package com.dyadicsec.provider;

import com.dyadicsec.cryptoki.CK;
import com.dyadicsec.pkcs11.CK_MECHANISM_INFO;
import com.dyadicsec.pkcs11.Library;
import com.dyadicsec.pkcs11.Slot;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.ProviderException;
import java.util.HashMap;
import java.util.Map;

/* loaded from: input_file:com/dyadicsec/provider/DYCryptoProvider.class */
public final class DYCryptoProvider extends Provider {
    public static final String NAME = "DYADIC";
    private static final long serialVersionUID = 1;
    static KeyStore defaultKeyStore;
    private static Map<String, KeyStore> stores = new HashMap();
    Slot slot;
    private static CK_MECHANISM_INFO mechInfo;

    /* loaded from: input_file:com/dyadicsec/provider/DYCryptoProvider$KeyEntry.class */
    public static final class KeyEntry implements KeyStore.Entry {
        PrivateKey key;

        public KeyEntry(PrivateKey privateKey) {
            this.key = privateKey;
        }
    }

    /* loaded from: input_file:com/dyadicsec/provider/DYCryptoProvider$KeyStoreService.class */
    final class KeyStoreService extends Provider.Service {
        private String slotName;
        private int slotID;

        public KeyStoreService(Provider provider, String str, String str2) {
            super(provider, "KeyStore", "PKCS11", str, null, null);
            this.slotName = str2;
        }

        public KeyStoreService(Provider provider, String str, int i) {
            super(provider, "KeyStore", "PKCS11", str, null, null);
            this.slotID = i;
        }

        @Override // java.security.Provider.Service
        public boolean supportsParameter(Object obj) {
            return false;
        }

        @Override // java.security.Provider.Service
        public Object newInstance(Object obj) {
            Slot find = this.slotName == null ? Slot.find(this.slotID) : Slot.find(this.slotName);
            if (find == null) {
                return null;
            }
            return DYCryptoProvider.getKeyStoreBySlot(find);
        }
    }

    public DYCryptoProvider() {
        this(null);
    }

    public static KeyStore getDefaultKeyStore() {
        return defaultKeyStore;
    }

    private static boolean isHwMech(int[] iArr, int i) {
        for (int i2 : iArr) {
            if (i2 == i) {
                return true;
            }
        }
        return false;
    }

    private static void appendMode(StringBuffer stringBuffer, String str) {
        if (stringBuffer.length() > 0) {
            stringBuffer.append("|");
        }
        stringBuffer.append(str);
    }

    public Provider configure(String str) {
        return new DYCryptoProvider(str);
    }

    public DYCryptoProvider(String str) {
        super(NAME, 1.0d, "DyadicSec EKM security provider");
        this.slot = null;
        str = (str == null || str.isEmpty()) ? System.getProperty("ekm.partition") : str;
        str = (str == null || str.isEmpty()) ? System.getenv().get("EKM_PARTITION") : str;
        if (str == null || str.isEmpty()) {
            this.slot = Slot.getDefault();
        } else {
            this.slot = Slot.find(str);
        }
        if (this.slot == null) {
            throw new ProviderException(String.format("Partition %s not found", str));
        }
        defaultKeyStore = getKeyStoreBySlot(this.slot);
        String str2 = getClass().getPackage().getName() + ".";
        long C_GetMechanismList = Library.C_GetMechanismList(-1, null);
        int rvValue = Library.rvErr(C_GetMechanismList) != 0 ? 0 : Library.rvValue(C_GetMechanismList);
        int[] iArr = new int[rvValue];
        if (rvValue > 0) {
            Library.C_GetMechanismList(-1, iArr);
        }
        if (isHwMech(iArr, 0)) {
            put("KeyFactory.RSA", str2 + "RSAKeyFactory");
            put("KeyPairGenerator.RSA", str2 + "RSAKeyPairGenerator");
            put("Alg.Alias.KeyPairGenerator.1.2.840.113549.1.1", "RSA");
            put("Alg.Alias.KeyPairGenerator.OID.1.2.840.113549.1.1", "RSA");
            boolean isHwMech = isHwMech(iArr, 1);
            StringBuffer stringBuffer = new StringBuffer();
            if (isHwMech) {
                appendMode(stringBuffer, "PKCS1PADDING");
            }
            if (isHwMech(iArr, 3)) {
                appendMode(stringBuffer, "NOPADDING");
            }
            if (isHwMech(iArr, 9)) {
                appendMode(stringBuffer, "OAEPPADDING|OAEPWITHSHA1ANDMGF1PADDING|OAEPWITHSHA-1ANDMGF1PADDING|OAEPWITHSHA-256ANDMGF1PADDING|OAEPWITHSHA-384ANDMGF1PADDING|OAEPWITHSHA-512ANDMGF1PADDING");
            }
            if (stringBuffer.length() > 0) {
                put("Cipher.RSA", str2 + "RSACipher");
                put("Cipher.RSA SupportedModes", "ECB");
                put("Cipher.RSA SupportedKeyClasses", "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey");
                put("Cipher.RSA SupportedPaddings", stringBuffer.toString());
            }
            if (isHwMech) {
                put("Signature.NONEwithRSA SupportedKeyClasses", "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey");
                put("Signature.NONEwithRSA", str2 + "RSASignature$NONEwithRSA");
            }
            if (isHwMech(iArr, 6)) {
                put("Signature.SHA1withRSA SupportedKeyClasses", "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey");
                put("Signature.SHA1withRSA", str2 + "RSASignature$SHA1withRSA");
                put("Alg.Alias.Signature.1.2.840.113549.1.1.5", "SHA1withRSA");
                put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.5", "SHA1withRSA");
                put("Alg.Alias.Signature.1.3.14.3.2.29", "SHA1withRSA");
            }
            if (isHwMech(iArr, 64)) {
                put("Signature.SHA256withRSA SupportedKeyClasses", "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey");
                put("Signature.SHA256withRSA", str2 + "RSASignature$SHA256withRSA");
                put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA256withRSA");
                put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.11", "SHA256withRSA");
            }
            if (isHwMech(iArr, 65)) {
                put("Signature.SHA384withRSA SupportedKeyClasses", "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey");
                put("Signature.SHA384withRSA", str2 + "RSASignature$SHA384withRSA");
                put("Alg.Alias.Signature.1.2.840.113549.1.1.12", "SHA384withRSA");
                put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.12", "SHA384withRSA");
            }
            if (isHwMech(iArr, 66)) {
                put("Signature.SHA512withRSA SupportedKeyClasses", "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey");
                put("Signature.SHA512withRSA", str2 + "RSASignature$SHA512withRSA");
                put("Alg.Alias.Signature.1.2.840.113549.1.1.13", "SHA512withRSA");
                put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.13", "SHA512withRSA");
            }
        }
        if (isHwMech(iArr, CK.CKM_EC_KEY_PAIR_GEN)) {
            put("KeyFactory.EC", str2 + "ECKeyFactory");
            put("Alg.Alias.KeyFactory.EllipticCurve", "EC");
            put("KeyPairGenerator.EC", str2 + "ECKeyPairGenerator");
            if (isHwMech(iArr, CK.CKM_ECDSA)) {
                put("Signature.NONEwithECDSA", str2 + "ECDSASignature$Raw");
                put("Signature.NONEwithECDSA SupportedKeyClasses", "java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey");
            }
            if (isHwMech(iArr, CK.CKM_ECDSA_SHA1)) {
                put("Signature.SHA1withECDSA", str2 + "ECDSASignature$SHA1");
                put("Signature.SHA1withECDSA SupportedKeyClasses", "java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey");
            }
            if (isHwMech(iArr, CK.CKM_ECDSA_SHA256)) {
                put("Signature.SHA256withECDSA", str2 + "ECDSASignature$SHA256");
                put("Signature.SHA256withECDSA SupportedKeyClasses", "java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey");
            }
            if (isHwMech(iArr, CK.CKM_ECDSA_SHA384)) {
                put("Signature.SHA384withECDSA", str2 + "ECDSASignature$SHA384");
                put("Signature.SHA384withECDSA SupportedKeyClasses", "java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey");
            }
            if (isHwMech(iArr, CK.CKM_ECDSA_SHA512)) {
                put("Signature.SHA512withECDSA", str2 + "ECDSASignature$SHA512");
                put("Signature.SHA512withECDSA SupportedKeyClasses", "java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey");
            }
            if (isHwMech(iArr, CK.CKM_ECDH1_DERIVE)) {
                put("KeyAgreement.ECDH", str2 + "ECDHKeyAgreement");
                put("KeyAgreement.ECDH SupportedKeyClasses", "java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey");
            }
            if (isHwMech(iArr, CK.DYCKM_SCHNORR)) {
                put("Signature.Schnorr", str2 + "SchnorrSignature");
                put("Signature.Schnorr SupportedKeyClasses", "java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey");
            }
        }
        if (isHwMech(iArr, CK.CKM_AES_KEY_GEN)) {
            put("KeyGenerator.AES", str2 + "SecretKeyGenerator$AES");
            put("SecretKeyFactory.AES", str2 + "SecretKeyFactory$AES");
            StringBuffer stringBuffer2 = new StringBuffer();
            if (isHwMech(iArr, CK.CKM_AES_ECB)) {
                appendMode(stringBuffer2, "ECB");
            }
            if (isHwMech(iArr, CK.CKM_AES_CBC)) {
                appendMode(stringBuffer2, "CBC");
            }
            if (isHwMech(iArr, CK.CKM_AES_OFB)) {
                appendMode(stringBuffer2, "OFB128");
            }
            if (isHwMech(iArr, CK.CKM_AES_CFB128)) {
                appendMode(stringBuffer2, "CFB128");
            }
            if (isHwMech(iArr, CK.CKM_AES_CTR)) {
                appendMode(stringBuffer2, "CTR");
            }
            if (isHwMech(iArr, CK.CKM_AES_GCM)) {
                appendMode(stringBuffer2, "GCM");
            }
            if (isHwMech(iArr, CK.CKM_AES_CCM)) {
                appendMode(stringBuffer2, "CCM");
            }
            if (isHwMech(iArr, CK.CKM_AES_KEY_WRAP)) {
                appendMode(stringBuffer2, "WRAP");
            }
            if (stringBuffer2.length() > 0) {
                put("Cipher.AES", str2 + "SecretKeyCipher$AES");
                put("Cipher.AES SupportedModes", stringBuffer2.toString());
                put("Cipher.AES SupportedPaddings", "NOPADDING|PKCS5PADDING");
                put("Cipher.AES SupportedKeyFormats", "RAW");
            }
            if (isHwMech(iArr, CK.CKM_AES_CMAC)) {
                put("Mac.CMAC", str2 + "Mac$CMAC");
            }
            if (isHwMech(iArr, CK.CKM_AES_GMAC)) {
                put("Mac.GMAC", str2 + "Mac$GMAC");
            }
        }
        if (isHwMech(iArr, CK.DYCKM_AES_XTS_KEY_GEN)) {
            put("KeyGenerator.AESXTS", str2 + "SecretKeyGenerator$AESXTS");
            put("SecretKeyFactory.AESXTS", str2 + "SecretKeyFactory$AESXTS");
            if (isHwMech(iArr, CK.DYCKM_AES_XTS)) {
                put("Cipher.AESXTS", str2 + "SecretKeyCipher$AESXTS");
                put("Cipher.AESXTS SupportedModes", "XTS");
                put("Cipher.AESXTS SupportedPaddings", "NOPADDING");
                put("Cipher.AESXTS SupportedKeyFormats", "RAW");
            }
        }
        if (isHwMech(iArr, CK.DYCKM_AES_SIV_KEY_GEN)) {
            put("KeyGenerator.AESSIV", str2 + "SecretKeyGenerator$AESSIV");
            put("SecretKeyFactory.AESSIV", str2 + "SecretKeyFactory$AESSIV");
            if (isHwMech(iArr, CK.DYCKM_AES_SIV)) {
                put("Cipher.AESSIV", str2 + "SecretKeyCipher$AESSIV");
                put("Cipher.AESSIV SupportedModes", "SIV");
                put("Cipher.AESSIV SupportedPaddings", "NOPADDING");
                put("Cipher.AESSIV SupportedKeyFormats", "RAW");
            }
        }
        if (isHwMech(iArr, CK.CKM_DES3_KEY_GEN)) {
            put("KeyGenerator.DESede", str2 + "SecretKeyGenerator$DES3");
            put("SecretKeyFactory.DESede", str2 + "SecretKeyFactory$DES3");
            StringBuffer stringBuffer3 = new StringBuffer();
            if (isHwMech(iArr, CK.CKM_DES3_ECB)) {
                appendMode(stringBuffer3, "ECB");
            }
            if (isHwMech(iArr, CK.CKM_DES3_CBC)) {
                appendMode(stringBuffer3, "CBC");
            }
            if (isHwMech(iArr, 336)) {
                appendMode(stringBuffer3, "OFB64");
            }
            if (isHwMech(iArr, CK.CKM_DES_CFB64)) {
                appendMode(stringBuffer3, "CFB64");
            }
            if (stringBuffer3.length() > 0) {
                put("Cipher.DESede", str2 + "SecretKeyCipher$DES3");
                put("Cipher.DESede SupportedModes", stringBuffer3.toString());
                put("Cipher.DESede SupportedPaddings", "NOPADDING|PKCS5PADDING");
                put("Cipher.DESede SupportedKeyFormats", "RAW");
            }
        }
        if (isHwMech(iArr, CK.CKM_GENERIC_SECRET_KEY_GEN)) {
            put("KeyGenerator.Hmac", str2 + "SecretKeyGenerator$Hmac");
            put("SecretKeyFactory.Hmac", str2 + "SecretKeyFactory$Hmac");
            put("Mac.Hmac SupportedKeyFormats", "RAW");
            if (isHwMech(iArr, CK.CKM_SHA_1_HMAC)) {
                put("Mac.HmacSHA1", str2 + "Mac$HmacSHA1");
                put("Alg.Alias.Mac.OID.1.2.840.113549.2.7", "HmacSHA1");
                put("Alg.Alias.Mac.1.2.840.113549.2.7", "HmacSHA1");
            }
            if (isHwMech(iArr, CK.CKM_SHA256_HMAC)) {
                put("Mac.HmacSHA256", str2 + "Mac$HmacSHA256");
                put("Alg.Alias.Mac.OID.1.2.840.113549.2.9", "HmacSHA256");
                put("Alg.Alias.Mac.1.2.840.113549.2.9", "HmacSHA256");
            }
            if (isHwMech(iArr, CK.CKM_SHA384_HMAC)) {
                put("Mac.HmacSHA384", str2 + "Mac$HmacSHA384");
                put("Alg.Alias.Mac.OID.1.2.840.113549.2.10", "HmacSHA384");
                put("Alg.Alias.Mac.1.2.840.113549.2.10", "HmacSHA384");
            }
            if (isHwMech(iArr, CK.CKM_SHA512_HMAC)) {
                put("Mac.HmacSHA512", str2 + "Mac$HmacSHA512");
                put("Alg.Alias.Mac.OID.1.2.840.113549.2.11", "HmacSHA512");
                put("Alg.Alias.Mac.1.2.840.113549.2.11", "HmacSHA512");
            }
        }
        if (isHwMech(iArr, CK.DYCKM_LIMA_KEY_GEN)) {
            put("KeyPairGenerator.LIMA", str2 + "LIMAKeyPairGenerator");
            put("Alg.Alias.KeyPairGenerator.LIMA", "LIMA");
            put("Cipher.LIMA", str2 + "LIMACipher");
            put("Cipher.LIMA SupportedKeyClasses", "java.security.PublicKey|java.security.PrivateKey");
        }
        if (isHwMech(iArr, CK.DYCKM_EDDSA_KEY_GEN)) {
            put("KeyPairGenerator.EDDSA", str2 + "EDDSAKeyPairGenerator");
            put("Alg.Alias.KeyPairGenerator.EDDSA", "EDDSA");
            if (isHwMech(iArr, CK.DYCKM_EDDSA)) {
                put("Signature.NONEwithEDDSA", str2 + "EDDSASignature$Raw");
                put("Signature.NONEwithEDDSA SupportedKeyClasses", "java.security.PublicKey|java.security.PrivateKey");
            }
        }
        put("MessageDigest.SHA", str2 + "MessageDigest$SHA1");
        put("Alg.Alias.MessageDigest.SHA-1", "SHA");
        put("Alg.Alias.MessageDigest.SHA1", "SHA");
        put("MessageDigest.SHA-256", str2 + "MessageDigest$SHA256");
        put("MessageDigest.SHA-384", str2 + "MessageDigest$SHA384");
        put("MessageDigest.SHA-512", str2 + "MessageDigest$SHA512");
        putService(new KeyStoreService(this, str2 + "KeyStore", this.slot.getName()));
    }

    public static synchronized KeyStore getKeyStoreBySlot(Slot slot) {
        String name = slot.getName();
        KeyStore keyStore = stores.get(name);
        if (keyStore == null) {
            keyStore = new KeyStore(Slot.find(name));
            if (keyStore != null) {
                stores.put(name, keyStore);
            }
        }
        return keyStore;
    }

    /* JADX WARN: Removed duplicated region for block: B:13:0x00ef A[Catch: CKException -> 0x012e, KeyStoreException -> 0x013a, TryCatch #2 {CKException -> 0x012e, KeyStoreException -> 0x013a, blocks: (B:20:0x0007, B:22:0x0016, B:24:0x001f, B:26:0x0030, B:28:0x0039, B:30:0x004a, B:32:0x0053, B:34:0x0064, B:36:0x006d, B:38:0x007e, B:39:0x0087, B:4:0x0088, B:6:0x0092, B:7:0x00e0, B:10:0x00f4, B:13:0x00ef, B:14:0x00b0, B:16:0x00b7, B:17:0x00d5, B:18:0x00df), top: B:19:0x0007 }] */
    /* JADX WARN: Removed duplicated region for block: B:14:0x00b0 A[Catch: CKException -> 0x012e, KeyStoreException -> 0x013a, TryCatch #2 {CKException -> 0x012e, KeyStoreException -> 0x013a, blocks: (B:20:0x0007, B:22:0x0016, B:24:0x001f, B:26:0x0030, B:28:0x0039, B:30:0x004a, B:32:0x0053, B:34:0x0064, B:36:0x006d, B:38:0x007e, B:39:0x0087, B:4:0x0088, B:6:0x0092, B:7:0x00e0, B:10:0x00f4, B:13:0x00ef, B:14:0x00b0, B:16:0x00b7, B:17:0x00d5, B:18:0x00df), top: B:19:0x0007 }] */
    /* JADX WARN: Removed duplicated region for block: B:6:0x0092 A[Catch: CKException -> 0x012e, KeyStoreException -> 0x013a, TryCatch #2 {CKException -> 0x012e, KeyStoreException -> 0x013a, blocks: (B:20:0x0007, B:22:0x0016, B:24:0x001f, B:26:0x0030, B:28:0x0039, B:30:0x004a, B:32:0x0053, B:34:0x0064, B:36:0x006d, B:38:0x007e, B:39:0x0087, B:4:0x0088, B:6:0x0092, B:7:0x00e0, B:10:0x00f4, B:13:0x00ef, B:14:0x00b0, B:16:0x00b7, B:17:0x00d5, B:18:0x00df), top: B:19:0x0007 }] */
    /* JADX WARN: Removed duplicated region for block: B:9:0x00eb  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.security.cert.X509Certificate SelfSign(java.security.PrivateKey r8, java.lang.String r9, java.lang.String r10, java.math.BigInteger r11, int r12) throws java.security.cert.CertificateException {
        /*
            Method dump skipped, instructions count: 326
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.dyadicsec.provider.DYCryptoProvider.SelfSign(java.security.PrivateKey, java.lang.String, java.lang.String, java.math.BigInteger, int):java.security.cert.X509Certificate");
    }

    static {
        defaultKeyStore = null;
        Slot slot = Slot.getDefault();
        defaultKeyStore = new KeyStore(slot);
        stores.put(slot.getName(), defaultKeyStore);
        mechInfo = new CK_MECHANISM_INFO();
    }
}
