package com.amazonaws.cloudhsm.jce.provider;

import com.amazonaws.cloudhsm.jce.jni.CoreKey;
import com.amazonaws.cloudhsm.jce.provider.attributes.KeyType;
import com.amazonaws.cloudhsm.jce.provider.attributes.ObjectClassType;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.text.MessageFormat;
import java.util.stream.Stream;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:BOOT-INF/lib/cloudhsm-jce-0.0.1-SNAPSHOT.jar:com/amazonaws/cloudhsm/jce/provider/KeyUtil.class */
public class KeyUtil {
    KeyUtil() {
    }

    public static Key getCloudHsmKey(CoreKey coreKey, KeyType keyType, ObjectClassType objectClassType, CloudHsmProvider cloudHsmProvider) throws NoSuchAlgorithmException {
        switch (keyType) {
            case AES:
                return new AesKey(coreKey, cloudHsmProvider);
            case DESEDE:
                return new TripleDesKey(coreKey, cloudHsmProvider);
            case EC:
                switch (objectClassType) {
                    case PUBLIC_KEY:
                        return new CloudHsmEcPublicKey(coreKey, cloudHsmProvider);
                    case PRIVATE_KEY:
                        return new CloudHsmEcPrivateKey(coreKey, cloudHsmProvider);
                    default:
                        throw new NoSuchAlgorithmException(ErrorMessages.EC_RSA_OBJECT_CLASS_TYPE_INVALID.getMessage());
                }
            case GENERIC_SECRET:
                return new GenericSecretKey(coreKey, cloudHsmProvider);
            case RSA:
                switch (objectClassType) {
                    case PUBLIC_KEY:
                        return new CloudHsmRsaPublicKey(coreKey, cloudHsmProvider);
                    case PRIVATE_KEY:
                        return new CloudHsmRsaPrivateCrtKey(coreKey, cloudHsmProvider);
                    default:
                        throw new NoSuchAlgorithmException(ErrorMessages.EC_RSA_OBJECT_CLASS_TYPE_INVALID.getMessage());
                }
            default:
                throw new NoSuchAlgorithmException(ErrorMessages.KEY_TYPE_INVALID.getMessage());
        }
    }

    public static KeyType getKeyType(String str) {
        if (Algorithm.AES.toString().equalsIgnoreCase(str)) {
            return KeyType.AES;
        }
        if (Algorithm.EC.toString().equalsIgnoreCase(str)) {
            return KeyType.EC;
        }
        if (Algorithm.DES_EDE.toString().equalsIgnoreCase(str)) {
            return KeyType.DESEDE;
        }
        if (Algorithm.RSA.toString().equalsIgnoreCase(str)) {
            return KeyType.RSA;
        }
        if (Stream.of((Object[]) new Algorithm[]{Algorithm.GENERIC_SECRET, Algorithm.HMAC_SHA1, Algorithm.HMAC_SHA224, Algorithm.HMAC_SHA256, Algorithm.HMAC_SHA384, Algorithm.HMAC_SHA512}).anyMatch(algorithm -> {
            return algorithm.toString().equalsIgnoreCase(str);
        })) {
            return KeyType.GENERIC_SECRET;
        }
        throw new IllegalArgumentException(ErrorMessages.KEY_TYPE_INVALID.getMessage());
    }

    public static ObjectClassType getObjectClass(int i) {
        switch (i) {
            case 1:
                return ObjectClassType.PUBLIC_KEY;
            case 2:
                return ObjectClassType.PRIVATE_KEY;
            case 3:
                return ObjectClassType.SECRET_KEY;
            default:
                throw new IllegalArgumentException(ErrorMessages.KEY_TYPE_INVALID.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean validateKeyProvider(CloudHsmKey cloudHsmKey, CloudHsmProvider cloudHsmProvider) throws InvalidKeyException {
        if (cloudHsmKey == null) {
            return false;
        }
        if (cloudHsmKey.getProvider() != cloudHsmProvider) {
            throw new InvalidKeyException(MessageFormat.format(ErrorMessages.KEY_NOT_BELONG_TO_PROVIDER.getMessage(), cloudHsmProvider.getName()));
        }
        return true;
    }
}
