package at.gv.egiz.smcc;

import at.gv.egiz.smcc.SignatureCard;
import at.gv.egiz.smcc.cio.CIOCertificate;
import at.gv.egiz.smcc.cio.ObjectDirectory;
import at.gv.egiz.smcc.pin.gui.PINGUI;
import at.gv.egiz.smcc.util.SMCCHelper;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.zip.DataFormatException;
import java.util.zip.Inflater;
import javax.smartcardio.CardChannel;
import javax.smartcardio.CardException;
import javax.smartcardio.CommandAPDU;
import javax.smartcardio.ResponseAPDU;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:at/gv/egiz/smcc/ESDNIeCard.class */
public class ESDNIeCard extends AbstractSignatureCard implements SignatureCard {
    public static final byte[] MASTER_FILE_ID = {77, 97, 115, 116, 101, 114, 46, 70, 105, 108, 101};
    private final byte[] HASH_PADDING = {48, 33, 48, 9, 6, 5, 43, 14, 3, 2, 26, 5, 0, 4, 20};
    private final String SIG_KEY_NAME = "KprivFirmaDigital";
    private final String SIG_CERT_NAME = "CertFirmaDigital";
    private final Logger log = LoggerFactory.getLogger((Class<?>) ESDNIeCard.class);
    protected PinInfo pinInfo = new PinInfo(8, 16, "[0-9A-Za-z_<>!()?%\\-=&+\\.]", "at/gv/egiz/smcc/ESDNIeCard", "sig.pin", (byte) 0, new byte[0], -1);

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // at.gv.egiz.smcc.AbstractSignatureCard
    public CardChannel getCardChannel() {
        return new DNIeSecuredChannel(getCard().getBasicChannel());
    }

    @Override // at.gv.egiz.smcc.SignatureCard
    @Exclusive
    public byte[] createSignature(InputStream inputStream, SignatureCard.KeyboxName keyboxName, PINGUI pingui, String str) throws SignatureCardException, InterruptedException, IOException {
        CardChannel cardChannel = getCardChannel();
        try {
            executeSelectMasterFile(cardChannel);
            executeSelectDFCIA(cardChannel);
            ObjectDirectory objectDirectory = new ObjectDirectory();
            objectDirectory.selectAndRead(cardChannel);
            DNIeCIOCertificateDirectory dNIeCIOCertificateDirectory = new DNIeCIOCertificateDirectory(objectDirectory.getPrKDReferences().get(0));
            dNIeCIOCertificateDirectory.selectAndRead(cardChannel);
            byte[] bArr = null;
            for (CIOCertificate cIOCertificate : dNIeCIOCertificateDirectory.getCIOs()) {
                String label = cIOCertificate.getLabel();
                if (label != null && label.toLowerCase().contains("KprivFirmaDigital".toLowerCase())) {
                    bArr = cIOCertificate.getEfidOrPath();
                }
            }
            if (bArr == null) {
                throw new NotActivatedException();
            }
            verifyPINLoop(cardChannel, this.pinInfo, pingui);
            if (bArr == null || bArr.length < 2) {
                throw new CardException("Unable to determine valid key path. Key path either null or unexpected length.");
            }
            executeManageSecurityEnvironment(cardChannel, new byte[]{bArr[bArr.length - 2], bArr[bArr.length - 1]});
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
                byte[] bArr2 = new byte[messageDigest.getDigestLength()];
                while (true) {
                    int read = inputStream.read(bArr2);
                    if (read == -1) {
                        return executeCreateSignature(cardChannel, messageDigest.digest());
                    }
                    messageDigest.update(bArr2, 0, read);
                }
            } catch (NoSuchAlgorithmException e) {
                this.log.error("Failed to get MessageDigest.", (Throwable) e);
                throw new SignatureCardException(e);
            }
        } catch (CardException e2) {
            this.log.error("Error during signature creation.", e2);
            throw new SignatureCardException("Error creating signature with DNIe card.", e2);
        }
    }

    @Override // at.gv.egiz.smcc.SignatureCard
    @Exclusive
    public byte[] getCertificate(SignatureCard.KeyboxName keyboxName, PINGUI pingui) throws SignatureCardException, InterruptedException {
        CardChannel cardChannel = getCardChannel();
        try {
            executeSelectMasterFile(cardChannel);
            executeSelectDFCIA(cardChannel);
            byte[] bArr = null;
            ObjectDirectory objectDirectory = new ObjectDirectory();
            objectDirectory.selectAndRead(cardChannel);
            DNIeCIOCertificateDirectory dNIeCIOCertificateDirectory = new DNIeCIOCertificateDirectory(objectDirectory.getCDReferences().get(0));
            try {
                dNIeCIOCertificateDirectory.selectAndRead(cardChannel);
                for (CIOCertificate cIOCertificate : dNIeCIOCertificateDirectory.getCIOs()) {
                    String label = cIOCertificate.getLabel();
                    if (label != null && label.toLowerCase().contains("CertFirmaDigital".toLowerCase())) {
                        bArr = cIOCertificate.getEfidOrPath();
                    }
                }
                if (bArr == null) {
                    throw new NotActivatedException();
                }
                if (bArr.length != 4) {
                    throw new CardException("Unable to determine valid certificate path. Cert path has unexpected length.");
                }
                byte[] bArr2 = bArr;
                verifyPINLoop(cardChannel, this.pinInfo, pingui);
                executeSelectMasterFile(cardChannel);
                executeSelect(cardChannel, new byte[]{bArr2[0], bArr2[1]});
                byte[] executeSelect = executeSelect(cardChannel, new byte[]{bArr2[2], bArr2[3]});
                byte[] executeReadBinary = executeReadBinary(cardChannel, executeSelect[7], executeSelect[8]);
                byte[] bArr3 = new byte[executeReadBinary.length - 8];
                System.arraycopy(executeReadBinary, 8, bArr3, 0, bArr3.length);
                return decompressData(bArr3);
            } catch (IOException e) {
                throw new CardException("Error retrieving certificate path. ", e);
            }
        } catch (CardException e2) {
            this.log.error("Error reading certificate from card.", e2);
            throw new SignatureCardException("Error reading certificate from card.", e2);
        }
    }

    @Override // at.gv.egiz.smcc.SignatureCard
    public byte[] getInfobox(String str, PINGUI pingui, String str2) throws SignatureCardException, InterruptedException {
        this.log.debug("Attempting to read infobox from DNIe..");
        throw new IllegalArgumentException("Infobox '" + str + "' not supported.");
    }

    protected void verifyPINLoop(CardChannel cardChannel, PinInfo pinInfo, PINGUI pingui) throws LockedException, NotActivatedException, SignatureCardException, InterruptedException, CardException {
        int i = -1;
        do {
            i = verifyPIN(cardChannel, pinInfo, pingui, i);
        } while (i > 0);
    }

    protected int verifyPIN(CardChannel cardChannel, PinInfo pinInfo, PINGUI pingui, int i) throws SignatureCardException, LockedException, NotActivatedException, InterruptedException, CardException {
        char[] providePIN = pingui.providePIN(pinInfo, i);
        byte[] bArr = new byte[5 + providePIN.length];
        bArr[0] = 0;
        bArr[1] = 32;
        bArr[2] = 0;
        bArr[3] = 0;
        bArr[4] = (byte) providePIN.length;
        for (int i2 = 0; i2 < providePIN.length; i2++) {
            bArr[i2 + 5] = (byte) providePIN[i2];
        }
        int sw = cardChannel.transmit(new CommandAPDU(bArr)).getSW();
        if (sw == 36864) {
            return -1;
        }
        if ((sw >> 4) == 1596) {
            return 15 & sw;
        }
        switch (sw) {
            case 27011:
                throw new LockedException();
            default:
                String str = "VERIFY failed. SW=" + Integer.toHexString(sw);
                this.log.info(str);
                throw new SignatureCardException(str);
        }
    }

    private void executeSelectMasterFile(CardChannel cardChannel) throws CardException {
        byte[] bArr = new byte[MASTER_FILE_ID.length + 5];
        bArr[0] = 0;
        bArr[1] = -92;
        bArr[2] = 4;
        bArr[3] = 0;
        bArr[4] = (byte) MASTER_FILE_ID.length;
        System.arraycopy(MASTER_FILE_ID, 0, bArr, 5, MASTER_FILE_ID.length);
        ResponseAPDU transmit = cardChannel.transmit(new CommandAPDU(bArr));
        if (transmit.getSW() != 36864) {
            this.log.error("Error selecting master file: " + Integer.toHexString(transmit.getSW()));
            throw new CardException("Error selecting master file: " + Integer.toHexString(transmit.getSW()));
        }
    }

    private void executeSelectDFCIA(CardChannel cardChannel) throws CardException {
        executeSelect(cardChannel, new byte[]{80, 21});
    }

    private byte[] executeSelect(CardChannel cardChannel, byte[] bArr) throws CardException {
        byte[] bArr2 = {0, -92, 0, 0, (byte) bArr.length};
        byte[] bArr3 = new byte[bArr2.length + bArr.length];
        System.arraycopy(bArr2, 0, bArr3, 0, bArr2.length);
        System.arraycopy(bArr, 0, bArr3, bArr2.length, bArr.length);
        ResponseAPDU transmit = cardChannel.transmit(new CommandAPDU(bArr3));
        if (transmit.getSW() == 36864) {
            return transmit.getData();
        }
        this.log.error("error selecting file " + SMCCHelper.toString(bArr) + ": " + Integer.toHexString(transmit.getSW()));
        throw new CardException("Error selecting file " + SMCCHelper.toString(bArr) + ": " + Integer.toHexString(transmit.getSW()));
    }

    private byte[] executeReadBinary(CardChannel cardChannel, byte b, byte b2) throws CardException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int i = (b * 256) + b2;
        int i2 = 0;
        boolean z = false;
        int i3 = 0;
        while (!z) {
            int i4 = i - i2 > 239 ? 239 : i - i2;
            byte[] byteArray = SMCCHelper.toByteArray(i3);
            ResponseAPDU readFromCard = readFromCard(cardChannel, byteArray[0], byteArray[1], (byte) i4);
            if (readFromCard.getSW1() == 108) {
                readFromCard = readFromCard(cardChannel, byteArray[0], byteArray[1], (byte) readFromCard.getSW2());
                z = true;
            }
            try {
                byteArrayOutputStream.write(readFromCard.getData());
                i2 += readFromCard.getData().length;
                i3 = i2;
                if (i2 == i) {
                    z = true;
                }
            } catch (IOException e) {
                this.log.error("Error executing secure read binary.", (Throwable) e);
                throw new CardException("Error reading data from card", e);
            }
        }
        return byteArrayOutputStream.toByteArray();
    }

    private void executeManageSecurityEnvironment(CardChannel cardChannel, byte[] bArr) throws CardException {
        ResponseAPDU transmit = cardChannel.transmit(new CommandAPDU(new byte[]{0, 34, 65, -74, 4, -124, 2, bArr[0], bArr[1]}));
        if (transmit.getSW() != 36864) {
            this.log.error("Error executing Manage Security Environment: " + Integer.toHexString(transmit.getSW()));
            throw new CardException("Execution of command Manage Security Environment failed: " + Integer.toHexString(transmit.getSW()));
        }
    }

    private byte[] executeCreateSignature(CardChannel cardChannel, byte[] bArr) throws CardException {
        byte[] bArr2 = new byte[5 + this.HASH_PADDING.length + bArr.length + 1];
        bArr2[0] = 0;
        bArr2[1] = 42;
        bArr2[2] = -98;
        bArr2[3] = -102;
        bArr2[4] = (byte) (this.HASH_PADDING.length + bArr.length);
        System.arraycopy(this.HASH_PADDING, 0, bArr2, 5, this.HASH_PADDING.length);
        System.arraycopy(bArr, 0, bArr2, 5 + this.HASH_PADDING.length, bArr.length);
        bArr2[bArr2.length - 1] = Byte.MIN_VALUE;
        ResponseAPDU transmit = cardChannel.transmit(new CommandAPDU(bArr2));
        if (transmit.getSW() == 36864) {
            return transmit.getData();
        }
        this.log.error("Error computing electronic signature on card: " + Integer.toHexString(transmit.getSW()));
        throw new CardException("Unexpected response from card: " + Integer.toHexString(transmit.getSW()));
    }

    private ResponseAPDU readFromCard(CardChannel cardChannel, byte b, byte b2, byte b3) throws CardException {
        return cardChannel.transmit(new CommandAPDU(new byte[]{0, -80, b, b2, b3}));
    }

    private byte[] decompressData(byte[] bArr) throws CardException {
        Inflater inflater = new Inflater();
        inflater.setInput(bArr, 0, bArr.length);
        byte[] bArr2 = new byte[256];
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        while (!inflater.finished()) {
            try {
                byteArrayOutputStream.write(bArr2, 0, inflater.inflate(bArr2));
            } catch (DataFormatException e) {
                throw new CardException("Error decompressing file.", e);
            }
        }
        inflater.end();
        return byteArrayOutputStream.toByteArray();
    }
}
