package eu.europa.esig.dss.token.mocca;

import at.gv.egiz.smcc.CardNotSupportedException;
import at.gv.egiz.smcc.SignatureCard;
import at.gv.egiz.smcc.SignatureCardFactory;
import at.gv.egiz.smcc.util.SmartCardIO;
import eu.europa.esig.dss.DSSASN1Utils;
import eu.europa.esig.dss.DSSException;
import eu.europa.esig.dss.DigestAlgorithm;
import eu.europa.esig.dss.EncryptionAlgorithm;
import eu.europa.esig.dss.MaskGenerationFunction;
import eu.europa.esig.dss.SignatureAlgorithm;
import eu.europa.esig.dss.SignatureValue;
import eu.europa.esig.dss.ToBeSigned;
import eu.europa.esig.dss.token.DSSPrivateKeyEntry;
import eu.europa.esig.dss.token.PasswordInputCallback;
import eu.europa.esig.dss.token.SignatureTokenConnection;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.smartcardio.Card;
import javax.smartcardio.CardTerminal;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.DERSequence;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/token/mocca/MOCCASignatureTokenConnection.class */
public class MOCCASignatureTokenConnection implements SignatureTokenConnection {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) MOCCASignatureTokenConnection.class);
    private PINGUIAdapter callback;
    private List<SignatureCard> _signatureCards;

    public MOCCASignatureTokenConnection(PasswordInputCallback passwordInputCallback) {
        this.callback = new PINGUIAdapter(passwordInputCallback);
    }

    public void set_signatureCards(List<SignatureCard> list) {
        this._signatureCards = list;
    }

    @Override // eu.europa.esig.dss.token.SignatureTokenConnection
    public void close() {
        if (this._signatureCards != null) {
            Iterator<SignatureCard> it = this._signatureCards.iterator();
            while (it.hasNext()) {
                it.next().disconnect(true);
            }
            this._signatureCards.clear();
            this._signatureCards = null;
        }
    }

    private List<SignatureCard> getSignatureCards() {
        if (this._signatureCards == null) {
            this._signatureCards = new ArrayList();
            SmartCardIO smartCardIO = new SmartCardIO();
            SignatureCardFactory signatureCardFactory = SignatureCardFactory.getInstance();
            for (Map.Entry<CardTerminal, Card> entry : smartCardIO.getCards().entrySet()) {
                try {
                    this._signatureCards.add(signatureCardFactory.createSignatureCard(entry.getValue(), entry.getKey()));
                } catch (CardNotSupportedException e) {
                    LOG.info(e.getMessage());
                }
            }
        }
        return this._signatureCards;
    }

    @Override // eu.europa.esig.dss.token.SignatureTokenConnection
    public List<DSSPrivateKeyEntry> getKeys() throws DSSException {
        List<DSSPrivateKeyEntry> keysSeveralCards = getKeysSeveralCards();
        if (keysSeveralCards.isEmpty()) {
            throw new DSSException("Cannot retrieve keys from the card!");
        }
        return keysSeveralCards;
    }

    private List<DSSPrivateKeyEntry> getKeysSeveralCards() throws DSSException {
        ArrayList arrayList = new ArrayList();
        int i = 0;
        for (SignatureCard signatureCard : getSignatureCards()) {
            try {
                byte[] certificate = signatureCard.getCertificate(SignatureCard.KeyboxName.SECURE_SIGNATURE_KEYPAIR, this.callback);
                if (certificate != null) {
                    arrayList.add(new MOCCAPrivateKeyEntry(certificate, SignatureCard.KeyboxName.SECURE_SIGNATURE_KEYPAIR, i, signatureCard.getCard().getATR().getBytes()));
                }
            } catch (Exception e) {
                LOG.error(e.getMessage(), (Throwable) e);
            }
            try {
                byte[] certificate2 = signatureCard.getCertificate(SignatureCard.KeyboxName.CERTIFIED_KEYPAIR, this.callback);
                if (certificate2 != null) {
                    arrayList.add(new MOCCAPrivateKeyEntry(certificate2, SignatureCard.KeyboxName.CERTIFIED_KEYPAIR, i, signatureCard.getCard().getATR().getBytes()));
                }
            } catch (Exception e2) {
                LOG.error(e2.getMessage(), (Throwable) e2);
            }
            i++;
        }
        return arrayList;
    }

    @Override // eu.europa.esig.dss.token.SignatureTokenConnection
    public SignatureValue sign(ToBeSigned toBeSigned, DigestAlgorithm digestAlgorithm, DSSPrivateKeyEntry dSSPrivateKeyEntry) throws DSSException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(toBeSigned.getBytes());
        if (!(dSSPrivateKeyEntry instanceof MOCCAPrivateKeyEntry)) {
            throw new DSSException("Unsupported DSSPrivateKeyEntry instance " + dSSPrivateKeyEntry.getClass() + " / Must be MOCCAPrivateKeyEntry.");
        }
        MOCCAPrivateKeyEntry mOCCAPrivateKeyEntry = (MOCCAPrivateKeyEntry) dSSPrivateKeyEntry;
        if (this._signatureCards == null) {
            throw new IllegalStateException("The cards have not been initialised");
        }
        if (mOCCAPrivateKeyEntry.getPos() > this._signatureCards.size() - 1) {
            throw new IllegalStateException("Card was removed or disconnected " + mOCCAPrivateKeyEntry.getPos() + StringUtils.SPACE + this._signatureCards.size());
        }
        SignatureCard signatureCard = this._signatureCards.get(mOCCAPrivateKeyEntry.getPos());
        EncryptionAlgorithm encryptionAlgorithm = mOCCAPrivateKeyEntry.getEncryptionAlgorithm();
        SignatureAlgorithm algorithm = SignatureAlgorithm.getAlgorithm(encryptionAlgorithm, digestAlgorithm);
        LOG.info("MOCCA>>>Signature algorithm: " + algorithm.getJCEId());
        try {
            byte[] createSignature = signatureCard.createSignature(byteArrayInputStream, mOCCAPrivateKeyEntry.getKeyboxName(), this.callback, algorithm.getXMLId());
            if (EncryptionAlgorithm.ECDSA.equals(encryptionAlgorithm)) {
                createSignature = encode(createSignature);
            }
            SignatureValue signatureValue = new SignatureValue();
            signatureValue.setAlgorithm(algorithm);
            signatureValue.setValue(createSignature);
            return signatureValue;
        } catch (Exception e) {
            throw new DSSException(e);
        }
    }

    @Override // eu.europa.esig.dss.token.SignatureTokenConnection
    public SignatureValue sign(ToBeSigned toBeSigned, DigestAlgorithm digestAlgorithm, MaskGenerationFunction maskGenerationFunction, DSSPrivateKeyEntry dSSPrivateKeyEntry) throws DSSException {
        throw new UnsupportedOperationException();
    }

    private static byte[] encode(byte[] bArr) throws DSSException {
        int length = bArr.length / 2;
        byte[] bArr2 = new byte[length];
        byte[] bArr3 = new byte[length];
        System.arraycopy(bArr, 0, bArr2, 0, length);
        System.arraycopy(bArr, length, bArr3, 0, length);
        BigInteger bigInteger = new BigInteger(1, bArr2);
        BigInteger bigInteger2 = new BigInteger(1, bArr3);
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ASN1Integer(bigInteger));
        aSN1EncodableVector.add(new ASN1Integer(bigInteger2));
        return DSSASN1Utils.getDEREncoded(new DERSequence(aSN1EncodableVector));
    }

    public int getRetries() {
        return this.callback.getRetries();
    }
}
