package sun.security.pkcs11;

import com.sun.org.apache.xerces.internal.impl.xs.SchemaSymbols;
import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate;
import java.io.IOException;
import java.io.NotSerializableException;
import java.io.ObjectStreamException;
import java.math.BigInteger;
import java.security.AccessController;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyRep;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.DSAParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.InvalidKeySpecException;
import java.util.Objects;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPrivateKeySpec;
import javax.crypto.spec.DHPublicKeySpec;
import sun.security.internal.interfaces.TlsMasterSecret;
import sun.security.pkcs11.wrapper.CK_ATTRIBUTE;
import sun.security.pkcs11.wrapper.PKCS11Exception;
import sun.security.rsa.RSAPrivateCrtKeyImpl;
import sun.security.rsa.RSAPublicKeyImpl;
import sun.security.rsa.RSAUtil;
import sun.security.util.DerValue;
import sun.security.util.Length;
import sun.tools.java.RuntimeConstants;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:win/1.8.0_292/jre/lib/ext/sunpkcs11.jar:sun/security/pkcs11/P11Key.class */
public abstract class P11Key implements Key, Length {
    private static final long serialVersionUID = -2575874101938349339L;
    private static final String PUBLIC = "public";
    private static final String PRIVATE = "private";
    private static final String SECRET = "secret";
    final String type;
    final Token token;
    final String algorithm;
    final int keyLength;
    final boolean tokenObject;
    final boolean sensitive;
    final boolean extractable;
    private final NativeKeyHolder keyIDHolder;
    private static final boolean DISABLE_NATIVE_KEYS_EXTRACTION = "true".equalsIgnoreCase((String) AccessController.doPrivileged(() -> {
        return System.getProperty("sun.security.pkcs11.disableKeyExtraction", "false");
    }));
    private static final CK_ATTRIBUTE[] A0 = new CK_ATTRIBUTE[0];

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:win/1.8.0_292/jre/lib/ext/sunpkcs11.jar:sun/security/pkcs11/P11Key$P11DHPrivateKey.class */
    public static final class P11DHPrivateKey extends P11Key implements DHPrivateKey {
        private static final long serialVersionUID = -1698576167364928838L;
        private BigInteger x;
        private DHParameterSpec params;
        private byte[] encoded;

        P11DHPrivateKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr) {
            super("private", session, j, str, i, ck_attributeArr);
        }

        private synchronized void fetchValues() {
            this.token.ensureValid();
            if (this.x != null) {
                return;
            }
            CK_ATTRIBUTE[] ck_attributeArr = {new CK_ATTRIBUTE(17L), new CK_ATTRIBUTE(304L), new CK_ATTRIBUTE(306L)};
            fetchAttributes(ck_attributeArr);
            this.x = ck_attributeArr[0].getBigInteger();
            this.params = new DHParameterSpec(ck_attributeArr[1].getBigInteger(), ck_attributeArr[2].getBigInteger());
        }

        @Override // java.security.Key
        public String getFormat() {
            this.token.ensureValid();
            return "PKCS#8";
        }

        @Override // sun.security.pkcs11.P11Key
        synchronized byte[] getEncodedInternal() {
            this.token.ensureValid();
            if (this.encoded == null) {
                fetchValues();
                try {
                    this.encoded = KeyFactory.getInstance("DH", P11Util.getSunJceProvider()).generatePrivate(new DHPrivateKeySpec(this.x, this.params.getP(), this.params.getG())).getEncoded();
                } catch (GeneralSecurityException e) {
                    throw new ProviderException(e);
                }
            }
            return this.encoded;
        }

        @Override // javax.crypto.interfaces.DHPrivateKey
        public BigInteger getX() {
            fetchValues();
            return this.x;
        }

        @Override // javax.crypto.interfaces.DHKey
        public DHParameterSpec getParams() {
            fetchValues();
            return this.params;
        }

        @Override // sun.security.pkcs11.P11Key
        public int hashCode() {
            if (!this.token.isValid()) {
                return 0;
            }
            fetchValues();
            return Objects.hash(this.x, this.params.getP(), this.params.getG());
        }

        @Override // sun.security.pkcs11.P11Key
        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (!this.token.isValid() || !(obj instanceof DHPrivateKey)) {
                return false;
            }
            fetchValues();
            DHPrivateKey dHPrivateKey = (DHPrivateKey) obj;
            DHParameterSpec params = dHPrivateKey.getParams();
            return this.x.compareTo(dHPrivateKey.getX()) == 0 && this.params.getP().compareTo(params.getP()) == 0 && this.params.getG().compareTo(params.getG()) == 0;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:win/1.8.0_292/jre/lib/ext/sunpkcs11.jar:sun/security/pkcs11/P11Key$P11DHPublicKey.class */
    public static final class P11DHPublicKey extends P11Key implements DHPublicKey {
        static final long serialVersionUID = -598383872153843657L;
        private BigInteger y;
        private DHParameterSpec params;
        private byte[] encoded;

        P11DHPublicKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr) {
            super("public", session, j, str, i, ck_attributeArr);
        }

        private synchronized void fetchValues() {
            this.token.ensureValid();
            if (this.y != null) {
                return;
            }
            CK_ATTRIBUTE[] ck_attributeArr = {new CK_ATTRIBUTE(17L), new CK_ATTRIBUTE(304L), new CK_ATTRIBUTE(306L)};
            fetchAttributes(ck_attributeArr);
            this.y = ck_attributeArr[0].getBigInteger();
            this.params = new DHParameterSpec(ck_attributeArr[1].getBigInteger(), ck_attributeArr[2].getBigInteger());
        }

        @Override // java.security.Key
        public String getFormat() {
            this.token.ensureValid();
            return XMLX509Certificate.JCA_CERT_ID;
        }

        @Override // sun.security.pkcs11.P11Key
        synchronized byte[] getEncodedInternal() {
            this.token.ensureValid();
            if (this.encoded == null) {
                fetchValues();
                try {
                    this.encoded = KeyFactory.getInstance("DH", P11Util.getSunJceProvider()).generatePublic(new DHPublicKeySpec(this.y, this.params.getP(), this.params.getG())).getEncoded();
                } catch (GeneralSecurityException e) {
                    throw new ProviderException(e);
                }
            }
            return this.encoded;
        }

        @Override // javax.crypto.interfaces.DHPublicKey
        public BigInteger getY() {
            fetchValues();
            return this.y;
        }

        @Override // javax.crypto.interfaces.DHKey
        public DHParameterSpec getParams() {
            fetchValues();
            return this.params;
        }

        @Override // sun.security.pkcs11.P11Key
        public String toString() {
            fetchValues();
            return super.toString() + "\n  y: " + ((Object) this.y) + "\n  p: " + ((Object) this.params.getP()) + "\n  g: " + ((Object) this.params.getG());
        }

        @Override // sun.security.pkcs11.P11Key
        public int hashCode() {
            if (!this.token.isValid()) {
                return 0;
            }
            fetchValues();
            return Objects.hash(this.y, this.params.getP(), this.params.getG());
        }

        @Override // sun.security.pkcs11.P11Key
        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (!this.token.isValid() || !(obj instanceof DHPublicKey)) {
                return false;
            }
            fetchValues();
            DHPublicKey dHPublicKey = (DHPublicKey) obj;
            DHParameterSpec params = dHPublicKey.getParams();
            return this.y.compareTo(dHPublicKey.getY()) == 0 && this.params.getP().compareTo(params.getP()) == 0 && this.params.getG().compareTo(params.getG()) == 0;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:win/1.8.0_292/jre/lib/ext/sunpkcs11.jar:sun/security/pkcs11/P11Key$P11DSAPrivateKey.class */
    public static final class P11DSAPrivateKey extends P11Key implements DSAPrivateKey {
        private static final long serialVersionUID = 3119629997181999389L;
        private BigInteger x;
        private DSAParams params;
        private byte[] encoded;

        P11DSAPrivateKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr) {
            super("private", session, j, str, i, ck_attributeArr);
        }

        private synchronized void fetchValues() {
            this.token.ensureValid();
            if (this.x != null) {
                return;
            }
            CK_ATTRIBUTE[] ck_attributeArr = {new CK_ATTRIBUTE(17L), new CK_ATTRIBUTE(304L), new CK_ATTRIBUTE(305L), new CK_ATTRIBUTE(306L)};
            fetchAttributes(ck_attributeArr);
            this.x = ck_attributeArr[0].getBigInteger();
            this.params = new DSAParameterSpec(ck_attributeArr[1].getBigInteger(), ck_attributeArr[2].getBigInteger(), ck_attributeArr[3].getBigInteger());
        }

        @Override // java.security.Key
        public String getFormat() {
            this.token.ensureValid();
            return "PKCS#8";
        }

        @Override // sun.security.pkcs11.P11Key
        synchronized byte[] getEncodedInternal() {
            this.token.ensureValid();
            if (this.encoded == null) {
                fetchValues();
                try {
                    this.encoded = new sun.security.provider.DSAPrivateKey(this.x, this.params.getP(), this.params.getQ(), this.params.getG()).getEncoded();
                } catch (InvalidKeyException e) {
                    throw new ProviderException(e);
                }
            }
            return this.encoded;
        }

        @Override // java.security.interfaces.DSAPrivateKey
        public BigInteger getX() {
            fetchValues();
            return this.x;
        }

        @Override // java.security.interfaces.DSAKey
        public DSAParams getParams() {
            fetchValues();
            return this.params;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:win/1.8.0_292/jre/lib/ext/sunpkcs11.jar:sun/security/pkcs11/P11Key$P11DSAPublicKey.class */
    public static final class P11DSAPublicKey extends P11Key implements DSAPublicKey {
        private static final long serialVersionUID = 5989753793316396637L;
        private BigInteger y;
        private DSAParams params;
        private byte[] encoded;

        P11DSAPublicKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr) {
            super("public", session, j, str, i, ck_attributeArr);
        }

        private synchronized void fetchValues() {
            this.token.ensureValid();
            if (this.y != null) {
                return;
            }
            CK_ATTRIBUTE[] ck_attributeArr = {new CK_ATTRIBUTE(17L), new CK_ATTRIBUTE(304L), new CK_ATTRIBUTE(305L), new CK_ATTRIBUTE(306L)};
            fetchAttributes(ck_attributeArr);
            this.y = ck_attributeArr[0].getBigInteger();
            this.params = new DSAParameterSpec(ck_attributeArr[1].getBigInteger(), ck_attributeArr[2].getBigInteger(), ck_attributeArr[3].getBigInteger());
        }

        @Override // java.security.Key
        public String getFormat() {
            this.token.ensureValid();
            return XMLX509Certificate.JCA_CERT_ID;
        }

        @Override // sun.security.pkcs11.P11Key
        synchronized byte[] getEncodedInternal() {
            this.token.ensureValid();
            if (this.encoded == null) {
                fetchValues();
                try {
                    this.encoded = new sun.security.provider.DSAPublicKey(this.y, this.params.getP(), this.params.getQ(), this.params.getG()).getEncoded();
                } catch (InvalidKeyException e) {
                    throw new ProviderException(e);
                }
            }
            return this.encoded;
        }

        @Override // java.security.interfaces.DSAPublicKey
        public BigInteger getY() {
            fetchValues();
            return this.y;
        }

        @Override // java.security.interfaces.DSAKey
        public DSAParams getParams() {
            fetchValues();
            return this.params;
        }

        @Override // sun.security.pkcs11.P11Key
        public String toString() {
            fetchValues();
            return super.toString() + "\n  y: " + ((Object) this.y) + "\n  p: " + ((Object) this.params.getP()) + "\n  q: " + ((Object) this.params.getQ()) + "\n  g: " + ((Object) this.params.getG());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:win/1.8.0_292/jre/lib/ext/sunpkcs11.jar:sun/security/pkcs11/P11Key$P11ECPrivateKey.class */
    public static final class P11ECPrivateKey extends P11Key implements ECPrivateKey {
        private static final long serialVersionUID = -7786054399510515515L;
        private BigInteger s;
        private ECParameterSpec params;
        private byte[] encoded;

        P11ECPrivateKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr) {
            super("private", session, j, str, i, ck_attributeArr);
        }

        private synchronized void fetchValues() {
            this.token.ensureValid();
            if (this.s != null) {
                return;
            }
            CK_ATTRIBUTE[] ck_attributeArr = {new CK_ATTRIBUTE(17L), new CK_ATTRIBUTE(384L, this.params)};
            fetchAttributes(ck_attributeArr);
            this.s = ck_attributeArr[0].getBigInteger();
            try {
                this.params = P11ECKeyFactory.decodeParameters(ck_attributeArr[1].getByteArray());
            } catch (Exception e) {
                throw new RuntimeException("Could not parse key values", e);
            }
        }

        @Override // java.security.Key
        public String getFormat() {
            this.token.ensureValid();
            return "PKCS#8";
        }

        @Override // sun.security.pkcs11.P11Key
        synchronized byte[] getEncodedInternal() {
            this.token.ensureValid();
            if (this.encoded == null) {
                fetchValues();
                try {
                    this.encoded = P11ECUtil.generateECPrivateKey(this.s, this.params).getEncoded();
                } catch (InvalidKeySpecException e) {
                    throw new ProviderException(e);
                }
            }
            return this.encoded;
        }

        @Override // java.security.interfaces.ECPrivateKey
        public BigInteger getS() {
            fetchValues();
            return this.s;
        }

        @Override // java.security.interfaces.ECKey
        public ECParameterSpec getParams() {
            fetchValues();
            return this.params;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:win/1.8.0_292/jre/lib/ext/sunpkcs11.jar:sun/security/pkcs11/P11Key$P11ECPublicKey.class */
    public static final class P11ECPublicKey extends P11Key implements ECPublicKey {
        private static final long serialVersionUID = -6371481375154806089L;
        private ECPoint w;
        private ECParameterSpec params;
        private byte[] encoded;

        P11ECPublicKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr) {
            super("public", session, j, str, i, ck_attributeArr);
        }

        private synchronized void fetchValues() {
            this.token.ensureValid();
            if (this.w != null) {
                return;
            }
            CK_ATTRIBUTE[] ck_attributeArr = {new CK_ATTRIBUTE(385L), new CK_ATTRIBUTE(384L)};
            fetchAttributes(ck_attributeArr);
            try {
                this.params = P11ECKeyFactory.decodeParameters(ck_attributeArr[1].getByteArray());
                byte[] byteArray = ck_attributeArr[0].getByteArray();
                if (this.token.config.getUseEcX963Encoding()) {
                    this.w = P11ECKeyFactory.decodePoint(byteArray, this.params.getCurve());
                } else {
                    DerValue derValue = new DerValue(byteArray);
                    if (derValue.getTag() != 4) {
                        throw new IOException("Could not DER decode EC point. Unexpected tag: " + ((int) derValue.getTag()));
                    }
                    this.w = P11ECKeyFactory.decodePoint(derValue.getDataBytes(), this.params.getCurve());
                }
            } catch (Exception e) {
                throw new RuntimeException("Could not parse key values", e);
            }
        }

        @Override // java.security.Key
        public String getFormat() {
            this.token.ensureValid();
            return XMLX509Certificate.JCA_CERT_ID;
        }

        @Override // sun.security.pkcs11.P11Key
        synchronized byte[] getEncodedInternal() {
            this.token.ensureValid();
            if (this.encoded != null) {
                return this.encoded;
            }
            fetchValues();
            try {
                return P11ECUtil.x509EncodeECPublicKey(this.w, this.params);
            } catch (InvalidKeySpecException e) {
                throw new ProviderException(e);
            }
        }

        @Override // java.security.interfaces.ECPublicKey
        public ECPoint getW() {
            fetchValues();
            return this.w;
        }

        @Override // java.security.interfaces.ECKey
        public ECParameterSpec getParams() {
            fetchValues();
            return this.params;
        }

        @Override // sun.security.pkcs11.P11Key
        public String toString() {
            fetchValues();
            return super.toString() + "\n  public x coord: " + ((Object) this.w.getAffineX()) + "\n  public y coord: " + ((Object) this.w.getAffineY()) + "\n  parameters: " + ((Object) this.params);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:win/1.8.0_292/jre/lib/ext/sunpkcs11.jar:sun/security/pkcs11/P11Key$P11PrivateKey.class */
    public static final class P11PrivateKey extends P11Key implements PrivateKey {
        private static final long serialVersionUID = -2138581185214187615L;

        P11PrivateKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr) {
            super("private", session, j, str, i, ck_attributeArr);
        }

        @Override // java.security.Key
        public String getFormat() {
            this.token.ensureValid();
            return null;
        }

        @Override // sun.security.pkcs11.P11Key
        byte[] getEncodedInternal() {
            this.token.ensureValid();
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:win/1.8.0_292/jre/lib/ext/sunpkcs11.jar:sun/security/pkcs11/P11Key$P11RSAPrivateKey.class */
    public static final class P11RSAPrivateKey extends P11Key implements RSAPrivateCrtKey {
        private static final long serialVersionUID = 9215872438913515220L;
        private BigInteger n;
        private BigInteger e;
        private BigInteger d;
        private BigInteger p;
        private BigInteger q;
        private BigInteger pe;
        private BigInteger qe;
        private BigInteger coeff;
        private byte[] encoded;

        P11RSAPrivateKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr) {
            super("private", session, j, str, i, ck_attributeArr);
        }

        private synchronized void fetchValues() {
            this.token.ensureValid();
            if (this.n != null) {
                return;
            }
            CK_ATTRIBUTE[] ck_attributeArr = {new CK_ATTRIBUTE(288L), new CK_ATTRIBUTE(290L), new CK_ATTRIBUTE(291L), new CK_ATTRIBUTE(292L), new CK_ATTRIBUTE(293L), new CK_ATTRIBUTE(294L), new CK_ATTRIBUTE(295L), new CK_ATTRIBUTE(296L)};
            fetchAttributes(ck_attributeArr);
            this.n = ck_attributeArr[0].getBigInteger();
            this.e = ck_attributeArr[1].getBigInteger();
            this.d = ck_attributeArr[2].getBigInteger();
            this.p = ck_attributeArr[3].getBigInteger();
            this.q = ck_attributeArr[4].getBigInteger();
            this.pe = ck_attributeArr[5].getBigInteger();
            this.qe = ck_attributeArr[6].getBigInteger();
            this.coeff = ck_attributeArr[7].getBigInteger();
        }

        @Override // java.security.Key
        public String getFormat() {
            this.token.ensureValid();
            return "PKCS#8";
        }

        @Override // sun.security.pkcs11.P11Key
        synchronized byte[] getEncodedInternal() {
            this.token.ensureValid();
            if (this.encoded == null) {
                fetchValues();
                try {
                    this.encoded = RSAPrivateCrtKeyImpl.newKey(RSAUtil.KeyType.RSA, null, this.n, this.e, this.d, this.p, this.q, this.pe, this.qe, this.coeff).getEncoded();
                } catch (GeneralSecurityException e) {
                    throw new ProviderException(e);
                }
            }
            return this.encoded;
        }

        @Override // java.security.interfaces.RSAKey
        public BigInteger getModulus() {
            fetchValues();
            return this.n;
        }

        @Override // java.security.interfaces.RSAPrivateCrtKey
        public BigInteger getPublicExponent() {
            fetchValues();
            return this.e;
        }

        @Override // java.security.interfaces.RSAPrivateKey
        public BigInteger getPrivateExponent() {
            fetchValues();
            return this.d;
        }

        @Override // java.security.interfaces.RSAPrivateCrtKey
        public BigInteger getPrimeP() {
            fetchValues();
            return this.p;
        }

        @Override // java.security.interfaces.RSAPrivateCrtKey
        public BigInteger getPrimeQ() {
            fetchValues();
            return this.q;
        }

        @Override // java.security.interfaces.RSAPrivateCrtKey
        public BigInteger getPrimeExponentP() {
            fetchValues();
            return this.pe;
        }

        @Override // java.security.interfaces.RSAPrivateCrtKey
        public BigInteger getPrimeExponentQ() {
            fetchValues();
            return this.qe;
        }

        @Override // java.security.interfaces.RSAPrivateCrtKey
        public BigInteger getCrtCoefficient() {
            fetchValues();
            return this.coeff;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:win/1.8.0_292/jre/lib/ext/sunpkcs11.jar:sun/security/pkcs11/P11Key$P11RSAPrivateNonCRTKey.class */
    public static final class P11RSAPrivateNonCRTKey extends P11Key implements RSAPrivateKey {
        private static final long serialVersionUID = 1137764983777411481L;
        private BigInteger n;
        private BigInteger d;
        private byte[] encoded;

        P11RSAPrivateNonCRTKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr) {
            super("private", session, j, str, i, ck_attributeArr);
        }

        private synchronized void fetchValues() {
            this.token.ensureValid();
            if (this.n != null) {
                return;
            }
            CK_ATTRIBUTE[] ck_attributeArr = {new CK_ATTRIBUTE(288L), new CK_ATTRIBUTE(291L)};
            fetchAttributes(ck_attributeArr);
            this.n = ck_attributeArr[0].getBigInteger();
            this.d = ck_attributeArr[1].getBigInteger();
        }

        @Override // java.security.Key
        public String getFormat() {
            this.token.ensureValid();
            return "PKCS#8";
        }

        @Override // sun.security.pkcs11.P11Key
        synchronized byte[] getEncodedInternal() {
            this.token.ensureValid();
            if (this.encoded == null) {
                fetchValues();
                try {
                    this.encoded = KeyFactory.getInstance("RSA", P11Util.getSunRsaSignProvider()).translateKey(this).getEncoded();
                } catch (GeneralSecurityException e) {
                    throw new ProviderException(e);
                }
            }
            return this.encoded;
        }

        @Override // java.security.interfaces.RSAKey
        public BigInteger getModulus() {
            fetchValues();
            return this.n;
        }

        @Override // java.security.interfaces.RSAPrivateKey
        public BigInteger getPrivateExponent() {
            fetchValues();
            return this.d;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:win/1.8.0_292/jre/lib/ext/sunpkcs11.jar:sun/security/pkcs11/P11Key$P11RSAPublicKey.class */
    public static final class P11RSAPublicKey extends P11Key implements RSAPublicKey {
        private static final long serialVersionUID = -826726289023854455L;
        private BigInteger n;
        private BigInteger e;
        private byte[] encoded;

        P11RSAPublicKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr) {
            super("public", session, j, str, i, ck_attributeArr);
        }

        private synchronized void fetchValues() {
            this.token.ensureValid();
            if (this.n != null) {
                return;
            }
            CK_ATTRIBUTE[] ck_attributeArr = {new CK_ATTRIBUTE(288L), new CK_ATTRIBUTE(290L)};
            fetchAttributes(ck_attributeArr);
            this.n = ck_attributeArr[0].getBigInteger();
            this.e = ck_attributeArr[1].getBigInteger();
        }

        @Override // java.security.Key
        public String getFormat() {
            this.token.ensureValid();
            return XMLX509Certificate.JCA_CERT_ID;
        }

        @Override // sun.security.pkcs11.P11Key
        synchronized byte[] getEncodedInternal() {
            this.token.ensureValid();
            if (this.encoded == null) {
                fetchValues();
                try {
                    this.encoded = RSAPublicKeyImpl.newKey(RSAUtil.KeyType.RSA, null, this.n, this.e).getEncoded();
                } catch (InvalidKeyException e) {
                    throw new ProviderException(e);
                }
            }
            return this.encoded;
        }

        @Override // java.security.interfaces.RSAKey
        public BigInteger getModulus() {
            fetchValues();
            return this.n;
        }

        @Override // java.security.interfaces.RSAPublicKey
        public BigInteger getPublicExponent() {
            fetchValues();
            return this.e;
        }

        @Override // sun.security.pkcs11.P11Key
        public String toString() {
            fetchValues();
            return super.toString() + "\n  modulus: " + ((Object) this.n) + "\n  public exponent: " + ((Object) this.e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:win/1.8.0_292/jre/lib/ext/sunpkcs11.jar:sun/security/pkcs11/P11Key$P11SecretKey.class */
    public static class P11SecretKey extends P11Key implements SecretKey {
        private static final long serialVersionUID = -7828241727014329084L;
        private volatile byte[] encoded;

        P11SecretKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr) {
            super(P11Key.SECRET, session, j, str, i, ck_attributeArr);
        }

        @Override // java.security.Key
        public String getFormat() {
            this.token.ensureValid();
            if (this.sensitive || !this.extractable) {
                return null;
            }
            return "RAW";
        }

        @Override // sun.security.pkcs11.P11Key
        byte[] getEncodedInternal() {
            this.token.ensureValid();
            if (getFormat() == null) {
                return null;
            }
            byte[] bArr = this.encoded;
            if (bArr == null) {
                synchronized (this) {
                    bArr = this.encoded;
                    if (bArr == null) {
                        Session session = null;
                        long keyID = getKeyID();
                        try {
                            try {
                                session = this.token.getOpSession();
                                CK_ATTRIBUTE[] ck_attributeArr = {new CK_ATTRIBUTE(17L)};
                                this.token.p11.C_GetAttributeValue(session.id(), keyID, ck_attributeArr);
                                bArr = ck_attributeArr[0].getByteArray();
                                releaseKeyID();
                                this.token.releaseSession(session);
                                this.encoded = bArr;
                            } catch (PKCS11Exception e) {
                                throw new ProviderException(e);
                            }
                        } catch (Throwable th) {
                            releaseKeyID();
                            this.token.releaseSession(session);
                            throw th;
                        }
                    }
                }
            }
            return bArr;
        }
    }

    /* loaded from: input_file:win/1.8.0_292/jre/lib/ext/sunpkcs11.jar:sun/security/pkcs11/P11Key$P11TlsMasterSecretKey.class */
    private static class P11TlsMasterSecretKey extends P11SecretKey implements TlsMasterSecret {
        private static final long serialVersionUID = -1318560923770573441L;
        private final int majorVersion;
        private final int minorVersion;

        P11TlsMasterSecretKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr, int i2, int i3) {
            super(session, j, str, i, ck_attributeArr);
            this.majorVersion = i2;
            this.minorVersion = i3;
        }

        @Override // sun.security.internal.interfaces.TlsMasterSecret
        public int getMajorVersion() {
            return this.majorVersion;
        }

        @Override // sun.security.internal.interfaces.TlsMasterSecret
        public int getMinorVersion() {
            return this.minorVersion;
        }
    }

    P11Key(String str, Session session, long j, String str2, int i, CK_ATTRIBUTE[] ck_attributeArr) {
        this.type = str;
        this.token = session.token;
        this.algorithm = str2;
        this.keyLength = i;
        boolean z = false;
        boolean z2 = false;
        boolean z3 = true;
        int length = ck_attributeArr == null ? 0 : ck_attributeArr.length;
        for (int i2 = 0; i2 < length; i2++) {
            CK_ATTRIBUTE ck_attribute = ck_attributeArr[i2];
            if (ck_attribute.type == 1) {
                z = ck_attribute.getBoolean();
            } else if (ck_attribute.type == 259) {
                z2 = ck_attribute.getBoolean();
            } else if (ck_attribute.type == 354) {
                z3 = ck_attribute.getBoolean();
            }
        }
        this.tokenObject = z;
        this.sensitive = z2;
        this.extractable = z3;
        char[] cArr = this.token.tokenInfo.label;
        this.keyIDHolder = new NativeKeyHolder(this, j, session, !DISABLE_NATIVE_KEYS_EXTRACTION && (cArr[0] == 'N' && cArr[1] == 'S' && cArr[2] == 'S') && z3 && !z, z);
    }

    public long getKeyID() {
        return this.keyIDHolder.getKeyID();
    }

    public void releaseKeyID() {
        this.keyIDHolder.releaseKeyID();
    }

    @Override // java.security.Key
    public final String getAlgorithm() {
        this.token.ensureValid();
        return this.algorithm;
    }

    @Override // java.security.Key
    public final byte[] getEncoded() {
        byte[] encodedInternal = getEncodedInternal();
        if (encodedInternal == null) {
            return null;
        }
        return (byte[]) encodedInternal.clone();
    }

    abstract byte[] getEncodedInternal();

    public boolean equals(Object obj) {
        String format;
        if (this == obj) {
            return true;
        }
        if (!this.token.isValid() || !(obj instanceof Key) || (format = getFormat()) == null) {
            return false;
        }
        Key key = (Key) obj;
        if (format.equals(key.getFormat())) {
            return MessageDigest.isEqual(getEncodedInternal(), obj instanceof P11Key ? ((P11Key) key).getEncodedInternal() : key.getEncoded());
        }
        return false;
    }

    public int hashCode() {
        byte[] encodedInternal;
        if (!this.token.isValid() || (encodedInternal = getEncodedInternal()) == null) {
            return 0;
        }
        int length = encodedInternal.length;
        for (byte b : encodedInternal) {
            length += (b & 255) * 37;
        }
        return length;
    }

    protected Object writeReplace() throws ObjectStreamException {
        KeyRep.Type type;
        String format = getFormat();
        if (isPrivate() && "PKCS#8".equals(format)) {
            type = KeyRep.Type.PRIVATE;
        } else if (isPublic() && XMLX509Certificate.JCA_CERT_ID.equals(format)) {
            type = KeyRep.Type.PUBLIC;
        } else {
            if (!isSecret() || !"RAW".equals(format)) {
                throw new NotSerializableException("Cannot serialize sensitive and unextractable keys");
            }
            type = KeyRep.Type.SECRET;
        }
        return new KeyRep(type, getAlgorithm(), format, getEncoded());
    }

    public String toString() {
        String str;
        this.token.ensureValid();
        String str2 = (this.token.provider.getName() + " " + this.algorithm + " " + this.type + " key, " + this.keyLength + " bits") + (this.tokenObject ? SchemaSymbols.ATTVAL_TOKEN : "session") + " object";
        if (isPublic()) {
            str = str2 + RuntimeConstants.SIG_ENDMETHOD;
        } else {
            str = (str2 + ", " + (this.sensitive ? "" : "not ") + "sensitive") + ", " + (this.extractable ? "" : "un") + "extractable)";
        }
        return str;
    }

    @Override // sun.security.util.Length
    public int length() {
        return this.keyLength;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isPublic() {
        return this.type == "public";
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isPrivate() {
        return this.type == "private";
    }

    boolean isSecret() {
        return this.type == SECRET;
    }

    void fetchAttributes(CK_ATTRIBUTE[] ck_attributeArr) {
        Session session = null;
        long keyID = getKeyID();
        try {
            try {
                session = this.token.getOpSession();
                this.token.p11.C_GetAttributeValue(session.id(), keyID, ck_attributeArr);
                releaseKeyID();
                this.token.releaseSession(session);
            } catch (PKCS11Exception e) {
                throw new ProviderException(e);
            }
        } catch (Throwable th) {
            releaseKeyID();
            this.token.releaseSession(session);
            throw th;
        }
    }

    private static CK_ATTRIBUTE[] getAttributes(Session session, long j, CK_ATTRIBUTE[] ck_attributeArr, CK_ATTRIBUTE[] ck_attributeArr2) {
        if (ck_attributeArr == null) {
            ck_attributeArr = A0;
        }
        int i = 0;
        while (true) {
            if (i >= ck_attributeArr2.length) {
                break;
            }
            CK_ATTRIBUTE ck_attribute = ck_attributeArr2[i];
            CK_ATTRIBUTE[] ck_attributeArr3 = ck_attributeArr;
            int length = ck_attributeArr3.length;
            int i2 = 0;
            while (true) {
                if (i2 >= length) {
                    break;
                }
                CK_ATTRIBUTE ck_attribute2 = ck_attributeArr3[i2];
                if (ck_attribute.type == ck_attribute2.type && ck_attribute2.pValue != null) {
                    ck_attribute.pValue = ck_attribute2.pValue;
                    break;
                }
                i2++;
            }
            if (ck_attribute.pValue == null) {
                for (int i3 = 0; i3 < i; i3++) {
                    ck_attributeArr2[i3].pValue = null;
                }
                try {
                    session.token.p11.C_GetAttributeValue(session.id(), j, ck_attributeArr2);
                } catch (PKCS11Exception e) {
                    throw new ProviderException(e);
                }
            } else {
                i++;
            }
        }
        return ck_attributeArr2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SecretKey secretKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr) {
        return new P11SecretKey(session, j, str, i, getAttributes(session, j, ck_attributeArr, new CK_ATTRIBUTE[]{new CK_ATTRIBUTE(1L), new CK_ATTRIBUTE(259L), new CK_ATTRIBUTE(354L)}));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SecretKey masterSecretKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr, int i2, int i3) {
        return new P11TlsMasterSecretKey(session, j, str, i, getAttributes(session, j, ck_attributeArr, new CK_ATTRIBUTE[]{new CK_ATTRIBUTE(1L), new CK_ATTRIBUTE(259L), new CK_ATTRIBUTE(354L)}), i2, i3);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PublicKey publicKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr) {
        boolean z = -1;
        switch (str.hashCode()) {
            case 2180:
                if (str.equals("DH")) {
                    z = 2;
                    break;
                }
                break;
            case 2206:
                if (str.equals("EC")) {
                    z = 3;
                    break;
                }
                break;
            case 67986:
                if (str.equals("DSA")) {
                    z = true;
                    break;
                }
                break;
            case 81440:
                if (str.equals("RSA")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return new P11RSAPublicKey(session, j, str, i, ck_attributeArr);
            case true:
                return new P11DSAPublicKey(session, j, str, i, ck_attributeArr);
            case true:
                return new P11DHPublicKey(session, j, str, i, ck_attributeArr);
            case true:
                return new P11ECPublicKey(session, j, str, i, ck_attributeArr);
            default:
                throw new ProviderException("Unknown public key algorithm " + str);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PrivateKey privateKey(Session session, long j, String str, int i, CK_ATTRIBUTE[] ck_attributeArr) {
        boolean z;
        CK_ATTRIBUTE[] attributes = getAttributes(session, j, ck_attributeArr, new CK_ATTRIBUTE[]{new CK_ATTRIBUTE(1L), new CK_ATTRIBUTE(259L), new CK_ATTRIBUTE(354L)});
        if (attributes[1].getBoolean() || !attributes[2].getBoolean()) {
            return new P11PrivateKey(session, j, str, i, attributes);
        }
        boolean z2 = -1;
        switch (str.hashCode()) {
            case 2180:
                if (str.equals("DH")) {
                    z2 = 2;
                    break;
                }
                break;
            case 2206:
                if (str.equals("EC")) {
                    z2 = 3;
                    break;
                }
                break;
            case 67986:
                if (str.equals("DSA")) {
                    z2 = true;
                    break;
                }
                break;
            case 81440:
                if (str.equals("RSA")) {
                    z2 = false;
                    break;
                }
                break;
        }
        switch (z2) {
            case false:
                CK_ATTRIBUTE[] ck_attributeArr2 = {new CK_ATTRIBUTE(290L)};
                try {
                    session.token.p11.C_GetAttributeValue(session.id(), j, ck_attributeArr2);
                    z = ck_attributeArr2[0].pValue instanceof byte[];
                } catch (PKCS11Exception e) {
                    z = false;
                }
                return z ? new P11RSAPrivateKey(session, j, str, i, attributes) : new P11RSAPrivateNonCRTKey(session, j, str, i, attributes);
            case true:
                return new P11DSAPrivateKey(session, j, str, i, attributes);
            case true:
                return new P11DHPrivateKey(session, j, str, i, attributes);
            case true:
                return new P11ECPrivateKey(session, j, str, i, attributes);
            default:
                throw new ProviderException("Unknown private key algorithm " + str);
        }
    }
}
