package com.unbound.client.pkcs11;

import com.dyadicsec.cryptoki.CK;
import com.dyadicsec.cryptoki.CKR_Exception;
import com.dyadicsec.cryptoki.CK_AES_CTR_PARAMS;
import com.dyadicsec.cryptoki.CK_ATTRIBUTE;
import com.dyadicsec.cryptoki.CK_CCM_PARAMS;
import com.dyadicsec.cryptoki.CK_GCM_PARAMS;
import com.dyadicsec.cryptoki.CK_MECHANISM;
import com.dyadicsec.cryptoki.CK_RSA_PKCS_OAEP_PARAMS;
import com.dyadicsec.cryptoki.CK_SESSION_HANDLE;
import com.dyadicsec.cryptoki.DYCK_AES_SIV_PARAMS;
import com.dyadicsec.cryptoki.DYCK_FPE_PARAMS;
import com.dyadicsec.cryptoki.DYCK_SPE_PARAMS;
import com.dyadicsec.cryptoki.Library;
import com.unbound.client.CipherOper;
import com.unbound.client.KeyObject;
import com.unbound.client.ObjectType;
import com.unbound.common.Converter;
import com.unbound.provider.KeyParameters;
import java.security.ProviderException;

/* loaded from: input_file:com/unbound/client/pkcs11/PKCS11CipherOper.class */
public final class PKCS11CipherOper extends CipherOper {
    private CK_MECHANISM mechanism = null;

    private int getKeyHandle() {
        return ((PKCS11Object) this.keyObject).handle;
    }

    private CK_SESSION_HANDLE getSessionHandle() {
        return ((PKCS11Session) this.session).getHandle();
    }

    private void markOperationStarted() {
        ((PKCS11Session) this.session).setOperationInProgress(true);
    }

    private void markOperationFinished() {
        ((PKCS11Session) this.session).setOperationInProgress(false);
    }

    @Override // com.unbound.client.CipherOper, com.unbound.client.CryptoOper
    public void reset() {
        this.mechanism = null;
        super.reset();
    }

    /* JADX WARN: Type inference failed for: r1v31, types: [byte[], byte[][]] */
    private void checkMechanism() {
        if (this.mechanism != null) {
            return;
        }
        Object obj = null;
        int pkcs11Mech = this.mode.getPkcs11Mech(((PKCS11Object) this.keyObject).objectType, this.padding);
        switch (pkcs11Mech) {
            case CK.DYCKM_AES_SIV /* -2147451391 */:
                DYCK_AES_SIV_PARAMS dyck_aes_siv_params = new DYCK_AES_SIV_PARAMS();
                if (this.siv_auth != null && !this.siv_auth.isEmpty()) {
                    dyck_aes_siv_params.pAuthData = new byte[this.siv_auth.size()];
                    this.siv_auth.toArray(dyck_aes_siv_params.pAuthData);
                }
                obj = dyck_aes_siv_params;
                break;
            case CK.DYCKM_FPE /* -2147451372 */:
                DYCK_FPE_PARAMS dyck_fpe_params = new DYCK_FPE_PARAMS();
                dyck_fpe_params.ulMode = this.fpeMode;
                dyck_fpe_params.pFormat = this.fpeFormat == null ? null : this.fpeFormat.toCharArray();
                dyck_fpe_params.ulMaxLen = this.fpeMaxLen;
                obj = dyck_fpe_params;
                break;
            case CK.DYCKM_OPE /* -2147451371 */:
            case 1:
            case 3:
            case CK.CKM_DES3_ECB /* 306 */:
            case CK.CKM_AES_ECB /* 4225 */:
                break;
            case CK.DYCKM_SPE /* -2147451370 */:
                DYCK_SPE_PARAMS dyck_spe_params = new DYCK_SPE_PARAMS();
                dyck_spe_params.ulBits = this.speBits;
                obj = dyck_spe_params;
                break;
            case CK.DYCKM_AES_XTS /* -2147451327 */:
            case CK.CKM_DES3_CBC /* 307 */:
            case CK.CKM_DES3_CBC_PAD /* 310 */:
            case 336:
            case CK.CKM_DES_CFB64 /* 338 */:
            case CK.CKM_AES_CBC /* 4226 */:
            case CK.CKM_AES_CBC_PAD /* 4229 */:
            case CK.CKM_AES_OFB /* 8452 */:
            case CK.CKM_AES_CFB128 /* 8455 */:
            case CK.CKM_AES_KEY_WRAP /* 8457 */:
            case CK.CKM_AES_KEY_WRAP_PAD /* 8458 */:
                obj = this.iv;
                break;
            case 9:
                CK_RSA_PKCS_OAEP_PARAMS ck_rsa_pkcs_oaep_params = new CK_RSA_PKCS_OAEP_PARAMS();
                ck_rsa_pkcs_oaep_params.pSourceData = this.oaepLabel;
                ck_rsa_pkcs_oaep_params.hashAlg = this.hashType.getPkcs11Mech();
                ck_rsa_pkcs_oaep_params.mgf = this.mgfHashType.getPkcs11Mgf();
                obj = ck_rsa_pkcs_oaep_params;
                break;
            case CK.CKM_AES_CTR /* 4230 */:
                CK_AES_CTR_PARAMS ck_aes_ctr_params = new CK_AES_CTR_PARAMS();
                ck_aes_ctr_params.ulCounterBits = 32;
                ck_aes_ctr_params.cb = this.iv;
                obj = ck_aes_ctr_params;
                break;
            case CK.CKM_AES_GCM /* 4231 */:
                CK_GCM_PARAMS ck_gcm_params = new CK_GCM_PARAMS();
                ck_gcm_params.pIv = this.iv;
                ck_gcm_params.pAAD = this.auth;
                ck_gcm_params.ulTagBits = 96;
                obj = ck_gcm_params;
                break;
            case CK.CKM_AES_CCM /* 4232 */:
                CK_CCM_PARAMS ck_ccm_params = new CK_CCM_PARAMS();
                ck_ccm_params.pAAD = this.auth;
                ck_ccm_params.pNonce = this.iv;
                ck_ccm_params.ulDataLen = this.dataLen;
                ck_ccm_params.ulMACLen = this.tagLen;
                obj = ck_ccm_params;
                break;
            default:
                throw new ProviderException("Unsupported cipher mechanism");
        }
        this.mechanism = new CK_MECHANISM(pkcs11Mech, obj);
    }

    private void checkCipher() {
        if (((PKCS11Session) this.session).isOperationInProgress()) {
            return;
        }
        try {
            checkMechanism();
            if (this.encMode) {
                Library.C_EncryptInit(getSessionHandle(), this.mechanism, getKeyHandle());
            } else {
                Library.C_DecryptInit(getSessionHandle(), this.mechanism, getKeyHandle());
            }
            markOperationStarted();
        } catch (CKR_Exception e) {
            throw new ProviderException(e);
        }
    }

    @Override // com.unbound.client.CipherOper
    protected byte[] hwUpdateEnc(byte[] bArr) {
        try {
            checkCipher();
            return Library.C_EncryptUpdate(getSessionHandle(), bArr);
        } catch (CKR_Exception e) {
            throw new ProviderException(e);
        }
    }

    @Override // com.unbound.client.CipherOper
    protected byte[] hwFinalEnc(byte[] bArr) {
        if (this.mechanism == null) {
            return hwEnc(bArr, false);
        }
        try {
            checkCipher();
            byte[] bArr2 = null;
            if (bArr != null && bArr.length > 0) {
                bArr2 = hwUpdateEnc(bArr);
            }
            byte[] C_EncryptFinal = Library.C_EncryptFinal(getSessionHandle());
            markOperationFinished();
            return Converter.concat(bArr2, C_EncryptFinal);
        } catch (CKR_Exception e) {
            throw new ProviderException(e);
        }
    }

    @Override // com.unbound.client.CipherOper
    protected byte[] hwEnc(byte[] bArr, boolean z) {
        byte[] C_WrapKey;
        try {
            if (z) {
                checkMechanism();
                int C_CreateObject = Library.C_CreateObject(getSessionHandle(), new CK_ATTRIBUTE[]{new CK_ATTRIBUTE(1, false), new CK_ATTRIBUTE(0, 4), new CK_ATTRIBUTE(256, 16), new CK_ATTRIBUTE(259, false), new CK_ATTRIBUTE(17, bArr)});
                markOperationStarted();
                C_WrapKey = Library.C_WrapKey(getSessionHandle(), this.mechanism, getKeyHandle(), C_CreateObject);
                Library.C_DestroyObject(getSessionHandle(), C_CreateObject);
            } else {
                checkCipher();
                C_WrapKey = Library.C_Encrypt(getSessionHandle(), bArr);
            }
            markOperationFinished();
            return C_WrapKey;
        } catch (CKR_Exception e) {
            throw new ProviderException(e);
        }
    }

    @Override // com.unbound.client.CipherOper
    protected byte[] hwUpdateDec(byte[] bArr) {
        try {
            checkCipher();
            return Library.C_DecryptUpdate(getSessionHandle(), bArr);
        } catch (CKR_Exception e) {
            throw new ProviderException(e);
        }
    }

    @Override // com.unbound.client.CipherOper
    protected byte[] hwFinalDec(byte[] bArr) {
        if (this.mechanism == null) {
            return hwDec(bArr, false);
        }
        try {
            checkCipher();
            byte[] bArr2 = null;
            if (bArr != null && bArr.length > 0) {
                bArr2 = hwUpdateDec(bArr);
            }
            byte[] C_DecryptFinal = Library.C_DecryptFinal(getSessionHandle());
            markOperationFinished();
            return Converter.concat(bArr2, C_DecryptFinal);
        } catch (CKR_Exception e) {
            throw new ProviderException(e);
        }
    }

    @Override // com.unbound.client.CipherOper
    protected byte[] hwDec(byte[] bArr, boolean z) {
        byte[] bArr2;
        try {
            if (z) {
                checkMechanism();
                int C_UnwrapKey = Library.C_UnwrapKey(getSessionHandle(), this.mechanism, getKeyHandle(), bArr, new CK_ATTRIBUTE[]{new CK_ATTRIBUTE(1, false), new CK_ATTRIBUTE(0, 4), new CK_ATTRIBUTE(256, 16), new CK_ATTRIBUTE(259, false)});
                markOperationStarted();
                CK_ATTRIBUTE[] ck_attributeArr = {new CK_ATTRIBUTE(17)};
                Library.C_GetAttributeValue(getSessionHandle(), C_UnwrapKey, ck_attributeArr);
                bArr2 = (byte[]) ck_attributeArr[0].pValue;
                Library.C_DestroyObject(getSessionHandle(), C_UnwrapKey);
            } else {
                checkCipher();
                bArr2 = Library.C_Decrypt(getSessionHandle(), bArr);
            }
            markOperationFinished();
            return bArr2;
        } catch (CKR_Exception e) {
            throw new ProviderException(e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.unbound.client.CipherOper
    protected byte[] hwWrap(KeyObject keyObject) {
        try {
            checkMechanism();
            byte[] C_WrapKey = Library.C_WrapKey(getSessionHandle(), this.mechanism, getKeyHandle(), ((PKCS11Object) keyObject).handle);
            markOperationFinished();
            return C_WrapKey;
        } catch (CKR_Exception e) {
            throw new ProviderException(e);
        }
    }

    @Override // com.unbound.client.CipherOper
    protected KeyObject hwUnwrap(byte[] bArr, String str, ObjectType objectType, KeyParameters keyParameters) {
        try {
            checkMechanism();
            int C_UnwrapKey = Library.C_UnwrapKey(getSessionHandle(), this.mechanism, getKeyHandle(), bArr, PKCS11Object.getAttrs(PKCS11Object.getNewTemplate(str, objectType, keyParameters)));
            markOperationFinished();
            return (KeyObject) PKCS11Object.newObject(objectType, (PKCS11Session) this.session, C_UnwrapKey);
        } catch (CKR_Exception e) {
            throw new ProviderException(e);
        }
    }
}
