package com.rsa.crypto.ncm.key;

import com.rsa.crypto.AlgInputParams;
import com.rsa.crypto.AlgorithmParams;
import com.rsa.crypto.AlgorithmStrings;
import com.rsa.crypto.CryptoException;
import com.rsa.crypto.DHParams;
import com.rsa.crypto.DSAParams;
import com.rsa.crypto.DomainParams;
import com.rsa.crypto.ECParams;
import com.rsa.crypto.InvalidAlgorithmParameterException;
import com.rsa.crypto.KeyPair;
import com.rsa.crypto.PQGParams;
import com.rsa.crypto.ParamNames;
import com.rsa.crypto.PrivateKey;
import com.rsa.crypto.PublicKey;
import com.rsa.crypto.SecureRandom;
import com.rsa.crypto.ncm.alg.SecureRandomWrapper;
import com.rsa.crypto.ncm.ccme.CCMEAlgorithmIdentifier;
import com.rsa.crypto.ncm.ccme.CCMECryptoContext;
import com.rsa.crypto.ncm.ccme.CCMECryptoObject;
import com.rsa.crypto.ncm.ccme.CCMEException;
import com.rsa.crypto.ncm.ccme.CCMEParameters;
import com.rsa.crypto.ncm.log.NativeCryptoObjectEvent;
import com.rsa.cryptoj.c.bz;
import com.rsa.cryptoj.c.co;
import com.rsa.cryptoj.c.dd;

/* loaded from: input_file:com/rsa/crypto/ncm/key/KeyPairGeneratorImpl.class */
public class KeyPairGeneratorImpl extends CCMECryptoObject implements n {
    private static final String l = "Unsupported parameters";
    private static final String m = "_KEY_GENERATION";
    private static final int n = 65537;
    private static final int o = 1;
    private static final int p = 0;
    private SecureRandom q;
    private CCMECryptoObject r;
    private int s;
    private final String t;
    private boolean u;
    private DomainParams v;
    private int w;
    private static final int x = 0;
    private static final int y = 1;

    public KeyPairGeneratorImpl(com.rsa.crypto.ncm.b bVar, String str) {
        super(bVar);
        this.u = true;
        this.w = 0;
        this.t = str;
        this.s = CCMEAlgorithmIdentifier.getAlgId(str + m);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void a(SecureRandom secureRandom) {
        SecureRandomWrapper secureRandomWrapper = null;
        if (this.r != null && (this.r instanceof SecureRandomWrapper)) {
            secureRandomWrapper = (SecureRandomWrapper) this.r;
        }
        if (secureRandom != this.r) {
            if (secureRandomWrapper == null || secureRandom != secureRandomWrapper.a()) {
                this.r = null;
                if (secureRandomWrapper != null) {
                    secureRandomWrapper.clearSensitiveData();
                }
                if (secureRandom instanceof CCMECryptoObject) {
                    this.r = (CCMECryptoObject) secureRandom;
                } else {
                    this.r = new SecureRandomWrapper(this.cryptoModule, secureRandom);
                }
            }
        }
    }

    /* JADX WARN: Finally extract failed */
    @Override // com.rsa.crypto.KeyPairGenerator
    public void initialize(AlgorithmParams algorithmParams, SecureRandom secureRandom) throws InvalidAlgorithmParameterException {
        DomainParams b;
        freeObject();
        c(algorithmParams);
        if (secureRandom == null) {
            throw new InvalidAlgorithmParameterException("Random cannot be null.");
        }
        if (isPKCS11Object()) {
            this.q = secureRandom;
        } else {
            a(secureRandom);
        }
        if (this.t.equals("RSA")) {
            a(algorithmParams);
        } else {
            synchronized (algorithmParams) {
                if (!(algorithmParams instanceof CCMEParameters) || (algorithmParams instanceof DHParamsImpl)) {
                    b = b(algorithmParams);
                } else {
                    CCMEParameters cCMEParameters = (CCMEParameters) algorithmParams;
                    cCMEParameters.recreateParams();
                    b = cCMEParameters;
                }
                try {
                    this.v = (DomainParams) algorithmParams;
                    createObject(this.cryptoModule.b(), this.cryptoModule.e(), this.r, this.s, b);
                    if (bz.a()) {
                        bz.b().objectCreated(new NativeCryptoObjectEvent("Native", "Asymmetric KeyPair Generator", this.t, getImplementationName()));
                    }
                    if (b instanceof CCMEParameters) {
                        ((CCMEParameters) b).destroy();
                    }
                } catch (Throwable th) {
                    if (b instanceof CCMEParameters) {
                        ((CCMEParameters) b).destroy();
                    }
                    throw th;
                }
            }
        }
        this.w = 1;
    }

    private void a(AlgorithmParams algorithmParams) {
        boolean z = false;
        this.s = CCMEAlgorithmIdentifier.getAlgId("RSA_KEY_GENERATION");
        Integer valueOf = Integer.valueOf(((AlgInputParams) algorithmParams).get(ParamNames.KEY_BITS) == null ? -1 : ((Integer) ((AlgInputParams) algorithmParams).get(ParamNames.KEY_BITS)).intValue());
        if (valueOf.intValue() < 256 || valueOf.intValue() > 4096) {
            throw new InvalidAlgorithmParameterException("RSA key size must be at least 256 bits and at most 2147483647 bits");
        }
        long j = 65537;
        if (((AlgInputParams) algorithmParams).get(ParamNames.PUB_EXP) != null) {
            j = dd.d((byte[]) ((AlgInputParams) algorithmParams).get(ParamNames.PUB_EXP));
        }
        if (j % 2 == 0 || j == 1) {
            throw new InvalidAlgorithmParameterException("Invalid Public Exponent.");
        }
        Integer num = (Integer) ((AlgInputParams) algorithmParams).get(ParamNames.KEY_TYPE);
        if (num == null) {
            num = Integer.valueOf(isPKCS11Object() ? 1 : 0);
        }
        if (num.intValue() == 0 && valueOf.intValue() >= 1024) {
            this.s = CCMEAlgorithmIdentifier.getAlgId("RSA_KEY_GENERATION_X931");
            z = true;
        }
        int i = 2;
        if (num != null && num.intValue() == 2) {
            i = 3;
            this.s = CCMEAlgorithmIdentifier.getAlgId("RSA_KEY_GENERATION");
            z = false;
        }
        if (z && valueOf.intValue() % 256 != 0) {
            throw new InvalidAlgorithmParameterException("Strong key gen and multiprime gen require at least 1024-bit keysize.");
        }
        try {
            createRSAObject(this.cryptoModule.b(), this.cryptoModule.e(), this.r, this.s, valueOf.intValue(), j, i);
        } catch (CCMEException e) {
            if (e.getErrorCode() != 10018) {
                throw e;
            }
            throw new InvalidAlgorithmParameterException(e.getMessage());
        }
    }

    private DomainParams b(AlgorithmParams algorithmParams) {
        DomainParams b;
        if (algorithmParams instanceof DHParams) {
            b = u.a(this.cryptoModule, (DHParams) algorithmParams);
        } else if (algorithmParams instanceof ECParams) {
            b = u.a(this.cryptoModule, (ECParams) algorithmParams);
        } else if (algorithmParams instanceof DSAParams) {
            b = u.a(this.cryptoModule, (DSAParams) algorithmParams);
        } else {
            if (!(algorithmParams instanceof PQGParams)) {
                throw new InvalidAlgorithmParameterException("Invalid Parameter type for KeyPairGeneration.");
            }
            b = this.t.equals(AlgorithmStrings.DSA) ? u.b(this.cryptoModule, (PQGParams) algorithmParams) : u.a(this.cryptoModule, (PQGParams) algorithmParams);
        }
        return b;
    }

    private void c(AlgorithmParams algorithmParams) throws InvalidAlgorithmParameterException {
        if (!this.t.equals("RSA")) {
            if (this.t.equals(AlgorithmStrings.DSA)) {
                if (!(algorithmParams instanceof DSAParams) && !(algorithmParams instanceof PQGParams)) {
                    throw new InvalidAlgorithmParameterException(l);
                }
                if (((PQGParams) algorithmParams).getP().getBitLength() < 512 || ((PQGParams) algorithmParams).getQ().getBitLength() < 160) {
                    throw new InvalidAlgorithmParameterException("Key size too small.");
                }
                return;
            }
            if (this.t.equals(AlgorithmStrings.EC)) {
                if (!(algorithmParams instanceof ECParams)) {
                    throw new InvalidAlgorithmParameterException(l);
                }
                return;
            } else {
                if (this.t.equals("DH") && !(algorithmParams instanceof DHParams) && !(algorithmParams instanceof PQGParams)) {
                    throw new InvalidAlgorithmParameterException(l);
                }
                return;
            }
        }
        if (!(algorithmParams instanceof AlgInputParams)) {
            throw new InvalidAlgorithmParameterException(l);
        }
        Integer num = (Integer) ((AlgInputParams) algorithmParams).get(ParamNames.KEY_BITS);
        if (num == null) {
            throw new InvalidAlgorithmParameterException("Expected keyBits parameter not present.");
        }
        if (num.intValue() < 256 || num.intValue() > Integer.MAX_VALUE) {
            throw new InvalidAlgorithmParameterException("RSA key size must be at least 256 bits and at most 2147483647 bits");
        }
        Integer num2 = (Integer) ((AlgInputParams) algorithmParams).get(ParamNames.KEY_TYPE);
        if (num2 != null) {
            if (num2.intValue() != 1 && num.intValue() < 1024) {
                throw new InvalidAlgorithmParameterException("Strong key gen and multiprime gen require at least 1024-bit keysize.");
            }
            if (num2.intValue() == 0 && num.intValue() % 256 != 0) {
                throw new InvalidAlgorithmParameterException("RSA key sizes greater than 1024 must be a multiple of 256 for strong gen.");
            }
        }
    }

    @Override // com.rsa.crypto.KeyPairGenerator
    public KeyPair generate() {
        return generate(co.f());
    }

    @Override // com.rsa.crypto.KeyPairGenerator
    public KeyPair generate(boolean z) {
        return a((String) null, z);
    }

    @Override // com.rsa.crypto.ncm.key.n
    public KeyPair a(String str) {
        return a(str, false);
    }

    private KeyPair a(String str, boolean z) {
        if (this.r == null && this.q == null) {
            throw new IllegalStateException("Random not set.");
        }
        if (this.w == 0) {
            reInit();
        }
        byte[] bArr = null;
        if (isPKCS11Object() && this.u) {
            bArr = new byte[20];
            this.q.nextBytes(bArr);
        }
        KeyPairImpl keyPairImpl = new KeyPairImpl(this.cryptoModule, this.t, this.v);
        generateNative(keyPairImpl, keyPairImpl.getPrivate(), keyPairImpl.getPublic(), isPKCS11Object(), bArr, str, z);
        this.w = 0;
        return keyPairImpl;
    }

    @Override // com.rsa.crypto.ncm.ccme.CCMECryptoObject, com.rsa.crypto.ncm.ccme.CCMEHandle, com.rsa.crypto.JCMCloneable
    public Object clone() {
        throw new CryptoException(CCMEException.ERROR_NATIVE_NOT_SUPPORTED);
    }

    private native void generateNative(KeyPair keyPair, PrivateKey privateKey, PublicKey publicKey, boolean z, byte[] bArr, String str, boolean z2);

    private native void createObject(CCMECryptoContext cCMECryptoContext, byte[] bArr, CCMECryptoObject cCMECryptoObject, int i, DomainParams domainParams);

    private native void createRSAObject(CCMECryptoContext cCMECryptoContext, byte[] bArr, CCMECryptoObject cCMECryptoObject, int i, int i2, long j, int i3);

    private native void reInit();

    @Override // com.rsa.crypto.ncm.key.k
    public void a(int i, boolean z) throws CryptoException {
        setPKCS11AttributeNative(i, z);
        if (i == 1) {
            this.u = z;
        }
    }

    private native void setPKCS11AttributeNative(int i, boolean z) throws CryptoException;
}
