package org.xipki.pkcs11.wrapper;

import iaik.pkcs.pkcs11.wrapper.CK_C_INITIALIZE_ARGS;
import iaik.pkcs.pkcs11.wrapper.PKCS11;
import iaik.pkcs.pkcs11.wrapper.PKCS11Implementation;
import java.io.BufferedReader;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.nio.file.StandardCopyOption;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.concurrent.atomic.AtomicBoolean;

/* loaded from: input_file:WEB-INF/lib/ipkcs11wrapper-1.0.4.jar:org/xipki/pkcs11/wrapper/PKCS11Module.class */
public class PKCS11Module {
    static final int BEHAVIOUR_ECDSA_SIGNATURE_X962 = 1;
    static final int BEHAVIOUR_SM2_SIGNATURE_X962 = 2;
    static final int BEHAVIOUR_EC_PRIVATEKEY_ECPOINT = 3;
    static final int BEHAVIOUR_SM2_PRIVATEKEY_ECPOINT = 4;
    private final PKCS11Implementation pkcs11;
    private static boolean linkedAndInitialized;
    private Boolean ecPointFixNeeded;
    private Boolean ecdsaSignatureFixNeeded;
    private Boolean sm2SignatureFixNeeded;
    private boolean withVendorCodeMap;
    private final Map<Long, Long> ckkGenericToVendorMap = new HashMap();
    private final Map<Long, Long> ckkVendorToGenericMap = new HashMap();
    private final Map<Long, Long> ckmGenericToVendorMap = new HashMap();
    private final Map<Long, Long> ckmVendorToGenericMap = new HashMap();
    private final Set<Integer> vendorBehaviours = new HashSet();
    private static final AtomicBoolean licensePrinted = new AtomicBoolean(false);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/ipkcs11wrapper-1.0.4.jar:org/xipki/pkcs11/wrapper/PKCS11Module$VendorConfBlock.class */
    public static final class VendorConfBlock {
        private List<String> modulePaths;
        private List<String> manufacturerIDs;
        private List<String> descriptions;
        private List<String> versions;
        private String vendorBehaviours;
        private final Map<String, String> nameToCodeMap;

        private VendorConfBlock() {
            this.nameToCodeMap = new HashMap();
        }

        void validate() throws IOException {
            if (isEmpty(this.modulePaths) && isEmpty(this.manufacturerIDs) && isEmpty(this.descriptions)) {
                throw new IOException("invalid <vendor>-block");
            }
        }

        boolean matches(String str, String str2, String str3, Version version) {
            if (!isEmpty(this.modulePaths) && !contains(this.modulePaths, Paths.get(str, new String[0]).getFileName().toString())) {
                return false;
            }
            if (!isEmpty(this.manufacturerIDs) && !contains(this.manufacturerIDs, str2)) {
                return false;
            }
            if (!isEmpty(this.descriptions) && !contains(this.descriptions, str3)) {
                return false;
            }
            if (isEmpty(this.versions)) {
                return true;
            }
            int major = ((255 & version.getMajor()) << 8) + (255 & version.getMinor());
            boolean z = false;
            Iterator<String> it = this.versions.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                String next = it.next();
                int indexOf = next.indexOf("-");
                int intVersion = indexOf == -1 ? toIntVersion(next) : toIntVersion(next.substring(0, indexOf));
                int intVersion2 = indexOf == -1 ? intVersion : toIntVersion(next.substring(indexOf + 1));
                if (major >= intVersion && major <= intVersion2) {
                    z = true;
                    break;
                }
            }
            return z;
        }

        private static int toIntVersion(String str) {
            StringTokenizer stringTokenizer = new StringTokenizer(str, ".");
            return (Integer.parseInt(stringTokenizer.nextToken()) << 8) + Integer.parseInt(stringTokenizer.nextToken());
        }

        private static boolean isEmpty(Collection<?> collection) {
            return collection == null || collection.isEmpty();
        }

        private static boolean contains(List<String> list, String str) {
            String lowerCase = str.toLowerCase(Locale.ROOT);
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                if (lowerCase.contains(it.next())) {
                    return true;
                }
            }
            return false;
        }

        public String toString() {
            return "VendorConfBlock\n  modulePaths:      " + this.modulePaths + "\n  manufacturerIDs:  " + this.manufacturerIDs + "\n  descriptions:     " + this.descriptions + "\n  versions:         " + this.versions + "\n  vendorBehaviours: " + this.vendorBehaviours + "\n  nameToCodeMap:    " + this.nameToCodeMap;
        }
    }

    protected PKCS11Module(PKCS11Implementation pKCS11Implementation) {
        this.pkcs11 = (PKCS11Implementation) Functions.requireNonNull("pkcs11", pKCS11Implementation);
    }

    public static PKCS11Module getInstance(String str) throws IOException {
        synchronized (licensePrinted) {
            if (!licensePrinted.get()) {
                StaticLogger.info("This product (ipkcs11wrapper) includes software (IAIK PKCS#11 wrapper version 1.6.8)\ndeveloped by Stiftung SIC which is licensed under \"IAIK PKCS#11 Wrapper License\"- \nA copy of this license is downloadable under \nhttps://jce.iaik.tugraz.at/products/core-crypto-toolkits/pkcs11-wrapper/#License.\nAll other parts are licensed under Apache License, version 2.", new Object[0]);
                licensePrinted.set(true);
            }
        }
        ensureLinkedAndInitialized();
        StaticLogger.info("PKCS11Module.getInstance: pkcs11ModulePath={}", str);
        return new PKCS11Module(new PKCS11Implementation((String) Functions.requireNonNull("pkcs11ModulePath", str)));
    }

    private static synchronized void ensureLinkedAndInitialized() {
        if (linkedAndInitialized) {
            return;
        }
        try {
            System.loadLibrary("pkcs11wrapper");
        } catch (UnsatisfiedLinkError e) {
            try {
                loadWrapperFromJar();
            } catch (IOException e2) {
                throw new UnsatisfiedLinkError("no pkcs11wrapper in library path or jar file. " + e2.getMessage());
            }
        }
        PKCS11Implementation.initializeLibrary();
        linkedAndInitialized = true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Boolean getEcPointFixNeeded() {
        return this.ecPointFixNeeded;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setEcPointFixNeeded(Boolean bool) {
        this.ecPointFixNeeded = bool;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Boolean getEcdsaSignatureFixNeeded() {
        return this.ecdsaSignatureFixNeeded;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setEcdsaSignatureFixNeeded(Boolean bool) {
        this.ecdsaSignatureFixNeeded = bool;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Boolean getSm2SignatureFixNeeded() {
        return this.sm2SignatureFixNeeded;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSm2SignatureFixNeeded(Boolean bool) {
        this.sm2SignatureFixNeeded = bool;
    }

    public ModuleInfo getInfo() throws PKCS11Exception {
        return new ModuleInfo(this.pkcs11.C_GetInfo());
    }

    public void initialize() throws PKCS11Exception {
        CK_C_INITIALIZE_ARGS ck_c_initialize_args = new CK_C_INITIALIZE_ARGS();
        ck_c_initialize_args.flags |= 2;
        StaticLogger.info("C_Initialize: flags=0x{}", Functions.toFullHex(ck_c_initialize_args.flags));
        this.pkcs11.C_Initialize(ck_c_initialize_args, true);
        initVendor();
    }

    public void finalize(Object obj) throws PKCS11Exception {
        this.pkcs11.C_Finalize(obj);
    }

    public Slot[] getSlotList(boolean z) throws PKCS11Exception {
        long[] C_GetSlotList = this.pkcs11.C_GetSlotList(z);
        Slot[] slotArr = new Slot[C_GetSlotList.length];
        for (int i = 0; i < slotArr.length; i++) {
            slotArr[i] = new Slot(this, C_GetSlotList[i]);
        }
        return slotArr;
    }

    public Slot waitForSlotEvent(boolean z) throws PKCS11Exception {
        return new Slot(this, this.pkcs11.C_WaitForSlotEvent(z ? 1L : 0L, null));
    }

    public PKCS11 getPKCS11Module() {
        return this.pkcs11;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean hasVendorBehaviour(int i) {
        return this.vendorBehaviours.contains(Integer.valueOf(i));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public long ckkGenericToVendor(long j) {
        return this.withVendorCodeMap ? this.ckkGenericToVendorMap.getOrDefault(Long.valueOf(j), Long.valueOf(j)).longValue() : j;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public long ckkVendorToGeneric(long j) {
        return this.withVendorCodeMap ? this.ckkVendorToGenericMap.getOrDefault(Long.valueOf(j), Long.valueOf(j)).longValue() : j;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public long ckmGenericToVendor(long j) {
        return this.withVendorCodeMap ? this.ckmGenericToVendorMap.getOrDefault(Long.valueOf(j), Long.valueOf(j)).longValue() : j;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public long ckmVendorToGeneric(long j) {
        return this.withVendorCodeMap ? this.ckmVendorToGenericMap.getOrDefault(Long.valueOf(j), Long.valueOf(j)).longValue() : j;
    }

    public String toString() {
        return this.pkcs11 != null ? this.pkcs11.toString() : "null";
    }

    /* JADX WARN: Multi-variable type inference failed */
    private static void loadWrapperFromJar() throws IOException {
        String[] strArr = {"unix/linux-", "windows/win-", "unix/macosx_universal/"};
        String[] strArr2 = {".so", ".dll", ".jnilib"};
        String[] strArr3 = {"lib", "", "lib", "lib"};
        String[] strArr4 = {"x86_64/", "x86/", "arm/", "aarch64/"};
        int i = 0;
        String lowerCase = System.getProperty("os.name").toLowerCase(Locale.ROOT);
        char c = lowerCase.contains("win") ? (char) 1 : lowerCase.contains("linux") ? (char) 0 : lowerCase.contains("mac") ? (char) 2 : (char) 0;
        String lowerCase2 = System.getProperty("os.arch").toLowerCase(Locale.ROOT);
        boolean z = lowerCase2.contains("aarch64") ? BEHAVIOUR_EC_PRIVATEKEY_ECPOINT : lowerCase2.contains("arm") ? 2 : lowerCase2.contains("64") ? false : (lowerCase2.contains("32") || lowerCase2.contains("86")) ? true : -1;
        boolean z2 = z;
        boolean z3 = z;
        if (z2 == -1) {
            z3 = false;
            i = 0 + 1;
        }
        ClassLoader classLoader = PKCS11Module.class.getClassLoader();
        String str = null != classLoader.getResource("natives/unix/linux-x86/release/libpkcs11wrapper.so") ? "release/" : "debug/";
        String str2 = "natives/" + strArr[c];
        String str3 = c == 2 ? "" : strArr4[z3 ? 1 : 0];
        String str4 = strArr3[c] + "pkcs11wrapper";
        String str5 = strArr2[c];
        boolean z4 = false;
        do {
            String str6 = str2 + str3 + str + str4 + str5;
            InputStream resourceAsStream = classLoader.getResourceAsStream(str6);
            if (resourceAsStream != null) {
                File file = null;
                try {
                    String property = System.getProperty("PKCS11_TEMP_DIR", null);
                    if (property == null || property.isEmpty()) {
                        file = File.createTempFile(str4, str5);
                    } else {
                        File file2 = new File(property);
                        if (!file2.exists()) {
                            throw new IOException("Specified local temp directory '" + property + "' does not exist!");
                        }
                        file = File.createTempFile(str4, str5, file2);
                    }
                    if (!file.canWrite()) {
                        throw new IOException("Can't copy wrapper native library to local temporary directory - no write permission in " + file.getAbsolutePath());
                    }
                    file.deleteOnExit();
                    StaticLogger.info("PKCS11Mdule.loadWrapperFromJar: copy file {} to {}", str6, file.getAbsolutePath());
                    try {
                        Files.copy(resourceAsStream, file.toPath(), StandardCopyOption.REPLACE_EXISTING);
                        resourceAsStream.close();
                        try {
                            System.load(file.getAbsolutePath());
                            z4 = true;
                            z4 = z4;
                        } catch (UnsatisfiedLinkError e) {
                            file.delete();
                            if (i >= strArr4.length) {
                                throw new IOException("No suitable wrapper native library found in jar file. " + lowerCase + " " + lowerCase2 + " not supported.");
                            }
                            int i2 = i;
                            i++;
                            str3 = strArr4[i2];
                            z4 = z4;
                        }
                    } catch (Throwable th) {
                        resourceAsStream.close();
                        throw th;
                    }
                } catch (IOException e2) {
                    if (file != null) {
                        file.delete();
                    }
                    throw new IOException("Can't copy wrapper native library to local temporary directory. " + e2.getMessage());
                } catch (RuntimeException e3) {
                    if (file != null) {
                        file.delete();
                    }
                    throw e3;
                }
            } else {
                if (i >= strArr4.length) {
                    throw new IOException("No suitable wrapper native library for " + lowerCase + " " + lowerCase2 + " found in jar file.");
                }
                int i3 = i;
                i++;
                str3 = strArr4[i3];
                z4 = z4;
            }
        } while (!z4);
    }

    private static VendorConfBlock readVendorBlock(BufferedReader bufferedReader) throws IOException {
        boolean z = false;
        VendorConfBlock vendorConfBlock = null;
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                return vendorConfBlock;
            }
            String trim = readLine.trim();
            if (!trim.isEmpty() && trim.charAt(0) != '#') {
                if (trim.startsWith("<vendor>")) {
                    vendorConfBlock = new VendorConfBlock();
                    z = true;
                } else {
                    if (trim.startsWith("</vendor>")) {
                        vendorConfBlock.validate();
                        return vendorConfBlock;
                    }
                    if (z) {
                        if (trim.startsWith("module.")) {
                            int indexOf = trim.indexOf(32);
                            if (indexOf != -1) {
                                String trim2 = trim.substring(indexOf + 1).trim();
                                if (!trim2.isEmpty()) {
                                    String trim3 = trim.substring(0, indexOf).trim();
                                    List asList = Arrays.asList(trim2.toLowerCase(Locale.ROOT).split(":"));
                                    if (trim3.equalsIgnoreCase("module.path")) {
                                        vendorConfBlock.modulePaths = asList;
                                    } else if (trim3.equalsIgnoreCase("module.mid")) {
                                        vendorConfBlock.manufacturerIDs = asList;
                                    } else if (trim3.equalsIgnoreCase("module.description")) {
                                        vendorConfBlock.descriptions = asList;
                                    } else if (trim3.equalsIgnoreCase("module.version")) {
                                        vendorConfBlock.versions = asList;
                                    }
                                }
                            }
                        } else if (trim.startsWith("CKK_") || trim.startsWith("CKM_")) {
                            int indexOf2 = trim.indexOf(32);
                            if (indexOf2 != -1) {
                                vendorConfBlock.nameToCodeMap.put(trim.substring(0, indexOf2).trim(), trim.substring(indexOf2 + 1).trim());
                            }
                        } else if (trim.startsWith("VENDOR_BEHAVIORS ")) {
                            String trim4 = trim.substring(trim.indexOf(32) + 1).trim();
                            if (!trim4.isEmpty()) {
                                vendorConfBlock.vendorBehaviours = trim4;
                            }
                        }
                    }
                }
            }
        }
    }

    private void initVendor() {
        try {
            String pkcs11ModulePath = this.pkcs11.getPkcs11ModulePath();
            ModuleInfo info = getInfo();
            String manufacturerID = info.getManufacturerID();
            String libraryDescription = info.getLibraryDescription();
            Version libraryVersion = info.getLibraryVersion();
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(System.getProperty("org.xipki.pkcs11.vendor.conf") != null ? Files.newInputStream(Paths.get(pkcs11ModulePath, new String[0]), new OpenOption[0]) : PKCS11Module.class.getClassLoader().getResourceAsStream("org/xipki/pkcs11/wrapper/vendor.conf")));
            while (true) {
                try {
                    VendorConfBlock readVendorBlock = readVendorBlock(bufferedReader);
                    if (readVendorBlock == null) {
                        bufferedReader.close();
                        break;
                    }
                    if (readVendorBlock.matches(pkcs11ModulePath, manufacturerID, libraryDescription, libraryVersion)) {
                        StaticLogger.info("found <vendor> configuration: {}", readVendorBlock);
                        if (readVendorBlock.vendorBehaviours != null) {
                            StringTokenizer stringTokenizer = new StringTokenizer(readVendorBlock.vendorBehaviours, ":, \t");
                            while (stringTokenizer.hasMoreTokens()) {
                                String nextToken = stringTokenizer.nextToken();
                                if ("SM2_SIGNATURE_X962".equalsIgnoreCase(nextToken)) {
                                    this.vendorBehaviours.add(2);
                                } else if ("ECDSA_SIGNATURE_X962".equalsIgnoreCase(nextToken)) {
                                    this.vendorBehaviours.add(1);
                                } else if ("SM2_PRIVATEKEY_ECPOINT".equalsIgnoreCase(nextToken)) {
                                    this.vendorBehaviours.add(4);
                                } else if ("EC_PRIVATEKEY_ECPOINT".equalsIgnoreCase(nextToken)) {
                                    this.vendorBehaviours.add(Integer.valueOf(BEHAVIOUR_EC_PRIVATEKEY_ECPOINT));
                                } else {
                                    StaticLogger.warn("Ignored unknown vendor behaviour '" + nextToken + "'.", new Object[0]);
                                }
                            }
                        }
                        for (Map.Entry entry : readVendorBlock.nameToCodeMap.entrySet()) {
                            String upperCase = ((String) entry.getKey()).toUpperCase(Locale.ROOT);
                            String upperCase2 = ((String) entry.getValue()).toUpperCase(Locale.ROOT);
                            long parseLong = upperCase2.startsWith("0X") ? Long.parseLong(upperCase2.substring(2), 16) : Long.parseLong(upperCase2);
                            if (upperCase.startsWith("CKK_VENDOR_")) {
                                Long ckkNameToCode = PKCS11Constants.ckkNameToCode(upperCase);
                                if (ckkNameToCode == null) {
                                    throw new IllegalStateException("unknown name in vendor block: " + upperCase);
                                }
                                this.ckkGenericToVendorMap.put(ckkNameToCode, Long.valueOf(parseLong));
                            } else {
                                if (!upperCase.startsWith("CKM_VENDOR_")) {
                                    throw new IllegalStateException("Unknown name in vendor block: " + upperCase);
                                }
                                Long ckmNameToCode = PKCS11Constants.ckmNameToCode(upperCase);
                                if (ckmNameToCode == null) {
                                    throw new IllegalStateException("unknown name in vendor block: " + upperCase);
                                }
                                this.ckmGenericToVendorMap.put(ckmNameToCode, Long.valueOf(parseLong));
                            }
                            for (Map.Entry<Long, Long> entry2 : this.ckkGenericToVendorMap.entrySet()) {
                                this.ckkVendorToGenericMap.put(entry2.getValue(), entry2.getKey());
                            }
                            for (Map.Entry<Long, Long> entry3 : this.ckmGenericToVendorMap.entrySet()) {
                                this.ckmVendorToGenericMap.put(entry3.getValue(), entry3.getKey());
                            }
                        }
                    }
                } finally {
                }
            }
        } catch (Exception e) {
            StaticLogger.warn("error reading VENDOR code mapping, ignore it.", new Object[0]);
            this.withVendorCodeMap = (this.ckmGenericToVendorMap.isEmpty() && this.ckkGenericToVendorMap.isEmpty()) ? false : true;
        }
    }
}
