package com.ibm.crypto.pkcs11impl.provider;

import com.ibm.misc.Debug;
import com.ibm.pkcs11.PKCS11Object;
import com.ibm.ras.RASFormatter;
import com.ibm.ras.RASITraceEvent;
import com.ibm.security.pkcs9.UnstructuredName;
import com.ibm.security.util.DerOutputStream;
import com.ibm.security.x509.X500Name;
import com.ibm.ws.asynchbeans.CallInfo;
import com.ibm.ws.security.common.util.AuditConstants;
import com.ibm.ws.ssl.core.Constants;
import com.ibm.wsspi.management.agent.AdminSubsystemExtensionHandler;
import java.math.BigInteger;
import java.security.AlgorithmParameterGenerator;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidParameterException;
import java.security.KeyPair;
import java.security.KeyPairGeneratorSpi;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.DSAParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import java.util.HashMap;
import java.util.Set;

/* loaded from: input_file:wasJars/ibmpkcs11impl.jar:com/ibm/crypto/pkcs11impl/provider/DSAPKCS11KeyPairGenerator.class */
public final class DSAPKCS11KeyPairGenerator extends KeyPairGeneratorSpi {
    private Provider provider;
    private int keySize;
    private SessionManager sessionManager;
    private Config config;
    private byte[] id;
    private byte[] subject;
    private String label;
    private Boolean isToken;
    private Boolean isSensitive;
    private Boolean extractable;
    private DSAParameterSpec dsaparams;
    private boolean paramsUsed;
    private static Debug debug = Debug.getInstance("pkcs11impl");
    private static String className = "com.ibm.crypto.pkcs11impl.provider.DSAPKCS11KeyPairGenerator";

    public DSAPKCS11KeyPairGenerator(Provider provider) {
        this.provider = null;
        this.keySize = 512;
        this.sessionManager = null;
        this.config = null;
        this.id = null;
        this.subject = null;
        this.label = null;
        this.isToken = new Boolean(false);
        this.isSensitive = new Boolean(false);
        this.extractable = null;
        this.dsaparams = null;
        this.paramsUsed = false;
        if (debug != null) {
            debug.entry(RASITraceEvent.TYPE_PERF, className, "DSAPKCS11KeyPairGenerator", AuditConstants.PROVIDER);
        }
        this.sessionManager = ((IBMPKCS11Impl) provider).getSessionManager();
        this.config = ((IBMPKCS11Impl) provider).getConfig();
        this.provider = provider;
        if (debug != null) {
            debug.exit(RASITraceEvent.TYPE_PERF, className, "DSAPKCS11KeyPairGenerator", AuditConstants.PROVIDER);
        }
    }

    public DSAPKCS11KeyPairGenerator() {
        this(Security.getProvider(Constants.IBMPKCS11Impl_NAME));
    }

    @Override // java.security.KeyPairGeneratorSpi
    public void initialize(AlgorithmParameterSpec algorithmParameterSpec, java.security.SecureRandom secureRandom) throws InvalidAlgorithmParameterException {
        if (debug != null) {
            debug.entry(RASITraceEvent.TYPE_PERF, className, AdminSubsystemExtensionHandler.INITIALIZE, algorithmParameterSpec, secureRandom);
        }
        if (algorithmParameterSpec == null || !(algorithmParameterSpec instanceof PKCS11DSAKeyPairParameterSpec)) {
            if (debug != null) {
                debug.text(RASITraceEvent.TYPE_PERF, className, AdminSubsystemExtensionHandler.INITIALIZE, "PKCS11 DSA KeyPair Parameters must be specified");
            }
            throw new InvalidAlgorithmParameterException("PKCS11 DSA KeyPair Parameters must be specified");
        }
        PKCS11DSAKeyPairParameterSpec pKCS11DSAKeyPairParameterSpec = (PKCS11DSAKeyPairParameterSpec) algorithmParameterSpec;
        this.keySize = pKCS11DSAKeyPairParameterSpec.getKeySize();
        if (pKCS11DSAKeyPairParameterSpec.getKeyID() != null) {
            try {
                this.id = pKCS11DSAKeyPairParameterSpec.getKeyID().getBytes("8859_1");
            } catch (Exception e) {
                this.id = pKCS11DSAKeyPairParameterSpec.getKeyID().getBytes();
            }
        }
        if (pKCS11DSAKeyPairParameterSpec.getSubject() != null) {
            try {
                this.subject = pKCS11DSAKeyPairParameterSpec.getSubject().getBytes("8859_1");
            } catch (Exception e2) {
                this.subject = pKCS11DSAKeyPairParameterSpec.getSubject().getBytes();
            }
        }
        this.label = pKCS11DSAKeyPairParameterSpec.getLabel();
        this.isSensitive = pKCS11DSAKeyPairParameterSpec.getSensitive();
        this.isToken = pKCS11DSAKeyPairParameterSpec.getToken();
        this.extractable = pKCS11DSAKeyPairParameterSpec.getExtractable();
        this.dsaparams = (DSAParameterSpec) pKCS11DSAKeyPairParameterSpec.getParams();
        this.paramsUsed = true;
        if (this.dsaparams == null) {
            generateParameters();
        }
        if (debug != null) {
            debug.exit(RASITraceEvent.TYPE_PERF, className, AdminSubsystemExtensionHandler.INITIALIZE);
        }
    }

    @Override // java.security.KeyPairGeneratorSpi
    public void initialize(int i, java.security.SecureRandom secureRandom) {
        if (debug != null) {
            debug.entry(RASITraceEvent.TYPE_PERF, className, AdminSubsystemExtensionHandler.INITIALIZE, RASFormatter.DEFAULT_SEPARATOR + i, secureRandom);
        }
        if (i < 512) {
            throw new InvalidParameterException("DSA Key size must be at least 512 bit");
        }
        if (i > 1024 || (i & 63) != 0) {
            throw new InvalidParameterException("Key size must be a multiple of 64 and at most 1024 bit");
        }
        this.keySize = i;
        if (debug != null) {
            debug.exit(RASITraceEvent.TYPE_PERF, className, AdminSubsystemExtensionHandler.INITIALIZE);
        }
    }

    public void initialize(int i) {
        initialize(i, (java.security.SecureRandom) null);
    }

    @Override // java.security.KeyPairGeneratorSpi
    public KeyPair generateKeyPair() {
        byte[] byteArray;
        int i;
        byte[] byteArray2;
        int i2;
        KeyPair keyPair;
        DSAPrivateKey dSAPrivateKey;
        if (debug != null) {
            debug.entry(RASITraceEvent.TYPE_PERF, className, "generateKeyPair");
        }
        int i3 = 0;
        HashMap<Integer, Object> hashMap = null;
        Set<Integer> set = null;
        Boolean bool = this.isToken;
        Boolean bool2 = this.isToken;
        if (this.dsaparams == null) {
            generateParameters();
        }
        int i4 = this.isSensitive == null ? 7 - 1 : 7;
        int i5 = bool == null ? 8 - 1 : 8;
        if (bool2 == null) {
            i4--;
        }
        if (this.extractable == null) {
            i4--;
        }
        if (this.config != null) {
            hashMap = this.config.getAttributes("GENERATE", PKCS11Object.PUBLIC_KEY, PKCS11Object.DSA);
            set = hashMap.keySet();
            for (Integer num : set) {
                switch (num.intValue()) {
                    case 1:
                        if (this.paramsUsed) {
                            break;
                        } else {
                            if (bool == null) {
                                i5++;
                            }
                            bool = (Boolean) hashMap.get(num);
                            break;
                        }
                    case 266:
                        break;
                    default:
                        i5++;
                        break;
                }
            }
        }
        int[] iArr = new int[i5];
        Object[] objArr = new Object[i5];
        boolean z = true;
        if (bool != null) {
            iArr[0] = 1;
            i3 = 0 + 1;
            objArr[0] = bool;
        }
        iArr[i3] = 258;
        int i6 = i3;
        int i7 = i3 + 1;
        objArr[i6] = this.id;
        iArr[i7] = 3;
        int i8 = i7 + 1;
        objArr[i7] = this.label;
        iArr[i8] = 257;
        if (this.subject != null) {
            try {
                if (debug != null) {
                    debug.text(RASITraceEvent.TYPE_PERF, className, "generateKeyPair_2.1", "Try DER encoding public key subject name as X500 name initially");
                }
                DerOutputStream derOutputStream = new DerOutputStream();
                new X500Name(new String(this.subject, "8859_1")).encode(derOutputStream);
                byteArray = derOutputStream.toByteArray();
            } catch (Exception e) {
                try {
                    if (debug != null) {
                        debug.text(RASITraceEvent.TYPE_PERF, className, "generateKeyPair_2.2", "DER encode public key subject name as UnstructuredName instead");
                    }
                    DerOutputStream derOutputStream2 = new DerOutputStream();
                    new UnstructuredName(new String[]{new String(this.subject, "8859_1")}).encode(derOutputStream2);
                    byteArray = derOutputStream2.toByteArray();
                } catch (Exception e2) {
                    if (debug != null) {
                        debug.exception(RASITraceEvent.TYPE_PERF, className, "generateKeyPair_2.3", e2);
                    }
                    throw new RuntimeException(e2.getMessage());
                }
            }
            if (debug != null) {
                debug.text(RASITraceEvent.TYPE_PERF, className, "generateKeyPair_2.3", "encodedPubSubjNameCopy.length " + byteArray.length);
            }
            i = i8 + 1;
            objArr[i8] = byteArray.clone();
        } else {
            i = i8 + 1;
            objArr[i8] = this.subject;
        }
        if (set != null) {
            for (Integer num2 : set) {
                if (num2.intValue() != 1) {
                    if (num2.intValue() == 266) {
                        z = false;
                    }
                    iArr[i] = num2.intValue();
                    int i9 = i;
                    i++;
                    objArr[i9] = hashMap.get(num2);
                }
            }
        }
        if (z) {
            iArr[i] = 266;
            int i10 = i;
            i++;
            objArr[i10] = Boolean.TRUE;
        }
        iArr[i] = 304;
        int i11 = i;
        int i12 = i + 1;
        objArr[i11] = this.dsaparams.getP();
        iArr[i12] = 305;
        int i13 = i12 + 1;
        objArr[i12] = this.dsaparams.getQ();
        iArr[i13] = 306;
        objArr[i13] = this.dsaparams.getG();
        if (this.config != null) {
            hashMap = this.config.getAttributes("GENERATE", PKCS11Object.PRIVATE_KEY, PKCS11Object.DSA);
            set = hashMap.keySet();
            for (Integer num3 : set) {
                switch (num3.intValue()) {
                    case 1:
                        if (this.paramsUsed) {
                            break;
                        } else {
                            if (bool2 == null) {
                                i4++;
                            }
                            bool2 = (Boolean) hashMap.get(num3);
                            break;
                        }
                    case 259:
                        if (this.paramsUsed) {
                            break;
                        } else {
                            if (this.isSensitive == null) {
                                i4++;
                            }
                            this.isSensitive = (Boolean) hashMap.get(num3);
                            break;
                        }
                    case 264:
                        break;
                    case 354:
                        if (this.paramsUsed) {
                            break;
                        } else {
                            if (this.extractable == null) {
                                i4++;
                            }
                            this.extractable = (Boolean) hashMap.get(num3);
                            break;
                        }
                    default:
                        i4++;
                        break;
                }
            }
        }
        int[] iArr2 = new int[i4];
        Object[] objArr2 = new Object[i4];
        int i14 = 0;
        boolean z2 = true;
        if (bool2 != null) {
            iArr2[0] = 1;
            i14 = 0 + 1;
            objArr2[0] = bool2;
        }
        iArr2[i14] = 258;
        int i15 = i14;
        int i16 = i14 + 1;
        objArr2[i15] = this.id;
        iArr2[i16] = 257;
        if (this.subject != null) {
            try {
                if (debug != null) {
                    debug.text(RASITraceEvent.TYPE_PERF, className, "generateKeyPair_3.1", "Try DER encoding private key subject name as X500 name initially");
                }
                DerOutputStream derOutputStream3 = new DerOutputStream();
                new X500Name(new String(this.subject, "8859_1")).encode(derOutputStream3);
                byteArray2 = derOutputStream3.toByteArray();
            } catch (Exception e3) {
                try {
                    if (debug != null) {
                        debug.text(RASITraceEvent.TYPE_PERF, className, "generateKeyPair_3.2", "DER encode private key subject name as UnstructuredName instead");
                    }
                    DerOutputStream derOutputStream4 = new DerOutputStream();
                    new UnstructuredName(new String[]{new String(this.subject, "8859_1")}).encode(derOutputStream4);
                    byteArray2 = derOutputStream4.toByteArray();
                } catch (Exception e4) {
                    if (debug != null) {
                        debug.exception(RASITraceEvent.TYPE_PERF, className, "generateKeyPair_3.3", e4);
                    }
                    throw new RuntimeException(e4.getMessage());
                }
            }
            if (debug != null) {
                debug.text(RASITraceEvent.TYPE_PERF, className, "generateKeyPair_3.3", "encodedPrivSubjNameCopy.length" + byteArray2.length);
            }
            i2 = i16 + 1;
            objArr2[i16] = byteArray2.clone();
        } else {
            i2 = i16 + 1;
            objArr2[i16] = this.subject;
        }
        iArr2[i2] = 3;
        int i17 = i2;
        int i18 = i2 + 1;
        objArr2[i17] = this.label;
        if (this.isSensitive != null) {
            iArr2[i18] = 259;
            i18++;
            objArr2[i18] = this.isSensitive;
        }
        if (this.extractable != null) {
            iArr2[i18] = 354;
            int i19 = i18;
            i18++;
            objArr2[i19] = this.extractable;
        }
        if (set != null) {
            for (Integer num4 : set) {
                if (num4.intValue() != 1 && num4.intValue() != 259 && num4.intValue() != 354) {
                    if (num4.intValue() == 264) {
                        z2 = false;
                    }
                    iArr2[i18] = num4.intValue();
                    int i20 = i18;
                    i18++;
                    objArr2[i20] = hashMap.get(num4);
                }
            }
        }
        if (z2) {
            iArr2[i18] = 264;
            int i21 = i18;
            int i22 = i18 + 1;
            objArr2[i21] = Boolean.TRUE;
        }
        Session session = null;
        try {
            session = this.sessionManager.getObjSession();
            PKCS11Object[] orderObjects = orderObjects(session.generateKeyPair(16, null, iArr, objArr, iArr2, objArr2));
            PKCS11Object pKCS11Object = orderObjects[0];
            PKCS11Object pKCS11Object2 = orderObjects[1];
            try {
                try {
                    DSAPublicKey dSAPublicKey = new DSAPublicKey(session, pKCS11Object, this.id, this.subject, this.label, this.isToken, (BigInteger) getValue(session, pKCS11Object, 304), (BigInteger) getValue(session, pKCS11Object, 305), (BigInteger) getValue(session, pKCS11Object, 306), new BigInteger(1, (byte[]) getValue(session, pKCS11Object, 17)));
                    if (!session.getBoolAttributeValue(pKCS11Object, 1)) {
                        dSAPublicKey.setSession(session);
                        session.addObject();
                    }
                    if (this.isSensitive.booleanValue()) {
                        dSAPrivateKey = new DSAPrivateKey(session, pKCS11Object2, this.label, this.id, this.subject, this.isToken, this.isSensitive, this.extractable);
                    } else {
                        try {
                            dSAPrivateKey = new DSAPrivateKey(session, pKCS11Object2, this.label, this.id, this.subject, this.isToken, this.isSensitive, this.extractable, (BigInteger) getValue(session, pKCS11Object2, 304), (BigInteger) getValue(session, pKCS11Object2, 305), (BigInteger) getValue(session, pKCS11Object2, 306), new BigInteger(1, (byte[]) getValue(session, pKCS11Object2, 17)));
                        } catch (Exception e5) {
                            dSAPrivateKey = new DSAPrivateKey(session, pKCS11Object2, this.label, this.id, this.subject, this.isToken, this.isSensitive, this.extractable);
                        }
                    }
                    if (!session.getBoolAttributeValue(pKCS11Object2, 1)) {
                        dSAPrivateKey.setSession(session);
                        session.addObject();
                    }
                    keyPair = new KeyPair(dSAPublicKey, dSAPrivateKey);
                    this.sessionManager.releaseSession(session);
                } catch (Throwable th) {
                    this.sessionManager.releaseSession(session);
                    throw th;
                }
            } catch (Exception e6) {
                keyPair = null;
                if (debug != null) {
                    debug.exception(RASITraceEvent.TYPE_PERF, className, "generateKeyPair_2", e6);
                }
                this.sessionManager.releaseSession(session);
            }
            if (debug != null) {
                debug.exit(RASITraceEvent.TYPE_PERF, className, "generateKeyPair");
            }
            return keyPair;
        } catch (Exception e7) {
            if (debug != null) {
                debug.exception(RASITraceEvent.TYPE_PERF, className, "generateKeyPair_1", e7);
            }
            this.sessionManager.releaseSession(session);
            throw new RuntimeException(e7.getMessage());
        }
    }

    private void generateParameters() {
        if (debug != null) {
            debug.entry(RASITraceEvent.TYPE_PERF, className, "generateParameters");
        }
        switch (this.keySize) {
            case 512:
                this.dsaparams = new DSAParameterSpec(DSAParameterGenerator.p_512, DSAParameterGenerator.q_512, DSAParameterGenerator.g_512);
                if (debug != null) {
                    debug.exit(RASITraceEvent.TYPE_PERF, className, "generateParameters", this.dsaparams);
                    return;
                }
                return;
            case CallInfo.PEEK_CALLTYPE_WORK_DAEMON /* 768 */:
                this.dsaparams = new DSAParameterSpec(DSAParameterGenerator.p_768, DSAParameterGenerator.q_768, DSAParameterGenerator.g_768);
                if (debug != null) {
                    debug.exit(RASITraceEvent.TYPE_PERF, className, "generateParameters", this.dsaparams);
                    return;
                }
                return;
            case 1024:
                this.dsaparams = new DSAParameterSpec(DSAParameterGenerator.p_1024, DSAParameterGenerator.q_1024, DSAParameterGenerator.g_1024);
                if (debug != null) {
                    debug.exit(RASITraceEvent.TYPE_PERF, className, "generateParameters", this.dsaparams);
                    return;
                }
                return;
            default:
                try {
                    AlgorithmParameterGenerator algorithmParameterGenerator = AlgorithmParameterGenerator.getInstance("DSA", this.provider);
                    algorithmParameterGenerator.init(this.keySize, java.security.SecureRandom.getInstance("IBMSecureRandom", this.provider));
                    try {
                        this.dsaparams = (DSAParameterSpec) algorithmParameterGenerator.generateParameters().getParameterSpec(DSAParameterSpec.class);
                        if (debug != null) {
                            debug.exit(RASITraceEvent.TYPE_PERF, className, "generateParameters");
                            return;
                        }
                        return;
                    } catch (InvalidParameterSpecException e) {
                        if (debug != null) {
                            debug.exception(RASITraceEvent.TYPE_PERF, className, "generateParameters_3", e);
                        }
                        throw new Error();
                    }
                } catch (NoSuchAlgorithmException e2) {
                    if (debug != null) {
                        debug.exception(RASITraceEvent.TYPE_PERF, className, "generateParameters_1", e2);
                    }
                    throw new RuntimeException(e2.getMessage());
                }
        }
    }

    private PKCS11Object[] orderObjects(PKCS11Object[] pKCS11ObjectArr) {
        PKCS11Object pKCS11Object;
        PKCS11Object pKCS11Object2;
        if (debug != null) {
            debug.entry(RASITraceEvent.TYPE_PERF, className, "orderObjects");
        }
        Integer num = (Integer) getValue(pKCS11ObjectArr[0], 0);
        Integer num2 = (Integer) getValue(pKCS11ObjectArr[1], 0);
        if (num.equals(PKCS11Object.PUBLIC_KEY) && num2.equals(PKCS11Object.PRIVATE_KEY)) {
            pKCS11Object = pKCS11ObjectArr[0];
            pKCS11Object2 = pKCS11ObjectArr[1];
        } else {
            if (!num.equals(PKCS11Object.PRIVATE_KEY) || !num2.equals(PKCS11Object.PUBLIC_KEY)) {
                if (debug != null) {
                    debug.text(RASITraceEvent.TYPE_PERF, className, "orderObjects", "Token returns invalid objects");
                }
                throw new RuntimeException("Token returns invalid objects");
            }
            pKCS11Object = pKCS11ObjectArr[1];
            pKCS11Object2 = pKCS11ObjectArr[0];
        }
        pKCS11ObjectArr[0] = pKCS11Object;
        pKCS11ObjectArr[1] = pKCS11Object2;
        if (debug != null) {
            debug.exit(RASITraceEvent.TYPE_PERF, className, "orderObjects");
        }
        return pKCS11ObjectArr;
    }

    private Object getValue(Session session, PKCS11Object pKCS11Object, int i) {
        return session.getAttrValue(pKCS11Object, i);
    }

    private Object getValue(PKCS11Object pKCS11Object, int i) {
        Object obj;
        if (debug != null) {
            debug.entry(RASITraceEvent.TYPE_PERF, className, "getValue", pKCS11Object, new Integer(i));
        }
        Session session = null;
        try {
            try {
                session = this.sessionManager.getOpSession();
                obj = session.getAttrValue(pKCS11Object, i);
                if (session != null) {
                    this.sessionManager.releaseSession(session);
                }
            } catch (Exception e) {
                if (debug != null) {
                    debug.text(RASITraceEvent.TYPE_PERF, className, "getValue", e.getMessage());
                }
                obj = null;
                if (session != null) {
                    this.sessionManager.releaseSession(session);
                }
            }
            if (debug != null) {
                debug.exit(RASITraceEvent.TYPE_PERF, className, "getValue");
            }
            return obj;
        } catch (Throwable th) {
            if (session != null) {
                this.sessionManager.releaseSession(session);
            }
            throw th;
        }
    }
}
