package com.ibm.hod5sslight;

import com.ibm.pkcs11.PKCS11Object;
import com.ibm.pkcs11.PKCS11Session;
import java.math.BigInteger;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:install/linkwfhats.zip:linkhatsXX_linkwfXXEAR/hasslite.jar:com/ibm/hod5sslight/SSLPKCS11Cert.class */
public class SSLPKCS11Cert extends SSLCert {
    PKCS11Object pkcs11Cert;
    PKCS11Object pkcs11Key;
    boolean decrypt;
    private static byte[] tmpkeydata = {17, 34, 51, 68, 85, 102, 119, -120};
    private static int[] tmpkeytypes = {0, 256, 1, 262, 17};
    private static Object[] tmpkeyvalues = {PKCS11Object.SECRET_KEY, PKCS11Object.DES, PKCS11Object.FALSE, PKCS11Object.TRUE, tmpkeydata};
    private static int[] keycomponents = {288, 290, 291, 292, 293, 294, 295, 296};

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLPKCS11Cert(SSLToken sSLToken, PKCS11Object pKCS11Object, String str, byte[] bArr, PKCS11Object pKCS11Object2) {
        super(bArr, (byte[]) null, str);
        this.type = 2;
        this.token = sSLToken;
        this.pkcs11Cert = pKCS11Object;
        this.pkcs11Key = pKCS11Object2;
        this.decrypt = pKCS11Object2.getBoolAttributeValue(261);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLPKCS11Cert(SSLToken sSLToken, PKCS11Object pKCS11Object, String str, byte[] bArr) {
        super(bArr, str);
        this.token = sSLToken;
        this.pkcs11Cert = pKCS11Object;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLPKCS11Cert(SSLToken sSLToken, String str, PKCS11Object pKCS11Object) {
        super(getComponents(pKCS11Object), (CL3) null, str);
        this.type = 5;
        this.token = sSLToken;
        this.pkcs11Key = pKCS11Object;
        this.decrypt = pKCS11Object.getBoolAttributeValue(261);
    }

    static CL3 getComponents(PKCS11Object pKCS11Object) {
        BigInteger[] bigIntegerArr = new BigInteger[2];
        bigIntegerArr[0] = pKCS11Object.getBigIntegerAttributeValue(288);
        try {
            bigIntegerArr[1] = pKCS11Object.getBigIntegerAttributeValue(290);
        } catch (Throwable th) {
            bigIntegerArr[1] = BigInteger.valueOf(65537L);
        }
        byte[] encodeKeyMaterial = CL3.encodeKeyMaterial(bigIntegerArr);
        return CL3.importKey(CL3.SPKI, encodeKeyMaterial, 0, encodeKeyMaterial.length);
    }

    @Override // com.ibm.hod5sslight.SSLCert
    boolean decryptionCapability() {
        return (this.alg == 0 || this.pkcs11Key == null || !this.decrypt) ? false : true;
    }

    @Override // com.ibm.hod5sslight.SSLCert
    public byte[] generateSignature(byte[] bArr, int i, int i2, int i3) {
        int sign;
        if (this.pkcs11Key != null) {
            if (this.alg != 1) {
                throw new SSLRuntimeException(11);
            }
            byte[] bArr2 = new byte[this.keyL];
            int i4 = i3 & 65535;
            if ((i4 & (-8)) == 0) {
                if (i4 != 0) {
                    byte[] digest = CL3.digest(i4 | CL3.DIGEST_INFO, 0, bArr, i, i2, null, 0);
                    bArr = digest;
                    i2 = digest.length;
                    i = 0;
                }
                synchronized (this.token) {
                    PKCS11Session session = this.pkcs11Key.getSession();
                    session.signInit(1, null, this.pkcs11Key);
                    sign = session.sign(bArr, i, i2, bArr2, 0);
                }
                if (sign < bArr2.length) {
                    fill(bArr2, 0, sign, bArr2);
                }
                return bArr2;
            }
        }
        throw new SSLRuntimeException(1);
    }

    @Override // com.ibm.hod5sslight.SSLCert
    public byte[] decrypt(int i, Object obj, byte[] bArr, int i2, int i3) {
        int decrypt;
        byte[] bArr2 = new byte[this.keyL];
        if (i != 0) {
            throw new SSLRuntimeException(1);
        }
        synchronized (this.token) {
            PKCS11Session session = this.pkcs11Key.getSession();
            session.decryptInit(1, null, this.pkcs11Key);
            decrypt = session.decrypt(bArr, i2, i3, bArr2, 0);
        }
        byte[] bArr3 = new byte[decrypt];
        System.arraycopy(bArr2, 0, bArr3, 0, decrypt);
        return bArr3;
    }

    static void fill(byte[] bArr, int i, int i2, byte[] bArr2) {
        int length = bArr2.length - 1;
        int i3 = i2 - 1;
        while (length >= 0) {
            bArr2[length] = i3 >= 0 ? bArr[i + i3] : (byte) 0;
            length--;
            i3--;
        }
    }

    @Override // com.ibm.hod5sslight.SSLCert
    public synchronized int addCRL(SSLCRL sslcrl, boolean z, boolean z2) {
        if (z) {
            throw new SSLRuntimeException(1);
        }
        return super.addCRL(sslcrl, z, z2);
    }

    /*  JADX ERROR: NullPointerException in pass: RegionMakerVisitor
        java.lang.NullPointerException
        */
    /* JADX WARN: Finally extract failed */
    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.ibm.hod5sslight.SSLCert
    public byte[] encodePrivateKey() throws com.ibm.hod5sslight.SSLRuntimeException {
        /*
            Method dump skipped, instructions count: 231
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.hod5sslight.SSLPKCS11Cert.encodePrivateKey():byte[]");
    }
}
