package com.logica.security.pkcs11.provider.dataprovider;

import com.logica.apps.ivs.client.manager.PKIMgrError;
import com.logica.security.pkcs11.ckCore.ckSession;
import com.logica.security.pkcs11.exceptions.ckException;
import com.logica.security.pkcs11.exceptions.p11Exception;
import com.logica.security.pkcs11.objects.ckObject;
import com.logica.security.pkcs11.objects.ckPrivateKey;
import com.logica.security.pkcs11.objects.ckRSAPrivateKey;
import com.logica.security.pkcs11.provider.keys.p11RSA_PrivateKeyHolder;
import com.logica.security.pkcs11.provider.p11Session;
import com.logica.security.pkcs11.templates.auxtempl.PKCS11Attribute;
import com.logica.security.pkcs11.templates.auxtempl.PKCS11RSAPrivateKeyTemplate;
import com.logica.security.pkcs11.templates.ckKeyTemplate;
import com.logica.security.pkcs11.templates.ckPrivateKeyTemplate;
import com.logica.security.pkcs11.templates.ckRSAPrivateKeyTemplate;
import com.logica.security.pkcs11.utils.PKCS11Utils;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.util.Calendar;
import java.util.Vector;

/* loaded from: input_file:com/logica/security/pkcs11/provider/dataprovider/KeyProvider.class */
public class KeyProvider extends itemProvider {
    private Vector public_keys;
    private p11Session current_p11Session;
    public static final int CKO_DATA = 0;
    public static final int CKO_CERTIFICATE = 1;
    public static final int CKO_PUBLIC_KEY = 2;
    public static final int CKO_PRIVATE_KEY = 3;
    public static final int CKO_SECRET_KEY = 4;
    public static final int CKO_VENDOR_DEFINED = Integer.MIN_VALUE;
    public static final int CKO_UNDEFINED = -1;
    private static final int PASSWORD_LENGTH = 20;
    private static final int ITERATIONS = 1024;
    private static final int SALT_LENGTH = 20;
    private static final int IV_LENGTH = 8;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/logica/security/pkcs11/provider/dataprovider/KeyProvider$PrivKeyImpl.class */
    public class PrivKeyImpl {
        ckPrivateKey theKey = null;
        ckPrivateKeyTemplate theInfo = null;
        private final KeyProvider this$0;

        PrivKeyImpl(KeyProvider keyProvider) {
            this.this$0 = keyProvider;
        }
    }

    public KeyProvider(ckSession cksession, p11Session p11session) {
        super(cksession);
        this.public_keys = new Vector();
        this.current_p11Session = p11session;
    }

    public void addPrivateKey(PrivateKey privateKey) throws p11Exception, InvalidKeyException {
        addPrivateKey(privateKey, null);
    }

    public void addPrivateKey(PrivateKey privateKey, String str) throws p11Exception, InvalidKeyException {
        boolean[] zArr = new boolean[9];
        for (int i = 0; i < 9; i++) {
            zArr[i] = false;
        }
        zArr[0] = true;
        zArr[2] = true;
        addPrivateKey(privateKey, str, zArr);
    }

    public void addPrivateKey(PrivateKey privateKey, String str, boolean[] zArr) throws p11Exception, InvalidKeyException {
        Calendar.getInstance();
        if (privateKey instanceof RSAPrivateCrtKey) {
            try {
                RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) privateKey;
                BigInteger modulus = rSAPrivateCrtKey.getModulus();
                BigInteger publicExponent = rSAPrivateCrtKey.getPublicExponent();
                BigInteger privateExponent = rSAPrivateCrtKey.getPrivateExponent();
                BigInteger primeP = rSAPrivateCrtKey.getPrimeP();
                BigInteger primeQ = rSAPrivateCrtKey.getPrimeQ();
                BigInteger primeExponentP = rSAPrivateCrtKey.getPrimeExponentP();
                BigInteger primeExponentQ = rSAPrivateCrtKey.getPrimeExponentQ();
                BigInteger crtCoefficient = rSAPrivateCrtKey.getCrtCoefficient();
                ckRSAPrivateKeyTemplate ckrsaprivatekeytemplate = new ckRSAPrivateKeyTemplate(true);
                ckrsaprivatekeytemplate.addModulus(modulus.toByteArray());
                ckrsaprivatekeytemplate.addPublicExponent(publicExponent.toByteArray());
                ckrsaprivatekeytemplate.addPrivateExponent(privateExponent.toByteArray());
                ckrsaprivatekeytemplate.addPrime1(primeP.toByteArray());
                ckrsaprivatekeytemplate.addPrime2(primeQ.toByteArray());
                ckrsaprivatekeytemplate.addExponent1(primeExponentP.toByteArray());
                ckrsaprivatekeytemplate.addExponent2(primeExponentQ.toByteArray());
                ckrsaprivatekeytemplate.addCoefficient(crtCoefficient.toByteArray());
                ckrsaprivatekeytemplate.addToken(true);
                ckrsaprivatekeytemplate.addPrivate(true);
                ckrsaprivatekeytemplate.addSensitive(true);
                ckrsaprivatekeytemplate.removeModifiable();
                if (str != null && str.length() != 0) {
                    ckrsaprivatekeytemplate.addLabel(str);
                }
                if (zArr != null && zArr[0]) {
                    ckrsaprivatekeytemplate.addSign(true);
                }
                if (zArr != null && (zArr[2] || zArr[3])) {
                    ckrsaprivatekeytemplate.addDecrypt(true);
                }
                this.current_ckSession.getKeyGenerator().create(ckrsaprivatekeytemplate);
            } catch (ckException e) {
                throw new p11Exception(new StringBuffer().append("Failed to add private key [").append(privateKey).append("]").toString());
            }
        }
    }

    public void deletePrivateKey(PrivateKey privateKey) throws p11Exception, InvalidKeyException {
        if (!(privateKey instanceof p11RSA_PrivateKeyHolder)) {
            throw new InvalidKeyException("Must be a hardware key for update");
        }
        ckRSAPrivateKey cKKey = ((p11RSA_PrivateKeyHolder) privateKey).getCKKey();
        cKKey.setSession(this.current_ckSession);
        try {
            cKKey.destroy();
        } catch (ckException e) {
            throw new p11Exception(new StringBuffer().append("Failed to delete PrivateKey [").append(privateKey).append("]").toString(), e);
        }
    }

    public PrivateKey getPrivateKeyAt(int i) {
        PrivKeyImpl privKeyImpl = (PrivKeyImpl) this.cache.elementAt(i);
        return PKCS11Utils.buildP11PrivateKey(privKeyImpl.theInfo.getID(), (ckRSAPrivateKey) privKeyImpl.theKey, this.current_p11Session, false);
    }

    public String getLabelForPrivKeyAt(int i) {
        return ((PrivKeyImpl) this.cache.elementAt(i)).theInfo.getLabel();
    }

    @Override // com.logica.security.pkcs11.provider.dataprovider.itemProvider
    public void refresh() throws p11Exception {
        this.cache = new Vector();
        try {
            ckPrivateKeyTemplate ckprivatekeytemplate = new ckPrivateKeyTemplate();
            ckprivatekeytemplate.addClass(3);
            ckprivatekeytemplate.addKeyType(0);
            this.current_ckSession.findInit(ckprivatekeytemplate);
            ckObject findNext = this.current_ckSession.findNext();
            if (findNext != null) {
                while (findNext != null) {
                    ckPrivateKey ckprivatekey = (ckPrivateKey) findNext;
                    ckPrivateKeyTemplate ckprivatekeytemplate2 = new ckPrivateKeyTemplate();
                    ckprivatekey.setSession(this.current_ckSession);
                    ckprivatekeytemplate2.addLabel(PKIMgrError.NO_ERROR_MESSAGE);
                    ckprivatekeytemplate2.addID(null);
                    ckprivatekeytemplate2.addSubject(null);
                    ckprivatekey.getAttributes(ckprivatekeytemplate2);
                    PrivKeyImpl privKeyImpl = new PrivKeyImpl(this);
                    privKeyImpl.theKey = ckprivatekey;
                    privKeyImpl.theInfo = ckprivatekeytemplate2;
                    this.cache.addElement(privKeyImpl);
                    findNext = this.current_ckSession.findNext();
                }
            } else {
                this.current_ckSession.findFinal();
                this.current_ckSession.findInit(new ckKeyTemplate());
                try {
                    findNext = this.current_ckSession.findNext();
                } catch (ckException e) {
                }
                while (findNext != null) {
                    if (findNext instanceof ckRSAPrivateKey) {
                        ckPrivateKeyTemplate ckprivatekeytemplate3 = new ckPrivateKeyTemplate();
                        ckRSAPrivateKey ckrsaprivatekey = (ckRSAPrivateKey) findNext;
                        ckrsaprivatekey.setSession(this.current_ckSession);
                        ckprivatekeytemplate3.addLabel(PKIMgrError.NO_ERROR_MESSAGE);
                        ckprivatekeytemplate3.addID(null);
                        ckprivatekeytemplate3.addSubject(null);
                        ckrsaprivatekey.getAttributes(ckprivatekeytemplate3);
                        PrivKeyImpl privKeyImpl2 = new PrivKeyImpl(this);
                        privKeyImpl2.theKey = ckrsaprivatekey;
                        privKeyImpl2.theInfo = ckprivatekeytemplate3;
                        this.cache.addElement(privKeyImpl2);
                    }
                    try {
                        findNext = this.current_ckSession.findNext();
                    } catch (ckException e2) {
                    }
                }
            }
            this.current_ckSession.findFinal();
        } catch (ckException e3) {
            System.out.println(e3.getErrorMsg());
            e3.printStackTrace();
        }
    }

    public PrivateKey injectPrivateKey(KeyPair keyPair, PKCS11RSAPrivateKeyTemplate pKCS11RSAPrivateKeyTemplate) throws p11Exception {
        try {
            try {
                RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) keyPair.getPrivate();
                ckRSAPrivateKeyTemplate ckrsaprivatekeytemplate = new ckRSAPrivateKeyTemplate(true);
                ckrsaprivatekeytemplate.addCoefficient(PKCS11Utils.stripSignedBit(rSAPrivateCrtKey.getCrtCoefficient().toByteArray()));
                ckrsaprivatekeytemplate.addExponent1(PKCS11Utils.stripSignedBit(rSAPrivateCrtKey.getPrimeExponentP().toByteArray()));
                ckrsaprivatekeytemplate.addExponent2(PKCS11Utils.stripSignedBit(rSAPrivateCrtKey.getPrimeExponentQ().toByteArray()));
                ckrsaprivatekeytemplate.addPrime1(PKCS11Utils.stripSignedBit(rSAPrivateCrtKey.getPrimeP().toByteArray()));
                ckrsaprivatekeytemplate.addPrime2(PKCS11Utils.stripSignedBit(rSAPrivateCrtKey.getPrimeQ().toByteArray()));
                ckrsaprivatekeytemplate.addPublicExponent(rSAPrivateCrtKey.getPublicExponent().toByteArray());
                ckrsaprivatekeytemplate.addPrivateExponent(PKCS11Utils.stripSignedBit(rSAPrivateCrtKey.getPrivateExponent().toByteArray()));
                ckrsaprivatekeytemplate.addModulus(PKCS11Utils.stripSignedBit(rSAPrivateCrtKey.getModulus().toByteArray()));
                PKCS11Attribute attribute = pKCS11RSAPrivateKeyTemplate.getAttribute(264);
                if (attribute != null) {
                    ckrsaprivatekeytemplate.addSign(PKCS11Utils.booleanValue(attribute));
                }
                PKCS11Attribute attribute2 = pKCS11RSAPrivateKeyTemplate.getAttribute(261);
                if (attribute2 != null) {
                    ckrsaprivatekeytemplate.addDecrypt(PKCS11Utils.booleanValue(attribute2));
                }
                PKCS11Attribute attribute3 = pKCS11RSAPrivateKeyTemplate.getAttribute(263);
                if (attribute3 != null) {
                    ckrsaprivatekeytemplate.addUnwrap(PKCS11Utils.booleanValue(attribute3));
                }
                ckrsaprivatekeytemplate.removeDerive();
                PKCS11Attribute attribute4 = pKCS11RSAPrivateKeyTemplate.getAttribute(1);
                if (attribute4 != null) {
                    ckrsaprivatekeytemplate.addToken(PKCS11Utils.booleanValue(attribute4));
                }
                PKCS11Attribute attribute5 = pKCS11RSAPrivateKeyTemplate.getAttribute(355);
                if (attribute5 != null) {
                    ckrsaprivatekeytemplate.addLocal(PKCS11Utils.booleanValue(attribute5));
                }
                PKCS11Attribute attribute6 = pKCS11RSAPrivateKeyTemplate.getAttribute(257);
                if (attribute6 != null) {
                    ckrsaprivatekeytemplate.addSubject(PKCS11Utils.bytearrayValue(attribute6));
                }
                PKCS11Attribute attribute7 = pKCS11RSAPrivateKeyTemplate.getAttribute(2);
                if (attribute7 != null) {
                    ckrsaprivatekeytemplate.addPrivate(PKCS11Utils.booleanValue(attribute7));
                }
                PKCS11Attribute attribute8 = pKCS11RSAPrivateKeyTemplate.getAttribute(354);
                if (attribute8 != null) {
                    ckrsaprivatekeytemplate.addExtractable(PKCS11Utils.booleanValue(attribute8));
                }
                PKCS11Attribute attribute9 = pKCS11RSAPrivateKeyTemplate.getAttribute(259);
                if (attribute9 != null) {
                    ckrsaprivatekeytemplate.addSensitive(PKCS11Utils.booleanValue(attribute9));
                }
                PKCS11Attribute attribute10 = pKCS11RSAPrivateKeyTemplate.getAttribute(368);
                if (attribute10 != null) {
                    ckrsaprivatekeytemplate.addModifiable(PKCS11Utils.booleanValue(attribute10));
                } else {
                    ckrsaprivatekeytemplate.removeModifiable();
                }
                PKCS11Attribute attribute11 = pKCS11RSAPrivateKeyTemplate.getAttribute(3);
                if (attribute11 != null) {
                    ckrsaprivatekeytemplate.addLabel(PKCS11Utils.stringValue(attribute11));
                }
                PKCS11Attribute attribute12 = pKCS11RSAPrivateKeyTemplate.getAttribute(258);
                if (attribute12 != null) {
                    ckrsaprivatekeytemplate.addID(PKCS11Utils.bytearrayValue(attribute12));
                } else {
                    ckrsaprivatekeytemplate.addID(PKCS11Utils.getIdForKey(keyPair.getPublic(), null));
                }
                return PKCS11Utils.buildP11PrivateKey(ckrsaprivatekeytemplate.getID(), (ckRSAPrivateKey) this.current_ckSession.getKeyGenerator().create(ckrsaprivatekeytemplate), this.current_p11Session, false);
            } catch (ClassCastException e) {
                throw new p11Exception(new StringBuffer().append("RSAPrivateCrtKey expected, received ").append(keyPair.getPrivate().getClass()).toString(), e);
            }
        } catch (ckException e2) {
            throw new p11Exception("Failed to inject the private to the smart card.", e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new p11Exception("Failed to generate the digest while injecting  the private key to the smart card.", e3);
        } catch (Exception e4) {
            throw new p11Exception("Failed to calculate the CKA_ID attribute for the injected private key", e4);
        }
    }
}
