package com.amazonaws.cloudhsm.jce.provider;

import com.amazonaws.cloudhsm.jce.jni.AsymmetricKeyBuilder;
import com.amazonaws.cloudhsm.jce.jni.CoreKeyPair;
import com.amazonaws.cloudhsm.jce.jni.Session;
import com.amazonaws.cloudhsm.jce.jni.exception.AddAttributeException;
import com.amazonaws.cloudhsm.jce.jni.exception.AttributeException;
import com.amazonaws.cloudhsm.jce.jni.exception.AuthenticationException;
import com.amazonaws.cloudhsm.jce.jni.exception.InternalException;
import com.amazonaws.cloudhsm.jce.jni.exception.InternalExceptionCause;
import com.amazonaws.cloudhsm.jce.jni.exception.InvalidEcParameterException;
import com.amazonaws.cloudhsm.jce.jni.exception.InvalidEcPointException;
import com.amazonaws.cloudhsm.jce.jni.exception.ProviderException;
import com.amazonaws.cloudhsm.jce.provider.attributes.CoreAttribute;
import com.amazonaws.cloudhsm.jce.provider.attributes.KeyAttributePermissiveProfile;
import com.amazonaws.cloudhsm.jce.provider.attributes.KeyAttributesMap;
import com.amazonaws.cloudhsm.jce.provider.attributes.KeyPairAttributesMap;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidParameterException;
import java.security.KeyPair;
import java.security.KeyPairGeneratorSpi;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.text.MessageFormat;
import java.util.Iterator;
import java.util.Optional;

/* loaded from: input_file:com/amazonaws/cloudhsm/jce/provider/CloudHsmKeyPairGeneratorBase.class */
abstract class CloudHsmKeyPairGeneratorBase extends KeyPairGeneratorSpi {
    private final CloudHsmProvider provider;
    final CloudHsmLogger logger = new CloudHsmLogger(getClass());
    Optional<Session> session = Optional.empty();
    Optional<AsymmetricKeyBuilder> asymmetricKeyBuilder = Optional.empty();

    /* JADX INFO: Access modifiers changed from: protected */
    public CloudHsmKeyPairGeneratorBase(CloudHsmProvider cloudHsmProvider) throws IllegalStateException {
        if (cloudHsmProvider == null) {
            throw new IllegalStateException(ErrorMessages.PROVIDER_NOT_INITIALIZED.getMessage());
        }
        this.provider = cloudHsmProvider;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CloudHsmProvider getProvider() {
        return this.provider;
    }

    abstract AsymmetricKeyBuilder createBuilder(Session session) throws Exception;

    abstract KeyPair createKeyPairInstance(CoreKeyPair coreKeyPair) throws Exception;

    abstract KeyPairAttributesMap getAttributesMapForSize(int i) throws InvalidParameterException;

    @Override // java.security.KeyPairGeneratorSpi
    public void initialize(AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidAlgorithmParameterException {
        if (algorithmParameterSpec == null) {
            throw new InvalidAlgorithmParameterException(ErrorMessages.SPEC_VALUE_PROVIDED_IS_NULL.getMessage());
        }
        if (!(algorithmParameterSpec instanceof KeyPairAttributesMap)) {
            throw new InvalidAlgorithmParameterException(MessageFormat.format(ErrorMessages.SPEC_PROVIDED_IS_NOT_AN_INSTANCE_OF_EXPECTED_TYPE.getMessage(), "KeyPairAttributesMap"));
        }
        KeyPairAttributesMap keyPairAttributesMap = (KeyPairAttributesMap) algorithmParameterSpec;
        KeyPairAttributesMap keyPairAttributesMap2 = new KeyPairAttributesMap(KeyAttributePermissiveProfile.KEY_PAIR_CREATION);
        try {
            keyPairAttributesMap2.putAll(keyPairAttributesMap);
            initializeSessionAndKeyBuilder(keyPairAttributesMap2);
        } catch (AddAttributeException e) {
            throw new InternalException(InternalExceptionCause.UNEXPECTED_ERROR, ErrorMessages.UNABLE_TO_ADD_ATTRIBUTE_TO_MAP.getMessage());
        }
    }

    protected void initializeSessionAndKeyBuilder(KeyPairAttributesMap keyPairAttributesMap) throws InvalidAlgorithmParameterException {
        KeyAttributesMap keyAttributesMap = keyPairAttributesMap.getPublic();
        KeyAttributesMap keyAttributesMap2 = keyPairAttributesMap.getPrivate();
        if (!this.session.isPresent()) {
            this.session = Optional.of(getProvider().getSession());
        }
        try {
            initKeyPairBuilder();
            AsymmetricKeyBuilder orElseThrow = this.asymmetricKeyBuilder.orElseThrow(() -> {
                return new InternalException(InternalExceptionCause.UNEXPECTED_ERROR, ErrorMessages.KEY_GENERATOR_UNABLE_TO_GET_BUILDER.getMessage());
            });
            try {
                Iterator<CoreAttribute> it = AttributesUtils.convertKeyAttributesMapToCoreAttributes(keyAttributesMap).iterator();
                while (it.hasNext()) {
                    orElseThrow.addAttributeToPublicTemplate(it.next());
                }
                Iterator<CoreAttribute> it2 = AttributesUtils.convertKeyAttributesMapToCoreAttributes(keyAttributesMap2).iterator();
                while (it2.hasNext()) {
                    orElseThrow.addAttributeToPrivateTemplate(it2.next());
                }
            } catch (AddAttributeException | AttributeException | InvalidEcParameterException | InvalidEcPointException e) {
                throw new InvalidAlgorithmParameterException(e);
            } catch (Exception e2) {
                throw ErrorHandling.asCloudhsmException(e2);
            }
        } catch (Exception e3) {
            throw ErrorHandling.asCloudhsmException(e3);
        }
    }

    @Override // java.security.KeyPairGeneratorSpi
    public void initialize(int i, SecureRandom secureRandom) throws InvalidParameterException {
        try {
            initialize(getAttributesMapForSize(i), secureRandom);
        } catch (InvalidAlgorithmParameterException e) {
            throw new InvalidParameterException(e.getMessage());
        }
    }

    @Override // java.security.KeyPairGeneratorSpi
    public KeyPair generateKeyPair() {
        this.logger.debug("generateKeyPair called");
        try {
            try {
                this.session.orElseThrow(() -> {
                    return new IllegalStateException(ErrorMessages.KEY_GENERATOR_NOT_INITIALIZED.getMessage());
                });
                KeyPair createKeyPairInstance = createKeyPairInstance(this.asymmetricKeyBuilder.orElseThrow(() -> {
                    return new InternalException(InternalExceptionCause.UNEXPECTED_ERROR, ErrorMessages.KEY_GENERATOR_UNABLE_TO_GET_BUILDER.getMessage());
                }).generate());
                resetState();
                return createKeyPairInstance;
            } catch (AttributeException | AuthenticationException | InternalException | ProviderException | IllegalStateException e) {
                throw e;
            } catch (Exception e2) {
                throw new InternalException(InternalExceptionCause.INTERNAL_ERROR, e2);
            }
        } catch (Throwable th) {
            resetState();
            throw th;
        }
    }

    private void resetState() {
        this.session = Optional.empty();
        if (this.asymmetricKeyBuilder.isPresent()) {
            this.asymmetricKeyBuilder.get().delete();
        }
        this.asymmetricKeyBuilder = Optional.empty();
    }

    private void initKeyPairBuilder() throws Exception {
        Session orElseThrow = this.session.orElseThrow(() -> {
            return new InternalException(InternalExceptionCause.UNEXPECTED_ERROR, ErrorMessages.UNABLE_TO_GET_SESSION.getMessage());
        });
        try {
            if (this.asymmetricKeyBuilder.isPresent()) {
                this.asymmetricKeyBuilder.get().delete();
            }
            this.asymmetricKeyBuilder = Optional.of(createBuilder(orElseThrow));
        } catch (AddAttributeException | AuthenticationException | InternalException | ProviderException e) {
            throw e;
        } catch (Exception e2) {
            throw new InternalException(InternalExceptionCause.INTERNAL_ERROR, e2);
        }
    }
}
