package com.sansec.jcajce.provider.keystore.label;

import com.sansec.crypto.AsymmetricCipherKeyPair;
import com.sansec.crypto.RuntimeCryptoException;
import com.sansec.crypto.params.AsymmetricKeyParameter;
import com.sansec.crypto.params.RSAKeyParameters;
import com.sansec.crypto.params.RSAPrivateCrtKeyParameters;
import com.sansec.devicev4.SwxaDeviceFactory;
import com.sansec.devicev4.api.CryptoException;
import com.sansec.devicev4.api.ISDSCrypto;
import com.sansec.devicev4.gb.struct.key.IRSArefPrivateKey;
import com.sansec.devicev4.gb.struct.key.IRSArefPublicKey;
import com.sansec.jcajce.provider.asymmetric.rsa.SwJCERSAPrivateCrtKey;
import com.sansec.jcajce.provider.asymmetric.rsa.SwJCERSAPublicKey;
import com.sansec.jcajce.provider.symmetric.HsmSecretKeySpec;
import com.sansec.util.BigIntegerUitl;
import com.sansec.util.KeyUtil;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Date;
import java.util.Enumeration;
import javax.crypto.SecretKey;

/* loaded from: input_file:com/sansec/jcajce/provider/keystore/label/SwLabelKeyStore.class */
public class SwLabelKeyStore extends KeyStoreSpi {
    private ISDSCrypto device;

    /* loaded from: input_file:com/sansec/jcajce/provider/keystore/label/SwLabelKeyStore$RSAKeyPairEntry.class */
    public static final class RSAKeyPairEntry implements KeyStore.Entry {
        private final PrivateKey privKey;
        private final PublicKey pubKey;

        public RSAKeyPairEntry(PublicKey publicKey, PrivateKey privateKey) {
            if (publicKey == null) {
                throw new NullPointerException("invalid null input,publicKey can not be null.");
            }
            this.pubKey = publicKey;
            this.privKey = privateKey;
        }

        public PrivateKey getPrivKey() {
            return this.privKey;
        }

        public PublicKey getPubKey() {
            return this.pubKey;
        }

        public String toString() {
            return "Swxa label RSA key pair.";
        }
    }

    /* loaded from: input_file:com/sansec/jcajce/provider/keystore/label/SwLabelKeyStore$SecretKeyEntry.class */
    public static final class SecretKeyEntry implements KeyStore.Entry {
        private final SecretKey sKey;

        public SecretKeyEntry(SecretKey secretKey) {
            if (secretKey == null) {
                throw new NullPointerException("invalid null input");
            }
            this.sKey = secretKey;
            String algorithm = this.sKey.getAlgorithm();
            int length = this.sKey.getEncoded().length;
            if (algorithm.equalsIgnoreCase("SM4") || algorithm.equalsIgnoreCase("SM1")) {
                if (length != 16) {
                    throw new RuntimeCryptoException("invalid key input,alg=" + algorithm + " keyLen = " + length);
                }
                return;
            }
            if (algorithm.equalsIgnoreCase("3DES") || algorithm.equalsIgnoreCase("DESede")) {
                if (length != 16 && length != 24) {
                    throw new RuntimeCryptoException("invalid key input,alg=" + algorithm + " keyLen = " + length);
                }
            } else if (!algorithm.equalsIgnoreCase("AES")) {
                if (!algorithm.equalsIgnoreCase("swxaLabel")) {
                    throw new RuntimeCryptoException("invalid alg ,alg=" + algorithm);
                }
            } else if (length != 16 && length != 24 && length != 32) {
                throw new RuntimeCryptoException("invalid key input,alg=" + algorithm + " keyLen = " + length);
            }
        }

        public SecretKey getSecretKey() {
            return this.sKey;
        }

        public String toString() {
            return "Swxa label Secret key entry with label " + ((HsmSecretKeySpec) this.sKey).getKeyLabel();
        }
    }

    public SwLabelKeyStore() {
        this.device = null;
        try {
            this.device = SwxaDeviceFactory.getInstance();
        } catch (Exception e) {
            throw new RuntimeCryptoException("Get HSM device instance error", e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        return new Certificate[0];
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return 0;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
    }

    @Override // java.security.KeyStoreSpi
    public synchronized void engineSetEntry(String str, KeyStore.Entry entry, KeyStore.ProtectionParameter protectionParameter) throws KeyStoreException {
        if (str == null || "".equals(str)) {
            throw new RuntimeCryptoException("alias is null or blank space.");
        }
        if (!(entry instanceof RSAKeyPairEntry) && !(entry instanceof SecretKeyEntry)) {
            throw new RuntimeCryptoException("Entry should be RSAKeyPairEntry or SecretKeyEntry");
        }
        if (!str.startsWith("RSA_")) {
            if (!str.startsWith("SYM_")) {
                throw new RuntimeCryptoException("alias is not start with 'RSA_' or 'SYM_'");
            }
            String substring = str.substring(4);
            if (!checkLabel(substring)) {
                throw new RuntimeCryptoException("label is error.3-31 alphabetic or numeric.");
            }
            if (!(entry instanceof SecretKeyEntry)) {
                throw new RuntimeCryptoException("Entry should be SecretKeyEntry");
            }
            SecretKey secretKey = ((SecretKeyEntry) entry).getSecretKey();
            if (secretKey == null) {
                throw new RuntimeCryptoException("SecretKey of SecretKeyEntry cannt be null.");
            }
            try {
                this.device.importKey(substring, secretKey.getEncoded());
                return;
            } catch (CryptoException e) {
                throw new RuntimeCryptoException("Secret key pair import error" + e.getMessage());
            }
        }
        String substring2 = str.substring(4);
        if (!checkLabel(substring2)) {
            throw new RuntimeCryptoException("label is error.3-31 alphabetic or numeric.");
        }
        if (!(entry instanceof RSAKeyPairEntry)) {
            throw new RuntimeCryptoException("Entry should be RSAKeyPairEntry ");
        }
        RSAKeyPairEntry rSAKeyPairEntry = (RSAKeyPairEntry) entry;
        PublicKey pubKey = rSAKeyPairEntry.getPubKey();
        PrivateKey privKey = rSAKeyPairEntry.getPrivKey();
        IRSArefPublicKey iRSArefPublicKey = null;
        IRSArefPrivateKey iRSArefPrivateKey = null;
        if (privKey == null && pubKey == null) {
            throw new RuntimeCryptoException("PublicKey and PrivateKey of RSAKeyPairEntry cannt  both be null.");
        }
        if (pubKey != null) {
            iRSArefPublicKey = KeyUtil.transRSAPubKeyDER2GM(pubKey.getEncoded());
        }
        if (privKey != null) {
            iRSArefPrivateKey = KeyUtil.transRSAPriKeyDER2GM(privKey.getEncoded());
        }
        try {
            this.device.rsaImportKeyPair(substring2, iRSArefPublicKey, iRSArefPrivateKey);
        } catch (CryptoException e2) {
            throw new RuntimeCryptoException("RSA key pair import error" + e2.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        if (str == null || "".equals(str)) {
            throw new RuntimeCryptoException("alias is null or blank space.");
        }
        if (str.startsWith("RSA_")) {
            String substring = str.substring(4);
            if (!checkLabel(substring)) {
                throw new RuntimeCryptoException("label is error.3-31 alphabetic or numeric.");
            }
            try {
                this.device.rsaDeleteKeyPair(substring);
                return;
            } catch (CryptoException e) {
                throw new RuntimeCryptoException("Delete internal label RSA key pair error", e);
            }
        }
        if (!str.startsWith("SYM_")) {
            throw new RuntimeCryptoException("alias is not start with 'RSA_' or 'SYM_'");
        }
        String substring2 = str.substring(4);
        if (!checkLabel(substring2)) {
            throw new RuntimeCryptoException("label is error.3-31 alphabetic or numeric.");
        }
        try {
            this.device.deleteKey(substring2);
        } catch (CryptoException e2) {
            throw new RuntimeCryptoException("Delete internal label key error", e2);
        }
    }

    @Override // java.security.KeyStoreSpi
    public synchronized KeyStore.Entry engineGetEntry(String str, KeyStore.ProtectionParameter protectionParameter) {
        KeyStore.Entry secretKeyEntry;
        if (str == null || "".equals(str)) {
            throw new RuntimeCryptoException("alias is null or blank space.");
        }
        if (str.startsWith("RSA_")) {
            String substring = str.substring(4);
            if (!checkLabel(substring)) {
                throw new RuntimeCryptoException("label is error.3-31 alphabetic or numeric.");
            }
            try {
                IRSArefPublicKey rSAPublicKey = this.device.getRSAPublicKey(substring);
                BigInteger positiveInteger = BigIntegerUitl.toPositiveInteger(rSAPublicKey.getE());
                BigInteger positiveInteger2 = BigIntegerUitl.toPositiveInteger(rSAPublicKey.getM());
                AsymmetricCipherKeyPair asymmetricCipherKeyPair = new AsymmetricCipherKeyPair((AsymmetricKeyParameter) new RSAKeyParameters(null, 0, substring, 0, rSAPublicKey.getBits(), false, positiveInteger2, positiveInteger), (AsymmetricKeyParameter) new RSAPrivateCrtKeyParameters(null, 0, substring, 0, rSAPublicKey.getBits(), positiveInteger2, positiveInteger, new BigInteger("0"), new BigInteger(new byte[]{102, 102, 51, 53, 54, 51, 54, 53, 52, 99, 102, 51, 56, 54, 51, 48, 51, 98, 102, 57, 57, 50, 101, 51, 54, 100, 50, 52, 55, 99, 52, 50, 54, 97, 52, 57, 53, 56, 50, 98, 99, 101, 49, 49, 55, 54, 101, 102, 48, 49, 52, 49, 101, 48, 55, 99, 97, 53, 99, 101, 98, 101, 51, 54, 102, 49, 98, 102, 100, 49, 55, 49, 54, 56, 100, 57, 51, 98, 101, 98, 101, 52, 102, 55, 57, 51, 102, 49, 51, 56, 52, 50, 54, 102, 50, 53, 50, 55, 49, 49, 49, 49, 98, 98, 98, 100, 101, 52, 49, 98, 50, 54, 97, 101, 53, 98, 48, 101, 48, 56, 97, 100, 51, 52, 101, 50, 57, 100}), new BigInteger(new byte[]{50, 101, 102, 99, 51, 101, 100, 101, 102, 53, 56, 101, 52, 50, 55, 54, 51, 52, 54, 53, 55, 56, 54, 97, 52, 50, 52, 57, 99, 57, 101, 100, 55, 52, 101, 100, 102, 55, 49, 50, 49, 99, 98, 55, 54, 49, 57, 56, 99, 56, 52, 48, 102, 53, 99, 52, 55, 102, 54, 48, 99, 101, 53, 101, 52, 50, 48, 101, 102, 49, 97, 57, 57, 101, 54, 99, 97, 53, 101, 97, 97, 54, 52, 51, 48, 53, 57, 100, 101, 99, 51, 50, 100, 98, 50, 51, 49, 50, 50, 53, 101, 53, 56, 97, 97, 102, 101, 97, 97, 102, 48, 48, 57, 55, 50, 100, 100, 98, 98, 101, 101, 48, 55, 57, 57, 101, 100, 57}), new BigInteger(new byte[]{53, 54, 55, 55, 55, 48, 98, 51, 49, 102, 51, 99, 97, 53, 52, 52, 57, 56, 99, 101, 48, 101, 52, 102, 49, 53, 48, 97, 57, 55, 98, 50, 102, 53, 49, 101, 99, 54, 53, 101, 50, 99, 57, 49, 52, 48, 102, 98, 57, 48, 51, 50, 100, 102, 97, 48, 102, 49, 52, 50, 50, 51, 57, 54, 53, 100, 51, 52, 57, 57, 51, 100, 102, 99, 99, 99, 100, 101, 101, 52, 101, 98, 50, 101, 97, 97, 52, 54, 54, 52, 55, 101, 49, 97, 48, 100, 100, 55, 54, 57, 100, 54, 50, 56, 50, 100, 52, 54, 100, 102, 102, 48, 52, 99, 97, 52, 99, 97, 99, 52, 56, 50, 101, 102, 102, 101, 55, 49}), new BigInteger(new byte[]{50, 97, 53, 54, 49, 57, 49, 98, 57, 57, 52, 100, 97, 99, 98, 56, 97, 50, 55, 53, 99, 50, 101, 53, 57, 52, 100, 49, 52, 102, 49, 99, 100, 97, 53, 101, 51, 57, 53, 53, 51, 50, 52, 102, 50, 100, 56, 102, 99, 100, 99, 97, 55, 97, 98, 53, 100, 48, 57, 51, 49, 48, 56, 57, 54, 49, 101, 55, 102, 98, 101, 51, 48, 52, 101, 52, 52, 101, 98, 56, 102, 56, 51, 56, 98, 50, 52, 55, 102, 51, 55, 97, 97, 102, 54, 102, 51, 52, 51, 49, 54, 57, 57, 55, 52, 101, 54, 97, 56, 98, 49, 50, 55, 55, 98, 54, 98, 51, 56, 54, 55, 102, 50, 55, 52, 52, 100, 57}), new BigInteger(new byte[]{55, 53, 48, 54, 48, 50, 51, 52, 49, 53, 49, 57, 101, 98, 55, 55, 101, 52, 51, 49, 49, 99, 57, 101, 57, 49, 97, 51, 49, 99, 53, 54, 55, 55, 100, 51, 98, 54, 101, 56, 56, 100, 56, 98, 101, 53, 57, 52, 52, 51, 54, 98, 49, 49, 48, 53, 55, 51, 97, 102, 99, 56, 97, 53, 101, 52, 101, 52, 57, 53, 55, 52, 57, 53, 97, 100, 56, 56, 54, 50, 52, 57, 53, 56, 102, 102, 55, 51, 50, 102, 57, 55, 102, 48, 100, 55, 49, 97, 51, 55, 99, 100, 54, 52, 97, 98, 98, 102, 50, 54, 48, 102, 102, 57, 57, 48, 55, 97, 48, 99, 54, 56, 99, 48, 50, 55, 102, 52})));
                secretKeyEntry = new RSAKeyPairEntry(new SwJCERSAPublicKey((RSAKeyParameters) asymmetricCipherKeyPair.getPublic()), new SwJCERSAPrivateCrtKey((RSAPrivateCrtKeyParameters) asymmetricCipherKeyPair.getPrivate()));
            } catch (Exception e) {
                throw new RuntimeCryptoException("Get internal RSA public key error", e);
            }
        } else {
            if (!str.startsWith("SYM_")) {
                throw new RuntimeCryptoException("alias is not start with 'RSA_' or 'SYM_'");
            }
            String substring2 = str.substring(4);
            if (!checkLabel(substring2)) {
                throw new RuntimeCryptoException("label is error.3-31 alphabetic or numeric.");
            }
            secretKeyEntry = new SecretKeyEntry(new HsmSecretKeySpec(substring2, new byte[16], "swxaLabel"));
        }
        return secretKeyEntry;
    }

    private boolean checkLabel(String str) {
        boolean matches = str.matches("^[a-zA-Z0-9_$]+$");
        if (str.length() >= 32 || str.length() <= 2) {
            matches = false;
        }
        return matches;
    }
}
