package net.osbee.pos.rksv;

import java.io.ByteArrayInputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Map;
import net.osbee.pos.rksv.smartcardiowrapper.CommandAPDU;
import net.osbee.pos.rksv.smartcardiowrapper.ResponseAPDU;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/net.osbee.pos.rksv-1.0.0-SNAPSHOT.jar:net/osbee/pos/rksv/RKSVSmartcardCommunicatorPrimeSign.class */
public class RKSVSmartcardCommunicatorPrimeSign implements IRKSVSmartcardCommunicator {
    public static final String SMARTCARD_NAME = "OMNIKEY AG Smart Card Reader USB 0";
    private static final String HASHING_ALGORITHM = "SHA-256";
    private static final String SIGNATURE_ALGORITHM = "ES256";
    private static final String SERVICE_PROVIDER_PRIMESIGN = "AT3";
    SmartcardCommunicator communicator;
    private static final MessageDigest messageDigest = createDigester();
    protected static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) RKSVSmartcardCommunicatorPrimeSign.class);
    private static Map<String, RKSVSmartcardCommunicatorPrimeSign> instances = new HashMap();

    private RKSVSmartcardCommunicatorPrimeSign(String str) {
        this.communicator = new SmartcardCommunicator((str == null || str.isEmpty()) ? SMARTCARD_NAME : str);
    }

    public static RKSVSmartcardCommunicatorPrimeSign getInstance(String str) {
        if (!instances.containsKey(str)) {
            instances.put(str, new RKSVSmartcardCommunicatorPrimeSign(str));
        }
        return instances.get(str);
    }

    @Override // net.osbee.pos.rksv.IRKSVSmartcardCommunicator
    public synchronized X509Certificate getSignatureCertificate() {
        X509Certificate x509Certificate = null;
        CommandAPDU selectDfQesApplicationCommand = selectDfQesApplicationCommand();
        ResponseAPDU sendCommand = this.communicator.sendCommand(selectDfQesApplicationCommand);
        if (sendCommand != null && sendCommand.getSW() == 36864) {
            selectDfQesApplicationCommand = selectEfX509DataCommand();
            sendCommand = this.communicator.sendCommand(selectDfQesApplicationCommand);
            if (sendCommand != null && sendCommand.getSW() == 36864) {
                selectDfQesApplicationCommand = readBinaryCommand();
                sendCommand = this.communicator.sendCommand(selectDfQesApplicationCommand);
                if (sendCommand != null && (sendCommand.getSW() == 36864 || sendCommand.getSW() == 25218)) {
                    Throwable th = null;
                    try {
                        try {
                            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(sendCommand.getData());
                            try {
                                x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                                if (byteArrayInputStream != null) {
                                    byteArrayInputStream.close();
                                }
                            } catch (Throwable th2) {
                                if (byteArrayInputStream != null) {
                                    byteArrayInputStream.close();
                                }
                                throw th2;
                            }
                        } catch (Throwable th3) {
                            if (0 == 0) {
                                th = th3;
                            } else if (null != th3) {
                                th.addSuppressed(th3);
                            }
                            throw th;
                        }
                    } catch (Exception e) {
                        LOGGER.error("Command {} sent to smartcard caused response {} that could not be converted to a certificate!", ByteToHexConverter.bytesToHex(selectDfQesApplicationCommand.getBytes()), sendCommand);
                    }
                }
            }
        }
        if (x509Certificate == null) {
            LOGGER.error("Command {} sent to smartcard caused error response {}!", ByteToHexConverter.bytesToHex(selectDfQesApplicationCommand.getBytes()), sendCommand);
        }
        return x509Certificate;
    }

    @Override // net.osbee.pos.rksv.IRKSVSmartcardCommunicator
    public synchronized byte[] getSignature(byte[] bArr, String str) {
        byte[] bArr2 = null;
        byte[] hashValue = getHashValue(bArr);
        CommandAPDU selectDfQesApplicationCommand = selectDfQesApplicationCommand();
        ResponseAPDU sendCommand = this.communicator.sendCommand(selectDfQesApplicationCommand);
        if (sendCommand != null && sendCommand.getSW() == 36864) {
            selectDfQesApplicationCommand = verifyPinCommand(str);
            sendCommand = this.communicator.sendCommand(selectDfQesApplicationCommand);
            if (sendCommand != null && sendCommand.getSW() == 36864) {
                selectDfQesApplicationCommand = computeSignatureCommand(hashValue);
                sendCommand = this.communicator.sendCommand(selectDfQesApplicationCommand);
                if (sendCommand != null && sendCommand.getSW() == 36864) {
                    bArr2 = sendCommand.getData();
                }
            }
        }
        if (bArr2 == null) {
            LOGGER.error("Command {} send to smartcard caused error response {}!", ByteToHexConverter.bytesToHex(selectDfQesApplicationCommand.getBytes()), sendCommand);
            if (sendCommand != null && sendCommand.getSW1() == 99) {
                LOGGER.error("Wrong PIN! Remaining trials: {}", Integer.valueOf(sendCommand.getSW2() - 192));
            }
        }
        return bArr2;
    }

    @Override // net.osbee.pos.rksv.IRKSVSmartcardCommunicator
    public synchronized boolean changePin(String str, String str2) {
        boolean z = false;
        CommandAPDU selectDfQesApplicationCommand = selectDfQesApplicationCommand();
        ResponseAPDU sendCommand = this.communicator.sendCommand(selectDfQesApplicationCommand);
        if (sendCommand != null && sendCommand.getSW() == 36864) {
            selectDfQesApplicationCommand = changePinCommand(str, str2);
            sendCommand = this.communicator.sendCommand(selectDfQesApplicationCommand);
            if (sendCommand != null && sendCommand.getSW() == 36864) {
                z = true;
            }
        }
        if (!z) {
            LOGGER.error("Command {} send to smartcard caused error response {}!", ByteToHexConverter.bytesToHex(selectDfQesApplicationCommand.getBytes()), sendCommand);
            if (sendCommand != null && sendCommand.getSW1() == 99) {
                LOGGER.error("Wrong PIN! Remaining trials: {}", Integer.valueOf(sendCommand.getSW2() - 192));
            }
        }
        return z;
    }

    @Override // net.osbee.pos.rksv.IRKSVSmartcardCommunicator
    public String getVDA() {
        return SERVICE_PROVIDER_PRIMESIGN;
    }

    @Override // net.osbee.pos.rksv.IRKSVSmartcardCommunicator
    public String getSignatureAlgorithm() {
        return SIGNATURE_ALGORITHM;
    }

    private byte[] getHashValue(byte[] bArr) {
        return messageDigest.digest(bArr);
    }

    private static MessageDigest createDigester() {
        MessageDigest messageDigest2 = null;
        try {
            messageDigest2 = MessageDigest.getInstance("SHA-256");
        } catch (NoSuchAlgorithmException e) {
            LOGGER.error("Hash algorithm {} could not be found!", "SHA-256", e);
        }
        return messageDigest2;
    }

    private CommandAPDU selectDfQesApplicationCommand() {
        return new CommandAPDU(0, 164, 8, 12, new byte[]{63, 4}, 0, 2);
    }

    private CommandAPDU selectEfX509DataCommand() {
        return new CommandAPDU(0, 164, 2, 12, new byte[]{-64}, 0, 2);
    }

    private CommandAPDU readBinaryCommand() {
        return new CommandAPDU(0, 176, 0, 0, new byte[2], 0, 0, 10000);
    }

    private CommandAPDU verifyPinCommand(String str) {
        return new CommandAPDU(0, 32, 0, 129, encodePin(str), 0, 8);
    }

    private CommandAPDU computeSignatureCommand(byte[] bArr) {
        return new CommandAPDU(0, 42, 158, 154, bArr, 0, 32, 64);
    }

    private CommandAPDU changePinCommand(String str, String str2) {
        byte[] encodePin = encodePin(str);
        byte[] encodePin2 = encodePin(str2);
        byte[] bArr = new byte[encodePin.length + encodePin2.length];
        System.arraycopy(encodePin, 0, bArr, 0, encodePin.length);
        System.arraycopy(encodePin2, 0, bArr, encodePin.length, encodePin2.length);
        return new CommandAPDU(0, 36, 0, 129, bArr, 0, 16);
    }

    private byte[] encodePin(String str) {
        int length = str.length();
        byte[] bArr = new byte[8];
        bArr[0] = (byte) (32 + length);
        int i = 0;
        while (i < 2 * (bArr.length - 1)) {
            bArr[(i / 2) + 1] = (byte) (((i < length ? Character.digit(str.charAt(i), 16) : 15) << 4) + (i + 1 < length ? Character.digit(str.charAt(i + 1), 16) : 15));
            i += 2;
        }
        return bArr;
    }

    @Override // net.osbee.pos.rksv.IRKSVSmartcardCommunicator
    public String getName() {
        if (this.communicator != null) {
            return this.communicator.getCardReaderName();
        }
        return null;
    }
}
