package by.avest.crypto.pkcs11.provider;

import by.avest.crypto.provider.Pkcs11TokenInfo;
import iaik.pkcs.pkcs11.wrapper.CK_SESSION_INFO;
import iaik.pkcs.pkcs11.wrapper.CK_TOKEN_INFO;
import iaik.pkcs.pkcs11.wrapper.PKCS11;
import iaik.pkcs.pkcs11.wrapper.PKCS11Constants;
import iaik.pkcs.pkcs11.wrapper.PKCS11Exception;
import java.security.ProviderException;
import java.text.MessageFormat;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;

/* loaded from: input_file:by/avest/crypto/pkcs11/provider/Pkcs11VirtualToken.class */
public class Pkcs11VirtualToken implements PKCS11Constants {
    static final int DEFAULT_MAX_RW_SESSIONS_COUNT = 10000;
    static final int maxOperationSessionCount = Integer.getInteger("by.avest.crypto.provider.p11smgr.operation", 0).intValue();
    static final int maxObjectSessionCount = Integer.getInteger("by.avest.crypto.provider.p11smgr.object", 0).intValue();
    private final PKCS11 pkcs11;
    private final long slotId;
    private final String libraryPath;
    private final long virtualSlotId;
    private boolean isLoggedIn;
    private PublicKeyFactory publicKeyFactory;
    private boolean cachingEnabled;
    private CK_TOKEN_INFO cachedInfo;
    private String defaultPassword = "password";
    private final Pkcs11SessionPool sessionPool = new Pkcs11SessionPool(this);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:by/avest/crypto/pkcs11/provider/Pkcs11VirtualToken$Pkcs11SessionPool.class */
    public class Pkcs11SessionPool {
        private final Pkcs11VirtualToken virtualToken;
        private final Map<Long, Pkcs11Session> operationSessionsPool = new HashMap();
        private final Map<Long, Pkcs11Session> objectSessionsPool = new HashMap();
        private final int maxObjectSessions;
        private final int maxOperationSessions;

        public Pkcs11SessionPool(Pkcs11VirtualToken pkcs11VirtualToken) throws PKCS11Exception {
            this.virtualToken = pkcs11VirtualToken;
            long maxRwSessionCount = pkcs11VirtualToken.getInfo().getMaxRwSessionCount();
            if (Util.isDebug()) {
                Util.log("Pkcs11SessionPool(), token.ulMaxRwSessionCount: " + Pkcs11VirtualToken.this.getTokenInfo().ulMaxRwSessionCount + ", determined maxRwSessionCount: " + maxRwSessionCount);
            }
            if (Pkcs11VirtualToken.maxObjectSessionCount <= 0 && Pkcs11VirtualToken.maxOperationSessionCount <= 0) {
                this.maxObjectSessions = (int) (maxRwSessionCount / 2);
                this.maxOperationSessions = (int) (maxRwSessionCount - this.maxObjectSessions);
            } else if (Pkcs11VirtualToken.maxObjectSessionCount <= 0) {
                this.maxOperationSessions = Pkcs11VirtualToken.maxOperationSessionCount;
                this.maxObjectSessions = (int) (maxRwSessionCount - this.maxOperationSessions);
            } else if (Pkcs11VirtualToken.maxOperationSessionCount <= 0) {
                this.maxObjectSessions = Pkcs11VirtualToken.maxObjectSessionCount;
                this.maxOperationSessions = (int) (maxRwSessionCount - this.maxObjectSessions);
            } else {
                this.maxObjectSessions = Pkcs11VirtualToken.maxObjectSessionCount;
                this.maxOperationSessions = Pkcs11VirtualToken.maxOperationSessionCount;
            }
            if (Util.isDebug()) {
                Util.log("Pkcs11SessionPool(), maxObjectSessions: " + this.maxObjectSessions + ", maxOperationSessions: " + this.maxOperationSessions);
            }
            if (this.maxObjectSessions <= 0 || this.maxOperationSessions <= 0 || this.maxObjectSessions > maxRwSessionCount || this.maxOperationSessions > maxRwSessionCount || this.maxObjectSessions + this.maxOperationSessions > maxRwSessionCount) {
                throw new ProviderException("Invalid PKCS#11 object or operation session boundaries configuration");
            }
        }

        public void checkSessions() {
            synchronized (this.operationSessionsPool) {
                Iterator<Pkcs11Session> it = this.operationSessionsPool.values().iterator();
                while (it.hasNext()) {
                    Pkcs11Session next = it.next();
                    try {
                        this.virtualToken.checkSession(next.getSessionId());
                    } catch (PKCS11Exception e) {
                        if (isSessionStale(e)) {
                            if (Util.isDebug()) {
                                Util.log("operation session is stale, removing, id: " + next.getSessionId());
                            }
                            it.remove();
                        } else if (e.getErrorCode() == 6) {
                            if (Util.isDebug()) {
                                Util.log("operation session check failed, retrying, id: " + next.getSessionId());
                            }
                            try {
                                this.virtualToken.checkSession(next.getSessionId());
                            } catch (PKCS11Exception e2) {
                                if (isSessionStale(e2)) {
                                    if (Util.isDebug()) {
                                        Util.log("operation session is stale, removing, id: " + next.getSessionId());
                                    }
                                    it.remove();
                                } else if (Util.isDebug()) {
                                    Util.log("operation session check failed, ignoring, id: " + next.getSessionId());
                                    e2.printStackTrace();
                                }
                            }
                        } else if (Util.isDebug()) {
                            Util.log("operation session check failed, ignoring, id: " + next.getSessionId());
                            e.printStackTrace();
                        }
                    }
                }
            }
            synchronized (this.objectSessionsPool) {
                Iterator<Pkcs11Session> it2 = this.objectSessionsPool.values().iterator();
                while (it2.hasNext()) {
                    Pkcs11Session next2 = it2.next();
                    try {
                        this.virtualToken.checkSession(next2.getSessionId());
                    } catch (PKCS11Exception e3) {
                        if (isSessionStale(e3)) {
                            if (Util.isDebug()) {
                                Util.log("object session is stale, removing, id: " + next2.getSessionId());
                            }
                            it2.remove();
                        } else if (e3.getErrorCode() == 6) {
                            if (Util.isDebug()) {
                                Util.log("object session check failed, retrying, id: " + next2.getSessionId());
                            }
                            try {
                                this.virtualToken.checkSession(next2.getSessionId());
                            } catch (PKCS11Exception e4) {
                                if (isSessionStale(e4)) {
                                    if (Util.isDebug()) {
                                        Util.log("object session is stale, removing, id: " + next2.getSessionId());
                                    }
                                    it2.remove();
                                } else if (Util.isDebug()) {
                                    Util.log("object session check failed, ignoring, id: " + next2.getSessionId());
                                    e4.printStackTrace();
                                }
                            }
                        } else if (Util.isDebug()) {
                            Util.log("object session check failed, ignoring, id: " + next2.getSessionId());
                            e3.printStackTrace();
                        }
                    }
                }
            }
        }

        private boolean isSessionStale(PKCS11Exception pKCS11Exception) {
            return pKCS11Exception.getErrorCode() == 179 || pKCS11Exception.getErrorCode() == 176;
        }

        public void closeAllSessions() {
            synchronized (this.operationSessionsPool) {
                Iterator<Pkcs11Session> it = this.operationSessionsPool.values().iterator();
                while (it.hasNext()) {
                    closeSession(it.next());
                }
                this.operationSessionsPool.clear();
            }
            synchronized (this.objectSessionsPool) {
                Iterator<Pkcs11Session> it2 = this.objectSessionsPool.values().iterator();
                while (it2.hasNext()) {
                    closeSession(it2.next());
                }
                this.objectSessionsPool.clear();
            }
        }

        private void closeSession(Pkcs11Session pkcs11Session) {
            if (Util.isDebug()) {
                Util.log("Pkcs11SessionPool.closeSession(), session id: " + pkcs11Session.getSessionId());
            }
            try {
                pkcs11Session.close(Pkcs11VirtualToken.this);
            } catch (PKCS11Exception e) {
                if (Util.isDebug()) {
                    Util.log("Pkcs11SessionPool.closeSession(), error:");
                    e.printStackTrace();
                }
            }
        }

        public Pkcs11Session findLockedSession(long j) {
            Pkcs11Session lock;
            if (Util.isDebug()) {
                Util.log("Pkcs11SessionPool.findLockedSession(), looking for locked operation session, id: " + j + ", pool size: " + this.operationSessionsPool.size());
            }
            synchronized (this.operationSessionsPool) {
                Pkcs11Session pkcs11Session = this.operationSessionsPool.get(Long.valueOf(j));
                if (pkcs11Session == null) {
                    throw new ProviderException(MessageFormat.format(ProviderExcptMessages.PVT_FAILED_TO_FIND_LOCKED_SESSION, Long.valueOf(j)));
                }
                if (Util.isDebug()) {
                    Util.log("Pkcs11SessionPool.findLockedSession(), locked session found, session id: " + pkcs11Session.getSessionId());
                }
                lock = pkcs11Session.lock();
            }
            return lock;
        }

        public int getSessionCount() {
            int size;
            synchronized (this.operationSessionsPool) {
                size = this.operationSessionsPool.size();
            }
            return size;
        }

        public synchronized Pkcs11Session getOperationSession() throws PKCS11Exception {
            Pkcs11Session lock;
            synchronized (this.operationSessionsPool) {
                Pkcs11Session findFreeSession = findFreeSession(false);
                if (findFreeSession == null) {
                    if (this.operationSessionsPool.size() >= this.maxOperationSessions) {
                        throw new ProviderException(MessageFormat.format(ProviderExcptMessages.PVT_SESSION_COUNT_EXCEEDS, Integer.valueOf(this.maxOperationSessions)));
                    }
                    if (Util.isDebug()) {
                        Util.log("Pkcs11SessionPool.getOperationSession(), creating new session, virtual slot id: " + this.virtualToken.virtualSlotId);
                    }
                    findFreeSession = new Pkcs11Session(this.virtualToken);
                    this.operationSessionsPool.put(Long.valueOf(findFreeSession.getSessionId()), findFreeSession);
                    if (Util.isDebug()) {
                        Util.log("Pkcs11SessionPool.getOperationSession(), new session pooled, virtual slot id: " + this.virtualToken.virtualSlotId + ", session id: " + findFreeSession.getSessionId());
                    }
                }
                lock = findFreeSession.lock();
            }
            return lock;
        }

        public synchronized Pkcs11Session getObjectSession() throws PKCS11Exception {
            Pkcs11Session lock;
            synchronized (this.objectSessionsPool) {
                Pkcs11Session findFreeSession = findFreeSession(true);
                if (findFreeSession == null) {
                    if (this.objectSessionsPool.size() >= this.maxObjectSessions) {
                        throw new ProviderException(MessageFormat.format(ProviderExcptMessages.PVT_SESSION_COUNT_EXCEEDS, Integer.valueOf(this.maxObjectSessions)));
                    }
                    if (Util.isDebug()) {
                        Util.log("Pkcs11SessionPool.getObjectSession(), creating new session, virtual slot id: " + this.virtualToken.virtualSlotId);
                    }
                    findFreeSession = new Pkcs11Session(this.virtualToken);
                    this.objectSessionsPool.put(Long.valueOf(findFreeSession.getSessionId()), findFreeSession);
                    if (Util.isDebug()) {
                        Util.log("Pkcs11SessionPool.getObjectSession(), new session pooled, virtual slot id: " + this.virtualToken.virtualSlotId + ", session id: " + findFreeSession.getSessionId());
                    }
                }
                lock = findFreeSession.lock();
            }
            return lock;
        }

        public synchronized void releaseSession(Pkcs11Session pkcs11Session) {
            if (pkcs11Session == null) {
                return;
            }
            pkcs11Session.release();
        }

        private Pkcs11Session findFreeSession(boolean z) throws PKCS11Exception {
            Collection<Pkcs11Session> values = (z ? this.objectSessionsPool : this.operationSessionsPool).values();
            if (Util.isDebug()) {
                Util.log("Pkcs11SessionPool.findFreeSession(), looking for free " + (z ? "object" : "operation") + " session , pool size: " + values.size());
            }
            for (Pkcs11Session pkcs11Session : values) {
                if (!pkcs11Session.isLocked()) {
                    if (Util.isDebug()) {
                        Util.log("Pkcs11SessionPool.findFreeSession(), free session found, session id: " + pkcs11Session.getSessionId());
                    }
                    return pkcs11Session;
                }
            }
            if (!Util.isDebug()) {
                return null;
            }
            Util.log("Pkcs11SessionPool.findFreeSession(), could not find free session");
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Pkcs11VirtualToken(PKCS11 pkcs11, String str, long j, long j2) throws PKCS11Exception {
        this.pkcs11 = pkcs11;
        this.libraryPath = str;
        this.slotId = j;
        this.virtualSlotId = j2;
    }

    public final PKCS11 getPkcs11() {
        return this.pkcs11;
    }

    public String getLibraryPath() {
        return this.libraryPath;
    }

    public final long getSlotId() {
        return this.slotId;
    }

    public final long getVirtualSlotId() {
        return this.virtualSlotId;
    }

    public int getSessionCount() {
        return this.sessionPool.getSessionCount();
    }

    public void setPublicKeyFactory(PublicKeyFactory publicKeyFactory) {
        this.publicKeyFactory = publicKeyFactory;
    }

    public PublicKeyFactory getPublicKeyFactory() {
        return this.publicKeyFactory;
    }

    public final Pkcs11Session getOperationSession() throws PKCS11Exception {
        return this.sessionPool.getOperationSession();
    }

    public final Pkcs11Session getObjectSession() throws PKCS11Exception {
        return this.sessionPool.getObjectSession();
    }

    public final boolean isCachingEnabled() {
        return this.cachingEnabled;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void setCachingEnabled(boolean z) {
        this.cachingEnabled = z;
    }

    public Pkcs11Session findLockedSession(long j) {
        return this.sessionPool.findLockedSession(j);
    }

    public final void releaseSession(Pkcs11Session pkcs11Session) {
        this.sessionPool.releaseSession(pkcs11Session);
    }

    public final void checkSessions() {
        this.sessionPool.checkSessions();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void checkSession(long j) throws PKCS11Exception {
        this.pkcs11.C_GetSessionInfo(j);
    }

    public String toString() {
        try {
            return getTokenInfo().toString();
        } catch (PKCS11Exception e) {
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public CK_TOKEN_INFO getTokenInfo() throws PKCS11Exception {
        if (!this.cachingEnabled || this.cachedInfo == null) {
            this.cachedInfo = this.pkcs11.C_GetTokenInfo(this.slotId);
        }
        return this.cachedInfo;
    }

    public Pkcs11TokenInfo getInfo() throws PKCS11Exception {
        return new PKCS11TokenInfoImpl(this.libraryPath, this.slotId, getTokenInfo());
    }

    public synchronized void initToken(long j, String str, char[] cArr) throws PKCS11Exception {
        this.pkcs11.C_InitToken(j, cArr, iaik.pkcs.pkcs11.Util.toPaddedCharArray(str, 32, ' '));
    }

    public synchronized void initPin(char[] cArr) throws PKCS11Exception {
        Pkcs11Session objectSession = getObjectSession();
        try {
            this.pkcs11.C_InitPIN(objectSession.getSessionId(), cArr);
            releaseSession(objectSession);
        } catch (Throwable th) {
            releaseSession(objectSession);
            throw th;
        }
    }

    public void login(char[] cArr) throws PKCS11Exception {
        loginAs(cArr, 1L);
    }

    public synchronized void loginAs(char[] cArr, long j) throws PKCS11Exception {
        if (Util.isDebug()) {
            Util.log("loginAs: " + j);
        }
        Pkcs11Session objectSession = getObjectSession();
        try {
            if (!checkSessionLoginState(this.pkcs11.C_GetSessionInfo(objectSession.getSessionId()), j)) {
                if (Util.isDebug()) {
                    Util.log("user is not logged in, do login");
                }
                this.pkcs11.C_Login(objectSession.getSessionId(), j, getPassword(cArr));
            } else if (Util.isDebug()) {
                Util.log("user is logged in");
            }
            this.isLoggedIn = true;
            releaseSession(objectSession);
        } catch (Throwable th) {
            releaseSession(objectSession);
            throw th;
        }
    }

    private boolean checkSessionLoginState(CK_SESSION_INFO ck_session_info, long j) {
        return j == 1 ? ck_session_info.state == 1 || ck_session_info.state == 3 : ck_session_info.state == 4;
    }

    private boolean checkSessionLoginState(CK_SESSION_INFO ck_session_info) {
        return ck_session_info.state == 1 || ck_session_info.state == 3 || ck_session_info.state == 4;
    }

    public synchronized void setPassword(char[] cArr, char[] cArr2) throws PKCS11Exception {
        Pkcs11Session objectSession = getObjectSession();
        try {
            if (checkSessionLoginState(this.pkcs11.C_GetSessionInfo(objectSession.getSessionId()))) {
                this.pkcs11.C_SetPIN(objectSession.getSessionId(), getPassword(cArr), cArr2);
            } else {
                this.pkcs11.C_Login(objectSession.getSessionId(), 1L, getPassword(cArr));
                this.pkcs11.C_SetPIN(objectSession.getSessionId(), getPassword(cArr), cArr2);
            }
        } finally {
            releaseSession(objectSession);
        }
    }

    public synchronized void logout() throws PKCS11Exception {
        if (Util.isDebug()) {
            Util.log("logout");
        }
        Pkcs11Session objectSession = getObjectSession();
        try {
            long sessionId = objectSession.getSessionId();
            if (checkSessionLoginState(this.pkcs11.C_GetSessionInfo(sessionId))) {
                if (Util.isDebug()) {
                    Util.log("user is logged in, do logout");
                }
                this.pkcs11.C_Logout(sessionId);
            } else if (Util.isDebug()) {
                Util.log("user was not logged in");
            }
            this.isLoggedIn = false;
            releaseSession(objectSession);
        } catch (Throwable th) {
            releaseSession(objectSession);
            throw th;
        }
    }

    public synchronized void ensureLoggedIn(char[] cArr) throws PKCS11Exception {
        if (this.isLoggedIn) {
            return;
        }
        login(cArr);
    }

    public String getSerialNumber() throws PKCS11Exception {
        return new String(getTokenInfo().serialNumber);
    }

    private char[] getPassword(char[] cArr) throws PKCS11Exception {
        return cArr != null ? cArr : this.defaultPassword.toCharArray();
    }

    public final String getDefaultPassword() {
        return this.defaultPassword;
    }

    public final void setDefaultPassword(String str) {
        this.defaultPassword = str;
    }

    public final void closeAllSessions() throws PKCS11Exception {
        this.pkcs11.C_CloseAllSessions(this.slotId);
    }

    public final void closePoolSessions() throws PKCS11Exception {
        this.sessionPool.closeAllSessions();
    }

    public final void closeSession(long j) throws PKCS11Exception {
        this.sessionPool.findLockedSession(j).close(this);
    }

    public boolean reInitialize() throws PKCS11Exception {
        closePoolSessions();
        if (Util.isDebug()) {
            Util.log("reconnecting");
        }
        for (long j : this.pkcs11.C_GetSlotList(true)) {
            if (j == this.slotId) {
                return true;
            }
        }
        return false;
    }
}
