogicHandler.DEBUG_INFO)) {
                WeblogicHandler.debug(WeblogicHandler.DEBUG_INFO, "Exception during direct communication with nCipher: ", e);
            }
            throw new SignatureException();
        }
    }

    private static byte[] fixupBigIntegerPadding(byte[] bArr, int i) {
        if (WeblogicHandler.isDebugEnabled(WeblogicHandler.DEBUG_INFO)) {
            WeblogicHandler.debug(WeblogicHandler.DEBUG_INFO, "modulusSize: " + i + "  value length: " + bArr.length, (Exception) null);
        }
        if (bArr.length == i) {
            if (WeblogicHandler.isDebugEnabled(WeblogicHandler.DEBUG_INFO)) {
                WeblogicHandler.debug(WeblogicHandler.DEBUG_INFO, "No padding adjustment needed", (Exception) null);
            }
            return bArr;
        }
        byte[] bArr2 = new byte[i];
        if (bArr.length > i) {
            if (WeblogicHandler.isDebugEnabled(WeblogicHandler.DEBUG_INFO)) {
                WeblogicHandler.debug(WeblogicHandler.DEBUG_INFO, "Need to trim off " + (bArr.length - i) + " extra bytes", (Exception) null);
            }
            System.arraycopy(bArr, bArr.length - i, bArr2, 0, i);
        } else {
            if (WeblogicHandler.isDebugEnabled(WeblogicHandler.DEBUG_INFO)) {
                WeblogicHandler.debug(WeblogicHandler.DEBUG_INFO, "Need to add " + (i - bArr.length) + " padding bytes", (Exception) null);
            }
            System.arraycopy(bArr, 0, bArr2, i - bArr.length, bArr.length);
        }
        return bArr2;
    }
}
