package es.gob.jmulticard.card.cardos;

import es.gob.jmulticard.HexUtils;
import es.gob.jmulticard.apdu.CommandApdu;
import es.gob.jmulticard.apdu.connection.ApduConnection;
import es.gob.jmulticard.apdu.connection.ApduConnectionException;
import es.gob.jmulticard.apdu.connection.ApduConnectionProtocol;
import es.gob.jmulticard.apdu.connection.CardNotPresentException;
import es.gob.jmulticard.apdu.connection.NoReadersFoundException;
import es.gob.jmulticard.asn1.Asn1Exception;
import es.gob.jmulticard.asn1.TlvException;
import es.gob.jmulticard.asn1.der.pkcs15.CertificateObject;
import es.gob.jmulticard.asn1.der.pkcs15.Odf;
import es.gob.jmulticard.card.Atr;
import es.gob.jmulticard.card.CryptoCard;
import es.gob.jmulticard.card.InvalidCardException;
import es.gob.jmulticard.card.PrivateKeyReference;
import es.gob.jmulticard.card.iso7816four.FileNotFoundException;
import es.gob.jmulticard.card.iso7816four.Iso7816FourCard;
import es.gob.jmulticard.card.iso7816four.Iso7816FourCardException;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.logging.Logger;
import javax.security.auth.callback.PasswordCallback;
import org.spongycastle.crypto.tls.CipherSuite;

/* loaded from: input_file:es/gob/jmulticard/card/cardos/CardOS.class */
public final class CardOS extends Iso7816FourCard implements CryptoCard {
    private static final byte[] ATR_MASK = {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1};
    private static final Atr ATR = new Atr(new byte[]{59, -46, 24, 0, -127, 49, -2, 88, -55, 1, 20}, ATR_MASK);
    private static final byte[] PKCS15_NAME = {-96, 0, 0, 0, 99, 80, 75, 67, 83, 45, 49, 53};
    private static byte CLA = 0;
    private static final Logger LOGGER = Logger.getLogger("es.gob.jmulticard");
    private static final Map<String, X509Certificate> certificatesByAlias = new LinkedHashMap();

    public CardOS(ApduConnection apduConnection) throws Iso7816FourCardException, IOException {
        super(CLA, apduConnection);
        connect(apduConnection);
        try {
            preloadCertificates();
        } catch (Asn1Exception e) {
            throw new IOException("Error creando las estructuras ASN.1: " + e, e);
        } catch (TlvException e2) {
            throw new IOException("Error tratando los TLV internos de las estructuras ASN.1: " + e2, e2);
        }
    }

    private void connect(ApduConnection apduConnection) throws IOException {
        byte[] reset;
        if (apduConnection == null) {
            throw new IllegalArgumentException("La conexion no puede ser nula");
        }
        apduConnection.setProtocol(ApduConnectionProtocol.T1);
        long[] terminals = apduConnection.getTerminals(false);
        if (terminals.length < 1) {
            throw new NoReadersFoundException();
        }
        InvalidCardException invalidCardException = null;
        CardNotPresentException cardNotPresentException = null;
        ApduConnectionException apduConnectionException = null;
        for (long j : terminals) {
            apduConnection.setTerminal((int) j);
            try {
                reset = apduConnection.reset();
            } catch (CardNotPresentException e) {
                cardNotPresentException = e;
            } catch (ApduConnectionException e2) {
                apduConnectionException = e2;
            }
            if (ATR.equals(new Atr(reset, ATR_MASK))) {
                return;
            }
            invalidCardException = new InvalidCardException(getCardName(), ATR, reset);
        }
        if (invalidCardException != null) {
            throw invalidCardException;
        }
        if (cardNotPresentException != null) {
            throw cardNotPresentException;
        }
        if (apduConnectionException == null) {
            throw new ApduConnectionException("No se ha podido conectar con ningun lector de tarjetas");
        }
        throw apduConnectionException;
    }

    private void preloadCertificates() throws FileNotFoundException, Iso7816FourCardException, IOException, Asn1Exception, TlvException {
        selectFileByName(PKCS15_NAME);
        selectFileById(new byte[]{80, 49});
        byte[] readBinaryComplete = readBinaryComplete(CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256);
        Odf odf = new Odf();
        odf.setDerValue(readBinaryComplete);
        selectFileById(odf.getCertificatesPath().getPathBytes());
        List<byte[]> readAllRecords = readAllRecords();
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            for (byte[] bArr : readAllRecords) {
                try {
                    CertificateObject certificateObject = new CertificateObject();
                    certificateObject.setDerValue(HexUtils.subArray(bArr, 2, bArr.length - 2));
                    byte[] pathBytes = certificateObject.getPathBytes();
                    if (pathBytes == null || pathBytes.length != 4) {
                        LOGGER.warning("Se omite una posicion de certificado porque su ruta no es de cuatro octetos: " + certificateObject.getAlias());
                    } else {
                        byte[] bArr2 = {80, 21};
                        sendArbitraryApdu(new CommandApdu(getCla(), (byte) -92, (byte) 8, (byte) 12, new byte[]{bArr2[0], bArr2[1], pathBytes[0], pathBytes[1], pathBytes[2], pathBytes[3]}, null));
                        try {
                            certificatesByAlias.put(certificateObject.getAlias(), (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(readBinaryComplete(9999))));
                        } catch (CertificateException e) {
                            LOGGER.severe("No ha sido posible generar el certificado para el alias " + certificateObject.getAlias() + ": " + e);
                        }
                    }
                } catch (Exception e2) {
                    LOGGER.warning("Omitido registro de certificado por no ser un CertificateObject de PKCS#15: " + e2);
                }
            }
        } catch (CertificateException e3) {
            throw new IllegalStateException("No se ha podido obtener la factoria de certificados X.509: " + e3, e3);
        }
    }

    @Override // es.gob.jmulticard.card.SmartCard
    public String getCardName() {
        return "Atos / Siemens CardOS";
    }

    @Override // es.gob.jmulticard.card.CryptoCard
    public String[] getAliases() {
        return (String[]) certificatesByAlias.keySet().toArray(new String[0]);
    }

    @Override // es.gob.jmulticard.card.CryptoCard
    public X509Certificate getCertificate(String str) {
        return certificatesByAlias.get(str);
    }

    @Override // es.gob.jmulticard.card.iso7816four.Iso7816FourCard
    protected void selectMasterFile() throws ApduConnectionException, FileNotFoundException, Iso7816FourCardException {
        selectFileById(new byte[0]);
    }

    public String toString() {
        StringBuilder append = new StringBuilder(getCardName()).append("\n Tarjeta con ").append(certificatesByAlias.size()).append(" certificado(s):\n");
        String[] aliases = getAliases();
        for (int i = 0; i < aliases.length; i++) {
            append.append("  ");
            append.append(i + 1);
            append.append(" - ");
            append.append(aliases[i]);
        }
        return append.toString();
    }

    @Override // es.gob.jmulticard.card.CryptoCard
    public PrivateKeyReference getPrivateKey(String str) {
        throw new UnsupportedOperationException();
    }

    @Override // es.gob.jmulticard.card.CryptoCard
    public byte[] sign(byte[] bArr, String str, PrivateKeyReference privateKeyReference) {
        throw new UnsupportedOperationException();
    }

    @Override // es.gob.jmulticard.card.iso7816four.Iso7816FourCard
    public void verifyPin(PasswordCallback passwordCallback) {
        throw new UnsupportedOperationException();
    }

    @Override // es.gob.jmulticard.card.CryptoCard
    public byte[] changePIN(String str, String str2) {
        throw new UnsupportedOperationException("El cambio de PIN no esta permitido para la tarjeta insertada.");
    }
}
