package com.amazonaws.cloudhsm.jce.provider;

import com.amazonaws.cloudhsm.jce.CloudHsmProviderInformation;
import com.amazonaws.cloudhsm.jce.jni.DeviceInfo;
import com.amazonaws.cloudhsm.jce.jni.OperationConfig;
import com.amazonaws.cloudhsm.jce.jni.OperationType;
import com.amazonaws.cloudhsm.jce.jni.Session;
import com.amazonaws.cloudhsm.jce.jni.exception.InternalException;
import com.amazonaws.cloudhsm.jce.jni.exception.InternalExceptionCause;
import com.amazonaws.cloudhsm.jce.jni.exception.LogoutException;
import com.amazonaws.cloudhsm.jce.jni.exception.ProviderInitializationException;
import java.io.Closeable;
import java.io.IOException;
import java.lang.invoke.MethodHandles;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.security.AuthProvider;
import java.security.InvalidParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.text.MessageFormat;
import java.util.Arrays;
import java.util.Iterator;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Stream;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import org.apache.http.cookie.ClientCookie;
import org.bouncycastle.asn1.eac.EACTags;
import org.bouncycastle.tls.CipherSuite;

/* loaded from: input_file:BOOT-INF/lib/cloudhsm-jce-0.0.1-SNAPSHOT.jar:com/amazonaws/cloudhsm/jce/provider/CloudHsmProvider.class */
public class CloudHsmProvider extends AuthProvider implements Closeable {
    public static final String CLOUDHSM_KEYSTORE_TYPE = "CloudHSM";
    public static final String PROVIDER_NAME = "CloudHSM";
    private static final String providerInfo = "CloudHSM JCE Provider";
    private final CloudHsmLogger logger;
    private final ConnectionManager connectionManager;
    private final Session session;
    private final ConstructorMode constructorMode;
    private Optional<CallbackHandler> callbackHandler;
    private final boolean implicitLogin;
    private static final CloudHsmLogger staticLogger = new CloudHsmLogger(MethodHandles.lookup().lookupClass());
    private static final Double providerVersion = CloudHsmProviderInformation.PROVIDER_VERSION;
    private static boolean isAlreadyInstantiated = false;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.amazonaws.cloudhsm.jce.provider.CloudHsmProvider$1, reason: invalid class name */
    /* loaded from: input_file:BOOT-INF/lib/cloudhsm-jce-0.0.1-SNAPSHOT.jar:com/amazonaws/cloudhsm/jce/provider/CloudHsmProvider$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType = new int[OperationType.values().length];

        static {
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_CBC_ENCRYPT.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_CBC_DECRYPT.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_CBC_UNWRAP.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_CBC_PKCS7_PADDING_ENCRYPT.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_CBC_PKCS7_PADDING_DECRYPT.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_CTR_ENCRYPT.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_CTR_DECRYPT.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_ECB_ENCRYPT.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_ECB_DECRYPT.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_ECB_PKCS7_PADDING_ENCRYPT.ordinal()] = 10;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_ECB_PKCS7_PADDING_DECRYPT.ordinal()] = 11;
            } catch (NoSuchFieldError e11) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_GCM_ENCRYPT.ordinal()] = 12;
            } catch (NoSuchFieldError e12) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_GCM_DECRYPT.ordinal()] = 13;
            } catch (NoSuchFieldError e13) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_GCM_WRAP.ordinal()] = 14;
            } catch (NoSuchFieldError e14) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_GCM_UNWRAP.ordinal()] = 15;
            } catch (NoSuchFieldError e15) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_GCM_CLOUD_HSM_ENCRYPT.ordinal()] = 16;
            } catch (NoSuchFieldError e16) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_GCM_CLOUD_HSM_DECRYPT.ordinal()] = 17;
            } catch (NoSuchFieldError e17) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_GCM_CLOUD_HSM_WRAP.ordinal()] = 18;
            } catch (NoSuchFieldError e18) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_GCM_CLOUD_HSM_UNWRAP.ordinal()] = 19;
            } catch (NoSuchFieldError e19) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_KEY_GENERATE.ordinal()] = 20;
            } catch (NoSuchFieldError e20) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_KEY_IMPORT.ordinal()] = 21;
            } catch (NoSuchFieldError e21) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_WRAP.ordinal()] = 22;
            } catch (NoSuchFieldError e22) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_UNWRAP.ordinal()] = 23;
            } catch (NoSuchFieldError e23) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_PKCS5_PADDING_WRAP.ordinal()] = 24;
            } catch (NoSuchFieldError e24) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_PKCS5_PADDING_UNWRAP.ordinal()] = 25;
            } catch (NoSuchFieldError e25) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_ZERO_PADDING_WRAP.ordinal()] = 26;
            } catch (NoSuchFieldError e26) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.AES_ZERO_PADDING_UNWRAP.ordinal()] = 27;
            } catch (NoSuchFieldError e27) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.DES3_CBC_ENCRYPT.ordinal()] = 28;
            } catch (NoSuchFieldError e28) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.DES3_CBC_DECRYPT.ordinal()] = 29;
            } catch (NoSuchFieldError e29) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.DES3_CBC_PKCS7_PADDING_ENCRYPT.ordinal()] = 30;
            } catch (NoSuchFieldError e30) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.DES3_CBC_PKCS7_PADDING_DECRYPT.ordinal()] = 31;
            } catch (NoSuchFieldError e31) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.DES3_ECB_ENCRYPT.ordinal()] = 32;
            } catch (NoSuchFieldError e32) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.DES3_ECB_DECRYPT.ordinal()] = 33;
            } catch (NoSuchFieldError e33) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.DES3_ECB_PKCS7_PADDING_ENCRYPT.ordinal()] = 34;
            } catch (NoSuchFieldError e34) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.DES3_ECB_PKCS7_PADDING_DECRYPT.ordinal()] = 35;
            } catch (NoSuchFieldError e35) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.DES3_DUKPT_CBC_DECRYPT.ordinal()] = 36;
            } catch (NoSuchFieldError e36) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.DES3_DUKPT_ECB_DECRYPT.ordinal()] = 37;
            } catch (NoSuchFieldError e37) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.DES3_KEY_GENERATE.ordinal()] = 38;
            } catch (NoSuchFieldError e38) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.DES3_KEY_IMPORT.ordinal()] = 39;
            } catch (NoSuchFieldError e39) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.EC_KEY_GENERATE.ordinal()] = 40;
            } catch (NoSuchFieldError e40) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.EC_KEY_IMPORT.ordinal()] = 41;
            } catch (NoSuchFieldError e41) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.ECDH_DERIVE_AES.ordinal()] = 42;
            } catch (NoSuchFieldError e42) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.ECDH_DERIVE_GENERIC_SECRET.ordinal()] = 43;
            } catch (NoSuchFieldError e43) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.ECDH_DERIVE_DES3.ordinal()] = 44;
            } catch (NoSuchFieldError e44) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.ECDH_WITHOUT_DERIVATION.ordinal()] = 45;
            } catch (NoSuchFieldError e45) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.ECDSA_SIGN.ordinal()] = 46;
            } catch (NoSuchFieldError e46) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.ECDSA_VERIFY.ordinal()] = 47;
            } catch (NoSuchFieldError e47) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.GENERIC_SECRET_KEY_GENERATE.ordinal()] = 48;
            } catch (NoSuchFieldError e48) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.GENERIC_SECRET_KEY_IMPORT.ordinal()] = 49;
            } catch (NoSuchFieldError e49) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.HMAC_SIGN.ordinal()] = 50;
            } catch (NoSuchFieldError e50) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.HMAC_VERIFY.ordinal()] = 51;
            } catch (NoSuchFieldError e51) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RANDOM_GENERATE.ordinal()] = 52;
            } catch (NoSuchFieldError e52) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_AES_WRAP.ordinal()] = 53;
            } catch (NoSuchFieldError e53) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_AES_UNWRAP.ordinal()] = 54;
            } catch (NoSuchFieldError e54) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_KEY_GENERATE.ordinal()] = 55;
            } catch (NoSuchFieldError e55) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_KEY_IMPORT.ordinal()] = 56;
            } catch (NoSuchFieldError e56) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_ENCRYPT.ordinal()] = 57;
            } catch (NoSuchFieldError e57) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_DECRYPT.ordinal()] = 58;
            } catch (NoSuchFieldError e58) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_PKCS_ENCRYPT.ordinal()] = 59;
            } catch (NoSuchFieldError e59) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_PKCS_DECRYPT.ordinal()] = 60;
            } catch (NoSuchFieldError e60) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_PKCS_WRAP.ordinal()] = 61;
            } catch (NoSuchFieldError e61) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_PKCS_UNWRAP.ordinal()] = 62;
            } catch (NoSuchFieldError e62) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_PKCS_SIGN.ordinal()] = 63;
            } catch (NoSuchFieldError e63) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_PKCS_VERIFY.ordinal()] = 64;
            } catch (NoSuchFieldError e64) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.ENCRYPT_RSA_NO_PADDING.ordinal()] = 65;
            } catch (NoSuchFieldError e65) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.DECRYPT_RSA_NO_PADDING.ordinal()] = 66;
            } catch (NoSuchFieldError e66) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_PKCS_OAEP_ENCRYPT.ordinal()] = 67;
            } catch (NoSuchFieldError e67) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_PKCS_OAEP_DECRYPT.ordinal()] = 68;
            } catch (NoSuchFieldError e68) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_PKCS_OAEP_WRAP.ordinal()] = 69;
            } catch (NoSuchFieldError e69) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_PKCS_OAEP_UNWRAP.ordinal()] = 70;
            } catch (NoSuchFieldError e70) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_PKCS_PSS_SIGN.ordinal()] = 71;
            } catch (NoSuchFieldError e71) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_PKCS_PSS_VERIFY.ordinal()] = 72;
            } catch (NoSuchFieldError e72) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.SHA_DIGEST.ordinal()] = 73;
            } catch (NoSuchFieldError e73) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.CMAC_SIGN.ordinal()] = 74;
            } catch (NoSuchFieldError e74) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.CMAC_VERIFY.ordinal()] = 75;
            } catch (NoSuchFieldError e75) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_PKCS_SIGN_RECOVER.ordinal()] = 76;
            } catch (NoSuchFieldError e76) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.RSA_PKCS_VERIFY_RECOVER.ordinal()] = 77;
            } catch (NoSuchFieldError e77) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.SP800_108_DERIVE_AES.ordinal()] = 78;
            } catch (NoSuchFieldError e78) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.SP800_108_DERIVE_GENERIC_SECRET.ordinal()] = 79;
            } catch (NoSuchFieldError e79) {
            }
            try {
                $SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[OperationType.SP800_108_DERIVE_DES3.ordinal()] = 80;
            } catch (NoSuchFieldError e80) {
            }
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/cloudhsm-jce-0.0.1-SNAPSHOT.jar:com/amazonaws/cloudhsm/jce/provider/CloudHsmProvider$CloudHsmProviderService.class */
    static final class CloudHsmProviderService extends Provider.Service {
        private SupportedTransformation supportedTransformation;

        CloudHsmProviderService(SupportedTransformation supportedTransformation, CloudHsmProvider cloudHsmProvider) {
            super(cloudHsmProvider, supportedTransformation.getServiceType().toString(), supportedTransformation.getServiceAlgorithm(), supportedTransformation.getServiceImplementation().getName(), null, null);
            this.supportedTransformation = supportedTransformation;
        }

        @Override // java.security.Provider.Service
        public Object newInstance(Object obj) throws NoSuchAlgorithmException {
            CloudHsmProvider.staticLogger.debug(MessageFormat.format("newInstance called for supported transformation with service algorithm={0}, serviceType={1}", this.supportedTransformation.getServiceAlgorithm(), this.supportedTransformation.getServiceType()));
            if (obj != null) {
                throw new InvalidParameterException(MessageFormat.format(ErrorMessages.SERVICE_CONSTRUCTOR_PARAMS_NOT_NULL.getMessage(), this.supportedTransformation.getServiceImplementation(), this.supportedTransformation.getServiceAlgorithm()));
            }
            CloudHsmProvider cloudHsmProvider = (CloudHsmProvider) getProvider();
            if (cloudHsmProvider.getService(getType(), getAlgorithm()) != this) {
                throw new NoSuchAlgorithmException(MessageFormat.format(ErrorMessages.SERVICE_NOT_REGISTERED.getMessage(), this.supportedTransformation.getServiceImplementation().getName(), cloudHsmProvider.getName()));
            }
            try {
                return this.supportedTransformation.getServiceImplementation().getConstructor(CloudHsmProvider.class).newInstance(cloudHsmProvider);
            } catch (IllegalAccessException | InstantiationException | NoSuchMethodException | InvocationTargetException e) {
                throw ErrorHandling.asCloudhsmException(e);
            }
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/cloudhsm-jce-0.0.1-SNAPSHOT.jar:com/amazonaws/cloudhsm/jce/provider/CloudHsmProvider$ConstructorMode.class */
    private enum ConstructorMode {
        Default,
        Config
    }

    public CloudHsmProvider() throws IOException, ProviderInitializationException, LoginException {
        super("CloudHSM", providerVersion.doubleValue(), providerInfo);
        this.callbackHandler = Optional.empty();
        synchronized (CloudHsmProvider.class) {
            if (isAlreadyInstantiated) {
                throw new IllegalStateException(ErrorMessages.PROVIDER_HSM_CONNECTION_ALREADY_INITIALIZED.getMessage());
            }
            staticLogger.debug("Using default configure path to configure");
            this.connectionManager = buildConnectionManager(Optional.empty(), false);
            this.logger = new CloudHsmLogger(getClass(), this.connectionManager.getId(), this.connectionManager.getClusterName());
            this.session = createSession(this.connectionManager);
            addSupportedAlgorithmsToProvider();
            this.implicitLogin = attemptImplicitLogin();
            isAlreadyInstantiated = true;
            this.constructorMode = ConstructorMode.Default;
        }
    }

    public CloudHsmProvider(String str) throws IOException, ProviderInitializationException, LoginException {
        super("CloudHSM", providerVersion.doubleValue(), providerInfo);
        this.callbackHandler = Optional.empty();
        synchronized (CloudHsmProvider.class) {
            if (isAlreadyInstantiated) {
                throw new IllegalStateException(ErrorMessages.PROVIDER_HSM_CONNECTION_ALREADY_INITIALIZED.getMessage());
            }
            if (str == null) {
                throw new IllegalArgumentException(ErrorMessages.PROVIDER_CONFIG_FILE_PATH_CANNOT_BE_NULL.getMessage());
            }
            staticLogger.debug("Using provided configure path to configure");
            this.connectionManager = buildConnectionManager(Optional.of(str), false);
            this.logger = new CloudHsmLogger(getClass(), this.connectionManager.getId(), this.connectionManager.getClusterName());
            this.session = createSession(this.connectionManager);
            addSupportedAlgorithmsToProvider();
            this.implicitLogin = attemptImplicitLogin();
            isAlreadyInstantiated = true;
            this.constructorMode = ConstructorMode.Default;
        }
    }

    public CloudHsmProvider(CloudHsmProviderConfig cloudHsmProviderConfig) throws IOException, ProviderInitializationException, LoginException {
        super(validateConfigAndGetProviderName(cloudHsmProviderConfig), providerVersion.doubleValue(), providerInfo);
        this.callbackHandler = Optional.empty();
        synchronized (CloudHsmProvider.class) {
            String json = cloudHsmProviderConfig.toJson();
            staticLogger.debug("generated the json configuration: " + json);
            this.connectionManager = buildConnectionManager(Optional.of(json), true);
            this.logger = new CloudHsmLogger(getClass(), this.connectionManager.getId(), this.connectionManager.getClusterName());
            this.session = createSession(this.connectionManager);
            addSupportedAlgorithmsToProvider();
            this.implicitLogin = attemptImplicitLogin();
            this.constructorMode = ConstructorMode.Config;
        }
    }

    private static String validateConfigAndGetProviderName(CloudHsmProviderConfig cloudHsmProviderConfig) {
        if (cloudHsmProviderConfig == null) {
            throw new IllegalArgumentException(ErrorMessages.PROVIDER_CONFIG_FILE_PATH_CANNOT_BE_NULL.getMessage());
        }
        return cloudHsmProviderConfig.getCluster().getClusterUniqueIdentifier();
    }

    @Override // java.security.Provider
    public String getInfo() {
        try {
            DeviceInfo deviceInfo = this.connectionManager.getConnection().getDeviceInfo();
            if (deviceInfo != null) {
                return deviceInfo.toString();
            }
            return null;
        } catch (Exception e) {
            this.logger.error(MessageFormat.format(ErrorMessages.PROVIDER_DEVICE_INFO_EXCEPTION.getMessage(), e));
            return null;
        }
    }

    private ConnectionManager buildConnectionManager(Optional<String> optional, boolean z) throws IOException, ProviderInitializationException {
        staticLogger.debug("Configure " + (z ? "json" : ClientCookie.PATH_ATTR) + ": " + optional);
        return new ConnectionManager(optional, z);
    }

    private Session createSession(ConnectionManager connectionManager) {
        return connectionManager.createSession();
    }

    private SupportedTransformationFactory getSupportedTransformationFactory() {
        Constructor<?>[] declaredConstructors;
        SupportedTransformationFactory supportedTransformationFactory = new SupportedTransformationFactory();
        try {
            declaredConstructors = Class.forName("com.amazonaws.cloudhsm.jce.provider.SideLoadedTransformationFactory").getDeclaredConstructors();
        } catch (ClassNotFoundException e) {
            this.logger.debug("SideLoadedTransformationFactory not available.");
        } catch (Exception e2) {
            throw ErrorHandling.asCloudhsmException(e2);
        }
        if (declaredConstructors.length != 1) {
            throw new InternalException(InternalExceptionCause.UNEXPECTED_ERROR, "Expected one and only one (default) constructor for SideLoadedTransformationFactory.");
        }
        if (declaredConstructors[0].getParameterCount() != 0) {
            throw new InternalException(InternalExceptionCause.UNEXPECTED_ERROR, "Expected one and only one (default) constructor for SideLoadedTransformationFactory.");
        }
        Object newInstance = declaredConstructors[0].newInstance(new Object[0]);
        if (!(newInstance instanceof SupportedTransformationFactory)) {
            throw new InternalException(InternalExceptionCause.UNEXPECTED_ERROR, "SideLoadedTransformationFactory does not extend SupportedTransformationFactory.");
        }
        supportedTransformationFactory = (SupportedTransformationFactory) newInstance;
        return supportedTransformationFactory;
    }

    private Stream<Optional<SupportedTransformation>> getSupportedTransformations() {
        try {
            OperationConfig[] supportedOperationConfigs = this.connectionManager.getConnection().getSupportedOperationConfigs();
            if (supportedOperationConfigs == null) {
                throw new InternalException(InternalExceptionCause.UNEXPECTED_ERROR, "Unable to get list of supported operations for the provider");
            }
            SupportedTransformationFactory supportedTransformationFactory = getSupportedTransformationFactory();
            this.logger.debug("Loading transformations from " + supportedTransformationFactory.getClass().getSimpleName());
            return Stream.concat(((Stream) Arrays.stream(supportedOperationConfigs).parallel()).flatMap(operationConfig -> {
                switch (AnonymousClass1.$SwitchMap$com$amazonaws$cloudhsm$jce$jni$OperationType[operationConfig.getOperationType().ordinal()]) {
                    case 1:
                    case 2:
                    case 3:
                        return Stream.of(supportedTransformationFactory.getAesCbcNoPadding());
                    case 4:
                    case 5:
                        return Stream.of(supportedTransformationFactory.getAesCbcPadding());
                    case 6:
                    case 7:
                        return Stream.of(supportedTransformationFactory.getAesCtr());
                    case 8:
                    case 9:
                        return Stream.of(supportedTransformationFactory.getAesEcb());
                    case 10:
                    case 11:
                        return Stream.of(supportedTransformationFactory.getAesEcbPkcs5());
                    case 12:
                    case 13:
                    case 14:
                    case 15:
                    case 16:
                    case 17:
                    case 18:
                    case 19:
                        return Stream.of(supportedTransformationFactory.getAesGcm());
                    case 20:
                        return Stream.of(supportedTransformationFactory.getAesKeyGen());
                    case 21:
                        return Stream.of(supportedTransformationFactory.getAesKeyImport());
                    case 22:
                    case 23:
                        return Stream.of(supportedTransformationFactory.getAesWrapEcbNoPadding());
                    case 24:
                    case 25:
                        return Stream.of(supportedTransformationFactory.getAesWrapEcbPkcs5Padding());
                    case 26:
                    case 27:
                        return Stream.of(supportedTransformationFactory.getAesWrapEcbZeroPadding());
                    case 28:
                    case 29:
                        return Stream.of(supportedTransformationFactory.getDesedeCbcNoPadding());
                    case 30:
                    case 31:
                        return Stream.of(supportedTransformationFactory.getDesedeCbcPadding());
                    case 32:
                    case 33:
                        return Stream.of(supportedTransformationFactory.getDesedeEcb());
                    case 34:
                    case 35:
                        return Stream.of(supportedTransformationFactory.getDesedeEcbPadding());
                    case 36:
                        return Stream.of(supportedTransformationFactory.getDesedeDukptCbcZeroPadding());
                    case 37:
                        return Stream.of(supportedTransformationFactory.getDesedeDukptEcbZeroPadding());
                    case 38:
                        return Stream.of(supportedTransformationFactory.getTripleDesKeyGen());
                    case 39:
                        return Stream.of(supportedTransformationFactory.getTripleDesKeyImport());
                    case 40:
                        return Stream.of(supportedTransformationFactory.getEcKeyPairGen());
                    case 41:
                        return Stream.of(supportedTransformationFactory.getEcKeyImport());
                    case 42:
                    case 43:
                    case 44:
                    case 45:
                        return Stream.of(supportedTransformationFactory.getEcdhKeyAgreement());
                    case 46:
                    case 47:
                        return Stream.of((Object[]) new Optional[]{supportedTransformationFactory.getNoneWithEcdsa(), supportedTransformationFactory.getSha1WithEcdsa(), supportedTransformationFactory.getSha224WithEcdsa(), supportedTransformationFactory.getSha256WithEcdsa(), supportedTransformationFactory.getSha384WithEcdsa(), supportedTransformationFactory.getSha512WithEcdsa()});
                    case 48:
                        return Stream.of((Object[]) new Optional[]{supportedTransformationFactory.getGenericKeySha1Gen(), supportedTransformationFactory.getGenericKeySha224Gen(), supportedTransformationFactory.getGenericKeySha256Gen(), supportedTransformationFactory.getGenericKeySha384Gen(), supportedTransformationFactory.getGenericKeySha512Gen()});
                    case 49:
                        return Stream.of((Object[]) new Optional[]{supportedTransformationFactory.getGenericSecretKeyImport(), supportedTransformationFactory.getHmacSha1KeyImport(), supportedTransformationFactory.getHmacSha224KeyImport(), supportedTransformationFactory.getHmacSha256KeyImport(), supportedTransformationFactory.getHmacSha384KeyImport(), supportedTransformationFactory.getHmacSha512KeyImport()});
                    case 50:
                    case 51:
                        return Stream.of((Object[]) new Optional[]{supportedTransformationFactory.getHmacSha1(), supportedTransformationFactory.getHmacSha224(), supportedTransformationFactory.getHmacSha256(), supportedTransformationFactory.getHmacSha384(), supportedTransformationFactory.getHmacSha512()});
                    case 52:
                        return Stream.of(supportedTransformationFactory.getAesCtrDrbg());
                    case 53:
                    case 54:
                        return Stream.of((Object[]) new Optional[]{supportedTransformationFactory.getRsaAesOaep(), supportedTransformationFactory.getRsaAesOaepSha1(), supportedTransformationFactory.getRsaAesOaepSha224(), supportedTransformationFactory.getRsaAesOaepSha256(), supportedTransformationFactory.getRsaAesOaepSha384(), supportedTransformationFactory.getRsaAesOaepSha512()});
                    case 55:
                        return Stream.of(supportedTransformationFactory.getRsaKeyPairGen());
                    case 56:
                        return Stream.of(supportedTransformationFactory.getRsaKeyImport());
                    case 57:
                    case 58:
                    case 59:
                    case 60:
                    case 61:
                    case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256 /* 62 */:
                        return Stream.of(supportedTransformationFactory.getRsaCipher());
                    case 63:
                    case 64:
                        return Stream.of((Object[]) new Optional[]{supportedTransformationFactory.getNoneWithRsa(), supportedTransformationFactory.getSha1WithRsa(), supportedTransformationFactory.getSha224WithRsa(), supportedTransformationFactory.getSha256WithRsa(), supportedTransformationFactory.getSha384WithRsa(), supportedTransformationFactory.getSha512WithRsa()});
                    case 65:
                    case 66:
                        return Stream.of(supportedTransformationFactory.getRsaNoPadding());
                    case 67:
                    case 68:
                    case 69:
                    case 70:
                        return Stream.of((Object[]) new Optional[]{supportedTransformationFactory.getRsaOaep(), supportedTransformationFactory.getRsaOaepSha1(), supportedTransformationFactory.getRsaOaepSha224(), supportedTransformationFactory.getRsaOaepSha256(), supportedTransformationFactory.getRsaOaepSha384(), supportedTransformationFactory.getRsaOaepSha512()});
                    case 71:
                    case 72:
                        return Stream.of((Object[]) new Optional[]{supportedTransformationFactory.getRsaPss(), supportedTransformationFactory.getSha1WithRsaPss(), supportedTransformationFactory.getSha224WithRsaPss(), supportedTransformationFactory.getSha256WithRsaPss(), supportedTransformationFactory.getSha384WithRsaPss(), supportedTransformationFactory.getSha512WithRsaPss(), supportedTransformationFactory.getSha1WithRsaAndMgf1(), supportedTransformationFactory.getSha224WithRsaAndMgf1(), supportedTransformationFactory.getSha256WithRsaAndMgf1(), supportedTransformationFactory.getSha384WithRsaAndMgf1(), supportedTransformationFactory.getSha512WithRsaAndMgf1()});
                    case 73:
                        return Stream.of((Object[]) new Optional[]{supportedTransformationFactory.getSha1Digest(), supportedTransformationFactory.getSha224Digest(), supportedTransformationFactory.getSha256Digest(), supportedTransformationFactory.getSha384Digest(), supportedTransformationFactory.getSha512Digest()});
                    case 74:
                    case 75:
                        return Stream.of(supportedTransformationFactory.getAesCmac());
                    case 76:
                    case EACTags.INTEGRATED_CIRCUIT_MANUFACTURER_ID /* 77 */:
                    case 78:
                    case 79:
                    case 80:
                    default:
                        return Stream.empty();
                }
            }), Stream.of((Object[]) new Optional[]{supportedTransformationFactory.getCloudhsmKeystore(), supportedTransformationFactory.getCloudhsmKeystoreWithAttributes()})).distinct();
        } catch (Exception e) {
            throw ErrorHandling.asCloudhsmException(e);
        }
    }

    private void addSupportedAlgorithmsToProvider() {
        this.logger.trace("Adding supported algorithms");
        getSupportedTransformations().filter(optional -> {
            return optional.isPresent();
        }).forEach(optional2 -> {
            SupportedTransformation supportedTransformation = (SupportedTransformation) optional2.get();
            this.logger.debug("Added: " + supportedTransformation.getTransformationString() + " = " + supportedTransformation.getServiceImplementation() + " to " + getName());
            putService(new CloudHsmProviderService(supportedTransformation, this));
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Session getSession() {
        return this.session;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Optional<String> getClusterName() {
        return this.connectionManager.getClusterName();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public long getId() {
        return this.connectionManager.getId();
    }

    private boolean attemptImplicitLogin() throws LoginException {
        try {
            Optional<Credential> implicitLoginCredentials = Credential.getImplicitLoginCredentials(ClassLoader.getSystemClassLoader(), new SystemWrapper());
            if (implicitLoginCredentials.isPresent()) {
                this.logger.debug("Implicit login credential found");
                login(null, implicitLoginCredentials.get().buildCallbackHandler());
            }
            return implicitLoginCredentials.isPresent();
        } catch (Exception e) {
            throw new InternalException(InternalExceptionCause.INTERNAL_ERROR, e);
        }
    }

    @Override // java.security.AuthProvider
    public void login(Subject subject, CallbackHandler callbackHandler) throws LoginException {
        this.logger.debug("Calling login");
        if (this.implicitLogin) {
            throw new IllegalStateException(ErrorMessages.LOGIN_EXPLICIT_LOGIN_UNAVAILABLE.getMessage());
        }
        if (subject != null) {
            throw new IllegalArgumentException(ErrorMessages.LOGIN_SUBJECT_IS_NOT_SUPPORTED.getMessage());
        }
        if (callbackHandler != null) {
            this.logger.debug("Using handler passed in login method");
            LoginManager.login(callbackHandler, this);
        } else {
            if (!this.callbackHandler.isPresent()) {
                throw new LoginException(ErrorMessages.LOGIN_NO_CALLBACKHANDLER_FOUND.getMessage());
            }
            this.logger.info("Using handler set using setCallbackHandler");
            LoginManager.login(this.callbackHandler.get(), this);
        }
    }

    @Override // java.security.AuthProvider
    public void logout() throws LogoutException {
        this.logger.debug("Calling logout");
        if (this.implicitLogin) {
            throw new IllegalStateException(ErrorMessages.LOGOUT_EXPLICIT_LOGOUT_UNAVAILABLE.getMessage());
        }
        LoginManager.logout(this);
    }

    @Override // java.security.AuthProvider
    public void setCallbackHandler(CallbackHandler callbackHandler) {
        Objects.requireNonNull(callbackHandler);
        this.callbackHandler = Optional.of(callbackHandler);
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() {
        synchronized (CloudHsmProvider.class) {
            if (this.constructorMode == ConstructorMode.Default) {
                isAlreadyInstantiated = false;
            }
        }
        this.logger.trace("Provider close called");
        Iterator it = getServices().iterator();
        while (it.hasNext()) {
            try {
                removeService((Provider.Service) it.next());
            } catch (Exception e) {
                this.logger.warn(e);
            }
        }
        this.connectionManager.close();
        try {
            this.session.close();
        } catch (Exception e2) {
            this.logger.warn(e2);
        }
        this.logger.debug("Provider closed.");
    }

    static {
        try {
            NativeLibraryLoader.loadLibrary();
        } catch (IOException | IllegalArgumentException | UnsatisfiedLinkError e) {
            throw new InternalException(InternalExceptionCause.INTERNAL_ERROR, MessageFormat.format(ErrorMessages.PROVIDER_ERROR_LOADING_NATIVE_FILE.getMessage(), e), e);
        }
    }
}
