package com.amazonaws.cloudhsm.jce.provider;

import com.amazonaws.cloudhsm.jce.jni.EcPrivateKey;
import com.amazonaws.cloudhsm.jce.jni.JniUtility;
import com.amazonaws.cloudhsm.jce.jni.exception.AddAttributeException;
import com.amazonaws.cloudhsm.jce.jni.exception.AttributeException;
import com.amazonaws.cloudhsm.jce.jni.exception.InvalidEcParameterException;
import com.amazonaws.cloudhsm.jce.jni.exception.InvalidEcPointException;
import com.amazonaws.cloudhsm.jce.jni.exception.InvalidPkcs8EncodedKeyException;
import com.amazonaws.cloudhsm.jce.jni.exception.InvalidX509EncodedKeyException;
import com.amazonaws.cloudhsm.jce.provider.attributes.KeyAttribute;
import com.amazonaws.cloudhsm.jce.provider.attributes.KeyAttributesMap;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.KeyFactorySpi;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.text.MessageFormat;
import java.util.AbstractMap;

/* loaded from: input_file:com/amazonaws/cloudhsm/jce/provider/EcKeyFactory.class */
public class EcKeyFactory extends KeyFactorySpi {
    private final CloudHsmLogger logger;
    private final CloudHsmProvider provider;

    public EcKeyFactory(CloudHsmProvider cloudHsmProvider) throws IllegalStateException {
        if (cloudHsmProvider == null) {
            throw new IllegalStateException(ErrorMessages.PROVIDER_NOT_INITIALIZED.getMessage());
        }
        this.logger = new CloudHsmLogger(getClass(), cloudHsmProvider.getId(), cloudHsmProvider.getClusterName());
        this.provider = cloudHsmProvider;
    }

    protected CloudHsmProvider getProvider() {
        return this.provider;
    }

    @Override // java.security.KeyFactorySpi
    protected PublicKey engineGeneratePublic(KeySpec keySpec) throws InvalidKeySpecException {
        this.logger.debug("Entering engineGeneratePublic.");
        if (keySpec == null) {
            throw new InvalidKeySpecException(ErrorMessages.SPEC_VALUE_PROVIDED_IS_NULL.getMessage());
        }
        KeyAttributesMap keyAttributesMap = new KeyAttributesMap();
        if (keySpec instanceof ECPublicKeySpec) {
            ECPublicKeySpec eCPublicKeySpec = (ECPublicKeySpec) keySpec;
            try {
                keyAttributesMap.put(KeyAttribute.EC_PARAMS, eCPublicKeySpec.getParams());
                keyAttributesMap.put(KeyAttribute.EC_POINT, eCPublicKeySpec.getW());
            } catch (AddAttributeException | InvalidParameterException e) {
                throw new InvalidKeySpecException(e);
            }
        } else if (keySpec instanceof X509EncodedKeySpec) {
            try {
                AbstractMap.SimpleImmutableEntry<ECParameterSpec, ECPoint> ecPublicKeyFromX509Encoding = EcUtils.getEcPublicKeyFromX509Encoding(((X509EncodedKeySpec) keySpec).getEncoded());
                keyAttributesMap.put(KeyAttribute.EC_PARAMS, ecPublicKeyFromX509Encoding.getKey());
                keyAttributesMap.put(KeyAttribute.EC_POINT, ecPublicKeyFromX509Encoding.getValue());
            } catch (AddAttributeException | InvalidX509EncodedKeyException | InvalidParameterException e2) {
                throw new InvalidKeySpecException(e2);
            }
        } else {
            if (!(keySpec instanceof KeyAttributesMap)) {
                throw new InvalidKeySpecException(MessageFormat.format(ErrorMessages.SPEC_PROVIDED_IS_NOT_AN_INSTANCE_OF_EXPECTED_TYPE.getMessage(), ECPublicKeySpec.class.getSimpleName()));
            }
            keyAttributesMap = (KeyAttributesMap) keySpec;
        }
        try {
            return ImportKey.importEcPublicKey(getProvider().getSession(), keyAttributesMap, getProvider());
        } catch (AddAttributeException | AttributeException | InvalidEcParameterException | InvalidEcPointException e3) {
            throw new InvalidKeySpecException(e3);
        }
    }

    @Override // java.security.KeyFactorySpi
    protected PrivateKey engineGeneratePrivate(KeySpec keySpec) throws InvalidKeySpecException {
        this.logger.debug("Entering engineGeneratePrivate.");
        if (keySpec == null) {
            throw new InvalidKeySpecException(ErrorMessages.SPEC_VALUE_PROVIDED_IS_NULL.getMessage());
        }
        KeyAttributesMap keyAttributesMap = new KeyAttributesMap();
        if (keySpec instanceof ECPrivateKeySpec) {
            ECPrivateKeySpec eCPrivateKeySpec = (ECPrivateKeySpec) keySpec;
            try {
                keyAttributesMap.put(KeyAttribute.EC_PARAMS, eCPrivateKeySpec.getParams());
                keyAttributesMap.put(KeyAttribute.VALUE, eCPrivateKeySpec.getS().toByteArray());
            } catch (AddAttributeException | InvalidParameterException e) {
                throw new InvalidKeySpecException(e);
            }
        } else if (keySpec instanceof PKCS8EncodedKeySpec) {
            try {
                EcPrivateKey ecPrivateKeyFromPkcs8EncodedBytes = JniUtility.ecPrivateKeyFromPkcs8EncodedBytes(((PKCS8EncodedKeySpec) keySpec).getEncoded());
                keyAttributesMap.put(KeyAttribute.EC_PARAMS, EcUtils.createECParameterSpecFromCoreEcParameter(ecPrivateKeyFromPkcs8EncodedBytes.getEcParameter()));
                keyAttributesMap.put(KeyAttribute.VALUE, ecPrivateKeyFromPkcs8EncodedBytes.getKeyData());
            } catch (AddAttributeException | InvalidPkcs8EncodedKeyException | InvalidParameterException e2) {
                throw new InvalidKeySpecException(e2);
            } catch (Exception e3) {
                throw ErrorHandling.asCloudhsmException(e3);
            }
        } else {
            if (!(keySpec instanceof KeyAttributesMap)) {
                throw new InvalidKeySpecException(MessageFormat.format(ErrorMessages.SPEC_PROVIDED_IS_NOT_AN_INSTANCE_OF_EXPECTED_TYPE.getMessage(), ECPrivateKeySpec.class.getSimpleName()));
            }
            keyAttributesMap = (KeyAttributesMap) keySpec;
        }
        try {
            return ImportKey.importEcPrivateKey(getProvider().getSession(), keyAttributesMap, getProvider());
        } catch (AddAttributeException | AttributeException | InvalidEcParameterException | InvalidEcPointException e4) {
            throw new InvalidKeySpecException(e4);
        }
    }

    @Override // java.security.KeyFactorySpi
    protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> cls) throws InvalidKeySpecException {
        throw new UnsupportedOperationException(ErrorMessages.KEY_GET_SPEC_IS_NOT_SUPPORTED.getMessage());
    }

    @Override // java.security.KeyFactorySpi
    protected Key engineTranslateKey(Key key) throws InvalidKeyException {
        this.logger.debug("Entering engineTranslateKey.");
        if (key == null) {
            throw new InvalidKeyException(ErrorMessages.KEY_TO_TRANSLATE_IS_NULL.getMessage());
        }
        if (!key.getAlgorithm().equalsIgnoreCase(Algorithm.EC.toString())) {
            throw new InvalidKeyException(MessageFormat.format(ErrorMessages.KEY_ALGORITHM_VALUE_INVALID.getMessage(), Algorithm.EC.toString(), key.getAlgorithm()));
        }
        if (!(key instanceof CloudHsmKey)) {
            return ImportKey.importEcKey(getProvider().getSession(), key, new KeyAttributesMap(), getProvider());
        }
        KeyUtil.validateKeyProvider((CloudHsmKey) key, getProvider());
        this.logger.debug("Key translation is not required as it is already instance of CloudHsmKey type.");
        return key;
    }
}
