package kz.gov.pki.kalkan.pcsc.tokens;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.PrivateKey;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Set;
import java.util.zip.GZIPInputStream;
import java.util.zip.GZIPOutputStream;
import javax.smartcardio.CardException;
import javax.smartcardio.CommandAPDU;
import kz.gamma.hardware.crypto.pcsc.ErrorId;
import kz.gov.pki.kalkan.exception.JaCartaException;
import kz.gov.pki.kalkan.exception.KALKANCardException;
import kz.gov.pki.kalkan.pcsc.AKGOST34310PrivateKey;
import kz.gov.pki.kalkan.pcsc.AKRSAPrivateKey;
import kz.gov.pki.kalkan.util.ByteUtils;
import kz.gov.pki.kalkan.util.encoders.Hex;

/* loaded from: input_file:kz/gov/pki/kalkan/pcsc/tokens/JaCarta.class */
public final class JaCarta extends AKToken {
    private static final String CN = JaCarta.class.getSimpleName();
    private static final byte[] aid = {-96, 0, 103, 97, 109, 109, 97, 116, 101, 99, 104, 0};
    private Map<String, Byte> aliases;
    private Map<Byte, String> revAliases;

    public JaCarta(String str, String str2) throws KALKANCardException {
        super(str, str2);
        this.aliases = null;
        this.revAliases = null;
        connect();
        try {
            this.capdu = new CommandAPDU(0, ErrorId.ERROR_PIN_LIMIT_EXCEEDED, 4, 0, aid);
            this.respApdu = this.ch.transmit(this.capdu);
            if (this.respApdu.getSW() != 36864) {
                throw new JaCartaException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "Constructor", str + " is not JACARTA", null);
            }
            this.capdu = new CommandAPDU(128, 21, 32, 0);
            this.respApdu = this.ch.transmit(this.capdu);
            this.capdu = new CommandAPDU(128, 21, 33, 0, 0);
            this.respApdu = this.ch.transmit(this.capdu);
            int indexOf = ByteUtils.indexOf(this.respApdu.getData(), new byte[]{0, 0}, 5);
            byte[] bArr = new byte[indexOf - 5];
            System.arraycopy(this.respApdu.getData(), 5, bArr, 0, indexOf - 5);
            this.tokenId = Hex.encodeStr(bArr);
            if (!str2.equals("guest")) {
                verifyPin(str2);
            }
            this.aliases = new LinkedHashMap();
            this.revAliases = new LinkedHashMap();
            getAliases();
        } catch (CardException e) {
            throw new JaCartaException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "Constructor", e.getMessage(), null);
        }
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public void disconnect() {
        try {
            if (this.sc != null) {
                this.sc.disconnect(false);
            }
        } catch (CardException e) {
            debugOut(e.getMessage());
        }
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    protected void verifyPin(String str) throws KALKANCardException {
        if (str == null || str.length() == 0) {
            throw new JaCartaException(KALKANCardException.ICCodes.VERIFYPIN.name(), CN, "verifyPin", "Pin is null", null);
        }
        try {
            this.capdu = new CommandAPDU(128, 16, 33, 0, str.getBytes());
            this.respApdu = this.ch.transmit(this.capdu);
            if (this.respApdu.getSW() != 36864) {
                throw new JaCartaException(KALKANCardException.ICCodes.VERIFYPIN.name(), CN, "verifyPin", "Status: " + Integer.toHexString(this.respApdu.getSW()), null);
            }
            debugOut("Log on... ok!");
        } catch (CardException e) {
            throw new JaCartaException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "verifyPin", e.getMessage(), null);
        }
    }

    private byte[] getPublicKeyRSA(byte[] bArr) throws CardException {
        debugOut("Get RAW RSA public key");
        byte[] bArr2 = new byte[256];
        this.capdu = new CommandAPDU(128, 18, 37, 0, bArr);
        this.respApdu = this.ch.transmit(this.capdu);
        if (this.respApdu.getSW() != 36864) {
            throw new CardException("Could not get public key: " + this.respApdu.getSW());
        }
        System.arraycopy(this.respApdu.getData(), 3, bArr2, 0, 256);
        return bArr2;
    }

    private byte[] getPublicKeyGOST(byte[] bArr) throws CardException {
        debugOut("Get RAW GOST public key");
        byte[] bArr2 = new byte[64];
        byte[] bArr3 = new byte[32];
        this.capdu = new CommandAPDU(128, 17, 33, 0, bArr);
        this.respApdu = this.ch.transmit(this.capdu);
        byte[] data = this.respApdu.getData();
        System.arraycopy(data, 0, bArr3, 0, 32);
        byte[] inverseCopyByte = ByteUtils.inverseCopyByte(bArr3, 0, bArr3.length);
        System.arraycopy(inverseCopyByte, 0, data, 0, inverseCopyByte.length);
        System.arraycopy(data, 32, inverseCopyByte, 0, inverseCopyByte.length);
        byte[] inverseCopyByte2 = ByteUtils.inverseCopyByte(inverseCopyByte, 0, inverseCopyByte.length);
        System.arraycopy(inverseCopyByte2, 0, data, 32, inverseCopyByte2.length);
        return data;
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public byte[] getPublicKey(String str, byte b) throws CardException {
        byte[] bArr = null;
        byte[] aliasAsByteArray = getAliasAsByteArray(this.revAliases.get(Byte.valueOf(b)));
        if (str.equals(AKToken.GOST)) {
            bArr = getPublicKeyGOST(aliasAsByteArray);
        } else if (str.equals(AKToken.RSA)) {
            bArr = getPublicKeyRSA(aliasAsByteArray);
        }
        return bArr;
    }

    private byte[] signGOST(byte[] bArr, byte[] bArr2) throws CardException {
        debugOut("GOST signing");
        byte[] bArr3 = new byte[64];
        byte[] bArr4 = new byte[32];
        byte[] bArr5 = new byte[bArr2.length + bArr.length];
        System.arraycopy(bArr2, 0, bArr5, 0, bArr2.length);
        byte[] inverseCopyByte = ByteUtils.inverseCopyByte(bArr, 0, bArr.length);
        System.arraycopy(inverseCopyByte, 0, bArr5, bArr2.length, inverseCopyByte.length);
        this.capdu = new CommandAPDU(128, 20, 32, 0, bArr5);
        this.respApdu = this.ch.transmit(this.capdu);
        if (this.respApdu.getSW() != 36864) {
            throw new CardException("Erron on sign: " + this.respApdu.getSW());
        }
        byte[] data = this.respApdu.getData();
        System.arraycopy(data, 0, bArr4, 0, 32);
        byte[] inverseCopyByte2 = ByteUtils.inverseCopyByte(bArr4, 0, bArr4.length);
        System.arraycopy(inverseCopyByte2, 0, data, 0, inverseCopyByte2.length);
        System.arraycopy(data, 32, inverseCopyByte2, 0, inverseCopyByte2.length);
        byte[] inverseCopyByte3 = ByteUtils.inverseCopyByte(inverseCopyByte2, 0, inverseCopyByte2.length);
        System.arraycopy(inverseCopyByte3, 0, data, 32, inverseCopyByte3.length);
        return data;
    }

    private byte[] signRSA(byte[] bArr, byte[] bArr2) throws CardException {
        debugOut("RSA signing");
        byte[] bArr3 = new byte[256];
        bArr3[0] = 0;
        bArr3[1] = 1;
        for (int i = 2; i < (bArr3.length - bArr.length) - 1; i++) {
            bArr3[i] = -1;
        }
        System.arraycopy(bArr, 0, bArr3, bArr3.length - bArr.length, bArr.length);
        byte[] bArr4 = new byte[bArr2.length + 2 + bArr3.length];
        bArr4[bArr2.length] = 1;
        System.arraycopy(bArr2, 0, bArr4, 0, bArr2.length);
        System.arraycopy(bArr3, 0, bArr4, bArr2.length + 2, bArr3.length);
        this.capdu = new CommandAPDU(128, 20, 35, 36, bArr4);
        this.respApdu = this.ch.transmit(this.capdu);
        if (this.respApdu.getSW() != 36864) {
            throw new CardException("Erron on sign: " + this.respApdu.getSW());
        }
        return this.respApdu.getData();
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public byte[] sign(String str, byte[] bArr, byte b) throws CardException {
        byte[] bArr2 = null;
        byte[] aliasAsByteArray = getAliasAsByteArray(this.revAliases.get(Byte.valueOf(b)));
        if (str.equals(AKToken.GOST)) {
            bArr2 = signGOST(bArr, aliasAsByteArray);
        } else if (str.equals(AKToken.RSA)) {
            bArr2 = signRSA(bArr, aliasAsByteArray);
        }
        return bArr2;
    }

    private void genKeyPairRSA(byte[] bArr) throws JaCartaException {
        try {
            debugOut("RSA key pair generation");
            byte[] bArr2 = new byte[bArr.length + 3];
            bArr2[0] = 8;
            bArr2[2] = 8;
            System.arraycopy(bArr, 0, bArr2, 3, bArr.length);
            this.capdu = new CommandAPDU(128, 17, 35, 0, bArr2);
            this.respApdu = this.ch.transmit(this.capdu);
            if (this.respApdu.getSW() != 36864) {
                throw new JaCartaException(KALKANCardException.ICCodes.GENKEY.name(), CN, "genRSAKeyPair", "Status: " + this.respApdu.getSW(), null);
            }
        } catch (CardException e) {
            throw new JaCartaException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "genRSAKeyPair", e.getMessage(), null);
        }
    }

    private void genKeyPairGOST(byte[] bArr) throws JaCartaException {
        try {
            debugOut("GOST key pair generation");
            byte[] bArr2 = new byte[bArr.length + 1];
            bArr2[0] = 1;
            System.arraycopy(bArr, 0, bArr2, 1, bArr.length);
            this.capdu = new CommandAPDU(128, 17, 32, 0, bArr2);
            this.respApdu = this.ch.transmit(this.capdu);
            if (this.respApdu.getSW() != 36864) {
                throw new JaCartaException(KALKANCardException.ICCodes.GENKEY.name(), CN, "genGOSTKeyPair", "Status: " + this.respApdu.getSW(), null);
            }
        } catch (CardException e) {
            throw new JaCartaException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "genGOSTKeyPair", e.getMessage(), null);
        }
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public byte generateKeyPair(String str, String str2, boolean z, int i) throws KALKANCardException {
        byte[] aliasAsByteArray = getAliasAsByteArray(str2);
        if (str.equals(AKToken.GOST)) {
            genKeyPairGOST(aliasAsByteArray);
        } else {
            if (!str.equals(AKToken.RSA)) {
                throw new JaCartaException(KALKANCardException.ICCodes.GENKEY.name(), CN, "generateKeyPair", "Unknown algorithm", null);
            }
            genKeyPairRSA(aliasAsByteArray);
        }
        return (byte) (getAliases().size() - 1);
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public void setCertificate(String str, byte[] bArr) throws KALKANCardException {
        byte[] aliasAsByteArray = getAliasAsByteArray(str);
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            GZIPOutputStream gZIPOutputStream = new GZIPOutputStream(byteArrayOutputStream);
            gZIPOutputStream.write(bArr);
            gZIPOutputStream.close();
            byteArrayOutputStream.close();
            debugOut("Certificate has been GZipped");
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            if (byteArray.length > 2048) {
                throw new JaCartaException(KALKANCardException.ICCodes.TOOBIGCERTSIZE.name(), CN, "setCertificate", "Too big certificate > 2048", null);
            }
            short length = (short) byteArray.length;
            debugOut("was: " + bArr.length + "; now: " + ((int) length));
            byte[] bArr2 = new byte[2 + aliasAsByteArray.length + byteArray.length];
            ByteBuffer allocate = ByteBuffer.allocate(2);
            allocate.putShort(length);
            allocate.clear();
            allocate.get(bArr2, 0, 2);
            System.arraycopy(aliasAsByteArray, 0, bArr2, 2, aliasAsByteArray.length);
            System.arraycopy(byteArray, 0, bArr2, aliasAsByteArray.length + 2, byteArray.length);
            this.capdu = new CommandAPDU(128, 18, 39, 0, bArr2);
            this.respApdu = this.ch.transmit(this.capdu);
        } catch (IOException e) {
            throw new JaCartaException(KALKANCardException.ICCodes.IOEXCEPTION.name(), CN, "setCertificate", e.getMessage(), null);
        } catch (CardException e2) {
            throw new JaCartaException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "setCertificate", e2.getMessage(), null);
        }
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public byte[] getCertificate(String str) throws KALKANCardException {
        byte[] bArr;
        try {
            this.capdu = new CommandAPDU(128, 18, 40, 0, getAliasAsByteArray(str));
            this.respApdu = this.ch.transmit(this.capdu);
            byte[] bytes = this.respApdu.getBytes();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bytes);
            try {
                debugOut("UnGZipping certificate");
                GZIPInputStream gZIPInputStream = new GZIPInputStream(byteArrayInputStream);
                for (int read = gZIPInputStream.read(); read != -1; read = gZIPInputStream.read()) {
                    byteArrayOutputStream.write(read);
                }
                gZIPInputStream.close();
                byteArrayInputStream.close();
                byteArrayOutputStream.close();
                bArr = byteArrayOutputStream.toByteArray();
                debugOut("cert: " + bArr.length);
            } catch (IOException e) {
                bArr = bytes;
            }
            return bArr;
        } catch (CardException e2) {
            throw new JaCartaException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "getCertificate", e2.getMessage(), null);
        }
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public Set getAliases() throws KALKANCardException {
        try {
            this.capdu = new CommandAPDU(128, 18, 34, 0);
            this.respApdu = this.ch.transmit(this.capdu);
            ByteBuffer allocate = ByteBuffer.allocate(2);
            allocate.put(this.respApdu.getData());
            short s = allocate.getShort(0);
            for (short s2 = 0; s2 < s; s2 = (short) (s2 + 1)) {
                allocate.clear();
                allocate.putShort(0, s2);
                byte[] bArr = new byte[2];
                allocate.get(bArr);
                this.capdu = new CommandAPDU(128, 18, 33, 0, bArr);
                this.respApdu = this.ch.transmit(this.capdu);
                byte[] data = this.respApdu.getData();
                int indexOf = ByteUtils.indexOf(this.respApdu.getData(), new byte[]{0}, 0);
                byte[] bArr2 = new byte[indexOf + 2];
                bArr2[0] = 0;
                bArr2[1] = (byte) indexOf;
                System.arraycopy(data, 0, bArr2, 2, indexOf);
                this.aliases.put(Hex.encodeStr(data).substring(0, indexOf * 2), Byte.valueOf((byte) s2));
                this.revAliases.put(Byte.valueOf((byte) s2), Hex.encodeStr(data).substring(0, indexOf * 2));
            }
            return this.aliases.keySet();
        } catch (CardException e) {
            throw new JaCartaException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "getAliases", e.getMessage(), null);
        }
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public PrivateKey getKey(String str) throws KALKANCardException {
        try {
            byte[] aliasAsByteArray = getAliasAsByteArray(str);
            byte[] bArr = new byte[aliasAsByteArray.length + 2];
            System.arraycopy(aliasAsByteArray, 0, bArr, 0, aliasAsByteArray.length);
            this.capdu = new CommandAPDU(128, 18, 36, 0, bArr);
            this.respApdu = this.ch.transmit(this.capdu);
            if (this.respApdu.getSW() == 36864) {
                return new AKGOST34310PrivateKey(this, this.aliases.get(str).byteValue());
            }
            bArr[bArr.length - 1] = 3;
            this.capdu = new CommandAPDU(128, 18, 36, 0, bArr);
            this.respApdu = this.ch.transmit(this.capdu);
            if (this.respApdu.getSW() == 36864) {
                return new AKRSAPrivateKey(this, this.aliases.get(str).byteValue());
            }
            return null;
        } catch (CardException e) {
            throw new JaCartaException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "getKey", e.getMessage(), null);
        }
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public byte[] getRandom(int i) {
        return null;
    }

    private void debugOut(String str) {
        System.out.println("[JaCarta]> " + str);
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public void deleteEntry(String str) throws CardException, KALKANCardException {
        debugOut("Deleting " + str);
        try {
            this.capdu = new CommandAPDU(128, 18, 35, 0, getAliasAsByteArray(str));
            this.respApdu = this.ch.transmit(this.capdu);
        } catch (CardException e) {
            throw new JaCartaException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "deleteEntry", e.getMessage(), null);
        }
    }

    private static byte[] getAliasAsByteArray(String str) {
        byte[] decode = Hex.decode(str);
        byte[] bArr = new byte[decode.length + 2];
        bArr[0] = 0;
        bArr[1] = (byte) decode.length;
        System.arraycopy(decode, 0, bArr, 2, decode.length);
        return bArr;
    }
}
