package org.cesecore.keys.token.p11;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.lang.reflect.InvocationTargetException;
import java.security.Provider;
import java.security.Security;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.bouncycastle.util.encoders.Hex;
import org.cesecore.config.CesecoreConfiguration;
import org.cesecore.keys.token.PKCS11CryptoToken;
import org.cesecore.keys.token.p11.exception.NoSuchSlotException;
import org.cesecore.util.FileTools;

/* loaded from: input_file:org/cesecore/keys/token/p11/Pkcs11SlotLabel.class */
public class Pkcs11SlotLabel {
    public static final String SUN_PKCS11_CLASS = "sun.security.pkcs11.SunPKCS11";
    public static final String IAIK_PKCS11_CLASS = "iaik.pkcs.pkcs11.provider.IAIKPkcs11";
    public static final String IAIK_JCEPROVIDER_CLASS = "iaik.security.provider.IAIK";
    private static final Logger log = Logger.getLogger(Pkcs11SlotLabel.class);
    private static final String DELIMETER = ":";
    private final Pkcs11SlotLabelType type;
    private final String value;

    public Pkcs11SlotLabel(Pkcs11SlotLabelType pkcs11SlotLabelType, String str) {
        if (pkcs11SlotLabelType == null) {
            throw new IllegalArgumentException("Type can not be null");
        }
        this.type = pkcs11SlotLabelType;
        this.value = str == null ? null : str.trim();
    }

    public String getTaggedString() {
        return this.type.name() + DELIMETER + this.value;
    }

    public String toString() {
        return "Slot type: '" + this.type + "'. Slot value: '" + this.value + "'.";
    }

    public Provider getProvider(String str, String str2, String str3) throws NoSuchSlotException {
        long parseLong;
        if (StringUtils.isEmpty(str)) {
            throw new IllegalArgumentException("A file name must be supplied.");
        }
        File file = new File(str);
        if (!file.isFile() || !file.canRead()) {
            throw new IllegalArgumentException("The file " + str + " can't be read.");
        }
        log.debug("slot spec: " + toString());
        if (this.type == Pkcs11SlotLabelType.SUN_FILE) {
            try {
                return getSunP11Provider(new FileInputStream(file));
            } catch (FileNotFoundException e) {
                throw new IllegalArgumentException("File " + file + " was not found.");
            }
        }
        Pkcs11Wrapper pkcs11Wrapper = Pkcs11Wrapper.getInstance(file);
        switch (this.type) {
            case SLOT_LABEL:
                parseLong = getSlotID(this.value, pkcs11Wrapper);
                if (parseLong < 0) {
                    throw new IllegalStateException("Token label '" + this.value + "' not found.");
                }
                break;
            case SLOT_NUMBER:
                parseLong = Long.parseLong(this.value);
                break;
            case SLOT_INDEX:
                parseLong = Long.parseLong(this.value.charAt(0) == 'i' ? this.value.substring(1) : this.value);
                break;
            default:
                throw new IllegalStateException("This should not ever happen if all type of slots are tested.");
        }
        Provider iAIKP11Provider = getIAIKP11Provider(parseLong, file, this.type);
        if (iAIKP11Provider != null) {
            return iAIKP11Provider;
        }
        Provider sunP11Provider = getSunP11Provider(getSunP11ProviderInputStream(parseLong, file, this.type, str2, str3));
        if (sunP11Provider != null) {
            return sunP11Provider;
        }
        log.error("No provider available.");
        return null;
    }

    public static List<String> getExtendedTokenLabels(File file) {
        ArrayList arrayList = new ArrayList();
        Pkcs11Wrapper pkcs11Wrapper = Pkcs11Wrapper.getInstance(file);
        long[] slotList = pkcs11Wrapper.getSlotList();
        if (log.isDebugEnabled()) {
            log.debug("Found numer of slots:\t" + slotList.length);
        }
        for (int i = 0; i < slotList.length; i++) {
            long j = slotList[i];
            char[] tokenLabel = pkcs11Wrapper.getTokenLabel(j);
            if (tokenLabel != null) {
                String str = new String(tokenLabel);
                if (log.isDebugEnabled()) {
                    log.debug(i + ": Found token label:\t" + str + "\tid=" + j);
                }
                arrayList.add(j + ";" + str.trim());
            }
        }
        return arrayList;
    }

    private static long getSlotID(String str, Pkcs11Wrapper pkcs11Wrapper) throws NoSuchSlotException {
        long[] slotList = pkcs11Wrapper.getSlotList();
        if (log.isDebugEnabled()) {
            log.debug("Searching for token label:\t" + str);
        }
        for (long j : slotList) {
            char[] tokenLabel = pkcs11Wrapper.getTokenLabel(j);
            if (tokenLabel != null) {
                String str2 = new String(tokenLabel);
                if (log.isDebugEnabled()) {
                    log.debug("Candidate token label:\t" + str2);
                }
                if (str.equals(str2.trim())) {
                    if (log.isDebugEnabled()) {
                        log.debug("Label '" + str + "' found. The slot ID is:\t" + j);
                    }
                    return j;
                }
            }
        }
        throw new NoSuchSlotException("Token label '" + str + "' not found.");
    }

    private static Provider getIAIKP11Provider(long j, File file, Pkcs11SlotLabelType pkcs11SlotLabelType) {
        Properties properties = new Properties();
        try {
            properties.setProperty("PKCS11_NATIVE_MODULE", file.getCanonicalPath());
            properties.setProperty("SLOT_ID", pkcs11SlotLabelType.equals(Pkcs11SlotLabelType.SLOT_INDEX) ? "[" + j + "]" : Long.toString(j));
            if (log.isDebugEnabled()) {
                log.debug(properties.toString());
            }
            Provider provider = null;
            try {
                Class<?> cls = Class.forName(IAIK_PKCS11_CLASS);
                log.info("Using IAIK PKCS11 provider: iaik.pkcs.pkcs11.provider.IAIKPkcs11");
                provider = (Provider) cls.getConstructor(Properties.class).newInstance(properties);
                Provider provider2 = (Provider) Class.forName(IAIK_JCEPROVIDER_CLASS).getConstructor(new Class[0]).newInstance(new Object[0]);
                if (Security.getProvider(provider2.getName()) == null) {
                    log.info("Adding IAIK JCE provider for Delegation: iaik.security.provider.IAIK");
                    Security.addProvider(provider2);
                }
            } catch (ClassNotFoundException e) {
            } catch (IllegalAccessException e2) {
            } catch (IllegalArgumentException e3) {
            } catch (InstantiationException e4) {
            } catch (NoSuchMethodException e5) {
            } catch (SecurityException e6) {
            } catch (InvocationTargetException e7) {
            }
            return provider;
        } catch (IOException e8) {
            throw new RuntimeException("Could for unknown reason not construct canonical filename.", e8);
        }
    }

    private static InputStream getSunP11ProviderInputStream(long j, File file, Pkcs11SlotLabelType pkcs11SlotLabelType, String str, String str2) {
        String l = Long.toString(j);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        PrintWriter printWriter = new PrintWriter(byteArrayOutputStream);
        printWriter.println("name = " + file.getName() + "-slot" + l);
        try {
            printWriter.println("library = " + file.getCanonicalPath());
            if (l != null) {
                printWriter.println(PKCS11CryptoToken.SLOT_LABEL_KEY + (pkcs11SlotLabelType.isEqual(Pkcs11SlotLabelType.SLOT_INDEX) ? "ListIndex" : "") + " = " + l);
            }
            if (str != null) {
                try {
                    printWriter.println(new String(FileTools.readFiletoBuffer(str)));
                } catch (FileNotFoundException e) {
                    throw new IllegalArgumentException("File " + str + " was not found.", e);
                }
            } else {
                printWriter.println("attributes(*, CKO_PUBLIC_KEY, *) = {");
                printWriter.println("  CKA_TOKEN = false");
                printWriter.println("  CKA_ENCRYPT = true");
                printWriter.println("  CKA_VERIFY = true");
                printWriter.println("  CKA_WRAP = true");
                printWriter.println("}");
                printWriter.println("attributes(*, CKO_PRIVATE_KEY, *) = {");
                printWriter.println("  CKA_TOKEN = true");
                printWriter.println("  CKA_PRIVATE = true");
                printWriter.println("  CKA_SENSITIVE = true");
                printWriter.println("  CKA_EXTRACTABLE = false");
                printWriter.println("  CKA_DECRYPT = true");
                printWriter.println("  CKA_SIGN = true");
                if (str2 != null && str2.length() > 0) {
                    printWriter.print("  CKA_LABEL = 0h");
                    printWriter.println(new String(Hex.encode(str2.getBytes())));
                }
                printWriter.println("  CKA_UNWRAP = true");
                printWriter.println("}");
                if (CesecoreConfiguration.p11disableHashingSignMechanisms()) {
                    printWriter.println("disabledMechanisms = {");
                    printWriter.println("  CKM_SHA1_RSA_PKCS");
                    printWriter.println("  CKM_SHA256_RSA_PKCS");
                    printWriter.println("  CKM_SHA384_RSA_PKCS");
                    printWriter.println("  CKM_SHA512_RSA_PKCS");
                    printWriter.println("  CKM_MD2_RSA_PKCS");
                    printWriter.println("  CKM_MD5_RSA_PKCS");
                    printWriter.println("  CKM_DSA_SHA1");
                    printWriter.println("  CKM_ECDSA_SHA1");
                    printWriter.println("}");
                }
                printWriter.println("attributes(*, CKO_SECRET_KEY, *) = {");
                printWriter.println("  CKA_SENSITIVE = true");
                printWriter.println("  CKA_EXTRACTABLE = false");
                printWriter.println("  CKA_ENCRYPT = true");
                printWriter.println("  CKA_DECRYPT = true");
                printWriter.println("  CKA_SIGN = true");
                printWriter.println("  CKA_VERIFY = true");
                printWriter.println("  CKA_WRAP = true");
                printWriter.println("  CKA_UNWRAP = true");
                printWriter.println("}");
            }
            printWriter.flush();
            printWriter.close();
            if (log.isDebugEnabled()) {
                log.debug(byteArrayOutputStream.toString());
            }
            return new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
        } catch (IOException e2) {
            throw new RuntimeException("Could for unknown reason not construct canonical filename.", e2);
        }
    }

    private static Provider getSunP11ProviderNoExceptionHandeling(InputStream inputStream) throws ClassNotFoundException, IllegalArgumentException, SecurityException, InstantiationException, IllegalAccessException, InvocationTargetException, NoSuchMethodException {
        Class<?> cls = Class.forName(SUN_PKCS11_CLASS);
        log.info("Using SUN PKCS11 provider: sun.security.pkcs11.SunPKCS11");
        return (Provider) cls.getConstructor(InputStream.class).newInstance(inputStream);
    }

    private static Provider getSunP11Provider(InputStream inputStream) {
        try {
            return getSunP11ProviderNoExceptionHandeling(inputStream);
        } catch (Exception e) {
            String str = "Error constructing pkcs11 provider: " + e.getMessage();
            log.error(str);
            throw new IllegalStateException(str, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void doC_Initialize(File file) {
        try {
            getSunP11ProviderNoExceptionHandeling(getSunP11ProviderInputStream(-1L, file, Pkcs11SlotLabelType.SLOT_NUMBER, null, null));
        } catch (InvocationTargetException e) {
            log.debug("Get dummy sun provider throws an exception. This is OK.", e);
        } catch (Exception e2) {
            String str = "Error constructing pkcs11 provider: " + e2.getMessage();
            log.error(str);
            throw new IllegalStateException(str, e2);
        }
    }

    public static Provider getP11Provider(String str, Pkcs11SlotLabelType pkcs11SlotLabelType, String str2, String str3) throws NoSuchSlotException {
        return getP11Provider(str, pkcs11SlotLabelType, str2, str3, null);
    }

    public static Provider getP11Provider(String str, Pkcs11SlotLabelType pkcs11SlotLabelType, String str2, String str3, String str4) throws NoSuchSlotException {
        if ((str == null || str.length() < 1) && pkcs11SlotLabelType != Pkcs11SlotLabelType.SUN_FILE) {
            return null;
        }
        return new Pkcs11SlotLabel(pkcs11SlotLabelType, str).getProvider(str2, str3, str4);
    }
}
