package com.rsa.crypto.ncm;

import com.rsa.crypto.CryptoException;
import com.rsa.crypto.CryptoModule;
import com.rsa.crypto.EntropySource;
import com.rsa.crypto.FIPS140Context;
import com.rsa.crypto.ModuleConfig;
import com.rsa.crypto.ncm.ccme.CCMEException;
import com.rsa.crypto.ncm.ccme.CCMEFIPS140Provider;
import com.rsa.crypto.ncm.ccme.CCMELibraryContext;
import com.rsa.crypto.ncm.ccme.CCMEPKCS11Provider;
import com.rsa.crypto.ncm.ccme.CCMEProvider;
import com.rsa.cryptoj.o.es;
import com.rsa.cryptoj.o.od;
import java.io.File;
import java.nio.charset.Charset;
import java.util.Calendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;

/* loaded from: input_file:META-INF/lib/cryptojcommon-6.0.0.jar:com/rsa/crypto/ncm/a.class */
public class a implements ModuleConfig {
    private static final String b = "FIPS-140 security roles are not supported";
    private static final String c = "Invalid FIPS-140 configuration";
    private static final String d = "Invalid FIPS-140 context";
    private static final String e = "Invalid use of the FIPS140 security level APIs";
    private static final Charset f = Charset.forName("UTF-8");
    es a;
    private final Map<String, CCMELibraryContext> h = new HashMap();
    private final Map<FIPS140Context, CCMELibraryContext> i = new HashMap();
    private final CCMELibraryContext g = new CCMELibraryContext();

    public a(es esVar) {
        this.a = esVar;
    }

    private void b() {
        if (!isFIPS140Compliant() || getSecurityLevel() != 2) {
            throw new CryptoException(e);
        }
    }

    @Override // com.rsa.crypto.ModuleConfig
    public boolean isFIPS140Compliant() {
        return this.a != null;
    }

    @Override // com.rsa.crypto.ModuleConfig
    public int getSecurityLevel() {
        if (this.a != null) {
            return this.a.a();
        }
        return 0;
    }

    @Override // com.rsa.crypto.ModuleConfig
    public void setFIPS140RolePIN(byte[] bArr, int i, byte[] bArr2, File file) {
        throw new CryptoException(e);
    }

    @Override // com.rsa.crypto.ModuleConfig
    public void setFIPS140RolePIN(byte[] bArr, int i, byte[] bArr2, Calendar calendar, File file) {
        throw new CryptoException(e);
    }

    @Override // com.rsa.crypto.ModuleConfig
    public byte[] resetFIPS140RolePIN(byte[] bArr, int i, File file) {
        throw new CryptoException(e);
    }

    @Override // com.rsa.crypto.ModuleConfig
    public byte[] resetFIPS140RolePIN(byte[] bArr, int i, Calendar calendar, File file) {
        throw new CryptoException(e);
    }

    @Override // com.rsa.crypto.ModuleConfig
    public byte[][] initFIPS140RolePINs(File file) {
        throw new CryptoException(e);
    }

    @Override // com.rsa.crypto.ModuleConfig
    public byte[][] initFIPS140RolePINs(Calendar calendar, Calendar calendar2, File file) {
        throw new CryptoException(e);
    }

    @Override // com.rsa.crypto.ModuleConfig
    public FIPS140Context getFIPS140Context(int i, int i2) {
        if (isFIPS140Compliant() && this.a.a() == 2) {
            throw new CryptoException(e);
        }
        if (!isFIPS140Compliant()) {
            od odVar = new od(i, i2);
            this.i.put(odVar, this.g);
            return odVar;
        }
        try {
            CCMELibraryContext cCMELibraryContext = new CCMELibraryContext(new CCMEFIPS140Provider(this.a));
            cCMELibraryContext.initializeFIPS140ProviderWithContext(i);
            od odVar2 = new od(i, i2);
            this.i.put(odVar2, cCMELibraryContext);
            return odVar2;
        } catch (CCMEException e2) {
            if (e2.getErrorCode() == 10025) {
                throw new SecurityException(e);
            }
            if (e2.getErrorCode() == 10018) {
                throw new SecurityException(e2.getMessage());
            }
            throw e2;
        }
    }

    @Override // com.rsa.crypto.ModuleConfig
    public FIPS140Context getFIPS140Context(int i, int i2, byte[] bArr, File file) {
        b();
        if (file == null) {
            throw new CryptoException("Module Configuration File cannot be null.");
        }
        try {
            CCMEFIPS140Provider cCMEFIPS140Provider = new CCMEFIPS140Provider(this.a);
            CCMELibraryContext cCMELibraryContext = new CCMELibraryContext(cCMEFIPS140Provider);
            cCMEFIPS140Provider.authenticateRole(i2, bArr, file);
            cCMELibraryContext.initializeFIPS140ProviderWithContext(i);
            od odVar = new od(i, i2);
            this.i.put(odVar, cCMELibraryContext);
            return odVar;
        } catch (CCMEException e2) {
            if (e2.getErrorCode() == 10025) {
                throw new CryptoException(e);
            }
            throw e2;
        }
    }

    @Override // com.rsa.crypto.ModuleConfig
    public synchronized CryptoModule newCryptoModule(FIPS140Context fIPS140Context) {
        if (!isFIPS140Compliant()) {
            return new b(this.g);
        }
        if (fIPS140Context == null || !(fIPS140Context instanceof od)) {
            throw new CryptoException(d);
        }
        CCMELibraryContext cCMELibraryContext = this.i.get(fIPS140Context);
        if (cCMELibraryContext == null) {
            throw new CryptoException(d);
        }
        CCMEProvider provider = cCMELibraryContext.getProvider();
        if (!(provider instanceof CCMEFIPS140Provider)) {
            throw new CryptoException("Invalid Provider.");
        }
        ((CCMEFIPS140Provider) provider).setRole(fIPS140Context.getRole());
        return new b(cCMELibraryContext);
    }

    public synchronized CryptoModule a(String str, String str2, char[] cArr) {
        if (str == null) {
            throw new IllegalArgumentException("driverLibraryPath parameter is null");
        }
        CCMELibraryContext a = a(new File(str).getName(), str);
        byte[] bArr = null;
        if (str2 != null) {
            bArr = str2.trim().getBytes(f);
        }
        if (cArr != null) {
            CCMEProvider provider = a.getProvider();
            if (!(provider instanceof CCMEPKCS11Provider)) {
                throw new CryptoException("Invalid Provider.");
            }
            ((CCMEPKCS11Provider) provider).setPin(bArr, cArr);
        }
        return new b(a, bArr);
    }

    private CCMELibraryContext a(String str, String str2) {
        CCMELibraryContext cCMELibraryContext = this.h.get(str);
        if (cCMELibraryContext == null) {
            cCMELibraryContext = new CCMELibraryContext(new CCMEPKCS11Provider(str2));
            this.h.put(str, cCMELibraryContext);
        }
        return cCMELibraryContext;
    }

    @Override // com.rsa.crypto.ModuleConfig
    public void setEntropySource(EntropySource entropySource) {
        c.a(entropySource);
    }

    @Override // com.rsa.crypto.ModuleConfig
    public EntropySource getEntropySource() {
        return c.a();
    }

    @Override // com.rsa.crypto.ModuleConfig
    public double getVersionDouble() {
        return 6.0d;
    }

    @Override // com.rsa.crypto.ModuleConfig
    public String getVersionString() {
        return "6.0";
    }

    public synchronized void a() {
        this.g.close();
        Iterator<CCMELibraryContext> it = this.h.values().iterator();
        while (it.hasNext()) {
            it.next().close();
        }
        Iterator<CCMELibraryContext> it2 = this.i.values().iterator();
        while (it2.hasNext()) {
            it2.next().close();
        }
        this.h.clear();
    }
}
