package at.co.svc.opencard.service;

import at.co.svc.opencard.encoding.SVPGrunddaten;
import de.cardcontact.opencard.eac.cvc.ECSignature;
import de.cardcontact.opencard.security.SecureChannelCredential;
import de.cardcontact.opencard.service.isocard.IsoCardService;
import de.cardcontact.opencard.service.isocard.apdu.ManageSECommandAPDU;
import de.cardcontact.opencard.service.isocard.apdu.PerformSecurityOperation;
import de.cardcontact.tlv.PrimitiveTLV;
import de.cardcontact.tlv.Sequence;
import de.cardcontact.tlv.TLV;
import de.cardcontact.tlv.TLVEncodingException;
import de.cardcontact.tlv.Tag;
import java.security.GeneralSecurityException;
import java.util.Properties;
import opencard.core.OpenCardException;
import opencard.core.service.CardChannel;
import opencard.core.service.CardServiceException;
import opencard.core.service.CardServiceScheduler;
import opencard.core.service.SmartCard;
import opencard.core.terminal.ResponseAPDU;
import opencard.opt.iso.fs.CardFilePath;
import opencard.opt.service.CardServiceUnexpectedResponseException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:at/co/svc/opencard/service/ECardCardService.class */
public class ECardCardService extends IsoCardService {
    private final Logger logger = LoggerFactory.getLogger(ECardCardService.class);
    private static final CardFilePath DF_SVP = new CardFilePath("#D040000017010101");
    private static final CardFilePath DF_SVS = new CardFilePath("#D040000017001001");

    protected void initialize(CardServiceScheduler cardServiceScheduler, SmartCard smartCard, boolean z) throws CardServiceException {
        super.initialize(cardServiceScheduler, smartCard, z);
        int i = 258;
        Properties features = smartCard.getCardID().getCardTerminal().features();
        if (features.containsKey("maxRAPDUSize")) {
            i = Integer.parseUnsignedInt(features.getProperty("maxRAPDUSize"));
            if (i > 2048) {
                i = 2048;
            } else if (i >= 261 && i <= 292) {
                i = 258;
            }
        }
        this.maxRDataSM = (Math.floorDiv((i - 19) - 2, 16) * 16) - 2;
    }

    public SVPGrunddaten readSVPGrunddaten() throws OpenCardException {
        CardFilePath cardFilePath = new CardFilePath(DF_SVP);
        cardFilePath.append(new CardFilePath(":01"));
        try {
            return new SVPGrunddaten(TLV.factory(read(cardFilePath, 0, -1)));
        } catch (TLVEncodingException e) {
            this.logger.error("Error decoding TLV in EF_Grunddaten", e);
            throw new CardServiceException("Error decoding TLV in EF_Grunddaten", e);
        }
    }

    public CertificateChain readSVSCertificateChain() throws OpenCardException, GeneralSecurityException {
        CardFilePath cardFilePath = new CardFilePath(DF_SVS);
        cardFilePath.append(new CardFilePath(":01"));
        byte[] read = read(cardFilePath, 0, -1);
        CardFilePath cardFilePath2 = new CardFilePath(DF_SVS);
        cardFilePath2.append(new CardFilePath(":02"));
        return new CertificateChain(read, read(cardFilePath2, 0, -1));
    }

    public byte[] signHashWithSVSignature(byte[] bArr) throws OpenCardException {
        SecureChannelCredential secureChannelCredential = getSecureChannelCredential(DF_SVS, 0);
        try {
            allocateCardChannel();
            CardChannel cardChannel = getCardChannel();
            Sequence sequence = new Sequence();
            sequence.add(new PrimitiveTLV(new Tag(4, Byte.MIN_VALUE, false), new byte[]{-126}));
            sequence.add(new PrimitiveTLV(new Tag(21, Byte.MIN_VALUE, false), new byte[]{64}));
            ManageSECommandAPDU manageSECommandAPDU = new ManageSECommandAPDU(65, -74, sequence);
            manageSECommandAPDU.setQueueable(true);
            if (sendCommandAPDU(cardChannel, secureChannelCredential, manageSECommandAPDU).sw() != 36864) {
                throw new CardServiceUnexpectedResponseException("MANAGE SE failed");
            }
            ResponseAPDU sendCommandAPDU = sendCommandAPDU(cardChannel, secureChannelCredential, new PerformSecurityOperation((byte) -98, (byte) -102, bArr, 256));
            if (sendCommandAPDU.sw() != 36864) {
                throw new CardServiceUnexpectedResponseException("PSO Compute Digital Signature failed");
            }
            byte[] wrapSignature = ECSignature.wrapSignature(sendCommandAPDU.data());
            releaseCardChannel();
            return wrapSignature;
        } catch (Throwable th) {
            releaseCardChannel();
            throw th;
        }
    }
}
