package com.lexpersona.token.idprime;

import com.lexpersona.exceptions.digest.DigestAlgorithmNotSupportedException;
import com.lexpersona.exceptions.identity.EmptyPINException;
import com.lexpersona.exceptions.identity.PINLockedException;
import com.lexpersona.exceptions.identity.WrongPINException;
import com.lexpersona.exceptions.token.NoSmartCardException;
import com.lexpersona.exceptions.token.TokenException;
import com.lexpersona.token.AbstractCard;
import com.lexpersona.token.CardType;
import com.lexpersona.token.DigestAlg;
import com.lexpersona.token.apdu.APDUChannel;
import com.lexpersona.token.apdu.APDUResponse;
import com.lexpersona.token.apdu.GetDataAPDUCommand;
import com.lexpersona.token.apdu.OtherAPDUCommand;
import com.lexpersona.token.apdu.SelectFileAPDUCommand;
import com.lexpersona.token.cert.CertUtil;
import com.lexpersona.token.eid.EIDCard;
import com.lexpersona.token.provider.keys.NativeKeyEntry;
import com.lexpersona.token.tools.Hex;
import com.lexpersona.token.tools.Logger;
import com.lexpersona.token.tools.SecurityUtils;
import com.lexpersona.token.tools.Utils;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.RSAPublicKeySpec;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import kotlin.UByte;
import kotlin.jvm.internal.ByteCompanionObject;

/* loaded from: classes.dex */
public class IDPrimeCard extends AbstractCard {
    protected static final byte[] IDENTITY_FILE_AID = {-96, 0, 0, 0, 24, ByteCompanionObject.MIN_VALUE, 0, 0, 0, 6, 98};
    protected static final byte[] IDENTITY_FILE_AID_CertEurope = {-96, 0, 0, 0, 24, ByteCompanionObject.MIN_VALUE, 0, 0, 0, 6, 98, 0};
    protected List<X509Certificate> certificates;
    private boolean isInit;
    protected List<NativeKeyEntry> keyEntries;
    protected Map<Byte, PublicKey> publicKeyMap;

    public IDPrimeCard(CardType cardType, APDUChannel aPDUChannel) {
        super(cardType, aPDUChannel);
        this.isInit = false;
        this.certificates = new ArrayList();
        this.keyEntries = new ArrayList();
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void readCertificates(APDUChannel aPDUChannel) throws TokenException {
        int i;
        byte b;
        int i2;
        this.logger.debug("################## Begin readCertificates");
        try {
            CertificateFactory certificateFactory = SecurityUtils.getCertificateFactory();
            APDUResponse transmit = (this.cardType == CardType.MD_940_Certeurope_CARD ? new SelectFileAPDUCommand(aPDUChannel, (byte) 4, (byte) 0, IDENTITY_FILE_AID) : new SelectFileAPDUCommand(aPDUChannel, (byte) 4, (byte) 0, IDENTITY_FILE_AID)).transmit();
            if (transmit.getSW1() == 97) {
                getResponse(transmit.getSW2());
            } else if (transmit.getSW() != 36864) {
                throw new TokenException("Card file selection error (APDU response: " + Integer.toHexString(transmit.getSW()) + ")");
            }
            for (int i3 = 0; i3 <= 32; i3++) {
                try {
                    this.logger.debug("#############################################################################################");
                    this.logger.debug("Select file " + i3);
                    APDUResponse transmit2 = (this.cardType == CardType.MD_940_Certeurope_CARD ? new SelectFileAPDUCommand(aPDUChannel, (byte) 0, (byte) 0, new byte[]{2, (byte) i3}) : new SelectFileAPDUCommand(aPDUChannel, (byte) 0, (byte) 0, new byte[]{2, (byte) i3})).transmit();
                    if (transmit2.getSW1() != 97) {
                        if (transmit2.getSW() != 36864) {
                            throw new TokenException("Card file selection error (APDU response: " + Integer.toHexString(transmit2.getSW()) + ")");
                            break;
                        }
                        byte[] data = transmit2.getData();
                        if (data.length > 5) {
                            i = (data[4] & UByte.MAX_VALUE) * 256;
                            b = data[5];
                            i2 = i + (b & UByte.MAX_VALUE);
                        }
                        i2 = 0;
                    } else {
                        byte[] response = getResponse(transmit2.getSW2());
                        if (response.length > 5) {
                            i = (response[4] & UByte.MAX_VALUE) * 256;
                            b = response[5];
                            i2 = i + (b & UByte.MAX_VALUE);
                        }
                        i2 = 0;
                    }
                    byte[] readBinary = i2 == 0 ? readBinary() : readBinary(i2);
                    if (Utils.isCompressed(readBinary)) {
                        readBinary = Utils.decompress(Utils.copyOfRange(readBinary, 4, readBinary.length));
                    }
                    Collection<? extends Certificate> generateCertificates = certificateFactory.generateCertificates(new ByteArrayInputStream(readBinary));
                    this.logger.debug("Certificates found in  file " + i3 + ": " + generateCertificates.size());
                    this.certificates.addAll(generateCertificates);
                } catch (Exception e) {
                    this.logger.debug("Error: " + e.getMessage());
                    if (e instanceof NoSmartCardException) {
                        throw ((TokenException) e);
                    }
                }
            }
            this.logger.debug("################## End readCertificates");
        } catch (Exception e2) {
            throw new TokenException("Certificate parsing error.", e2);
        }
    }

    private void readPublicKeys(APDUChannel aPDUChannel) throws TokenException {
        int i;
        int i2;
        GetDataAPDUCommand getDataAPDUCommand;
        byte[] data;
        APDUChannel aPDUChannel2 = aPDUChannel;
        long currentTimeMillis = System.currentTimeMillis();
        Logger logger = getLogger();
        this.publicKeyMap = new HashMap();
        byte b = 0;
        APDUResponse transmit = (this.cardType == CardType.MD_940_Certeurope_CARD ? new SelectFileAPDUCommand(aPDUChannel2, (byte) 4, (byte) 0, IDENTITY_FILE_AID) : new SelectFileAPDUCommand(aPDUChannel2, (byte) 4, (byte) 0, IDENTITY_FILE_AID)).transmit();
        if (transmit.getSW() != 36864) {
            throw new TokenException("Card file selection error (APDU response: " + Integer.toHexString(transmit.getSW()) + ")");
        }
        if (this.cardType == CardType.MD_840_CARD) {
            i = 255;
            i2 = 240;
        } else {
            i = 104;
            i2 = 73;
        }
        long j = currentTimeMillis;
        int i3 = i;
        while (i3 >= i2) {
            try {
                logger.debug("#############################################################################################");
                logger.debug("GET DATA:" + i3);
                if (this.cardType == CardType.MD_940_Certeurope_CARD) {
                    byte[] bArr = new byte[8];
                    bArr[b] = -74;
                    bArr[1] = 3;
                    bArr[2] = EIDCard.SIGN_PKEY_REF;
                    bArr[3] = 1;
                    try {
                        bArr[4] = (byte) i3;
                        bArr[5] = ByteCompanionObject.MAX_VALUE;
                        bArr[6] = 73;
                        bArr[7] = ByteCompanionObject.MIN_VALUE;
                        getDataAPDUCommand = new GetDataAPDUCommand(aPDUChannel2, b, (byte) -1, bArr);
                    } catch (Exception e) {
                        e = e;
                        if (logger != null) {
                            logger.debug("Error: " + e.getMessage());
                        }
                        if (e instanceof NoSmartCardException) {
                            throw ((TokenException) e);
                        }
                        i3--;
                        aPDUChannel2 = aPDUChannel;
                        b = 0;
                    }
                } else {
                    byte[] bArr2 = new byte[8];
                    bArr2[b] = -74;
                    bArr2[1] = 3;
                    bArr2[2] = EIDCard.SIGN_PKEY_REF;
                    bArr2[3] = 1;
                    bArr2[4] = (byte) i3;
                    bArr2[5] = ByteCompanionObject.MAX_VALUE;
                    bArr2[6] = 73;
                    bArr2[7] = ByteCompanionObject.MIN_VALUE;
                    getDataAPDUCommand = new GetDataAPDUCommand(aPDUChannel2, b, (byte) -1, bArr2);
                }
                APDUResponse transmit2 = getDataAPDUCommand.transmit();
                if (transmit2.getSW1() != 97) {
                    if (transmit2.getSW() != 36864) {
                        throw new TokenException("Card get data error (APDU response: " + Integer.toHexString(transmit2.getSW()) + ")");
                        break;
                    }
                    data = transmit2.getData();
                } else {
                    byte sw2 = transmit2.getSW2();
                    if (sw2 == 0) {
                        sw2 = -1;
                    }
                    data = getResponse(sw2);
                }
                if (logger != null) {
                    try {
                        logger.debug("Public key raw data: " + new String(Hex.encode(data)));
                    } catch (Exception e2) {
                        if (logger != null) {
                            logger.debug("Error: " + e2.getMessage());
                        }
                    }
                }
                int i4 = ((data[12] & UByte.MAX_VALUE) * 256) + (data[13] & UByte.MAX_VALUE);
                if (data.length >= i4 + 3 && i4 != 0) {
                    int i5 = data[i4 + 16] & UByte.MAX_VALUE;
                    if (data.length >= i4 + i5 && i5 != 0) {
                        byte[] bArr3 = new byte[i4];
                        for (int i6 = 0; i6 < i4; i6++) {
                            bArr3[i6] = data[i6 + 14];
                        }
                        byte[] bArr4 = new byte[i5];
                        for (int i7 = 0; i7 < i5; i7++) {
                            bArr4[i7] = data[i4 + 17 + i7];
                        }
                        byte b2 = (byte) i3;
                        this.publicKeyMap.put(Byte.valueOf(b2), KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(new String(Hex.encode(bArr3)), 16), new BigInteger(new String(Hex.encode(bArr4)), 16))));
                        if (logger != null) {
                            logger.debug("Public key " + Integer.toHexString(b2 & UByte.MAX_VALUE) + " retrieved successfully (" + (System.currentTimeMillis() - j) + "ms)");
                            j = System.currentTimeMillis();
                        }
                    }
                }
            } catch (Exception e3) {
                e = e3;
            }
            i3--;
            aPDUChannel2 = aPDUChannel;
            b = 0;
        }
        if (logger != null) {
            logger.debug("Public keys count (including signature containers) = " + this.publicKeyMap.size());
        }
        Iterator<PublicKey> it = Utils.findDuplicates(new ArrayList(this.publicKeyMap.values())).iterator();
        while (it.hasNext()) {
            this.publicKeyMap.values().removeAll(Collections.singleton(it.next()));
        }
        long currentTimeMillis2 = System.currentTimeMillis();
        List<X509Certificate> list = this.certificates;
        X509Certificate[] x509CertificateArr = (X509Certificate[]) list.toArray(new X509Certificate[list.size()]);
        for (Byte b3 : this.publicKeyMap.keySet()) {
            PublicKey publicKey = this.publicKeyMap.get(b3);
            Iterator<X509Certificate> it2 = this.certificates.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                X509Certificate next = it2.next();
                if (next.getPublicKey().equals(publicKey)) {
                    NativeKeyEntry nativeKeyEntry = new NativeKeyEntry(this.cardType, this.identity, CertUtil.buildCertificatePath(next, x509CertificateArr), b3.byteValue(), this.provider);
                    this.keyEntries.add(nativeKeyEntry);
                    if (logger != null) {
                        logger.debug("Public key " + Integer.toHexString(b3.byteValue() & UByte.MAX_VALUE) + " associated successfully with certificate " + nativeKeyEntry.getAlias() + ": " + next.getSubjectDN());
                    }
                }
            }
        }
        if (logger != null) {
            logger.debug(this.keyEntries.size() + " public key(s) associated successfully with certificate(s) (" + (System.currentTimeMillis() - currentTimeMillis2) + "ms)");
        }
    }

    @Override // com.lexpersona.token.AbstractCard
    public String getCardIdentity() throws TokenException {
        if (this.identity != null) {
            return this.identity;
        }
        try {
            this.channel.connect();
            readCardIdentity(this.channel);
            return this.identity;
        } finally {
            this.channel.disconnect();
            if (this.logger != null) {
                this.logger.debug("Get card identity: " + this.identity);
            }
        }
    }

    @Override // com.lexpersona.token.AbstractCard
    public List<X509Certificate> getCertificates() throws TokenException {
        loadTokenObjects();
        return this.certificates;
    }

    @Override // com.lexpersona.token.AbstractCard
    public List<NativeKeyEntry> getKeyEntries() throws TokenException {
        loadTokenObjects();
        return this.keyEntries;
    }

    protected void loadTokenObjects() throws TokenException {
        if (this.isInit) {
            return;
        }
        try {
            this.channel.connect();
            readCardIdentity(this.channel);
            readCertificates(this.channel);
            readPublicKeys(this.channel);
            this.isInit = true;
        } finally {
            this.channel.disconnect();
        }
    }

    public void readCardIdentity(APDUChannel aPDUChannel) {
        if (this.identity == null) {
            if (this.cardType == CardType.MD_840_CARD) {
                this.identity = "IDPrime MD 840";
            } else if (this.cardType == CardType.MD_940_Certeurope_CARD) {
                this.identity = "IDPrime MD 940 Certeurope";
            } else {
                this.identity = "IDPrime MD 940 Classic";
            }
        }
    }

    @Override // com.lexpersona.token.AbstractCard
    public byte[] sign(byte[] bArr, DigestAlg digestAlg, byte b, char[] cArr) throws TokenException, DigestAlgorithmNotSupportedException, EmptyPINException, PINLockedException, WrongPINException {
        byte[] data;
        try {
            this.channel.connect();
            int i = 0;
            APDUResponse transmit = (this.cardType == CardType.MD_940_Certeurope_CARD ? new SelectFileAPDUCommand(this.channel, (byte) 4, (byte) 0, IDENTITY_FILE_AID) : new SelectFileAPDUCommand(this.channel, (byte) 4, (byte) 0, IDENTITY_FILE_AID)).transmit();
            if (transmit.getSW() != 36864) {
                throw new TokenException("Card file selection error (APDU response: " + Integer.toHexString(transmit.getSW()) + ")");
            }
            if (cArr == null || cArr.length == 0) {
                throw new EmptyPINException();
            }
            byte[] bArr2 = {ByteCompanionObject.MIN_VALUE, 1, 0, -124, 1, b};
            if (digestAlg == DigestAlg.SHA1) {
                bArr2[2] = 18;
            } else {
                if (digestAlg != DigestAlg.SHA256) {
                    throw new DigestAlgorithmNotSupportedException(digestAlg.toString());
                }
                bArr2[2] = 66;
            }
            APDUResponse transmit2 = new OtherAPDUCommand(this.channel, (byte) 34, (byte) 65, (byte) -74, bArr2).transmit();
            if (transmit2.getSW() != 36864) {
                throw new TokenException("Digital signature computing error (APDU response: " + Integer.toHexString(transmit2.getSW()) + ")");
            }
            byte[] bArr3 = new byte[16];
            bArr3[0] = 0;
            bArr3[1] = 0;
            bArr3[2] = 0;
            bArr3[3] = 0;
            bArr3[4] = 0;
            bArr3[5] = 0;
            bArr3[6] = 0;
            bArr3[7] = 0;
            bArr3[8] = 0;
            bArr3[9] = 0;
            bArr3[10] = 0;
            bArr3[11] = 0;
            bArr3[12] = 0;
            bArr3[13] = 0;
            bArr3[14] = 0;
            bArr3[15] = 0;
            for (int length = cArr.length - 1; length >= 0; length--) {
                bArr3[length] = (byte) cArr[length];
            }
            APDUResponse transmit3 = new OtherAPDUCommand(this.channel, (byte) 32, (byte) 0, (byte) 17, bArr3).transmit();
            if (transmit3.getSW() != 36864) {
                if (transmit3.getSW() == 27011 || transmit3.getSW() == 27012) {
                    throw new PINLockedException(new Exception("Card blocked"));
                }
                if (transmit3.getSW1() != 99) {
                    throw new WrongPINException();
                }
                if (transmit3.getSW2() == 0) {
                    throw new EmptyPINException();
                }
                if ((transmit3.getSW2() & 240) == 192) {
                    throw new WrongPINException(transmit3.getSW2() & 15);
                }
                throw new WrongPINException();
            }
            byte[] bArr4 = new byte[bArr.length + 2];
            if (digestAlg == DigestAlg.SHA1) {
                bArr4[0] = -112;
                bArr4[1] = 20;
                while (i < bArr.length) {
                    bArr4[i + 2] = bArr[i];
                    i++;
                }
            } else {
                if (digestAlg != DigestAlg.SHA256) {
                    throw new DigestAlgorithmNotSupportedException(digestAlg.toString());
                }
                bArr4[0] = -112;
                bArr4[1] = 32;
                while (i < bArr.length) {
                    bArr4[i + 2] = bArr[i];
                    i++;
                }
            }
            new OtherAPDUCommand(this.channel, (byte) 42, (byte) -112, (byte) -96, bArr4).transmit();
            APDUResponse transmit4 = new OtherAPDUCommand(this.channel, (byte) 42, (byte) -98, (byte) -102, (byte[]) null).transmit();
            if (transmit4.getSW1() == 97) {
                data = getResponse(transmit4.getSW2());
            } else if (transmit4.getSW1() == 108) {
                APDUResponse transmit5 = new OtherAPDUCommand(this.channel, (byte) 42, (byte) -98, (byte) -102, transmit4.getSW2()).transmit();
                if (transmit5.getSW1() == 97) {
                    data = getResponse(transmit5.getSW2());
                } else {
                    if (transmit5.getSW() != 36864) {
                        throw new TokenException("Digital signature computing error (APDU response: " + Integer.toHexString(transmit5.getSW()) + ")");
                    }
                    data = transmit5.getData();
                }
            } else {
                if (transmit4.getSW() != 36864) {
                    throw new TokenException("Digital signature computing error (APDU response: " + Integer.toHexString(transmit4.getSW()) + ")");
                }
                data = transmit4.getData();
            }
            return data;
        } finally {
            this.channel.disconnect();
        }
    }

    @Override // com.lexpersona.token.AbstractCard
    public void verifyPin(char[] cArr) throws PINLockedException, WrongPINException, EmptyPINException, TokenException {
        try {
            this.channel.connect();
            APDUResponse transmit = (this.cardType == CardType.MD_940_Certeurope_CARD ? new SelectFileAPDUCommand(this.channel, (byte) 4, (byte) 0, IDENTITY_FILE_AID_CertEurope) : new SelectFileAPDUCommand(this.channel, (byte) 4, (byte) 0, IDENTITY_FILE_AID)).transmit();
            if (transmit.getSW() != 36864) {
                throw new TokenException("Card file selection error (APDU response: " + Integer.toHexString(transmit.getSW()) + ")");
            }
            if (cArr == null || cArr.length == 0) {
                throw new EmptyPINException();
            }
            byte[] bArr = new byte[16];
            bArr[0] = 0;
            bArr[1] = 0;
            bArr[2] = 0;
            bArr[3] = 0;
            bArr[4] = 0;
            bArr[5] = 0;
            bArr[6] = 0;
            bArr[7] = 0;
            bArr[8] = 0;
            bArr[9] = 0;
            bArr[10] = 0;
            bArr[11] = 0;
            bArr[12] = 0;
            bArr[13] = 0;
            bArr[14] = 0;
            bArr[15] = 0;
            for (int length = cArr.length - 1; length >= 0; length--) {
                bArr[length] = (byte) cArr[length];
            }
            APDUResponse transmit2 = new OtherAPDUCommand(this.channel, (byte) 32, (byte) 0, (byte) 17, bArr).transmit();
            if (transmit2.getSW() != 36864) {
                if (transmit2.getSW() == 27011) {
                    throw new PINLockedException(new Exception("Card blocked"));
                }
                if (transmit2.getSW1() != 99) {
                    throw new WrongPINException();
                }
                if (transmit2.getSW2() != 0) {
                    throw new WrongPINException(transmit2.getSW2() & 15);
                }
                throw new EmptyPINException();
            }
        } finally {
            this.channel.disconnect();
        }
    }
}
