package com.ibm.crypto.pkcs11impl.provider;

import com.ibm.misc.Debug;
import com.ibm.pkcs11.PKCS11Object;
import com.ibm.ras.RASITraceEvent;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidParameterException;
import java.security.Provider;
import java.security.spec.AlgorithmParameterSpec;
import java.util.HashMap;
import javax.crypto.KeyGeneratorSpi;
import javax.crypto.SecretKey;
import org.apache.tools.bzip2.BZip2Constants;

/* loaded from: input_file:wasJars/ibmpkcs11impl.jar:com/ibm/crypto/pkcs11impl/provider/GeneralPKCS11KeyGenerator.class */
public final class GeneralPKCS11KeyGenerator extends KeyGeneratorSpi {
    private SessionManager sessionManager;
    private Config config;
    private byte[] id = null;
    private String label = null;
    private Boolean isToken = null;
    private Boolean isSensitive = null;
    private Boolean encrypt = null;
    private Boolean wrapping = null;
    private Boolean extractable = null;
    private boolean keySpecUsed = false;
    private int keySize = 0;
    private KeyMechanismBuilder mechanismBuilder;
    private static Debug debug = Debug.getInstance("pkcs11impl");
    private static String className = "com.ibm.crypto.pkcs11impl.provider.GeneralPKCS11KeyGenerator";

    public GeneralPKCS11KeyGenerator(Provider provider, String str) {
        this.sessionManager = null;
        this.config = null;
        IBMPKCS11Impl.verifyJceJar();
        this.sessionManager = ((IBMPKCS11Impl) provider).getSessionManager();
        this.config = ((IBMPKCS11Impl) provider).getConfig();
        this.mechanismBuilder = MechanismBuilderImpl.createKeyMechanismBuilder(str);
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(java.security.SecureRandom secureRandom) {
        this.keySize = this.mechanismBuilder.getDefaultKeySize() / 8;
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(AlgorithmParameterSpec algorithmParameterSpec, java.security.SecureRandom secureRandom) throws InvalidAlgorithmParameterException {
        if (algorithmParameterSpec == null || !(algorithmParameterSpec instanceof PKCS11SecretKeyParameterSpec)) {
            throw new InvalidAlgorithmParameterException("PKCS11 Secret Key Parameters must be specified");
        }
        PKCS11SecretKeyParameterSpec pKCS11SecretKeyParameterSpec = (PKCS11SecretKeyParameterSpec) algorithmParameterSpec;
        try {
            this.id = pKCS11SecretKeyParameterSpec.getKeyID().getBytes("8859_1");
        } catch (Exception e) {
            this.id = pKCS11SecretKeyParameterSpec.getKeyID().getBytes();
        }
        this.label = pKCS11SecretKeyParameterSpec.getLabel();
        this.isToken = pKCS11SecretKeyParameterSpec.getToken();
        this.isSensitive = pKCS11SecretKeyParameterSpec.getSensitive();
        this.encrypt = pKCS11SecretKeyParameterSpec.getEncrypt();
        this.wrapping = pKCS11SecretKeyParameterSpec.getWrap();
        this.extractable = pKCS11SecretKeyParameterSpec.getExtractable();
        if (algorithmParameterSpec instanceof GeneralPKCS11KeyParameterSpec) {
            GeneralPKCS11KeyParameterSpec generalPKCS11KeyParameterSpec = (GeneralPKCS11KeyParameterSpec) algorithmParameterSpec;
            if (generalPKCS11KeyParameterSpec.getKeyType() != this.mechanismBuilder.getKeyType()) {
                throw new InvalidAlgorithmParameterException("The Secret Key type must be " + this.mechanismBuilder.getAlgorithm());
            }
            this.keySize = generalPKCS11KeyParameterSpec.getKeySizeInBytes();
        } else if (algorithmParameterSpec instanceof DESPKCS11KeyParameterSpec) {
            this.keySize = 8;
        } else if (algorithmParameterSpec instanceof DESedePKCS11KeyParameterSpec) {
            this.keySize = 24;
        }
        this.keySpecUsed = true;
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(int i, java.security.SecureRandom secureRandom) {
        switch (this.mechanismBuilder.getMechanism()) {
            case 272:
                if (i < 40 || i > 1024) {
                    throw new InvalidParameterException("ARCFOUR key length must be between 40 and 1024 bits");
                }
                break;
            case 288:
                if (i != 64) {
                    throw new InvalidParameterException("DES key length must be 64 bits");
                }
                break;
            case 305:
                if (i != 192) {
                    throw new InvalidParameterException("DESede key length must be 192 bits");
                }
                break;
            case 4224:
                if (i != 128 && i != 192 && i != 256) {
                    throw new InvalidParameterException("AES key length must be 128, 192, or 256 bits");
                }
                break;
            case 4240:
                if (i < 40 || i > 448) {
                    throw new InvalidParameterException("Blowfish key length must be between 40 and 448 bits");
                }
                break;
        }
        this.keySize = i / 8;
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected SecretKey engineGenerateKey() {
        GeneralKey generalKey;
        HashMap hashMap = new HashMap();
        if (this.config != null) {
            hashMap.putAll(this.config.getAttributes("GENERATE", PKCS11Object.SECRET_KEY, this.mechanismBuilder.getKeyType()));
        } else if (!this.keySpecUsed) {
            this.isToken = new Boolean(false);
            this.isSensitive = new Boolean(false);
            this.encrypt = new Boolean(true);
            this.wrapping = new Boolean(true);
        }
        if (this.id != null) {
            hashMap.put(Integer.valueOf(BZip2Constants.MAX_ALPHA_SIZE), this.id);
        }
        if (this.label != null) {
            hashMap.put(3, this.label);
        }
        if (this.isToken != null) {
            hashMap.put(1, this.isToken);
        }
        if (this.isSensitive != null) {
            hashMap.put(259, this.isSensitive);
        }
        if (this.encrypt != null) {
            hashMap.put(260, this.encrypt);
            hashMap.put(261, this.encrypt);
        }
        if (this.wrapping != null) {
            hashMap.put(262, this.wrapping);
            hashMap.put(263, this.wrapping);
        }
        if (this.extractable != null) {
            hashMap.put(354, this.extractable);
        }
        if (this.keySize > 0) {
            hashMap.put(353, Integer.valueOf(this.keySize));
        } else {
            engineInit(null);
            hashMap.put(353, Integer.valueOf(this.keySize));
        }
        int[] iArr = new int[hashMap.size()];
        Object[] objArr = new Object[hashMap.size()];
        int i = 0;
        for (Integer num : hashMap.keySet()) {
            iArr[i] = num.intValue();
            int i2 = i;
            i++;
            objArr[i2] = hashMap.get(num);
            if (debug != null) {
                debug.text(RASITraceEvent.TYPE_PERF, className, "engineGenerateKey_0.5", "attrType = " + iArr[i - 1]);
                debug.text(RASITraceEvent.TYPE_PERF, className, "engineGenerateKey_0.5", "attrValue = " + objArr[i - 1]);
            }
        }
        Session session = null;
        try {
            session = this.sessionManager.getObjSession();
            PKCS11Object generateKey = session.generateKey(this.mechanismBuilder.getMechanism(), null, iArr, objArr);
            try {
                generalKey = new GeneralKey(session, generateKey, this.mechanismBuilder.getAlgorithm());
                if (!session.getBoolAttributeValue(generateKey, 1)) {
                    session.addObject();
                    generalKey.setSession(session);
                }
                this.sessionManager.releaseSession(session);
            } catch (Exception e) {
                generalKey = null;
                this.sessionManager.releaseSession(session);
            } catch (Throwable th) {
                this.sessionManager.releaseSession(session);
                throw th;
            }
            return generalKey;
        } catch (Exception e2) {
            if (debug != null) {
                debug.exception(RASITraceEvent.TYPE_PERF, className, "engineGenerateKey_1", e2);
            }
            this.sessionManager.releaseSession(session);
            throw new RuntimeException(e2.getMessage());
        }
    }

    private Object getValue(PKCS11Object pKCS11Object, int i) {
        Object obj;
        if (debug != null) {
            debug.entry(RASITraceEvent.TYPE_PERF, className, "getValue", pKCS11Object, new Integer(i));
        }
        try {
            obj = pKCS11Object.getAttributeValue(i);
        } catch (Exception e) {
            if (debug != null) {
                debug.text(RASITraceEvent.TYPE_PERF, className, "getValue", e.getMessage());
            }
            obj = null;
        }
        if (debug != null) {
            debug.exit(RASITraceEvent.TYPE_PERF, className, "getValue");
        }
        return obj;
    }
}
