package com.unbound.client.pkcs11;

import com.dyadicsec.cryptoki.CKR_Exception;
import com.dyadicsec.cryptoki.Library;
import com.unbound.client.CipherOper;
import com.unbound.client.Client;
import com.unbound.client.DeriveOper;
import com.unbound.client.HashType;
import com.unbound.client.MacOper;
import com.unbound.client.Partition;
import com.unbound.client.PrivateKeyObject;
import com.unbound.client.SignatureOper;
import com.unbound.common.Log;
import com.unbound.provider.UBCryptoProvider;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.KeyStore;
import java.security.ProviderException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;

/* loaded from: input_file:com/unbound/client/pkcs11/PKCS11Client.class */
public final class PKCS11Client extends Client {
    private static PKCS11Client instance;

    public static Client getInstance() {
        return instance;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.unbound.client.Client
    public X509Certificate selfSign(PrivateKeyObject privateKeyObject, String str, String str2, BigInteger bigInteger, int i) throws CertificateException {
        Log end = Log.func("PKCS11Client.selfSign").log("subject", str2).end();
        try {
            try {
                HashType hashType = HashType.SHA256;
                if (str != null && !str.isEmpty()) {
                    hashType = HashType.getFromName(str);
                }
                char[] charArray = str2.toCharArray();
                byte[] byteArray = bigInteger == null ? null : bigInteger.toByteArray();
                PKCS11Partition pKCS11Partition = (PKCS11Partition) privateKeyObject.getPartition();
                PKCS11Session pKCS11Session = null;
                try {
                    pKCS11Session = (PKCS11Session) pKCS11Partition.acquireSession();
                    byte[] DYC_SelfSignX509 = Library.DYC_SelfSignX509(pKCS11Session.getHandle(), ((PKCS11Object) privateKeyObject).handle, hashType.getPkcs11Mech(), charArray, byteArray, i);
                    pKCS11Partition.releaseSession(pKCS11Session);
                    X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(DYC_SelfSignX509));
                    end.leave();
                    return x509Certificate;
                } catch (Throwable th) {
                    pKCS11Partition.releaseSession(pKCS11Session);
                    throw th;
                }
            } catch (Exception e) {
                end.failed(e);
                throw new ProviderException(e);
            }
        } catch (Throwable th2) {
            end.leave();
            throw th2;
        }
    }

    @Override // com.unbound.client.Client
    public CipherOper newCipherOperation() {
        return new PKCS11CipherOper();
    }

    @Override // com.unbound.client.Client
    public MacOper newMacOperation() {
        return new PKCS11MacOper();
    }

    @Override // com.unbound.client.Client
    public SignatureOper newSignatureOperation() {
        return new PKCS11SignatureOper();
    }

    @Override // com.unbound.client.Client
    public DeriveOper newDeriveOperation() {
        return new PKCS11DeriveOper();
    }

    @Override // com.unbound.client.Client
    public void initProviders(String[] strArr, KeyStore keyStore) {
        throw new ProviderException("Clientless configuration is not supported");
    }

    @Override // com.unbound.client.Client
    public Partition getPartition(String str) {
        return PKCS11Partition.get(str);
    }

    /* JADX WARN: Code restructure failed: missing block: B:25:0x0017, code lost:
    
        if (r9.isEmpty() != false) goto L7;
     */
    @Override // com.unbound.client.Client
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.unbound.client.Partition initProvider(java.lang.String r9) {
        /*
            r8 = this;
            java.lang.String r0 = "PKCS11Client.initProvider"
            com.unbound.common.Log r0 = com.unbound.common.Log.func(r0)
            java.lang.String r1 = "configArg"
            r2 = r9
            com.unbound.common.Log r0 = r0.log(r1, r2)
            com.unbound.common.Log r0 = r0.end()
            r10 = r0
            r0 = r9
            if (r0 == 0) goto L1a
            r0 = r9
            boolean r0 = r0.isEmpty()     // Catch: java.lang.Exception -> L61 java.lang.Throwable -> L69
            if (r0 == 0) goto L20
        L1a:
            java.lang.String r0 = "ekm.partition"
            java.lang.String r0 = java.lang.System.getProperty(r0)     // Catch: java.lang.Exception -> L61 java.lang.Throwable -> L69
            r9 = r0
        L20:
            r0 = r9
            if (r0 == 0) goto L2b
            r0 = r9
            boolean r0 = r0.isEmpty()     // Catch: java.lang.Exception -> L61 java.lang.Throwable -> L69
            if (r0 == 0) goto L39
        L2b:
            java.util.Map r0 = java.lang.System.getenv()     // Catch: java.lang.Exception -> L61 java.lang.Throwable -> L69
            java.lang.String r1 = "EKM_PARTITION"
            java.lang.Object r0 = r0.get(r1)     // Catch: java.lang.Exception -> L61 java.lang.Throwable -> L69
            java.lang.String r0 = (java.lang.String) r0     // Catch: java.lang.Exception -> L61 java.lang.Throwable -> L69
            r9 = r0
        L39:
            r0 = r9
            com.unbound.client.pkcs11.PKCS11Partition r0 = com.unbound.client.pkcs11.PKCS11Partition.get(r0)     // Catch: java.lang.Exception -> L61 java.lang.Throwable -> L69
            r11 = r0
            r0 = r11
            if (r0 != 0) goto L57
            java.security.ProviderException r0 = new java.security.ProviderException     // Catch: java.lang.Exception -> L61 java.lang.Throwable -> L69
            r1 = r0
            java.lang.String r2 = "Partition %s not found"
            r3 = 1
            java.lang.Object[] r3 = new java.lang.Object[r3]     // Catch: java.lang.Exception -> L61 java.lang.Throwable -> L69
            r4 = r3
            r5 = 0
            r6 = r9
            r4[r5] = r6     // Catch: java.lang.Exception -> L61 java.lang.Throwable -> L69
            java.lang.String r2 = java.lang.String.format(r2, r3)     // Catch: java.lang.Exception -> L61 java.lang.Throwable -> L69
            r1.<init>(r2)     // Catch: java.lang.Exception -> L61 java.lang.Throwable -> L69
            throw r0     // Catch: java.lang.Exception -> L61 java.lang.Throwable -> L69
        L57:
            r0 = r11
            r12 = r0
            r0 = r10
            r0.leave()
            r0 = r12
            return r0
        L61:
            r11 = move-exception
            r0 = r10
            r1 = r11
            r0.failed(r1)     // Catch: java.lang.Throwable -> L69
            r0 = r11
            throw r0     // Catch: java.lang.Throwable -> L69
        L69:
            r13 = move-exception
            r0 = r10
            r0.leave()
            r0 = r13
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.unbound.client.pkcs11.PKCS11Client.initProvider(java.lang.String):com.unbound.client.Partition");
    }

    @Override // com.unbound.client.Client
    public Partition initProvider(KeyStore keyStore, String str) {
        throw new ProviderException("Clientless configuration is not supported");
    }

    static {
        try {
            Library.C_Initialize();
            for (int i : Library.C_GetSlotList(true)) {
                PKCS11Partition.register(i);
            }
            UBCryptoProvider.allowPrivateKeyWithoutCertificate(true);
            UBCryptoProvider.allowPublicKey(true);
        } catch (CKR_Exception e) {
        }
        instance = new PKCS11Client();
    }
}
