package by.avest.crypto.pkcs11.provider.bign;

import by.avest.crypto.pkcs11.provider.ByteArrayUtil;
import by.avest.crypto.pkcs11.provider.LoginController;
import by.avest.crypto.pkcs11.provider.MacAbstr;
import by.avest.crypto.pkcs11.provider.Pkcs11SessionObject;
import by.avest.crypto.pkcs11.provider.Pkcs11Tool;
import by.avest.crypto.pkcs11.provider.ProviderExcptMessages;
import by.avest.crypto.pkcs11.provider.SecretKeyAbstr;
import by.avest.crypto.pkcs11.provider.Util;
import by.avest.crypto.provider.SharedSessionParameterSpec;
import iaik.pkcs.pkcs11.parameters.Parameters;
import iaik.pkcs.pkcs11.wrapper.CK_MECHANISM;
import iaik.pkcs.pkcs11.wrapper.PKCS11;
import iaik.pkcs.pkcs11.wrapper.PKCS11Exception;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.ProviderException;
import java.security.spec.AlgorithmParameterSpec;
import sun.security.util.Debug;

/* loaded from: input_file:by/avest/crypto/pkcs11/provider/bign/MacBelT.class */
public class MacBelT extends MacAbstr implements BignExtensions {
    private static final Debug dataDebug = Debug.getInstance("avp11data");
    private static final int MAC_LENGTH = 8;
    private Parameters parameter;
    private SecretKeyBelT secretKey;
    private boolean finalized = false;

    @Override // javax.crypto.MacSpi
    protected byte[] engineDoFinal() {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineFinal()");
        }
        try {
            try {
                byte[] doFinal = doFinal();
                release();
                this.sharedSessionId = 0L;
                if (Util.isDebug()) {
                    Util.log(getClass().getName() + ".engineFinal() end");
                }
                return doFinal;
            } catch (PKCS11Exception e) {
                release();
                ProviderException providerException = new ProviderException(e.getMessage());
                providerException.initCause(e);
                throw providerException;
            }
        } catch (Throwable th) {
            this.sharedSessionId = 0L;
            throw th;
        }
    }

    private byte[] doFinal() throws PKCS11Exception {
        byte[] bArr = null;
        if (!this.finalized) {
            PKCS11 cryptoki = getCryptoki();
            Util.log(getClass().getName() + ".engineUpdate(): before pkcs11 final");
            bArr = cryptoki.C_SignFinal(getSession().getSessionId());
            Util.log(getClass().getName() + ".engineUpdate(): after pkcs11 final");
            this.finalized = true;
        }
        return bArr;
    }

    private void finalizeOperation() {
        try {
            doFinal();
            release();
        } catch (Exception e) {
            release();
        } catch (Throwable th) {
            release();
            throw th;
        }
    }

    @Override // javax.crypto.MacSpi
    protected int engineGetMacLength() {
        if (!Util.isDebug()) {
            return 8;
        }
        Util.log(getClass().getName() + ".engineGetMacLength()");
        return 8;
    }

    @Override // javax.crypto.MacSpi
    protected void engineInit(Key key, AlgorithmParameterSpec algorithmParameterSpec) throws InvalidKeyException, InvalidAlgorithmParameterException {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineInit(" + Util.getClassName(key) + ", " + algorithmParameterSpec + ")");
        }
        finalizeOperation();
        initKey(key);
        if (algorithmParameterSpec instanceof SharedSessionParameterSpec) {
            if (Util.isDebug()) {
                Util.log("using shared session");
            }
            SharedSessionParameterSpec sharedSessionParameterSpec = (SharedSessionParameterSpec) algorithmParameterSpec;
            if (sharedSessionParameterSpec.isSessionValid()) {
                if (Util.isDebug()) {
                    Util.log("specified shared session id: " + sharedSessionParameterSpec.getSessionId());
                }
                this.sharedSessionId = sharedSessionParameterSpec.getSessionId();
            } else {
                if (Util.isDebug()) {
                    Util.log("creating new shared session");
                }
                this.sharedSessionId = getSession().getSessionId();
                if (Util.isDebug()) {
                    Util.log("created shared session id: " + this.sharedSessionId);
                }
                sharedSessionParameterSpec.setSessionId(this.sharedSessionId);
            }
            algorithmParameterSpec = sharedSessionParameterSpec.getInner();
        } else {
            this.sharedSessionId = 0L;
            if (Util.isDebug()) {
                Util.log("using default session");
            }
        }
        initAlgParameter(algorithmParameterSpec);
        LoginController.doUnreleasableAction(this.pkcs11Common, new LoginController.VoidAction() { // from class: by.avest.crypto.pkcs11.provider.bign.MacBelT.1
            @Override // by.avest.crypto.pkcs11.provider.LoginController.VoidAction
            public void doAction() throws PKCS11Exception {
                MacBelT.this.init();
            }
        });
    }

    private void initAlgParameter(AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException {
        if (algorithmParameterSpec != null) {
            throw new InvalidAlgorithmParameterException("Invalid algorithm parameter specification.");
        }
        this.parameter = null;
    }

    private void initKey(Key key) throws InvalidKeyException {
        if (key == null) {
            throw new InvalidKeyException(ProviderExcptMessages.CG_NULL_SECRET_KEY);
        }
        if (!(key instanceof SecretKeyBelT)) {
            throw new InvalidKeyException("Invalid secret key instance.");
        }
        this.secretKey = (SecretKeyBelT) key;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void init() throws PKCS11Exception {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".init()");
        }
        setVirtualSlotId(this.secretKey.getVirtualSlotId());
        Pkcs11SessionObject sessionKey = getSessionKey(this.secretKey);
        CK_MECHANISM ck_mechanism = new CK_MECHANISM();
        ck_mechanism.mechanism = -1911554042L;
        ck_mechanism.pParameter = getMechanismParameter();
        PKCS11 cryptoki = getCryptoki();
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".init(): before pkcs11 init");
        }
        cryptoki.C_SignInit(getSession().getSessionId(), ck_mechanism, sessionKey.getHandle());
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".init(): after pkcs11 init");
            Util.log(getClass().getName() + ".init() done, session id: " + getSession().getSessionId());
        }
        this.finalized = false;
    }

    private Object getMechanismParameter() {
        Object obj = null;
        if (this.parameter != null) {
            obj = this.parameter.getPKCS11ParamsObject();
        }
        return obj;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private Pkcs11SessionObject getSessionKey(SecretKeyAbstr secretKeyAbstr) {
        if (secretKeyAbstr instanceof Pkcs11SessionKey) {
            return ((Pkcs11SessionKey) secretKeyAbstr).getPkcs11SessionObject();
        }
        if (secretKeyAbstr == 0) {
            throw new ProviderException(ProviderExcptMessages.CG_NULL_SECRET_KEY);
        }
        if (Util.isDebug()) {
            Util.log("searching session key, id: " + ByteArrayUtil.toHexString(secretKeyAbstr.getId()));
        }
        try {
            long findObject = Pkcs11Tool.findObject(getCryptoki(), getSession(), secretKeyAbstr.getCkTemplate().toCkAttributeArray());
            if (Util.isDebug()) {
                Util.log("secret key found, handle: " + findObject);
            }
            if (findObject == 0) {
                throw new ProviderException(ProviderExcptMessages.CG_NO_SECRET_KEY_FOUND);
            }
            Pkcs11SessionObject pkcs11SessionObject = new Pkcs11SessionObject();
            pkcs11SessionObject.setVirtualSlotId(getVirtualSlotId());
            pkcs11SessionObject.setHandle(findObject);
            Util.log("looking for secret key end");
            return pkcs11SessionObject;
        } catch (PKCS11Exception e) {
            ProviderException providerException = new ProviderException(e.getMessage());
            providerException.initCause(e);
            throw providerException;
        }
    }

    @Override // javax.crypto.MacSpi
    protected void engineReset() {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineReset()");
        }
        finalizeOperation();
        release();
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineReset() end");
        }
    }

    @Override // javax.crypto.MacSpi
    protected void engineUpdate(byte b) {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineUpdate(byte)");
        }
        engineUpdate(new byte[]{b}, 0, 1);
    }

    @Override // javax.crypto.MacSpi
    protected void engineUpdate(byte[] bArr, int i, int i2) {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineUpdate(data, " + i + ", " + i2 + ")");
        }
        if (this.finalized) {
            try {
                init();
            } catch (PKCS11Exception e) {
                ProviderException providerException = new ProviderException(e.getMessage());
                providerException.initCause(e);
                throw providerException;
            }
        }
        try {
            PKCS11 cryptoki = getCryptoki();
            if (Util.isDebug()) {
                Util.log(getClass().getName() + ".engineUpdate(): before pkcs11 update");
                if (dataDebug != null) {
                    Util.log(dataDebug, getClass().getName() + ".engineUpdate(): data=" + ByteArrayUtil.toHexString(bArr, i, i2));
                }
            }
            cryptoki.C_SignUpdate(getSession().getSessionId(), bArr, i, i2);
            if (Util.isDebug()) {
                Util.log(getClass().getName() + ".engineUpdate(): before pkcs11 update");
            }
            if (Util.isDebug()) {
                Util.log(getClass().getName() + ".engineUpdate(data, " + i + ", " + i2 + ") end");
            }
        } catch (PKCS11Exception e2) {
            release();
            this.finalized = true;
            ProviderException providerException2 = new ProviderException(e2.getMessage());
            providerException2.initCause(e2);
            throw providerException2;
        }
    }
}
