package de.cardcontact.smartcardhsmprovider;

import de.cardcontact.opencard.factory.GlobalPlatformCardServiceFactory;
import de.cardcontact.opencard.factory.IsoCardServiceFactory;
import de.cardcontact.opencard.factory.RemoteClientCardServiceFactory;
import de.cardcontact.opencard.factory.SmartCardHSMCardServiceFactory;
import de.cardcontact.opencard.service.StatusWordTable;
import de.cardcontact.opencard.service.remoteclient.RemoteClient;
import de.cardcontact.opencard.service.remoteclient.RemoteNotificationListener;
import de.cardcontact.opencard.service.smartcardhsm.SmartCardHSMCardService;
import de.cardcontact.opencard.terminal.smartcardio.SmartCardIOFactory;
import de.cardcontact.tlv.HexString;
import java.io.IOException;
import java.lang.reflect.Constructor;
import java.security.AuthProvider;
import java.security.Provider;
import java.security.ProviderException;
import java.security.Security;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import opencard.core.OpenCardException;
import opencard.core.event.CTListener;
import opencard.core.event.CardTerminalEvent;
import opencard.core.event.EventGenerator;
import opencard.core.service.CardRequest;
import opencard.core.service.CardServiceException;
import opencard.core.service.CardServiceRegistry;
import opencard.core.service.SmartCard;
import opencard.core.terminal.CardID;
import opencard.core.terminal.CardTerminal;
import opencard.core.terminal.CardTerminalException;
import opencard.core.terminal.CardTerminalRegistry;
import opencard.core.terminal.CommandAPDU;
import opencard.core.terminal.ResponseAPDU;
import opencard.core.terminal.SlotChannel;
import opencard.core.util.APDUFormatter;
import opencard.core.util.APDUTracer;
import opencard.core.util.OpenCardPropertyLoadingException;
import opencard.opt.util.PassThruCardServiceFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/cardcontact/smartcardhsmprovider/SmartCardHSMProvider.class */
public final class SmartCardHSMProvider extends AuthProvider implements CTListener, APDUTracer {
    private static final long serialVersionUID = 4737690040987973156L;
    private static final Logger log = LoggerFactory.getLogger(SmartCardHSMProvider.class);
    private static String PROVIDER_NAME = "SmartCardHSM";
    private static double VERSION = 1.0d;
    private static String INFO = "SmartCardHSM provider implementing x";
    private boolean doSecureMessaging;
    private int doOCFShutdown;
    private boolean usePinPad;
    private boolean usePKACallback;
    private SmartCard sc;
    private String terminalName;
    private CardTerminal ct;
    private int slotID;
    private SmartCardHSMCardService schsm;
    private PasswordCallback passwordCallback;
    private PublicKeyAuthenticationCallback pkaCallback;
    private CallbackHandler callBackHandler;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:de/cardcontact/smartcardhsmprovider/SmartCardHSMProvider$KeyPairGenService.class */
    public static class KeyPairGenService extends Provider.Service {
        private static final Class[] constructorParamTypes = {SmartCardHSMProvider.class, String.class};

        KeyPairGenService(AuthProvider authProvider, String str, String str2, String str3, Vector<String> vector) {
            super(authProvider, str, str2, str3, vector, null);
        }

        KeyPairGenService(AuthProvider authProvider, String str, String str2, String str3) {
            super(authProvider, str, str2, str3, null, null);
        }

        @Override // java.security.Provider.Service
        public Object newInstance(Object obj) {
            try {
                SmartCardHSMProvider smartCardHSMProvider = (SmartCardHSMProvider) getProvider();
                ClassLoader classLoader = smartCardHSMProvider.getClass().getClassLoader();
                Constructor<?> constructor = (classLoader == null ? Class.forName(getClassName()) : classLoader.loadClass(getClassName())).getConstructor(constructorParamTypes);
                StringTokenizer stringTokenizer = new StringTokenizer(getAlgorithm(), "/");
                stringTokenizer.nextToken();
                return constructor.newInstance(smartCardHSMProvider, stringTokenizer.nextToken());
            } catch (Exception e) {
                SmartCardHSMProvider.log.error(e.getLocalizedMessage(), e);
                throw new ProviderException(e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:de/cardcontact/smartcardhsmprovider/SmartCardHSMProvider$SCHSMService.class */
    public static class SCHSMService extends Provider.Service {
        private static final Class[] constructorParamTypes = {SmartCardHSMProvider.class, String.class};

        SCHSMService(AuthProvider authProvider, String str, String str2, String str3, Vector<String> vector) {
            super(authProvider, str, str2, str3, vector, null);
        }

        SCHSMService(AuthProvider authProvider, String str, String str2, String str3) {
            super(authProvider, str, str2, str3, null, null);
        }

        @Override // java.security.Provider.Service
        public Object newInstance(Object obj) {
            try {
                SmartCardHSMProvider smartCardHSMProvider = (SmartCardHSMProvider) getProvider();
                ClassLoader classLoader = smartCardHSMProvider.getClass().getClassLoader();
                return (classLoader == null ? Class.forName(getClassName()) : classLoader.loadClass(getClassName())).getConstructor(constructorParamTypes).newInstance(smartCardHSMProvider, getAlgorithm());
            } catch (Exception e) {
                SmartCardHSMProvider.log.error(e.getLocalizedMessage(), e);
                throw new ProviderException(e);
            }
        }
    }

    public SmartCardHSMProvider() {
        super(PROVIDER_NAME, VERSION, INFO);
        this.doSecureMessaging = true;
        this.doOCFShutdown = 0;
        this.usePinPad = false;
        this.usePKACallback = false;
        this.sc = null;
        this.terminalName = null;
        this.ct = null;
        this.slotID = 0;
        this.callBackHandler = null;
        log.debug("Super constructor called...");
        initProviderProperties();
        try {
            register();
        } catch (Exception e) {
            log.error(e.getLocalizedMessage(), e);
            throw new ProviderException(e);
        }
    }

    public SmartCardHSMProvider(String str, boolean z) {
        super(PROVIDER_NAME + "/" + str, VERSION, INFO);
        this.doSecureMessaging = true;
        this.doOCFShutdown = 0;
        this.usePinPad = false;
        this.usePKACallback = false;
        this.sc = null;
        this.terminalName = null;
        this.ct = null;
        this.slotID = 0;
        this.callBackHandler = null;
        log.debug("Super constructor called...");
        this.terminalName = str;
        initProviderProperties();
        if (z) {
            try {
                register();
            } catch (Exception e) {
                log.error(e.getLocalizedMessage(), e);
                throw new ProviderException(e);
            }
        }
    }

    public SmartCardHSMProvider(String str) {
        this(str, true);
    }

    public static void removeProviders() {
        for (Provider provider : Security.getProviders()) {
            if (provider.getName().startsWith(PROVIDER_NAME)) {
                SmartCardHSMProvider smartCardHSMProvider = (SmartCardHSMProvider) provider;
                smartCardHSMProvider.unregister();
                Security.removeProvider(smartCardHSMProvider.getName());
            }
        }
    }

    public boolean isVerified() {
        boolean z = false;
        if (this.schsm == null) {
            return false;
        }
        try {
            z = this.schsm.getSecurityStatus();
        } catch (CardTerminalException e) {
        } catch (CardServiceException e2) {
        }
        if (!z) {
            z = verify();
        }
        return z;
    }

    private boolean verify() {
        if (this.schsm == null) {
            throw new ProviderException("CardService not initialized");
        }
        if (this.callBackHandler == null) {
            try {
                return this.schsm.verifyPassword();
            } catch (OpenCardException e) {
                log.error(e.getLocalizedMessage(), e);
                throw new ProviderException((Throwable) e);
            }
        }
        try {
            log.debug("Get password callback from application");
            if (this.usePKACallback) {
                this.callBackHandler.handle(new Callback[]{this.passwordCallback, this.pkaCallback});
            } else {
                this.callBackHandler.handle(new Callback[]{this.passwordCallback});
            }
            if (this.passwordCallback.getPassword() != null) {
                this.schsm.setCHVDialog(new OCFCallback(this.passwordCallback));
                try {
                    return this.schsm.verifyPassword();
                } catch (OpenCardException e2) {
                    log.error(e2.getLocalizedMessage(), e2);
                    throw new ProviderException((Throwable) e2);
                }
            }
            if (this.pkaCallback.getUrl() == null) {
                throw new ProviderException("Neither a password nor an URL to an authentication server was configured");
            }
            try {
                this.sc.getCardService(RemoteClient.class, true).update(this.pkaCallback.getUrl(), (String) null, (RemoteNotificationListener) null);
                return this.schsm.getSecurityStatus();
            } catch (Exception e3) {
                log.error(e3.getLocalizedMessage(), e3);
                throw new ProviderException(e3);
            }
        } catch (IOException e4) {
            log.error(e4.getLocalizedMessage(), e4);
            throw new ProviderException(e4);
        } catch (UnsupportedCallbackException e5) {
            log.error(e5.getLocalizedMessage(), e5);
            throw new ProviderException(e5);
        }
    }

    public void setSecureMessaging(boolean z) {
        this.doSecureMessaging = z;
    }

    public void useTerminalPinPad(boolean z) {
        this.usePinPad = z;
    }

    public void usePKACallback(boolean z) {
        this.usePKACallback = z;
    }

    private void initProviderProperties() {
        this.passwordCallback = new PasswordCallback("SmartCardHSMPasswordCallback", false);
        this.pkaCallback = new PublicKeyAuthenticationCallback();
        log.debug("Initializing provider algorithms...");
        putService(new SCHSMService(this, "SecureRandom", "NativePRNG", "de.cardcontact.smartcardhsmprovider.SecureRandom"));
        putService(new SCHSMService(this, "KeyGenerator", "AES", "de.cardcontact.smartcardhsmprovider.KeyGenerator"));
        Vector vector = new Vector();
        vector.addElement("RSA");
        putService(new KeyPairGenService(this, "KeyPairGenerator", "RSA//PKCS1-v1-5-SHA-1", "de.cardcontact.smartcardhsmprovider.KeyPairGenerator$RSA", vector));
        putService(new KeyPairGenService(this, "KeyPairGenerator", "RSA//PKCS1-v1-5-SHA-256", "de.cardcontact.smartcardhsmprovider.KeyPairGenerator$RSA"));
        putService(new KeyPairGenService(this, "KeyPairGenerator", "RSA//PKCS1-PSS-SHA-1", "de.cardcontact.smartcardhsmprovider.KeyPairGenerator$RSA"));
        putService(new KeyPairGenService(this, "KeyPairGenerator", "RSA//PKCS1-PSS-SHA-256", "de.cardcontact.smartcardhsmprovider.KeyPairGenerator$RSA"));
        Vector vector2 = new Vector();
        vector2.addElement("EC");
        putService(new KeyPairGenService(this, "KeyPairGenerator", "EC//ECDSA-SHA-1", "de.cardcontact.smartcardhsmprovider.KeyPairGenerator$EC", vector2));
        putService(new KeyPairGenService(this, "KeyPairGenerator", "EC//ECDSA-SHA-224", "de.cardcontact.smartcardhsmprovider.KeyPairGenerator$EC"));
        putService(new KeyPairGenService(this, "KeyPairGenerator", "EC//ECDSA-SHA-256", "de.cardcontact.smartcardhsmprovider.KeyPairGenerator$EC"));
        put("AlgorithmParameters.EC SupportedCurves", "secp192r1,prime192v1,secp256r1,prime256v1,brainpoolP192r1,brainpoolP224r1,brainpoolP256r1,brainpoolP320r1,secp192k1,secp256k1");
        Vector vector3 = new Vector();
        vector3.addElement("SHA1withRSA");
        putService(new SCHSMService(this, "Signature", "SHA1withRSA//PKCS1-v1-5", "de.cardcontact.smartcardhsmprovider.SmartCardHSMSignature$SHA1withRSAPKCS1V15", vector3));
        Vector vector4 = new Vector();
        vector4.addElement("SHA256withRSA");
        putService(new SCHSMService(this, "Signature", "SHA256withRSA//PKCS1-v1-5", "de.cardcontact.smartcardhsmprovider.SmartCardHSMSignature$SHA256withRSAPKCS1V15", vector4));
        Vector vector5 = new Vector();
        vector5.addElement("SHA1withRSA/PSS");
        putService(new SCHSMService(this, "Signature", "SHA1withRSA//PKCS1-PSS", "de.cardcontact.smartcardhsmprovider.SmartCardHSMSignature$SHA1withRSAPKCS1PSS", vector5));
        Vector vector6 = new Vector();
        vector6.addElement("SHA256withRSA/PSS");
        putService(new SCHSMService(this, "Signature", "SHA256withRSA//PKCS1-PSS", "de.cardcontact.smartcardhsmprovider.SmartCardHSMSignature$SHA256withRSAPKCS1PSS", vector6));
        putService(new SCHSMService(this, "Signature", "SHA1withECDSA", "de.cardcontact.smartcardhsmprovider.SmartCardHSMSignature$SHA1withECDSA"));
        putService(new SCHSMService(this, "Signature", "SHA224withECDSA", "de.cardcontact.smartcardhsmprovider.SmartCardHSMSignature$SHA224withECDSA"));
        putService(new SCHSMService(this, "Signature", "SHA256withECDSA", "de.cardcontact.smartcardhsmprovider.SmartCardHSMSignature$SHA256withECDSA"));
        putService(new SCHSMService(this, "Signature", "NONEwithECDSA", "de.cardcontact.smartcardhsmprovider.SmartCardHSMSignature$NONEwithECDSA"));
        putService(new SCHSMService(this, "Signature", "NONEwithRSA", "de.cardcontact.smartcardhsmprovider.SmartCardHSMSignature$NONEwithRSA"));
        putService(new SCHSMService(this, "KeyStore", "SmartCardHSMKeyStore", "de.cardcontact.smartcardhsmprovider.SmartCardHSMKeyStore"));
        Vector vector7 = new Vector();
        vector7.addElement("RSA");
        putService(new SCHSMService(this, "Cipher", "RSA/None/NoPadding", "de.cardcontact.smartcardhsmprovider.SmartCardHSMCipher", vector7));
        Vector vector8 = new Vector();
        vector8.addElement("RSA/ECB/PKCS1Padding");
        vector8.addElement("RSA/NONE/PKCS1Padding");
        putService(new SCHSMService(this, "Cipher", "RSA/None/PKCS1Padding", "de.cardcontact.smartcardhsmprovider.SmartCardHSMCipher", vector8));
        Vector vector9 = new Vector();
        vector9.addElement("RSA/NONE/OAEPWithSHA1AndMGF1Padding");
        vector9.addElement("RSA/None/OAEPWithSHA1AndMGF1Padding");
        putService(new SCHSMService(this, "Cipher", "RSA/ECB/OAEPWithSHA-1AndMGF1Padding", "de.cardcontact.smartcardhsmprovider.SmartCardHSMCipher", vector9));
        putService(new SCHSMService(this, "KeyAgreement", "ECDH", "de.cardcontact.smartcardhsmprovider.SmartCardHSMKeyAgreement"));
    }

    public void setSmartCardHSMCardService(SmartCardHSMCardService smartCardHSMCardService) {
        if (smartCardHSMCardService == null) {
            this.schsm = null;
            return;
        }
        try {
            log.debug("Setting SmartCardHSMCardService object");
            smartCardHSMCardService.getCard().setAPDUTracer(this);
            smartCardHSMCardService.useClassThreePinPad(this.usePinPad);
            if (this.doSecureMessaging) {
                smartCardHSMCardService.initSecureMessaging();
            }
            this.schsm = smartCardHSMCardService;
        } catch (OpenCardException e) {
            log.error(e.getLocalizedMessage(), e);
            throw new ProviderException((Throwable) e);
        }
    }

    public SmartCardHSMCardService getSmartCardHSMCardService() {
        checkCardState();
        return this.schsm;
    }

    private void checkCardState() {
        if (this.schsm == null) {
            try {
                EventGenerator.getGenerator().createEventsForPresentCards(this);
            } catch (CardTerminalException e) {
                log.debug(e.getLocalizedMessage(), e);
            }
            if (this.schsm == null) {
                throw new ProviderException("No card inserted");
            }
        }
    }

    @Override // java.security.AuthProvider
    public void login(Subject subject, CallbackHandler callbackHandler) throws LoginException {
        checkCardState();
        if (this.callBackHandler == null && callbackHandler == null && !this.usePinPad) {
            throw new LoginException("The mandatory CallbackHandler cannot be null");
        }
        if (callbackHandler != null) {
            setCallbackHandler(callbackHandler);
        }
        if (verify()) {
            return;
        }
        log.info("Login failed. Wrong PIN?");
        throw new FailedLoginException("Login failed. Wrong PIN?");
    }

    @Override // java.security.AuthProvider
    public void logout() throws LoginException {
    }

    @Override // java.security.AuthProvider
    public void setCallbackHandler(CallbackHandler callbackHandler) {
        this.callBackHandler = callbackHandler;
    }

    public void register() throws OpenCardPropertyLoadingException, CardServiceException, CardTerminalException, ClassNotFoundException {
        if (SmartCard.isStarted()) {
            log.debug("OCF already running");
            if (this.doOCFShutdown == 0) {
                this.doOCFShutdown++;
            }
        } else {
            log.debug("Startup of OCF...");
            SmartCard.startup();
            new SmartCardIOFactory().createCardTerminals(CardTerminalRegistry.getRegistry(), new String[]{"*", "PCSC"});
            CardServiceRegistry registry = CardServiceRegistry.getRegistry();
            registry.add(new IsoCardServiceFactory());
            registry.add(new PassThruCardServiceFactory());
            registry.add(new GlobalPlatformCardServiceFactory());
            registry.add(new SmartCardHSMCardServiceFactory());
            registry.add(new RemoteClientCardServiceFactory());
        }
        this.doOCFShutdown++;
        log.debug("Register to event generator...");
        EventGenerator.getGenerator().addCTListener(this);
    }

    public void unregister() {
        log.debug("Unregister from event generator...");
        EventGenerator.getGenerator().removeCTListener(this);
        this.doOCFShutdown--;
        if (this.doOCFShutdown <= 0) {
            try {
                log.debug("Shutdown OCF...");
                SmartCard.shutdown();
            } catch (CardTerminalException e) {
                log.error(e.getLocalizedMessage(), e);
                throw new ProviderException((Throwable) e);
            }
        }
        this.sc = null;
        this.ct = null;
        this.schsm = null;
    }

    public void cardInserted(CardTerminalEvent cardTerminalEvent) throws CardTerminalException {
        if (this.sc == null) {
            log.debug("Card inserted");
            CardTerminalRegistry registry = CardTerminalRegistry.getRegistry();
            if (this.ct == null) {
                if (this.terminalName != null) {
                    this.ct = registry.cardTerminalForName(this.terminalName);
                }
                if (this.ct == null) {
                    this.ct = cardTerminalEvent.getCardTerminal();
                }
            }
            this.sc = SmartCard.getSmartCard(cardTerminalEvent, new CardRequest(1, this.ct, SmartCardHSMCardService.class));
            if (this.sc == null) {
                log.debug("New card is not a SmartCard-HSM");
                return;
            }
            this.slotID = cardTerminalEvent.getSlotID();
            try {
                log.debug("New SmartCardHSMCardService object");
                this.schsm = this.sc.getCardService(SmartCardHSMCardService.class, true);
                this.schsm.getCard().setAPDUTracer(this);
                this.schsm.useClassThreePinPad(this.usePinPad);
                if (this.doSecureMessaging) {
                    this.schsm.initSecureMessaging();
                }
                if (this.callBackHandler != null) {
                    verify();
                }
            } catch (CardServiceException e) {
                log.error(e.getLocalizedMessage(), e);
                throw new ProviderException((Throwable) e);
            } catch (ClassNotFoundException e2) {
                log.error(e2.getLocalizedMessage(), e2);
                throw new ProviderException(e2);
            }
        }
    }

    public void cardRemoved(CardTerminalEvent cardTerminalEvent) throws CardTerminalException {
        if (cardTerminalEvent.getSlotID() == this.slotID) {
            if (this.ct == null || cardTerminalEvent.getCardTerminal().equals(this.ct)) {
                log.debug("Card removed");
                this.sc = null;
                this.ct = null;
                this.slotID = -1;
                this.schsm = null;
            }
        }
    }

    public void traceAnswerToReset(SlotChannel slotChannel, CardID cardID) {
        log.debug(slotChannel.getCardTerminal().getName().concat("\n").concat(HexString.hexifyByteArray(cardID.getATR())));
    }

    public void traceCommandAPDU(SlotChannel slotChannel, CommandAPDU commandAPDU) {
        log.debug(slotChannel.getCardTerminal().getName().concat("\n").concat(APDUFormatter.commandAPDUToString(commandAPDU)));
    }

    public void traceResponseAPDU(SlotChannel slotChannel, ResponseAPDU responseAPDU) {
        try {
            StringBuffer stringBuffer = new StringBuffer(80);
            int length = responseAPDU.getLength();
            byte[] buffer = responseAPDU.getBuffer();
            stringBuffer.append("   R: ");
            stringBuffer.append(StatusWordTable.MessageForSW(responseAPDU.sw()));
            stringBuffer.append(" Lr=" + (length - 2));
            stringBuffer.append("\n");
            if (length > 2) {
                stringBuffer.append(HexString.dump(buffer, 0, length - 2, 16, 6));
            }
            log.debug(stringBuffer.toString());
        } catch (Exception e) {
            log.debug("Error decoding APDU.", e);
        }
    }
}
