package com.sansec.jcajce.provider.symmetric;

import com.sansec.asn1.nist.NISTObjectIdentifiers;
import com.sansec.asn1.pkcs.GBObjectIdentifiers;
import com.sansec.asn1.pkcs.PKCSObjectIdentifiers;
import com.sansec.crypto.RuntimeCryptoException;
import com.sansec.devicev4.SwxaDeviceFactory;
import com.sansec.devicev4.api.CryptoException;
import com.sansec.jcajce.provider.config.ConfigurableProvider;
import com.sansec.jcajce.provider.hsm.HsmAlgorithmParameterSpec;
import com.sansec.jce.provider.SwxaProvider;
import java.security.InvalidAlgorithmParameterException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Random;
import javax.crypto.KeyGeneratorSpi;
import javax.crypto.SecretKey;

/* loaded from: input_file:com/sansec/jcajce/provider/symmetric/HsmKeyGenerator.class */
public class HsmKeyGenerator extends KeyGeneratorSpi {
    protected int keySize;
    protected int keyIndex;
    protected int defaultKeySize;
    protected Random rnd;
    protected String hsmIP;
    protected String algName;
    protected boolean uninitialised = true;

    /* loaded from: input_file:com/sansec/jcajce/provider/symmetric/HsmKeyGenerator$AES.class */
    public static class AES extends HsmKeyGenerator {
        public AES() {
            super("AES", 128);
        }
    }

    /* loaded from: input_file:com/sansec/jcajce/provider/symmetric/HsmKeyGenerator$DESede.class */
    public static class DESede extends HsmKeyGenerator {
        public DESede() {
            super("DESede", 128);
        }
    }

    /* loaded from: input_file:com/sansec/jcajce/provider/symmetric/HsmKeyGenerator$DESede3.class */
    public static class DESede3 extends HsmKeyGenerator {
        public DESede3() {
            super("DESede3", 192);
        }
    }

    /* loaded from: input_file:com/sansec/jcajce/provider/symmetric/HsmKeyGenerator$Mappings.class */
    public static class Mappings extends SymmetricAlgorithmProvider {
        private static final String PREFIX = HsmKeyGenerator.class.getName();

        @Override // com.sansec.jcajce.provider.util.AlgorithmProvider
        public void configure(ConfigurableProvider configurableProvider) {
            configurableProvider.addAlgorithmHsm("KeyGenerator.SM1", PREFIX + "$SM1");
            configurableProvider.addAlgorithmHsm("KeyGenerator." + GBObjectIdentifiers.sm1, PREFIX + "$SM1");
            configurableProvider.addAlgorithmHsm("KeyGenerator.SM4", PREFIX + "$SM4");
            configurableProvider.addAlgorithmHsm("KeyGenerator." + GBObjectIdentifiers.sm4, PREFIX + "$SM4");
            configurableProvider.addAlgorithmHsm("KeyGenerator.SM7", PREFIX + "$SM7");
            configurableProvider.addAlgorithmHsm("KeyGenerator." + GBObjectIdentifiers.sm7, PREFIX + "$SM7");
            configurableProvider.addAlgorithmHsm("KeyGenerator.SSF33", PREFIX + "$SSF33");
            configurableProvider.addAlgorithmHsm("KeyGenerator." + GBObjectIdentifiers.ssf33, PREFIX + "$SSF33");
            configurableProvider.addAlgorithmHsm("KeyGenerator.AES", PREFIX + "$AES");
            configurableProvider.addAlgorithmHsm("Alg.Alias.KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES.HSM");
            configurableProvider.addAlgorithmHsm("Alg.Alias.KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, "AES.HSM");
            configurableProvider.addAlgorithmHsm("KeyGenerator.DESEDE", PREFIX + "$DESede");
            configurableProvider.addAlgorithmHsm("Alg.Alias.KeyGenerator.3DES", "DESEDE.HSM");
            configurableProvider.addAlgorithmHsm("Alg.Alias.KeyGenerator.DESede", "DESEDE.HSM");
            configurableProvider.addAlgorithmHsm("Alg.Alias.KeyGenerator.DES3", "DESEDE.HSM");
            configurableProvider.addAlgorithmHsm("KeyGenerator.DESEDE3", PREFIX + "$DESede3");
            configurableProvider.addAlgorithmHsm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$DESede3");
        }
    }

    /* loaded from: input_file:com/sansec/jcajce/provider/symmetric/HsmKeyGenerator$SM1.class */
    public static class SM1 extends HsmKeyGenerator {
        public SM1() {
            super("SM1", 128);
        }
    }

    /* loaded from: input_file:com/sansec/jcajce/provider/symmetric/HsmKeyGenerator$SM4.class */
    public static class SM4 extends HsmKeyGenerator {
        public SM4() {
            super("SM4", 128);
        }
    }

    /* loaded from: input_file:com/sansec/jcajce/provider/symmetric/HsmKeyGenerator$SM7.class */
    public static class SM7 extends HsmKeyGenerator {
        public SM7() {
            super("SM7", 128);
        }
    }

    /* loaded from: input_file:com/sansec/jcajce/provider/symmetric/HsmKeyGenerator$SSF33.class */
    public static class SSF33 extends HsmKeyGenerator {
        public SSF33() {
            super("SSF33", 128);
        }
    }

    protected HsmKeyGenerator(String str, int i) {
        this.algName = str;
        this.defaultKeySize = i;
        this.keySize = i;
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidAlgorithmParameterException {
        if (secureRandom != null) {
            this.rnd = secureRandom;
            this.uninitialised = false;
        }
        if (algorithmParameterSpec == null || !(algorithmParameterSpec instanceof HsmAlgorithmParameterSpec)) {
            return;
        }
        if (!(algorithmParameterSpec instanceof SecretHsmAlgorithmParameterSpec)) {
            throw new InvalidAlgorithmParameterException("params should be a SecretHsmAlgorithmParameterSpec, but is HsmAlgorithmParameterSpec");
        }
        SecretHsmAlgorithmParameterSpec secretHsmAlgorithmParameterSpec = (SecretHsmAlgorithmParameterSpec) algorithmParameterSpec;
        if (secretHsmAlgorithmParameterSpec.getHsmKeyParameter() != null) {
            this.keyIndex = secretHsmAlgorithmParameterSpec.getHsmKeyParameter().getsIndex();
        } else {
            this.keySize = secretHsmAlgorithmParameterSpec.getKeySize();
        }
        this.hsmIP = secretHsmAlgorithmParameterSpec.getHsmIP();
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(SecureRandom secureRandom) {
        if (secureRandom != null) {
            this.rnd = secureRandom;
            this.uninitialised = false;
        }
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(int i, SecureRandom secureRandom) {
        if (secureRandom != null) {
            this.rnd = secureRandom;
            this.uninitialised = false;
        }
        this.keyIndex = i >> 16;
        if (this.keyIndex == 0) {
            this.keySize = i;
        }
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected SecretKey engineGenerateKey() {
        if (this.uninitialised) {
            try {
                this.rnd = SecureRandom.getInstance("RND", SwxaProvider.PROVIDER_NAME);
            } catch (Exception e) {
                this.rnd = new SecureRandom();
            }
            this.uninitialised = false;
        }
        byte[] bArr = new byte[this.keySize / 8];
        this.rnd.nextBytes(bArr);
        if (this.keyIndex > 0) {
            try {
                if (!SwxaDeviceFactory.getInstance().isKeyExisting(this.keyIndex, 1)) {
                    throw new RuntimeCryptoException("Key is not existing: keyIndex=" + this.keyIndex);
                }
            } catch (CryptoException e2) {
                throw new RuntimeCryptoException("Fail to get key status: keyIndex=" + this.keyIndex, e2);
            }
        }
        return new HsmSecretKeySpec(this.keyIndex, bArr, this.algName, this.hsmIP);
    }
}
