package com.cfca.util.pki.cipher.lib;

import com.cfca.util.pki.PKIBaseConfig;
import com.cfca.util.pki.PKIException;
import com.cfca.util.pki.Parser;
import com.cfca.util.pki.cipher.JCrypto;
import com.cfca.util.pki.cipher.JKey;
import com.cfca.util.pki.cipher.JKeyPair;
import com.cfca.util.pki.cipher.MainKey;
import com.cfca.util.pki.cipher.Mechanism;
import com.cfca.util.pki.cipher.Session;
import com.cfca.util.pki.cipher.TransKey;
import com.cfca.util.pki.cipher.param.GenKeyAttribute;
import com.cfca.util.pki.encoders.Base64;
import com.cfca.util.pki.encoders.Hex;
import com.cfca.util.pki.extension.SubjectAltNameExt;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.InputStream;
import java.util.Properties;
import javax.crypto.Cipher;

/* loaded from: input_file:com/cfca/util/pki/cipher/lib/PBOCHardLibForRacal.class */
public class PBOCHardLibForRacal implements Session {
    private static final String CFCA_CKR_HOST_MEMORY = "2";
    private static final String CFCA_CKR_FUNCTION_FAILED = "6";
    private static final String CFCA_CKR_ATTRIBUTE_READ_ONLY = "16";
    private static final String CFCA_CKR_DATA_INVALID = "32";
    private static final String CFCA_CKR_PIN_INCORRECT = "160";
    private static final String CFCA_CKR_PIN_INVALID = "161";
    private static final String CKC_KEYTYPE_RSA_PUBLICKEY = "1";
    private static final String CKC_KEYTYPE_RSA_PRIVATEKEY = "2";
    private static final String CKC_KEYTYPE_RSA_PUBLICKEYID = "16";
    private static final String CKC_KEYTYPE_RSA_PRIVATEKEYID = "32";
    private static final String CKC_KEYTYPE_RSA_ID = "152";
    private static final String CKC_KEYTYPE_MASTERKEYID = "153";
    private static final String CKC_KEYTYPE_TRANSFERKEYID = "154";
    private static final String CKC_KEYTYPE_TRANSFERKEYID_ENC = "155";
    private static final String CKC_KEYTYPE_TRANSFERKEYID_MAC = "156";
    private static final String CKC_KEYTYPE_WORKKEYID = "157";
    private static final String CKC_KEYTYPE_WORKKEYID_AC = "158";
    private static final String CKC_KEYTYPE_WORKKEYID_ENC = "159";
    private static final String CKC_KEYTYPE_WORKKEYID_MAC = "160";
    private static final String CKC_KEYTYPE_WORKKEYID_KMU = "161";
    private static final long RSA = 0;
    private static final long RSA_PKCS = 1;
    private static final long MD2_RSA_PKCS = 4;
    private static final long MD5_RSA_PKCS = 5;
    private static final long SHA1_RSA_PKCS = 6;
    private static final long ECC = 7;
    private static final long DES_KEY = 288;
    private static final long DES_ECB = 289;
    private static final long DES_CBC = 290;
    private static final long MD2 = 512;
    private static final long MD5 = 528;
    private static final long SHA1 = 544;
    private static final long RC2_KEY = 256;
    private static final long RC2_ECB = 257;
    private static final long RC2_CBC = 258;
    private static final long RC4_KEY = 272;
    private static final long RC4 = 273;
    private static final long DES3_KEY = 305;
    private static final long DES3_ECB = 306;
    private static final long DES3_CBC = 307;
    private static final long SSF33_KEY_GEN = 2147483696L;
    private static final long CKM_SSF33_ECB = 2147483697L;
    private static final long CKM_SSF33_CBC = 2147483698L;
    public static final String PROVIDER = "PBOCHardLib";
    private static final String CFCA_CKR_OK = "0";
    private static final String CFCA_CKR_SLOT_ID_INVALID = "3";
    private static final String CFCA_CKR_GENERAL_ERROR = "5";
    private static final String CFCA_CKR_ARGUMENTS_BAD = "7";
    private static final String CFCA_CKR_NO_EVENT = "8";
    private static final String CFCA_CKR_NEED_TO_CREATE_THREADS = "9";
    private static final String CFCA_CKR_CANT_LOCK = "10";
    private static final String CFCA_CKR_ATTRIBUTE_SENSITIVE = "17";
    private static final String CFCA_CKR_ATTRIBUTE_TYPE_INVALID = "18";
    private static final String CFCA_CKR_ATTRIBUTE_VALUE_INVALID = "19";
    private static final String CFCA_CKR_DATA_LEN_RANGE = "33";
    private static final String CFCA_CKR_DEVICE_ERROR = "48";
    private static final String CFCA_CKR_DEVICE_MEMORY = "49";
    private static final String CFCA_CKR_DEVICE_REMOVED = "50";
    private static final String CFCA_CKR_ENCRYPTED_DATA_INVALID = "64";
    private static final String CFCA_CKR_ENCRYPTED_DATA_LEN_RANGE = "65";
    private static final String CFCA_CKR_FUNCTION_CANCELED = "80";
    private static final String CFCA_CKR_FUNCTION_NOT_PARALLEL = "81";
    private static final String CFCA_CKR_FUNCTION_NOT_SUPPORTED = "84";
    private static final String CFCA_CKR_KEY_HANDLE_INVALID = "96";
    private static final String CFCA_CKR_KEY_SIZE_RANGE = "98";
    private static final String CFCA_CKR_KEY_TYPE_INCONSISTENT = "99";
    private static final String CFCA_CKR_KEY_NOT_NEEDED = "100";
    private static final String CFCA_CKR_KEY_CHANGED = "101";
    private static final String CFCA_CKR_KEY_NEEDED = "102";
    private static final String CFCA_CKR_KEY_INDIGESTIBLE = "103";
    private static final String CFCA_CKR_KEY_FUNCTION_NOT_PERMITTED = " 104";
    private static final String CFCA_CKR_KEY_NOT_WRAPPABLE = "105";
    private static final String CFCA_CKR_KEY_UNEXTRACTABLE = "106";
    private static final String CFCA_CKR_MECHANISM_INVALID = "112";
    private static final String CFCA_CKR_MECHANISM_PARAM_INVALID = "113";
    private static final String CFCA_CKR_OBJECT_HANDLE_INVALID = "130";
    private static final String CFCA_CKR_OPERATION_ACTIVE = "144";
    private static final String CFCA_CKR_OPERATION_NOT_INITIALIZED = "145";
    private static final String CFCA_CKR_PIN_LEN_RANGE = "162";
    private static final String CFCA_CKR_PIN_EXPIRED = "163";
    private static final String CFCA_CKR_PIN_LOCKED = "164";
    private static final String CFCA_CKR_SESSION_CLOSED = "176";
    private static final String CFCA_CKR_SESSION_COUNT = "177";
    private static final String CFCA_CKR_SESSION_HANDLE_INVALID = "179";
    private static final String CFCA_CKR_SESSION_PARALLEL_NOT_SUPPORTED = "180";
    private static final String CFCA_CKR_SESSION_READ_ONLY = "181";
    private static final String CFCA_CKR_SESSION_EXISTS = "182";
    private static final String CFCA_CKR_SESSION_READ_ONLY_EXISTS = "183";
    private static final String CFCA_CKR_SESSION_READ_WRITE_SO_EXISTS = "184";
    private static final String CFCA_CKR_SIGNATURE_INVALID = "192";
    private static final String CFCA_CKR_SIGNATURE_LEN_RANGE = "193";
    private static final String CFCA_CKR_TEMPLATE_INCOMPLETE = "208";
    private static final String CFCA_CKR_TEMPLATE_INCONSISTENT = "209";
    private static final String CFCA_CKR_TOKEN_NOT_PRESENT = "224";
    private static final String CFCA_CKR_TOKEN_NOT_RECOGNIZED = "225";
    private static final String CFCA_CKR_TOKEN_WRITE_PROTECTED = "226";
    private static final String CFCA_CKR_UNWRAPPING_KEY_HANDLE_INVALID = "240";
    private static final String CFCA_CKR_UNWRAPPING_KEY_SIZE_RANGE = "241";
    private static final String CFCA_CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT = "242";
    private static final String CFCA_CKR_USER_ALREADY_LOGGED_IN = "256";
    private static final String CFCA_CKR_USER_NOT_LOGGED_IN = "257";
    private static final String CFCA_CKR_USER_PIN_NOT_INITIALIZED = "258";
    private static final String CFCA_CKR_USER_TYPE_INVALID = "259";
    private static final String CFCA_CKR_USER_ANOTHER_ALREADY_LOGGED_IN = " 260";
    private static final String CFCA_CKR_USER_TOO_MANY_TYPES = "261";
    private static final String CFCA_CKR_WRAPPED_KEY_INVALID = "272";
    private static final String CFCA_CKR_WRAPPED_KEY_LEN_RANGE = "274";
    private static final String CFCA_CKR_WRAPPING_KEY_HANDLE_INVALID = "275";
    private static final String CFCA_CKR_WRAPPING_KEY_SIZE_RANGE = "276";
    private static final String CFCA_CKR_WRAPPING_KEY_TYPE_INCONSISTENT = "277";
    private static final String CFCA_CKR_RANDOM_SEED_NOT_SUPPORTED = "288";
    private static final String CFCA_CKR_RANDOM_NO_RNG = "289";
    private static final String CFCA_CKR_DOMAIN_PARAMS_INVALID = "304";
    private static final String CFCA_CKR_BUFFER_TOO_SMALL = "336";
    private static final String CFCA_CKR_SAVED_STATE_INVALID = "352";
    private static final String CFCA_CKR_INFORMATION_SENSITIVE = "368";
    private static final String CFCA_CKR_STATE_UNSAVEABLE = "384";
    private static final String CFCA_CKR_CRYPTOKI_NOT_INITIALIZED = "400";
    private static final String CFCA_CKR_CRYPTOKI_ALREADY_INITIALIZED = "401";
    private static final String CFCA_CKR_MUTEX_BAD = "416";
    private static final String CFCA_CKR_MUTEX_NOT_LOCKED = "417";
    private static final String CFCA_PARSE_FAIL = "4096";
    private static final String CFCA_CKR_OUTOFMEMORY = "4097";
    private static final String CFCA_CKR_MEMORYNOTNULL = "4098";
    private static final String CFCA_CKR_NOTSUPPORT = "4099";
    private static final String CFCA_LOADLIBRARY_FAIL = "4353";
    private static final String CFCA_GEFUNCTIONLIST_FAIL = "4354";
    private static final String CFCA_HANDLE_NULL = "4609";
    private static final String CFCA_FUNCTIONLISTPTR_NULL = "4610";
    private static final String CFCA_ENCRYPTLENGTH_NULL = "4611";
    private static final String CFCA_DECRYPTLENGTH_NULL = "4612";
    private static final String CFCA_CUSTOM_PRIVATEKEY_ERR = "4865";
    private static final String CFCA_CUSTOM_PUBLICKEY_ERR = "4866";
    private static final String CFCA_CUSTOM_LENGTH_INVALID = "5121";
    private static final String CFCA_KEYTYPE_INVALID = "5122";
    private static final String CFCA_KEYLENGTHE_INVALID = "5123";
    private static final String CFCA_MECHANISM_INVALID = "5124";
    private static final String CFCA_GETUNEXPORTPUBLICKEY_FAIL = "5377";
    private static final String CFCA_GETUNEXPORTPRIVATEKEY_FAIL = "5378";
    private static final String CFCA_GETMASTERKEY_FAIL = "5379";
    private static final String CFCA_GETKEYLENGTH_FAIL = "5380";
    private static final String CFCA_GETKEY_FAIL = "5381";
    private static final String CFCA_GETPUBLICKEY_FAIL = "5382";
    private static final String CFCA_GETPRIVATEKEY_FAIL = "5383";
    private static final String CFCA_GETCERT_FAIL = "5384";
    private static final String CFCA_CREATEPRIVATEKEY_FAIL = "5385";
    private static final String CFCA_ENCRYPTINIT_FAIL = "5386";
    private static final String CFCA_ENCRYPTUPDATE_FAIL = "5403";
    private static final String CFCA_ENCRYPTFINAL_FAIL = "5404";
    private static final String CFCA_DECRYPTINIT_FAIL = "5405";
    private static final String CFCA_DECRYPTUPDATE_FAIL = "5406";
    private static final String CFCA_DECRYPTFINAL_FAIL = "5407";
    private static final String CFCA_QUERYKEY_FAIL = "5501";
    private static final String CFCA_KEYDIV_FAIL = "5502";
    private static final String CFCA_DIVFACTOR_ERR = "5503";
    private static final String CFCA_GENTRANSFERKEY_FAIL = "5504";
    private static final String CFCA_GENWORKKEY_FAIL = "5505";
    private static final String CFCA_INDEXNOTEXIST_FAIL = "5506";
    private static final String CFCA_IMPORTKEY_FAIL = "5507";
    private static final String CFCA_EXPORTKEY_FAIL = "5508";
    private static final String CFCA_KEYID_LIMITED = "-5601";
    private static final String CFCA_KEYID_NONE = "-5602";
    private static final String CFCA_KEYID_EXIST = "-5603";
    private static final String CFCA_KEY_DSPLIMIT = "-5610";
    private static final String CFCA_DERCODE_FAIL = "-5620";
    private static final String CFCA_RSAKEY_LABELINVALID = "-5630";
    private static final String[][] hardException = {new String[]{CFCA_CKR_OK, "成功"}, new String[]{SubjectAltNameExt.DNS_TYPE_NAME, "内存错误"}, new String[]{CFCA_CKR_SLOT_ID_INVALID, "SLOTID无效"}, new String[]{CFCA_CKR_GENERAL_ERROR, "一般的错误"}, new String[]{"6", "函数错误"}, new String[]{CFCA_CKR_ARGUMENTS_BAD, "参数错误"}, new String[]{CFCA_CKR_NO_EVENT, "没有事件"}, new String[]{CFCA_CKR_NEED_TO_CREATE_THREADS, "需要创建线程"}, new String[]{CFCA_CKR_CANT_LOCK, "倾斜锁定"}, new String[]{"16", "属性只读"}, new String[]{CFCA_CKR_ATTRIBUTE_SENSITIVE, "属性敏感"}, new String[]{CFCA_CKR_ATTRIBUTE_TYPE_INVALID, "属性类型非法"}, new String[]{CFCA_CKR_ATTRIBUTE_VALUE_INVALID, "属性值无效"}, new String[]{"32", "数据无效"}, new String[]{CFCA_CKR_DATA_LEN_RANGE, "数据长度错误"}, new String[]{CFCA_CKR_DEVICE_ERROR, "设备错误"}, new String[]{CFCA_CKR_DEVICE_MEMORY, "设备内存出错"}, new String[]{CFCA_CKR_DEVICE_REMOVED, "设备已删除"}, new String[]{CFCA_CKR_ENCRYPTED_DATA_INVALID, "加密的数据无效"}, new String[]{CFCA_CKR_ENCRYPTED_DATA_LEN_RANGE, "加密的数据长度错误"}, new String[]{CFCA_CKR_FUNCTION_CANCELED, "接口已取消"}, new String[]{CFCA_CKR_FUNCTION_NOT_PARALLEL, "接口不能并行"}, new String[]{CFCA_CKR_FUNCTION_NOT_SUPPORTED, "不支持此接口"}, new String[]{CFCA_CKR_KEY_HANDLE_INVALID, "非法的密钥句柄"}, new String[]{CFCA_CKR_KEY_SIZE_RANGE, "密钥的长度错误"}, new String[]{CFCA_CKR_KEY_TYPE_INCONSISTENT, " 密钥类型矛盾"}, new String[]{CFCA_CKR_KEY_NOT_NEEDED, "不需要附加的密钥"}, new String[]{CFCA_CKR_KEY_CHANGED, "密钥已更改"}, new String[]{CFCA_CKR_KEY_NEEDED, "需要附加密钥"}, new String[]{CFCA_CKR_KEY_INDIGESTIBLE, "密钥不能被解析"}, new String[]{CFCA_CKR_KEY_FUNCTION_NOT_PERMITTED, "接口不允许"}, new String[]{CFCA_CKR_KEY_NOT_WRAPPABLE, "密钥不能打包"}, new String[]{CFCA_CKR_KEY_UNEXTRACTABLE, "指定的私有或保密密钥不能被打包"}, new String[]{CFCA_CKR_MECHANISM_INVALID, "无效的机制"}, new String[]{CFCA_CKR_MECHANISM_PARAM_INVALID, "无效的机制参数"}, new String[]{CFCA_CKR_OBJECT_HANDLE_INVALID, "非法的对象句柄"}, new String[]{CFCA_CKR_OPERATION_ACTIVE, "操作已激活"}, new String[]{CFCA_CKR_OPERATION_NOT_INITIALIZED, "操作没有初始化"}, new String[]{"160", "错误的PIN码"}, new String[]{"161", "无效的PIN"}, new String[]{CFCA_CKR_PIN_LEN_RANGE, "无效的PIN的长度"}, new String[]{CFCA_CKR_PIN_EXPIRED, "PIN码已经过期"}, new String[]{CFCA_CKR_PIN_LOCKED, "PIN码被锁定"}, new String[]{CFCA_CKR_SESSION_CLOSED, "会话已经关闭"}, new String[]{CFCA_CKR_SESSION_COUNT, "会话超出总数"}, new String[]{CFCA_CKR_SESSION_HANDLE_INVALID, "无效的会话句柄"}, new String[]{CFCA_CKR_SESSION_PARALLEL_NOT_SUPPORTED, "不支持并行"}, new String[]{CFCA_CKR_SESSION_READ_ONLY, "会话只读"}, new String[]{CFCA_CKR_SESSION_EXISTS, "会话已经存在"}, new String[]{CFCA_CKR_SESSION_READ_ONLY_EXISTS, "会话已经只读"}, new String[]{CFCA_CKR_SESSION_READ_WRITE_SO_EXISTS, "会话已经支持读写"}, new String[]{CFCA_CKR_SIGNATURE_INVALID, "签名无效"}, new String[]{CFCA_CKR_SIGNATURE_LEN_RANGE, "签名长度无效"}, new String[]{CFCA_CKR_TEMPLATE_INCOMPLETE, "模板未完成"}, new String[]{CFCA_CKR_TEMPLATE_INCONSISTENT, "模板不一致"}, new String[]{CFCA_CKR_TOKEN_NOT_PRESENT, "TOKEN不存在"}, new String[]{CFCA_CKR_TOKEN_NOT_RECOGNIZED, "TOKEN未识别"}, new String[]{CFCA_CKR_TOKEN_WRITE_PROTECTED, "TOKEN写保护"}, new String[]{CFCA_CKR_UNWRAPPING_KEY_HANDLE_INVALID, "无效的解包密钥句柄"}, new String[]{CFCA_CKR_UNWRAPPING_KEY_SIZE_RANGE, "接驳阿密钥尺寸过大"}, new String[]{CFCA_CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, "解包密钥类型不一致"}, new String[]{CFCA_CKR_USER_ALREADY_LOGGED_IN, "用户已登陆"}, new String[]{CFCA_CKR_USER_NOT_LOGGED_IN, "用户未登陆"}, new String[]{CFCA_CKR_USER_PIN_NOT_INITIALIZED, "用户PIN码未初始化"}, new String[]{CFCA_CKR_USER_TYPE_INVALID, "用户类型非法"}, new String[]{CFCA_CKR_USER_ANOTHER_ALREADY_LOGGED_IN, "另外用户已登陆"}, new String[]{CFCA_CKR_USER_TOO_MANY_TYPES, "用户类型太多"}, new String[]{CFCA_CKR_WRAPPED_KEY_INVALID, "打包密钥无效"}, new String[]{CFCA_CKR_WRAPPED_KEY_LEN_RANGE, "打包密钥过长"}, new String[]{CFCA_CKR_WRAPPING_KEY_HANDLE_INVALID, "打包密钥的句柄无效"}, new String[]{CFCA_CKR_WRAPPING_KEY_SIZE_RANGE, "打包密钥尺寸过大"}, new String[]{CFCA_CKR_WRAPPING_KEY_TYPE_INCONSISTENT, "打包密钥类型不一致"}, new String[]{CFCA_CKR_RANDOM_SEED_NOT_SUPPORTED, "不支持随机种子"}, new String[]{CFCA_CKR_RANDOM_NO_RNG, "没有随机数字产生器"}, new String[]{CFCA_CKR_DOMAIN_PARAMS_INVALID, "DOMAIN参数无效"}, new String[]{CFCA_CKR_BUFFER_TOO_SMALL, "分配的空间小"}, new String[]{CFCA_CKR_SAVED_STATE_INVALID, "保存的状态无效"}, new String[]{CFCA_CKR_INFORMATION_SENSITIVE, "信息敏感"}, new String[]{CFCA_CKR_STATE_UNSAVEABLE, "状态不能保存"}, new String[]{CFCA_CKR_CRYPTOKI_NOT_INITIALIZED, "加密库未初始化"}, new String[]{CFCA_CKR_CRYPTOKI_ALREADY_INITIALIZED, "加密库已经初始化"}, new String[]{CFCA_CKR_MUTEX_BAD, "互斥体坏"}, new String[]{CFCA_CKR_MUTEX_NOT_LOCKED, "互斥体未锁定"}, new String[]{CFCA_PARSE_FAIL, "解析加密机返回数据失败"}, new String[]{CFCA_CKR_OUTOFMEMORY, "内存不足"}, new String[]{CFCA_CKR_MEMORYNOTNULL, "传入内存参数不为空"}, new String[]{CFCA_CKR_NOTSUPPORT, "当前版本没有支持"}, new String[]{CFCA_LOADLIBRARY_FAIL, "加载P11库失败"}, new String[]{CFCA_GEFUNCTIONLIST_FAIL, "获取动态库函数列表失败"}, new String[]{CFCA_HANDLE_NULL, "句柄参数为空"}, new String[]{CFCA_FUNCTIONLISTPTR_NULL, "P11函数列表指针为空"}, new String[]{CFCA_ENCRYPTLENGTH_NULL, "加密后长度为零"}, new String[]{CFCA_DECRYPTLENGTH_NULL, "解密后长度为零"}, new String[]{CFCA_CUSTOM_PRIVATEKEY_ERR, "获取到的自定义私钥信息错误"}, new String[]{CFCA_CUSTOM_PUBLICKEY_ERR, "获取到的自定义公钥信息错误"}, new String[]{CFCA_CUSTOM_LENGTH_INVALID, "获取到的自定义数据长度非法"}, new String[]{CFCA_KEYTYPE_INVALID, "密钥类型不支持"}, new String[]{CFCA_KEYLENGTHE_INVALID, "密钥长度不支持"}, new String[]{CFCA_MECHANISM_INVALID, "算法不支持"}, new String[]{CFCA_GETUNEXPORTPUBLICKEY_FAIL, "没有找到不可导出密钥对中的公钥"}, new String[]{CFCA_GETUNEXPORTPRIVATEKEY_FAIL, "没有找到不可导出密钥对中的私钥"}, new String[]{CFCA_GETMASTERKEY_FAIL, "获取对称密钥信息长度失败"}, new String[]{CFCA_GETKEYLENGTH_FAIL, "获取对称密钥信息长度失败"}, new String[]{CFCA_GETKEY_FAIL, "获取对称密钥信息失败"}, new String[]{CFCA_GETPUBLICKEY_FAIL, "获取公钥信息失败"}, new String[]{CFCA_GETPRIVATEKEY_FAIL, "获取私钥信息失败"}, new String[]{CFCA_GETCERT_FAIL, "获取证书对象失败"}, new String[]{CFCA_CREATEPRIVATEKEY_FAIL, "建立私钥对象失败"}, new String[]{CFCA_ENCRYPTINIT_FAIL, "加密操作初始化失败"}, new String[]{CFCA_ENCRYPTUPDATE_FAIL, PKIException.ENCRYPT_DES}, new String[]{CFCA_ENCRYPTFINAL_FAIL, "加密操作结束失败"}, new String[]{CFCA_DECRYPTINIT_FAIL, "解密操作初始化失败"}, new String[]{CFCA_DECRYPTUPDATE_FAIL, PKIException.DECRYPT_DES}, new String[]{CFCA_DECRYPTFINAL_FAIL, "解密操作结束失败"}, new String[]{CFCA_QUERYKEY_FAIL, "查询密钥信息失败"}, new String[]{CFCA_KEYDIV_FAIL, "密钥分散失败"}, new String[]{CFCA_DIVFACTOR_ERR, "对称主密钥分散因子长度错误"}, new String[]{CFCA_GENTRANSFERKEY_FAIL, "产生传输密钥失败"}, new String[]{CFCA_GENWORKKEY_FAIL, "产生对称主密钥失败"}, new String[]{CFCA_INDEXNOTEXIST_FAIL, "找不到该索引对称的密钥"}, new String[]{CFCA_IMPORTKEY_FAIL, "导入对称密钥失败"}, new String[]{CFCA_EXPORTKEY_FAIL, "导出对称密钥失败"}, new String[]{CFCA_KEYID_LIMITED, "密钥索引越界"}, new String[]{CFCA_KEYID_NONE, "该密钥索引内无密钥"}, new String[]{CFCA_KEYID_EXIST, "该密钥索引内已存在密钥"}, new String[]{CFCA_KEY_DSPLIMIT, "密钥分散级数超限"}, new String[]{CFCA_DERCODE_FAIL, "DER编码操作失败"}, new String[]{CFCA_RSAKEY_LABELINVALID, "RSA密钥标签非法"}};
    private static PBOCHardLibForRacal Instance = null;
    private static boolean isInit = false;

    private PBOCHardLibForRacal() throws PKIException {
        System.loadLibrary(PKIBaseConfig.getJniLibFile());
    }

    public static PBOCHardLibForRacal getInstance() throws PKIException {
        if (Instance == null) {
            Instance = new PBOCHardLibForRacal();
        }
        return Instance;
    }

    private static void Initialize() throws PKIException {
        int initializeLib = Instance.initializeLib(new String(PKIBaseConfig.getP11File()).getBytes());
        if (initializeLib != 0) {
            throw new PKIException(Integer.toString(initializeLib), errorDesc(Integer.toString(initializeLib)));
        }
    }

    public static void initHardProvider() throws PKIException {
        if (isInit) {
            return;
        }
        if (Instance == null) {
            Instance = new PBOCHardLibForRacal();
        }
        Initialize();
        isInit = true;
    }

    private static String errorDesc(String str) {
        String str2 = new String();
        int i = 0;
        while (true) {
            if (i >= hardException.length) {
                break;
            }
            if (hardException[i][0].equals(str)) {
                str2 = hardException[i][1];
                break;
            }
            i++;
        }
        if (str2 == null) {
            str2 = "系统内部错误!!!";
        }
        return str2;
    }

    public static void finalizeHardProvider() throws PKIException {
        if (Instance != null) {
            Finalize();
            isInit = false;
            Instance = null;
        }
    }

    private static void Finalize() throws PKIException {
        int p11Finalize = Instance.p11Finalize();
        if (p11Finalize != 0) {
            throw new PKIException(Integer.toString(p11Finalize), errorDesc(Integer.toString(p11Finalize)));
        }
    }

    private native int initializeLib(byte[] bArr);

    private native byte[] getKeyInfoByIndex(int i, int i2);

    private native byte[] generateKeyPair(long j, int i, int i2, boolean z);

    private native byte[] encrypt(long j, int i, byte[] bArr, byte[] bArr2);

    private native byte[] decrypt(long j, int i, byte[] bArr, byte[] bArr2);

    private native byte[] keyDiv(long j, byte[] bArr, int i, byte[] bArr2, byte[] bArr3);

    private native byte[] symmetricKey2LMKEnc(long j, byte[] bArr, byte[] bArr2);

    private native byte[] symmetricLMK2KeyEnc(long j, byte[] bArr, byte[] bArr2);

    private native byte[] symmetricEncrypt(long j, int i, byte[] bArr, byte[] bArr2);

    private native byte[] symmetricDecrypt(long j, int i, byte[] bArr, byte[] bArr2);

    private native byte[] generateMac(long j, byte[] bArr, byte[] bArr2);

    private native byte[] digest(long j, byte[] bArr);

    private native byte[] generateRandom(int i);

    private native byte[] getVersion();

    private native int p11Finalize();

    private native byte[] sign(long j, int i, byte[] bArr, byte[] bArr2);

    private native byte[] verifySign(long j, int i, byte[] bArr, byte[] bArr2, byte[] bArr3);

    private native byte[] importSymmetricKey(long j, int i, int i2, boolean z, byte[] bArr, int i3);

    private native byte[] delSymmetricKey(long j, int i, int i2);

    @Override // com.cfca.util.pki.cipher.Session
    public byte[] digest(Mechanism mechanism, InputStream inputStream, int i) throws PKIException {
        throw new PKIException("850102", "文摘操作失败 digest() JHardLib didn't support Stream-Operation yet. ");
    }

    @Override // com.cfca.util.pki.cipher.Session
    public byte[] mac(Mechanism mechanism, JKey jKey, InputStream inputStream) throws PKIException {
        throw new PKIException("850103", "MAC操作失败 mac() JHardLib didn't support Stream-Operation yet. ");
    }

    @Override // com.cfca.util.pki.cipher.Session
    public boolean verifyMac(Mechanism mechanism, JKey jKey, InputStream inputStream, byte[] bArr) throws PKIException {
        throw new PKIException("850104", "验证MAC操作失败 verifyMac() JHardLib didn't support Stream-Operation yet. ");
    }

    @Override // com.cfca.util.pki.cipher.Session
    public byte[] sign(Mechanism mechanism, JKey jKey, InputStream inputStream) throws PKIException {
        throw new PKIException("850105", "签名操作失败 sign() JHardLib didn't support Stream-Operation yet. ");
    }

    @Override // com.cfca.util.pki.cipher.Session
    public boolean verifySign(Mechanism mechanism, JKey jKey, InputStream inputStream, byte[] bArr) throws PKIException {
        throw new PKIException("850106", "验证签名操作失败 verifySign() JHardLib didn't support Stream-Operation yet. ");
    }

    @Override // com.cfca.util.pki.cipher.Session
    public void encrypt(Mechanism mechanism, JKey jKey, String str, String str2, int i) throws PKIException {
        throw new PKIException("850100", "加密操作失败 encrypt() JHardLib didn't support Stream-Operation yet. ");
    }

    @Override // com.cfca.util.pki.cipher.Session
    public void decrypt(Mechanism mechanism, JKey jKey, String str, String str2, int i) throws PKIException {
        throw new PKIException("850101", "解密操作失败 decrypt() JHardLib didn't support Stream-Operation yet. ");
    }

    public static void main(String[] strArr) throws Exception {
        try {
            try {
                long currentTimeMillis = System.currentTimeMillis();
                JCrypto jCrypto = JCrypto.getInstance();
                jCrypto.initialize(JCrypto.PBOCHard_Lib_RACAL, null);
                PBOCHardLibForRacal pBOCHardLibForRacal = (PBOCHardLibForRacal) jCrypto.openSession(JCrypto.PBOCHard_Lib_RACAL);
                System.out.println(new StringBuffer("last:").append(System.currentTimeMillis() - currentTimeMillis).toString());
                System.out.println(new StringBuffer("random:").append(new String(Base64.encode(pBOCHardLibForRacal.generateRandom(new Mechanism(Mechanism.RANDOM), 8)))).toString());
                boolean parseBoolean = Boolean.parseBoolean(PKIBaseConfig.getP11IsNotEncExp());
                boolean parseBoolean2 = Boolean.parseBoolean(PKIBaseConfig.getP11IsNotExportGenKey());
                GenKeyAttribute genKeyAttribute = new GenKeyAttribute();
                genKeyAttribute.setIsExport(true);
                genKeyAttribute.SetIsNotExportGenKey(parseBoolean2);
                genKeyAttribute.setKeyNum(3);
                genKeyAttribute.setNotEncExp(parseBoolean);
                JKeyPair generateKeyPair = pBOCHardLibForRacal.generateKeyPair(new Mechanism(Mechanism.RSA, genKeyAttribute), 1984, 3);
                System.out.println(new StringBuffer("pubKey:").append(new String(Base64.encode(generateKeyPair.getPublicKey().getKey()))).toString());
                Mechanism mechanism = new Mechanism(Mechanism.RSA_PKCS);
                JKey publicKey = generateKeyPair.getPublicKey();
                byte[] bArr = new byte[248];
                for (int i = 0; i < bArr.length; i++) {
                    bArr[i] = 1;
                }
                byte[] encrypt = pBOCHardLibForRacal.encrypt(mechanism, publicKey, bArr);
                System.out.println(new StringBuffer("ciperData:").append(new String(Base64.encode(encrypt))).toString());
                System.out.println(new StringBuffer("sourceData:").append(new String(pBOCHardLibForRacal.decrypt(mechanism, generateKeyPair.getPrivateKey(), encrypt))).toString());
                MainKey mainKeyInfo = pBOCHardLibForRacal.getMainKeyInfo(new JKey(JKey.PBOC_WORK_MASTER_KEY, RSA_PKCS));
                JKey jKey = new JKey(JKey.PBOC_TRANS_KEY, RSA_PKCS);
                TransKey transKeyInfo = pBOCHardLibForRacal.getTransKeyInfo(jKey);
                byte[] keyDiv = pBOCHardLibForRacal.keyDiv(new Mechanism(Mechanism.DES3_ECB), mainKeyInfo.getKmuKey(), transKeyInfo.getKekEnc(), "01234567".getBytes());
                System.out.println(new StringBuffer("divData:").append(new String(Base64.encode(keyDiv))).toString());
                byte[] decrypt = pBOCHardLibForRacal.decrypt(new Mechanism(Mechanism.DES3_ECB), jKey, keyDiv);
                System.out.println(new StringBuffer("sourceData:").append(new String(Base64.encode(decrypt))).toString());
                System.out.println(new StringBuffer("macData:").append(new String(Base64.encode(pBOCHardLibForRacal.mac(new Mechanism(Mechanism.DES3_CBC), transKeyInfo.getKekMac(), "dhslhdjksh".getBytes())))).toString());
                Mechanism mechanism2 = new Mechanism(Mechanism.DES3_ECB);
                byte[] encrypt2 = pBOCHardLibForRacal.encrypt(mechanism2, new JKey("MASTERKEY", new byte[0]), decrypt);
                System.out.println(new StringBuffer("ciperData:").append(new String(Base64.encode(encrypt2))).toString());
                pBOCHardLibForRacal.decrypt(mechanism2, new JKey("MASTERKEY", new byte[0]), encrypt2);
                System.out.println(new StringBuffer("decodeData:").append(new String(Base64.encode(encrypt2))).toString());
                byte[] lmkTotransKeyEnc = pBOCHardLibForRacal.lmkTotransKeyEnc(mechanism2, transKeyInfo.getKekEnc(), encrypt2);
                System.out.println(new StringBuffer("tkCiperData:").append(new String(Base64.encode(lmkTotransKeyEnc))).toString());
                System.out.println(new StringBuffer("sourceData:").append(new String(Base64.encode(pBOCHardLibForRacal.transKeyToLMKEnc(mechanism2, transKeyInfo.getKekEnc(), lmkTotransKeyEnc)))).toString());
                FileInputStream fileInputStream = new FileInputStream("c:/6666-REQPB001AA-20110211100137.zip");
                byte[] bArr2 = new byte[fileInputStream.available()];
                fileInputStream.read(bArr2);
                fileInputStream.close();
                System.out.println(new StringBuffer("digestData:").append(new String(Base64.encode(pBOCHardLibForRacal.digest(new Mechanism(Mechanism.SHA1), bArr2)))).toString());
            } catch (Throwable th) {
                th.printStackTrace();
                Thread.sleep(10000L);
                Finalize();
            }
        } finally {
            Thread.sleep(10000L);
            Finalize();
        }
    }

    @Override // com.cfca.util.pki.cipher.Session
    public boolean createCertObject(byte[] bArr, byte[] bArr2, byte[] bArr3) throws PKIException {
        throw new UnsupportedOperationException("Method createCertObject() not yet implemented.");
    }

    private byte[] doCipher(Mechanism mechanism, JKey jKey, boolean z, byte[] bArr) throws PKIException {
        try {
            Cipher cipher = Cipher.getInstance(mechanism.getMechanismType(), JSoftLib.PROVIDER);
            cipher.init(z ? 1 : 2, Parser.convertKey(jKey));
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new PKIException("850101", PKIException.DECRYPT_DES, e);
        }
    }

    @Override // com.cfca.util.pki.cipher.Session
    public byte[] decrypt(Mechanism mechanism, JKey jKey, byte[] bArr) throws PKIException {
        byte[] symmetricDecrypt;
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.SSF33_ECB) && !mechanismType.equals(Mechanism.SSF33_CBC) && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals(Mechanism.DES_ECB) && !mechanismType.equals(Mechanism.DES_CBC) && !mechanismType.equals(Mechanism.DES3_ECB) && !mechanismType.equals(Mechanism.DES3_CBC) && !mechanismType.equals("RC4")) {
            throw new PKIException("850101", new StringBuffer("解密操作失败 本操作不支持此种机制类型 ").append(mechanismType).toString());
        }
        long JavaToJNIMechanismType = JavaToJNIMechanismType(mechanismType);
        if (JavaToJNIMechanismType == RSA_PKCS) {
            symmetricDecrypt = decrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), jKey.getKey(), bArr);
        } else {
            if (!jKey.getKeyType().equalsIgnoreCase("MASTERKEY") && !jKey.getKeyType().equalsIgnoreCase(JKey.PBOC_TRANS_KEY)) {
                throw new PKIException("8501本操作不支持此种机制类型", PKIException.NOT_SUP_DES);
            }
            symmetricDecrypt = symmetricDecrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), jKey.getKey(), bArr);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(symmetricDecrypt);
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("DecData");
            String property2 = properties.getProperty("Error");
            if (!property2.equals(CFCA_CKR_OK) || property == null) {
                throw new PKIException("850101", PKIException.DECRYPT_DES, new PKIException(property2, errorDesc(property2)));
            }
            return Hex.decode(property);
        } catch (Exception e) {
            throw new PKIException("850101", PKIException.DECRYPT_DES, new PKIException(CFCA_PARSE_FAIL, errorDesc(CFCA_PARSE_FAIL)));
        }
    }

    @Override // com.cfca.util.pki.cipher.Session
    public boolean destroyCertObject(byte[] bArr, byte[] bArr2) throws PKIException {
        throw new UnsupportedOperationException("Method destroyCertObject() not yet implemented.");
    }

    @Override // com.cfca.util.pki.cipher.Session
    public boolean destroyKeyPair(Mechanism mechanism) throws PKIException {
        throw new UnsupportedOperationException("Method destroyKeyPair() not yet implemented.");
    }

    @Override // com.cfca.util.pki.cipher.Session
    public byte[] digest(Mechanism mechanism, byte[] bArr) throws PKIException {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.MD2) && !mechanismType.equals(Mechanism.MD5) && !mechanismType.equals(Mechanism.SHA1)) {
            throw new PKIException("850102", new StringBuffer("文摘操作失败 本操作不支持此种机制类型 ").append(mechanismType).toString());
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(digest(JavaToJNIMechanismType(mechanismType), bArr));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("DigestData");
            String property2 = properties.getProperty("Error");
            if (!property2.equals(CFCA_CKR_OK) || property == null) {
                throw new PKIException("850102", PKIException.DIGEST_DES, new PKIException(property2, errorDesc(property2)));
            }
            return Hex.decode(property);
        } catch (Exception e) {
            throw new PKIException("850102", PKIException.DIGEST_DES, e);
        }
    }

    @Override // com.cfca.util.pki.cipher.Session
    public byte[] encrypt(Mechanism mechanism, JKey jKey, byte[] bArr) throws PKIException {
        byte[] symmetricEncrypt;
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.SSF33_ECB) && !mechanismType.equals(Mechanism.SSF33_CBC) && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals(Mechanism.DES_CBC) && !mechanismType.equals(Mechanism.DES_ECB) && !mechanismType.equals(Mechanism.DES3_ECB) && !mechanismType.equals(Mechanism.DES3_CBC) && !mechanismType.equals("RC4") && !mechanismType.equals(Mechanism.RC2_ECB) && !mechanismType.equals(Mechanism.RC2_CBC)) {
            throw new PKIException("850100", new StringBuffer("加密操作失败 本操作不支持此种机制类型 ").append(mechanismType).toString());
        }
        long JavaToJNIMechanismType = JavaToJNIMechanismType(mechanismType);
        if (JavaToJNIMechanismType == RSA_PKCS) {
            symmetricEncrypt = encrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), jKey.getKey(), bArr);
        } else {
            if (!jKey.getKeyType().equalsIgnoreCase("MASTERKEY") && !jKey.getKeyType().equalsIgnoreCase(JKey.PBOC_TRANS_KEY) && !jKey.getKeyType().equalsIgnoreCase(JKey.PBOC_TRANS_ENCKEY) && !jKey.getKeyType().equalsIgnoreCase(JKey.PBOC_TRANS_MACKEY)) {
                throw new PKIException("8501本操作不支持此种机制类型", PKIException.NOT_SUP_DES);
            }
            symmetricEncrypt = symmetricEncrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), jKey.getKey(), bArr);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(symmetricEncrypt);
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("EncData");
            String property2 = properties.getProperty("Error");
            if (!property2.equals(CFCA_CKR_OK) || property == null) {
                throw new PKIException("850100", PKIException.ENCRYPT_DES, new PKIException(property2, errorDesc(property2)));
            }
            return Hex.decode(property);
        } catch (Exception e) {
            throw new PKIException("850100", PKIException.ENCRYPT_DES, new PKIException(CFCA_PARSE_FAIL, errorDesc(CFCA_PARSE_FAIL)));
        }
    }

    @Override // com.cfca.util.pki.cipher.Session
    public JKey generateKey(Mechanism mechanism, int i) throws PKIException {
        throw new PKIException("850100", "产生对称密钥操作失败 generateKey() PBOCHardLib didn't support sign yet. ");
    }

    @Override // com.cfca.util.pki.cipher.Session
    public JKeyPair generateKeyPair(Mechanism mechanism, int i) throws PKIException {
        return generateKeyPair(mechanism, i, 3);
    }

    private long JavaToJNIMechanismType(String str) throws PKIException {
        if (str.equals(Mechanism.RSA)) {
            return RSA;
        }
        if (str.equals(Mechanism.RSA_PKCS)) {
            return RSA_PKCS;
        }
        if (str.equals(Mechanism.MD2)) {
            return MD2;
        }
        if (str.equals("MD2withRSAEncryption")) {
            return MD2_RSA_PKCS;
        }
        if (str.equals(Mechanism.SM2)) {
            return ECC;
        }
        if (str.equals(Mechanism.MD5)) {
            return MD5;
        }
        if (str.equals("MD5withRSAEncryption")) {
            return MD5_RSA_PKCS;
        }
        if (str.equals(Mechanism.SHA1)) {
            return SHA1;
        }
        if (str.equals("SHA1withRSAEncryption")) {
            return SHA1_RSA_PKCS;
        }
        if (str.equals("DES")) {
            return DES_KEY;
        }
        if (str.equals(Mechanism.DES_ECB)) {
            return DES_ECB;
        }
        if (str.equals(Mechanism.DES_CBC)) {
            return DES_CBC;
        }
        if (str.equals("DESede")) {
            return DES3_KEY;
        }
        if (str.equals(Mechanism.DES3_ECB)) {
            return DES3_ECB;
        }
        if (str.equals(Mechanism.DES3_CBC)) {
            return DES3_CBC;
        }
        if (str.equals("RC2")) {
            return RC2_KEY;
        }
        if (str.equals(Mechanism.RC2_ECB)) {
            return RC2_ECB;
        }
        if (str.equals(Mechanism.RC2_CBC)) {
            return RC2_CBC;
        }
        if (str.equals("RC4_KEY")) {
            return RC4_KEY;
        }
        if (str.equals("RC4")) {
            return RC4;
        }
        if (str.equals(Mechanism.SSF33_KEY)) {
            return SSF33_KEY_GEN;
        }
        if (str.equals(Mechanism.SSF33_ECB)) {
            return CKM_SSF33_ECB;
        }
        if (str.equals(Mechanism.SSF33_CBC)) {
            return CKM_SSF33_CBC;
        }
        throw new PKIException("850100", PKIException.NOT_SUP_DES);
    }

    @Override // com.cfca.util.pki.cipher.Session
    public JKeyPair generateKeyPair(Mechanism mechanism, int i, int i2) throws PKIException {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.RSA) && !mechanismType.equals(Mechanism.SM2)) {
            throw new PKIException("850101", new StringBuffer("产生非对称密钥对失败 本操作不支持此种机制类型 ").append(mechanismType).toString());
        }
        long JavaToJNIMechanismType = JavaToJNIMechanismType(mechanismType);
        boolean z = true;
        if (mechanism.getParam() != null) {
            z = ((GenKeyAttribute) mechanism.getParam()).getIsNotEncExp();
        }
        if (i == 0) {
            i = 1024;
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(generateKeyPair(JavaToJNIMechanismType, i, i2, z));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("Error");
            String property2 = properties.getProperty("Modulus");
            String property3 = properties.getProperty("PublicExponent");
            if ((property2 == null && property3 == null) || !property.equals(CFCA_CKR_OK)) {
                throw new PKIException("850101", PKIException.KEY_PAIR_DES, new PKIException(property, errorDesc(property)));
            }
            String property4 = properties.getProperty("priKeyID");
            String property5 = properties.getProperty("PrivateExponent");
            String property6 = properties.getProperty("Prime1");
            String property7 = properties.getProperty("Prime2");
            String property8 = properties.getProperty("Exponent1");
            String property9 = properties.getProperty("Exponent2");
            String property10 = properties.getProperty("Coefficient");
            String property11 = properties.getProperty("PrivateKey");
            properties.getProperty("PublicKey");
            if (property4 == null && property2 == null && property5 == null && property3 == null && property6 == null && property7 == null && property8 == null && property9 == null && property10 == null) {
                throw new PKIException("850101", PKIException.KEY_PAIR_DES);
            }
            JKey jKey = null;
            JKey jKey2 = null;
            if (mechanismType.equals(Mechanism.RSA)) {
                jKey = new JKey(JKey.RSA_PUB_KEY, Parser.customData2SoftPublicKey(JKey.RSA_PUB_KEY, Hex.decode(property2), Hex.decode(property3)));
                jKey2 = z ? new JKey(JKey.RSA_PRV_KEY, Hex.decode(property11)) : new JKey(JKey.RSA_PRV_KEY, Parser.customData2SoftPrivateKey(JKey.RSA_PRV_KEY, Hex.decode(property2), Hex.decode(property5), Hex.decode(property3), Hex.decode(property6), Hex.decode(property7), Hex.decode(property8), Hex.decode(property9), Hex.decode(property10)));
            }
            return new JKeyPair(jKey, jKey2);
        } catch (Exception e) {
            throw new PKIException("850101", PKIException.KEY_PAIR_DES, new PKIException(CFCA_PARSE_FAIL, errorDesc(CFCA_PARSE_FAIL)));
        }
    }

    @Override // com.cfca.util.pki.cipher.Session
    public JKey generatePBEKey(Mechanism mechanism, char[] cArr) throws PKIException {
        throw new UnsupportedOperationException("Method generatePBEKey() not yet implemented.");
    }

    @Override // com.cfca.util.pki.cipher.Session
    public byte[] generateRandom(Mechanism mechanism, int i) throws PKIException {
        if (!mechanism.getMechanismType().equals(Mechanism.RANDOM)) {
            throw new PKIException("850103", "产生随机数失败 本操作不支持此种机制类型 Random");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(generateRandom(i));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("RandomData");
            if (!properties.getProperty("Error").equals(CFCA_CKR_OK) || property == null) {
                throw new PKIException("850103", PKIException.RANDOM_DES);
            }
            return Hex.decode(property);
        } catch (Exception e) {
            throw new PKIException("850103", PKIException.RANDOM_DES, e);
        }
    }

    @Override // com.cfca.util.pki.cipher.Session
    public byte[] getCertObject(byte[] bArr) throws PKIException {
        throw new UnsupportedOperationException("Method getCertObject() not yet implemented.");
    }

    @Override // com.cfca.util.pki.cipher.Session
    public byte[] keyDiv(Mechanism mechanism, JKey jKey, JKey jKey2, byte[] bArr) throws PKIException {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.DES_CBC) && !mechanismType.equals(Mechanism.DES_ECB) && !mechanismType.equals(Mechanism.DES3_ECB) && !mechanismType.equals(Mechanism.DES3_CBC)) {
            throw new PKIException("850100", new StringBuffer("加密操作失败 本操作不支持此种机制类型 ").append(mechanismType).toString());
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(keyDiv(JavaToJNIMechanismType(mechanismType), jKey.getKey(), JavaToJNIKeyType(jKey.getKeyType()), jKey2.getKey(), bArr));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("DivData");
            String property2 = properties.getProperty("Error");
            if (!property2.equals(CFCA_CKR_OK) || property == null) {
                throw new PKIException("850100", PKIException.ENCRYPT_DES, new PKIException(property2, errorDesc(property2)));
            }
            return Hex.decode(property);
        } catch (Exception e) {
            throw new PKIException("850100", PKIException.ENCRYPT_DES, new PKIException(CFCA_PARSE_FAIL, errorDesc(CFCA_PARSE_FAIL)));
        }
    }

    @Override // com.cfca.util.pki.cipher.Session
    public byte[] lmkTotransKeyEnc(Mechanism mechanism, JKey jKey, byte[] bArr) throws PKIException {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.DES_CBC) && !mechanismType.equals(Mechanism.DES_ECB) && !mechanismType.equals(Mechanism.DES3_ECB) && !mechanismType.equals(Mechanism.DES3_CBC)) {
            throw new PKIException("850100", new StringBuffer("加密操作失败 本操作不支持此种机制类型 ").append(mechanismType).toString());
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(symmetricLMK2KeyEnc(JavaToJNIMechanismType(mechanismType), jKey.getKey(), bArr));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("EncData");
            String property2 = properties.getProperty("Error");
            if (!property2.equals(CFCA_CKR_OK) || property == null) {
                throw new PKIException("850100", PKIException.ENCRYPT_DES, new PKIException(property2, errorDesc(property2)));
            }
            return Hex.decode(property);
        } catch (Exception e) {
            throw new PKIException("850100", PKIException.ENCRYPT_DES, new PKIException(CFCA_PARSE_FAIL, errorDesc(CFCA_PARSE_FAIL)));
        }
    }

    @Override // com.cfca.util.pki.cipher.Session
    public byte[] mac(Mechanism mechanism, JKey jKey, byte[] bArr) throws PKIException {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.SSF33_ECB) && !mechanismType.equals(Mechanism.SSF33_CBC) && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals(Mechanism.DES_ECB) && !mechanismType.equals(Mechanism.DES_CBC) && !mechanismType.equals(Mechanism.DES3_ECB) && !mechanismType.equals(Mechanism.DES3_CBC) && !mechanismType.equals("RC4")) {
            throw new PKIException("850101", new StringBuffer("解密操作失败 本操作不支持此种机制类型 ").append(mechanismType).toString());
        }
        long JavaToJNIMechanismType = JavaToJNIMechanismType(mechanismType);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(generateMac(JavaToJNIMechanismType, jKey.getKey(), bArr));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("MacData");
            String property2 = properties.getProperty("Error");
            if (!property2.equals(CFCA_CKR_OK) || property == null) {
                throw new PKIException("850103", PKIException.MAC_DES, new PKIException(property2, errorDesc(property2)));
            }
            return Hex.decode(property);
        } catch (Exception e) {
            throw new PKIException("850100", PKIException.ENCRYPT_DES, new PKIException(CFCA_PARSE_FAIL, errorDesc(CFCA_PARSE_FAIL)));
        }
    }

    @Override // com.cfca.util.pki.cipher.Session
    public byte[] sign(Mechanism mechanism, JKey jKey, byte[] bArr) throws PKIException {
        throw new PKIException("850105", "签名操作失败 sign() PBOCHardLib didn't support sign yet. ");
    }

    @Override // com.cfca.util.pki.cipher.Session
    public byte[] transKeyToLMKEnc(Mechanism mechanism, JKey jKey, byte[] bArr) throws PKIException {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.DES_CBC) && !mechanismType.equals(Mechanism.DES_ECB) && !mechanismType.equals(Mechanism.DES3_ECB) && !mechanismType.equals(Mechanism.DES3_CBC)) {
            throw new PKIException("850100", new StringBuffer("加密操作失败 本操作不支持此种机制类型 ").append(mechanismType).toString());
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(symmetricKey2LMKEnc(JavaToJNIMechanismType(mechanismType), jKey.getKey(), bArr));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("EncData");
            String property2 = properties.getProperty("Error");
            if (!property2.equals(CFCA_CKR_OK) || property == null) {
                throw new PKIException("850100", PKIException.ENCRYPT_DES, new PKIException(property2, errorDesc(property2)));
            }
            return Hex.decode(property);
        } catch (Exception e) {
            throw new PKIException("850100", PKIException.ENCRYPT_DES, new PKIException(CFCA_PARSE_FAIL, errorDesc(CFCA_PARSE_FAIL)));
        }
    }

    @Override // com.cfca.util.pki.cipher.Session
    public boolean verifyMac(Mechanism mechanism, JKey jKey, byte[] bArr, byte[] bArr2) throws PKIException {
        throw new UnsupportedOperationException("Method verifyMac() not yet implemented.");
    }

    @Override // com.cfca.util.pki.cipher.Session
    public boolean verifySign(Mechanism mechanism, JKey jKey, byte[] bArr, byte[] bArr2) throws PKIException {
        throw new PKIException("850106", "验证签名操作失败 verifySign() JHardLib didn't support Stream-Operation yet. ");
    }

    private int JavaToJNIKeyType(String str) throws PKIException {
        if (str.equalsIgnoreCase(JKey.RSA_PUB_KEY)) {
            return Integer.parseInt(CKC_KEYTYPE_RSA_PUBLICKEY);
        }
        if (str.equalsIgnoreCase(JKey.RSA_PRV_KEY)) {
            return Integer.parseInt(SubjectAltNameExt.DNS_TYPE_NAME);
        }
        if (str.equalsIgnoreCase(JKey.RSA_PUB_KEY_ID)) {
            return Integer.parseInt("16");
        }
        if (str.equalsIgnoreCase(JKey.RSA_PRV_KEY_ID)) {
            return Integer.parseInt("32");
        }
        if (str.equalsIgnoreCase("MASTERKEY")) {
            return Integer.parseInt(CKC_KEYTYPE_MASTERKEYID);
        }
        if (str.equalsIgnoreCase(JKey.PBOC_TRANS_KEY)) {
            return Integer.parseInt(CKC_KEYTYPE_TRANSFERKEYID);
        }
        if (str.equalsIgnoreCase(JKey.PBOC_TRANS_ENCKEY)) {
            return Integer.parseInt(CKC_KEYTYPE_TRANSFERKEYID_ENC);
        }
        if (str.equalsIgnoreCase(JKey.PBOC_TRANS_MACKEY)) {
            return Integer.parseInt(CKC_KEYTYPE_TRANSFERKEYID_MAC);
        }
        if (str.equalsIgnoreCase(JKey.PBOC_WORK_MASTER_KEY)) {
            return Integer.parseInt(CKC_KEYTYPE_WORKKEYID);
        }
        if (str.equalsIgnoreCase(JKey.PBOC_WORK_MASTER_ACKEY)) {
            return Integer.parseInt(CKC_KEYTYPE_WORKKEYID_AC);
        }
        if (str.equalsIgnoreCase(JKey.PBOC_WORK_MASTER_ENCKEY)) {
            return Integer.parseInt(CKC_KEYTYPE_WORKKEYID_ENC);
        }
        if (str.equalsIgnoreCase(JKey.PBOC_WORK_MASTER_MACKEY)) {
            return Integer.parseInt("160");
        }
        if (str.equalsIgnoreCase(JKey.PBOC_WORK_MASTER_KMU)) {
            return Integer.parseInt("161");
        }
        if (str.equalsIgnoreCase(JKey.PBOC_NOTEXPORTED_KEY)) {
            return Integer.parseInt(CKC_KEYTYPE_RSA_ID);
        }
        throw new PKIException("850100", PKIException.NOT_SUP_DES);
    }

    @Override // com.cfca.util.pki.cipher.Session
    public JKey getKeyInfo(JKey jKey) throws PKIException {
        throw new UnsupportedOperationException("Method getKeyInfo() not yet implemented");
    }

    @Override // com.cfca.util.pki.cipher.Session
    public MainKey getMainKeyInfo(JKey jKey) throws PKIException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(getKeyInfoByIndex(JavaToJNIKeyType(jKey.getKeyType()), (int) jKey.getKeyID()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("Error");
            String property2 = properties.getProperty("Worker_AppKey");
            String property3 = properties.getProperty("Worker_KmuKey");
            String property4 = properties.getProperty("Worker_EncKey");
            String property5 = properties.getProperty("Worker_MacKey");
            if (!property.equals(CFCA_CKR_OK) || property2 == null || property3 == null || property4 == null || property5 == null) {
                throw new PKIException("850100", PKIException.GETKEYINFO_DES, new PKIException(property, errorDesc(property)));
            }
            MainKey mainKey = new MainKey();
            mainKey.setAcKey(new JKey(JKey.PBOC_WORK_MASTER_ACKEY, Hex.decode(property2)));
            mainKey.setEncKey(new JKey(JKey.PBOC_WORK_MASTER_ENCKEY, Hex.decode(property4)));
            mainKey.setKmuKey(new JKey(JKey.PBOC_WORK_MASTER_KMU, Hex.decode(property3)));
            mainKey.setMacKey(new JKey(JKey.PBOC_WORK_MASTER_MACKEY, Hex.decode(property5)));
            return mainKey;
        } catch (Exception e) {
            throw new PKIException("850101", PKIException.KEY_PAIR_DES, new PKIException(CFCA_PARSE_FAIL, errorDesc(CFCA_PARSE_FAIL)));
        }
    }

    @Override // com.cfca.util.pki.cipher.Session
    public TransKey getTransKeyInfo(JKey jKey) throws PKIException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(getKeyInfoByIndex(JavaToJNIKeyType(jKey.getKeyType()), (int) jKey.getKeyID()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("Error");
            String property2 = properties.getProperty("Transfer_EncKey");
            String property3 = properties.getProperty("Transfer_MacKey");
            if (!property.equals(CFCA_CKR_OK)) {
                throw new PKIException("850100", PKIException.GETKEYINFO_DES, new PKIException(property, errorDesc(property)));
            }
            TransKey transKey = new TransKey();
            transKey.setKekEnc(new JKey(JKey.PBOC_TRANS_ENCKEY, Hex.decode(property2)));
            transKey.setKekMac(new JKey(JKey.PBOC_TRANS_MACKEY, Hex.decode(property3)));
            return transKey;
        } catch (Exception e) {
            throw new PKIException("850101", PKIException.KEY_PAIR_DES, new PKIException(CFCA_PARSE_FAIL, errorDesc(CFCA_PARSE_FAIL)));
        }
    }
}
