package org.wso2.carbon.crypto.provider.hsm.cryptoprovider.operators;

import iaik.pkcs.pkcs11.Mechanism;
import iaik.pkcs.pkcs11.Session;
import iaik.pkcs.pkcs11.TokenException;
import iaik.pkcs.pkcs11.objects.Key;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.crypto.api.CryptoException;
import org.wso2.carbon.crypto.provider.hsm.cryptoprovider.exception.HSMCryptoException;

/* loaded from: input_file:org/wso2/carbon/crypto/provider/hsm/cryptoprovider/operators/Cipher.class */
public class Cipher {
    private static Log log = LogFactory.getLog(Cipher.class);
    private final Session session;

    public Cipher(Session session) {
        this.session = session;
    }

    public byte[] encrypt(byte[] bArr, Key key, Mechanism mechanism) throws CryptoException {
        if (!isEncryptDecryptMechanism(mechanism)) {
            throw new CryptoException(String.format("Requested '%s' algorithm for data encryption is not a valid data encryption mechanism.", mechanism.getName()));
        }
        if (log.isDebugEnabled()) {
            log.debug(String.format("Encrypting data using the HSM device with %s mechanism.", mechanism.getName()));
        }
        try {
            this.session.encryptInit(mechanism, key);
            return this.session.encrypt(bArr);
        } catch (TokenException e) {
            throw new HSMCryptoException(String.format("Error occurred while encrypting data using algorithm '%s'.", mechanism.getName()), e);
        }
    }

    public byte[] decrypt(byte[] bArr, Key key, Mechanism mechanism) throws CryptoException {
        if (!isEncryptDecryptMechanism(mechanism)) {
            throw new CryptoException(String.format("Requested '%s' algorithm for data decryption is not a valid data decryption mechanism.", mechanism.getName()));
        }
        if (log.isDebugEnabled()) {
            log.debug(String.format("Decrypting data using the HSM device with %s mechanism.", mechanism.getName()));
        }
        try {
            this.session.decryptInit(mechanism, key);
            return this.session.decrypt(bArr);
        } catch (TokenException e) {
            throw new HSMCryptoException(String.format("Error occurred while decrypting data using algorithm '%s'.", mechanism.getName()), e);
        }
    }

    protected boolean isEncryptDecryptMechanism(Mechanism mechanism) {
        return mechanism.isSingleOperationEncryptDecryptMechanism() || mechanism.isFullEncryptDecryptMechanism() || mechanism.getMechanismCode() == 4231;
    }
}
