package com.ibm.crypto.pkcs11.provider;

import com.ibm.pkcs11.PKCS11Object;
import com.ibm.pkcs11.PKCS11Session;
import java.math.BigInteger;
import java.security.AlgorithmParameterGenerator;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGeneratorSpi;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.ProviderException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.DSAParameterSpec;
import java.security.spec.InvalidParameterSpecException;

/* loaded from: input_file:efixes/PK67052_Aix_ppc32/components/prereq.jdk/update.jar:/java/jre/lib/ext/ibmpkcs11.jar:com/ibm/crypto/pkcs11/provider/DSAPKCS11KeyPairGenerator.class */
public final class DSAPKCS11KeyPairGenerator extends KeyPairGeneratorSpi {
    private int keySize = 512;
    private PKCS11Session[] openSessions = null;
    private String label = null;
    private DSAParameterSpec dsaparams = null;
    private java.security.SecureRandom random = null;
    private boolean extractAttr = true;
    private boolean sensitive = false;
    static Class class$java$security$spec$DSAParameterSpec;

    private boolean checkIfExtractable() {
        byte[] bytes = "testid".getBytes();
        int[] iArr = {1, 258, 266, 304, 305, 306};
        Object[] objArr = {Boolean.FALSE, bytes, Boolean.TRUE, this.dsaparams.getP(), this.dsaparams.getQ(), this.dsaparams.getG()};
        int[] iArr2 = {1, 2, 258, PKCS11Object.EXTRACTABLE, 264};
        Object[] objArr2 = {Boolean.FALSE, Boolean.TRUE, bytes, Boolean.TRUE, Boolean.TRUE};
        boolean z = false;
        int i = 0;
        String str = "";
        while (!z) {
            if (i >= this.openSessions.length) {
                return false;
            }
            try {
                this.openSessions[i].generateKeyPair(16, null, iArr, objArr, iArr2, objArr2);
                z = true;
            } catch (Exception e) {
                str = new StringBuffer(String.valueOf(str)).append(i).append(".").append(e.getMessage()).append(" ").toString();
                i++;
            }
        }
        return true;
    }

    private boolean checkIfSensitive() {
        byte[] bytes = "testid".getBytes();
        int[] iArr = {1, 258, 266, 304, 305, 306};
        Object[] objArr = {Boolean.FALSE, bytes, Boolean.TRUE, this.dsaparams.getP(), this.dsaparams.getQ(), this.dsaparams.getG()};
        int[] iArr2 = {1, 2, 258, 259, 264};
        Object[] objArr2 = {Boolean.FALSE, Boolean.TRUE, bytes, Boolean.FALSE, Boolean.TRUE};
        boolean z = false;
        int i = 0;
        String str = "";
        while (!z) {
            if (i >= this.openSessions.length) {
                return true;
            }
            try {
                this.openSessions[i].generateKeyPair(16, null, iArr, objArr, iArr2, objArr2);
                z = true;
            } catch (Exception e) {
                str = new StringBuffer(String.valueOf(str)).append(i).append(".").append(e.getMessage()).append(" ").toString();
                i++;
            }
        }
        return false;
    }

    private boolean checkKeyPairGeneration() throws InvalidAlgorithmParameterException {
        byte[] bytes = "testid".getBytes();
        int[] iArr = {1, 258, 266, 304, 305, 306};
        Object[] objArr = {Boolean.FALSE, bytes, Boolean.TRUE, this.dsaparams.getP(), this.dsaparams.getQ(), this.dsaparams.getG()};
        int[] iArr2 = {1, 2, 258, 264};
        Object[] objArr2 = {Boolean.FALSE, Boolean.TRUE, bytes, Boolean.TRUE};
        boolean z = false;
        int i = 0;
        String str = "";
        while (!z) {
            if (i >= this.openSessions.length) {
                throw new InvalidAlgorithmParameterException(new StringBuffer("Cannot generate key pair: ").append(str).toString());
            }
            try {
                PKCS11Object[] orderObjects = orderObjects(this.openSessions[i].generateKeyPair(16, null, iArr, objArr, iArr2, objArr2));
                PKCS11Object pKCS11Object = orderObjects[0];
                PKCS11Object pKCS11Object2 = orderObjects[1];
                try {
                    pKCS11Object2.copy(new int[]{1}, new Object[]{Boolean.TRUE}).destroy();
                    pKCS11Object2.destroy();
                    pKCS11Object.destroy();
                    z = true;
                } catch (Exception unused) {
                    pKCS11Object2.destroy();
                    pKCS11Object.destroy();
                    return false;
                }
            } catch (Exception e) {
                str = new StringBuffer(String.valueOf(str)).append(i).append(".").append(e.getMessage()).append(" ").toString();
                i++;
            }
        }
        return true;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    @Override // java.security.KeyPairGeneratorSpi
    public KeyPair generateKeyPair() {
        DSAPKCS11PrivateKey dSAPKCS11PrivateKey;
        byte[] bArr = new byte[20];
        this.random.nextBytes(bArr);
        int[] iArr = {1, 258, 266, 304, 305, 306};
        Object[] objArr = {Boolean.FALSE, bArr, Boolean.TRUE, this.dsaparams.getP(), this.dsaparams.getQ(), this.dsaparams.getG()};
        int[] iArr2 = {1, 2, 258, 259, PKCS11Object.EXTRACTABLE, 264};
        Object[] objArr2 = {Boolean.FALSE, Boolean.TRUE, bArr, Boolean.FALSE, Boolean.TRUE, Boolean.TRUE};
        int[] iArr3 = {1, 2, 258, 259, 264};
        Object[] objArr3 = {Boolean.FALSE, Boolean.TRUE, bArr, Boolean.FALSE, Boolean.TRUE};
        int[] iArr4 = {1, 2, 258, 259, PKCS11Object.EXTRACTABLE, 264};
        Object[] objArr4 = {Boolean.FALSE, Boolean.TRUE, bArr, Boolean.TRUE, Boolean.TRUE, Boolean.TRUE};
        boolean z = false;
        int i = 0;
        String str = "";
        KeyPair keyPair = null;
        while (!z) {
            if (i >= this.openSessions.length) {
                throw new ProviderException(new StringBuffer("Cannot generate key pair: ").append(str).toString());
            }
            try {
                boolean z2 = false;
                PKCS11Object[] orderObjects = orderObjects(this.sensitive ? this.openSessions[i].generateKeyPair(16, null, iArr, objArr, iArr4, objArr4) : this.extractAttr ? this.openSessions[i].generateKeyPair(16, null, iArr, objArr, iArr2, objArr2) : this.openSessions[i].generateKeyPair(16, null, iArr, objArr, iArr3, objArr3));
                PKCS11Object pKCS11Object = orderObjects[0];
                PKCS11Object pKCS11Object2 = orderObjects[1];
                try {
                    pKCS11Object2.copy(new int[]{1}, new Object[]{Boolean.TRUE}).destroy();
                } catch (Exception unused) {
                    z2 = true;
                    PKCS11Object[] orderObjects2 = orderObjects(this.sensitive ? this.openSessions[i].generateKeyPair(16, null, iArr, objArr, new int[]{1, 2, 258, 259, 261, 264, 3}, new Object[]{Boolean.TRUE, Boolean.TRUE, bArr, Boolean.TRUE, Boolean.TRUE, Boolean.TRUE, this.label}) : this.extractAttr ? this.openSessions[i].generateKeyPair(16, null, iArr, objArr, new int[]{1, 2, 258, 259, 261, 264, 3, PKCS11Object.EXTRACTABLE}, new Object[]{Boolean.TRUE, Boolean.TRUE, bArr, Boolean.FALSE, Boolean.TRUE, Boolean.TRUE, this.label, Boolean.TRUE}) : this.openSessions[i].generateKeyPair(16, null, iArr, objArr, new int[]{1, 2, 258, 259, 261, 264, 3}, new Object[]{Boolean.TRUE, Boolean.TRUE, bArr, Boolean.FALSE, Boolean.TRUE, Boolean.TRUE, this.label}));
                    pKCS11Object = orderObjects2[0];
                    pKCS11Object2 = orderObjects2[1];
                }
                DSAPKCS11PublicKey dSAPKCS11PublicKey = new DSAPKCS11PublicKey(i, pKCS11Object, this.openSessions[i], this.openSessions, null, bArr, null, Boolean.TRUE, Boolean.TRUE, (BigInteger) getValue(pKCS11Object, 304), (BigInteger) getValue(pKCS11Object, 305), (BigInteger) getValue(pKCS11Object, 306), new BigInteger(1, (byte[]) getValue(pKCS11Object, 17)));
                if (z2) {
                    dSAPKCS11PrivateKey = new DSAPKCS11PrivateKey(i, pKCS11Object2, this.openSessions[i], this.openSessions, null, bArr, null, Boolean.TRUE, Boolean.TRUE);
                } else {
                    try {
                        dSAPKCS11PrivateKey = new DSAPKCS11PrivateKey(i, pKCS11Object2, this.openSessions[i], this.openSessions, null, bArr, null, Boolean.TRUE, Boolean.TRUE, (BigInteger) getValue(pKCS11Object2, 304), (BigInteger) getValue(pKCS11Object2, 305), (BigInteger) getValue(pKCS11Object2, 306), new BigInteger(1, (byte[]) getValue(pKCS11Object2, 17)));
                    } catch (Exception unused2) {
                        dSAPKCS11PrivateKey = new DSAPKCS11PrivateKey(i, pKCS11Object2, this.openSessions[i], this.openSessions, null, bArr, null, Boolean.TRUE, Boolean.TRUE);
                    }
                }
                keyPair = new KeyPair(dSAPKCS11PublicKey, dSAPKCS11PrivateKey);
                z = true;
            } catch (Exception e) {
                str = new StringBuffer(String.valueOf(str)).append(i).append(".").append(e.getMessage()).append(" ").toString();
                i++;
            }
        }
        return keyPair;
    }

    private void generateParameters() {
        Class class$;
        switch (this.keySize) {
            case 512:
                this.dsaparams = new DSAParameterSpec(DSAParameterGenerator.p_512, DSAParameterGenerator.q_512, DSAParameterGenerator.g_512);
                return;
            case 768:
                this.dsaparams = new DSAParameterSpec(DSAParameterGenerator.p_768, DSAParameterGenerator.q_768, DSAParameterGenerator.g_768);
                return;
            case 1024:
                this.dsaparams = new DSAParameterSpec(DSAParameterGenerator.p_1024, DSAParameterGenerator.q_1024, DSAParameterGenerator.g_1024);
                return;
            default:
                try {
                    AlgorithmParameterGenerator algorithmParameterGenerator = AlgorithmParameterGenerator.getInstance("DSA", "IBMPKCS11");
                    algorithmParameterGenerator.init(this.keySize, this.random);
                    AlgorithmParameters generateParameters = algorithmParameterGenerator.generateParameters();
                    try {
                        if (class$java$security$spec$DSAParameterSpec != null) {
                            class$ = class$java$security$spec$DSAParameterSpec;
                        } else {
                            class$ = class$("java.security.spec.DSAParameterSpec");
                            class$java$security$spec$DSAParameterSpec = class$;
                        }
                        this.dsaparams = (DSAParameterSpec) generateParameters.getParameterSpec(class$);
                        return;
                    } catch (InvalidParameterSpecException unused) {
                        throw new Error();
                    }
                } catch (NoSuchAlgorithmException e) {
                    throw new RuntimeException(e.getMessage());
                } catch (NoSuchProviderException e2) {
                    throw new RuntimeException(e2.getMessage());
                }
        }
    }

    private Object getValue(PKCS11Object pKCS11Object, int i) {
        return pKCS11Object.getAttributeValue(i);
    }

    public void initialize(int i) {
        throw new UnsupportedOperationException("Parameters must be specified");
    }

    @Override // java.security.KeyPairGeneratorSpi
    public void initialize(int i, java.security.SecureRandom secureRandom) {
        throw new UnsupportedOperationException("Parameters must be specified");
    }

    @Override // java.security.KeyPairGeneratorSpi
    public void initialize(AlgorithmParameterSpec algorithmParameterSpec, java.security.SecureRandom secureRandom) throws InvalidAlgorithmParameterException {
        if (algorithmParameterSpec == null) {
            throw new InvalidAlgorithmParameterException("Parameters must be specified");
        }
        this.random = secureRandom;
        if (!(algorithmParameterSpec instanceof PKCS11DSAKeyPairParameterSpec)) {
            throw new InvalidAlgorithmParameterException("Parameters must be specified");
        }
        PKCS11DSAKeyPairParameterSpec pKCS11DSAKeyPairParameterSpec = (PKCS11DSAKeyPairParameterSpec) algorithmParameterSpec;
        KeyStore keyStore = pKCS11DSAKeyPairParameterSpec.getKeyStore();
        this.label = pKCS11DSAKeyPairParameterSpec.getLabel();
        try {
            Key key = keyStore.getKey(null, null);
            if (key == null || !(key instanceof RSAPKCS11PublicKey)) {
                throw new InvalidAlgorithmParameterException("Invalid KeyStore type");
            }
            this.openSessions = ((RSAPKCS11PublicKey) key).getOpenSessions();
            if (this.openSessions == null) {
                throw new InvalidAlgorithmParameterException("All parameters must be specified");
            }
            this.dsaparams = (DSAParameterSpec) pKCS11DSAKeyPairParameterSpec.getParams();
            if (this.dsaparams == null) {
                generateParameters();
            }
            this.keySize = pKCS11DSAKeyPairParameterSpec.getKeySize();
            this.label = pKCS11DSAKeyPairParameterSpec.getLabel();
            this.sensitive = checkIfSensitive();
            this.extractAttr = checkIfExtractable();
            if (!checkKeyPairGeneration() && this.label == null) {
                throw new InvalidAlgorithmParameterException("Key label must be specified");
            }
        } catch (Exception unused) {
            throw new InvalidAlgorithmParameterException("Invalid KeyStore type");
        }
    }

    private PKCS11Object[] orderObjects(PKCS11Object[] pKCS11ObjectArr) {
        PKCS11Object pKCS11Object;
        PKCS11Object pKCS11Object2;
        Integer num = (Integer) getValue(pKCS11ObjectArr[0], 0);
        Integer num2 = (Integer) getValue(pKCS11ObjectArr[1], 0);
        if (num.equals(PKCS11Object.PUBLIC_KEY) && num2.equals(PKCS11Object.PRIVATE_KEY)) {
            pKCS11Object = pKCS11ObjectArr[0];
            pKCS11Object2 = pKCS11ObjectArr[1];
        } else {
            if (!num.equals(PKCS11Object.PRIVATE_KEY) || !num2.equals(PKCS11Object.PUBLIC_KEY)) {
                throw new RuntimeException("Token returns invalid objects");
            }
            pKCS11Object = pKCS11ObjectArr[1];
            pKCS11Object2 = pKCS11ObjectArr[0];
        }
        pKCS11ObjectArr[0] = pKCS11Object;
        pKCS11ObjectArr[1] = pKCS11Object2;
        return pKCS11ObjectArr;
    }
}
