package at.gv.egiz.smcc;

import at.gv.egiz.smcc.SignatureCard;
import at.gv.egiz.smcc.pin.gui.PINGUI;
import iaik.me.asn1.ASN1;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Enumeration;
import java.util.Locale;
import javax.smartcardio.Card;
import javax.smartcardio.CardTerminal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:at/gv/egiz/smcc/SWCard.class */
public class SWCard implements SignatureCard {
    private static final String BKU_USER_DIR = ".mocca";
    private static final String SWCARD_DIR = "smcc";
    private static final String KEYSTORE_CERTIFIED_KEYPAIR = "certified.p12";
    private static final String KEYSTORE_PASSWORD_CERTIFIED_KEYPAIR = "certified.pwd";
    private static final String CERTIFICATE_CERTIFIED_KEYPAIR = "certified.cer";
    private static final String KEYSTORE_SECURE_KEYPAIR = "secure.p12";
    private static final String KEYSTORE_PASSWORD_SECURE_KEYPAIR = "secure.pwd";
    private static final String CERTIFICATE_SECURE_KEYPAIR = "secure.cer";
    private static String swCardDir;
    private static final Logger log = LoggerFactory.getLogger((Class<?>) SWCard.class);
    private KeyStore certifiedKeyStore;
    private char[] certifiedKeyStorePassword;
    private KeyStore secureKeyStore;
    private char[] secureKeyStorePassword;
    private Certificate certifiedCertificate;
    private Certificate secureCertificate;

    public static String getSwCardDir() {
        return swCardDir;
    }

    public static void setSwCardDir(String str) {
        swCardDir = str;
    }

    @Override // at.gv.egiz.smcc.SignatureCard
    public void init(Card card, CardTerminal cardTerminal) {
    }

    @Override // at.gv.egiz.smcc.SignatureCard
    public Card getCard() {
        return null;
    }

    @Override // at.gv.egiz.smcc.SignatureCard
    public String getTerminalName() {
        return null;
    }

    private String getFileName(String str) {
        return swCardDir + System.getProperty("file.separator") + str;
    }

    private Certificate loadCertificate(String str) throws SignatureCardException {
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("x509");
            String fileName = getFileName(str);
            log.info("Trying to load Certificate from file '" + fileName + "'.");
            try {
                try {
                    return certificateFactory.generateCertificate(new FileInputStream(fileName));
                } catch (CertificateException e) {
                    String str2 = "Failed to load Certificate from file '" + fileName + "'.";
                    log.info(str2, (Throwable) e);
                    throw new SignatureCardException(str2, e);
                }
            } catch (java.io.FileNotFoundException e2) {
                String str3 = "Certificate file '" + fileName + "' not found.";
                log.info(str3, (Throwable) e2);
                throw new SignatureCardException(str3, e2);
            }
        } catch (CertificateException e3) {
            log.error("Failed to get CertificateFactory instance for type 'x509'.", (Throwable) e3);
            throw new SignatureCardException("Failed to get CertificateFactory instance for type 'x509'.", e3);
        }
    }

    private KeyStore loadKeyStore(String str, char[] cArr) throws SignatureCardException {
        try {
            KeyStore keyStore = KeyStore.getInstance("pkcs12");
            String fileName = getFileName(str);
            log.info("Trying to load KeyStore from file '{}'.", fileName);
            try {
                try {
                    keyStore.load(new FileInputStream(fileName), cArr);
                    return keyStore;
                } catch (Exception e) {
                    String str2 = "Failed to load KeyStore from file '" + fileName + "'.";
                    log.info(str2, (Throwable) e);
                    throw new SignatureCardException(str2, e);
                }
            } catch (java.io.FileNotFoundException e2) {
                String str3 = "KeyStore file '" + fileName + "' not found.";
                log.info(str3, (Throwable) e2);
                throw new SignatureCardException(str3, e2);
            }
        } catch (KeyStoreException e3) {
            log.error("Failed to get KeyStore instance for KeyStore type 'pkcs12'.", (Throwable) e3);
            throw new SignatureCardException("Failed to get KeyStore instance for KeyStore type 'pkcs12'.", e3);
        }
    }

    private char[] loadKeyStorePassword(String str) throws SignatureCardException {
        try {
            FileInputStream fileInputStream = new FileInputStream(getFileName(str));
            try {
                try {
                    InputStreamReader inputStreamReader = new InputStreamReader(fileInputStream, Charset.forName("UTF-8"));
                    StringBuilder sb = new StringBuilder();
                    char[] cArr = new char[16];
                    while (true) {
                        int read = inputStreamReader.read(cArr);
                        if (read == -1) {
                            char[] charArray = sb.toString().trim().toCharArray();
                            try {
                                fileInputStream.close();
                                return charArray;
                            } catch (IOException e) {
                                throw new SignatureCardException("Failed to close file '" + str + "'.", e);
                            }
                        }
                        sb.append(cArr, 0, read);
                    }
                } catch (IOException e2) {
                    throw new SignatureCardException("Failed to read file '" + str + "'.", e2);
                }
            } catch (Throwable th) {
                try {
                    fileInputStream.close();
                    throw th;
                } catch (IOException e3) {
                    throw new SignatureCardException("Failed to close file '" + str + "'.", e3);
                }
            }
        } catch (java.io.FileNotFoundException e4) {
            return null;
        }
    }

    private KeyStore getKeyStore(SignatureCard.KeyboxName keyboxName, char[] cArr) throws SignatureCardException {
        if (keyboxName == SignatureCard.KeyboxName.CERTIFIED_KEYPAIR) {
            if (this.certifiedKeyStore == null) {
                this.certifiedKeyStore = loadKeyStore(KEYSTORE_CERTIFIED_KEYPAIR, cArr);
            }
            return this.certifiedKeyStore;
        }
        if (keyboxName != SignatureCard.KeyboxName.SECURE_SIGNATURE_KEYPAIR) {
            throw new SignatureCardException("Keybox of type '" + keyboxName + "' not supported.");
        }
        if (this.secureKeyStore == null) {
            this.secureKeyStore = loadKeyStore(KEYSTORE_SECURE_KEYPAIR, cArr);
        }
        return this.secureKeyStore;
    }

    private char[] getPassword(SignatureCard.KeyboxName keyboxName) throws SignatureCardException {
        if (keyboxName == SignatureCard.KeyboxName.CERTIFIED_KEYPAIR) {
            if (this.certifiedKeyStorePassword == null) {
                this.certifiedKeyStorePassword = loadKeyStorePassword(KEYSTORE_PASSWORD_CERTIFIED_KEYPAIR);
            }
            return this.certifiedKeyStorePassword;
        }
        if (keyboxName != SignatureCard.KeyboxName.SECURE_SIGNATURE_KEYPAIR) {
            throw new SignatureCardException("Keybox of type '" + keyboxName + "' not supported.");
        }
        if (this.secureKeyStorePassword == null) {
            this.secureKeyStorePassword = loadKeyStorePassword(KEYSTORE_PASSWORD_SECURE_KEYPAIR);
        }
        return this.secureKeyStorePassword;
    }

    @Override // at.gv.egiz.smcc.SignatureCard
    public byte[] getCertificate(SignatureCard.KeyboxName keyboxName, PINGUI pingui) throws SignatureCardException {
        try {
            if (keyboxName == SignatureCard.KeyboxName.CERTIFIED_KEYPAIR) {
                if (this.certifiedCertificate == null) {
                    this.certifiedCertificate = loadCertificate(CERTIFICATE_CERTIFIED_KEYPAIR);
                }
                return this.certifiedCertificate.getEncoded();
            }
            if (keyboxName != SignatureCard.KeyboxName.SECURE_SIGNATURE_KEYPAIR) {
                throw new SignatureCardException("Keybox of type '" + keyboxName + "' not supported.");
            }
            if (this.secureCertificate == null) {
                this.secureCertificate = loadCertificate(CERTIFICATE_SECURE_KEYPAIR);
            }
            return this.secureCertificate.getEncoded();
        } catch (CertificateEncodingException e) {
            throw new SignatureCardException("Failed to get encoded Certificate.", e);
        }
    }

    @Override // at.gv.egiz.smcc.SignatureCard
    public byte[] getInfobox(String str, PINGUI pingui, String str2) throws SignatureCardException {
        try {
            FileInputStream fileInputStream = new FileInputStream(getFileName(str + ".ibx"));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                byte[] bArr = new byte[512];
                while (true) {
                    int read = fileInputStream.read(bArr);
                    if (read == -1) {
                        fileInputStream.close();
                        return byteArrayOutputStream.toByteArray();
                    }
                    byteArrayOutputStream.write(bArr, 0, read);
                }
            } catch (IOException e) {
                String str3 = "Failed to read infobox '" + str + "'.";
                log.error(str3, (Throwable) e);
                throw new SignatureCardException(str3, e);
            }
        } catch (java.io.FileNotFoundException e2) {
            String str4 = "Infobox '" + str + "' not found.";
            log.info(str4, (Throwable) e2);
            throw new SignatureCardException(str4, e2);
        }
    }

    @Override // at.gv.egiz.smcc.SignatureCard
    public byte[] createSignature(InputStream inputStream, SignatureCard.KeyboxName keyboxName, PINGUI pingui, String str) throws SignatureCardException, InterruptedException, IOException {
        char[] password = getPassword(keyboxName);
        if (password == null) {
            password = pingui.providePIN(new PinInfo(0, -1, ".", "at/gv/egiz/smcc/SWCard", "sw.pin", (byte) 1, null, -1), -1);
            if (password == null) {
                return null;
            }
        }
        KeyStore keyStore = getKeyStore(keyboxName, password);
        PrivateKey privateKey = null;
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements() && privateKey == null) {
                String nextElement = aliases.nextElement();
                log.debug("Found alias '{}' in keystore.", nextElement);
                if (keyStore.isKeyEntry(nextElement)) {
                    Key key = null;
                    while (key == null) {
                        try {
                            key = keyStore.getKey(nextElement, password);
                        } catch (UnrecoverableKeyException e) {
                            log.info("Failed to get Key from KeyStore. Wrong password?", (Throwable) e);
                        }
                    }
                    privateKey = (PrivateKey) key;
                }
            }
            if (privateKey == null) {
                log.info("No private key found in KeyStore.");
                throw new SignatureCardException("No private key found in KeyStore.");
            }
            String algorithm = privateKey.getAlgorithm();
            if (algorithm.equals("RSA")) {
                if (str == null || "http://www.w3.org/2000/09/xmldsig#rsa-sha1".equals(str)) {
                    algorithm = "SHA1withRSA";
                } else if ("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256".equals(str)) {
                    algorithm = "SHA256withRSA";
                }
            } else if (algorithm.equals("ECDSA")) {
                if (str == null || "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1".equals(str)) {
                    algorithm = "SHA1withECDSA";
                } else if ("http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256".equals(str)) {
                    algorithm = "SHA256withECDSA";
                } else if ("http://www.w3.org/2007/05/xmldsig-more#ecdsa-ripemd160".equals(str)) {
                    algorithm = "RIPEMD160withECDSA";
                }
            }
            try {
                Signature signature = Signature.getInstance(algorithm);
                signature.initSign(privateKey);
                byte[] bArr = new byte[20];
                while (true) {
                    int read = inputStream.read(bArr);
                    if (read == -1) {
                        return unwrapSignature(signature.sign(), algorithm);
                    }
                    signature.update(bArr, 0, read);
                }
            } catch (IOException e2) {
                log.info("Error unwrapping signature value.", (Throwable) e2);
                throw new SignatureCardException("Error unwrapping signature value.", e2);
            } catch (InvalidKeyException e3) {
                String str2 = "Key not valid for algorithm + '" + algorithm + "'.";
                log.info(str2, (Throwable) e3);
                throw new SignatureCardException(str2, e3);
            } catch (NoSuchAlgorithmException e4) {
                String str3 = "Algorithm + '" + algorithm + "' not supported for signing.";
                log.info(str3, (Throwable) e4);
                throw new SignatureCardException(str3, e4);
            } catch (SignatureException e5) {
                log.info("Signing failed.", (Throwable) e5);
                throw new SignatureCardException("Signing failed.", e5);
            }
        } catch (Exception e6) {
            log.info("Failed to get certificate from KeyStore.", (Throwable) e6);
            throw new SignatureCardException("Failed to get certificate from KeyStore.", e6);
        }
    }

    private static byte[] unwrapSignature(byte[] bArr, String str) throws IOException {
        byte[] bArr2 = bArr;
        log.debug("Checking if unwrapping necessary for " + str);
        if ("SHA1withECDSA".equals(str) || "SHA256withECDSA".equals(str) || "RIPEMD160withECDSA".equals(str)) {
            log.debug("Unwrapping signature");
            ASN1 asn1 = new ASN1(bArr);
            byte[] byteArray = asn1.getElementAt(0).gvBigInteger().toByteArray();
            int length = byteArray.length;
            int i = 0;
            if (byteArray[0] == 0) {
                length--;
                i = 0 + 1;
            }
            byte[] byteArray2 = asn1.getElementAt(1).gvBigInteger().toByteArray();
            int length2 = byteArray2.length;
            int i2 = 0;
            if (byteArray2[0] == 0) {
                length2--;
                i2 = 0 + 1;
            }
            bArr2 = new byte[length + length2];
            System.arraycopy(byteArray, i, bArr2, 0, length);
            System.arraycopy(byteArray2, i2, bArr2, length, length2);
        }
        return bArr2;
    }

    @Override // at.gv.egiz.smcc.SignatureCard
    public void setLocale(Locale locale) {
    }

    @Override // at.gv.egiz.smcc.SignatureCard
    public void disconnect(boolean z) {
    }

    @Override // at.gv.egiz.smcc.SignatureCard
    public void reset() throws SignatureCardException {
    }

    static {
        String property = System.getProperty("user.home");
        String property2 = System.getProperty("file.separator");
        swCardDir = property + property2 + BKU_USER_DIR + property2 + SWCARD_DIR;
        String property3 = System.getProperty("mocca.swcard.directory");
        if (property3 != null) {
            File file = new File(property3);
            if (!file.isAbsolute()) {
                property3 = property + property2 + BKU_USER_DIR + property2 + property3;
                file = new File(property3);
            }
            if (file.isDirectory()) {
                swCardDir = property3;
            }
        }
    }
}
