package sun.security.pkcs11;

import java.io.NotSerializableException;
import java.io.ObjectStreamException;
import java.io.Serializable;
import java.lang.ref.Reference;
import java.lang.ref.WeakReference;
import java.security.ProviderException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.login.LoginException;
import sun.security.jca.JCAUtil;
import sun.security.pkcs11.wrapper.CK_ATTRIBUTE;
import sun.security.pkcs11.wrapper.CK_SESSION_INFO;
import sun.security.pkcs11.wrapper.CK_TOKEN_INFO;
import sun.security.pkcs11.wrapper.PKCS11;
import sun.security.pkcs11.wrapper.PKCS11Exception;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class Token implements Serializable {
    private static final long CHECK_INTERVAL = 50;
    private static final long serialVersionUID = 2541527649100571747L;
    final Config config;
    private volatile P11KeyFactory dhFactory;
    private volatile P11KeyFactory dsaFactory;
    final boolean explicitCancel;
    private volatile P11KeyStore keyStore;
    private long lastLoginCheck;
    private long lastPresentCheck;
    private volatile boolean loggedIn;
    final PKCS11 p11;
    final KeyCache privateCache;
    final SunPKCS11 provider;
    private final boolean removable;
    private volatile P11KeyFactory rsaFactory;
    final KeyCache secretCache;
    private volatile P11SecureRandom secureRandom;
    final SessionManager sessionManager;
    private final TemplateManager templateManager;
    private byte[] tokenId;
    final CK_TOKEN_INFO tokenInfo;
    private volatile boolean valid = true;
    private boolean writeProtected;
    private static final Object CHECK_LOCK = new Object();
    private static final List<Reference<Token>> serializedTokens = new ArrayList();

    /* loaded from: classes2.dex */
    private static class TokenRep implements Serializable {
        private static final long serialVersionUID = 3503721168218219807L;
        private final byte[] tokenId;

        TokenRep(Token token) {
            this.tokenId = token.getTokenId();
        }

        private Object readResolve() throws ObjectStreamException {
            Iterator it = Token.serializedTokens.iterator();
            while (it.hasNext()) {
                Token token = (Token) ((Reference) it.next()).get();
                if (token != null && token.isValid() && Arrays.equals(token.getTokenId(), this.tokenId)) {
                    return token;
                }
            }
            throw new NotSerializableException("Could not find token");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Token(SunPKCS11 sunPKCS11) throws PKCS11Exception {
        SessionManager sessionManager;
        this.provider = sunPKCS11;
        this.removable = sunPKCS11.removable;
        PKCS11 pkcs11 = sunPKCS11.p11;
        this.p11 = pkcs11;
        this.config = sunPKCS11.config;
        CK_TOKEN_INFO C_GetTokenInfo = pkcs11.C_GetTokenInfo(sunPKCS11.slotID);
        this.tokenInfo = C_GetTokenInfo;
        this.writeProtected = (C_GetTokenInfo.flags & 2) != 0;
        try {
            sessionManager = new SessionManager(this);
            sessionManager.releaseSession(sessionManager.getOpSession());
        } catch (PKCS11Exception e) {
            if (this.writeProtected) {
                throw e;
            }
            this.writeProtected = true;
            sessionManager = new SessionManager(this);
            sessionManager.releaseSession(sessionManager.getOpSession());
        }
        this.sessionManager = sessionManager;
        this.secretCache = new KeyCache();
        this.privateCache = new KeyCache();
        this.templateManager = this.config.getTemplateManager();
        this.explicitCancel = this.config.getExplicitCancel();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized byte[] getTokenId() {
        if (this.tokenId == null) {
            SecureRandom secureRandom = JCAUtil.getSecureRandom();
            byte[] bArr = new byte[20];
            this.tokenId = bArr;
            secureRandom.nextBytes(bArr);
            serializedTokens.add(new WeakReference(this));
        }
        return this.tokenId;
    }

    private Object writeReplace() throws ObjectStreamException {
        if (isValid()) {
            return new TokenRep(this);
        }
        throw new NotSerializableException("Token has been removed");
    }

    void destroy() {
        this.valid = false;
        this.provider.uninitToken(this);
    }

    void ensureLoggedIn(Session session) throws PKCS11Exception, LoginException {
        if (isLoggedIn(session)) {
            return;
        }
        this.provider.login(null, null);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void ensureValid() {
        if (!isValid()) {
            throw new ProviderException("Token has been removed");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CK_ATTRIBUTE[] getAttributes(String str, long j, long j2, CK_ATTRIBUTE[] ck_attributeArr) throws PKCS11Exception {
        CK_ATTRIBUTE[] attributes = this.templateManager.getAttributes(str, j, j2, ck_attributeArr);
        int length = attributes.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            CK_ATTRIBUTE ck_attribute = attributes[i];
            if (ck_attribute.type != 1) {
                i++;
            } else if (ck_attribute.getBoolean()) {
                try {
                    ensureLoggedIn(null);
                } catch (LoginException e) {
                    throw new ProviderException("Login failed", e);
                }
            }
        }
        return attributes;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public P11KeyFactory getKeyFactory(String str) {
        if (str.equals("RSA")) {
            P11KeyFactory p11KeyFactory = this.rsaFactory;
            if (p11KeyFactory != null) {
                return p11KeyFactory;
            }
            P11RSAKeyFactory p11RSAKeyFactory = new P11RSAKeyFactory(this, str);
            this.rsaFactory = p11RSAKeyFactory;
            return p11RSAKeyFactory;
        }
        if (str.equals("DSA")) {
            P11KeyFactory p11KeyFactory2 = this.dsaFactory;
            if (p11KeyFactory2 != null) {
                return p11KeyFactory2;
            }
            P11DSAKeyFactory p11DSAKeyFactory = new P11DSAKeyFactory(this, str);
            this.dsaFactory = p11DSAKeyFactory;
            return p11DSAKeyFactory;
        }
        if (!str.equals("DH")) {
            throw new ProviderException("Unknown algorithm " + str);
        }
        P11KeyFactory p11KeyFactory3 = this.dhFactory;
        if (p11KeyFactory3 != null) {
            return p11KeyFactory3;
        }
        P11DHKeyFactory p11DHKeyFactory = new P11DHKeyFactory(this, str);
        this.dhFactory = p11DHKeyFactory;
        return p11DHKeyFactory;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public P11KeyStore getKeyStore() {
        if (this.keyStore == null) {
            this.keyStore = new P11KeyStore(this);
        }
        return this.keyStore;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Session getObjSession() throws PKCS11Exception {
        return this.sessionManager.getObjSession();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Session getOpSession() throws PKCS11Exception {
        return this.sessionManager.getOpSession();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public P11SecureRandom getRandom() {
        if (this.secureRandom == null) {
            this.secureRandom = new P11SecureRandom(this);
        }
        return this.secureRandom;
    }

    boolean isLoggedIn(Session session) throws PKCS11Exception {
        boolean z = this.loggedIn;
        long currentTimeMillis = System.currentTimeMillis();
        if (currentTimeMillis - this.lastLoginCheck <= 50) {
            return z;
        }
        boolean isLoggedInNow = isLoggedInNow(session);
        this.lastLoginCheck = currentTimeMillis;
        return isLoggedInNow;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isLoggedInNow(Session session) throws PKCS11Exception {
        boolean z = true;
        boolean z2 = session == null;
        if (z2) {
            try {
                session = getOpSession();
            } finally {
                if (z2) {
                    releaseSession(session);
                }
            }
        }
        CK_SESSION_INFO C_GetSessionInfo = this.p11.C_GetSessionInfo(session.id());
        if (C_GetSessionInfo.state != 1 && C_GetSessionInfo.state != 3) {
            z = false;
        }
        this.loggedIn = z;
        return z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isPresent(Session session) {
        boolean z = true;
        if (!this.removable) {
            return true;
        }
        boolean z2 = false;
        if (!this.valid) {
            return false;
        }
        long currentTimeMillis = System.currentTimeMillis();
        if (currentTimeMillis - this.lastPresentCheck >= 50) {
            synchronized (CHECK_LOCK) {
                if (currentTimeMillis - this.lastPresentCheck >= 50) {
                    try {
                        if ((this.provider.p11.C_GetSlotInfo(this.provider.slotID).flags & 1) != 0) {
                            this.provider.p11.C_GetSessionInfo(session.idInternal());
                        } else {
                            z = false;
                        }
                        z2 = z;
                    } catch (PKCS11Exception unused) {
                    }
                    this.valid = z2;
                    this.lastPresentCheck = System.currentTimeMillis();
                    if (!z2) {
                        destroy();
                    }
                }
            }
        }
        return this.valid;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isValid() {
        if (this.removable) {
            return this.valid;
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isWriteProtected() {
        return this.writeProtected;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Session killSession(Session session) {
        return this.sessionManager.killSession(session);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Session releaseSession(Session session) {
        return this.sessionManager.releaseSession(session);
    }
}
