package df.sign.pkcs11.impl.iaik;

import com.itextpdf.text.pdf.PdfObject;
import df.sign.SignUtils;
import df.sign.pkcs11.CertificateData;
import df.sign.pkcs11.SmartCardAccessI;
import df.sign.utils.IOUtils;
import df.sign.utils.X509Utils;
import iaik.pkcs.pkcs11.Mechanism;
import iaik.pkcs.pkcs11.Module;
import iaik.pkcs.pkcs11.Session;
import iaik.pkcs.pkcs11.Slot;
import iaik.pkcs.pkcs11.Token;
import iaik.pkcs.pkcs11.objects.Object;
import iaik.pkcs.pkcs11.objects.RSAPrivateKey;
import iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;

/* loaded from: input_file:df/sign/pkcs11/impl/iaik/SmartCardAccessIaikImpl.class */
public class SmartCardAccessIaikImpl implements SmartCardAccessI {
    private Module pkcs11Module = null;
    private Session session = null;
    private String wrapperPath = null;

    private void prepareWrapper() throws Exception, Error {
        if (this.wrapperPath != null) {
            return;
        }
        String lowerCase = System.getProperty("os.name").toLowerCase();
        String property = System.getProperty("os.arch");
        String str = PdfObject.NOTHING;
        if (lowerCase.startsWith("windows")) {
            str = property.equals("x86") ? "PKCS11Wrapper32.dll" : "PKCS11Wrapper64.dll";
        }
        if (lowerCase.startsWith("linux")) {
            str = property.contains("64") ? "libpkcs11wrapper64.so" : "libpkcs11wrapper32.so";
        }
        if (lowerCase.startsWith("mac")) {
            str = "libpkcs11wrapper.jnilib";
        }
        if (str.equals(PdfObject.NOTHING)) {
            throw new Exception("Impossible to detect which PKCS11Wrapper library to use for the OS '" + lowerCase + "' and architecture '" + property + "'");
        }
        InputStream resourceAsStream = getClass().getResourceAsStream(str);
        if (resourceAsStream == null) {
            throw new Exception("The library " + str + " is not present in the jar");
        }
        this.wrapperPath = String.valueOf(System.getProperty("java.io.tmpdir")) + str;
        FileOutputStream fileOutputStream = new FileOutputStream(this.wrapperPath);
        IOUtils.copyInputStreamToOutputStream(resourceAsStream, fileOutputStream);
        fileOutputStream.close();
        resourceAsStream.close();
    }

    @Override // df.sign.pkcs11.SmartCardAccessI
    public long[] connectToLibrary(String str) throws Exception, Error {
        System.out.println("Connection to " + str);
        prepareWrapper();
        this.pkcs11Module = Module.getInstance(str, this.wrapperPath);
        this.pkcs11Module.initialize(null);
        Slot[] slotList = this.pkcs11Module.getSlotList(true);
        if (slotList.length == 0) {
            throw new Exception("Unable to find smart card using library " + str);
        }
        ArrayList arrayList = new ArrayList();
        long longValue = new Long(1L).longValue();
        for (Slot slot : slotList) {
            try {
                Mechanism[] mechanismList = slot.getToken().getMechanismList();
                long[] jArr = new long[mechanismList.length];
                for (int i = 0; i < mechanismList.length; i++) {
                    jArr[i] = mechanismList[i].getMechanismCode();
                }
                if (SignUtils.isContainedIntoArray(longValue, jArr) && slot.getToken().getMechanismInfo(new Mechanism(longValue)).isSign()) {
                    arrayList.add(Long.valueOf(slot.getSlotID()));
                }
            } catch (Error e) {
            } catch (Exception e2) {
            }
        }
        if (arrayList.size() == 0) {
            throw new Exception("No smartcards found supporting signing with mechanism RSA_PKCS using library " + str);
        }
        long[] jArr2 = new long[arrayList.size()];
        for (int i2 = 0; i2 < arrayList.size(); i2++) {
            jArr2[i2] = ((Long) arrayList.get(i2)).longValue();
        }
        return jArr2;
    }

    private Slot getSlot(long j) throws Exception, Error {
        if (this.pkcs11Module == null) {
            throw new Exception("pkcs11Module not initialized");
        }
        for (Slot slot : this.pkcs11Module.getSlotList(true)) {
            if (slot.getSlotID() == j) {
                return slot;
            }
        }
        throw new Exception("Slot not found");
    }

    @Override // df.sign.pkcs11.SmartCardAccessI
    public long getPinMinLength(long j) throws Exception, Error {
        return getSlot(j).getToken().getTokenInfo().getMinPinLen();
    }

    @Override // df.sign.pkcs11.SmartCardAccessI
    public long getPinMaxLength(long j) throws Exception, Error {
        return getSlot(j).getToken().getTokenInfo().getMaxPinLen();
    }

    @Override // df.sign.pkcs11.SmartCardAccessI
    public ArrayList<CertificateData> getCertificateList(long j) throws Exception, Error {
        ArrayList<CertificateData> arrayList = new ArrayList<>();
        this.session = getSlot(j).getToken().openSession(true, false, null, null);
        try {
            this.session.findObjectsInit(new X509PublicKeyCertificate());
            for (Object object : this.session.findObjects(1024)) {
                X509PublicKeyCertificate x509PublicKeyCertificate = (X509PublicKeyCertificate) object;
                byte[] byteArrayValue = x509PublicKeyCertificate.getId().getByteArrayValue();
                byte[] bytes = x509PublicKeyCertificate.getLabel().toString(false).getBytes();
                X509Certificate x509Certificate = X509Utils.getX509Certificate(x509PublicKeyCertificate.getValue().getByteArrayValue());
                if (x509Certificate.getKeyUsage()[0] || x509Certificate.getKeyUsage()[1]) {
                    CertificateData certificateData = new CertificateData();
                    certificateData.certID = byteArrayValue;
                    certificateData.certLABEL = bytes;
                    certificateData.cert = x509Certificate;
                    arrayList.add(certificateData);
                }
            }
            return arrayList;
        } finally {
            this.session.closeSession();
            this.session = null;
        }
    }

    @Override // df.sign.pkcs11.SmartCardAccessI
    public long login(long j, String str) throws Exception, Error {
        Token token = getSlot(j).getToken();
        this.session = token.openSession(true, false, null, null);
        if (token.getTokenInfo().isLoginRequired()) {
            if (token.getTokenInfo().isProtectedAuthenticationPath()) {
                this.session.login(true, null);
            } else {
                this.session.login(true, str.toCharArray());
            }
        }
        return this.session.getSessionHandle();
    }

    @Override // df.sign.pkcs11.SmartCardAccessI
    public byte[] signData(long j, byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception, Error {
        if (this.session == null) {
            throw new Exception("session not initialized");
        }
        RSAPrivateKey rSAPrivateKey = null;
        this.session.findObjectsInit(new RSAPrivateKey());
        for (Object object : this.session.findObjects(1024)) {
            RSAPrivateKey rSAPrivateKey2 = (RSAPrivateKey) object;
            byte[] byteArrayValue = rSAPrivateKey2.getId().getByteArrayValue();
            byte[] bytes = rSAPrivateKey2.getLabel().toString(false).getBytes();
            if (Arrays.equals(byteArrayValue, bArr) || Arrays.equals(bytes, bArr2)) {
                rSAPrivateKey = rSAPrivateKey2;
            }
        }
        if (rSAPrivateKey == null) {
            throw new Exception("Impossible to identify a private key using the provided ID or LABEL");
        }
        if (!rSAPrivateKey.getSign().getBooleanValue().booleanValue()) {
            throw new Exception("The identified private key did not support supports signatures with appendix");
        }
        this.session.signInit(Mechanism.get(1L), rSAPrivateKey);
        return this.session.sign(bArr3);
    }

    @Override // df.sign.pkcs11.SmartCardAccessI
    public void closeSession(long j) {
        try {
            if (this.session != null) {
                this.session.logout();
            }
        } catch (Error e) {
        } catch (Exception e2) {
        }
        try {
            if (this.session != null) {
                this.session.closeSession();
            }
        } catch (Error e3) {
        } catch (Exception e4) {
        }
        this.session = null;
    }

    @Override // df.sign.pkcs11.SmartCardAccessI
    public void disconnectLibrary() {
        try {
            if (this.pkcs11Module != null) {
                this.pkcs11Module.finalize(null);
            }
        } catch (Error e) {
        } catch (Exception e2) {
        }
        this.pkcs11Module = null;
    }
}
