package com.ibm.crypto.pkcs11impl.provider;

import com.ibm.misc.Debug;
import com.ibm.pkcs11.PKCS11Exception;
import com.ibm.pkcs11.PKCS11Object;
import com.ibm.security.ec.ECParameters;
import com.ibm.security.ec.ECPrivateKeyImpl;
import com.ibm.security.ec.ECPublicKeyImpl;
import com.ibm.security.ec.NamedCurve;
import com.ibm.security.util.DerValue;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactorySpi;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.EllipticCurve;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/ibm/crypto/pkcs11impl/provider/PKCS11ECKeyFactory.class */
public final class PKCS11ECKeyFactory extends KeyFactorySpi {
    private SessionManager sessionManager;
    private String algorithm;
    private Config config;
    private static Debug debug1 = Debug.getInstance("pkcs11impl");
    private static String className = "com.ibm.crypto.pkcs11impl.provider.PKCS11ECKeyFactory";

    public PKCS11ECKeyFactory(Provider provider) {
        this.sessionManager = ((IBMPKCS11Impl) provider).getSessionManager();
        this.config = ((IBMPKCS11Impl) provider).getConfig();
    }

    public PKCS11ECKeyFactory() {
        this(Security.getProvider("IBMPKCS11Impl"));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ECParameterSpec getECParameterSpec(String str) {
        return NamedCurve.getECParameterSpec(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ECParameterSpec getECParameterSpec(int i) {
        return NamedCurve.getECParameterSpec(i);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ECParameterSpec getECParameterSpec(ECParameterSpec eCParameterSpec) {
        return ECParameters.getNamedCurve(eCParameterSpec);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ECParameterSpec decodeParameters(byte[] bArr) throws IOException {
        return ECParameters.decodeParameters(bArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] encodeParameters(ECParameterSpec eCParameterSpec) {
        return ECParameters.encodeParameters(eCParameterSpec);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ECPoint decodePoint(byte[] bArr, EllipticCurve ellipticCurve) throws IOException {
        return ECParameters.decodePoint(bArr, ellipticCurve);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] getEncodedPublicValue(PublicKey publicKey) throws InvalidKeyException {
        if (publicKey instanceof ECPublicKeyImpl) {
            return ((ECPublicKeyImpl) publicKey).getEncodedPublicValue();
        }
        if (!(publicKey instanceof ECPublicKey)) {
            throw new InvalidKeyException("Key class not yet supported: " + publicKey.getClass().getName());
        }
        ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
        return ECParameters.encodePoint(eCPublicKey.getW(), eCPublicKey.getParams().getCurve());
    }

    @Override // java.security.KeyFactorySpi
    protected final Key engineTranslateKey(Key key) throws InvalidKeyException {
        if (key instanceof PublicKey) {
            return implTranslatePublicKey((PublicKey) key);
        }
        if (key instanceof PrivateKey) {
            return implTranslatePrivateKey((PrivateKey) key);
        }
        throw new InvalidKeyException("Key must be instance of PublicKey or PrivateKey");
    }

    protected PublicKey implTranslatePublicKey(PublicKey publicKey) throws InvalidKeyException {
        try {
            if (!(publicKey instanceof ECPublicKey)) {
                if ("X.509".equals(publicKey.getFormat())) {
                    return implTranslatePublicKey(new ECPublicKeyImpl(publicKey.getEncoded()));
                }
                throw new InvalidKeyException("PublicKey must be instance of ECPublicKey or have X.509 encoding");
            }
            if (publicKey instanceof PKCS11ECPublicKey) {
                return publicKey;
            }
            ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
            return generatePublic(eCPublicKey.getW(), eCPublicKey.getParams());
        } catch (PKCS11Exception e) {
            throw new InvalidKeyException("Could not create EC public key", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PrivateKey implTranslatePrivateKey(PrivateKey privateKey) throws InvalidKeyException {
        try {
            if (!(privateKey instanceof ECPrivateKey)) {
                if ("PKCS#8".equals(privateKey.getFormat())) {
                    return implTranslatePrivateKey(new ECPrivateKeyImpl(privateKey.getEncoded()));
                }
                throw new InvalidKeyException("PrivateKey must be instance of ECPrivateKey or have PKCS#8 encoding");
            }
            if (privateKey instanceof PKCS11ECPrivateKey) {
                return privateKey;
            }
            ECPrivateKey eCPrivateKey = (ECPrivateKey) privateKey;
            return generatePrivate(eCPrivateKey.getS(), eCPrivateKey.getParams());
        } catch (PKCS11Exception e) {
            throw new InvalidKeyException("Could not create EC private key", e);
        }
    }

    @Override // java.security.KeyFactorySpi
    protected PublicKey engineGeneratePublic(KeySpec keySpec) throws InvalidKeySpecException {
        if (keySpec instanceof X509EncodedKeySpec) {
            try {
                return implTranslatePublicKey(new ECPublicKeyImpl(((X509EncodedKeySpec) keySpec).getEncoded()));
            } catch (InvalidKeyException e) {
                throw new InvalidKeySpecException("Could not create EC public key", e);
            }
        }
        if (!(keySpec instanceof ECPublicKeySpec)) {
            throw new InvalidKeySpecException("Only ECPublicKeySpec and X509EncodedKeySpec supported for EC public keys");
        }
        try {
            ECPublicKeySpec eCPublicKeySpec = (ECPublicKeySpec) keySpec;
            return generatePublic(eCPublicKeySpec.getW(), eCPublicKeySpec.getParams());
        } catch (Exception e2) {
            throw new InvalidKeySpecException("Could not create EC public key", e2);
        }
    }

    @Override // java.security.KeyFactorySpi
    protected PrivateKey engineGeneratePrivate(KeySpec keySpec) throws InvalidKeySpecException {
        if (keySpec instanceof PKCS8EncodedKeySpec) {
            try {
                return implTranslatePrivateKey(new ECPrivateKeyImpl(((PKCS8EncodedKeySpec) keySpec).getEncoded()));
            } catch (GeneralSecurityException e) {
                throw new InvalidKeySpecException("Could not create EC private key", e);
            }
        }
        if (!(keySpec instanceof ECPrivateKeySpec)) {
            throw new InvalidKeySpecException("Only ECPrivateKeySpec and PKCS8EncodedKeySpec supported for EC private keys");
        }
        try {
            ECPrivateKeySpec eCPrivateKeySpec = (ECPrivateKeySpec) keySpec;
            return generatePrivate(eCPrivateKeySpec.getS(), eCPrivateKeySpec.getParams());
        } catch (Exception e2) {
            throw new InvalidKeySpecException("Could not create EC private key", e2);
        }
    }

    private PublicKey generatePublic(ECPoint eCPoint, ECParameterSpec eCParameterSpec) throws PKCS11Exception, InvalidKeyException {
        byte[] encodeParameters = ECParameters.encodeParameters(eCParameterSpec);
        try {
            byte[] byteArray = new DerValue((byte) 4, ECParameters.encodePoint(eCPoint, eCParameterSpec.getCurve())).toByteArray();
            HashMap hashMap = new HashMap();
            hashMap.put(0, PKCS11Object.PUBLIC_KEY);
            hashMap.put(256, PKCS11Object.EC);
            hashMap.put(385, byteArray);
            hashMap.put(384, encodeParameters);
            if (this.config != null) {
                hashMap.putAll(this.config.getAttributes("IMPORT", PKCS11Object.PUBLIC_KEY, PKCS11Object.EC));
            }
            int[] iArr = new int[hashMap.size()];
            Object[] objArr = new Object[hashMap.size()];
            int i = 0;
            for (Map.Entry entry : hashMap.entrySet()) {
                iArr[i] = ((Integer) entry.getKey()).intValue();
                int i2 = i;
                i++;
                objArr[i2] = entry.getValue();
            }
            Session objSession = this.sessionManager.getObjSession();
            PKCS11Object createObject = objSession.createObject(iArr, objArr);
            PKCS11ECPublicKey pKCS11ECPublicKey = new PKCS11ECPublicKey(objSession, createObject, (byte[]) hashMap.get(258), (byte[]) hashMap.get(257), (String) hashMap.get(3), encodeParameters, byteArray);
            if (!objSession.getBoolAttributeValue(createObject, 1)) {
                objSession.addObject();
                pKCS11ECPublicKey.setSession(objSession);
            }
            return pKCS11ECPublicKey;
        } catch (IOException e) {
            throw new InvalidKeyException(e);
        }
    }

    private PrivateKey generatePrivate(BigInteger bigInteger, ECParameterSpec eCParameterSpec) throws PKCS11Exception, InvalidKeyException {
        HashMap hashMap = new HashMap();
        if (this.config != null) {
            hashMap.putAll(this.config.getAttributes("IMPORT", PKCS11Object.PRIVATE_KEY, PKCS11Object.EC));
        }
        hashMap.put(0, PKCS11Object.PRIVATE_KEY);
        hashMap.put(256, PKCS11Object.EC);
        hashMap.put(17, getMagnitude(bigInteger));
        byte[] encodeParameters = ECParameters.encodeParameters(eCParameterSpec);
        hashMap.put(384, encodeParameters);
        int[] iArr = new int[hashMap.size()];
        Object[] objArr = new Object[hashMap.size()];
        int i = 0;
        for (Map.Entry entry : hashMap.entrySet()) {
            iArr[i] = ((Integer) entry.getKey()).intValue();
            int i2 = i;
            i++;
            objArr[i2] = entry.getValue();
        }
        Session objSession = this.sessionManager.getObjSession();
        PKCS11Object createObject = objSession.createObject(iArr, objArr);
        PKCS11ECPrivateKey pKCS11ECPrivateKey = new PKCS11ECPrivateKey(objSession, createObject, (byte[]) hashMap.get(258), (byte[]) hashMap.get(257), (String) hashMap.get(3), encodeParameters, bigInteger);
        if (!objSession.getBoolAttributeValue(createObject, 1)) {
            objSession.addObject();
            pKCS11ECPrivateKey.setSession(objSession);
        }
        return pKCS11ECPrivateKey;
    }

    @Override // java.security.KeyFactorySpi
    protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> cls) throws InvalidKeySpecException {
        if (debug1 != null) {
            debug1.entry(16384L, className, "engineGetKeySpec", key.toString(), cls);
        }
        try {
            if (key instanceof PKCS11ECPublicKey) {
                Class<?> cls2 = Class.forName("java.security.spec.ECPublicKeySpec");
                Class<?> cls3 = Class.forName("java.security.spec.X509EncodedKeySpec");
                if (cls2.isAssignableFrom(cls)) {
                    PKCS11ECPublicKey pKCS11ECPublicKey = (PKCS11ECPublicKey) key;
                    if (debug1 != null) {
                        debug1.text(16384L, className, "engineGetKeySpec", "The input key is a PKCS11ECPublicKey.  Returning an ECPublicKeySpec.");
                        debug1.exit(16384L, className, "engineGetKeySpec ");
                    }
                    return new ECPublicKeySpec(pKCS11ECPublicKey.getW(), pKCS11ECPublicKey.getParams());
                }
                if (cls3.isAssignableFrom(cls)) {
                    if (debug1 != null) {
                        debug1.text(16384L, className, "engineGetKeySpec_1", "The input key is a PKCS11ECPublicKey.  Returning an X509EncodedKeySpec.");
                        debug1.exit(16384L, className, "engineGetKeySpec_1");
                    }
                    return new X509EncodedKeySpec(key.getEncoded());
                }
                if (debug1 != null) {
                    debug1.text(16384L, className, "engineGetKeySpec_2", "Inappropriate key specification");
                    debug1.exit(16384L, className, "engineGetKeySpec_2");
                }
                throw new InvalidKeySpecException("Inappropriate key specification");
            }
            if (key instanceof ECPublicKey) {
                Class<?> cls4 = Class.forName("java.security.spec.ECPublicKeySpec");
                Class<?> cls5 = Class.forName("java.security.spec.X509EncodedKeySpec");
                if (cls4.isAssignableFrom(cls)) {
                    ECPublicKey eCPublicKey = (ECPublicKey) key;
                    if (debug1 != null) {
                        debug1.text(16384L, className, "engineGetKeySpec_3", "The input key is an ECPublicKey.  Returning an ECPublicKeySpec.");
                        debug1.exit(16384L, className, "engineGetKeySpec_3");
                    }
                    return new ECPublicKeySpec(eCPublicKey.getW(), eCPublicKey.getParams());
                }
                if (cls5.isAssignableFrom(cls)) {
                    if (debug1 != null) {
                        debug1.text(16384L, className, "engineGetKeySpec_4", "The input key is an ECPublicKey.  Returning an X509EncodedKeySpec.");
                        debug1.exit(16384L, className, "engineGetKeySpec_4");
                    }
                    return new X509EncodedKeySpec(key.getEncoded());
                }
                if (debug1 != null) {
                    debug1.text(16384L, className, "engineGetKeySpec_5", "Inappropriate key specification");
                    debug1.exit(16384L, className, "engineGetKeySpec_5");
                }
                throw new InvalidKeySpecException("Inappropriate key specification");
            }
            if (!(key instanceof PKCS11ECPrivateKey)) {
                if (!(key instanceof ECPrivateKey)) {
                    if (debug1 != null) {
                        debug1.text(16384L, className, "engineGetKeySpec_14", "Inappropriate key type");
                        debug1.exit(16384L, className, "engineGetKeySpec_14");
                    }
                    throw new InvalidKeySpecException("Inappropriate key type");
                }
                Class<?> cls6 = Class.forName("java.security.spec.ECPrivateKeySpec");
                Class<?> cls7 = Class.forName("java.security.spec.PKCS8EncodedKeySpec");
                if (cls6.isAssignableFrom(cls)) {
                    ECPrivateKey eCPrivateKey = (ECPrivateKey) key;
                    if (debug1 != null) {
                        debug1.text(16384L, className, "engineGetKeySpec_10", "The input key is a ECPrivateKey.  Returning an ECPrivateKeySpec.");
                        debug1.exit(16384L, className, "engineGetKeySpec_10");
                    }
                    return new ECPrivateKeySpec(eCPrivateKey.getS(), eCPrivateKey.getParams());
                }
                if (cls7.isAssignableFrom(cls)) {
                    if (debug1 != null) {
                        debug1.text(16384L, className, "engineGetKeySpec_11", "The input key is a ECPrivateKey.  Returning a PKCS8EncodedKeySpec.");
                        debug1.exit(16384L, className, "engineGetKeySpec_11");
                    }
                    return new PKCS8EncodedKeySpec(key.getEncoded());
                }
                if (debug1 != null) {
                    debug1.text(16384L, className, "engineGetKeySpec_12", "Inappropriate key specification");
                    debug1.exit(16384L, className, "engineGetKeySpec_12");
                }
                throw new InvalidKeySpecException("Inappropriate key specification");
            }
            Class<?> cls8 = Class.forName("java.security.spec.ECPrivateKeySpec");
            Class<?> cls9 = Class.forName("java.security.spec.PKCS8EncodedKeySpec");
            if (!cls8.isAssignableFrom(cls)) {
                if (cls9.isAssignableFrom(cls)) {
                    if (debug1 != null) {
                        debug1.text(16384L, className, "engineGetKeySpec_8", "The input key is a PKCS11ECPrivateKey.  Returning a PKCS8EncodedKeySpec.");
                        debug1.exit(16384L, className, "engineGetKeySpec_8");
                    }
                    return new PKCS8EncodedKeySpec(key.getEncoded());
                }
                if (debug1 != null) {
                    debug1.text(16384L, className, "engineGetKeySpec_9", "Inappropriate key specification");
                    debug1.exit(16384L, className, "engineGetKeySpec_9");
                }
                throw new InvalidKeySpecException("Inappropriate key specification");
            }
            PKCS11ECPrivateKey pKCS11ECPrivateKey = (PKCS11ECPrivateKey) key;
            if (!pKCS11ECPrivateKey.getSensitive().booleanValue()) {
                if (debug1 != null) {
                    debug1.text(16384L, className, "engineGetKeySpec_7", "The input key is a PKCS11ECPrivateKey.  Returning an ECPrivateKeySpec.");
                    debug1.exit(16384L, className, "engineGetKeySpec_7");
                }
                return new ECPrivateKeySpec(pKCS11ECPrivateKey.getS(), pKCS11ECPrivateKey.getParams());
            }
            if (debug1 != null) {
                debug1.text(16384L, className, "engineGetKeySpec_6", "The input key is a PKCS11ECPrivateKey that is SENSITIVE.");
                debug1.text(16384L, className, "engineGetKeySpec_6", "Private key value is not exportable.");
                debug1.exit(16384L, className, "engineGetKeySpec_6");
            }
            throw new PKCS11Exception("Private key value is not exportable");
        } catch (ClassNotFoundException e) {
            if (debug1 != null) {
                debug1.exception(16384L, className, "engineGetKeySpec", e);
                debug1.exit(16384L, className, "engineGetKeySpec");
            }
            throw new InvalidKeySpecException("Unsupported key specification: " + e.getMessage());
        }
    }

    public static byte[] getMagnitude(BigInteger bigInteger) {
        byte[] byteArray = bigInteger.toByteArray();
        if (byteArray.length > 1 && byteArray[0] == 0) {
            int length = byteArray.length - 1;
            byte[] bArr = new byte[length];
            System.arraycopy(byteArray, 1, bArr, 0, length);
            byteArray = bArr;
        }
        return byteArray;
    }
}
