package com.ibm.cfwk.pkcs11;

import com.ibm.cfwk.API;
import com.ibm.cfwk.BadParameterException;
import com.ibm.cfwk.FailedException;
import com.ibm.cfwk.Key;
import com.ibm.cfwk.KeyMaterial;
import com.ibm.cfwk.Vault;
import com.ibm.cfwk.VaultItem;
import com.ibm.cfwk.pki.X509Cert;
import com.ibm.pkcs11.PKCS11Exception;
import com.ibm.pkcs11.PKCS11Object;
import java.io.ByteArrayOutputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
import java.util.zip.GZIPOutputStream;

/* loaded from: input_file:lib/swimport.zip:com/ibm/cfwk/pkcs11/PKCS11Vault.class */
public class PKCS11Vault extends Vault {
    private static Class X509Cert_Class;
    private static Class Key_Class;
    private API api;
    private PKCS11Provider provider;
    private PKCS11ProviderSession providerSession;
    private PKCS11Vault view;
    static Class class$com$ibm$cfwk$pki$X509Cert;
    static Class class$com$ibm$cfwk$Key;

    public PKCS11ProviderSessionInfo providerSessionInfo() {
        return (PKCS11ProviderSessionInfo) this.providerSession.info();
    }

    public PKCS11ProviderInfo providerInfo() {
        return (PKCS11ProviderInfo) this.provider.info();
    }

    @Override // com.ibm.cfwk.Vault
    public synchronized void changeAuth(Object obj) {
        checkWriteAccess();
        try {
            String[] strArr = (String[]) obj;
            if (strArr[0].length() <= 0 && strArr[1].length() <= 0) {
                throw new BadParameterException("Bad PIN value");
            }
            this.providerSession.session().setPIN(strArr[0], strArr[1]);
        } catch (Exception e) {
            throw new FailedException("Cannot change PKCS11 vault authentication", e);
        }
    }

    @Override // com.ibm.cfwk.Vault
    public Vault readOnlyView() {
        return this.view != null ? this : new PKCS11Vault(this);
    }

    @Override // com.ibm.cfwk.Vault
    public void close() {
    }

    @Override // com.ibm.cfwk.Vault
    public synchronized void sync() {
    }

    @Override // com.ibm.cfwk.Vault
    public boolean readOnly() {
        return this.view != null;
    }

    @Override // com.ibm.cfwk.Vault
    public synchronized VaultItem add(Object obj, String str, byte[] bArr, int i) {
        checkWriteAccess();
        if (obj == null || str == null || !(i == 1 || i == 2)) {
            throw new BadParameterException("Insufficient or corrupted vault item data");
        }
        if (!(obj instanceof Serializable) && !(obj instanceof Key)) {
            throw new BadParameterException(new StringBuffer("Cannot deal with `").append(obj.getClass().getName()).append("' as vault item").toString());
        }
        if (obj instanceof Key) {
            if ((((Key) obj).usage() & 192) != 192) {
                throw new BadParameterException("Cannot export/archive key");
            }
        } else if (!(obj instanceof Serializable)) {
            throw new BadParameterException(new StringBuffer("Cannot serialize object: ").append(obj.getClass().getName()).toString());
        }
        Class<?> cls = obj.getClass();
        int[] iArr = null;
        Object[] objArr = null;
        Integer num = null;
        if (cls == X509Cert_Class) {
            iArr = new int[]{0, 1, 2, 3, 128, 258, 17};
            Object[] objArr2 = new Object[7];
            Integer num2 = PKCS11Object.CERTIFICATE;
            num = num2;
            objArr2[0] = num2;
            objArr2[1] = Boolean.TRUE;
            objArr2[2] = i == 1 ? Boolean.FALSE : Boolean.TRUE;
            objArr2[3] = str;
            objArr2[4] = PKCS11Object.X_509;
            objArr2[5] = bArr;
            objArr2[6] = ((X509Cert) obj).encode();
            objArr = objArr2;
            cls = null;
        } else if (cls == Key_Class) {
            KeyMaterial extractKeyMaterial = this.providerSession.provider().extractKeyMaterial((Key) obj);
            if ((extractKeyMaterial instanceof PKCS11Key) && ((PKCS11Key) extractKeyMaterial).session.equals(this.providerSession.session())) {
                try {
                    PKCS11Key pKCS11Key = (PKCS11Key) extractKeyMaterial;
                    PKCS11VaultItem pKCS11VaultItem = new PKCS11VaultItem();
                    pKCS11VaultItem.obj = obj;
                    pKCS11VaultItem.label = str;
                    pKCS11VaultItem.info = bArr == null ? null : (byte[]) bArr.clone();
                    pKCS11VaultItem.type = i;
                    pKCS11VaultItem.vault = this;
                    pKCS11VaultItem.pkcs11object = pKCS11Key.secretKey != null ? pKCS11Key.secretKey : pKCS11Key.privateKey != null ? pKCS11Key.privateKey : pKCS11Key.publicKey;
                    if (pKCS11Key.privateKey != null && pKCS11Key.publicKey != null) {
                        pKCS11VaultItem.pkcs11object2 = pKCS11Key.publicKey;
                    }
                    pKCS11VaultItem.pkcs11class = (Integer) pKCS11VaultItem.pkcs11object.getAttributeValue(0);
                    if (pKCS11VaultItem.pkcs11object.getBoolAttributeValue(1)) {
                        return pKCS11VaultItem;
                    }
                    throw new BadParameterException("Cannot transform PKCS11 session object into token object");
                } catch (Exception e) {
                    throw new FailedException("Cannot create PKCS11 VaultItem", e);
                }
            }
        }
        if (cls != null) {
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                ObjectOutputStream objectOutputStream = new ObjectOutputStream(new GZIPOutputStream(byteArrayOutputStream));
                if (cls == Key_Class) {
                    Key key = (Key) obj;
                    objectOutputStream.writeLong(key.timeout());
                    objectOutputStream.writeInt(key.usage());
                    objectOutputStream.writeObject(key.exportKeyMaterial(this.api));
                } else {
                    objectOutputStream.writeObject(obj);
                }
                objectOutputStream.writeObject(bArr);
                objectOutputStream.close();
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                iArr = new int[]{0, 1, 2, 3, 16, 17};
                Object[] objArr3 = new Object[6];
                Integer num3 = PKCS11Object.DATA;
                num = num3;
                objArr3[0] = num3;
                objArr3[1] = Boolean.TRUE;
                objArr3[2] = i == 1 ? Boolean.FALSE : Boolean.TRUE;
                objArr3[3] = str;
                objArr3[4] = obj.getClass().getName();
                objArr3[5] = byteArray;
                objArr = objArr3;
            } catch (Exception e2) {
                throw new FailedException("Cannot serialize object", e2);
            }
        }
        try {
            PKCS11Object createObject = this.providerSession.session().createObject(iArr, objArr);
            PKCS11VaultItem pKCS11VaultItem2 = new PKCS11VaultItem();
            pKCS11VaultItem2.obj = obj;
            pKCS11VaultItem2.label = str;
            pKCS11VaultItem2.info = bArr == null ? null : (byte[]) bArr.clone();
            pKCS11VaultItem2.type = i;
            pKCS11VaultItem2.vault = this;
            pKCS11VaultItem2.pkcs11object = createObject;
            pKCS11VaultItem2.pkcs11class = num;
            return pKCS11VaultItem2;
        } catch (Exception e3) {
            throw new FailedException("Cannot create PKCS11 object", e3);
        }
    }

    @Override // com.ibm.cfwk.Vault
    public synchronized void delete(VaultItem vaultItem) {
        checkWriteAccess();
        PKCS11VaultItem checkMember = checkMember(vaultItem);
        try {
            checkMember.pkcs11object.destroy();
            if (checkMember.pkcs11object2 != null) {
                checkMember.pkcs11object2.destroy();
            }
        } catch (PKCS11Exception e) {
            this.providerSession.provider().logger().println(new StringBuffer("Could not destroy PKCS11 object `").append(checkMember.label).append("': ").append(e).toString());
        }
        checkMember.pkcs11object = null;
        checkMember.pkcs11object2 = null;
        checkMember.vault = null;
    }

    @Override // com.ibm.cfwk.Vault
    public synchronized void update(VaultItem vaultItem, Object obj, byte[] bArr) {
        checkWriteAccess();
        PKCS11VaultItem checkMember = checkMember(vaultItem);
        if (obj == null || obj.equals(checkMember.obj)) {
            obj = checkMember.obj;
        } else {
            delete(checkMember);
        }
        PKCS11VaultItem pKCS11VaultItem = (PKCS11VaultItem) add(obj, checkMember.label, bArr == null ? checkMember.info : bArr, checkMember.type);
        checkMember.pkcs11object = pKCS11VaultItem.pkcs11object;
        checkMember.pkcs11class = pKCS11VaultItem.pkcs11class;
        checkMember.vault = pKCS11VaultItem.vault;
        checkMember.obj = pKCS11VaultItem.obj;
        checkMember.info = pKCS11VaultItem.info;
        checkMember.type = pKCS11VaultItem.type;
        checkMember.label = pKCS11VaultItem.label;
    }

    /* JADX WARN: Code restructure failed: missing block: B:138:0x03ea, code lost:
    
        if (r0 != null) goto L102;
     */
    @Override // com.ibm.cfwk.Vault
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized com.ibm.cfwk.VaultItem[] findItems(java.lang.Class r10, java.lang.String r11, byte[] r12, int r13) {
        /*
            Method dump skipped, instructions count: 1255
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.cfwk.pkcs11.PKCS11Vault.findItems(java.lang.Class, java.lang.String, byte[], int):com.ibm.cfwk.VaultItem[]");
    }

    private PKCS11VaultItem checkMember(VaultItem vaultItem) {
        if (vaultItem.vault() != this) {
            throw new BadParameterException("Item not part of this vault");
        }
        return (PKCS11VaultItem) vaultItem;
    }

    private void checkWriteAccess() {
        if (readOnly()) {
            throw new FailedException("Write access to vault not permitted");
        }
    }

    public PKCS11Vault(PKCS11ProviderSession pKCS11ProviderSession, PKCS11Provider pKCS11Provider, API api) {
        this.providerSession = pKCS11ProviderSession;
        this.provider = pKCS11Provider;
        this.api = api;
    }

    private PKCS11Vault(PKCS11Vault pKCS11Vault) {
        this.view = pKCS11Vault;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class class$;
        Class class$2;
        if (class$com$ibm$cfwk$pki$X509Cert != null) {
            class$ = class$com$ibm$cfwk$pki$X509Cert;
        } else {
            class$ = class$("com.ibm.cfwk.pki.X509Cert");
            class$com$ibm$cfwk$pki$X509Cert = class$;
        }
        X509Cert_Class = class$;
        if (class$com$ibm$cfwk$Key != null) {
            class$2 = class$com$ibm$cfwk$Key;
        } else {
            class$2 = class$("com.ibm.cfwk.Key");
            class$com$ibm$cfwk$Key = class$2;
        }
        Key_Class = class$2;
    }
}
