package org.mozilla.jss.SecretDecoderRing;

import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import javax.crypto.SecretKey;
import org.mozilla.jss.crypto.CryptoToken;
import org.mozilla.jss.crypto.EncryptionAlgorithm;
import org.mozilla.jss.crypto.KeyGenAlgorithm;
import org.mozilla.jss.crypto.SecretKeyFacade;
import org.mozilla.jss.crypto.SymmetricKey;
import org.mozilla.jss.crypto.TokenException;

/* JADX WARN: Classes with same name are omitted:
  input_file:117724-10/SUNWjss/reloc/usr/share/lib/mps/secv1/jss4.jar:org/mozilla/jss/SecretDecoderRing/KeyManager.class
 */
/* loaded from: input_file:117724-10/SUNWjssx/reloc/usr/share/lib/mps/secv1/sparcv9/jss4.jar:org/mozilla/jss/SecretDecoderRing/KeyManager.class */
public class KeyManager {
    private static final int KEYID_LEN = 16;
    private static final String RNG_ALG = "pkcs11prng";
    private static final String RNG_PROVIDER = "Mozilla-JSS";
    public static final KeyGenAlgorithm DEFAULT_KEYGEN_ALG = KeyGenAlgorithm.DES3;
    public static final int DEFAULT_KEYSIZE = 0;
    private CryptoToken token;

    public KeyManager(CryptoToken cryptoToken) {
        if (cryptoToken == null) {
            throw new NullPointerException("token is null");
        }
        this.token = cryptoToken;
    }

    public byte[] generateKey() throws TokenException {
        return generateKey(DEFAULT_KEYGEN_ALG, 0);
    }

    public byte[] generateKey(KeyGenAlgorithm keyGenAlgorithm, int i) throws TokenException {
        if (keyGenAlgorithm == null) {
            throw new NullPointerException("alg is null");
        }
        byte[] generateUnusedKeyID = generateUnusedKeyID();
        generateKeyNative(this.token, keyGenAlgorithm, generateUnusedKeyID, i);
        return generateUnusedKeyID;
    }

    private native void generateKeyNative(CryptoToken cryptoToken, KeyGenAlgorithm keyGenAlgorithm, byte[] bArr, int i);

    public byte[] generateUniqueNamedKey(String str) throws TokenException {
        return generateUniqueNamedKey(DEFAULT_KEYGEN_ALG, 0, str);
    }

    public byte[] generateUniqueNamedKey(KeyGenAlgorithm keyGenAlgorithm, int i, String str) throws TokenException {
        if (str != null) {
            str = str.trim();
        }
        if (keyGenAlgorithm == null) {
            throw new NullPointerException("alg is null");
        }
        if (uniqueNamedKeyExists(str)) {
            throw new NullPointerException("duplicate symmetric key");
        }
        byte[] generateUnusedKeyID = generateUnusedKeyID();
        generateUniqueNamedKeyNative(this.token, keyGenAlgorithm, generateUnusedKeyID, i, str);
        return generateUnusedKeyID;
    }

    private native void generateUniqueNamedKeyNative(CryptoToken cryptoToken, KeyGenAlgorithm keyGenAlgorithm, byte[] bArr, int i, String str);

    private byte[] generateUnusedKeyID() throws TokenException {
        try {
            SecureRandom secureRandom = SecureRandom.getInstance(RNG_ALG, RNG_PROVIDER);
            byte[] bArr = new byte[16];
            do {
                secureRandom.nextBytes(bArr);
            } while (keyExists(bArr));
            return bArr;
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("No such algorithm: pkcs11prng");
        } catch (NoSuchProviderException e2) {
            throw new RuntimeException("No such provider: Mozilla-JSS");
        }
    }

    private boolean keyExists(byte[] bArr) throws TokenException {
        return lookupKey(Encryptor.DEFAULT_ENCRYPTION_ALG, bArr) != null;
    }

    public SecretKey lookupKey(EncryptionAlgorithm encryptionAlgorithm, byte[] bArr) throws TokenException {
        if (encryptionAlgorithm == null || bArr == null) {
            throw new NullPointerException();
        }
        SymmetricKey lookupKeyNative = lookupKeyNative(this.token, encryptionAlgorithm, bArr);
        if (lookupKeyNative == null) {
            return null;
        }
        return new SecretKeyFacade(lookupKeyNative);
    }

    private native SymmetricKey lookupKeyNative(CryptoToken cryptoToken, EncryptionAlgorithm encryptionAlgorithm, byte[] bArr) throws TokenException;

    public boolean uniqueNamedKeyExists(String str) throws TokenException {
        return lookupUniqueNamedKey(Encryptor.DEFAULT_ENCRYPTION_ALG, str) != null;
    }

    public SecretKey lookupUniqueNamedKey(EncryptionAlgorithm encryptionAlgorithm, String str) throws TokenException {
        if (str != null) {
            str = str.trim();
        }
        if (encryptionAlgorithm == null || str == null || str.equals("")) {
            throw new NullPointerException();
        }
        SymmetricKey lookupUniqueNamedKeyNative = lookupUniqueNamedKeyNative(this.token, encryptionAlgorithm, str);
        if (lookupUniqueNamedKeyNative == null) {
            return null;
        }
        return new SecretKeyFacade(lookupUniqueNamedKeyNative);
    }

    private native SymmetricKey lookupUniqueNamedKeyNative(CryptoToken cryptoToken, EncryptionAlgorithm encryptionAlgorithm, String str) throws TokenException;

    public void deleteKey(byte[] bArr) throws TokenException, InvalidKeyException {
        deleteKey(lookupKey(Encryptor.DEFAULT_ENCRYPTION_ALG, bArr));
    }

    public void deleteUniqueNamedKey(String str) throws TokenException, InvalidKeyException {
        if (uniqueNamedKeyExists(str)) {
            deleteKey(lookupUniqueNamedKey(Encryptor.DEFAULT_ENCRYPTION_ALG, str));
        }
    }

    public void deleteKey(SecretKey secretKey) throws TokenException, InvalidKeyException {
        if (secretKey == null) {
            throw new NullPointerException();
        }
        if (!(secretKey instanceof SecretKeyFacade)) {
            throw new InvalidKeyException("Key must be a JSS key");
        }
        deleteKeyNative(this.token, ((SecretKeyFacade) secretKey).key);
    }

    private native void deleteKeyNative(CryptoToken cryptoToken, SymmetricKey symmetricKey) throws TokenException;
}
