package com.ibm.cfwk.pkcs11;

import com.ibm.cfwk.API;
import com.ibm.cfwk.FailedException;
import com.ibm.cfwk.Key;
import com.ibm.cfwk.MalformedDataException;
import com.ibm.cfwk.Provider;
import com.ibm.cfwk.ProviderSession;
import com.ibm.cfwk.ProviderSessionInfo;
import com.ibm.cfwk.Vault;
import com.ibm.pkcs11.PKCS11;
import com.ibm.pkcs11.PKCS11Exception;
import com.ibm.pkcs11.PKCS11Object;
import com.ibm.pkcs11.PKCS11Session;
import com.ibm.pkcs11.PKCS11Slot;
import infospc.rptapi.RPTMap;

/* loaded from: input_file:lib/swimport.zip:com/ibm/cfwk/pkcs11/PKCS11Provider.class */
public abstract class PKCS11Provider extends Provider {
    private static final int NONE = -1;
    private PKCS11 pkcs11;

    protected String keyType(Integer num) {
        if (num.equals(PKCS11Object.RSA)) {
            return "RSA";
        }
        if (num.equals(PKCS11Object.DSA)) {
            return "DSA";
        }
        if (num.equals(PKCS11Object.DH)) {
            return "DH";
        }
        if (num.equals(PKCS11Object.KEA)) {
            return "KEA";
        }
        if (num.equals(PKCS11Object.ECDSA)) {
            return "ECDSA";
        }
        if (num.equals(PKCS11Object.DES)) {
            return Key.DES;
        }
        if (num.equals(PKCS11Object.DES2)) {
            return "DES2";
        }
        if (num.equals(PKCS11Object.DES3)) {
            return Key.DES3;
        }
        if (num.equals(PKCS11Object.RC4)) {
            return Key.RC4;
        }
        if (num.equals(PKCS11Object.RC2)) {
            return Key.RC2;
        }
        if (num.equals(PKCS11Object.RC5)) {
            return Key.RC5;
        }
        if (num.equals(PKCS11Object.IDEA)) {
            return Key.IDEA;
        }
        if (num.equals(PKCS11Object.CAST)) {
            return "CAST";
        }
        if (num.equals(PKCS11Object.CAST3)) {
            return "CAST3";
        }
        return null;
    }

    public String keyType(PKCS11Object pKCS11Object) {
        String str;
        try {
            Integer num = (Integer) pKCS11Object.getAttributeValue(0);
            if (num.equals(PKCS11Object.SECRET_KEY)) {
                str = "";
            } else if (num.equals(PKCS11Object.PUBLIC_KEY)) {
                str = "/public";
            } else {
                if (!num.equals(PKCS11Object.PRIVATE_KEY)) {
                    return null;
                }
                str = "/private";
            }
            Integer num2 = (Integer) pKCS11Object.getAttributeValue(256);
            String keyType = keyType(num2);
            return new StringBuffer("PKCS11/").append(keyType == null ? num2.toString() : keyType).append(str).toString();
        } catch (PKCS11Exception unused) {
            return null;
        }
    }

    public static void checkSessionInit(Object obj) {
        if (obj != null) {
            throw new FailedException("Attempted reinitializtion of PKCS11 algorithm object");
        }
    }

    @Override // com.ibm.cfwk.Provider
    public ProviderSession logon(API api, String str, Object obj) {
        int i = 0;
        boolean z = false;
        if (!(obj instanceof String)) {
            throw new MalformedDataException(new StringBuffer("Authentication data is not a string: ").append(obj.getClass().getName()).toString());
        }
        String str2 = (String) obj;
        try {
            int indexOf = str2.indexOf(124);
            int indexOf2 = str2.indexOf(124, indexOf + 1);
            int parseInt = Integer.parseInt(str2.substring(0, indexOf));
            String substring = str2.substring(indexOf + 1, indexOf2);
            for (int length = substring.length() - 1; length >= 0; length--) {
                switch (substring.charAt(length)) {
                    case 'C':
                    case 'c':
                        z = true;
                        break;
                    case 'S':
                    case 's':
                        i |= 4;
                        break;
                    case 'W':
                    case 'w':
                        i |= 2;
                        break;
                    case 'X':
                    case 'x':
                        i |= 1;
                        break;
                    default:
                        throw new MalformedDataException(new StringBuffer("Illegal PKCS11 session mode: ").append(substring.charAt(length)).toString());
                }
            }
            String substring2 = str2.substring(indexOf2 + 1);
            try {
                PKCS11Slot[] slotList = this.pkcs11.getSlotList(false);
                if (parseInt < 0 || parseInt >= slotList.length) {
                    throw new MalformedDataException(new StringBuffer("Slot number out of range: ").append(parseInt).toString());
                }
                PKCS11Slot pKCS11Slot = slotList[parseInt];
                if (z) {
                    pKCS11Slot.closeAllSessions();
                }
                if (!pKCS11Slot.getInfo().tokenPresent()) {
                    throw new FailedException(new StringBuffer("PKCS11: No token in slot #").append(parseInt).toString());
                }
                PKCS11Session openSession = pKCS11Slot.openSession(i, null, null);
                if (substring2.length() > 0) {
                    openSession.login(false, substring2);
                }
                if (str == null || str.length() == 0 || str.compareTo("-") == 0) {
                    str = pKCS11Slot.getTokenInfo().label();
                    if (str.length() == 0) {
                        str = new StringBuffer(String.valueOf(this.pkcs11.getInfo().libraryDescription())).append("#").append(parseInt).toString();
                    }
                }
                return makeProviderSession(openSession, this, new PKCS11ProviderSessionInfo(str, new StringBuffer("PKCS11 Slot: ").append(pKCS11Slot.getInfo()).append(RPTMap.NL).append("PKCS11 Token:\n").append(pKCS11Slot.getTokenInfo()).toString()));
            } catch (Exception e) {
                throw new FailedException("Logon to PKCS11 provider failed", e);
            }
        } catch (MalformedDataException e2) {
            throw e2;
        } catch (Exception unused) {
            throw new MalformedDataException("PKCS11 authentication must have format: \"slotno|flags|password\"");
        }
    }

    public Vault openVault(ProviderSessionInfo providerSessionInfo, API api) {
        ProviderSession findProviderSession = findProviderSession(providerSessionInfo, api);
        if ((providerSessionInfo instanceof PKCS11ProviderSessionInfo) && findProviderSession != null && (findProviderSession.provider() instanceof Provider)) {
            return ((PKCS11ProviderSessionInfo) providerSessionInfo).vault(api);
        }
        throw new FailedException("Invalid session");
    }

    protected abstract PKCS11ProviderSession makeProviderSession(PKCS11Session pKCS11Session, PKCS11Provider pKCS11Provider, PKCS11ProviderSessionInfo pKCS11ProviderSessionInfo) throws PKCS11Exception;

    /* JADX INFO: Access modifiers changed from: protected */
    public PKCS11Provider(PKCS11 pkcs11) {
        this.pkcs11 = pkcs11;
    }
}
