package com.amazonaws.cloudhsm.jce.provider;

import com.amazonaws.cloudhsm.jce.jni.CoreKey;
import com.amazonaws.cloudhsm.jce.jni.Session;
import com.amazonaws.cloudhsm.jce.jni.SymmetricKeyBuilder;
import com.amazonaws.cloudhsm.jce.jni.exception.AddAttributeException;
import com.amazonaws.cloudhsm.jce.jni.exception.AttributeException;
import com.amazonaws.cloudhsm.jce.jni.exception.AuthenticationException;
import com.amazonaws.cloudhsm.jce.jni.exception.InternalException;
import com.amazonaws.cloudhsm.jce.jni.exception.InternalExceptionCause;
import com.amazonaws.cloudhsm.jce.jni.exception.ProviderException;
import com.amazonaws.cloudhsm.jce.provider.attributes.CoreAttribute;
import com.amazonaws.cloudhsm.jce.provider.attributes.KeyAttribute;
import com.amazonaws.cloudhsm.jce.provider.attributes.KeyAttributePermissiveProfile;
import com.amazonaws.cloudhsm.jce.provider.attributes.KeyAttributesMap;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidParameterException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.text.MessageFormat;
import java.util.Map;
import java.util.Optional;
import javax.crypto.KeyGeneratorSpi;
import javax.crypto.SecretKey;

/* loaded from: input_file:BOOT-INF/lib/cloudhsm-jce-0.0.1-SNAPSHOT.jar:com/amazonaws/cloudhsm/jce/provider/CloudHsmKeyGeneratorBase.class */
abstract class CloudHsmKeyGeneratorBase extends KeyGeneratorSpi {
    private final CloudHsmProvider provider;
    final CloudHsmLogger logger = new CloudHsmLogger(getClass());
    Optional<Session> session = Optional.empty();
    Optional<SymmetricKeyBuilder> symmetricKeyBuilder = Optional.empty();

    /* JADX INFO: Access modifiers changed from: protected */
    public CloudHsmKeyGeneratorBase(CloudHsmProvider cloudHsmProvider) throws IllegalStateException {
        if (cloudHsmProvider == null) {
            throw new IllegalStateException(ErrorMessages.PROVIDER_NOT_INITIALIZED.getMessage());
        }
        this.provider = cloudHsmProvider;
    }

    abstract SymmetricKeyBuilder createBuilder(Session session) throws Exception;

    abstract SecretKey createKeyInstance(CoreKey coreKey) throws Exception;

    abstract int getDefaultKeySize();

    /* JADX INFO: Access modifiers changed from: protected */
    public CloudHsmProvider getProvider() {
        return this.provider;
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(SecureRandom secureRandom) {
        if (!this.session.isPresent()) {
            this.session = Optional.of(getProvider().getSession());
        }
        engineInit(getDefaultKeySize(), secureRandom);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.KeyGeneratorSpi
    public void engineInit(AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidAlgorithmParameterException {
        if (algorithmParameterSpec == null) {
            throw new InvalidAlgorithmParameterException(ErrorMessages.SPEC_VALUE_PROVIDED_IS_NULL.getMessage());
        }
        if (!(algorithmParameterSpec instanceof KeyAttributesMap)) {
            throw new InvalidAlgorithmParameterException(MessageFormat.format(ErrorMessages.SPEC_PROVIDED_IS_NOT_AN_INSTANCE_OF_EXPECTED_TYPE.getMessage(), "KeyAttributesMap"));
        }
        KeyAttributesMap keyAttributesMap = (KeyAttributesMap) algorithmParameterSpec;
        KeyAttributesMap keyAttributesMap2 = new KeyAttributesMap(KeyAttributePermissiveProfile.KEY_CREATION);
        try {
            keyAttributesMap2.putAll(keyAttributesMap);
            if (!this.session.isPresent()) {
                this.session = Optional.of(getProvider().getSession());
            }
            try {
                initKeyBuilder();
                SymmetricKeyBuilder orElseThrow = this.symmetricKeyBuilder.orElseThrow(() -> {
                    return new InternalException(InternalExceptionCause.UNEXPECTED_ERROR, ErrorMessages.KEY_GENERATOR_UNABLE_TO_GET_BUILDER.getMessage());
                });
                for (Map.Entry<KeyAttribute, Object> entry : keyAttributesMap2.entrySet()) {
                    try {
                        orElseThrow.addAttribute(new CoreAttribute(entry.getKey(), entry.getValue()));
                    } catch (AddAttributeException | AttributeException e) {
                        throw new InvalidAlgorithmParameterException(e.getMessage());
                    } catch (Exception e2) {
                        throw ErrorHandling.asCloudhsmException(e2);
                    }
                }
            } catch (Exception e3) {
                throw ErrorHandling.asCloudhsmException(e3);
            }
        } catch (AddAttributeException e4) {
            throw new InternalException(InternalExceptionCause.UNEXPECTED_ERROR, ErrorMessages.UNABLE_TO_ADD_ATTRIBUTE_TO_MAP.getMessage());
        }
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(int i, SecureRandom secureRandom) throws InvalidParameterException {
        KeyAttributesMap keyAttributesMap = new KeyAttributesMap();
        try {
            keyAttributesMap.put(KeyAttribute.SIZE, Integer.valueOf(i));
            engineInit(keyAttributesMap, secureRandom);
        } catch (AddAttributeException | InvalidAlgorithmParameterException e) {
            throw new InvalidParameterException(e.getMessage());
        }
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected SecretKey engineGenerateKey() {
        this.logger.debug("engineGenerateKey Called");
        try {
            try {
                this.session.orElseThrow(() -> {
                    return new IllegalStateException(ErrorMessages.KEY_GENERATOR_NOT_INITIALIZED.getMessage());
                });
                SecretKey createKeyInstance = createKeyInstance(this.symmetricKeyBuilder.orElseThrow(() -> {
                    return new InternalException(InternalExceptionCause.UNEXPECTED_ERROR, ErrorMessages.KEY_GENERATOR_UNABLE_TO_GET_BUILDER.getMessage());
                }).generate());
                resetState();
                this.logger.debug("Successfully generated key with algorithm: " + createKeyInstance.getAlgorithm());
                return createKeyInstance;
            } catch (AttributeException | AuthenticationException | InternalException | ProviderException | IllegalStateException e) {
                throw e;
            } catch (Exception e2) {
                throw new InternalException(InternalExceptionCause.INTERNAL_ERROR, e2);
            }
        } catch (Throwable th) {
            resetState();
            throw th;
        }
    }

    private void resetState() {
        this.session = Optional.empty();
        if (this.symmetricKeyBuilder.isPresent()) {
            this.symmetricKeyBuilder.get().delete();
        }
        this.symmetricKeyBuilder = Optional.empty();
    }

    private void initKeyBuilder() throws Exception {
        Session orElseThrow = this.session.orElseThrow(() -> {
            return new InternalException(InternalExceptionCause.UNEXPECTED_ERROR, ErrorMessages.UNABLE_TO_GET_SESSION.getMessage());
        });
        try {
            if (this.symmetricKeyBuilder.isPresent()) {
                this.symmetricKeyBuilder.get().delete();
            }
            this.symmetricKeyBuilder = Optional.of(createBuilder(orElseThrow));
        } catch (AddAttributeException | AuthenticationException | InternalException | ProviderException e) {
            throw e;
        } catch (Exception e2) {
            throw new InternalException(InternalExceptionCause.INTERNAL_ERROR, e2);
        }
    }
}
