package com.hebca.crypto.imp.pkcs11;

import com.hebca.crypto.Container;
import com.hebca.crypto.Device;
import com.hebca.crypto.Provider;
import com.hebca.crypto.SKey;
import com.hebca.crypto.SymCrypter;
import com.hebca.crypto.exception.ContainerException;
import com.hebca.crypto.exception.DataException;
import com.hebca.crypto.exception.DeviceException;
import com.hebca.crypto.exception.DeviceOpenException;
import com.hebca.crypto.exception.FormatDeviceException;
import com.hebca.crypto.exception.KeyException;
import com.hebca.crypto.exception.LoginException;
import com.hebca.crypto.exception.PasswordException;
import com.hebca.crypto.exception.SetPasswordException;
import com.hebca.crypto.exception.SymCryptException;
import com.hebca.crypto.imp.CertImp;
import com.hebca.crypto.imp.DeviceBase;
import com.hebca.crypto.imp.SymCrypterBase;
import com.hebca.crypto.util.LogUtil;
import iaik.pkcs.pkcs11.Mechanism;
import iaik.pkcs.pkcs11.Session;
import iaik.pkcs.pkcs11.Token;
import iaik.pkcs.pkcs11.TokenException;
import iaik.pkcs.pkcs11.TokenInfo;
import iaik.pkcs.pkcs11.objects.AESSecretKey;
import iaik.pkcs.pkcs11.objects.BooleanAttribute;
import iaik.pkcs.pkcs11.objects.ByteArrayAttribute;
import iaik.pkcs.pkcs11.objects.DES3SecretKey;
import iaik.pkcs.pkcs11.objects.DESSecretKey;
import iaik.pkcs.pkcs11.objects.Data;
import iaik.pkcs.pkcs11.objects.Object;
import iaik.pkcs.pkcs11.objects.RSAPublicKey;
import iaik.pkcs.pkcs11.objects.SecretKey;
import iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate;
import iaik.pkcs.pkcs11.parameters.InitializationVectorParameters;
import iaik.pkcs.pkcs11.wrapper.PKCS11Exception;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;

/* loaded from: input_file:assets/cryptoImpDex.jar:com/hebca/crypto/imp/pkcs11/DevicePkcs11.class */
public class DevicePkcs11 extends DeviceBase {
    private Token token;
    private Session session;
    private boolean isLogined;
    static final int MaxObjectCount = 128;

    public DevicePkcs11(Provider provider, Token token) {
        super(provider);
        this.isLogined = false;
        this.token = token;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Session getSession() {
        return this.session;
    }

    private String getKeyTag() {
        return getName();
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public Device.DeviceInfo getDeviceInfo() throws DeviceException {
        Device.DeviceInfo deviceInfo = new Device.DeviceInfo();
        deviceInfo.setDeviceName(getProvider().getConfig().getDeviceName());
        deviceInfo.setType(Device.TYPE_PKCS11);
        deviceInfo.setSubType(getProvider().getConfig().getName());
        try {
            TokenInfo tokenInfo = this.token.getTokenInfo();
            deviceInfo.setFirmwareVersion(tokenInfo.getFirmwareVersion().toString());
            deviceInfo.setHardwareVersion(deviceInfo.getHardwareVersion());
            deviceInfo.setFreePrivateMemory(tokenInfo.getFreePrivateMemory());
            deviceInfo.setFreePublicMemory(tokenInfo.getFreePublicMemory());
            deviceInfo.setLabel(tokenInfo.getLabel());
            deviceInfo.setManufacturerID(tokenInfo.getManufacturerID());
            deviceInfo.setMaxPinLen(tokenInfo.getMaxPinLen());
            deviceInfo.setMinPinLen(tokenInfo.getMinPinLen());
            deviceInfo.setSerialNumber(tokenInfo.getSerialNumber());
            deviceInfo.setTotalPrivateMemory(tokenInfo.getTotalPrivateMemory());
            deviceInfo.setTotalPublicMemory(tokenInfo.getTotalPublicMemory());
            return deviceInfo;
        } catch (TokenException e) {
            Pkcs11Util.logError(getKeyTag(), e);
            throw new DeviceException(e);
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public int getKeystoreVersion() {
        return 0;
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public void open() throws DeviceOpenException {
        try {
            this.session = this.token.openSession(true, true, null, null);
            LogUtil.debug(getKeyTag(), "openSession success, sessionHandle=" + this.session.getSessionHandle() + ",tokenID=" + this.token.getTokenID());
        } catch (Exception e) {
            LogUtil.error(getKeyTag(), "openSession failed, tokenID=" + this.token.getTokenID());
            throw new DeviceOpenException(e);
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public boolean isOpened() {
        return this.session != null;
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public void close() {
        logout();
        if (this.session != null) {
            try {
                this.session.closeSession();
                LogUtil.debug(getKeyTag(), "closeSession success,sessionHandle=" + this.session.getSessionHandle());
            } catch (TokenException e) {
                Pkcs11Util.logError(getKeyTag(), e);
                LogUtil.error(getKeyTag(), "closeSession failed,sessionHandle" + this.session.getSessionHandle());
            }
            this.session = null;
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public void login(String str) throws LoginException {
        try {
            if (isLogined()) {
                return;
            }
            if (!isOpened()) {
                try {
                    open();
                } catch (Exception e) {
                    throw new LoginException(e);
                }
            }
            this.session.login(true, str.toCharArray());
            this.isLogined = true;
            LogUtil.debug(getKeyTag(), "login session success,sessionHandle=" + this.session.getSessionHandle());
        } catch (PKCS11Exception e2) {
            if (e2.getErrorCode() == 256) {
                this.isLogined = true;
                LogUtil.debug(getKeyTag(), "login session success(already login),sessionHandle=" + this.session.getSessionHandle());
            } else {
                Pkcs11Util.logError(getKeyTag(), e2);
                LogUtil.error(getKeyTag(), "login session failed,sessionHandle=" + this.session.getSessionHandle());
                throw new PasswordException(e2);
            }
        } catch (TokenException e3) {
            Pkcs11Util.logError(getKeyTag(), e3);
            try {
                String message = e3.getMessage();
                PasswordException passwordException = new PasswordException(e3);
                if ("0x000000A0".equals(message)) {
                    passwordException.setDetailMessage(String.format("数字证书密码错误，您还有%d次重试机会！", Long.valueOf(getDeviceInfo().getFreePrivateMemory())));
                } else if ("0x000000A4".equals(message)) {
                    passwordException.setDetailMessage("设备已锁定！");
                }
                throw passwordException;
            } catch (DeviceException e4) {
                throw new PasswordException(e4);
            }
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public void setPassword(String str, String str2) throws SetPasswordException, DeviceException {
        Device.DeviceInfo deviceInfo = getDeviceInfo();
        if (str2.length() < deviceInfo.getMinPinLen() || str2.length() > deviceInfo.getMaxPinLen()) {
            throw new IllegalArgumentException("密码长度不合法");
        }
        try {
            this.session.setPIN(str.toCharArray(), str2.toCharArray());
            LogUtil.debug(getKeyTag(), "setPIN sucess");
        } catch (TokenException e) {
            Pkcs11Util.logError(getKeyTag(), e);
            LogUtil.error(getKeyTag(), "setPIN failed");
            SetPasswordException setPasswordException = new SetPasswordException();
            String message = e.getMessage();
            if ("0x000000A0".equals(message)) {
                setPasswordException.setDetailMessage(String.format("数字证书密码错误，您还有%d次重试机会！", Long.valueOf(getDeviceInfo().getFreePrivateMemory())));
            } else if ("0x000000A4".equals(message)) {
                setPasswordException.setDetailMessage("设备已锁定！");
            }
            throw setPasswordException;
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public void initPassword(String str, String str2) throws SetPasswordException, DeviceException {
        Device.DeviceInfo deviceInfo = getDeviceInfo();
        if (str2.length() < deviceInfo.getMinPinLen() || str2.length() > deviceInfo.getMaxPinLen()) {
            throw new IllegalArgumentException("密码长度不合法");
        }
        try {
            this.session.login(false, str.toCharArray());
            LogUtil.debug(getKeyTag(), "login SO success");
            this.session.initPIN(str2.toCharArray());
            LogUtil.debug(getKeyTag(), "initPIN success");
            this.session.logout();
        } catch (TokenException e) {
            Pkcs11Util.logError(getKeyTag(), e);
            LogUtil.error(getKeyTag(), "initPIN failed");
            throw new SetPasswordException(e);
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public boolean isLogined() {
        return this.isLogined;
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public void logout() {
        if (isLogined()) {
            try {
                this.session.logout();
                LogUtil.debug(getKeyTag(), "logout session success");
            } catch (TokenException e) {
                Pkcs11Util.logError(getKeyTag(), e);
                LogUtil.error(getKeyTag(), "logout session failed");
            }
            this.isLogined = false;
        }
    }

    private X509PublicKeyCertificate[] findCerts() throws DeviceException {
        try {
            try {
                X509PublicKeyCertificate x509PublicKeyCertificate = new X509PublicKeyCertificate();
                x509PublicKeyCertificate.getToken().setBooleanValue(Boolean.TRUE);
                this.session.findObjectsInit(x509PublicKeyCertificate);
                Object[] findObjects = this.session.findObjects(MaxObjectCount);
                X509PublicKeyCertificate[] x509PublicKeyCertificateArr = new X509PublicKeyCertificate[findObjects.length];
                for (int i = 0; i < findObjects.length; i++) {
                    x509PublicKeyCertificateArr[i] = (X509PublicKeyCertificate) findObjects[i];
                }
                try {
                    this.session.findObjectsFinal();
                    return x509PublicKeyCertificateArr;
                } catch (TokenException e) {
                    Pkcs11Util.logError(getKeyTag(), e);
                    throw new DeviceException(e);
                }
            } catch (TokenException e2) {
                Pkcs11Util.logError(getKeyTag(), e2);
                throw new DeviceException(e2);
            }
        } catch (Throwable th) {
            try {
                this.session.findObjectsFinal();
                throw th;
            } catch (TokenException e3) {
                Pkcs11Util.logError(getKeyTag(), e3);
                throw new DeviceException(e3);
            }
        }
    }

    private RSAPublicKey findPublicKeyByCert(X509PublicKeyCertificate x509PublicKeyCertificate) throws DeviceException {
        try {
            try {
                RSAPublicKey rSAPublicKey = new RSAPublicKey();
                ByteArrayAttribute id = x509PublicKeyCertificate.getId();
                if (id == null) {
                    try {
                        this.session.findObjectsFinal();
                        return null;
                    } catch (TokenException e) {
                        Pkcs11Util.logError(getKeyTag(), e);
                        throw new DeviceException(e);
                    }
                }
                rSAPublicKey.getId().setByteArrayValue(id.getByteArrayValue());
                this.session.findObjectsInit(rSAPublicKey);
                Object[] findObjects = this.session.findObjects(MaxObjectCount);
                if (findObjects == null || findObjects.length < 1) {
                    try {
                        this.session.findObjectsFinal();
                        return null;
                    } catch (TokenException e2) {
                        Pkcs11Util.logError(getKeyTag(), e2);
                        throw new DeviceException(e2);
                    }
                }
                RSAPublicKey rSAPublicKey2 = (RSAPublicKey) findObjects[0];
                try {
                    this.session.findObjectsFinal();
                    return rSAPublicKey2;
                } catch (TokenException e3) {
                    Pkcs11Util.logError(getKeyTag(), e3);
                    throw new DeviceException(e3);
                }
            } catch (TokenException e4) {
                Pkcs11Util.logError(getKeyTag(), e4);
                throw new DeviceException(e4);
            }
        } catch (Throwable th) {
            try {
                this.session.findObjectsFinal();
                throw th;
            } catch (TokenException e5) {
                Pkcs11Util.logError(getKeyTag(), e5);
                throw new DeviceException(e5);
            }
        }
    }

    private ContainerPkcs11 getContainer(List<ContainerPkcs11> list, String str) {
        for (ContainerPkcs11 containerPkcs11 : list) {
            if (containerPkcs11.getContainerSubjectName().equals(str)) {
                return containerPkcs11;
            }
        }
        return null;
    }

    private void putCert(List<ContainerPkcs11> list, X509PublicKeyCertificate x509PublicKeyCertificate, RSAPublicKey rSAPublicKey) {
        if (x509PublicKeyCertificate == null || rSAPublicKey == null) {
            return;
        }
        try {
            CertImp certImp = new CertImp(x509PublicKeyCertificate.getValue().getByteArrayValue());
            ContainerPkcs11 container = getContainer(list, certImp.getSubject());
            if (container == null) {
                ContainerPkcs11 containerPkcs11 = new ContainerPkcs11(this, certImp.isSM2Cert() ? Container.TYPE_SM2 : Container.TYPE_RSA);
                if (certImp.isSignCert()) {
                    containerPkcs11.setSignX509Cert(x509PublicKeyCertificate);
                    containerPkcs11.setSignPubKey(rSAPublicKey);
                    list.add(containerPkcs11);
                } else if (certImp.isEncryptCert()) {
                    containerPkcs11.setCryptX509Cert(x509PublicKeyCertificate);
                    containerPkcs11.setCryptPubKey(rSAPublicKey);
                    list.add(containerPkcs11);
                }
            } else if (certImp.isSignCert()) {
                container.setSignX509Cert(x509PublicKeyCertificate);
                container.setSignPubKey(rSAPublicKey);
            } else if (certImp.isEncryptCert()) {
                container.setCryptX509Cert(x509PublicKeyCertificate);
                container.setCryptPubKey(rSAPublicKey);
            }
        } catch (Exception e) {
            LogUtil.error(getKeyTag(), "put cert to container failed");
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public List<? extends Container> listContainer() throws DeviceException {
        checkDeviceOpened();
        ArrayList arrayList = new ArrayList();
        X509PublicKeyCertificate[] findCerts = findCerts();
        if (findCerts == null) {
            return arrayList;
        }
        for (X509PublicKeyCertificate x509PublicKeyCertificate : findCerts) {
            putCert(arrayList, x509PublicKeyCertificate, findPublicKeyByCert(x509PublicKeyCertificate));
        }
        return arrayList;
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public String[] supportSymCryptAlgs() {
        try {
            checkDeviceOpened();
            Mechanism[] mechanismList = this.session.getToken().getMechanismList();
            ArrayList arrayList = new ArrayList();
            MechanismConfig[] symCryptMechanism = ((ProviderConfigPkcs11) getProvider().getConfig()).getSymCryptMechanism();
            for (Mechanism mechanism : mechanismList) {
                long mechanismCode = mechanism.getMechanismCode();
                if (mechanismCode == Mechanism.DES_ECB.getMechanismCode()) {
                    arrayList.add(SymCrypter.DES_ECB_NoPadding);
                } else if (mechanismCode == Mechanism.DES_CBC.getMechanismCode()) {
                    arrayList.add(SymCrypter.DES_CBC_NoPadding);
                } else if (mechanismCode == Mechanism.DES_CBC_PAD.getMechanismCode()) {
                    arrayList.add(SymCrypter.DES_CBC_PKCS5Padding);
                } else if (mechanismCode == Mechanism.DES3_ECB.getMechanismCode()) {
                    arrayList.add(SymCrypter.DESede_ECB_NoPadding);
                } else if (mechanismCode == Mechanism.DES3_CBC.getMechanismCode()) {
                    arrayList.add(SymCrypter.DESede_CBC_NoPadding);
                } else if (mechanismCode == Mechanism.DES3_CBC_PAD.getMechanismCode()) {
                    arrayList.add(SymCrypter.DESede_CBC_PKCS5Padding);
                } else if (mechanismCode == Mechanism.AES_ECB.getMechanismCode()) {
                    arrayList.add(SymCrypter.AES_ECB_NoPadding);
                } else if (mechanismCode == Mechanism.AES_CBC.getMechanismCode()) {
                    arrayList.add(SymCrypter.AES_CBC_NoPadding);
                } else if (mechanismCode == Mechanism.AES_CBC_PAD.getMechanismCode()) {
                    arrayList.add(SymCrypter.AES_CBC_PKCS5Padding);
                } else if (symCryptMechanism != null) {
                    for (int i = 0; i < symCryptMechanism.length; i++) {
                        if (mechanism.getMechanismCode() == symCryptMechanism[i].getMechanism()) {
                            arrayList.add(symCryptMechanism[i].getAlg());
                        }
                    }
                }
            }
            return (String[]) arrayList.toArray(new String[0]);
        } catch (Exception e) {
            return new String[0];
        }
    }

    Mechanism getSymCryptKeyGenMechanism(String str) throws NoSuchAlgorithmException {
        if (str.startsWith("DES/")) {
            return Mechanism.DES_KEY_GEN;
        }
        if (str.startsWith("DESede/")) {
            return Mechanism.DES3_KEY_GEN;
        }
        if (str.startsWith("AES/")) {
            return Mechanism.AES_KEY_GEN;
        }
        MechanismConfig[] symKeyGenMechanism = ((ProviderConfigPkcs11) getProvider().getConfig()).getSymKeyGenMechanism();
        if (symKeyGenMechanism != null) {
            for (int i = 0; i < symKeyGenMechanism.length; i++) {
                if (str.startsWith(symKeyGenMechanism[i].getAlg())) {
                    return new Mechanism(symKeyGenMechanism[i].getMechanism());
                }
            }
        }
        throw new NoSuchAlgorithmException("算法" + str + "不支持");
    }

    Mechanism getSymCryptMechanism(String str, byte[] bArr) throws NoSuchAlgorithmException {
        Mechanism mechanism = null;
        if (str.equals(SymCrypter.DES_ECB_NoPadding)) {
            mechanism = Mechanism.DES_ECB;
        } else if (str.equals(SymCrypter.DES_CBC_NoPadding)) {
            mechanism = Mechanism.DES_CBC;
        } else if (str.equals(SymCrypter.DES_CBC_PKCS5Padding)) {
            mechanism = Mechanism.DES_CBC_PAD;
        }
        if (str.equals(SymCrypter.DESede_ECB_NoPadding)) {
            mechanism = Mechanism.DES3_ECB;
        } else if (str.equals(SymCrypter.DESede_CBC_NoPadding)) {
            mechanism = Mechanism.DES3_CBC;
        } else if (str.equals(SymCrypter.DESede_CBC_PKCS5Padding)) {
            mechanism = Mechanism.DES3_CBC_PAD;
        }
        if (str.equals(SymCrypter.AES_ECB_NoPadding)) {
            mechanism = Mechanism.AES_ECB;
        } else if (str.equals(SymCrypter.AES_CBC_NoPadding)) {
            mechanism = Mechanism.AES_CBC;
        } else if (str.equals(SymCrypter.AES_CBC_PKCS5Padding)) {
            mechanism = Mechanism.AES_CBC_PAD;
        } else {
            MechanismConfig[] symCryptMechanism = ((ProviderConfigPkcs11) getProvider().getConfig()).getSymCryptMechanism();
            if (symCryptMechanism != null) {
                int i = 0;
                while (true) {
                    if (i >= symCryptMechanism.length) {
                        break;
                    }
                    if (str.equals(symCryptMechanism[i].getAlg())) {
                        mechanism = new Mechanism(symCryptMechanism[i].getMechanism());
                        break;
                    }
                    i++;
                }
            }
        }
        if (mechanism == null) {
            throw new NoSuchAlgorithmException("算法" + str + "不支持");
        }
        if (!SymCrypterBase.isNeedIv(str)) {
            return mechanism;
        }
        Mechanism mechanism2 = new Mechanism(mechanism.getMechanismCode());
        mechanism2.setParameters(new InitializationVectorParameters(bArr));
        return mechanism2;
    }

    SecretKey createSymCryptKey(String str, byte[] bArr) throws NoSuchAlgorithmException {
        if (str.startsWith("DES/")) {
            DESSecretKey dESSecretKey = new DESSecretKey();
            if (bArr != null) {
                dESSecretKey.getValue().setByteArrayValue(bArr);
            }
            return dESSecretKey;
        }
        if (str.startsWith("DESede/")) {
            DES3SecretKey dES3SecretKey = new DES3SecretKey();
            if (bArr != null) {
                dES3SecretKey.getValue().setByteArrayValue(bArr);
            }
            return dES3SecretKey;
        }
        if (str.startsWith("AES/")) {
            AESSecretKey aESSecretKey = new AESSecretKey();
            if (bArr != null) {
                aESSecretKey.getValue().setByteArrayValue(bArr);
            }
            return aESSecretKey;
        }
        KeyTypeConfig[] symKeyType = ((ProviderConfigPkcs11) getProvider().getConfig()).getSymKeyType();
        if (symKeyType != null) {
            for (int i = 0; i < symKeyType.length; i++) {
                if (str.startsWith(symKeyType[i].getAlg())) {
                    CommonSecretKey commonSecretKey = new CommonSecretKey(symKeyType[i].getKeyType());
                    if (bArr != null) {
                        commonSecretKey.getValue().setByteArrayValue(bArr);
                    }
                    return commonSecretKey;
                }
            }
        }
        throw new NoSuchAlgorithmException("算法" + str + "不支持");
    }

    SecretKey createSymCryptKey(String str) throws NoSuchAlgorithmException {
        return createSymCryptKey(str, null);
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public SymCrypter createSymCrypter(String str, boolean z, SKey sKey, byte[] bArr) throws SymCryptException, DeviceException {
        checkDeviceOpened();
        try {
            Mechanism symCryptMechanism = getSymCryptMechanism(str, bArr);
            if (z) {
                this.session.encryptInit(symCryptMechanism, ((SKeyPkcs11) sKey).getP11Key());
                LogUtil.debug(getKeyTag(), "encryptInit success");
            } else {
                this.session.decryptInit(symCryptMechanism, ((SKeyPkcs11) sKey).getP11Key());
                LogUtil.debug(getKeyTag(), "decryptInit success");
            }
            return new SymCrypterPkcs11(this.session, z, str);
        } catch (Exception e) {
            Pkcs11Util.logError(getKeyTag(), e);
            LogUtil.error(getKeyTag(), "encryptInit or decryptInit failed");
            throw new SymCryptException(e);
        }
    }

    byte[] getSecretKeyValue(SecretKey secretKey) throws TokenException {
        return DefinedSecretKey.getInstance(this.session, secretKey).getValue().getByteArrayValue();
    }

    void deleteKeyIfExist(String str) throws DeviceException, KeyException {
        try {
            deleteKey(getKey(str));
        } catch (KeyException e) {
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public SKey generateKey(String str, String str2) throws KeyException, DeviceException {
        checkDeviceOpened();
        deleteKeyIfExist(str);
        try {
            Mechanism symCryptKeyGenMechanism = getSymCryptKeyGenMechanism(str2);
            SecretKey createSymCryptKey = createSymCryptKey(str2);
            createSymCryptKey.getToken().setBooleanValue(Boolean.TRUE);
            createSymCryptKey.getLabel().setCharArrayValue(str.toCharArray());
            createSymCryptKey.getPrivate().setBooleanValue(Boolean.FALSE);
            createSymCryptKey.getEncrypt().setBooleanValue(Boolean.TRUE);
            createSymCryptKey.getDecrypt().setBooleanValue(Boolean.TRUE);
            SecretKey secretKey = (SecretKey) this.session.generateKey(symCryptKeyGenMechanism, createSymCryptKey);
            LogUtil.debug(getKeyTag(), "generateKey success");
            return new SKeyPkcs11(str, getSecretKeyValue(secretKey), secretKey);
        } catch (Exception e) {
            Pkcs11Util.logError(getKeyTag(), e);
            LogUtil.error(getKeyTag(), "generateKey failed");
            throw new KeyException(e);
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public SKey importKey(String str, String str2, byte[] bArr) throws KeyException, DeviceException {
        checkDeviceOpened();
        deleteKeyIfExist(str);
        try {
            SecretKey createSymCryptKey = createSymCryptKey(str2, bArr);
            createSymCryptKey.getToken().setBooleanValue(Boolean.TRUE);
            createSymCryptKey.getLabel().setCharArrayValue(str.toCharArray());
            createSymCryptKey.getPrivate().setBooleanValue(Boolean.FALSE);
            createSymCryptKey.getEncrypt().setBooleanValue(Boolean.TRUE);
            createSymCryptKey.getDecrypt().setBooleanValue(Boolean.TRUE);
            SecretKey secretKey = (SecretKey) this.session.createObject(createSymCryptKey);
            LogUtil.debug(getKeyTag(), "createObject skey success");
            return new SKeyPkcs11(str, bArr, secretKey);
        } catch (Exception e) {
            Pkcs11Util.logError(getKeyTag(), e);
            LogUtil.error(getKeyTag(), "createObject skey failed");
            throw new KeyException(e);
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public SKey getKey(String str) throws KeyException, DeviceException {
        checkDeviceOpened();
        SecretKey secretKey = new SecretKey();
        secretKey.getLabel().setCharArrayValue(str.toCharArray());
        secretKey.getToken().setBooleanValue(Boolean.TRUE);
        try {
            try {
                this.session.findObjectsInit(secretKey);
                Object[] findObjects = this.session.findObjects(MaxObjectCount);
                if (findObjects == null || findObjects.length == 0) {
                    LogUtil.debug(getKeyTag(), "can not find skey " + str);
                    throw new KeyException();
                }
                SecretKey secretKey2 = (SecretKey) findObjects[0];
                return new SKeyPkcs11(str, getSecretKeyValue(secretKey2), secretKey2);
            } catch (TokenException e) {
                Pkcs11Util.logError(getKeyTag(), e);
                LogUtil.error(getKeyTag(), "find key " + str + " failed");
                throw new KeyException(e);
            }
        } finally {
            try {
                this.session.findObjectsFinal();
            } catch (Exception e2) {
                Pkcs11Util.logError(getKeyTag(), e2);
            }
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public void deleteKey(SKey sKey) throws KeyException, DeviceException {
        checkDeviceOpened();
        try {
            this.session.destroyObject(((SKeyPkcs11) sKey).getP11Key());
            LogUtil.debug(getKeyTag(), "delete key " + sKey.getName() + " success");
        } catch (Exception e) {
            Pkcs11Util.logError(getKeyTag(), e);
            LogUtil.error(getKeyTag(), "delete key " + sKey.getName() + " failed");
            throw new KeyException(e);
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public byte[] getRandom(int i) throws DeviceException {
        try {
            checkDeviceOpened();
            return this.session.generateRandom(i);
        } catch (Exception e) {
            Pkcs11Util.logError(getKeyTag(), e);
            LogUtil.error(getKeyTag(), "generateRandom failed");
            throw new DeviceException(e);
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public byte[] readData(String str) throws DataException, DeviceException, LoginException {
        checkDeviceOpened();
        Data data = new Data();
        data.getLabel().setCharArrayValue(str.toCharArray());
        data.getToken().setBooleanValue(Boolean.TRUE);
        try {
            try {
                this.session.findObjectsInit(data);
                Object[] findObjects = this.session.findObjects(MaxObjectCount);
                if (findObjects == null || findObjects.length == 0) {
                    LogUtil.debug(getKeyTag(), "can not find data " + str);
                    throw new DataException();
                }
                Data data2 = (Data) findObjects[0];
                BooleanAttribute booleanAttribute = data2.getPrivate();
                if (booleanAttribute != null && booleanAttribute.getBooleanValue().booleanValue()) {
                    login();
                }
                return data2.getValue().getByteArrayValue();
            } finally {
                try {
                    this.session.findObjectsFinal();
                } catch (Exception e) {
                    Pkcs11Util.logError(getKeyTag(), e);
                }
            }
        } catch (TokenException e2) {
            Pkcs11Util.logError(getKeyTag(), e2);
            LogUtil.error(getKeyTag(), "find data " + str + " failed");
            throw new DataException(e2);
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public void writeData(String str, byte[] bArr, boolean z) throws DataException, DeviceException, LoginException {
        checkDeviceOpened();
        login();
        deleteData(str);
        try {
            Data data = new Data();
            data.getToken().setBooleanValue(Boolean.TRUE);
            data.getLabel().setCharArrayValue(str.toCharArray());
            data.getValue().setByteArrayValue(bArr);
            data.getPrivate().setBooleanValue(new Boolean(z));
            this.session.createObject(data);
            LogUtil.debug(getKeyTag(), "createObject data success");
        } catch (Exception e) {
            Pkcs11Util.logError(getKeyTag(), e);
            LogUtil.error(getKeyTag(), "createObject data failed");
            throw new DataException(e);
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public void deleteData(String str) throws DataException, DeviceException, LoginException {
        checkDeviceOpened();
        login();
        Data data = new Data();
        data.getLabel().setCharArrayValue(str.toCharArray());
        data.getToken().setBooleanValue(Boolean.TRUE);
        try {
            try {
                this.session.findObjectsInit(data);
                Object[] findObjects = this.session.findObjects(MaxObjectCount);
                if (findObjects != null) {
                    if (findObjects.length != 0) {
                        try {
                            this.session.destroyObject(findObjects[0]);
                            LogUtil.debug(getKeyTag(), "delete key " + str + " success");
                            return;
                        } catch (Exception e) {
                            Pkcs11Util.logError(getKeyTag(), e);
                            LogUtil.error(getKeyTag(), "delete key " + str + " failed");
                            throw new DataException(e);
                        }
                    }
                }
                try {
                    this.session.findObjectsFinal();
                } catch (Exception e2) {
                    Pkcs11Util.logError(getKeyTag(), e2);
                }
            } catch (TokenException e3) {
                Pkcs11Util.logError(getKeyTag(), e3);
                LogUtil.error(getKeyTag(), "find data " + str + " failed");
                throw new DataException(e3);
            }
        } finally {
            try {
                this.session.findObjectsFinal();
            } catch (Exception e4) {
                Pkcs11Util.logError(getKeyTag(), e4);
            }
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public String[] enumData() throws DataException, DeviceException {
        Data data = new Data();
        data.getToken().setBooleanValue(Boolean.TRUE);
        try {
            try {
                this.session.findObjectsInit(data);
                Object[] findObjects = this.session.findObjects(MaxObjectCount);
                if (findObjects == null || findObjects.length == 0) {
                    return new String[0];
                }
                String[] strArr = new String[findObjects.length];
                for (int i = 0; i < findObjects.length; i++) {
                    strArr[i] = new String(((Data) findObjects[i]).getLabel().getCharArrayValue());
                }
                try {
                    this.session.findObjectsFinal();
                } catch (Exception e) {
                    Pkcs11Util.logError(getKeyTag(), e);
                }
                return strArr;
            } catch (TokenException e2) {
                Pkcs11Util.logError(getKeyTag(), e2);
                LogUtil.error(getKeyTag(), "enum data failed");
                throw new DataException(e2);
            }
        } finally {
            try {
                this.session.findObjectsFinal();
            } catch (Exception e3) {
                Pkcs11Util.logError(getKeyTag(), e3);
            }
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public void format(String str, String str2) throws FormatDeviceException, DeviceException {
        try {
            this.token.initToken(str.toCharArray(), str2);
            if (!isOpened()) {
                open();
            }
            initPassword(str, "123456");
        } catch (Exception e) {
            Pkcs11Util.logError(getKeyTag(), e);
            LogUtil.error(getKeyTag(), "format key" + str2 + " failed");
            throw new FormatDeviceException(e);
        }
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public Container createContainer(String str) throws ContainerException, DeviceException, LoginException {
        checkDeviceOpened();
        login();
        return new ContainerPkcs11(this, str);
    }

    @Override // com.hebca.crypto.imp.DeviceBase, com.hebca.crypto.Device
    public void deleteContainer(Container container) throws ContainerException, DeviceException, LoginException {
        ContainerPkcs11 containerPkcs11 = (ContainerPkcs11) container;
        checkDeviceOpened();
        login();
        try {
            if (containerPkcs11.getSignPubKey() != null) {
                this.session.destroyObject(containerPkcs11.getSignPubKey());
            }
            if (containerPkcs11.getCryptPubKey() != null) {
                this.session.destroyObject(containerPkcs11.getCryptPubKey());
            }
            if (containerPkcs11.getSignPriKey() != null) {
                this.session.destroyObject(containerPkcs11.getSignPriKey());
            }
            if (containerPkcs11.getCryptPriKey() != null) {
                this.session.destroyObject(containerPkcs11.getCryptPriKey());
            }
            if (containerPkcs11.getSignX509Cert() != null) {
                this.session.destroyObject(containerPkcs11.getSignX509Cert());
            }
            if (containerPkcs11.getCryptX509Cert() != null) {
                this.session.destroyObject(containerPkcs11.getCryptX509Cert());
            }
        } catch (Exception e) {
            Pkcs11Util.logError(getKeyTag(), e);
            LogUtil.error(getKeyTag(), "delete container failed");
            throw new ContainerException(e);
        }
    }
}
