package com.lexpersona.token.ias.profils;

import com.lexpersona.exceptions.digest.DigestAlgorithmNotSupportedException;
import com.lexpersona.exceptions.identity.EmptyPINException;
import com.lexpersona.exceptions.identity.PINLockedException;
import com.lexpersona.exceptions.identity.WrongPINException;
import com.lexpersona.exceptions.token.TokenException;
import com.lexpersona.token.CardType;
import com.lexpersona.token.DigestAlg;
import com.lexpersona.token.apdu.APDUChannel;
import com.lexpersona.token.apdu.APDUResponse;
import com.lexpersona.token.apdu.OtherAPDUCommand;
import com.lexpersona.token.apdu.SelectFileAPDUCommand;
import com.lexpersona.token.apdu.VerifyAPDUCommand;
import com.lexpersona.token.bertlv.BERTLV;
import com.lexpersona.token.cert.CertUtil;
import com.lexpersona.token.ias.Pkcs11IAS;
import com.lexpersona.token.provider.LPNativeProvider;
import com.lexpersona.token.provider.keys.NativeKeyEntry;
import com.lexpersona.token.tools.SecurityUtils;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import kotlin.jvm.internal.ByteCompanionObject;

/* loaded from: classes.dex */
public class IASImprimerieNationaleProfil extends IASProfil {
    private void readCertificates(APDUChannel aPDUChannel) throws TokenException {
        boolean z;
        try {
            CertificateFactory certificateFactory = SecurityUtils.getCertificateFactory();
            APDUResponse transmit = new SelectFileAPDUCommand(aPDUChannel, (byte) 4, (byte) 0, new byte[]{-24, 40, -67, 8, 15, -96, 0, 0, 5, 4, 80, 82, 79, 32, 2, 3}).transmit();
            if (transmit.getSW1() == 97) {
                this.iasToken.getResponse(transmit.getSW2());
            } else if (transmit.getSW() != 36864) {
                throw new TokenException("Card file selection error (APDU response: " + Integer.toHexString(transmit.getSW()) + ".");
            }
            for (int i = 0; i <= 32; i++) {
                try {
                    APDUResponse transmit2 = new SelectFileAPDUCommand(aPDUChannel, (byte) 2, (byte) 0, new byte[]{-96, (byte) i}).transmit();
                    if (transmit2.getSW1() == 97) {
                        this.iasToken.getResponse(transmit2.getSW2());
                    } else if (transmit2.getSW() != 36864) {
                        throw new TokenException("Card file selection error (APDU response: " + Integer.toHexString(transmit2.getSW()) + ".");
                        break;
                    }
                    z = false;
                } catch (Exception unused) {
                    z = true;
                }
                if (!z) {
                    this.certificates.add((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(this.iasToken.readBinary())));
                }
            }
        } catch (Exception e) {
            throw new TokenException("Certificate parsing error.", e);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:34:0x0154, code lost:
    
        r0 = e;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void readKeyEntries(com.lexpersona.token.apdu.APDUChannel r22) throws com.lexpersona.exceptions.token.TokenException {
        /*
            Method dump skipped, instructions count: 576
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.lexpersona.token.ias.profils.IASImprimerieNationaleProfil.readKeyEntries(com.lexpersona.token.apdu.APDUChannel):void");
    }

    @Override // com.lexpersona.token.ias.profils.IASProfil
    public List<NativeKeyEntry> getKeyEntries(APDUChannel aPDUChannel, LPNativeProvider lPNativeProvider) throws TokenException {
        init(aPDUChannel);
        ArrayList arrayList = new ArrayList();
        X509Certificate[] x509CertificateArr = (X509Certificate[]) this.certificates.toArray(new X509Certificate[this.certificates.size()]);
        Iterator<Integer> it = this.keyEntries.keySet().iterator();
        while (it.hasNext()) {
            IASPrivateKeyAndCertificate iASPrivateKeyAndCertificate = this.keyEntries.get(it.next());
            arrayList.add(new NativeKeyEntry(CardType.IAS_CARD, this.identity, CertUtil.buildCertificatePath(iASPrivateKeyAndCertificate.getCertificate(), x509CertificateArr), iASPrivateKeyAndCertificate.getKeyRef()[0], lPNativeProvider));
        }
        return arrayList;
    }

    @Override // com.lexpersona.token.ias.profils.IASProfil
    protected void loadTokenObjects(APDUChannel aPDUChannel) throws TokenException {
        if (this.identity == null) {
            readCardIdentity(aPDUChannel);
        }
        readCertificates(aPDUChannel);
        readKeyEntries(aPDUChannel);
    }

    @Override // com.lexpersona.token.ias.profils.IASProfil
    public void readCardIdentity(APDUChannel aPDUChannel) throws TokenException {
        APDUResponse transmit = new SelectFileAPDUCommand(aPDUChannel, (byte) 4, (byte) 12, new byte[]{-24, 40, -67, 8, 15, -96, 0, 0, 5, 4, 80, 82, 79, 32, 2, 3}).transmit();
        if (transmit.getSW() != 36864) {
            throw new TokenException("Card file selection error (APDU response: " + Integer.toHexString(transmit.getSW()) + ".");
        }
        APDUResponse transmit2 = new SelectFileAPDUCommand(aPDUChannel, (byte) 2, (byte) 0, new byte[]{80, 50}).transmit();
        if (transmit2.getSW1() == 97) {
            this.iasToken.getResponse(transmit2.getSW2());
        } else if (transmit2.getSW() != 36864) {
            throw new TokenException("Card file selection error (APDU response: " + Integer.toHexString(transmit2.getSW()) + ".");
        }
        byte[] readBinary = this.iasToken.readBinary();
        this.identity = new String(readBinary);
        BERTLV child = new BERTLV(readBinary).getLastChild().getChild();
        while (child.tag().code() != 12) {
            child = child.getSibling();
            if (child == null) {
                return;
            }
        }
        this.identity = child.valueAsString();
    }

    @Override // com.lexpersona.token.ias.profils.IASProfil
    public byte[] sign(APDUChannel aPDUChannel, byte[] bArr, DigestAlg digestAlg, byte b, char[] cArr) throws TokenException, DigestAlgorithmNotSupportedException, EmptyPINException, PINLockedException, WrongPINException {
        APDUResponse transmit = new SelectFileAPDUCommand(aPDUChannel, (byte) 4, (byte) 12, new byte[]{-24, 40, -67, 8, 15, -96, 0, 0, 5, 4, 80, 82, 79, 32, 2, 3}).transmit();
        if (transmit.getSW() != 36864) {
            throw new TokenException("Card file selection error (APDU response: " + Integer.toHexString(transmit.getSW()) + ".");
        }
        APDUResponse transmit2 = new OtherAPDUCommand(aPDUChannel, (byte) 34, (byte) 65, (byte) -92, new byte[]{ByteCompanionObject.MIN_VALUE, 1, 2, -124, 1, b}).transmit();
        if (transmit2.getSW() != 36864) {
            throw new TokenException("Card file selection error (APDU response: " + Integer.toHexString(transmit2.getSW()) + ".");
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            if (digestAlg == DigestAlg.SHA1) {
                byteArrayOutputStream.write(Pkcs11IAS.SHA1_DIGEST_INFO_PREFIX);
            } else {
                if (digestAlg != DigestAlg.SHA256) {
                    throw new DigestAlgorithmNotSupportedException(digestAlg.toString());
                }
                byteArrayOutputStream.write(Pkcs11IAS.SHA256_DIGEST_INFO_PREFIX);
            }
            byteArrayOutputStream.write(bArr);
            OtherAPDUCommand otherAPDUCommand = new OtherAPDUCommand(aPDUChannel, (byte) -120, (byte) 0, (byte) 0, byteArrayOutputStream.toByteArray());
            APDUResponse transmit3 = otherAPDUCommand.transmit();
            if (transmit3.getSW() == 36864) {
                return transmit3.getData();
            }
            if (transmit3.getSW1() == 97) {
                return this.iasToken.getResponse(transmit3.getSW2());
            }
            if (transmit3.getSW() != 27010) {
                throw new TokenException("Digital signature computing error (APDU response: " + Integer.toHexString(transmit3.getSW()) + ".");
            }
            if (cArr == null || cArr.length == 0) {
                throw new EmptyPINException();
            }
            APDUResponse transmit4 = new VerifyAPDUCommand(aPDUChannel, new String(cArr).getBytes()).transmit();
            if (transmit4.getSW() != 36864) {
                if (transmit4.getSW() == 27011 || transmit4.getSW() == 27012) {
                    throw new PINLockedException(new Exception("Card blocked"));
                }
                if (transmit4.getSW1() != 99) {
                    throw new WrongPINException();
                }
                if (transmit4.getSW2() == 0) {
                    throw new EmptyPINException();
                }
                if ((transmit4.getSW2() & 240) == 192) {
                    throw new WrongPINException(transmit4.getSW2() & 15);
                }
                throw new WrongPINException();
            }
            APDUResponse transmit5 = otherAPDUCommand.transmit();
            if (transmit5.getSW1() == 97) {
                return this.iasToken.getResponse(transmit5.getSW2());
            }
            if (transmit5.getSW() == 36864) {
                return transmit5.getData();
            }
            throw new TokenException("Digital signature computing error (APDU response: " + Integer.toHexString(transmit5.getSW()) + ".");
        } catch (IOException e) {
            throw new TokenException("Digest algorithm error", e);
        }
    }

    @Override // com.lexpersona.token.ias.profils.IASProfil
    public void verifyPin(APDUChannel aPDUChannel, char[] cArr) throws PINLockedException, WrongPINException, EmptyPINException, TokenException {
        APDUResponse transmit = new VerifyAPDUCommand(aPDUChannel, new String(cArr).getBytes()).transmit();
        if (transmit.getSW() != 36864) {
            if (transmit.getSW() == 27011) {
                throw new PINLockedException(new Exception("Card blocked"));
            }
            if (transmit.getSW1() != 99) {
                throw new WrongPINException();
            }
            if (transmit.getSW2() != 0) {
                throw new WrongPINException(transmit.getSW2() & 15);
            }
            throw new EmptyPINException();
        }
    }
}
