package iaik.pkcs.pkcs11.provider;

import iaik.asn1.DerCoder;
import iaik.asn1.ObjectID;
import iaik.asn1.SEQUENCE;
import iaik.asn1.structures.Attribute;
import iaik.asn1.structures.Name;
import iaik.pkcs.pkcs11.Mechanism;
import iaik.pkcs.pkcs11.MechanismInfo;
import iaik.pkcs.pkcs11.Session;
import iaik.pkcs.pkcs11.Token;
import iaik.pkcs.pkcs11.TokenException;
import iaik.pkcs.pkcs11.TokenInfo;
import iaik.pkcs.pkcs11.objects.BooleanAttribute;
import iaik.pkcs.pkcs11.objects.ByteArrayAttribute;
import iaik.pkcs.pkcs11.objects.CharArrayAttribute;
import iaik.pkcs.pkcs11.objects.DHPrivateKey;
import iaik.pkcs.pkcs11.objects.DHPublicKey;
import iaik.pkcs.pkcs11.objects.DSAPrivateKey;
import iaik.pkcs.pkcs11.objects.ECDSAPrivateKey;
import iaik.pkcs.pkcs11.objects.ECDSAPublicKey;
import iaik.pkcs.pkcs11.objects.GenericTemplate;
import iaik.pkcs.pkcs11.objects.KEAPrivateKey;
import iaik.pkcs.pkcs11.objects.KEAPublicKey;
import iaik.pkcs.pkcs11.objects.Key;
import iaik.pkcs.pkcs11.objects.Object;
import iaik.pkcs.pkcs11.objects.PrivateKey;
import iaik.pkcs.pkcs11.objects.RSAPrivateKey;
import iaik.pkcs.pkcs11.objects.SecretKey;
import iaik.pkcs.pkcs11.objects.Storage;
import iaik.pkcs.pkcs11.objects.X509AttributeCertificate;
import iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate;
import iaik.pkcs.pkcs11.provider.keyfactories.PKCS11KeySpec;
import iaik.pkcs.pkcs11.provider.keys.IAIKPKCS11Key;
import iaik.pkcs.pkcs11.provider.keys.IAIKPKCS11PrivateKey;
import iaik.pkcs.pkcs11.provider.keys.IAIKPKCS11PublicKey;
import iaik.pkcs.pkcs11.provider.keys.IAIKPKCS11SecretKey;
import iaik.utils.RFC2253NameParserException;
import iaik.utils.Util;
import iaik.x509.X509ExtensionException;
import iaik.x509.X509ExtensionInitException;
import iaik.x509.attr.AttributeCertificate;
import iaik.x509.extensions.AuthorityKeyIdentifier;
import iaik.x509.extensions.BasicConstraints;
import iaik.x509.extensions.KeyUsage;
import iaik.x509.extensions.SubjectKeyIdentifier;
import java.io.ByteArrayInputStream;
import java.io.CharArrayWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.Vector;
import javax.crypto.SecretKeyFactory;

/* loaded from: input_file:iaikPkcs11Provider.jar:iaik/pkcs/pkcs11/provider/TokenKeyStoreSpi.class */
public class TokenKeyStoreSpi extends KeyStoreSpi implements PKCS11EngineClass {
    private static final boolean DEBUG = false;
    public static final String KEY_STORE_TYPE = "TokenKeyStoreSpi";
    protected TokenManager tokenManager_;
    protected Session readSession_;
    protected Session writeSession_;
    protected HashSet aliases_;
    protected Hashtable keys_;
    protected Hashtable certificateChains_;
    protected Hashtable trustedCertificates_;
    protected Hashtable keyAliasToPkcs11ObjectTable_;
    protected Hashtable certificateChainAliasToPkcs11ObjectsTable_;
    protected Hashtable trustedCertificateAliasToPkcs11ObjectTable_;
    protected boolean isUpToDate_;
    protected boolean useUserSession_;
    protected TokenInfo infoOfRecentToken_;
    protected byte[] lastNewID_;
    protected String supportProviderName_;
    protected Mechanism[] usedMechanisms_;
    protected MechanismInfo[] usedMechanismInfos_;
    protected char[] userPIN_;
    static Class class$java$security$spec$RSAPrivateCrtKeySpec;
    static Class class$java$security$spec$RSAPrivateKeySpec;
    static Class class$java$security$spec$DSAPrivateKeySpec;
    static Class class$java$security$spec$PKCS8EncodedKeySpec;
    static Class class$javax$crypto$spec$DHPrivateKeySpec;
    static Class class$java$security$spec$RSAPublicKeySpec;
    static Class class$java$security$spec$DSAPublicKeySpec;
    static Class class$java$security$spec$X509EncodedKeySpec;
    static Class class$javax$crypto$spec$DHPublicKeySpec;
    static Class class$javax$crypto$spec$DESedeKeySpec;
    static Class class$javax$crypto$spec$DESKeySpec;
    static Class class$javax$crypto$spec$SecretKeySpec;

    public TokenKeyStoreSpi() {
    }

    public TokenKeyStoreSpi(TokenManager tokenManager) {
        if (tokenManager == null) {
            throw new NullPointerException("Argument \"tokenManager\" must not be null");
        }
        this.tokenManager_ = tokenManager;
        initialize();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    protected synchronized void clearTables() {
        this.aliases_.clear();
        this.keys_.clear();
        this.certificateChains_.clear();
        this.trustedCertificates_.clear();
        this.keyAliasToPkcs11ObjectTable_.clear();
        this.certificateChainAliasToPkcs11ObjectsTable_.clear();
        this.trustedCertificateAliasToPkcs11ObjectTable_.clear();
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected synchronized Object createCertificate(Certificate certificate, byte[] bArr, char[] cArr) throws KeyStoreException {
        X509AttributeCertificate x509AttributeCertificate;
        byte[] bArr2;
        byte[] fingerprint;
        if (certificate == null) {
            throw new NullPointerException("Argument \"certificate\" must not be null.");
        }
        try {
            ensureWriteSession();
            try {
                if (certificate instanceof X509Certificate) {
                    iaik.x509.X509Certificate x509Certificate = certificate instanceof iaik.x509.X509Certificate ? (iaik.x509.X509Certificate) certificate : new iaik.x509.X509Certificate(certificate.getEncoded());
                    if (bArr == null) {
                        MessageDigest messageDigest = null;
                        PublicKey publicKey = x509Certificate.getPublicKey();
                        if (publicKey instanceof RSAPublicKey) {
                            byte[] byteArray = ((RSAPublicKey) publicKey).getModulus().toByteArray();
                            if (0 == 0) {
                                messageDigest = this.supportProviderName_ != null ? MessageDigest.getInstance("SHA-1", this.supportProviderName_) : MessageDigest.getInstance("SHA-1");
                            }
                            fingerprint = messageDigest.digest(byteArray);
                        } else if (publicKey instanceof DSAPublicKey) {
                            byte[] byteArray2 = ((DSAPublicKey) publicKey).getY().toByteArray();
                            if (0 == 0) {
                                messageDigest = this.supportProviderName_ != null ? MessageDigest.getInstance("SHA-1", this.supportProviderName_) : MessageDigest.getInstance("SHA-1");
                            }
                            fingerprint = messageDigest.digest(byteArray2);
                        } else {
                            fingerprint = x509Certificate.getFingerprint("SHA-1");
                        }
                        bArr2 = generateNewID(fingerprint);
                    } else {
                        bArr2 = bArr;
                    }
                    X509PublicKeyCertificate x509PublicKeyCertificate = new X509PublicKeyCertificate();
                    byte[] byteArray3 = x509Certificate.getSerialNumber().toByteArray();
                    Name name = (Name) x509Certificate.getSubjectDN();
                    Name name2 = (Name) x509Certificate.getIssuerDN();
                    if (cArr == null) {
                        String rdn = name.getRDN(ObjectID.commonName);
                        String rdn2 = name2.getRDN(ObjectID.commonName);
                        cArr = new StringBuffer(String.valueOf(rdn)).append("'s ").append(rdn2 != null ? new StringBuffer(String.valueOf(rdn2)).append(" ").toString() : "").append("Certificate").toString().toCharArray();
                    }
                    x509PublicKeyCertificate.getToken().setBooleanValue(Boolean.TRUE);
                    x509PublicKeyCertificate.getPrivate().setBooleanValue(Boolean.FALSE);
                    x509PublicKeyCertificate.getLabel().setCharArrayValue(cArr);
                    x509PublicKeyCertificate.getId().setByteArrayValue(bArr2);
                    x509PublicKeyCertificate.getSubject().setByteArrayValue(name.getEncoded());
                    x509PublicKeyCertificate.getIssuer().setByteArrayValue(name2.getEncoded());
                    x509PublicKeyCertificate.getSerialNumber().setByteArrayValue(byteArray3);
                    x509PublicKeyCertificate.getValue().setByteArrayValue(x509Certificate.getEncoded());
                    x509AttributeCertificate = x509PublicKeyCertificate;
                } else {
                    if (!(certificate instanceof AttributeCertificate)) {
                        throw new KeyStoreException(new StringBuffer("Unsupported certificate type: ").append(certificate.getClass().getName()).toString());
                    }
                    AttributeCertificate attributeCertificate = (AttributeCertificate) certificate;
                    X509AttributeCertificate x509AttributeCertificate2 = new X509AttributeCertificate();
                    byte[] byteArray4 = attributeCertificate.getSerialNumber().toByteArray();
                    if (cArr == null) {
                        cArr = "Attribute Certificate".toCharArray();
                    }
                    byte[] encode = DerCoder.encode(attributeCertificate.getHolder().toASN1Object());
                    byte[] encode2 = DerCoder.encode(attributeCertificate.getIssuer().toASN1Object());
                    SEQUENCE sequence = new SEQUENCE();
                    Enumeration attributes = attributeCertificate.getAttributes();
                    while (attributes.hasMoreElements()) {
                        sequence.addComponent(((Attribute) attributes.nextElement()).getType());
                    }
                    byte[] encode3 = DerCoder.encode(sequence);
                    x509AttributeCertificate2.getToken().setBooleanValue(Boolean.TRUE);
                    x509AttributeCertificate2.getPrivate().setBooleanValue(Boolean.FALSE);
                    x509AttributeCertificate2.getLabel().setCharArrayValue(cArr);
                    x509AttributeCertificate2.getOwner().setByteArrayValue(encode);
                    x509AttributeCertificate2.getAcIssuer().setByteArrayValue(encode2);
                    x509AttributeCertificate2.getSerialNumber().setByteArrayValue(byteArray4);
                    x509AttributeCertificate2.getAttrTypes().setByteArrayValue(encode3);
                    x509AttributeCertificate2.getValue().setByteArrayValue(attributeCertificate.getEncoded());
                    x509AttributeCertificate = x509AttributeCertificate2;
                }
                return this.writeSession_.createObject(x509AttributeCertificate);
            } catch (TokenException e) {
                throw new KeyStoreException(e.toString());
            } catch (GeneralSecurityException e2) {
                throw new KeyStoreException(e2.toString());
            }
        } catch (TokenException e3) {
            throw new KeyStoreException(e3.toString());
        }
    }

    protected synchronized iaik.x509.X509Certificate[] createCertificateChain(iaik.x509.X509Certificate x509Certificate, Map map) {
        iaik.x509.X509Certificate x509Certificate2;
        if (x509Certificate == null) {
            throw new NullPointerException("Argument \"userCertificate\" must not be null.");
        }
        if (map == null) {
            throw new NullPointerException("Argument \"subjectToCertificatesMap\" must not be null.");
        }
        Vector vector = new Vector(4);
        vector.add(x509Certificate);
        iaik.x509.X509Certificate x509Certificate3 = x509Certificate;
        int i = 100;
        try {
            String rFC2253String = ((Name) x509Certificate3.getIssuerDN()).getRFC2253String();
            Object obj = map.get(rFC2253String);
            if (obj == null) {
                x509Certificate2 = null;
            } else if (obj instanceof Vector) {
                Vector vector2 = (Vector) obj;
                x509Certificate2 = (iaik.x509.X509Certificate) vector2.remove(0);
                if (vector2.size() == 0) {
                    map.put(rFC2253String, x509Certificate2);
                }
            } else {
                x509Certificate2 = (iaik.x509.X509Certificate) obj;
            }
            while (x509Certificate2 != null) {
                if (!x509Certificate3.equals(x509Certificate2)) {
                    int i2 = i;
                    i--;
                    if (i2 > 0) {
                        AuthorityKeyIdentifier authorityKeyIdentifier = (AuthorityKeyIdentifier) x509Certificate3.getExtension(AuthorityKeyIdentifier.oid);
                        SubjectKeyIdentifier subjectKeyIdentifier = (SubjectKeyIdentifier) x509Certificate2.getExtension(SubjectKeyIdentifier.oid);
                        if (authorityKeyIdentifier != null && subjectKeyIdentifier != null && !Arrays.equals(authorityKeyIdentifier.getKeyIdentifier(), subjectKeyIdentifier.get())) {
                            break;
                        }
                        vector.add(x509Certificate2);
                        x509Certificate3 = x509Certificate2;
                        String rFC2253String2 = ((Name) x509Certificate3.getIssuerDN()).getRFC2253String();
                        Object obj2 = map.get(rFC2253String2);
                        if (obj2 == null) {
                            x509Certificate2 = null;
                        } else if (obj2 instanceof Vector) {
                            Vector vector3 = (Vector) obj2;
                            x509Certificate2 = (iaik.x509.X509Certificate) vector3.remove(0);
                            if (vector3.size() == 0) {
                                map.put(rFC2253String2, x509Certificate2);
                            }
                        } else {
                            x509Certificate2 = (iaik.x509.X509Certificate) obj2;
                        }
                    } else {
                        break;
                    }
                } else {
                    break;
                }
            }
        } catch (RFC2253NameParserException e) {
            e.printStackTrace(IAIKPkcs11.errorStream_);
        } catch (X509ExtensionException e2) {
            e2.printStackTrace(IAIKPkcs11.errorStream_);
        }
        return (iaik.x509.X509Certificate[]) vector.toArray(new iaik.x509.X509Certificate[vector.size()]);
    }

    protected Key createKeyCreationTemplate(Key key) {
        if (key == null) {
            throw new NullPointerException("Argument \"baseKey\" must not be null.");
        }
        Key key2 = (Key) key.clone();
        key2.getKeyGenMechanism().setPresent(false);
        key2.getLocal().setPresent(false);
        if (key2 instanceof PrivateKey) {
            PrivateKey privateKey = (PrivateKey) key2;
            privateKey.getAuthPinFlags().setPresent(false);
            privateKey.getAlwaysSensitive().setPresent(false);
            privateKey.getNeverExtractable().setPresent(false);
            if (key2 instanceof DHPrivateKey) {
                ((DHPrivateKey) key2).getValueBits().setPresent(false);
            }
        } else if (key2 instanceof iaik.pkcs.pkcs11.objects.PublicKey) {
            if (key2 instanceof iaik.pkcs.pkcs11.objects.RSAPublicKey) {
                ((iaik.pkcs.pkcs11.objects.RSAPublicKey) key2).getModulusBits().setPresent(false);
            }
        } else if (key2 instanceof SecretKey) {
            SecretKey secretKey = (SecretKey) key2;
            secretKey.getAlwaysSensitive().setPresent(false);
            secretKey.getNeverExtractable().setPresent(false);
            iaik.pkcs.pkcs11.objects.Attribute attribute = (iaik.pkcs.pkcs11.objects.Attribute) secretKey.getAttributeTable().get(iaik.pkcs.pkcs11.objects.Attribute.VALUE_LEN);
            if (attribute != null) {
                attribute.setPresent(false);
            }
        }
        return key2;
    }

    protected KeySpec createKeySpec(java.security.Key key, Class cls) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException, KeyStoreException {
        KeyFactory keyFactory;
        if (key == null) {
            throw new NullPointerException("Argument \"key\" must not be null.");
        }
        if (cls == null) {
            throw new NullPointerException("Argument \"keySpecClass\" must not be null.");
        }
        try {
            keyFactory = this.supportProviderName_ != null ? KeyFactory.getInstance(key.getAlgorithm(), this.supportProviderName_) : KeyFactory.getInstance(key.getAlgorithm());
        } catch (NoSuchAlgorithmException e) {
            keyFactory = KeyFactory.getInstance(key.getAlgorithm());
        } catch (NoSuchProviderException e2) {
            keyFactory = KeyFactory.getInstance(key.getAlgorithm());
        }
        return keyFactory.getKeySpec(key, cls);
    }

    protected KeySpec createPrivateKeySpec(java.security.Key key) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException, KeyStoreException {
        Class class$;
        Class cls;
        Class class$2;
        Class class$3;
        Class class$4;
        Class class$5;
        if (key == null) {
            throw new NullPointerException("Argument \"key\" must not be null.");
        }
        String algorithm = key.getAlgorithm();
        if (algorithm.equalsIgnoreCase(IAIKPKCS11Key.RSA)) {
            if (key instanceof RSAPrivateCrtKey) {
                if (class$java$security$spec$RSAPrivateCrtKeySpec != null) {
                    class$5 = class$java$security$spec$RSAPrivateCrtKeySpec;
                } else {
                    class$5 = class$("java.security.spec.RSAPrivateCrtKeySpec");
                    class$java$security$spec$RSAPrivateCrtKeySpec = class$5;
                }
                cls = class$5;
            } else {
                if (class$java$security$spec$RSAPrivateKeySpec != null) {
                    class$4 = class$java$security$spec$RSAPrivateKeySpec;
                } else {
                    class$4 = class$("java.security.spec.RSAPrivateKeySpec");
                    class$java$security$spec$RSAPrivateKeySpec = class$4;
                }
                cls = class$4;
            }
        } else if (algorithm.equalsIgnoreCase(IAIKPKCS11Key.DSA)) {
            if (class$java$security$spec$DSAPrivateKeySpec != null) {
                class$3 = class$java$security$spec$DSAPrivateKeySpec;
            } else {
                class$3 = class$("java.security.spec.DSAPrivateKeySpec");
                class$java$security$spec$DSAPrivateKeySpec = class$3;
            }
            cls = class$3;
        } else if (algorithm.equalsIgnoreCase(IAIKPKCS11Key.ECDSA)) {
            if (class$java$security$spec$PKCS8EncodedKeySpec != null) {
                class$2 = class$java$security$spec$PKCS8EncodedKeySpec;
            } else {
                class$2 = class$("java.security.spec.PKCS8EncodedKeySpec");
                class$java$security$spec$PKCS8EncodedKeySpec = class$2;
            }
            cls = class$2;
        } else {
            if (!algorithm.equalsIgnoreCase(IAIKPKCS11Key.DH)) {
                throw new KeyStoreException(new StringBuffer("No means to convert key of algorithm: ").append(algorithm).toString());
            }
            if (class$javax$crypto$spec$DHPrivateKeySpec != null) {
                class$ = class$javax$crypto$spec$DHPrivateKeySpec;
            } else {
                class$ = class$("javax.crypto.spec.DHPrivateKeySpec");
                class$javax$crypto$spec$DHPrivateKeySpec = class$;
            }
            cls = class$;
        }
        return createKeySpec(key, cls);
    }

    protected KeySpec createPublicKeySpec(java.security.Key key) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException, KeyStoreException {
        Class class$;
        Class cls;
        Class class$2;
        Class class$3;
        Class class$4;
        if (key == null) {
            throw new NullPointerException("Argument \"key\" must not be null.");
        }
        String algorithm = key.getAlgorithm();
        if (algorithm.equalsIgnoreCase(IAIKPKCS11Key.RSA)) {
            if (class$java$security$spec$RSAPublicKeySpec != null) {
                class$4 = class$java$security$spec$RSAPublicKeySpec;
            } else {
                class$4 = class$("java.security.spec.RSAPublicKeySpec");
                class$java$security$spec$RSAPublicKeySpec = class$4;
            }
            cls = class$4;
        } else if (algorithm.equalsIgnoreCase(IAIKPKCS11Key.DSA)) {
            if (class$java$security$spec$DSAPublicKeySpec != null) {
                class$3 = class$java$security$spec$DSAPublicKeySpec;
            } else {
                class$3 = class$("java.security.spec.DSAPublicKeySpec");
                class$java$security$spec$DSAPublicKeySpec = class$3;
            }
            cls = class$3;
        } else if (algorithm.equalsIgnoreCase(IAIKPKCS11Key.ECDSA)) {
            if (class$java$security$spec$X509EncodedKeySpec != null) {
                class$2 = class$java$security$spec$X509EncodedKeySpec;
            } else {
                class$2 = class$("java.security.spec.X509EncodedKeySpec");
                class$java$security$spec$X509EncodedKeySpec = class$2;
            }
            cls = class$2;
        } else {
            if (!algorithm.equalsIgnoreCase(IAIKPKCS11Key.DH)) {
                throw new KeyStoreException(new StringBuffer("No means to convert key of algorithm: ").append(algorithm).toString());
            }
            if (class$javax$crypto$spec$DHPublicKeySpec != null) {
                class$ = class$javax$crypto$spec$DHPublicKeySpec;
            } else {
                class$ = class$("javax.crypto.spec.DHPublicKeySpec");
                class$javax$crypto$spec$DHPublicKeySpec = class$;
            }
            cls = class$;
        }
        return createKeySpec(key, cls);
    }

    protected KeySpec createSecretKeySpec(javax.crypto.SecretKey secretKey) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException, KeyStoreException {
        Class<?> class$;
        Class<?> cls;
        Class<?> class$2;
        Class<?> class$3;
        if (secretKey == null) {
            throw new NullPointerException("Argument \"key\" must not be null.");
        }
        String algorithm = secretKey.getAlgorithm();
        if (algorithm.equalsIgnoreCase(IAIKPKCS11Key.DESede)) {
            if (class$javax$crypto$spec$DESedeKeySpec != null) {
                class$3 = class$javax$crypto$spec$DESedeKeySpec;
            } else {
                class$3 = class$("javax.crypto.spec.DESedeKeySpec");
                class$javax$crypto$spec$DESedeKeySpec = class$3;
            }
            cls = class$3;
        } else if (algorithm.equalsIgnoreCase(IAIKPKCS11Key.DES)) {
            if (class$javax$crypto$spec$DESKeySpec != null) {
                class$2 = class$javax$crypto$spec$DESKeySpec;
            } else {
                class$2 = class$("javax.crypto.spec.DESKeySpec");
                class$javax$crypto$spec$DESKeySpec = class$2;
            }
            cls = class$2;
        } else {
            if (class$javax$crypto$spec$SecretKeySpec != null) {
                class$ = class$javax$crypto$spec$SecretKeySpec;
            } else {
                class$ = class$("javax.crypto.spec.SecretKeySpec");
                class$javax$crypto$spec$SecretKeySpec = class$;
            }
            cls = class$;
        }
        return (this.supportProviderName_ != null ? SecretKeyFactory.getInstance(algorithm, this.supportProviderName_) : SecretKeyFactory.getInstance(algorithm)).getKeySpec(secretKey, cls);
    }

    protected synchronized String createUniqueAlias(Object object, Set set) {
        String str;
        if (object == null) {
            throw new NullPointerException("Argument \"pkcs11Object\" must not be null.");
        }
        if (set == null) {
            throw new NullPointerException("Argument \"usedAliases\" must not be null.");
        }
        if (object instanceof Storage) {
            CharArrayAttribute label = ((Storage) object).getLabel();
            if (label != null) {
                char[] charArrayValue = label.getCharArrayValue();
                str = charArrayValue != null ? new String(charArrayValue) : String.valueOf(object.getObjectHandle());
            } else {
                str = new String(Object.getObjectClassName(object.getObjectClass().getLongValue()));
            }
        } else {
            str = new String(Object.getObjectClassName(object.getObjectClass().getLongValue()));
        }
        if (set.contains(str)) {
            StringBuffer stringBuffer = new StringBuffer(str.length() + 16);
            stringBuffer.append(str);
            stringBuffer.append('(');
            stringBuffer.append(object.getObjectHandle());
            stringBuffer.append(')');
            str = stringBuffer.toString();
        }
        String str2 = str;
        while (set.contains(str2)) {
            StringBuffer stringBuffer2 = new StringBuffer(str.length() + 4);
            stringBuffer2.append(str);
            stringBuffer2.append('[');
            stringBuffer2.append(2);
            stringBuffer2.append(']');
            str2 = stringBuffer2.toString();
        }
        return str;
    }

    protected synchronized void deleteCertificate(String str) throws TokenException {
        if (str != null) {
            Object object = (Object) this.trustedCertificateAliasToPkcs11ObjectTable_.get(str);
            if (object != null) {
                this.writeSession_.destroyObject(object);
                this.trustedCertificateAliasToPkcs11ObjectTable_.remove(str);
            }
            this.trustedCertificates_.remove(str);
        }
    }

    protected synchronized void deleteChertificateChain(String str) throws TokenException {
        char[] charArrayValue;
        if (str != null) {
            Object[] objectArr = (Object[]) this.certificateChainAliasToPkcs11ObjectsTable_.get(str);
            if (objectArr != null) {
                for (int i = 0; i < objectArr.length; i++) {
                    if (objectArr[i] != null && (charArrayValue = ((Storage) objectArr[i]).getLabel().getCharArrayValue()) != null && str.equals(new String(charArrayValue))) {
                        this.writeSession_.destroyObject(objectArr[i]);
                    }
                }
                this.certificateChainAliasToPkcs11ObjectsTable_.remove(str);
            }
            this.certificateChains_.remove(str);
        }
    }

    protected synchronized void deleteKey(String str) throws TokenException {
        if (str != null) {
            Object object = (Object) this.keyAliasToPkcs11ObjectTable_.get(str);
            if (object != null) {
                this.writeSession_.destroyObject(object);
                this.keyAliasToPkcs11ObjectTable_.remove(str);
            }
            this.keys_.remove(str);
        }
    }

    @Override // java.security.KeyStoreSpi
    public synchronized Enumeration engineAliases() {
        ensureSupportProvider();
        try {
            ensureCurrentTables();
            return Collections.enumeration((Set) this.aliases_.clone());
        } finally {
            releaseSessions();
        }
    }

    @Override // java.security.KeyStoreSpi
    public synchronized boolean engineContainsAlias(String str) {
        ensureSupportProvider();
        try {
            ensureCurrentTables();
            return this.aliases_.contains(str);
        } finally {
            releaseSessions();
        }
    }

    @Override // java.security.KeyStoreSpi
    public synchronized void engineDeleteEntry(String str) throws KeyStoreException {
        if (str == null) {
            throw new NullPointerException("Argument \"alias\" must not be null.");
        }
        ensureSupportProvider();
        if (!this.aliases_.contains(str)) {
            throw new KeyStoreException(new StringBuffer("No entry with alias \"").append(str).append("\".").toString());
        }
        try {
            try {
                ensureWriteSession();
                if (this.keyAliasToPkcs11ObjectTable_.containsKey(str)) {
                    deleteKey(str);
                }
                if (this.certificateChainAliasToPkcs11ObjectsTable_.containsKey(str)) {
                    deleteChertificateChain(str);
                }
                if (this.trustedCertificateAliasToPkcs11ObjectTable_.containsKey(str)) {
                    deleteCertificate(str);
                }
                this.aliases_.remove(str);
            } catch (TokenException e) {
                throw new KeyStoreException(e.toString());
            }
        } finally {
            releaseSessions();
        }
    }

    @Override // java.security.KeyStoreSpi
    public synchronized Certificate engineGetCertificate(String str) {
        if (str == null) {
            throw new NullPointerException("Argument \"alias\" must not be null.");
        }
        ensureSupportProvider();
        try {
            ensureCurrentTables();
            Certificate[] certificateArr = (Certificate[]) this.certificateChains_.get(str);
            return (certificateArr == null || certificateArr.length <= 0) ? (Certificate) this.trustedCertificates_.get(str) : certificateArr[0];
        } finally {
            releaseSessions();
        }
    }

    @Override // java.security.KeyStoreSpi
    public synchronized String engineGetCertificateAlias(Certificate certificate) {
        if (certificate == null) {
            throw new NullPointerException("argument \"certificate\" must not be null");
        }
        ensureSupportProvider();
        String str = null;
        try {
            ensureCurrentTables();
            Enumeration keys = this.certificateChains_.keys();
            while (true) {
                if (!keys.hasMoreElements()) {
                    break;
                }
                String obj = keys.nextElement().toString();
                Certificate[] certificateArr = (Certificate[]) this.certificateChains_.get(obj);
                if (certificateArr != null && certificateArr.length > 0 && certificate.equals(certificateArr[0])) {
                    str = obj;
                    break;
                }
            }
            if (str == null) {
                Enumeration keys2 = this.trustedCertificates_.keys();
                while (true) {
                    if (!keys2.hasMoreElements()) {
                        break;
                    }
                    String obj2 = keys2.nextElement().toString();
                    if (certificate.equals((Certificate) this.trustedCertificates_.get(obj2))) {
                        str = obj2;
                        break;
                    }
                }
            }
            return str;
        } finally {
            releaseSessions();
        }
    }

    @Override // java.security.KeyStoreSpi
    public synchronized Certificate[] engineGetCertificateChain(String str) {
        if (str == null) {
            throw new NullPointerException("Argument \"alias\" must not be null.");
        }
        ensureSupportProvider();
        try {
            ensureCurrentTables();
            X509Certificate[] x509CertificateArr = (X509Certificate[]) this.certificateChains_.get(str);
            if (x509CertificateArr == null) {
                x509CertificateArr = new X509Certificate[0];
            }
            return x509CertificateArr;
        } finally {
            releaseSessions();
        }
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public synchronized java.security.Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        ensureSupportProvider();
        try {
            ensureCurrentTables();
            java.security.Key key = (java.security.Key) this.keys_.get(str);
            if (key == null) {
                try {
                    if (this.tokenManager_.isTokenPresent()) {
                        if (loginSession()) {
                            setUpToDate(false);
                        }
                        ensureCurrentTables();
                        key = (java.security.Key) this.keys_.get(str);
                    }
                } catch (TokenException e) {
                    throw new IAIKPkcs11Exception(e.toString());
                }
            }
            return key;
        } finally {
            releaseSessions();
        }
    }

    @Override // java.security.KeyStoreSpi
    public synchronized boolean engineIsCertificateEntry(String str) {
        ensureSupportProvider();
        try {
            ensureCurrentTables();
            return this.trustedCertificates_.containsKey(str);
        } finally {
            releaseSessions();
        }
    }

    @Override // java.security.KeyStoreSpi
    public synchronized boolean engineIsKeyEntry(String str) {
        ensureSupportProvider();
        try {
            ensureCurrentTables();
            return this.keys_.containsKey(str) || this.certificateChains_.containsKey(str);
        } finally {
            releaseSessions();
        }
    }

    @Override // java.security.KeyStoreSpi
    public synchronized void engineLoad(InputStream inputStream, char[] cArr) throws IOException, UnsupportedOperationException {
        if (inputStream != null) {
            String readProviderName = readProviderName(inputStream);
            int providerInstanceNumber = IAIKPkcs11.getProviderInstanceNumber(readProviderName);
            if (providerInstanceNumber <= 0) {
                throw new IAIKPkcs11Exception(new StringBuffer("The IAIKPkcs11 provider with the given name does not exist: ").append(readProviderName).toString());
            }
            this.tokenManager_ = IAIKPkcs11.getProviderInstance(providerInstanceNumber).getTokenManager();
        } else if (this.tokenManager_ == null) {
            IAIKPkcs11 providerInstance = IAIKPkcs11.getProviderInstance(1);
            if (providerInstance == null) {
                throw new UnsupportedOperationException("Cannot initialize key store. Could not find a IAIKPkcs11 provider.");
            }
            this.tokenManager_ = providerInstance.getTokenManager();
        }
        if (cArr != null) {
            try {
                this.tokenManager_.loginUser(null, cArr);
                this.userPIN_ = cArr;
            } catch (TokenException e) {
                throw new IAIKPkcs11Exception(new StringBuffer("Failed to login the user with the provided PIN: ").append(e).toString());
            }
        }
        initialize();
    }

    @Override // java.security.KeyStoreSpi
    public synchronized void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        if (str == null) {
            throw new NullPointerException("Argument \"alias\" must not be null.");
        }
        if (certificate == null) {
            throw new NullPointerException("Argument \"certificate\" must not be null.");
        }
        ensureSupportProvider();
        try {
            try {
                ensureWriteSession();
                if (this.trustedCertificates_.containsKey(str)) {
                    Object object = (Object) this.trustedCertificateAliasToPkcs11ObjectTable_.get(str);
                    if (object != null) {
                        this.trustedCertificates_.remove(str);
                        this.aliases_.remove(str);
                        try {
                            this.writeSession_.destroyObject(object);
                        } catch (TokenException e) {
                            throw new KeyStoreException(new StringBuffer("Could not remove already existing certificate with this alias: ").append(e.toString()).toString());
                        }
                    } else {
                        this.trustedCertificateAliasToPkcs11ObjectTable_.remove(str);
                    }
                }
                this.trustedCertificateAliasToPkcs11ObjectTable_.put(str, createCertificate(certificate, null, str.toCharArray()));
                this.trustedCertificates_.put(str, certificate);
                this.aliases_.add(str);
            } catch (TokenException e2) {
                throw new KeyStoreException(e2.toString());
            }
        } finally {
            releaseSessions();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v161, types: [iaik.pkcs.pkcs11.provider.keys.IAIKPKCS11PublicKey] */
    /* JADX WARN: Type inference failed for: r0v173, types: [iaik.pkcs.pkcs11.provider.keys.IAIKPKCS11PrivateKey] */
    @Override // java.security.KeyStoreSpi
    public synchronized void engineSetKeyEntry(String str, java.security.Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        iaik.x509.X509Certificate x509Certificate;
        IAIKPKCS11Key iAIKPKCS11Key;
        Key keyObject;
        IAIKPKCS11SecretKey create;
        byte[] bArr;
        iaik.pkcs.pkcs11.objects.PublicKey publicKey;
        if (str == null) {
            throw new NullPointerException("Argument \"alias\" must not be null.");
        }
        if (key == null) {
            throw new NullPointerException("Argument \"key\" must not be null.");
        }
        ensureSupportProvider();
        try {
            try {
                ensureWriteSession();
                ensureCurrentTables();
                iaik.x509.X509Certificate[] convertCertificateChain = Util.convertCertificateChain(certificateArr);
                if (convertCertificateChain == null || convertCertificateChain.length <= 0) {
                    x509Certificate = null;
                } else {
                    iaik.x509.X509Certificate[] arrangeCertificateChain = Util.arrangeCertificateChain(convertCertificateChain, false);
                    if (arrangeCertificateChain != null && arrangeCertificateChain.length > 0) {
                        convertCertificateChain = arrangeCertificateChain;
                    }
                    x509Certificate = convertCertificateChain[0];
                }
                Object object = null;
                boolean z = false;
                if (this.aliases_.contains(str)) {
                    if (this.keys_.containsKey(str)) {
                        object = (Object) this.keyAliasToPkcs11ObjectTable_.get(str);
                        z = true;
                    }
                    if (this.certificateChains_.containsKey(str)) {
                        deleteChertificateChain(str);
                    }
                    if (this.trustedCertificates_.containsKey(str)) {
                        deleteCertificate(str);
                    }
                }
                if (key instanceof IAIKPKCS11Key) {
                    IAIKPKCS11Key iAIKPKCS11Key2 = (IAIKPKCS11Key) key;
                    if (iAIKPKCS11Key2.getTokenManager().getToken().equals(this.tokenManager_.getToken())) {
                        Key keyObject2 = iAIKPKCS11Key2.getKeyObject();
                        GenericTemplate genericTemplate = new GenericTemplate();
                        char[] charArrayValue = keyObject2.getLabel().getCharArrayValue();
                        char[] charArray = str.toCharArray();
                        if (charArrayValue == null || !Arrays.equals(charArrayValue, charArray)) {
                            CharArrayAttribute charArrayAttribute = new CharArrayAttribute(iaik.pkcs.pkcs11.objects.Attribute.LABEL);
                            charArrayAttribute.setCharArrayValue(charArray);
                            genericTemplate.addAttribute(charArrayAttribute);
                        }
                        if (keyObject2.getId().getByteArrayValue() == null) {
                            ByteArrayAttribute byteArrayAttribute = new ByteArrayAttribute(iaik.pkcs.pkcs11.objects.Attribute.ID);
                            bArr = generateNewID(null);
                            byteArrayAttribute.setByteArrayValue(bArr);
                            genericTemplate.addAttribute(byteArrayAttribute);
                        } else {
                            bArr = null;
                        }
                        if (!z || object == null) {
                            BooleanAttribute booleanAttribute = new BooleanAttribute(iaik.pkcs.pkcs11.objects.Attribute.TOKEN);
                            booleanAttribute.setBooleanValue(Boolean.TRUE);
                            genericTemplate.addAttribute(booleanAttribute);
                            keyObject = (Key) this.writeSession_.copyObject(keyObject2, genericTemplate);
                        } else if (object.equals(keyObject2)) {
                            if (keyObject2.getToken().getBooleanValue().booleanValue()) {
                                if (genericTemplate.getSetAttributes().size() > 0) {
                                    this.writeSession_.setAttributeValues(keyObject2, genericTemplate);
                                    if (bArr != null) {
                                        keyObject2.getId().setByteArrayValue(bArr);
                                    }
                                }
                                keyObject = keyObject2;
                            } else {
                                BooleanAttribute booleanAttribute2 = new BooleanAttribute(iaik.pkcs.pkcs11.objects.Attribute.TOKEN);
                                booleanAttribute2.setBooleanValue(Boolean.TRUE);
                                genericTemplate.addAttribute(booleanAttribute2);
                                keyObject = (Key) this.writeSession_.copyObject(keyObject2, genericTemplate);
                                this.writeSession_.destroyObject(object);
                            }
                            if ((keyObject instanceof PrivateKey) && bArr != null && (publicKey = (iaik.pkcs.pkcs11.objects.PublicKey) findCoreespondingKey(keyObject)) != null && publicKey.getId().getByteArrayValue() == null) {
                                GenericTemplate genericTemplate2 = new GenericTemplate();
                                ByteArrayAttribute byteArrayAttribute2 = new ByteArrayAttribute(iaik.pkcs.pkcs11.objects.Attribute.ID);
                                byteArrayAttribute2.setByteArrayValue(bArr);
                                genericTemplate2.addAttribute(byteArrayAttribute2);
                                this.writeSession_.setAttributeValues(publicKey, genericTemplate2);
                            }
                        } else {
                            this.writeSession_.destroyObject(object);
                            BooleanAttribute booleanAttribute3 = new BooleanAttribute(iaik.pkcs.pkcs11.objects.Attribute.TOKEN);
                            booleanAttribute3.setBooleanValue(Boolean.TRUE);
                            genericTemplate.addAttribute(booleanAttribute3);
                            keyObject = (Key) this.writeSession_.copyObject(keyObject2, genericTemplate);
                        }
                    } else {
                        if (z && object != null) {
                            this.writeSession_.destroyObject(object);
                        }
                        Key createKeyCreationTemplate = createKeyCreationTemplate(iAIKPKCS11Key2.getKeyObject());
                        createKeyCreationTemplate.getId().setByteArrayValue(generateNewID(null));
                        createKeyCreationTemplate.getLabel().setCharArrayValue(str.toCharArray());
                        keyObject = (Key) this.writeSession_.createObject(createKeyCreationTemplate);
                    }
                    if (keyObject instanceof PrivateKey) {
                        create = IAIKPKCS11PrivateKey.create(this.tokenManager_, (PrivateKey) keyObject);
                    } else if (keyObject instanceof iaik.pkcs.pkcs11.objects.PublicKey) {
                        create = IAIKPKCS11PublicKey.create(this.tokenManager_, (iaik.pkcs.pkcs11.objects.PublicKey) keyObject);
                    } else {
                        if (!(keyObject instanceof SecretKey)) {
                            throw new KeyStoreException(new StringBuffer("Unknown key type: ").append(keyObject.getClass().getName()).toString());
                        }
                        create = IAIKPKCS11SecretKey.create(this.tokenManager_, (SecretKey) keyObject);
                    }
                    this.keyAliasToPkcs11ObjectTable_.put(str, keyObject);
                    this.keys_.put(str, create);
                    this.aliases_.add(str);
                } else {
                    if (z && object != null) {
                        this.writeSession_.destroyObject(object);
                    }
                    byte[] generateNewID = generateNewID(null);
                    String algorithm = key.getAlgorithm();
                    if (key instanceof java.security.PrivateKey) {
                        PrivateKey privateKey = new PrivateKey();
                        privateKey.getToken().setBooleanValue(Boolean.TRUE);
                        privateKey.getId().setByteArrayValue(generateNewID);
                        privateKey.getLabel().setCharArrayValue(str.toCharArray());
                        privateKey.getPrivate().setBooleanValue(Boolean.TRUE);
                        privateKey.getSensitive().setBooleanValue(Boolean.TRUE);
                        KeySpec createPrivateKeySpec = createPrivateKeySpec(key);
                        setKeyAttributes(privateKey, x509Certificate, getMechanismFeaturesSupport(algorithm));
                        iAIKPKCS11Key = (IAIKPKCS11Key) KeyFactory.getInstance(algorithm, this.tokenManager_.getProvider().getName()).generatePrivate(new PKCS11KeySpec(createPrivateKeySpec, this.tokenManager_, privateKey, false, true));
                    } else if (key instanceof PublicKey) {
                        iaik.pkcs.pkcs11.objects.PublicKey publicKey2 = new iaik.pkcs.pkcs11.objects.PublicKey();
                        publicKey2.getToken().setBooleanValue(Boolean.TRUE);
                        publicKey2.getId().setByteArrayValue(generateNewID);
                        publicKey2.getLabel().setCharArrayValue(str.toCharArray());
                        KeySpec createPublicKeySpec = createPublicKeySpec(key);
                        setKeyAttributes(publicKey2, x509Certificate, getMechanismFeaturesSupport(algorithm));
                        iAIKPKCS11Key = (IAIKPKCS11Key) KeyFactory.getInstance(algorithm, this.tokenManager_.getProvider().getName()).generatePublic(new PKCS11KeySpec(createPublicKeySpec, this.tokenManager_, publicKey2, false, true));
                    } else {
                        if (!(key instanceof javax.crypto.SecretKey)) {
                            throw new KeyStoreException(new StringBuffer("Unknown key type: ").append(key.getClass().getName()).toString());
                        }
                        SecretKey secretKey = new SecretKey();
                        secretKey.getToken().setBooleanValue(Boolean.TRUE);
                        secretKey.getId().setByteArrayValue(generateNewID);
                        secretKey.getLabel().setCharArrayValue(str.toCharArray());
                        secretKey.getPrivate().setBooleanValue(Boolean.TRUE);
                        secretKey.getSensitive().setBooleanValue(Boolean.TRUE);
                        iAIKPKCS11Key = (IAIKPKCS11Key) SecretKeyFactory.getInstance(algorithm, this.tokenManager_.getProvider().getName()).generateSecret(new PKCS11KeySpec(createSecretKeySpec((javax.crypto.SecretKey) key), this.tokenManager_, secretKey, false, true));
                    }
                    keyObject = iAIKPKCS11Key.getKeyObject();
                    this.keyAliasToPkcs11ObjectTable_.put(str, keyObject);
                    this.keys_.put(str, iAIKPKCS11Key);
                    this.aliases_.add(str);
                }
                if (convertCertificateChain != null && convertCertificateChain.length > 0) {
                    Object[] objectArr = new Object[convertCertificateChain.length];
                    objectArr[0] = createCertificate(x509Certificate, keyObject.getId().getByteArrayValue(), str.toCharArray());
                    for (int i = 1; i < convertCertificateChain.length; i++) {
                        objectArr[i] = createCertificate(convertCertificateChain[i], null, str.toCharArray());
                    }
                    this.certificateChainAliasToPkcs11ObjectsTable_.put(str, objectArr);
                    this.certificateChains_.put(str, convertCertificateChain);
                }
            } catch (TokenException e) {
                throw new KeyStoreException(e.toString());
            } catch (GeneralSecurityException e2) {
                throw new KeyStoreException(e2.toString());
            }
        } finally {
            releaseSessions();
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new KeyStoreException("TokenKeyStoreSpi does not support storing encrypted keys");
    }

    @Override // java.security.KeyStoreSpi
    public synchronized int engineSize() {
        ensureSupportProvider();
        try {
            ensureCurrentTables();
            return this.aliases_.size();
        } finally {
            releaseSessions();
        }
    }

    @Override // java.security.KeyStoreSpi
    public synchronized void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        try {
            try {
                ensureWriteSession();
                this.tokenManager_.setUserPIN(this.writeSession_, this.userPIN_, cArr);
                if (outputStream != null) {
                    writeProviderName(this.tokenManager_.getProvider().getName(), outputStream);
                }
            } catch (TokenException e) {
                throw new IOException(new StringBuffer("Error setting new user PIN: ").append(e.toString()).toString());
            }
        } finally {
            releaseSessions();
        }
    }

    protected synchronized void ensureCurrentTables() throws IAIKPkcs11Exception {
        try {
            if (!this.tokenManager_.isTokenPresent()) {
                clearTables();
                this.infoOfRecentToken_ = null;
            } else {
                if (isUpToDate()) {
                    return;
                }
                clearTables();
                ensureReadSession();
                updateTables();
            }
        } catch (TokenException e) {
            throw new IAIKPkcs11Exception(e.toString());
        }
    }

    protected synchronized void ensureReadSession() throws TokenException, IAIKPkcs11Exception {
        if (this.readSession_ == null) {
            openReadSession();
        }
        if (this.useUserSession_) {
            loginSession();
        }
    }

    protected void ensureSupportProvider() {
        this.supportProviderName_ = this.tokenManager_.getProvider().getKeystoreSupportProvider();
    }

    protected synchronized void ensureWriteSession() throws TokenException, IAIKPkcs11Exception {
        if (this.writeSession_ == null) {
            openWriteSession();
        }
        loginSession();
    }

    protected void finalize() throws Throwable {
        if (this.tokenManager_ != null) {
            this.tokenManager_.disposeSession(this.readSession_);
            if (this.readSession_ != this.writeSession_) {
                this.tokenManager_.disposeSession(this.writeSession_);
            }
        }
        super.finalize();
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected synchronized Key findCoreespondingKey(Key key) throws TokenException {
        KEAPrivateKey kEAPrivateKey;
        Key key2;
        if (key instanceof PrivateKey) {
            if (key instanceof RSAPrivateKey) {
                iaik.pkcs.pkcs11.objects.RSAPublicKey rSAPublicKey = new iaik.pkcs.pkcs11.objects.RSAPublicKey();
                rSAPublicKey.getModulus().setByteArrayValue(((RSAPrivateKey) key).getModulus().getByteArrayValue());
                kEAPrivateKey = rSAPublicKey;
            } else if (key instanceof DSAPrivateKey) {
                iaik.pkcs.pkcs11.objects.DSAPublicKey dSAPublicKey = new iaik.pkcs.pkcs11.objects.DSAPublicKey();
                dSAPublicKey.getBase().setByteArrayValue(((DSAPrivateKey) key).getBase().getByteArrayValue());
                dSAPublicKey.getPrime().setByteArrayValue(((DSAPrivateKey) key).getPrime().getByteArrayValue());
                dSAPublicKey.getSubprime().setByteArrayValue(((DSAPrivateKey) key).getSubprime().getByteArrayValue());
                kEAPrivateKey = dSAPublicKey;
            } else if (key instanceof ECDSAPrivateKey) {
                ECDSAPublicKey eCDSAPublicKey = new ECDSAPublicKey();
                eCDSAPublicKey.getEcdsaParams().setByteArrayValue(((ECDSAPrivateKey) key).getEcdsaParams().getByteArrayValue());
                kEAPrivateKey = eCDSAPublicKey;
            } else if (key instanceof DHPrivateKey) {
                DHPublicKey dHPublicKey = new DHPublicKey();
                dHPublicKey.getBase().setByteArrayValue(((DSAPrivateKey) key).getBase().getByteArrayValue());
                dHPublicKey.getPrime().setByteArrayValue(((DSAPrivateKey) key).getPrime().getByteArrayValue());
                kEAPrivateKey = dHPublicKey;
            } else {
                kEAPrivateKey = null;
            }
        } else if (!(key instanceof iaik.pkcs.pkcs11.objects.PublicKey)) {
            kEAPrivateKey = null;
        } else if (key instanceof iaik.pkcs.pkcs11.objects.RSAPublicKey) {
            RSAPrivateKey rSAPrivateKey = new RSAPrivateKey();
            rSAPrivateKey.getModulus().setByteArrayValue(((iaik.pkcs.pkcs11.objects.RSAPublicKey) key).getModulus().getByteArrayValue());
            kEAPrivateKey = rSAPrivateKey;
        } else if (key instanceof iaik.pkcs.pkcs11.objects.DSAPublicKey) {
            DSAPrivateKey dSAPrivateKey = new DSAPrivateKey();
            dSAPrivateKey.getBase().setByteArrayValue(((iaik.pkcs.pkcs11.objects.DSAPublicKey) key).getBase().getByteArrayValue());
            dSAPrivateKey.getPrime().setByteArrayValue(((iaik.pkcs.pkcs11.objects.DSAPublicKey) key).getPrime().getByteArrayValue());
            dSAPrivateKey.getSubprime().setByteArrayValue(((iaik.pkcs.pkcs11.objects.DSAPublicKey) key).getSubprime().getByteArrayValue());
            kEAPrivateKey = dSAPrivateKey;
        } else if (key instanceof ECDSAPublicKey) {
            ECDSAPrivateKey eCDSAPrivateKey = new ECDSAPrivateKey();
            eCDSAPrivateKey.getEcdsaParams().setByteArrayValue(((ECDSAPublicKey) key).getEcdsaParams().getByteArrayValue());
            kEAPrivateKey = eCDSAPrivateKey;
        } else if (key instanceof DHPublicKey) {
            DHPrivateKey dHPrivateKey = new DHPrivateKey();
            dHPrivateKey.getBase().setByteArrayValue(((iaik.pkcs.pkcs11.objects.DSAPublicKey) key).getBase().getByteArrayValue());
            dHPrivateKey.getPrime().setByteArrayValue(((iaik.pkcs.pkcs11.objects.DSAPublicKey) key).getPrime().getByteArrayValue());
            kEAPrivateKey = dHPrivateKey;
        } else if (key instanceof KEAPublicKey) {
            KEAPrivateKey kEAPrivateKey2 = new KEAPrivateKey();
            kEAPrivateKey2.getBase().setByteArrayValue(((KEAPublicKey) key).getBase().getByteArrayValue());
            kEAPrivateKey2.getPrime().setByteArrayValue(((KEAPublicKey) key).getPrime().getByteArrayValue());
            kEAPrivateKey2.getSubprime().setByteArrayValue(((KEAPublicKey) key).getSubprime().getByteArrayValue());
            kEAPrivateKey = kEAPrivateKey2;
        } else {
            kEAPrivateKey = null;
        }
        if (kEAPrivateKey != null) {
            ensureReadSession();
            this.readSession_.findObjectsInit(kEAPrivateKey);
            Object[] findObjects = this.readSession_.findObjects(1);
            key2 = findObjects.length > 0 ? (Key) findObjects[0] : null;
            this.readSession_.findObjectsFinal();
        } else {
            key2 = null;
        }
        return key2;
    }

    protected synchronized void findKeysAndCertificateTables() throws TokenException, KeyStoreException {
        Object object;
        List<Object> readAllObjects = readAllObjects();
        IdentityMap identityMap = new IdentityMap(8);
        Map hashMap = new HashMap(8);
        for (Object object2 : readAllObjects) {
            if (object2 instanceof iaik.pkcs.pkcs11.objects.Certificate) {
                if (object2 instanceof X509PublicKeyCertificate) {
                    X509PublicKeyCertificate x509PublicKeyCertificate = (X509PublicKeyCertificate) object2;
                    byte[] byteArrayValue = x509PublicKeyCertificate.getValue().getByteArrayValue();
                    if (byteArrayValue != null) {
                        try {
                            iaik.x509.X509Certificate x509Certificate = new iaik.x509.X509Certificate(new ByteArrayInputStream(byteArrayValue));
                            identityMap.put(x509Certificate, x509PublicKeyCertificate);
                            String rFC2253String = ((Name) x509Certificate.getSubjectDN()).getRFC2253String();
                            Object obj = hashMap.get(rFC2253String);
                            if (obj == null) {
                                hashMap.put(rFC2253String, x509Certificate);
                            } else if (obj instanceof iaik.x509.X509Certificate) {
                                Vector vector = new Vector(2);
                                vector.addElement(obj);
                                vector.addElement(x509Certificate);
                                hashMap.put(rFC2253String, vector);
                            } else {
                                ((Vector) obj).addElement(x509Certificate);
                            }
                        } catch (RFC2253NameParserException e) {
                            IAIKPkcs11.errorStream_.println(new StringBuffer("Could not create Certificate object: ").append(e).toString());
                            e.printStackTrace(IAIKPkcs11.errorStream_);
                        } catch (IOException e2) {
                            IAIKPkcs11.errorStream_.println(new StringBuffer("Could not create Certificate object: ").append(e2).toString());
                            e2.printStackTrace(IAIKPkcs11.errorStream_);
                        } catch (CertificateException e3) {
                            IAIKPkcs11.errorStream_.println(new StringBuffer("Could not create Certificate object: ").append(e3).toString());
                            e3.printStackTrace(IAIKPkcs11.errorStream_);
                        }
                    }
                } else if (object2 instanceof X509AttributeCertificate) {
                    X509AttributeCertificate x509AttributeCertificate = (X509AttributeCertificate) object2;
                    try {
                        identityMap.put(new AttributeCertificate(x509AttributeCertificate.getValue().getByteArrayValue()), x509AttributeCertificate);
                    } catch (CertificateException e4) {
                        IAIKPkcs11.errorStream_.println(new StringBuffer("Could not create AttributeCertificate object: ").append(e4).toString());
                        e4.printStackTrace(IAIKPkcs11.errorStream_);
                    }
                }
            }
        }
        Hashtable hashtable = new Hashtable(identityMap.size());
        Hashtable hashtable2 = new Hashtable(identityMap.size());
        Vector vector2 = new Vector(identityMap.size());
        vector2.addAll(identityMap.keySet());
        Hashtable hashtable3 = new Hashtable();
        Iterator it = vector2.iterator();
        int i = 0;
        while (it.hasNext()) {
            Certificate certificate = (Certificate) it.next();
            if (certificate != null && (object = (Object) identityMap.get(certificate)) != null && (certificate instanceof iaik.x509.X509Certificate)) {
                iaik.x509.X509Certificate x509Certificate2 = (iaik.x509.X509Certificate) certificate;
                byte[] byteArrayValue2 = ((X509PublicKeyCertificate) object).getId().getByteArrayValue();
                if (byteArrayValue2 != null) {
                    ComparableByteArray comparableByteArray = new ComparableByteArray(byteArrayValue2);
                    int i2 = i;
                    i++;
                    Integer num = new Integer(i2);
                    hashtable3.put(comparableByteArray, num);
                    iaik.x509.X509Certificate[] createCertificateChain = createCertificateChain(x509Certificate2, hashMap);
                    Object[] objectArr = new Object[createCertificateChain.length];
                    for (int i3 = 0; i3 < createCertificateChain.length; i3++) {
                        objectArr[i3] = (Object) identityMap.get(createCertificateChain[i3]);
                    }
                    hashtable.put(num, objectArr);
                    hashtable2.put(num, createCertificateChain);
                }
            }
        }
        LinkedList<iaik.pkcs.pkcs11.objects.PublicKey> linkedList = new LinkedList();
        LinkedList<SecretKey> linkedList2 = new LinkedList();
        for (Object object3 : readAllObjects) {
            if (object3 instanceof Key) {
                Key key = (Key) object3;
                String str = null;
                if (key instanceof PrivateKey) {
                    PrivateKey privateKey = (PrivateKey) key;
                    IAIKPKCS11PrivateKey create = IAIKPKCS11PrivateKey.create(this.tokenManager_, privateKey);
                    byte[] byteArrayValue3 = privateKey.getId().getByteArrayValue();
                    if (byteArrayValue3 != null) {
                        Integer num2 = (Integer) hashtable3.get(new ComparableByteArray(byteArrayValue3));
                        if (num2 != null) {
                            iaik.x509.X509Certificate[] x509CertificateArr = (iaik.x509.X509Certificate[]) hashtable2.remove(num2);
                            if (x509CertificateArr != null && x509CertificateArr.length > 0) {
                                Object[] objectArr2 = (Object[]) hashtable.remove(num2);
                                str = createUniqueAlias(objectArr2[0], this.aliases_);
                                this.certificateChains_.put(str, x509CertificateArr);
                                if (objectArr2 != null) {
                                    this.certificateChainAliasToPkcs11ObjectsTable_.put(str, objectArr2);
                                }
                                if (x509CertificateArr.length > 0) {
                                    identityMap.remove(x509CertificateArr[0]);
                                }
                            }
                        } else {
                            str = createUniqueAlias(key, this.aliases_);
                        }
                    } else {
                        str = createUniqueAlias(key, this.aliases_);
                    }
                    if (create != null) {
                        this.keyAliasToPkcs11ObjectTable_.put(str, key);
                        this.keys_.put(str, create);
                        this.aliases_.add(str);
                    }
                } else if (key instanceof iaik.pkcs.pkcs11.objects.PublicKey) {
                    linkedList.add(key);
                } else {
                    if (!(key instanceof SecretKey)) {
                        throw new KeyStoreException(new StringBuffer("Unknown key type: ").append(key.getClass().getName()).toString());
                    }
                    linkedList2.add(key);
                }
            }
        }
        for (iaik.pkcs.pkcs11.objects.PublicKey publicKey : linkedList) {
            IAIKPKCS11PublicKey create2 = IAIKPKCS11PublicKey.create(this.tokenManager_, publicKey);
            String createUniqueAlias = createUniqueAlias(publicKey, this.aliases_);
            this.keyAliasToPkcs11ObjectTable_.put(createUniqueAlias, publicKey);
            this.keys_.put(createUniqueAlias, create2);
            this.aliases_.add(createUniqueAlias);
        }
        for (SecretKey secretKey : linkedList2) {
            IAIKPKCS11SecretKey create3 = IAIKPKCS11SecretKey.create(this.tokenManager_, secretKey);
            String createUniqueAlias2 = createUniqueAlias(secretKey, this.aliases_);
            this.keyAliasToPkcs11ObjectTable_.put(createUniqueAlias2, secretKey);
            this.keys_.put(createUniqueAlias2, create3);
            this.aliases_.add(createUniqueAlias2);
        }
        Vector vector3 = new Vector(identityMap.size());
        vector3.addAll(identityMap.keySet());
        Iterator it2 = vector3.iterator();
        while (it2.hasNext()) {
            Certificate certificate2 = (Certificate) it2.next();
            if (certificate2 != null) {
                Object object4 = (Object) identityMap.get(certificate2);
                if (object4 != null) {
                    String createUniqueAlias3 = createUniqueAlias(object4, this.aliases_);
                    this.trustedCertificateAliasToPkcs11ObjectTable_.put(createUniqueAlias3, object4);
                    this.trustedCertificates_.put(createUniqueAlias3, certificate2);
                    this.aliases_.add(createUniqueAlias3);
                }
                identityMap.remove(certificate2);
            }
        }
    }

    protected synchronized byte[] generateNewID(byte[] bArr) throws TokenException {
        byte[] bArr2 = (bArr == null || bArr.length <= 0) ? this.lastNewID_ == null ? new byte[20] : this.lastNewID_ : bArr;
        GenericTemplate genericTemplate = new GenericTemplate();
        ByteArrayAttribute byteArrayAttribute = new ByteArrayAttribute(iaik.pkcs.pkcs11.objects.Attribute.ID);
        byteArrayAttribute.setByteArrayValue(bArr2);
        genericTemplate.addAttribute(byteArrayAttribute);
        boolean z = false;
        while (!z) {
            increment(bArr2);
            this.writeSession_.findObjectsInit(genericTemplate);
            Object[] findObjects = this.writeSession_.findObjects(1);
            this.writeSession_.findObjectsFinal();
            z = findObjects.length == 0;
        }
        this.lastNewID_ = bArr2;
        return this.lastNewID_;
    }

    protected MechanismInfo getMechanismFeaturesSupport(String str) throws TokenException {
        MechanismInfo mechanismInfo;
        Token token = this.tokenManager_.getToken();
        if (token != null) {
            HashSet hashSet = new HashSet(Arrays.asList(token.getMechanismList()));
            if (str.equalsIgnoreCase(IAIKPKCS11Key.RSA)) {
                mechanismInfo = new MechanismInfo();
                if (hashSet.contains(Mechanism.RSA_PKCS)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.RSA_PKCS));
                }
                if (hashSet.contains(Mechanism.MD2_RSA_PKCS)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.MD2_RSA_PKCS));
                }
                if (hashSet.contains(Mechanism.MD5_RSA_PKCS)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.MD5_RSA_PKCS));
                }
                if (hashSet.contains(Mechanism.SHA1_RSA_PKCS)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.SHA1_RSA_PKCS));
                }
                if (hashSet.contains(Mechanism.RIPEMD128_RSA_PKCS)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.RIPEMD128_RSA_PKCS));
                }
                if (hashSet.contains(Mechanism.RIPEMD160_RSA_PKCS)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.RIPEMD160_RSA_PKCS));
                }
                if (hashSet.contains(Mechanism.RSA_X_509)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.RSA_X_509));
                }
                if (hashSet.contains(Mechanism.RSA_9796)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.RSA_9796));
                }
                if (hashSet.contains(Mechanism.RSA_PKCS_OAEP)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.RSA_PKCS_OAEP));
                }
            } else if (str.equalsIgnoreCase(IAIKPKCS11Key.DSA)) {
                mechanismInfo = new MechanismInfo();
                if (hashSet.contains(Mechanism.DSA)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.DSA));
                }
                if (hashSet.contains(Mechanism.DSA_SHA1)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.DSA_SHA1));
                }
            } else if (str.equalsIgnoreCase(IAIKPKCS11Key.DH)) {
                mechanismInfo = new MechanismInfo();
                if (hashSet.contains(Mechanism.DH_PKCS_DERIVE)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.DH_PKCS_DERIVE));
                }
            } else if (str.equalsIgnoreCase(IAIKPKCS11Key.ECDSA)) {
                mechanismInfo = new MechanismInfo();
                if (hashSet.contains(Mechanism.ECDSA)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.ECDSA));
                }
                if (hashSet.contains(Mechanism.ECDSA_SHA1)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.ECDSA_SHA1));
                }
                if (hashSet.contains(Mechanism.ECDH1_COFACTOR_DERIVE)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.ECDH1_COFACTOR_DERIVE));
                }
                if (hashSet.contains(Mechanism.ECDH1_DERIVE)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.ECDH1_DERIVE));
                }
                if (hashSet.contains(Mechanism.ECMQV_DERIVE)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.ECMQV_DERIVE));
                }
            } else if (str.equalsIgnoreCase(IAIKPKCS11Key.KEA)) {
                mechanismInfo = new MechanismInfo();
                if (hashSet.contains(Mechanism.KEA_KEY_DERIVE)) {
                    mechanismInfo = mechanismInfo.or(token.getMechanismInfo(Mechanism.KEA_KEY_DERIVE));
                }
            } else {
                mechanismInfo = null;
            }
        } else {
            mechanismInfo = null;
        }
        return mechanismInfo;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean getReadProtectedKeyOnDemand() {
        return !this.useUserSession_;
    }

    public TokenManager getTokenManager() {
        return this.tokenManager_;
    }

    private static final void increment(byte[] bArr) {
        for (int length = bArr.length - 1; length >= 0; length--) {
            int i = length;
            byte b = (byte) (bArr[i] + 1);
            bArr[i] = b;
            if (b != 0) {
                return;
            }
        }
    }

    protected synchronized void initialize() {
        this.aliases_ = new HashSet();
        this.keys_ = new Hashtable();
        this.certificateChains_ = new Hashtable();
        this.trustedCertificates_ = new Hashtable();
        this.keyAliasToPkcs11ObjectTable_ = new Hashtable();
        this.certificateChainAliasToPkcs11ObjectsTable_ = new Hashtable();
        this.trustedCertificateAliasToPkcs11ObjectTable_ = new Hashtable();
        this.useUserSession_ = !this.tokenManager_.getProvider().isLoginKeystoreOnDemand();
        setUpToDate(false);
        this.tokenManager_.addKeyStoreReference(this);
    }

    protected boolean isEndUserCertificate(iaik.x509.X509Certificate x509Certificate) throws CertificateException {
        try {
            if (((BasicConstraints) x509Certificate.getExtension(BasicConstraints.oid)) != null) {
                return !r0.ca();
            }
            return true;
        } catch (X509ExtensionInitException e) {
            throw new CertificateException(e.toString());
        }
    }

    @Override // iaik.pkcs.pkcs11.provider.PKCS11EngineClass
    public boolean isSupportedBy(TokenManager tokenManager) {
        return true;
    }

    protected synchronized boolean isUpToDate() throws TokenException {
        if (this.isUpToDate_) {
            if (this.tokenManager_.isTokenPresent()) {
                TokenInfo tokenInfo = this.tokenManager_.getToken().getTokenInfo();
                if (this.infoOfRecentToken_ == null || !this.infoOfRecentToken_.getLabel().equals(tokenInfo.getLabel()) || !this.infoOfRecentToken_.getManufacturerID().equals(tokenInfo.getManufacturerID()) || !this.infoOfRecentToken_.getModel().equals(tokenInfo.getModel()) || !this.infoOfRecentToken_.getSerialNumber().equals(tokenInfo.getSerialNumber()) || this.infoOfRecentToken_.getFreePrivateMemory() != tokenInfo.getFreePrivateMemory() || this.infoOfRecentToken_.getFreePublicMemory() != tokenInfo.getFreePublicMemory()) {
                    this.isUpToDate_ = false;
                }
            } else if (this.infoOfRecentToken_ != null) {
                this.isUpToDate_ = false;
            }
        }
        return this.isUpToDate_;
    }

    protected synchronized boolean loginSession() {
        try {
            if (this.readSession_ == null) {
                openReadSession();
            }
            return this.tokenManager_.makeAuthorizedSession(this.readSession_, null);
        } catch (TokenException e) {
            throw new IAIKPkcs11Exception(e.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized void logoutSession() {
        try {
            if (this.readSession_ != null) {
                this.tokenManager_.logout(this.readSession_);
            } else if (this.writeSession_ != null) {
                this.tokenManager_.logout(this.writeSession_);
            } else {
                this.tokenManager_.logout(null);
            }
        } catch (TokenException e) {
            throw new IAIKPkcs11Exception(e.toString());
        }
    }

    protected synchronized void openReadSession() {
        try {
            this.readSession_ = this.writeSession_ != null ? this.writeSession_ : this.tokenManager_.getSession(false);
        } catch (TokenException e) {
            throw new IAIKPkcs11Exception(e.toString());
        }
    }

    protected synchronized void openWriteSession() {
        try {
            this.writeSession_ = this.tokenManager_.getSession(true);
        } catch (TokenException e) {
            throw new IAIKPkcs11Exception(e.toString());
        }
    }

    private synchronized List readAllObjects() throws TokenException {
        Object[] findObjects;
        ArrayList arrayList = new ArrayList(2);
        this.readSession_.findObjectsInit(null);
        while (true) {
            try {
                findObjects = this.readSession_.findObjects(1);
            } catch (TokenException unused) {
            }
            if (findObjects.length == 0) {
                this.readSession_.findObjectsFinal();
                return arrayList;
            }
            for (Object object : findObjects) {
                arrayList.add(object);
            }
        }
    }

    protected String readProviderName(InputStream inputStream) throws IOException {
        char[] cArr = new char[64];
        InputStreamReader inputStreamReader = new InputStreamReader(inputStream, "UTF-8");
        CharArrayWriter charArrayWriter = new CharArrayWriter(64);
        while (true) {
            int read = inputStreamReader.read(cArr, 0, cArr.length);
            if (read < 0) {
                charArrayWriter.flush();
                return new String(charArrayWriter.toCharArray());
            }
            charArrayWriter.write(cArr, 0, read);
        }
    }

    protected synchronized void releaseSessions() {
        if (this.readSession_ != null) {
            if (this.readSession_ != this.writeSession_) {
                this.tokenManager_.disposeSession(this.readSession_);
            }
            this.readSession_ = null;
        }
        if (this.writeSession_ != null) {
            this.tokenManager_.disposeSession(this.writeSession_);
            this.writeSession_ = null;
        }
    }

    protected void setKeyAttributes(PrivateKey privateKey, X509Certificate x509Certificate, MechanismInfo mechanismInfo) throws X509ExtensionException, CertificateException {
        KeyUsage keyUsage;
        if (privateKey == null) {
            throw new NullPointerException("Argument \"keyTemplate\" must not be null.");
        }
        if (x509Certificate != null) {
            keyUsage = (KeyUsage) (x509Certificate instanceof iaik.x509.X509Certificate ? (iaik.x509.X509Certificate) x509Certificate : new iaik.x509.X509Certificate(x509Certificate.getEncoded())).getExtension(KeyUsage.oid);
        } else {
            keyUsage = null;
        }
        if (keyUsage == null) {
            if (mechanismInfo != null) {
                privateKey.getSign().setBooleanValue(new Boolean(mechanismInfo.isSign()));
                privateKey.getSignRecover().setBooleanValue(new Boolean(mechanismInfo.isSignRecover()));
                privateKey.getDecrypt().setBooleanValue(new Boolean(mechanismInfo.isDecrypt()));
                privateKey.getDerive().setBooleanValue(new Boolean(mechanismInfo.isDerive()));
                privateKey.getUnwrap().setBooleanValue(new Boolean(mechanismInfo.isUnwrap()));
                return;
            }
            privateKey.getSign().setBooleanValue(Boolean.TRUE);
            privateKey.getSignRecover().setBooleanValue(Boolean.TRUE);
            privateKey.getDecrypt().setBooleanValue(Boolean.TRUE);
            privateKey.getDerive().setBooleanValue(Boolean.TRUE);
            privateKey.getUnwrap().setBooleanValue(Boolean.TRUE);
            return;
        }
        int i = keyUsage.get();
        if (mechanismInfo != null) {
            privateKey.getDecrypt().setBooleanValue(new Boolean(!((i & 8) == 0 && (i & 4) == 0) && mechanismInfo.isDecrypt()));
            privateKey.getSign().setBooleanValue(new Boolean(!((i & 1) == 0 && (i & 32) == 0 && (i & 64) == 0 && (i & 2) == 0) && mechanismInfo.isSign()));
            privateKey.getSignRecover().setBooleanValue(new Boolean(!((i & 1) == 0 && (i & 32) == 0 && (i & 64) == 0 && (i & 2) == 0) && mechanismInfo.isSignRecover()));
            privateKey.getDerive().setBooleanValue(new Boolean((i & 16) != 0 && mechanismInfo.isDerive()));
            privateKey.getUnwrap().setBooleanValue(new Boolean((i & 4) != 0 && mechanismInfo.isUnwrap()));
            return;
        }
        privateKey.getDecrypt().setBooleanValue(new Boolean(((i & 8) == 0 && (i & 4) == 0) ? false : true));
        privateKey.getSign().setBooleanValue(new Boolean(((i & 1) == 0 && (i & 32) == 0 && (i & 64) == 0 && (i & 2) == 0) ? false : true));
        privateKey.getSignRecover().setBooleanValue(new Boolean(((i & 1) == 0 && (i & 32) == 0 && (i & 64) == 0 && (i & 2) == 0) ? false : true));
        privateKey.getDerive().setBooleanValue(new Boolean((i & 16) != 0));
        privateKey.getUnwrap().setBooleanValue(new Boolean((i & 4) != 0));
    }

    protected void setKeyAttributes(iaik.pkcs.pkcs11.objects.PublicKey publicKey, X509Certificate x509Certificate, MechanismInfo mechanismInfo) throws X509ExtensionException, CertificateException {
        KeyUsage keyUsage;
        if (publicKey == null) {
            throw new NullPointerException("Argument \"keyTemplate\" must not be null.");
        }
        if (x509Certificate != null) {
            keyUsage = (KeyUsage) (x509Certificate instanceof iaik.x509.X509Certificate ? (iaik.x509.X509Certificate) x509Certificate : new iaik.x509.X509Certificate(x509Certificate.getEncoded())).getExtension(KeyUsage.oid);
        } else {
            keyUsage = null;
        }
        if (keyUsage == null) {
            if (mechanismInfo != null) {
                publicKey.getVerify().setBooleanValue(new Boolean(mechanismInfo.isVerify()));
                publicKey.getVerifyRecover().setBooleanValue(new Boolean(mechanismInfo.isVerifyRecover()));
                publicKey.getEncrypt().setBooleanValue(new Boolean(mechanismInfo.isEncrypt()));
                publicKey.getDerive().setBooleanValue(new Boolean(mechanismInfo.isDerive()));
                publicKey.getWrap().setBooleanValue(new Boolean(mechanismInfo.isWrap()));
                return;
            }
            publicKey.getVerify().setBooleanValue(Boolean.TRUE);
            publicKey.getVerifyRecover().setBooleanValue(Boolean.TRUE);
            publicKey.getEncrypt().setBooleanValue(Boolean.TRUE);
            publicKey.getDerive().setBooleanValue(Boolean.TRUE);
            publicKey.getWrap().setBooleanValue(Boolean.TRUE);
            return;
        }
        int i = keyUsage.get();
        if (mechanismInfo != null) {
            publicKey.getEncrypt().setBooleanValue(new Boolean((i & 8) != 0 && mechanismInfo.isEncrypt()));
            publicKey.getVerify().setBooleanValue(new Boolean(!((i & 1) == 0 && (i & 32) == 0 && (i & 64) == 0 && (i & 2) == 0) && mechanismInfo.isVerify()));
            publicKey.getVerifyRecover().setBooleanValue(new Boolean(!((i & 1) == 0 && (i & 32) == 0 && (i & 64) == 0 && (i & 2) == 0) && mechanismInfo.isVerifyRecover()));
            publicKey.getDerive().setBooleanValue(new Boolean((i & 16) != 0 && mechanismInfo.isDerive()));
            publicKey.getWrap().setBooleanValue(new Boolean((i & 4) != 0 && mechanismInfo.isWrap()));
            return;
        }
        publicKey.getEncrypt().setBooleanValue(new Boolean((i & 8) != 0));
        publicKey.getVerify().setBooleanValue(new Boolean(((i & 1) == 0 && (i & 32) == 0 && (i & 64) == 0 && (i & 2) == 0) ? false : true));
        publicKey.getVerifyRecover().setBooleanValue(new Boolean(((i & 1) == 0 && (i & 32) == 0 && (i & 64) == 0 && (i & 2) == 0) ? false : true));
        publicKey.getDerive().setBooleanValue(new Boolean((i & 16) != 0));
        publicKey.getWrap().setBooleanValue(new Boolean((i & 4) != 0));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized void setReadProtectedKeyOnDemand(boolean z) {
        if (z == this.useUserSession_) {
            this.useUserSession_ = !z;
            setUpToDate(false);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setUpToDate(boolean z) {
        this.isUpToDate_ = z;
    }

    protected synchronized boolean tokenChanged() throws TokenException {
        boolean z;
        if (this.tokenManager_.isTokenPresent()) {
            TokenInfo tokenInfo = this.tokenManager_.getToken().getTokenInfo();
            z = (this.infoOfRecentToken_ != null && this.infoOfRecentToken_.getLabel().equals(tokenInfo.getLabel()) && this.infoOfRecentToken_.getManufacturerID().equals(tokenInfo.getManufacturerID()) && this.infoOfRecentToken_.getModel().equals(tokenInfo.getModel()) && this.infoOfRecentToken_.getSerialNumber().equals(tokenInfo.getSerialNumber())) ? false : true;
        } else {
            z = this.infoOfRecentToken_ != null;
        }
        return z;
    }

    protected synchronized void updateTables() {
        try {
            this.infoOfRecentToken_ = this.tokenManager_.getToken().getTokenInfo();
            findKeysAndCertificateTables();
            setUpToDate(true);
        } catch (TokenException e) {
            e.printStackTrace(IAIKPkcs11.errorStream_);
        } catch (KeyStoreException e2) {
            e2.printStackTrace(IAIKPkcs11.errorStream_);
        }
    }

    protected void writeProviderName(String str, OutputStream outputStream) throws IOException {
        outputStream.write(str.getBytes("UTF-8"));
    }
}
