package iaik.pkcs.pkcs11.provider.keygenerators;

import iaik.pkcs.pkcs11.Mechanism;
import iaik.pkcs.pkcs11.MechanismInfo;
import iaik.pkcs.pkcs11.Session;
import iaik.pkcs.pkcs11.TokenException;
import iaik.pkcs.pkcs11.provider.IAIKPkcs11;
import iaik.pkcs.pkcs11.provider.IAIKPkcs11Exception;
import iaik.pkcs.pkcs11.provider.PKCS11EngineClass;
import iaik.pkcs.pkcs11.provider.TokenManager;
import iaik.pkcs.pkcs11.provider.keys.IAIKPKCS11SecretKey;
import iaik.pkcs.pkcs11.provider.spec.PKCS11Spec;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidParameterException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.KeyGeneratorSpi;
import javax.crypto.SecretKey;

/* loaded from: classes.dex */
public abstract class PKCS11KeyGenerator extends KeyGeneratorSpi implements PKCS11EngineClass {
    private static final boolean DEBUG = false;
    protected boolean initialized_;
    protected PKCS11KeyGenerationSpec keyGenerationSpec_;
    protected boolean pkcs11OperationInitialized_;
    protected Session session_;
    protected TokenManager tokenManager_;
    protected MechanismInfo[][] usedMechanismInfos_;
    protected Mechanism[] usedMechanisms_;

    @Override // javax.crypto.KeyGeneratorSpi
    protected SecretKey engineGenerateKey() {
        if (!this.initialized_) {
            engineInit(-1, (SecureRandom) null);
        }
        Mechanism mechanism = getMechanism();
        iaik.pkcs.pkcs11.objects.SecretKey keyTemplate = this.keyGenerationSpec_.getKeyTemplate();
        if (!this.pkcs11OperationInitialized_) {
            initializePkcs11Operation();
        }
        try {
            iaik.pkcs.pkcs11.objects.SecretKey secretKey = (iaik.pkcs.pkcs11.objects.SecretKey) this.session_.generateKey(mechanism, keyTemplate);
            IAIKPKCS11SecretKey create = IAIKPKCS11SecretKey.create(this.tokenManager_, secretKey);
            if (!secretKey.getToken().getBooleanValue().booleanValue()) {
                create.setSession(this.session_);
            }
            finalizePkcs11Operation();
            this.tokenManager_.notifyKeyStores();
            return create;
        } catch (TokenException e) {
            finalizePkcs11Operation();
            throw new IAIKPkcs11Exception(e.toString());
        }
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(int i, SecureRandom secureRandom) throws InvalidParameterException {
        IAIKPkcs11 providerInstance = IAIKPkcs11.getProviderInstance(1);
        if (providerInstance == null) {
            throw new IAIKPkcs11Exception("No IAIKPkcs11 provider available.");
        }
        try {
            engineInit(new PKCS11KeyGenerationSpec(providerInstance.getTokenManager(), IAIKPkcs11.getGlobalKeyHandler().getKeyGeneratorTemplate(getAlgorithmName(), i), PKCS11Spec.USE_READ_ONLY_SESSION, PKCS11Spec.USE_USER_SESSION), (SecureRandom) null);
        } catch (InvalidAlgorithmParameterException e) {
            throw new IAIKPkcs11Exception(e.toString());
        }
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(SecureRandom secureRandom) {
        engineInit(-1, secureRandom);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.KeyGeneratorSpi
    public void engineInit(AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidAlgorithmParameterException {
        if (algorithmParameterSpec == null || !(algorithmParameterSpec instanceof PKCS11KeyGenerationSpec)) {
            IAIKPkcs11 providerInstance = IAIKPkcs11.getProviderInstance(1);
            this.keyGenerationSpec_ = new PKCS11KeyGenerationSpec(providerInstance.getTokenManager(), IAIKPkcs11.getGlobalKeyHandler().getKeyGeneratorTemplate(getAlgorithmName(), algorithmParameterSpec), PKCS11Spec.USE_READ_ONLY_SESSION, PKCS11Spec.USE_USER_SESSION);
        } else {
            this.keyGenerationSpec_ = (PKCS11KeyGenerationSpec) algorithmParameterSpec;
        }
        this.tokenManager_ = this.keyGenerationSpec_.getTokenManager();
        initializePkcs11Operation();
        this.initialized_ = true;
    }

    protected void finalize() throws Throwable {
        if (this.session_ != null) {
            this.tokenManager_.disposeSession(this.session_);
        }
        super.finalize();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void finalizePkcs11Operation() {
        this.pkcs11OperationInitialized_ = false;
        this.tokenManager_.disposeSession(this.session_);
        this.session_ = null;
    }

    protected abstract String getAlgorithmName();

    /* JADX INFO: Access modifiers changed from: protected */
    public abstract Mechanism getMechanism();

    protected MechanismInfo[][] getUsedMechanismFeatures() {
        if (this.usedMechanismInfos_ == null) {
            MechanismInfo mechanismInfo = new MechanismInfo();
            mechanismInfo.setGenerate(true);
            this.usedMechanismInfos_ = new MechanismInfo[][]{new MechanismInfo[]{mechanismInfo}};
        }
        return this.usedMechanismInfos_;
    }

    protected Mechanism[] getUsedMechanisms() {
        if (this.usedMechanisms_ == null) {
            Mechanism mechanism = (Mechanism) getMechanism().clone();
            mechanism.setParameters(null);
            this.usedMechanisms_ = new Mechanism[]{mechanism};
        }
        return this.usedMechanisms_;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void initializePkcs11Operation() {
        initializeSession();
        this.pkcs11OperationInitialized_ = true;
    }

    protected void initializeSession() {
        try {
            if (this.session_ == null) {
                this.session_ = this.keyGenerationSpec_.isUseROSession() ? this.tokenManager_.getSession(false) : this.tokenManager_.getSession(true);
            }
            if (this.keyGenerationSpec_.isUseUserSession()) {
                this.tokenManager_.makeAuthorizedSession(this.session_, null);
            }
        } catch (TokenException e) {
            throw new IAIKPkcs11Exception(e.toString());
        }
    }

    @Override // iaik.pkcs.pkcs11.provider.PKCS11EngineClass
    public boolean isSupportedBy(TokenManager tokenManager) {
        try {
            return tokenManager.isMechanismFeatureSupported(getUsedMechanisms(), getUsedMechanismFeatures());
        } catch (TokenException e) {
            return false;
        }
    }
}
