package com.sansec.jce.provider;

import com.sansec.asn1.ASN1Encodable;
import com.sansec.asn1.ASN1ObjectIdentifier;
import com.sansec.asn1.nist.NISTObjectIdentifiers;
import com.sansec.asn1.pkcs.GBObjectIdentifiers;
import com.sansec.asn1.pkcs.PKCSObjectIdentifiers;
import com.sansec.asn1.pkcs.PrivateKeyInfo;
import com.sansec.asn1.x509.AlgorithmIdentifier;
import com.sansec.asn1.x509.SubjectPublicKeyInfo;
import com.sansec.crypto.RuntimeCryptoException;
import com.sansec.device.SDSFactory;
import com.sansec.jcajce.provider.config.ConfigurableProvider;
import com.sansec.jcajce.provider.config.ProviderConfiguration;
import com.sansec.jcajce.provider.util.AlgorithmProvider;
import com.sansec.jcajce.provider.util.AsymmetricKeyInfoConverter;
import com.xdja.pki.ca.certmanager.service.task.CertPublishServiceImpl;
import com.xdja.pki.ca.core.Constants;
import com.xdja.pki.ldap.CryptoTypeStr;
import java.io.IOException;
import java.security.AccessController;
import java.security.PrivateKey;
import java.security.PrivilegedAction;
import java.security.Provider;
import java.security.PublicKey;
import java.util.HashMap;
import java.util.Map;

/* loaded from: input_file:WEB-INF/lib/XDJASSL-0.0.2.jar:com/sansec/jce/provider/SwxaProvider.class */
public final class SwxaProvider extends Provider implements ConfigurableProvider {
    private static final long serialVersionUID = 1;
    private static final String SYMMETRIC_PACKAGE = "com.sansec.jcajce.provider.symmetric.";
    private static final String ASYMMETRIC_PACKAGE = "com.sansec.jcajce.provider.asymmetric.";
    private static final String DIGEST_PACKAGE = "com.sansec.jcajce.provider.digest.";
    private static final String KEYSTORE_PACKAGE = "com.sansec.jcajce.provider.keystore.";
    private static final String RANDOM_PACKAGE = "com.sansec.jcajce.provider.random.";
    private static String info = "Sansec Security Provider v4.2.8";
    public static String PROVIDER_NAME = "SwxaJCE";
    public static final ProviderConfiguration CONFIGURATION = new BouncyCastleProviderConfiguration();
    private static final Map keyInfoConverters = new HashMap();
    private static final String[] SYMMETRIC_GENERIC = {"PBEPBKDF2", "PBEPKCS12", "TLSKDF"};
    private static final String[] SYMMETRIC_MACS = {"SipHash"};
    private static final String[] SYMMETRIC_CIPHERS = {"AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede", "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5", "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "SM4", "TEA", "Twofish", "Threefish", "VMPC", "VMPCKSA3", "XTEA", "XSalsa20", "OpenSSLPBKDF", "HsmBlockCipher", "HsmKeyGenerator"};
    private static final String[] ASYMMETRIC_GENERIC = {"X509", "IES"};
    private static final String[] ASYMMETRIC_CIPHERS = {"DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145", "SM2"};
    private static final String[] DIGESTS = {"GOST3411", "Keccak", "MD2", "MD4", "MD5", Constants.DIGEST_ALG_NAME_SHA1, "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Skein", CertPublishServiceImpl.DIGESTALGORITHMNAME, "Tiger", "Whirlpool", "Blake2b"};
    private static final String[] KEYSTORES = {CryptoTypeStr.BC, "PKCS12", "SWKS", "JKS"};
    private static final String[] RANDOMS = {"SecureRandom"};
    private static boolean isNull = false;
    private static Map<String, String> asymDeviceMap = new HashMap();
    private static Map<String, String> symmDeviceMap = new HashMap();

    static {
        asymDeviceMap.put("KeyPairGenerator.RSA", ".HSM");
        asymDeviceMap.put("Cipher.RSA.PublicKey", ".HSM");
        asymDeviceMap.put("Cipher.RSA.PrivateKey", ".HSM");
        asymDeviceMap.put("KeyPairGenerator.SM2", ".HSM");
        asymDeviceMap.put("Cipher.SM2.PublicKey", ".HSM");
        asymDeviceMap.put("Cipher.SM2.PrivateKey", ".HSM");
        asymDeviceMap.put("Signature.SM2.PublicKey", ".HSM");
        asymDeviceMap.put("Signature.SM2.PrivateKey", ".HSM");
        asymDeviceMap.put("KeyPairGenerator.ECDSA", ".HSM");
        asymDeviceMap.put("Signature.ECDSA.PublicKey", ".HSM");
        asymDeviceMap.put("Signature.ECDSA.PrivateKey", ".HSM");
        symmDeviceMap.put("KeyGenerator.AES", ".HSM");
        symmDeviceMap.put("KeyGenerator.SM1", ".HSM");
        symmDeviceMap.put("KeyGenerator.SM4", ".HSM");
        symmDeviceMap.put("KeyGenerator.SSF33", ".HSM");
        symmDeviceMap.put("KeyGenerator.DES", ".HSM");
        symmDeviceMap.put("KeyGenerator.3DES", ".HSM");
        symmDeviceMap.put("KeyGenerator.DES3", ".HSM");
        symmDeviceMap.put("KeyGenerator.DESEDE", ".HSM");
        symmDeviceMap.put("Cipher.AES", ".HSM");
        symmDeviceMap.put("Cipher.AES128", ".HSM");
        symmDeviceMap.put("Cipher.AESCBC", ".HSM");
        symmDeviceMap.put("Cipher.AESGCM", ".HSM");
        symmDeviceMap.put("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, ".HSM");
        symmDeviceMap.put("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, ".HSM");
        symmDeviceMap.put("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, ".HSM");
        symmDeviceMap.put("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, ".HSM");
        symmDeviceMap.put("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, ".HSM");
        symmDeviceMap.put("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, ".HSM");
        symmDeviceMap.put("Cipher.SM1", ".HSM");
        symmDeviceMap.put("Cipher." + GBObjectIdentifiers.sm1, ".HSM");
        symmDeviceMap.put("Cipher.SM1CBC", ".HSM");
        symmDeviceMap.put("Cipher.SM1CTR", ".HSM");
        symmDeviceMap.put("AlgorithmParameters.SM1", ".HSM");
        symmDeviceMap.put("AlgorithmParameterGenerator.SM1", ".HSM");
        symmDeviceMap.put("Cipher.SM4", ".HSM");
        symmDeviceMap.put("Cipher." + GBObjectIdentifiers.sm4, ".HSM");
        symmDeviceMap.put("Cipher.SM4CBC", ".HSM");
        symmDeviceMap.put("Cipher.SM4CTR", ".HSM");
        symmDeviceMap.put("AlgorithmParameters.SM4", ".HSM");
        symmDeviceMap.put("AlgorithmParameterGenerator.SM4", ".HSM");
        symmDeviceMap.put("Cipher.SSF33", ".HSM");
        symmDeviceMap.put("Alg.Alias.Cipher." + GBObjectIdentifiers.ssf33, ".HSM");
        symmDeviceMap.put("Cipher.SSF33CBC", ".HSM");
        symmDeviceMap.put("AlgorithmParameters.SSF33", ".HSM");
        symmDeviceMap.put("AlgorithmParameterGenerator.SSF33", ".HSM");
        symmDeviceMap.put("Cipher.DESEDE3", ".HSM");
        symmDeviceMap.put("Cipher.DES3", ".HSM");
        symmDeviceMap.put("Cipher.3DES", ".HSM");
        symmDeviceMap.put("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, ".HSM");
        symmDeviceMap.put("Cipher.3DES/CBC/", ".HSM");
        symmDeviceMap.put("Cipher.3DESCBC", ".HSM");
    }

    public SwxaProvider() {
        super(PROVIDER_NAME, 4.2d, info);
        AccessController.doPrivileged(new PrivilegedAction() { // from class: com.sansec.jce.provider.SwxaProvider.1
            @Override // java.security.PrivilegedAction
            public Object run() {
                SwxaProvider.this.setup();
                return null;
            }
        });
        if (isNull) {
            return;
        }
        try {
            SDSFactory.getInstance();
        } catch (Exception e) {
            throw new RuntimeCryptoException("Initlize HSM Pools error,Please check the swsds.ini.", e);
        }
    }

    public SwxaProvider(String str) {
        super(PROVIDER_NAME, 4.01d, info);
        AccessController.doPrivileged(new PrivilegedAction() { // from class: com.sansec.jce.provider.SwxaProvider.2
            @Override // java.security.PrivilegedAction
            public Object run() {
                SwxaProvider.this.setup();
                return null;
            }
        });
        if (str == null) {
            isNull = true;
            return;
        }
        try {
            SDSFactory.getInstance(str);
        } catch (Exception e) {
            throw new RuntimeCryptoException("Initlize HSM Pools error,Please check the swsds.ini.", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setup() {
        loadAlgorithms(DIGEST_PACKAGE, DIGESTS);
        loadAlgorithms(SYMMETRIC_PACKAGE, SYMMETRIC_GENERIC);
        loadAlgorithms(SYMMETRIC_PACKAGE, SYMMETRIC_MACS);
        loadAlgorithms(SYMMETRIC_PACKAGE, SYMMETRIC_CIPHERS);
        loadAlgorithms(ASYMMETRIC_PACKAGE, ASYMMETRIC_GENERIC);
        loadAlgorithms(ASYMMETRIC_PACKAGE, ASYMMETRIC_CIPHERS);
        loadAlgorithms(KEYSTORE_PACKAGE, KEYSTORES);
        loadAlgorithms(RANDOM_PACKAGE, RANDOMS);
        put("X509Store.CERTIFICATE/COLLECTION", "com.sansec.jce.provider.X509StoreCertCollection");
        put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "com.sansec.jce.provider.X509StoreAttrCertCollection");
        put("X509Store.CRL/COLLECTION", "com.sansec.jce.provider.X509StoreCRLCollection");
        put("X509Store.CERTIFICATEPAIR/COLLECTION", "com.sansec.jce.provider.X509StoreCertPairCollection");
        put("X509Store.CERTIFICATE/LDAP", "com.sansec.jce.provider.X509StoreLDAPCerts");
        put("X509Store.CRL/LDAP", "com.sansec.jce.provider.X509StoreLDAPCRLs");
        put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "com.sansec.jce.provider.X509StoreLDAPAttrCerts");
        put("X509Store.CERTIFICATEPAIR/LDAP", "com.sansec.jce.provider.X509StoreLDAPCertPairs");
        put("X509StreamParser.CERTIFICATE", "com.sansec.jce.provider.X509CertParser");
        put("X509StreamParser.ATTRIBUTECERTIFICATE", "com.sansec.jce.provider.X509AttrCertParser");
        put("X509StreamParser.CRL", "com.sansec.jce.provider.X509CRLParser");
        put("X509StreamParser.CERTIFICATEPAIR", "com.sansec.jce.provider.X509CertPairParser");
        put("Cipher.BROKENPBEWITHMD5ANDDES", "com.sansec.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES");
        put("Cipher.BROKENPBEWITHSHA1ANDDES", "com.sansec.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES");
        put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "com.sansec.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish");
        put("CertPathValidator.RFC3281", "com.sansec.jce.provider.PKIXAttrCertPathValidatorSpi");
        put("CertPathBuilder.RFC3281", "com.sansec.jce.provider.PKIXAttrCertPathBuilderSpi");
        put("CertPathValidator.RFC3280", "com.sansec.jce.provider.PKIXCertPathValidatorSpi");
        put("CertPathBuilder.RFC3280", "com.sansec.jce.provider.PKIXCertPathBuilderSpi");
        put("CertPathValidator.PKIX", "com.sansec.jce.provider.PKIXCertPathValidatorSpi");
        put("CertPathBuilder.PKIX", "com.sansec.jce.provider.PKIXCertPathBuilderSpi");
        put("CertStore.Collection", "com.sansec.jce.provider.CertStoreCollectionSpi");
        put("CertStore.LDAP", "com.sansec.jce.provider.X509LDAPCertStoreSpi");
        put("CertStore.Multi", "com.sansec.jce.provider.MultiCertStoreSpi");
        put("Alg.Alias.CertStore.X509LDAP", "LDAP");
        loadSSL();
    }

    private void loadSSL() {
        put("KeyGenerator.SwTlsPrf", "com.sansec.jsses.provider.TlsPrfGenerator");
        put("KeyGenerator.SwTlsRsaPremasterSecret", "com.sansec.jsses.provider.TlsRsaPremasterSecretGenerator");
        put("KeyGenerator.SwTlsSm2PremasterSecret", "com.sansec.jsses.provider.TlsSm2PremasterSecretGenerator");
        put("KeyGenerator.SwTlsMasterSecret", "com.sansec.jsses.provider.TlsMasterSecretGenerator");
        put("KeyGenerator.SwTlsKeyMaterial", "com.sansec.jsses.provider.TlsKeyMaterialGenerator");
    }

    private void loadAlgorithms(String str, String[] strArr) {
        for (int i = 0; i != strArr.length; i++) {
            Class<?> cls = null;
            try {
                ClassLoader classLoader = getClass().getClassLoader();
                cls = classLoader != null ? classLoader.loadClass(String.valueOf(str) + strArr[i] + "$Mappings") : Class.forName(String.valueOf(str) + strArr[i] + "$Mappings");
            } catch (ClassNotFoundException e) {
            }
            if (cls != null) {
                try {
                    ((AlgorithmProvider) cls.newInstance()).configure(this);
                } catch (Exception e2) {
                    throw new InternalError("cannot create instance of " + str + strArr[i] + "$Mappings : " + e2);
                }
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [com.sansec.jcajce.provider.config.ProviderConfiguration] */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v4 */
    @Override // com.sansec.jcajce.provider.config.ConfigurableProvider
    public void setParameter(String str, Object obj) {
        ?? r0 = CONFIGURATION;
        synchronized (r0) {
            ((BouncyCastleProviderConfiguration) CONFIGURATION).setParameter(str, obj);
            r0 = r0;
        }
    }

    @Override // com.sansec.jcajce.provider.config.ConfigurableProvider
    public boolean hasAlgorithm(String str, String str2) {
        return containsKey(new StringBuilder(String.valueOf(str)).append(".").append(str2).toString()) || containsKey(new StringBuilder("Alg.Alias.").append(str).append(".").append(str2).toString());
    }

    @Override // com.sansec.jcajce.provider.config.ConfigurableProvider
    public void addAlgorithm(String str, String str2) {
        if (containsKey(str)) {
            throw new IllegalStateException("duplicate provider key (" + str + ") found");
        }
        put(str, str2);
    }

    @Override // com.sansec.jcajce.provider.config.ConfigurableProvider
    public void addAlgorithm(String str, ASN1ObjectIdentifier aSN1ObjectIdentifier, String str2) {
        addAlgorithm(String.valueOf(str) + "." + aSN1ObjectIdentifier, str2);
        addAlgorithm(String.valueOf(str) + ".OID." + aSN1ObjectIdentifier, str2);
    }

    @Override // com.sansec.jcajce.provider.config.ConfigurableProvider
    public void addAlgorithmHsm(String str, String str2) {
        String str3 = String.valueOf(str) + ".HSM";
        if (containsKey(str3)) {
            throw new IllegalStateException("duplicate provider key (" + str3 + ") found");
        }
        put(str3, str2);
    }

    @Override // com.sansec.jcajce.provider.config.ConfigurableProvider
    public void addAlgorithmHsm(String str, ASN1ObjectIdentifier aSN1ObjectIdentifier, String str2) {
        addAlgorithmHsm(String.valueOf(str) + "." + aSN1ObjectIdentifier, str2);
        addAlgorithmHsm(String.valueOf(str) + ".OID." + aSN1ObjectIdentifier, str2);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [java.util.Map] */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v4 */
    @Override // com.sansec.jcajce.provider.config.ConfigurableProvider
    public void addKeyInfoConverter(ASN1ObjectIdentifier aSN1ObjectIdentifier, AsymmetricKeyInfoConverter asymmetricKeyInfoConverter) {
        ?? r0 = keyInfoConverters;
        synchronized (r0) {
            keyInfoConverters.put(aSN1ObjectIdentifier, asymmetricKeyInfoConverter);
            r0 = r0;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [java.util.Map] */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v4, types: [com.sansec.jcajce.provider.util.AsymmetricKeyInfoConverter] */
    private static AsymmetricKeyInfoConverter getAsymmetricKeyInfoConverter(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        ?? r0 = keyInfoConverters;
        synchronized (r0) {
            r0 = (AsymmetricKeyInfoConverter) keyInfoConverters.get(aSN1ObjectIdentifier);
        }
        return r0;
    }

    public static PublicKey getPublicKey(SubjectPublicKeyInfo subjectPublicKeyInfo) throws IOException {
        AlgorithmIdentifier algorithm = subjectPublicKeyInfo.getAlgorithm();
        ASN1ObjectIdentifier algorithm2 = algorithm.getAlgorithm();
        ASN1Encodable parameters = algorithm.getParameters();
        if ((parameters instanceof ASN1ObjectIdentifier) && ((ASN1ObjectIdentifier) parameters).equals(GBObjectIdentifiers.sm2)) {
            algorithm2 = GBObjectIdentifiers.sm2;
        }
        AsymmetricKeyInfoConverter asymmetricKeyInfoConverter = getAsymmetricKeyInfoConverter(algorithm2);
        if (asymmetricKeyInfoConverter == null) {
            return null;
        }
        return asymmetricKeyInfoConverter.generatePublic(subjectPublicKeyInfo);
    }

    public static PrivateKey getPrivateKey(PrivateKeyInfo privateKeyInfo) throws IOException {
        AlgorithmIdentifier privateKeyAlgorithm = privateKeyInfo.getPrivateKeyAlgorithm();
        ASN1ObjectIdentifier algorithm = privateKeyAlgorithm.getAlgorithm();
        ASN1Encodable parameters = privateKeyAlgorithm.getParameters();
        if ((parameters instanceof ASN1ObjectIdentifier) && ((ASN1ObjectIdentifier) parameters).equals(GBObjectIdentifiers.sm2)) {
            algorithm = GBObjectIdentifiers.sm2;
        }
        AsymmetricKeyInfoConverter asymmetricKeyInfoConverter = getAsymmetricKeyInfoConverter(algorithm);
        if (asymmetricKeyInfoConverter == null) {
            return null;
        }
        return asymmetricKeyInfoConverter.generatePrivate(privateKeyInfo);
    }

    public static void setAsymDevice(String str, String str2, String str3) {
        setDevice(asymDeviceMap, str, str2, str3);
    }

    public static void setsymmDevice(String str, String str2, String str3) {
        setDevice(symmDeviceMap, str, str2, str3);
    }

    private static void setDevice(Map map, String str, String str2, String str3) {
        if ("HSM".equals(str3.toUpperCase())) {
            map.put(String.valueOf(str) + "." + str2, ".HSM");
        } else {
            map.put(String.valueOf(str) + "." + str2, "");
        }
    }

    private static String getDevice(Map map, String str, String str2) {
        if (Boolean.parseBoolean(System.getProperty("SANSEC.SSL", "false"))) {
            return str2;
        }
        String str3 = String.valueOf(str) + "." + str2;
        return String.valueOf(str2) + (map.containsKey(str3) ? (String) map.get(str3) : "");
    }

    public static boolean isHsm(Boolean bool, String str, String str2) {
        return bool == null ? (String.valueOf(str2) + ".HSM").equals(getDevice(asymDeviceMap, str, str2)) : bool.booleanValue() ? (String.valueOf(str2) + ".PublicKey.HSM").equals(getDevice(asymDeviceMap, str, String.valueOf(str2) + ".PublicKey")) : (String.valueOf(str2) + ".PublicKey.HSM").equals(getDevice(asymDeviceMap, str, String.valueOf(str2) + ".PublicKey"));
    }

    @Override // java.security.Provider
    public synchronized Provider.Service getService(String str, String str2) {
        return super.getService(str, getDevice(symmDeviceMap, str, str2));
    }
}
