package com.amazonaws.cloudhsm.jce.provider;

import com.amazonaws.cloudhsm.jce.jni.exception.AddAttributeException;
import com.amazonaws.cloudhsm.jce.jni.exception.InvalidPkcs8EncodedKeyException;
import com.amazonaws.cloudhsm.jce.jni.exception.InvalidX509EncodedKeyException;
import com.amazonaws.cloudhsm.jce.provider.attributes.KeyAttributesMap;
import java.lang.invoke.MethodHandles;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.KeyFactorySpi;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.text.MessageFormat;

/* loaded from: input_file:BOOT-INF/lib/cloudhsm-jce-0.0.1-SNAPSHOT.jar:com/amazonaws/cloudhsm/jce/provider/RsaKeyFactory.class */
public class RsaKeyFactory extends KeyFactorySpi {
    private final CloudHsmProvider provider;
    private final CloudHsmLogger logger;

    public RsaKeyFactory(CloudHsmProvider cloudHsmProvider) throws IllegalStateException {
        if (cloudHsmProvider == null) {
            throw new IllegalStateException(ErrorMessages.PROVIDER_NOT_INITIALIZED.getMessage());
        }
        this.logger = new CloudHsmLogger(MethodHandles.lookup().lookupClass(), cloudHsmProvider.getId(), cloudHsmProvider.getClusterName());
        this.provider = cloudHsmProvider;
    }

    protected CloudHsmProvider getProvider() {
        return this.provider;
    }

    @Override // java.security.KeyFactorySpi
    protected PublicKey engineGeneratePublic(KeySpec keySpec) throws InvalidKeySpecException {
        KeyAttributesMap createKeyAttributesMapFromX509EncodedBytes;
        this.logger.debug("Entering engineGeneratePublic.");
        if (keySpec == null) {
            throw new InvalidKeySpecException(ErrorMessages.SPEC_VALUE_PROVIDED_IS_NULL.getMessage());
        }
        new KeyAttributesMap();
        if (keySpec instanceof RSAPublicKeySpec) {
            try {
                createKeyAttributesMapFromX509EncodedBytes = ImportKey.getCloudHsmAttributesMapFromRsaPublicKeySpec((RSAPublicKeySpec) keySpec);
            } catch (AddAttributeException e) {
                throw new InvalidKeySpecException(e.getCause());
            }
        } else if (keySpec instanceof KeyAttributesMap) {
            createKeyAttributesMapFromX509EncodedBytes = (KeyAttributesMap) keySpec;
        } else {
            if (!(keySpec instanceof X509EncodedKeySpec)) {
                throw new InvalidKeySpecException(MessageFormat.format(ErrorMessages.SPEC_PROVIDED_IS_NOT_AN_INSTANCE_OF_EXPECTED_TYPE.getMessage(), RSAPublicKeySpec.class.getSimpleName()));
            }
            try {
                createKeyAttributesMapFromX509EncodedBytes = RsaUtils.createKeyAttributesMapFromX509EncodedBytes(((X509EncodedKeySpec) keySpec).getEncoded());
            } catch (InvalidX509EncodedKeyException | InvalidParameterException e2) {
                throw new InvalidKeySpecException(e2);
            }
        }
        try {
            CloudHsmRsaPublicKey importRsaPublicKey = ImportKey.importRsaPublicKey(getProvider().getSession(), createKeyAttributesMapFromX509EncodedBytes, getProvider());
            this.logger.debug("Successfully imported rsa public key. Returning key object.");
            return importRsaPublicKey;
        } catch (Exception e3) {
            throw ErrorHandling.asCloudhsmException(e3);
        }
    }

    @Override // java.security.KeyFactorySpi
    protected PrivateKey engineGeneratePrivate(KeySpec keySpec) throws InvalidKeySpecException {
        KeyAttributesMap createKeyAttributesMapFromPkcs8EncodedBytes;
        this.logger.debug("Entering engineGeneratePrivate.");
        if (keySpec == null) {
            throw new InvalidKeySpecException(ErrorMessages.SPEC_VALUE_PROVIDED_IS_NULL.getMessage());
        }
        new KeyAttributesMap();
        if (keySpec instanceof RSAPrivateCrtKeySpec) {
            try {
                createKeyAttributesMapFromPkcs8EncodedBytes = ImportKey.getCloudHsmAttributesMapFromRsaPrivateCrtKeySpec((RSAPrivateCrtKeySpec) keySpec);
            } catch (AddAttributeException e) {
                throw new InvalidKeySpecException(e.getCause());
            }
        } else if (keySpec instanceof KeyAttributesMap) {
            createKeyAttributesMapFromPkcs8EncodedBytes = (KeyAttributesMap) keySpec;
        } else {
            if (!(keySpec instanceof PKCS8EncodedKeySpec)) {
                throw new InvalidKeySpecException(MessageFormat.format(ErrorMessages.SPEC_PROVIDED_IS_NOT_AN_INSTANCE_OF_EXPECTED_TYPE.getMessage(), RSAPrivateCrtKeySpec.class.getSimpleName()));
            }
            try {
                createKeyAttributesMapFromPkcs8EncodedBytes = RsaUtils.createKeyAttributesMapFromPkcs8EncodedBytes(((PKCS8EncodedKeySpec) keySpec).getEncoded());
            } catch (InvalidPkcs8EncodedKeyException | InvalidParameterException e2) {
                throw new InvalidKeySpecException(e2);
            }
        }
        try {
            CloudHsmRsaPrivateCrtKey importRsaPrivateKey = ImportKey.importRsaPrivateKey(getProvider().getSession(), createKeyAttributesMapFromPkcs8EncodedBytes, getProvider());
            this.logger.debug("Successfully imported rsa private key. Returning key object.");
            return importRsaPrivateKey;
        } catch (Exception e3) {
            throw ErrorHandling.asCloudhsmException(e3);
        }
    }

    @Override // java.security.KeyFactorySpi
    protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> cls) throws InvalidKeySpecException {
        throw new UnsupportedOperationException(ErrorMessages.KEY_GET_SPEC_IS_NOT_SUPPORTED.getMessage());
    }

    @Override // java.security.KeyFactorySpi
    protected Key engineTranslateKey(Key key) throws InvalidKeyException {
        this.logger.debug("Entering engineTranslateKey.");
        if (key == null) {
            throw new InvalidKeyException(ErrorMessages.KEY_TO_TRANSLATE_IS_NULL.getMessage());
        }
        if (key instanceof CloudHsmKey) {
            KeyUtil.validateKeyProvider((CloudHsmKey) key, getProvider());
            this.logger.debug("Key translation is not required as it is already instance of CloudHsmKey type.");
            return key;
        }
        if (!key.getAlgorithm().equalsIgnoreCase(Algorithm.RSA.toString())) {
            throw new InvalidKeyException(MessageFormat.format(ErrorMessages.KEY_ALGORITHM_VALUE_INVALID.getMessage(), Algorithm.RSA.toString(), key.getAlgorithm()));
        }
        try {
            CloudHsmKey importRsaKey = ImportKey.importRsaKey(getProvider().getSession(), key, new KeyAttributesMap(), getProvider());
            this.logger.debug("Successfully imported rsa key. Returning key object.");
            return importRsaKey;
        } catch (Exception e) {
            throw ErrorHandling.asCloudhsmException(e);
        }
    }
}
