package com.unbound.client.kmip;

import com.unbound.client.CipherOper;
import com.unbound.client.Client;
import com.unbound.client.DeriveOper;
import com.unbound.client.MacOper;
import com.unbound.client.Partition;
import com.unbound.client.PrivateKeyObject;
import com.unbound.client.SignatureOper;
import com.unbound.common.Config;
import com.unbound.common.Log;
import com.unbound.common.crypto.PKCS10;
import com.unbound.common.crypto.SystemProvider;
import com.unbound.common.crypto.X509;
import com.unbound.kmip.request.dy.DyRegisterClientRequest;
import com.unbound.kmip.response.dy.DyRegisterClientResponse;
import java.math.BigInteger;
import java.net.Inet4Address;
import java.net.InetAddress;
import java.net.NetworkInterface;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.ProviderException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Map;

/* loaded from: input_file:com/unbound/client/kmip/KMIPClient.class */
public class KMIPClient extends Client {
    private static final String ENV_SERVERS = "UKC_SERVERS";
    private static final String ENV_PFX = "UKC_PFX";
    private static final String ENV_PFX_PASS = "UKC_PFX_PASS";
    private static final String ENV_CA = "UKC_CA";
    private static final String ENV_CLIENT_NAME = "UKC_CLIENT_NAME";
    private static final String ENV_TEMPLATE_NAME = "UKC_TEMPLATE_NAME";
    private static final String ENV_PARTITION_NAME = "UKC_PARTITION_NAME";
    private static final String ENV_ACTIVATION_CODE = "UKC_ACTIVATION_CODE";
    private static boolean initialized = false;
    static KMIPPartition simulator = null;
    private static final KMIPClient instance = new KMIPClient();

    /* JADX INFO: Access modifiers changed from: package-private */
    public static native byte[] simTransmit(byte[] bArr);

    public static Client getInstance() {
        return instance;
    }

    public static void setCommTimeout(int i, int i2) {
        KMIPConnection.setCommTimeout(i, i2);
    }

    public static void setEnableKeepAlive(boolean z) {
        KMIPConnection.setEnableKeepAlive(z);
    }

    public static void setTransRetries(int i) {
        KMIPConnection.setTransRetries(i);
    }

    public static void setRetrySuspend(int i) {
        KMIPConnection.setRetrySuspend(i);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void registerPartition(KMIPPartition kMIPPartition, String str, String str2, String str3, String str4) {
        Log end = Log.func("KMIPClient.registerPartition").log("partitionName", str).log("clientName", str2).log("templateName", str3).log("activationCode", str4).end();
        try {
            try {
                ArrayList arrayList = new ArrayList();
                Enumeration<NetworkInterface> networkInterfaces = NetworkInterface.getNetworkInterfaces();
                while (networkInterfaces.hasMoreElements()) {
                    Enumeration<InetAddress> inetAddresses = networkInterfaces.nextElement().getInetAddresses();
                    while (inetAddresses.hasMoreElements()) {
                        InetAddress nextElement = inetAddresses.nextElement();
                        if (nextElement instanceof Inet4Address) {
                            arrayList.add(nextElement);
                        }
                    }
                }
                InetAddress[] inetAddressArr = arrayList.isEmpty() ? null : (InetAddress[]) arrayList.toArray(new InetAddress[arrayList.size()]);
                if (str2 == null) {
                    str2 = InetAddress.getLocalHost().getHostName();
                }
                KeyPairGenerator base = SystemProvider.KeyPairGenerator.getInstance("EC");
                base.initialize(256);
                KeyPair generateKeyPair = base.generateKeyPair();
                PKCS10 pkcs10 = new PKCS10(generateKeyPair.getPublic());
                pkcs10.setSubjectName("CN", str2);
                pkcs10.setSubjectName("OU", str);
                pkcs10.setChallengePassword(str4);
                pkcs10.setAlternativeSubjectName(new String[]{str2}, inetAddressArr);
                pkcs10.sign(generateKeyPair.getPrivate(), "SHA256");
                byte[] exportDer = pkcs10.exportDer();
                DyRegisterClientRequest dyRegisterClientRequest = new DyRegisterClientRequest();
                dyRegisterClientRequest.csr = exportDer;
                dyRegisterClientRequest.name = str2;
                dyRegisterClientRequest.partitionName = str;
                dyRegisterClientRequest.template = str3;
                DyRegisterClientResponse dyRegisterClientResponse = (DyRegisterClientResponse) new KMIPSession(null).transmit(dyRegisterClientRequest);
                X509Certificate[] x509CertificateArr = {X509.get(dyRegisterClientResponse.clientCertificate), X509.get(dyRegisterClientResponse.rootCaCertificate)};
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.load(null, null);
                keyStore.setKeyEntry(str2, generateKeyPair.getPrivate(), "UNBOUND".toCharArray(), x509CertificateArr);
                kMIPPartition.setPfx(keyStore, "UNBOUND");
                end.leave();
            } catch (Exception e) {
                end.failed(e);
                throw new ProviderException(e);
            }
        } catch (Throwable th) {
            end.leave();
            throw th;
        }
    }

    @Override // com.unbound.client.Client
    public X509Certificate selfSign(PrivateKeyObject privateKeyObject, String str, String str2, BigInteger bigInteger, int i) throws CertificateException {
        Log end = Log.func("PKCS11Client.SelfSign").log("subject", str2).end();
        try {
            try {
                throw new ProviderException("Not implemented");
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } catch (Throwable th) {
            end.leave();
            throw th;
        }
    }

    @Override // com.unbound.client.Client
    public CipherOper newCipherOperation() {
        return new KMIPCipherOper();
    }

    @Override // com.unbound.client.Client
    public MacOper newMacOperation() {
        return new KMIPMacOper();
    }

    @Override // com.unbound.client.Client
    public SignatureOper newSignatureOperation() {
        return new KMIPSignatureOper();
    }

    @Override // com.unbound.client.Client
    public DeriveOper newDeriveOperation() {
        return new KMIPDeriveOper();
    }

    @Override // com.unbound.client.Client
    public void initProviders(String[] strArr, KeyStore keyStore) {
        synchronized (KMIPClient.class) {
            if (initialized) {
                return;
            }
            KMIPServer.initialize(strArr);
            KMIPConnection.initialize(keyStore);
            initialized = true;
        }
    }

    @Override // com.unbound.client.Client
    public Partition getPartition(String str) {
        return KMIPPartition.get(str);
    }

    @Override // com.unbound.client.Client
    public Partition initProvider(KeyStore keyStore, String str) {
        if (initProviders(null)) {
            return KMIPPartition.registerPfx(keyStore, str);
        }
        throw new ProviderException("Invalid server configuration");
    }

    private static KMIPPartition checkSimulatorMode() {
        KMIPPartition kMIPPartition;
        if (!Config.getEnvBool("UKC_SIMULATE")) {
            return null;
        }
        synchronized (KMIPClient.class) {
            if (!initialized) {
                System.loadLibrary("ekmsimulator");
                simulator = KMIPPartition.registerSimulator();
                initialized = true;
            }
            kMIPPartition = simulator;
        }
        return kMIPPartition;
    }

    private static String getConfig(Map<String, String> map, String str) {
        String str2 = null;
        if (map != null) {
            str2 = map.get(str);
        }
        if (str2 == null) {
            str2 = System.getenv(str);
        }
        return str2;
    }

    private static synchronized boolean initProviders(Map<String, String> map) {
        if (initialized) {
            return true;
        }
        String config = getConfig(map, ENV_SERVERS);
        if (config == null) {
            return false;
        }
        String config2 = getConfig(map, ENV_CA);
        KMIPServer.initialize(config);
        KMIPConnection.initialize(config2);
        initialized = true;
        return true;
    }

    @Override // com.unbound.client.Client
    public Partition initProvider(String str) {
        Map<String, String> readFile;
        KMIPPartition checkSimulatorMode = checkSimulatorMode();
        if (checkSimulatorMode != null) {
            return checkSimulatorMode;
        }
        Log end = Log.func("KMIPClient.initProvider").log("configArg", str).end();
        try {
            if (str == null) {
                readFile = null;
            } else {
                try {
                    readFile = Config.readFile(str);
                } catch (Exception e) {
                    end.failed(e);
                    throw new ProviderException(e);
                }
            }
            Map<String, String> map = readFile;
            if (!initProviders(map)) {
                if (str == null) {
                    return null;
                }
                throw new ProviderException("Invalid server configuration");
            }
            String config = getConfig(map, ENV_PFX);
            KMIPPartition preRegister = config == null ? KMIPPartition.preRegister(getConfig(map, ENV_PARTITION_NAME), getConfig(map, ENV_CLIENT_NAME), getConfig(map, ENV_TEMPLATE_NAME), getConfig(map, ENV_ACTIVATION_CODE)) : KMIPPartition.registerPfx(config, getConfig(map, ENV_PFX_PASS));
            end.leave();
            return preRegister;
        } finally {
            end.leave();
        }
    }
}
