package de.cardcontact.smartcardhsmprovider;

import de.cardcontact.opencard.service.smartcardhsm.CertificateDescription;
import de.cardcontact.opencard.service.smartcardhsm.KeyDescription;
import de.cardcontact.opencard.service.smartcardhsm.SmartCardHSMCardService;
import de.cardcontact.opencard.service.smartcardhsm.SmartCardHSMEntry;
import de.cardcontact.opencard.service.smartcardhsm.SmartCardHSMKey;
import de.cardcontact.opencard.service.smartcardhsm.SmartCardHSMRSAKey;
import de.cardcontact.tlv.TLVEncodingException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.ProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.util.Date;
import java.util.Enumeration;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import opencard.core.OpenCardException;
import opencard.core.service.CardServiceException;
import opencard.core.terminal.CardTerminalException;
import opencard.core.util.HexString;
import opencard.opt.iso.fs.CardFilePath;
import opencard.opt.iso.fs.CardIOException;
import opencard.opt.security.SecurityDomain;
import opencard.opt.service.CardServiceResourceNotFoundException;

/* loaded from: input_file:de/cardcontact/smartcardhsmprovider/SmartCardHSMKeyStore.class */
public class SmartCardHSMKeyStore extends KeyStoreSpi {
    private static final Logger log = Logger.getLogger(SmartCardHSMKeyStore.class.getName());
    private SmartCardHSMProvider provider;
    private SmartCardHSMCardService schsm;
    private Vector<String> aliases;

    public SmartCardHSMKeyStore(SmartCardHSMProvider smartCardHSMProvider, String str) {
        this.provider = smartCardHSMProvider;
        this.schsm = smartCardHSMProvider.getSmartCardHSMCardService();
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        try {
            this.aliases = this.schsm.getAliases();
            return this.aliases.elements();
        } catch (OpenCardException e) {
            log.log(Level.FINE, e.getLocalizedMessage(), e);
            throw new ProviderException(e);
        } catch (CertificateException e2) {
            log.log(Level.FINE, e2.getLocalizedMessage(), (Throwable) e2);
            throw new ProviderException(e2);
        } catch (TLVEncodingException e3) {
            log.log(Level.FINE, e3.getLocalizedMessage(), e3);
            throw new ProviderException(e3);
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return this.schsm.containsLabel(str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        if (!this.provider.isVerified()) {
            throw new ProviderException("Login required.");
        }
        try {
            this.schsm.removeEntry(str);
        } catch (CardServiceResourceNotFoundException e) {
            log.log(Level.FINE, e.getLocalizedMessage(), e);
            throw new KeyStoreException(str + " not found.");
        } catch (CardIOException e2) {
            log.log(Level.FINE, e2.getLocalizedMessage(), e2);
            throw new ProviderException(e2);
        } catch (CardServiceException e3) {
            log.log(Level.FINE, e3.getLocalizedMessage(), e3);
            throw new ProviderException(e3);
        } catch (CardTerminalException e4) {
            log.log(Level.FINE, e4.getLocalizedMessage(), e4);
            throw new ProviderException(e4);
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        SmartCardHSMEntry smartCardHSMEntry = this.schsm.getSmartCardHSMEntry(str);
        if (smartCardHSMEntry == null) {
            return null;
        }
        return smartCardHSMEntry.getCert();
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        return new Certificate[]{engineGetCertificate(str)};
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        return new Date();
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        if (cArr != null && cArr.length > 0) {
            String str2 = "";
            for (char c : cArr) {
                str2 = str2 + c;
            }
            try {
                this.schsm.verifyPassword((SecurityDomain) null, 0, str2.getBytes());
            } catch (CardTerminalException e) {
                log.log(Level.FINE, e.getLocalizedMessage(), e);
                throw new ProviderException(e);
            } catch (CardServiceException e2) {
                log.log(Level.FINE, e2.getLocalizedMessage(), e2);
                throw new ProviderException(e2);
            }
        }
        SmartCardHSMEntry smartCardHSMEntry = this.schsm.getSmartCardHSMEntry(str);
        if (smartCardHSMEntry == null) {
            throw new UnrecoverableKeyException("No key found.");
        }
        return smartCardHSMEntry.getKey();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        SmartCardHSMEntry smartCardHSMEntry = this.schsm.getSmartCardHSMEntry(str);
        return (smartCardHSMEntry == null || smartCardHSMEntry.isEECertificate()) ? false : true;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        SmartCardHSMEntry smartCardHSMEntry = this.schsm.getSmartCardHSMEntry(str);
        if (smartCardHSMEntry == null) {
            return false;
        }
        return smartCardHSMEntry.isKeyEntry();
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        if (cArr != null) {
            if (!this.schsm.verifyPassword((SecurityDomain) null, 0, new String(cArr).getBytes())) {
                log.log(Level.FINE, "Login failed. Wrong PIN?");
                throw new IOException("Login failed. Wrong PIN?");
            }
        }
        try {
            this.aliases = this.schsm.getAliases();
        } catch (TLVEncodingException e) {
            log.log(Level.FINE, e.getLocalizedMessage(), e);
            throw new ProviderException(e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        SmartCardHSMEntry smartCardHSMEntry = this.schsm.getSmartCardHSMEntry(str);
        if (!this.provider.isVerified()) {
            throw new ProviderException("Login required.");
        }
        try {
            if (smartCardHSMEntry != null) {
                SmartCardHSMKey key = smartCardHSMEntry.getKey();
                if (key != null) {
                    this.schsm.write(new CardFilePath(":CE" + HexString.hexify(key.getKeyRef())), 0, certificate.getEncoded());
                    this.schsm.addCertToMap(certificate, true, key.getKeyRef(), str);
                } else {
                    byte id = smartCardHSMEntry.getId();
                    this.schsm.write(new CardFilePath(":CA" + HexString.hexify(id)), 0, certificate.getEncoded());
                    this.schsm.addCertToMap(certificate, false, id, str);
                }
            } else {
                byte determineFreeCAId = this.schsm.determineFreeCAId();
                if (determineFreeCAId == -1) {
                    throw new KeyStoreException("Storage limit for CA Certificates reached.");
                }
                this.schsm.write(new CardFilePath(":CA" + HexString.hexify(determineFreeCAId)), 0, certificate.getEncoded());
                this.schsm.write(new CardFilePath(":C8" + HexString.hexify(determineFreeCAId)), 0, CertificateDescription.buildCertDescription(str, certificate.getPublicKey(), new byte[]{-54, determineFreeCAId}));
                this.schsm.addCertToMap(certificate, false, determineFreeCAId, str);
            }
        } catch (CertificateException e) {
            log.log(Level.FINE, e.getLocalizedMessage(), (Throwable) e);
            throw new ProviderException(e);
        } catch (TLVEncodingException e2) {
            log.log(Level.FINE, e2.getLocalizedMessage(), e2);
            throw new ProviderException(e2);
        } catch (OpenCardException e3) {
            log.log(Level.FINE, e3.getLocalizedMessage(), e3);
            throw new ProviderException(e3);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        SmartCardHSMKey smartCardHSMKey = (SmartCardHSMKey) key;
        if (!this.provider.isVerified()) {
            throw new ProviderException("Login required.");
        }
        String label = smartCardHSMKey.getLabel();
        smartCardHSMKey.setLabel(str);
        try {
            byte[] bArr = {smartCardHSMKey.getKeyRef()};
            this.schsm.storePRKD(smartCardHSMKey.getKeyRef(), key instanceof SmartCardHSMRSAKey ? new KeyDescription(bArr, str, smartCardHSMKey.getKeySize(), KeyDescription.KeyTypes.RSA) : new KeyDescription(bArr, str, smartCardHSMKey.getKeySize(), KeyDescription.KeyTypes.EC));
            if (label != null) {
                this.schsm.renameEntry(label, str);
            } else {
                this.schsm.addKeyToMap(smartCardHSMKey);
            }
            if (certificateArr.length >= 1) {
                this.schsm.write(new CardFilePath(":CE" + HexString.hexify(smartCardHSMKey.getKeyRef())), 0, certificateArr[0].getEncoded());
                this.schsm.addCertToMap(certificateArr[0], true, smartCardHSMKey.getKeyRef(), str);
            }
        } catch (CertificateEncodingException e) {
            log.log(Level.FINE, e.getLocalizedMessage(), (Throwable) e);
            throw new ProviderException(e);
        } catch (CardTerminalException e2) {
            log.log(Level.FINE, e2.getLocalizedMessage(), e2);
            throw new ProviderException(e2);
        } catch (CardServiceException e3) {
            log.log(Level.FINE, e3.getLocalizedMessage(), e3);
            throw new ProviderException(e3);
        }
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        try {
            return this.schsm.getAliases().size();
        } catch (Exception e) {
            log.log(Level.FINE, e.getLocalizedMessage(), (Throwable) e);
            return 0;
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
    }
}
