package org.esteid;

import apdu4j.core.APDUBIBO;
import apdu4j.core.CommandAPDU;
import apdu4j.core.HexUtils;
import apdu4j.core.ResponseAPDU;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.interfaces.ECPublicKey;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.smartcardio.CardException;
import javax.smartcardio.CardTerminal;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.esteid.EstEID;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/esteid/LegacyEstEID.class */
public final class LegacyEstEID extends BaseEstEID implements AutoCloseable {
    public static final int INS_SELECT = 164;
    public static final int INS_READ_BINARY = 176;
    public static final int INS_READ_RECORD = 178;
    public static final int INS_VERIFY = 32;
    public static final int INS_CHANGE_REFERENCE_DATA = 36;
    public static final int INS_RESET_RETRY_COUNTER = 44;
    public static final int INS_GET_DATA = 202;
    public static final int INS_MANAGE_SECURITY_ENVIRONMENT = 34;
    public static final int INS_PERFORM_SECURITY_OPERATION = 42;
    public static final int INS_INTERNAL_AUTHENTICATE = 136;
    public static final int P1P2_PSO_SIGN = 40602;
    public static final int P1_PSO_SIGN = 158;
    public static final int P2_PSO_SIGN = 154;
    public static final int P1P2_PSO_DECRYPT = 32902;
    public static final int P1_PSO_DECRYPT = 128;
    public static final int P2_PSO_DECRYPT = 134;
    public static final int FID_3F00 = 16128;
    public static final int FID_0013 = 19;
    public static final int FID_0016 = 22;
    public static final int FID_EEEE = 61166;
    public static final int FID_5044 = 20548;
    public static final int FID_AACE = 43726;
    public static final int FID_DDCE = 56782;
    public static final int FID_0033 = 51;
    public static final String PIN1String = "0090";
    public static final String PIN2String = "01497";
    public static final String PUKString = "17258403";
    public static final int chunksize = 250;
    private EstEID.CardType type;
    private int currentFID;
    private static final Logger log = LoggerFactory.getLogger(LegacyEstEID.class);
    public static final LegacyPIN PIN1 = LegacyPIN.PIN1;
    public static final LegacyPIN PIN2 = LegacyPIN.PIN2;
    public static final LegacyPIN PUK = LegacyPIN.PUK;
    public static final String AID = "D23300000045737445494420763335";
    private static final byte[] aid = HexUtils.hex2bin(AID);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/esteid/LegacyEstEID$LegacyPIN.class */
    public enum LegacyPIN {
        PIN1(1, 1, 3, 12),
        PIN2(2, 2, 5, 12),
        PUK(0, 3, 8, 12);

        private final int ref;
        private final int rec;
        private final int min;
        private final int max;

        LegacyPIN(int i, int i2, int i3, int i4) {
            this.ref = i;
            this.rec = i2;
            this.min = i3;
            this.max = i4;
        }

        public byte getRef() {
            return (byte) this.ref;
        }

        public byte getRec() {
            return (byte) this.rec;
        }
    }

    /* loaded from: input_file:org/esteid/LegacyEstEID$PersonalData.class */
    public enum PersonalData {
        SURNAME(1),
        GIVEN_NAMES1(2),
        GIVEN_NAMES2(3),
        SEX(4),
        CITIZENSHIP(5),
        DATE_OF_BIRTH(6),
        PERSONAL_ID(7),
        DOCUMENT_NR(8),
        EXPIRY_DATE(9),
        PLACE_OF_BIRTH(10),
        ISSUING_DATE(11),
        PERMIT_TYPE(12),
        REMARK1(13),
        REMARK2(14),
        REMARK3(15),
        REMARK4(16);

        private final int rec;

        PersonalData(int i) {
            this.rec = i;
        }

        public byte getRec() {
            return (byte) this.rec;
        }
    }

    private LegacyEstEID(APDUBIBO apdubibo) {
        super(apdubibo);
        this.type = null;
        this.currentFID = FID_3F00;
    }

    public static LegacyEstEID getInstance(APDUBIBO apdubibo) {
        return new LegacyEstEID(apdubibo);
    }

    @Deprecated
    public static EstEID.CardType identify(CardTerminal cardTerminal) throws CardException, IOException {
        return EstEID.CardType.AnyJavaCard;
    }

    public static CommandAPDU select_apdu(int i, boolean z) {
        int i2 = z ? 4 : 12;
        byte[] bArr = {(byte) (i >> 8), (byte) i};
        return i == 16128 ? new CommandAPDU(0, INS_SELECT, 0, i2) : i == 61166 ? new CommandAPDU(0, INS_SELECT, 1, i2, bArr) : new CommandAPDU(0, INS_SELECT, 2, i2, bArr);
    }

    public static CommandAPDU read_record_apdu(byte b) {
        return new CommandAPDU(0, INS_READ_RECORD, b, 4, 256);
    }

    public static CommandAPDU verify_apdu(LegacyPIN legacyPIN, String str) {
        return new CommandAPDU(0, 32, 0, legacyPIN.getRef(), str.getBytes(StandardCharsets.US_ASCII));
    }

    public ResponseAPDU verify_cmd(LegacyPIN legacyPIN, String str) throws IOException, WrongPINException, EstEIDException {
        if (str.length() < legacyPIN.min || str.length() > legacyPIN.max) {
            throw new IllegalArgumentException("PIN has incorrect length: " + str.length());
        }
        ResponseAPDU transmit = transmit(verify_apdu(legacyPIN, str));
        WrongPINException.check(transmit);
        return EstEIDException.check(transmit);
    }

    public void verifyPIN(EstEID.PIN pin, CallbackHandler callbackHandler) throws IOException, UnsupportedCallbackException, WrongPINException {
        int i;
        PasswordCallback passwordCallback = new PasswordCallback(pin.name(), false);
        callbackHandler.handle(new Callback[]{passwordCallback});
        byte[] bytes = new String(passwordCallback.getPassword()).getBytes(StandardCharsets.US_ASCII);
        Arrays.fill(bytes, (byte) 0);
        passwordCallback.clearPassword();
        if (pin == EstEID.PIN.PIN1) {
            i = PIN1.ref;
        } else {
            if (pin != EstEID.PIN.PIN2) {
                throw new IllegalArgumentException("Verify can't handle " + pin);
            }
            i = PIN2.ref;
        }
        WrongPINException.check(transmit(new CommandAPDU(0, 32, 0, i, bytes)));
    }

    public void verify(LegacyPIN legacyPIN, String str) throws WrongPINException, IOException, EstEIDException {
        verify_cmd(legacyPIN, str);
    }

    public void change(LegacyPIN legacyPIN, String str, String str2) throws WrongPINException, IOException, EstEIDException {
        ResponseAPDU change_apdu = change_apdu(legacyPIN, str.getBytes(StandardCharsets.US_ASCII), str2.getBytes(StandardCharsets.US_ASCII));
        WrongPINException.check(change_apdu);
        EstEIDException.check(change_apdu);
    }

    public void unblock(LegacyPIN legacyPIN) throws WrongPINException, IOException, EstEIDException {
        unblock(legacyPIN, null);
    }

    public void unblock(LegacyPIN legacyPIN, String str) throws WrongPINException, IOException, EstEIDException {
        ResponseAPDU unblock_apdu = unblock_apdu(legacyPIN, str == null ? null : str.getBytes(StandardCharsets.US_ASCII));
        WrongPINException.check(unblock_apdu);
        EstEIDException.check(unblock_apdu);
    }

    public ResponseAPDU change_apdu(LegacyPIN legacyPIN, byte[] bArr, byte[] bArr2) throws IOException {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        return transmit(new CommandAPDU(0, 36, 0, legacyPIN.getRef(), bArr3));
    }

    public ResponseAPDU unblock_apdu(LegacyPIN legacyPIN, byte[] bArr) throws IOException {
        return bArr == null ? transmit(new CommandAPDU(0, 44, 3, legacyPIN.getRef())) : transmit(new CommandAPDU(0, 44, 0, legacyPIN.getRef(), bArr));
    }

    public Map<LegacyPIN, Byte> getPINCounters() throws IOException, EstEIDException {
        select(FID_3F00);
        select(22);
        HashMap hashMap = new HashMap();
        for (LegacyPIN legacyPIN : LegacyPIN.values()) {
            hashMap.put(legacyPIN, Byte.valueOf(read_record(legacyPIN.getRec())[5]));
        }
        return hashMap;
    }

    public String getPersonalData(PersonalData personalData) throws IOException, EstEIDException {
        if (this.currentFID != 20548) {
            select(FID_3F00);
            select(FID_EEEE);
            select(FID_5044);
        }
        try {
            return new String(read_record(personalData.getRec()), "ISO-8859-15").trim();
        } catch (UnsupportedEncodingException e) {
            throw new EstEIDException("Invalid encoding", e);
        }
    }

    public byte[] select(int i) throws EstEIDException {
        ResponseAPDU check = check(transmit(select_apdu(i, true)));
        this.currentFID = i;
        return check.getData();
    }

    public byte[] read_file(int i) throws EstEIDException {
        byte[] bArr = new byte[i];
        for (int i2 = 0; i2 <= i / chunksize; i2++) {
            int i3 = i2 * chunksize;
            ResponseAPDU transmit = transmit(new CommandAPDU(0, INS_READ_BINARY, i3 >> 8, i3 & 255, Math.min(chunksize, i - i3)));
            if (transmit.getSW() != 25218) {
                EstEIDException.check(transmit);
            }
            System.arraycopy(transmit.getData(), 0, bArr, i3, transmit.getData().length);
        }
        return bArr;
    }

    public byte[] read_record(byte b) throws IOException, EstEIDException {
        return check(transmit(read_record_apdu(b))).getData();
    }

    public byte[] read_certificate_bytes(int i) throws EstEIDException {
        select(FID_3F00);
        select(FID_EEEE);
        byte[] select = select(i);
        int i2 = 1536;
        if (select.length >= 13) {
            i2 = ((select[11] & 255) << 8) | (select[12] & 255);
        }
        return read_file(i2);
    }

    @Override // org.esteid.BaseEstEID
    byte[] readCertificate(EstEID.CERT cert) {
        switch (cert) {
            case SIGN:
                return read_certificate_bytes(FID_DDCE);
            case AUTH:
                return read_certificate_bytes(FID_AACE);
            default:
                throw new RuntimeException("Invalid enum");
        }
    }

    public String getAppVersion() throws IOException, EstEIDException {
        byte[] data = transmit(new CommandAPDU(0, INS_GET_DATA, 1, 0, 3)).getData();
        if (data.length == 2) {
            return String.format("%d.%d", Byte.valueOf(data[0]), Byte.valueOf(data[1]));
        }
        if (data.length == 3) {
            return String.format("%d.%d.%d", Byte.valueOf(data[0]), Byte.valueOf(data[1]), Byte.valueOf(data[2]));
        }
        throw new EstEIDException("Invalid length for EstEID app version: " + data.length);
    }

    void se_restore(int i) throws IOException, EstEIDException {
        check(transmit(new CommandAPDU(0, 34, 243, i)));
    }

    void se_keyref(int i, int i2) throws IOException, EstEIDException {
        check(transmit(new CommandAPDU(0, 34, 65, i, new byte[]{-125, 3, Byte.MIN_VALUE, (byte) (i2 >> 8), (byte) i2})));
    }

    @Override // org.esteid.EstEID
    public byte[] sign(byte[] bArr, CallbackHandler callbackHandler) throws WrongPINException, IOException, UnsupportedCallbackException {
        select(FID_3F00);
        select(FID_EEEE);
        se_restore(1);
        verifyPIN(EstEID.PIN.PIN2, callbackHandler);
        return check(transmit(new CommandAPDU(0, 42, P1_PSO_SIGN, P2_PSO_SIGN, bArr, 256))).getData();
    }

    @Override // org.esteid.EstEID
    public byte[] authenticate(byte[] bArr, CallbackHandler callbackHandler) throws WrongPINException, IOException, UnsupportedCallbackException {
        select(FID_3F00);
        select(FID_EEEE);
        se_restore(1);
        verifyPIN(EstEID.PIN.PIN1, callbackHandler);
        return check(transmit(new CommandAPDU(0, INS_INTERNAL_AUTHENTICATE, 0, 0, bArr, 256))).getData();
    }

    @Override // org.esteid.BaseEstEID, org.esteid.EstEID
    public byte[] decrypt(byte[] bArr, CallbackHandler callbackHandler) throws WrongPINException, IOException, UnsupportedCallbackException {
        select(FID_3F00);
        select(FID_EEEE);
        se_restore(6);
        verifyPIN(EstEID.PIN.PIN1, callbackHandler);
        se_keyref(184, 4352);
        byte[] prepend = org.bouncycastle.util.Arrays.prepend(bArr, (byte) 0);
        if (prepend.length <= 250) {
            return check(transmit(new CommandAPDU(0, 42, P1_PSO_DECRYPT, P1_PSO_DECRYPT, prepend, 256))).getData();
        }
        int length = prepend.length / 2;
        byte[] copyOfRange = Arrays.copyOfRange(prepend, 0, length);
        byte[] copyOfRange2 = Arrays.copyOfRange(prepend, length, prepend.length);
        check(transmit(new CommandAPDU(16, 42, P1_PSO_DECRYPT, P2_PSO_DECRYPT, copyOfRange, 256)));
        return check(transmit(new CommandAPDU(0, 42, P1_PSO_DECRYPT, P2_PSO_DECRYPT, copyOfRange2, 256))).getData();
    }

    @Override // org.esteid.EstEID
    public byte[] dh(ECPublicKey eCPublicKey, CallbackHandler callbackHandler) throws WrongPINException, IOException, UnsupportedCallbackException {
        return dh(SubjectPublicKeyInfo.getInstance(eCPublicKey.getEncoded()).getPublicKeyData().getBytes(), callbackHandler);
    }

    @Override // org.esteid.EstEID
    public boolean unblockPIN(EstEID.PIN pin, CallbackHandler callbackHandler) throws WrongPINException, IOException, UnsupportedCallbackException {
        return false;
    }

    public byte[] dh(byte[] bArr, CallbackHandler callbackHandler) throws WrongPINException, IOException, UnsupportedCallbackException {
        select(FID_3F00);
        select(FID_EEEE);
        verifyPIN(EstEID.PIN.PIN1, callbackHandler);
        return check(transmit(new CommandAPDU(0, 42, P1_PSO_DECRYPT, P2_PSO_DECRYPT, org.bouncycastle.util.Arrays.concatenate(new byte[]{-90, 102, Byte.MAX_VALUE, 73, 99, -122, 97}, bArr), 256))).getData();
    }

    public APDUBIBO getChannel() {
        return this.channel;
    }

    @Override // java.lang.AutoCloseable
    public void close() {
    }
}
