package oracle.security.pki;

import java.lang.reflect.InvocationTargetException;
import java.security.AccessController;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKeyFactory;

/* loaded from: input_file:oracle/security/pki/JCEUtil.class */
public final class JCEUtil {
    public static final String JSAFEJCE_CLASS_NAME = "com.rsa.jsafe.provider.JsafeJCE";
    public static final String CRYPTOJ_CLASS_NAME = "com.rsa.jsafe.crypto.CryptoJ";
    public static final String FIPS140CONTEXT_CLASS_NAME = "com.rsa.jsafe.crypto.FIPS140Context";
    public static final String FIPS140_MODE_FIELD_NAME = "FIPS140_MODE";
    public static final String JSAFEJCE_NAME = "JsafeJCE";
    public static final String SECURE_RANDOM_ALG = "CTRDRBG";
    public static final String JSAFEJCE_SECURE_RANDOM_ALG = "DefaultRandom";
    public static final String JCE_FIPS140_PROVIDER_CLASS_SECURITY_PROPERTY = "oracle.security.crypto.jce.fips140_provider_class";
    private static final String a;
    private static final boolean b;
    private static boolean c;
    private static boolean d = false;
    private static Provider e;
    private static SecureRandom f;

    public static synchronized boolean isJsafeJCERegistered() {
        if (b && TransitionMode.isFIPS140ModeEnabled()) {
            return true;
        }
        if (!d) {
            if (Security.getProvider(JSAFEJCE_NAME) != null) {
                c = true;
            } else {
                Provider[] providers = Security.getProviders();
                c = false;
                int length = providers.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    if (providers[i].getName().startsWith("JsafeJCE/")) {
                        c = true;
                        break;
                    }
                    i++;
                }
            }
            d = true;
        }
        return c;
    }

    private static Provider b() throws NoSuchAlgorithmException {
        try {
            return getJCEProvider();
        } catch (NoSuchProviderException e2) {
            throw new NoSuchAlgorithmException(e2.getMessage(), e2);
        }
    }

    private static Provider c() throws CertificateException {
        try {
            return getJCEProvider();
        } catch (NoSuchProviderException e2) {
            throw new CertificateException(e2.getMessage(), e2);
        }
    }

    public static synchronized Provider getJCEProvider() throws NoSuchProviderException {
        if (e == null) {
            e = a(a, TransitionMode.isFIPS140ModeEnabled() && b);
            if (TransitionMode.isFIPS140ModeEnabled()) {
                a(e);
            }
        }
        return e;
    }

    private static Provider a(final String str, final boolean z) throws NoSuchProviderException {
        try {
            return (Provider) AccessController.doPrivileged(new PrivilegedExceptionAction<Provider>() { // from class: oracle.security.pki.JCEUtil.2
                @Override // java.security.PrivilegedExceptionAction
                /* renamed from: a, reason: merged with bridge method [inline-methods] */
                public Provider run() throws ReflectiveOperationException, NoSuchProviderException {
                    if (!z) {
                        return (Provider) Class.forName(str).newInstance();
                    }
                    int i = Class.forName(JCEUtil.CRYPTOJ_CLASS_NAME).getField(JCEUtil.FIPS140_MODE_FIELD_NAME).getInt(null);
                    Class<?> cls = Class.forName(JCEUtil.FIPS140CONTEXT_CLASS_NAME);
                    try {
                        return (Provider) Class.forName(str).getConstructor(cls).newInstance(cls.getConstructor(Integer.TYPE).newInstance(Integer.valueOf(i)));
                    } catch (InvocationTargetException e2) {
                        NoSuchProviderException noSuchProviderException = new NoSuchProviderException("The available JsafeJCE provider is not the FIPS 140 variant: " + str);
                        noSuchProviderException.initCause(e2.getCause());
                        throw noSuchProviderException;
                    }
                }
            });
        } catch (PrivilegedActionException e2) {
            Throwable cause = e2.getCause();
            if (cause instanceof NoSuchProviderException) {
                throw ((NoSuchProviderException) cause);
            }
            NoSuchProviderException noSuchProviderException = new NoSuchProviderException("Unable to instantiate the configured JCE provider: " + str);
            noSuchProviderException.initCause(cause);
            throw noSuchProviderException;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized void a() {
        e = null;
        f = null;
    }

    private static void a(final Provider provider) {
        AccessController.doPrivileged(new PrivilegedAction<Void>() { // from class: oracle.security.pki.JCEUtil.3
            @Override // java.security.PrivilegedAction
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public Void run() {
                Security.removeProvider(provider.getName());
                Security.insertProviderAt(provider, 1);
                return null;
            }
        });
    }

    public static synchronized void registerJsafeJCE() throws NoSuchProviderException {
        if (b) {
            a(getJCEProvider());
        } else {
            if (isJsafeJCERegistered()) {
                return;
            }
            a(a(JSAFEJCE_CLASS_NAME, false));
        }
    }

    public static synchronized SecureRandom getSecureRandom() {
        if (f == null) {
            if (TransitionMode.isFIPS140ModeEnabled()) {
                String str = b ? JSAFEJCE_SECURE_RANDOM_ALG : SECURE_RANDOM_ALG;
                try {
                    f = SecureRandom.getInstance(str, getJCEProvider());
                } catch (GeneralSecurityException e2) {
                    InternalError internalError = new InternalError("SecureRandom algorithm " + str + " not available");
                    internalError.initCause(e2);
                    throw internalError;
                }
            } else {
                f = new SecureRandom();
            }
        }
        return f;
    }

    public static final Signature getSignatureInstance(String str) throws NoSuchAlgorithmException {
        return TransitionMode.isFIPS140ModeEnabled() ? Signature.getInstance(str, b()) : Signature.getInstance(str);
    }

    public static final Mac getMacInstance(String str) throws NoSuchAlgorithmException {
        return TransitionMode.isFIPS140ModeEnabled() ? Mac.getInstance(str, b()) : Mac.getInstance(str);
    }

    public static final MessageDigest getMessageDigestInstance(String str) throws NoSuchAlgorithmException {
        return TransitionMode.isFIPS140ModeEnabled() ? MessageDigest.getInstance(str, b()) : MessageDigest.getInstance(str);
    }

    public static final SecretKeyFactory getSecretKeyFactoryInstance(String str) throws NoSuchAlgorithmException {
        return TransitionMode.isFIPS140ModeEnabled() ? SecretKeyFactory.getInstance(str, b()) : SecretKeyFactory.getInstance(str);
    }

    public static final Cipher getCipherInstance(String str) throws NoSuchAlgorithmException, NoSuchPaddingException {
        return TransitionMode.isFIPS140ModeEnabled() ? Cipher.getInstance(str, b()) : Cipher.getInstance(str);
    }

    public static final KeyPairGenerator getKeyPairGeneratorInstance(String str) throws NoSuchAlgorithmException {
        return TransitionMode.isFIPS140ModeEnabled() ? KeyPairGenerator.getInstance(str, b()) : KeyPairGenerator.getInstance(str);
    }

    public static final KeyFactory getKeyFactoryInstance(String str) throws NoSuchAlgorithmException {
        return TransitionMode.isFIPS140ModeEnabled() ? KeyFactory.getInstance(str, b()) : KeyFactory.getInstance(str);
    }

    public static final KeyAgreement getKeyAgreementInstance(String str) throws NoSuchAlgorithmException {
        return TransitionMode.isFIPS140ModeEnabled() ? KeyAgreement.getInstance(str, b()) : KeyAgreement.getInstance(str);
    }

    public static final CertificateFactory getCertificateFactoryInstance(String str) throws CertificateException {
        return TransitionMode.isFIPS140ModeEnabled() ? CertificateFactory.getInstance(str, c()) : CertificateFactory.getInstance(str);
    }

    static {
        String str = (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: oracle.security.pki.JCEUtil.1
            @Override // java.security.PrivilegedAction
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public String run() {
                return Security.getProperty(JCEUtil.JCE_FIPS140_PROVIDER_CLASS_SECURITY_PROPERTY);
            }
        });
        if (str == null) {
            str = JSAFEJCE_CLASS_NAME;
            b = true;
        } else {
            b = str.equalsIgnoreCase(JSAFEJCE_CLASS_NAME);
        }
        a = str;
    }
}
