package eu.europa.esig.dss.pki.jaxb.builder;

import eu.europa.esig.dss.enumerations.EncryptionAlgorithm;
import eu.europa.esig.dss.enumerations.SignatureAlgorithm;
import eu.europa.esig.dss.pki.exception.PKIException;
import eu.europa.esig.dss.spi.DSSSecurityProvider;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.util.Objects;
import org.bouncycastle.jce.ECNamedCurveTable;
import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;

/* loaded from: input_file:BOOT-INF/lib/dss-pki-factory-jaxb-6.1.jar:eu/europa/esig/dss/pki/jaxb/builder/KeyPairBuilder.class */
public class KeyPairBuilder {
    private final EncryptionAlgorithm encryptionAlgorithm;
    private final Integer keySize;

    public KeyPairBuilder(EncryptionAlgorithm encryptionAlgorithm, Integer num) {
        Objects.requireNonNull(encryptionAlgorithm, "EncryptionAlgorithm cannot be null!");
        this.encryptionAlgorithm = encryptionAlgorithm;
        this.keySize = num;
    }

    public KeyPair build() {
        try {
            if (EncryptionAlgorithm.ECDSA.isEquivalent(this.encryptionAlgorithm)) {
                ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(getEllipticCurveName());
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(this.encryptionAlgorithm.getName(), DSSSecurityProvider.getSecurityProvider());
                keyPairGenerator.initialize(parameterSpec, new SecureRandom());
                return keyPairGenerator.generateKeyPair();
            }
            if (EncryptionAlgorithm.X25519 == this.encryptionAlgorithm) {
                return KeyPairGenerator.getInstance(SignatureAlgorithm.ED25519.getJCEId(), DSSSecurityProvider.getSecurityProvider()).generateKeyPair();
            }
            if (EncryptionAlgorithm.X448 == this.encryptionAlgorithm) {
                return KeyPairGenerator.getInstance(SignatureAlgorithm.ED448.getJCEId(), DSSSecurityProvider.getSecurityProvider()).generateKeyPair();
            }
            if (EncryptionAlgorithm.EDDSA == this.encryptionAlgorithm) {
                throw new UnsupportedOperationException("Please define one of X25519 or X448 EncryptionAlgorithm explicitly.");
            }
            Objects.requireNonNull(this.keySize, "KeyLength shall be defined!");
            KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance(this.encryptionAlgorithm.getName(), DSSSecurityProvider.getSecurityProvider());
            keyPairGenerator2.initialize(this.keySize.intValue());
            return keyPairGenerator2.generateKeyPair();
        } catch (GeneralSecurityException e) {
            throw new PKIException("Unable to build a key pair.", e);
        }
    }

    private String getEllipticCurveName() {
        return this.keySize != null ? String.format("secp%sr1", this.keySize) : "prime256v1";
    }
}
