package at.gv.egiz.smcc;

import at.gv.egiz.smcc.SignatureCard;
import at.gv.egiz.smcc.pin.gui.PINGUI;
import at.gv.egiz.smcc.util.ISO7816Utils;
import at.gv.egiz.smcc.util.SMCCHelper;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.smartcardio.CardChannel;
import javax.smartcardio.CardException;
import javax.smartcardio.CommandAPDU;
import javax.smartcardio.ResponseAPDU;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:at/gv/egiz/smcc/SEIdentityCard.class */
public class SEIdentityCard extends AbstractSignatureCard implements SignatureCard {
    private static final byte[] SIGDATA_PREFIX = {48, 33, 48, 9, 6, 5, 43, 14, 3, 2, 26, 5, 0, 4, 20};
    private static final PinInfo PIN_SPEC = new PinInfo(6, 8, ".", "at/gv/egiz/smcc/SEIdentityCard", "pin", (byte) -126, null, -1);
    private final Logger log = LoggerFactory.getLogger((Class<?>) SEIdentityCard.class);

    @Override // at.gv.egiz.smcc.SignatureCard
    public byte[] createSignature(InputStream inputStream, SignatureCard.KeyboxName keyboxName, PINGUI pingui, String str) throws SignatureCardException, InterruptedException, IOException {
        this.log.debug("Trying to create signature..");
        CardChannel cardChannel = getCardChannel();
        try {
            selectFile(cardChannel, new byte[]{80, 21, 80, 22, 75, 2});
            try {
                verifyPINLoop(cardChannel, PIN_SPEC, pingui);
                setMSE(cardChannel);
                try {
                    MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
                    try {
                        byte[] bArr = new byte[messageDigest.getDigestLength()];
                        while (true) {
                            int read = inputStream.read(bArr);
                            if (read == -1) {
                                break;
                            }
                            messageDigest.update(bArr, 0, read);
                        }
                        byte[] digest = messageDigest.digest();
                        byte[] bArr2 = new byte[SIGDATA_PREFIX.length + digest.length];
                        System.arraycopy(SIGDATA_PREFIX, 0, bArr2, 0, SIGDATA_PREFIX.length);
                        System.arraycopy(digest, 0, bArr2, SIGDATA_PREFIX.length, digest.length);
                        ResponseAPDU transmit = cardChannel.transmit(new CommandAPDU(0, 42, -98, -102, bArr2));
                        if (transmit.getSW() != 36864) {
                            throw new SignatureCardException("Error creating signature: " + Integer.toHexString(transmit.getSW()));
                        }
                        return transmit.getData();
                    } catch (CardException e) {
                        throw new SignatureCardException("Error creating signature.", e);
                    } catch (IOException e2) {
                        throw new SignatureCardException("Error creating signature.", e2);
                    }
                } catch (NoSuchAlgorithmException e3) {
                    this.log.error("Failed to get MessageDigest.", (Throwable) e3);
                    throw new SignatureCardException(e3);
                }
            } catch (CardException e4) {
                throw new SignatureCardException("Error verifying PIN.", e4);
            }
        } catch (CardException e5) {
            throw new SignatureCardException("Error selecting file.", e5);
        }
    }

    @Override // at.gv.egiz.smcc.SignatureCard
    public byte[] getCertificate(SignatureCard.KeyboxName keyboxName, PINGUI pingui) throws SignatureCardException, InterruptedException {
        this.log.debug("Trying to fetch certificate..");
        CardChannel cardChannel = getCardChannel();
        try {
            byte[] selectFile = selectFile(cardChannel, new byte[]{80, 21, 80, 22, 67, 50});
            if (selectFile == null) {
                throw new SignatureCardException("Could not retireve FCI for certificate file.");
            }
            try {
                return executeReadBinary(cardChannel, ISO7816Utils.getLengthFromFCx(selectFile));
            } catch (CardException e) {
                throw new SignatureCardException("Error reading certificate from card.", e);
            }
        } catch (CardException e2) {
            throw new SignatureCardException("Error selecting card file.", e2);
        }
    }

    @Override // at.gv.egiz.smcc.SignatureCard
    public byte[] getInfobox(String str, PINGUI pingui, String str2) throws SignatureCardException, InterruptedException {
        throw new IllegalArgumentException("Infobox '" + str + "' not supported.");
    }

    private void setMSE(CardChannel cardChannel) throws SignatureCardException {
        try {
            ResponseAPDU transmit = cardChannel.transmit(new CommandAPDU(0, 34, 65, -74, new byte[]{Byte.MIN_VALUE, 1, 2, -127, 2, 75, 2}));
            if (transmit.getSW() != 36864) {
                throw new SignatureCardException("Error setting DST: " + Integer.toHexString(transmit.getSW()));
            }
        } catch (CardException e) {
            throw new SignatureCardException("Error setting DST.", e);
        }
    }

    private byte[] selectFile(CardChannel cardChannel, byte[] bArr) throws CardException, SignatureCardException {
        ResponseAPDU transmit = cardChannel.transmit(new CommandAPDU(0, -92, 8, 0, bArr));
        if (transmit.getSW() != 36864) {
            throw new SignatureCardException("Unexpected result from card: " + Integer.toHexString(transmit.getSW()));
        }
        return transmit.getData();
    }

    private byte[] executeReadBinary(CardChannel cardChannel, int i) throws CardException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int i2 = 0;
        boolean z = false;
        int i3 = 0;
        while (!z) {
            int i4 = i - i2 > 239 ? 239 : i - i2;
            byte[] byteArray = SMCCHelper.toByteArray(i3);
            ResponseAPDU readFromCard = readFromCard(cardChannel, byteArray[0], byteArray[1], (byte) i4);
            if (readFromCard.getSW1() == 108) {
                readFromCard = readFromCard(cardChannel, byteArray[0], byteArray[1], (byte) readFromCard.getSW2());
                z = true;
            }
            try {
                byteArrayOutputStream.write(readFromCard.getData());
                i2 += readFromCard.getData().length;
                i3 = i2;
                if (i2 == i) {
                    z = true;
                }
            } catch (IOException e) {
                this.log.error("Error executing secure read binary.", (Throwable) e);
                throw new CardException("Error reading data from card", e);
            }
        }
        return byteArrayOutputStream.toByteArray();
    }

    private ResponseAPDU readFromCard(CardChannel cardChannel, byte b, byte b2, byte b3) throws CardException {
        return cardChannel.transmit(new CommandAPDU(new byte[]{0, -80, b, b2, b3}));
    }

    protected void verifyPINLoop(CardChannel cardChannel, PinInfo pinInfo, PINGUI pingui) throws LockedException, NotActivatedException, SignatureCardException, InterruptedException, CardException {
        int i = -1;
        do {
            i = verifyPIN(cardChannel, pinInfo, pingui, i);
        } while (i >= -1);
    }

    protected int verifyPIN(CardChannel cardChannel, PinInfo pinInfo, PINGUI pingui, int i) throws SignatureCardException, LockedException, NotActivatedException, InterruptedException, CardException {
        ResponseAPDU verify = this.reader.verify(cardChannel, new VerifyAPDUSpec(new byte[]{0, 32, 0, pinInfo.getKID(), 8, 0, 0, 0, 0, 0, 0, 0, 0}, 0, 2, 8), pingui, pinInfo, i);
        if (verify.getSW() == 36864) {
            return -2;
        }
        if ((verify.getSW() >> 4) == 1596) {
            return 15 & verify.getSW();
        }
        switch (verify.getSW()) {
            case 25344:
                return -1;
            case 25600:
                throw new TimeoutException();
            case 27011:
                throw new LockedException();
            case 27012:
                throw new NotActivatedException();
            case 27013:
                throw new NotActivatedException();
            default:
                String str = "VERIFY failed. SW=" + Integer.toHexString(verify.getSW());
                this.log.info(str);
                throw new SignatureCardException(str);
        }
    }
}
