package by.avest.crypto.pkcs11.provider;

import by.avest.crypto.pkcs11.provider.LoginController;
import by.avest.crypto.provider.Pkcs11KeySpec;
import by.avest.crypto.provider.PublicVA;
import iaik.pkcs.pkcs11.wrapper.CK_MECHANISM;
import iaik.pkcs.pkcs11.wrapper.PKCS11Exception;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.ShortBufferException;

/* loaded from: input_file:by/avest/crypto/pkcs11/provider/KeyAgreementBDHOneWay.class */
public abstract class KeyAgreementBDHOneWay extends KeyAgreementAbstr {
    private static final int STATE_NOOPERATION_PERFORMED = 0;
    private static final int STATE_INIT_PERFORMED = 1;
    private static final int STATE_DOPHASE_PERFORMED = 2;
    private boolean sideA;
    private PublicKeyAbstr publicKeySideB;
    private Pkcs11SessionObject sessionPublicKeySideB;
    private byte[] va;
    private PrivateKeyAbstr privateKeySideB;
    private Pkcs11SessionObject sessionPrivateKeySideB;
    private PublicVA publicKeySideA;
    private int state = 0;
    private int mechanismType;
    private TemplateBuilder parameterTemplate;
    private Pkcs11KeySpec secretKeySpec;

    private boolean isSideA() {
        return this.sideA;
    }

    private boolean isSideB() {
        return !this.sideA;
    }

    private void setSideA() {
        this.sideA = true;
    }

    private void setSideB() {
        this.sideA = false;
    }

    private PublicKeyAbstr getPublicKeySideB() {
        return this.publicKeySideB;
    }

    private void setPublicKeySideB(PublicKeyAbstr publicKeyAbstr) {
        this.publicKeySideB = publicKeyAbstr;
    }

    private Pkcs11SessionObject getSessionPublicKeySideB() {
        return this.sessionPublicKeySideB;
    }

    private void setSessionPublicKeySideB(Pkcs11SessionObject pkcs11SessionObject) {
        this.sessionPublicKeySideB = pkcs11SessionObject;
    }

    private byte[] getVA() {
        return this.va;
    }

    private void setVA(byte[] bArr) {
        this.va = bArr;
    }

    private void setPublicKeySideA(PublicVA publicVA) {
        this.publicKeySideA = publicVA;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public PublicVA getPublicKeySideA() {
        return this.publicKeySideA;
    }

    private PrivateKeyAbstr getPrivateKeySideB() {
        return this.privateKeySideB;
    }

    private void setPrivateKeySideB(PrivateKeyAbstr privateKeyAbstr) {
        this.privateKeySideB = privateKeyAbstr;
    }

    private Pkcs11SessionObject getSessionPrivateKeySideB() {
        return this.sessionPrivateKeySideB;
    }

    private void setSessionPrivateKeySideB(Pkcs11SessionObject pkcs11SessionObject) {
        this.sessionPrivateKeySideB = pkcs11SessionObject;
    }

    private boolean isPrivateKeyInitialized() {
        return getPrivateKeySideB() != null;
    }

    private void setMechanismType(int i) {
        this.mechanismType = i;
    }

    private int getMechanismType() {
        return this.mechanismType;
    }

    private TemplateBuilder getSecretKeyTpl() {
        return KeyGeneratorAbstr.buildCkTemplate(-1912602624).append(this.parameterTemplate);
    }

    @Override // javax.crypto.KeyAgreementSpi
    protected void engineInit(Key key, SecureRandom secureRandom) throws InvalidKeyException {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineInit(" + Util.getClassName(key) + "," + Util.getClassName(secureRandom) + ")");
        }
        throw new UnsupportedOperationException();
    }

    @Override // javax.crypto.KeyAgreementSpi
    protected void engineInit(final Key key, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineInit(" + Util.getClassName(key) + "," + algorithmParameterSpec + "," + Util.getClassName(secureRandom) + ")");
        }
        release();
        initParameter(algorithmParameterSpec);
        initRandom(secureRandom);
        LoginController.LoginExceptionVoidAction loginExceptionVoidAction = new LoginController.LoginExceptionVoidAction() { // from class: by.avest.crypto.pkcs11.provider.KeyAgreementBDHOneWay.1
            @Override // by.avest.crypto.pkcs11.provider.LoginController.VoidAction
            public void doAction() throws PKCS11Exception {
                try {
                    KeyAgreementBDHOneWay.this.initPrivateKey(key);
                } catch (InvalidKeyException e) {
                    setException(e);
                }
            }
        };
        LoginController.doUnreleasableAction(this.pkcs11Common, loginExceptionVoidAction);
        if (loginExceptionVoidAction.getException() != null) {
            throw ((InvalidKeyException) loginExceptionVoidAction.getException());
        }
        this.state = 1;
    }

    private void initParameter(AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException {
        this.parameterTemplate = Pkcs11ParametersFactory.createKeyGenParameterCkTemplate(algorithmParameterSpec);
    }

    @Override // javax.crypto.KeyAgreementSpi
    protected Key engineDoPhase(final Key key, boolean z) throws InvalidKeyException, IllegalStateException {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineDoPhase(" + Util.getClassName(key) + ", " + z + ")");
        }
        if (this.state != 1) {
            throw new IllegalStateException(ProviderExcptMessages.KABW_STATE_NOT_INIT);
        }
        LoginController.LoginExceptionAction loginExceptionAction = new LoginController.LoginExceptionAction() { // from class: by.avest.crypto.pkcs11.provider.KeyAgreementBDHOneWay.2
            @Override // by.avest.crypto.pkcs11.provider.LoginController.Action
            public Object doAction() throws PKCS11Exception {
                try {
                    KeyAgreementBDHOneWay.this.initPublicKey(key);
                    KeyAgreementBDHOneWay.this.doPhaseInner();
                    return KeyAgreementBDHOneWay.this.getPublicKeySideA();
                } catch (InvalidKeyException e) {
                    setException(e);
                    return null;
                }
            }
        };
        Key key2 = (Key) LoginController.doUnreleasableAction(this.pkcs11Common, loginExceptionAction);
        if (loginExceptionAction.getException() != null) {
            throw ((InvalidKeyException) loginExceptionAction.getException());
        }
        this.state = 2;
        return key2;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void initPublicKey(Key key) throws InvalidKeyException, PKCS11Exception {
        if (isSideA()) {
            initPublicKeySideB(key);
        } else if (isSideB()) {
            initPublicKeySideA(key);
        }
    }

    private void initPublicKeySideB(Key key) throws InvalidKeyException, PKCS11Exception {
        if (key == null) {
            throw new InvalidKeyException(ProviderExcptMessages.KABW_SIDEB_PUBLIC_KEY_NULL);
        }
        setPublicKeySideB(getPublicKeySideB(key));
        initVirtualSlot();
        setVA(new byte[getPublicKeyBDHValue(getPublicKeySideB()).length]);
        setSessionPublicKeySideB(getSessionKey(getPublicKeySideB()));
        setMechanismType(getMechanism(getPublicKeySideB()));
    }

    private void initPublicKeySideA(Key key) throws InvalidKeyException {
        if (key == null) {
            throw new InvalidKeyException(ProviderExcptMessages.KABW_SIDEA_PUBLIC_KEY_NULL);
        }
        if (!(key instanceof PublicVA)) {
            throw new InvalidKeyException(ProviderExcptMessages.KABW_SIDEA_INST_PUBLICVA);
        }
        setVA(((PublicVA) key).getVAValue());
    }

    private int getMechanism(PublicKeyAbstr publicKeyAbstr) throws InvalidKeyException {
        int i;
        String algorithm = publicKeyAbstr.getAlgorithm();
        if (algorithm == null) {
            throw new InvalidKeyException(ProviderExcptMessages.KABW_SIDEB_KEYALG_NULL);
        }
        if (algorithm.equals("Bdh")) {
            i = -1912602601;
        } else if (algorithm.equals("BdsBdh")) {
            i = -1912602591;
        } else {
            if (!algorithm.equals("BdsProBdh")) {
                throw new InvalidKeyException(ProviderExcptMessages.KABW_SIDEB_INVALI_PUBLIC_KEY);
            }
            i = -1912602582;
        }
        return i;
    }

    private byte[] getPublicKeyBDHValue(PublicKeyAbstr publicKeyAbstr) throws InvalidKeyException {
        byte[] keyValue;
        if (publicKeyAbstr instanceof PublicKeyBdh) {
            keyValue = ((PublicKeyBdh) publicKeyAbstr).getKeyValue();
        } else if (publicKeyAbstr instanceof PublicKeyBdsBdh) {
            PublicKeyBdh bdh = ((PublicKeyBdsBdh) publicKeyAbstr).getBdh();
            if (bdh == null) {
                throw new InvalidKeyException(ProviderExcptMessages.KABW_SIDEB_BDHPK_NULL);
            }
            keyValue = bdh.getKeyValue();
        } else {
            if (!(publicKeyAbstr instanceof PublicKeyBdsProBdh)) {
                throw new InvalidKeyException(ProviderExcptMessages.KABW_SIDEB_INVALI_PUBLIC_KEY);
            }
            PublicKeyBdh bdh2 = ((PublicKeyBdsProBdh) publicKeyAbstr).getBdh();
            if (bdh2 == null) {
                throw new InvalidKeyException(ProviderExcptMessages.KABW_SIDEB_BDHPK_NULL);
            }
            keyValue = bdh2.getKeyValue();
        }
        if (keyValue == null) {
            throw new InvalidKeyException(ProviderExcptMessages.KABW_SIDEB_BDHPK_NULL);
        }
        return keyValue;
    }

    private PublicKeyAbstr getPublicKeySideB(Key key) throws InvalidKeyException {
        PublicKeyAbstr determinePublicKeySideB = determinePublicKeySideB(key);
        if (determinePublicKeySideB == null) {
            try {
                determinePublicKeySideB = determinePublicKeySideB(PublicKeyAbstr.generate(((PublicKey) key).getEncoded(), getVirtualSlotId()));
            } catch (IOException e) {
                throw new InvalidKeyException(e.getMessage());
            } catch (NoSuchAlgorithmException e2) {
                throw new InvalidKeyException(e2.getMessage());
            }
        }
        if (determinePublicKeySideB == null) {
            throw new InvalidKeyException(ProviderExcptMessages.KABW_SIDEB_INVALI_PUBLIC_KEY);
        }
        return determinePublicKeySideB;
    }

    private PublicKeyAbstr determinePublicKeySideB(Key key) throws InvalidKeyException {
        PublicKeyAbstr publicKeyAbstr = null;
        if (key instanceof PublicKeyBdh) {
            publicKeyAbstr = (PublicKeyBdh) key;
        } else if (key instanceof PublicKeyBdsBdh) {
            publicKeyAbstr = (PublicKeyBdsBdh) key;
        } else if (key instanceof PublicKeyBdsProBdh) {
            publicKeyAbstr = (PublicKeyBdsProBdh) key;
        }
        return publicKeyAbstr;
    }

    private Pkcs11SessionObject getSessionKey(PublicKeyAbstr publicKeyAbstr) throws PKCS11Exception {
        return new Pkcs11SessionObject(getVirtualSlotId(), Pkcs11Tool.createObject(getCryptoki(), getSession(), publicKeyAbstr.getCkTemplate().toCkAttributeArray()));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void doPhaseInner() throws PKCS11Exception {
        Pkcs11KeySpec deriveInner;
        CK_MECHANISM ck_mechanism = new CK_MECHANISM();
        ck_mechanism.mechanism = getMechanismType();
        ck_mechanism.pParameter = getVA();
        if (isPrivateKeyInitialized()) {
            deriveInner = deriveInner(ck_mechanism, getSessionPrivateKeySideB().getHandle());
        } else {
            deriveInner = deriveInner(ck_mechanism, getSessionPublicKeySideB().getHandle());
            setPublicKeySideA(new PublicVA(getVA()));
        }
        this.secretKeySpec = deriveInner;
    }

    private Pkcs11KeySpec deriveInner(CK_MECHANISM ck_mechanism, long j) throws PKCS11Exception {
        Pkcs11KeySpec pkcs11KeySpec;
        try {
            long C_DeriveKey = getCryptoki().C_DeriveKey(getSession().getSessionId(), ck_mechanism, j, getSecretKeyTpl().toCkAttributeArray());
            synchronized (Pkcs11Tool.SECRET_KEY_ID_GENERATOR_LOCK) {
                byte[] generateSecretKeyId = Pkcs11Tool.generateSecretKeyId(getCryptoki(), getSession(), C_DeriveKey);
                Pkcs11Tool.setAttributeValue(getCryptoki(), getSession(), C_DeriveKey, 258L, generateSecretKeyId);
                pkcs11KeySpec = new Pkcs11KeySpec(getVirtualSlotId(), generateSecretKeyId);
            }
            return pkcs11KeySpec;
        } finally {
            release();
        }
    }

    @Override // javax.crypto.KeyAgreementSpi
    protected byte[] engineGenerateSecret() throws IllegalStateException {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineGenerateSecret()");
        }
        throw new UnsupportedOperationException();
    }

    @Override // javax.crypto.KeyAgreementSpi
    protected SecretKey engineGenerateSecret(String str) throws IllegalStateException, NoSuchAlgorithmException, InvalidKeyException {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineGenerateSecret(" + str + ")");
        }
        if (this.state != 2) {
            throw new IllegalStateException(ProviderExcptMessages.KABW_STATE_NO_DOPHASE);
        }
        try {
            if (this.secretKeySpec == null) {
                throw new ProviderException(ProviderExcptMessages.KABW_SECRET_KEY_GEN_FAILURE);
            }
            SecretKey generateSecret = SecretKeyFactory.getInstance(str).generateSecret(this.secretKeySpec);
            this.secretKeySpec = null;
            this.state = 1;
            return generateSecret;
        } catch (InvalidKeySpecException e) {
            throw new InvalidKeyException();
        }
    }

    @Override // javax.crypto.KeyAgreementSpi
    protected int engineGenerateSecret(byte[] bArr, int i) throws IllegalStateException, ShortBufferException {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineGenerateSecret(sharedSecret, " + i + ")");
        }
        throw new UnsupportedOperationException();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void initPrivateKey(Key key) throws InvalidKeyException, PKCS11Exception {
        if (key == null) {
            setSideA();
        } else {
            setSideB();
            initPrivateKeySideB(key);
        }
    }

    private void initPrivateKeySideB(Key key) throws InvalidKeyException, PKCS11Exception {
        if (!(key instanceof PrivateKeyAbstr)) {
            throw new InvalidKeyException(ProviderExcptMessages.KABW_SIDEB_INVALID_PRIVATE_KEY);
        }
        PrivateKeyAbstr privateKeyAbstr = (PrivateKeyAbstr) key;
        setVirtualSlotId(privateKeyAbstr.getVirtualSlotId());
        setPrivateKeySideB(privateKeyAbstr);
        setSessionPrivateKeySideB(getSessionKey(privateKeyAbstr));
        setMechanismType(getMechanism(getSessionPrivateKeySideB()));
    }

    private int getMechanism(Pkcs11SessionObject pkcs11SessionObject) throws PKCS11Exception, InvalidKeyException {
        int i;
        int intValue = new Long(Pkcs11Tool.getAttributeValueLong(getCryptoki(), getSession(), pkcs11SessionObject.getHandle(), 256L)).intValue();
        if (intValue == -1912602620) {
            i = -1912602601;
        } else if (intValue == -1912602618) {
            i = -1912602591;
        } else {
            if (intValue != -1912602614) {
                throw new InvalidKeyException(ProviderExcptMessages.KABW_SIDEB_INVALID_PRIVATE_KEY);
            }
            i = -1912602582;
        }
        return i;
    }

    private Pkcs11SessionObject getSessionKey(PrivateKeyAbstr privateKeyAbstr) throws PKCS11Exception {
        return new Pkcs11SessionObject(getVirtualSlotId(), Pkcs11Tool.findObject(getCryptoki(), getSession(), privateKeyAbstr.getCkTemplate().toCkAttributeArray()));
    }

    private void initRandom(SecureRandom secureRandom) {
    }
}
