package by.avest.crypto.pkcs11.provider.bign;

import by.avest.crypto.AvestExtensions;
import by.avest.crypto.pkcs11.provider.ByteArrayUtil;
import by.avest.crypto.pkcs11.provider.KeyParamsListBdh;
import by.avest.crypto.pkcs11.provider.KeyParamsListBds;
import by.avest.crypto.pkcs11.provider.Pkcs11Session;
import by.avest.crypto.pkcs11.provider.Pkcs11Tool;
import by.avest.crypto.pkcs11.provider.Pkcs11VirtualToken;
import by.avest.crypto.pkcs11.provider.ProviderExcptMessages;
import by.avest.crypto.pkcs11.provider.TemplateBuilder;
import iaik.pkcs.pkcs11.TokenException;
import iaik.pkcs.pkcs11.wrapper.PKCS11;
import iaik.pkcs.pkcs11.wrapper.PKCS11Constants;
import iaik.pkcs.pkcs11.wrapper.PKCS11Exception;
import java.io.IOException;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import sun.security.util.DerInputStream;
import sun.security.util.DerValue;

/* loaded from: input_file:by/avest/crypto/pkcs11/provider/bign/Pkcs11KeyStore.class */
public class Pkcs11KeyStore implements PKCS11Constants, AvestExtensions {
    private DomainParamsAccess domainParamsEngine;
    private Pkcs11VirtualToken token;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:by/avest/crypto/pkcs11/provider/bign/Pkcs11KeyStore$DomainParamsAccess.class */
    public class DomainParamsAccess implements BignExtensions {
        private Pkcs11VirtualToken token;

        DomainParamsAccess(Pkcs11VirtualToken pkcs11VirtualToken) throws PKCS11Exception {
            this.token = pkcs11VirtualToken;
        }

        public Object clone() throws CloneNotSupportedException {
            throw new CloneNotSupportedException();
        }

        public Map<Integer, Object> getParameter(long j, byte[] bArr) throws TokenException, IOException {
            PKCS11 pkcs11 = this.token.getPkcs11();
            Pkcs11Session objectSession = this.token.getObjectSession();
            try {
                long domainParamHandle = getDomainParamHandle(pkcs11, objectSession, j, bArr);
                Map<Integer, Object> loadParameters = loadParameters(pkcs11, objectSession, domainParamHandle, getParamsKeyType(pkcs11, objectSession, domainParamHandle), bArr);
                this.token.releaseSession(objectSession);
                return loadParameters;
            } catch (Throwable th) {
                this.token.releaseSession(objectSession);
                throw th;
            }
        }

        public byte[] getParameterEncoded(long j, byte[] bArr) throws TokenException, IOException {
            PKCS11 pkcs11 = this.token.getPkcs11();
            Pkcs11Session objectSession = this.token.getObjectSession();
            try {
                byte[] attributeValueBLOB = Pkcs11Tool.getAttributeValueBLOB(pkcs11, objectSession, getDomainParamHandle(pkcs11, objectSession, j, bArr), 17L);
                this.token.releaseSession(objectSession);
                return attributeValueBLOB;
            } catch (Throwable th) {
                this.token.releaseSession(objectSession);
                throw th;
            }
        }

        private long getDomainParamHandle(PKCS11 pkcs11, Pkcs11Session pkcs11Session, long j, byte[] bArr) throws TokenException {
            long[] findDomainParameters = findDomainParameters(pkcs11, pkcs11Session, j, bArr);
            if (findDomainParameters == null || findDomainParameters.length == 0) {
                throw new TokenException(MessageFormat.format(ProviderExcptMessages.PKS_NO_PARAMSET_FOUND, ByteArrayUtil.toHexString(bArr)));
            }
            if (findDomainParameters.length > 1) {
                throw new TokenException(MessageFormat.format(ProviderExcptMessages.PKS_TOOMANY_PARAMSET_FOUND, Integer.valueOf(findDomainParameters.length), ByteArrayUtil.toHexString(bArr)));
            }
            return findDomainParameters[0];
        }

        public long[] findDomainParameters(PKCS11 pkcs11, Pkcs11Session pkcs11Session, long j, byte[] bArr) throws PKCS11Exception {
            TemplateBuilder templateBuilder = new TemplateBuilder();
            templateBuilder.append(0L, 6L);
            templateBuilder.append(18L, bArr);
            templateBuilder.append(256L, j);
            return Pkcs11Tool.findObjects(pkcs11, pkcs11Session, templateBuilder.toCkAttributeArray());
        }

        private int getParamsKeyType(PKCS11 pkcs11, Pkcs11Session pkcs11Session, long j) throws PKCS11Exception {
            return new Long(Pkcs11Tool.getAttributeValueLong(pkcs11, pkcs11Session, j, 256L)).intValue();
        }

        private Map<Integer, Object> loadParameters(PKCS11 pkcs11, Pkcs11Session pkcs11Session, long j, int i, byte[] bArr) throws PKCS11Exception, IOException {
            HashMap hashMap = new HashMap();
            switch (i) {
                case -1911554044:
                case -1911554043:
                    getBdsParameters(pkcs11, pkcs11Session, j, hashMap, bArr);
                    break;
                case -1911554042:
                    getBdhParameters(pkcs11, pkcs11Session, j, hashMap, bArr);
                    break;
            }
            return hashMap;
        }

        private void getBdsParameters(PKCS11 pkcs11, Pkcs11Session pkcs11Session, long j, Map<Integer, Object> map, byte[] bArr) throws PKCS11Exception, IOException {
            byte[] attributeValueBLOB = Pkcs11Tool.getAttributeValueBLOB(pkcs11, pkcs11Session, j, 17L);
            if (BignUtils.isBelOidParams(bArr)) {
                KeyParamsListBds.decodeParams(new DerValue(attributeValueBLOB).toDerInputStream(), map);
            } else {
                KeyParamsListBds.decodeDomainParams(new DerInputStream(attributeValueBLOB), map);
            }
        }

        private void getBdhParameters(PKCS11 pkcs11, Pkcs11Session pkcs11Session, long j, Map<Integer, Object> map, byte[] bArr) throws PKCS11Exception, IOException {
            byte[] attributeValueBLOB = Pkcs11Tool.getAttributeValueBLOB(pkcs11, pkcs11Session, j, 17L);
            if (BignUtils.isBelOidParams(bArr)) {
                KeyParamsListBdh.decodeParams(new DerValue(attributeValueBLOB).toDerInputStream(), map);
            } else {
                KeyParamsListBdh.decodeDomainParams(new DerInputStream(attributeValueBLOB), map);
            }
        }
    }

    public Pkcs11KeyStore(Pkcs11VirtualToken pkcs11VirtualToken) throws PKCS11Exception {
        this.token = pkcs11VirtualToken;
        this.domainParamsEngine = new DomainParamsAccess(pkcs11VirtualToken);
    }

    public Object clone() throws CloneNotSupportedException {
        throw new CloneNotSupportedException();
    }

    public Map<Integer, Object> getParamSet(long j, byte[] bArr) throws IOException, TokenException {
        if (bArr == null) {
            throw new NullPointerException("Parameters set OID is null.");
        }
        return this.domainParamsEngine.getParameter(j, bArr);
    }

    public byte[] getParamSetEncoded(long j, byte[] bArr) throws IOException, TokenException {
        if (bArr == null) {
            throw new NullPointerException("Parameters set OID is null.");
        }
        return this.domainParamsEngine.getParameterEncoded(j, bArr);
    }

    public List<String> getParamSetOidList() throws PKCS11Exception, IOException {
        PKCS11 pkcs11 = this.token.getPkcs11();
        Pkcs11Session objectSession = this.token.getObjectSession();
        try {
            ArrayList arrayList = new ArrayList();
            TemplateBuilder templateBuilder = new TemplateBuilder();
            templateBuilder.append(0L, 6L);
            for (long j : Pkcs11Tool.findObjects(pkcs11, objectSession, templateBuilder.toCkAttributeArray())) {
                arrayList.add(Long.toHexString(Pkcs11Tool.getAttributeValueLong(pkcs11, objectSession, j, 256L)) + " " + Pkcs11Tool.getAttributeValueString(pkcs11, objectSession, j, 3L));
            }
            return arrayList;
        } finally {
            this.token.releaseSession(objectSession);
        }
    }
}
