package kz.gov.pki.kalkan.pcsc.tokens;

import com.sun.glass.events.KeyEvent;
import com.sun.glass.events.MouseEvent;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.PrivateKey;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.zip.GZIPInputStream;
import java.util.zip.GZIPOutputStream;
import javafx.scene.control.ButtonBar;
import javax.smartcardio.CardException;
import javax.smartcardio.CommandAPDU;
import javax.smartcardio.ResponseAPDU;
import kz.gamma.hardware.crypto.pcsc.ErrorId;
import kz.gov.pki.kalkan.exception.KALKANCardException;
import kz.gov.pki.kalkan.exception.KZIDCardException;
import kz.gov.pki.kalkan.pcsc.AKGOST34310PrivateKey;
import kz.gov.pki.kalkan.pcsc.AKRSAPrivateKey;
import kz.gov.pki.kalkan.pcsc.parsers.DG11Parser;
import kz.gov.pki.kalkan.util.ByteUtils;
import kz.gov.pki.kalkan.util.encoders.Hex;
import org.apache.log4j.net.SyslogAppender;

/* loaded from: input_file:kz/gov/pki/kalkan/pcsc/tokens/KZIDCard.class */
public final class KZIDCard extends AKToken {
    private static final String RSAALIAS = "RSA0";
    private static final String RSA2048ALIAS1 = "RSA1";
    private static final String RSA2048ALIAS2 = "RSA2";
    private static final String GOSTALIAS1 = "GOST1";
    private static final String GOSTALIAS2 = "GOST2";
    private Map<String, Byte> aliases;
    private static final String CN = KZIDCard.class.getSimpleName();
    private static final Map<Byte, byte[]> certByKey = new HashMap();
    private static final byte[] p = {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -3, -105};
    private static final byte[] q = {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 108, 97, 16, 112, -103, 90, -47, 0, 69, -124, 27, 9, -73, 97, -72, -109};
    private static final byte[] xy = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, -115, -111, -28, 113, -32, -104, -100, -38, 39, -33, 80, 90, 69, 63, 43, 118, 53, 41, 79, 45, -33, 35, -29, -79, 34, -84, -55, -100, -98, -97, 30, 20};
    private static final byte[] a = {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -3, -108};
    private static final byte[] b = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -90};
    private static final byte[] MF = {63, 0};
    private static final byte[] IIN_EF = {3, 1};
    private static final byte[] DG11_EF = {-96, 0, 0, 2, 71, 16, 1};
    private static final byte[] SDO_DF = {1, 1};

    public KZIDCard(String str, String str2) throws KALKANCardException {
        super(str, str2);
        this.aliases = null;
        connect();
        try {
            this.capdu = new CommandAPDU(0, 202, MouseEvent.DRAG, 1, 9);
            this.respApdu = this.ch.transmit(this.capdu);
            if (this.respApdu.getSW() != 36864) {
                throw new KZIDCardException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "Constructor", str + " is not KZIDCard", null);
            }
            this.tokenId = Hex.encodeStr(this.respApdu.getData());
            this.aliases = new HashMap();
            this.aliases.put(RSA2048ALIAS1 + this.tokenId, (byte) -121);
            this.aliases.put(RSA2048ALIAS2 + this.tokenId, (byte) -120);
            this.infoMap.put("FULLNAME", getFullName());
            this.infoMap.put("IIN", getIIN());
            if (str2.equals("guest")) {
                return;
            }
            verifyPin(str2);
        } catch (CardException e) {
            throw new KZIDCardException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "Constructor", e.getMessage(), null);
        }
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    protected void verifyPin(String str) throws KALKANCardException {
        if (str == null || str.getBytes().length != 4) {
            throw new KZIDCardException(KALKANCardException.ICCodes.VERIFYPIN.name(), CN, "verifyPin", "Pin length != 4", null);
        }
        byte[] bArr = {48, 48, 48, 48, 48, 48, 48, 48};
        try {
            System.arraycopy(str.getBytes(), 0, bArr, 0, 4);
            this.capdu = new CommandAPDU(0, 32, 0, 2, bArr);
            this.respApdu = this.ch.transmit(this.capdu);
            if (this.respApdu.getSW() == 36864) {
                debugOut("Log on... ok!");
            } else {
                if (this.respApdu.getSW1() != 99) {
                    throw new KZIDCardException(KALKANCardException.ICCodes.VERIFYPIN.name(), CN, "verifyPin", "Status: " + Integer.toHexString(this.respApdu.getSW()), null);
                }
                throw new KZIDCardException(KALKANCardException.ICCodes.VERIFYPIN.name(), CN, "verifyPin", String.valueOf(Character.getNumericValue(Integer.toHexString(this.respApdu.getSW2()).charAt(1))), null);
            }
        } catch (CardException e) {
            throw new KZIDCardException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "verifyPin", e.getMessage(), null);
        }
    }

    private byte[] getPublicKeyRSA(byte b2) throws CardException {
        debugOut("Get RAW RSA public key");
        byte[] bArr = new byte[256];
        byte b3 = (byte) (b2 & Byte.MAX_VALUE);
        byte[] bArr2 = {0, -53, 63, -1, 11, 77, 9, -1, -96, b3, 5, Byte.MAX_VALUE, 73, 2, -127, 0};
        if (b3 != 6) {
            selectFile(1, false, SDO_DF);
        }
        this.capdu = new CommandAPDU(bArr2);
        this.respApdu = this.ch.transmit(this.capdu);
        System.out.println(this.respApdu);
        System.arraycopy(this.respApdu.getData(), 15, bArr, 0, bArr.length);
        return bArr;
    }

    private byte[] getPublicKeyGOST(byte b2) throws CardException {
        debugOut("Get RAW GOST public key");
        byte[] bArr = new byte[64];
        this.capdu = new CommandAPDU(new byte[]{0, -53, 63, -1, 11, 77, 9, -1, -94, b2, 5, Byte.MAX_VALUE, 78, 2, -122, 0});
        this.respApdu = this.ch.transmit(this.capdu);
        System.out.println(this.respApdu);
        byte[] bArr2 = new byte[64];
        System.arraycopy(this.respApdu.getData(), 9, bArr2, 0, 64);
        for (int i = 0; i < 32; i++) {
            bArr[i] = bArr2[31 - i];
        }
        for (int i2 = 0; i2 < 32; i2++) {
            bArr[i2 + 32] = bArr2[63 - i2];
        }
        return bArr;
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public byte[] getPublicKey(String str, byte b2) throws CardException {
        byte[] bArr = null;
        selectFile(0, false, MF);
        if (str.equals(AKToken.GOST)) {
            bArr = getPublicKeyGOST(b2);
        } else if (str.equals(AKToken.RSA)) {
            bArr = getPublicKeyRSA(b2);
        }
        return bArr;
    }

    private byte[] signRSA(byte[] bArr, byte b2) throws CardException {
        debugOut("RSA signing");
        if (b2 != -122) {
            selectFile(1, false, SDO_DF);
        }
        this.capdu = new CommandAPDU(0, 34, 65, ErrorId.ERROR_PIN_LIMIT_EXCEEDED, new byte[]{-107, 1, 64, -124, 1, b2, Byte.MIN_VALUE, 1, 2});
        this.respApdu = this.ch.transmit(this.capdu);
        System.out.println(this.respApdu);
        this.capdu = new CommandAPDU(0, 136, 2, 0, bArr);
        this.respApdu = this.ch.transmit(this.capdu);
        if (this.respApdu.getSW() != 36864) {
            throw new CardException("Erron on sign: " + this.respApdu.getSW());
        }
        return ByteUtils.inverseCopyByte(this.respApdu.getData(), 0, this.respApdu.getData().length);
    }

    private byte[] signGOST(byte[] bArr, byte b2) throws CardException {
        debugOut("GOST signing");
        this.capdu = new CommandAPDU(0, 34, 65, 182, new byte[]{-107, 1, 64, -124, 1, b2, Byte.MIN_VALUE, 1, 116});
        this.respApdu = this.ch.transmit(this.capdu);
        System.out.println(this.respApdu);
        this.capdu = new CommandAPDU(0, 42, 158, KeyEvent.VK_PRINTSCREEN, bArr);
        this.respApdu = this.ch.transmit(this.capdu);
        System.out.println(this.respApdu);
        if (this.respApdu.getSW() != 36864) {
            throw new CardException("Erron on sign: " + this.respApdu.getSW());
        }
        byte[] data = this.respApdu.getData();
        byte[] bArr2 = new byte[64];
        for (int i = 0; i < 32; i++) {
            bArr2[i] = data[31 - i];
        }
        for (int i2 = 0; i2 < 32; i2++) {
            bArr2[i2 + 32] = data[63 - i2];
        }
        return bArr2;
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public byte[] sign(String str, byte[] bArr, byte b2) throws CardException {
        byte[] bArr2 = null;
        selectFile(0, false, MF);
        if (str.equals(AKToken.GOST)) {
            bArr2 = signGOST(bArr, b2);
        } else if (str.equals(AKToken.RSA)) {
            bArr2 = signRSA(bArr, b2);
        }
        return bArr2;
    }

    private byte genKeyPairRSA(String str, boolean z) throws KZIDCardException {
        String replaceFirst;
        byte b2;
        debugOut("RSA key pair generation");
        try {
            if (str.startsWith(RSAALIAS)) {
                replaceFirst = str.replaceFirst(RSAALIAS, ButtonBar.BUTTON_ORDER_NONE);
                b2 = -122;
            } else if (str.startsWith(RSA2048ALIAS1)) {
                replaceFirst = str.replaceFirst(RSA2048ALIAS1, ButtonBar.BUTTON_ORDER_NONE);
                b2 = -121;
            } else {
                if (!str.startsWith(RSA2048ALIAS2)) {
                    throw new KZIDCardException(KALKANCardException.ICCodes.GENKEY.name(), CN, "genKeyPairRSA", "Wrong alias: " + str, null);
                }
                replaceFirst = str.replaceFirst(RSA2048ALIAS2, ButtonBar.BUTTON_ORDER_NONE);
                b2 = -120;
            }
            if (b2 != -122) {
                selectFile(1, false, SDO_DF);
            }
            this.capdu = new CommandAPDU(0, 70, 2, 0, new byte[]{-92, 3, -124, 1, b2});
            this.respApdu = this.ch.transmit(this.capdu);
            if (this.respApdu.getSW() != 36864) {
                throw new KZIDCardException(KALKANCardException.ICCodes.GENKEY.name(), CN, "genKeyPairRSA", "Status: " + this.respApdu.getSW(), null);
            }
            writeAlias(b2, replaceFirst);
            return b2;
        } catch (CardException e) {
            throw new KZIDCardException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "genKeyRSAAndGetPKCS10", e.getMessage(), null);
        }
    }

    private byte genKeyPairGOST(String str) throws KZIDCardException {
        String replaceFirst;
        byte b2;
        debugOut("GOST key pair generation");
        try {
            if (str.startsWith(GOSTALIAS1)) {
                replaceFirst = str.replaceFirst(GOSTALIAS1, ButtonBar.BUTTON_ORDER_NONE);
                b2 = 1;
            } else {
                if (!str.startsWith(GOSTALIAS2)) {
                    throw new KZIDCardException(KALKANCardException.ICCodes.GENKEY.name(), CN, "genKeyPairGOST", "Wrong alias: " + str, null);
                }
                replaceFirst = str.replaceFirst(GOSTALIAS2, ButtonBar.BUTTON_ORDER_NONE);
                b2 = 2;
            }
            if (!checkParameters(b2)) {
                updateParameters(b2);
            }
            this.capdu = new CommandAPDU(0, 70, 2, 0, new byte[]{-74, 3, -124, 1, b2});
            this.respApdu = this.ch.transmit(this.capdu);
            if (this.respApdu.getSW() != 36864) {
                throw new KZIDCardException(KALKANCardException.ICCodes.GENKEY.name(), CN, "genKeyPairGOST", "Status: " + this.respApdu.getSW(), null);
            }
            writeAlias(b2, replaceFirst);
            return b2;
        } catch (CardException e) {
            throw new KZIDCardException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "genKeyAndGetPKCS10", e.getMessage(), null);
        }
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public byte generateKeyPair(String str, String str2, boolean z, int i) throws KALKANCardException {
        byte genKeyPairRSA;
        if (str.equals(AKToken.GOST)) {
            genKeyPairRSA = genKeyPairGOST(str2);
        } else {
            if (!str.equals(AKToken.RSA)) {
                throw new KZIDCardException(KALKANCardException.ICCodes.GENKEY.name(), CN, "generateKeyPair", "Unknown algorithm", null);
            }
            genKeyPairRSA = genKeyPairRSA(str2, z);
        }
        return genKeyPairRSA;
    }

    private void debugOut(String str) {
        System.out.println("[KZ ID CARD]> " + str);
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public void disconnect() {
        try {
            if (this.sc != null) {
                this.sc.disconnect(false);
            }
        } catch (CardException e) {
            debugOut(e.getMessage());
        }
    }

    private String getIIN() throws KZIDCardException {
        try {
            selectFile(0, false, MF);
            this.respApdu = selectFile(2, false, IIN_EF);
            if (this.respApdu.getSW() != 36864) {
                throw new KZIDCardException(KALKANCardException.ICCodes.SELECT.name(), CN, "getIIN", "Status: " + this.respApdu.getSW(), null);
            }
            this.capdu = new CommandAPDU(0, SyslogAppender.LOG_LOCAL6, 0, 0, 12);
            this.respApdu = this.ch.transmit(this.capdu);
            if (this.respApdu.getSW() != 36864) {
                throw new KZIDCardException(KALKANCardException.ICCodes.READBINARY.name(), CN, "getIIN", "Status: " + this.respApdu.getSW(), null);
            }
            byte[] data = this.respApdu.getData();
            if (data == null || data.length == 12) {
                return new String(data);
            }
            throw new KZIDCardException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "getIIN", "Wrong IIN: " + new String(data), null);
        } catch (CardException e) {
            throw new KZIDCardException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "getIIN", e.getMessage(), null);
        }
    }

    private String getFullName() throws KZIDCardException {
        try {
            this.respApdu = selectFile(4, false, DG11_EF);
            if (this.respApdu.getSW() != 36864) {
                throw new KZIDCardException(KALKANCardException.ICCodes.SELECT.name(), CN, "getFullName", "Status: " + this.respApdu.getSW(), null);
            }
            this.capdu = new CommandAPDU(0, SyslogAppender.LOG_LOCAL6, KeyEvent.VK_DEAD_CEDILLA, 0, 256);
            this.respApdu = this.ch.transmit(this.capdu);
            byte[] data = this.respApdu.getData();
            if (data == null) {
                throw new KZIDCardException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "getFullName", "Fullname is null", null);
            }
            DG11Parser dG11Parser = new DG11Parser(data);
            return dG11Parser.getLastname() + " " + dG11Parser.getFirstname() + " " + dG11Parser.getSecondname();
        } catch (CardException e) {
            throw new KZIDCardException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "getFullName", e.getMessage(), null);
        }
    }

    private void updateParameters(byte b2) throws CardException, KZIDCardException {
        debugOut("Update GOST parameters");
        this.capdu = new CommandAPDU(new byte[]{0, -37, 63, -1, -5, -1, -110, b2, -127, -10, Byte.MAX_VALUE, 79, -127, -14, -121, 1, 1, -122, 32, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -123, 32, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 108, 97, 16, 112, -103, 90, -47, 0, 69, -124, 27, 9, -73, 97, -72, -109, -124, 64, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, -115, -111, -28, 113, -32, -104, -100, -38, 39, -33, 80, 90, 69, 63, 43, 118, 53, 41, 79, 45, -33, 35, -29, -79, 34, -84, -55, -100, -98, -97, 30, 20, -125, 32, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -90, -126, 32, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -3, -108, -127, 32, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -3, -105, Byte.MIN_VALUE, 1, 116});
        this.respApdu = this.ch.transmit(this.capdu);
        if (this.respApdu.getSW() != 36864) {
            throw new KZIDCardException(KZIDCardException.IDCCodes.UPDATEPARAMS.name(), CN, "updateParameters", "Status: " + this.respApdu.getSW(), null);
        }
        this.capdu = new CommandAPDU(new byte[]{16, -37, 63, -1, -8, -1, -94, b2, -126, 1, 23, Byte.MAX_VALUE, 78, -126, 1, 18, -121, 1, 1, -122, 64, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -123, 32, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 108, 97, 16, 112, -103, 90, -47, 0, 69, -124, 27, 9, -73, 97, -72, -109, -124, 64, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, -115, -111, -28, 113, -32, -104, -100, -38, 39, -33, 80, 90, 69, 63, 43, 118, 53, 41, 79, 45, -33, 35, -29, -79, 34, -84, -55, -100, -98, -97, 30, 20, -125, 32, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -90, -126, 32, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -3, -108});
        this.respApdu = this.ch.transmit(this.capdu);
        if (this.respApdu.getSW() != 36864) {
            throw new KZIDCardException(KZIDCardException.IDCCodes.UPDATEPARAMS.name(), CN, "updateParameters", "Status: " + this.respApdu.getSW(), null);
        }
        this.capdu = new CommandAPDU(new byte[]{0, -37, 63, -1, 37, -127, 32, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -3, -105, Byte.MIN_VALUE, 1, 116});
        this.respApdu = this.ch.transmit(this.capdu);
        if (this.respApdu.getSW() != 36864) {
            throw new KZIDCardException(KZIDCardException.IDCCodes.UPDATEPARAMS.name(), CN, "updateParameters", "Status: " + this.respApdu.getSW(), null);
        }
    }

    private byte[] getParameter(byte b2, byte b3) throws CardException, KZIDCardException {
        byte[] bArr = null;
        this.capdu = new CommandAPDU(new byte[]{0, -53, 63, -1, 11, 77, 9, -1, -94, b2, 5, Byte.MAX_VALUE, 78, 2, b3, 0});
        this.respApdu = this.ch.transmit(this.capdu);
        if (this.respApdu.getSW() != 36864) {
            throw new KZIDCardException(KZIDCardException.IDCCodes.GETPARAMS.name(), CN, "getParameter", "Status: " + this.respApdu.getSW(), null);
        }
        byte[] data = this.respApdu.getData();
        if (data != null && data.length > 9) {
            bArr = new byte[data.length - 9];
            System.arraycopy(data, 9, bArr, 0, bArr.length);
        }
        if (bArr == null) {
            throw new KZIDCardException(KZIDCardException.IDCCodes.GETPARAMS.name(), CN, "getParameter", "Null value", null);
        }
        return bArr;
    }

    private boolean checkParameters(byte b2) throws CardException, KZIDCardException {
        return Arrays.equals(q, getParameter(b2, (byte) -123)) && Arrays.equals(xy, getParameter(b2, (byte) -124)) && Arrays.equals(b, getParameter(b2, (byte) -125)) && Arrays.equals(a, getParameter(b2, (byte) -126)) && Arrays.equals(p, getParameter(b2, (byte) -127));
    }

    private void writeAlias(byte b2, String str) throws CardException {
        selectFile(0, false, MF);
        if (b2 == -121 || b2 == -120) {
            selectFile(1, false, new byte[]{8, 1});
        }
        selectFile(2, false, certByKey.get(Byte.valueOf(b2)));
        byte[] decode = Hex.decode(str);
        this.capdu = new CommandAPDU(0, MouseEvent.BUTTON_OTHER, 0, 0, new byte[]{0, 0});
        this.ch.transmit(this.capdu);
        writeBinary(decode, (short) 2, (short) decode.length);
    }

    private String readAlias(byte b2, short s) throws CardException {
        selectFile(0, false, MF);
        if (b2 == -121 || b2 == -120) {
            selectFile(1, false, new byte[]{8, 1});
        }
        selectFile(2, false, certByKey.get(Byte.valueOf(b2)));
        return Hex.encodeStr(readBinary((short) 2, s));
    }

    private void setCertificate(byte b2, byte[] bArr) throws KALKANCardException {
        debugOut("Set certificate");
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            GZIPOutputStream gZIPOutputStream = new GZIPOutputStream(byteArrayOutputStream);
            gZIPOutputStream.write(bArr);
            gZIPOutputStream.close();
            byteArrayOutputStream.close();
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            if (byteArray.length > 2048) {
                throw new KZIDCardException(KALKANCardException.ICCodes.TOOBIGCERTSIZE.name(), CN, "setCertificate", "Too big certificate > 2048", null);
            }
            short length = (short) byteArray.length;
            ByteBuffer allocate = ByteBuffer.allocate(2);
            allocate.putShort(length);
            debugOut("Certificate has been GZipped");
            debugOut("was: " + bArr.length + "; now: " + ((int) length));
            if (b2 == -121 || b2 == -120) {
                selectFile(1, false, new byte[]{8, 1});
            }
            selectFile(2, false, certByKey.get(Byte.valueOf(b2)));
            this.capdu = new CommandAPDU(0, MouseEvent.BUTTON_OTHER, 0, 0, new byte[]{allocate.get(0), allocate.get(1)});
            this.respApdu = this.ch.transmit(this.capdu);
            writeBinary(byteArray, (short) 2, length);
        } catch (IOException e) {
            throw new KZIDCardException(KALKANCardException.ICCodes.IOEXCEPTION.name(), CN, "setCertificate", e.getMessage(), null);
        } catch (CardException e2) {
            throw new KZIDCardException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "setCertificate", e2.getMessage(), null);
        }
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public void setCertificate(String str, byte[] bArr) throws KALKANCardException {
        Iterator<Byte> it = this.aliases.values().iterator();
        while (it.hasNext()) {
            byte byteValue = it.next().byteValue();
            try {
                if (str.equals(readAlias(byteValue, (short) Hex.decode(str).length))) {
                    setCertificate(byteValue, bArr);
                    return;
                }
            } catch (CardException e) {
                throw new KZIDCardException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "setCertificate", e.getMessage(), null);
            }
        }
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public byte[] getCertificate(String str) throws KALKANCardException {
        byte[] bArr = null;
        Byte b2 = this.aliases.get(str);
        if (b2 != null) {
            bArr = getCertificate(b2.byteValue());
        }
        return bArr;
    }

    private byte[] getCertificate(byte b2) throws KALKANCardException {
        byte[] bArr;
        debugOut("Get certificate");
        if (b2 == -121 || b2 == -120) {
            try {
                selectFile(1, false, new byte[]{8, 1});
            } catch (CardException e) {
                throw new KZIDCardException(KALKANCardException.ICCodes.CARDEXCEPTION.name(), CN, "getCertificate", e.getMessage(), null);
            }
        }
        selectFile(2, false, certByKey.get(Byte.valueOf(b2)));
        this.capdu = new CommandAPDU(0, SyslogAppender.LOG_LOCAL6, 0, 0, 2);
        this.respApdu = this.ch.transmit(this.capdu);
        System.out.println(this.respApdu);
        ByteBuffer allocate = ByteBuffer.allocate(2);
        allocate.put(this.respApdu.getData());
        short s = allocate.getShort(0);
        if (s == 0) {
            return null;
        }
        debugOut("certsize = " + ((int) s));
        byte[] readBinary = readBinary((short) 2, s);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(readBinary);
        try {
            debugOut("UnGZipping certificate");
            GZIPInputStream gZIPInputStream = new GZIPInputStream(byteArrayInputStream);
            for (int read = gZIPInputStream.read(); read != -1; read = gZIPInputStream.read()) {
                byteArrayOutputStream.write(read);
            }
            gZIPInputStream.close();
            byteArrayInputStream.close();
            byteArrayOutputStream.close();
            bArr = byteArrayOutputStream.toByteArray();
        } catch (IOException e2) {
            bArr = readBinary;
        }
        return bArr;
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public Set getAliases() throws KALKANCardException {
        return this.aliases.keySet();
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public PrivateKey getKey(String str) throws KALKANCardException {
        PrivateKey privateKey = null;
        if (str.equals(RSAALIAS + this.tokenId)) {
            privateKey = new AKRSAPrivateKey(this, (byte) -122);
        } else if (str.equals(RSA2048ALIAS1 + this.tokenId)) {
            privateKey = new AKRSAPrivateKey(this, (byte) -121);
        } else if (str.equals(RSA2048ALIAS2 + this.tokenId)) {
            privateKey = new AKRSAPrivateKey(this, (byte) -120);
        } else if (str.equals(GOSTALIAS1 + this.tokenId)) {
            privateKey = new AKGOST34310PrivateKey(this, (byte) 1);
        } else if (str.equals(GOSTALIAS2 + this.tokenId)) {
            privateKey = new AKGOST34310PrivateKey(this, (byte) 2);
        }
        return privateKey;
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public byte[] getRandom(int i) {
        byte[] bArr = null;
        try {
            this.capdu = new CommandAPDU(0, KeyEvent.VK_DEAD_MACRON, 0, 0, 8);
            this.respApdu = this.ch.transmit(this.capdu);
            if (this.respApdu.getSW() == 36864) {
                bArr = this.respApdu.getData();
            }
        } catch (CardException e) {
        }
        return bArr;
    }

    private ResponseAPDU selectFile(int i, boolean z, byte[] bArr) throws CardException {
        this.capdu = new CommandAPDU(0, ErrorId.ERROR_PIN_LIMIT_EXCEEDED, i, z ? 0 : 12, bArr);
        return this.ch.transmit(this.capdu);
    }

    @Override // kz.gov.pki.kalkan.pcsc.tokens.AKToken
    public void deleteEntry(String str) throws CardException, KALKANCardException {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    static {
        certByKey.put((byte) -122, new byte[]{6, 1});
        certByKey.put((byte) -121, new byte[]{1, 1});
        certByKey.put((byte) -120, new byte[]{1, 2});
        certByKey.put((byte) 1, new byte[]{7, 1});
        certByKey.put((byte) 2, new byte[]{7, 2});
    }
}
