package de.governikus.pcard;

import de.bos_bremen.basecard.terminal.pcsc.PaceCapabilities;
import de.bos_bremen.basecard.terminal.pcsc.PaceConstants;
import de.bos_bremen.basecard.terminal.pcsc.Pcsc20Features;
import de.bos_bremen.common.Filter;
import de.bos_bremen.common.asn1.cvc.CertificateDescription;
import de.bos_bremen.common.asn1.cvc.CertificateHolderAuthorizationTemplate;
import de.bos_bremen.common.asn1.cvc.SignatureTerminals;
import de.bos_bremen.gov2.jca_provider.OCFProvider;
import de.bos_bremen.gov2.jca_provider.ocf.CardTerminalManager;
import de.bos_bremen.gov2.jca_provider.ocf.CertificateLoader;
import de.bos_bremen.gov2.jca_provider.ocf.ProgressSessionListener;
import de.bos_bremen.gov2.jca_provider.ocf.SecureCard;
import de.bos_bremen.gov2.jca_provider.ocf.cards.epa.pace.impl.PACE;
import de.bos_bremen.gov2.jca_provider.ocf.cards.epa.pace.impl.PaceInputParameters;
import de.bos_bremen.gov2.jca_provider.ocf.model.Card;
import de.bos_bremen.gov2.jca_provider.ocf.model.CardKey;
import de.bos_bremen.gov2.jca_provider.ocf.model.Terminal;
import de.bos_bremen.opencard.terminal.pcsc.JPCSCCardTerminal;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import opencard.core.terminal.CardTerminal;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/governikus/pcard/MCardUtil.class */
public class MCardUtil {
    private static final SecureCard.SecurityProtocolParameter NPA_SECURE_CARD_SIGNING_CONTEXT_PARAMETER;
    private static final Logger LOG = LogManager.getLogger(MCardUtil.class);
    private static final Filter<CardKey> FILTER_KEYS_QUALIFIED_SIGNATURE = new Filter<CardKey>() { // from class: de.governikus.pcard.MCardUtil.1
        public Class<CardKey> getFilterClass() {
            return CardKey.class;
        }

        public boolean accept(CardKey cardKey) {
            return (cardKey.getTypeValue() & CardKey.CardKeyTypeEnum.QUALIFIED_SIGNATURE.getTypeValue()) == CardKey.CardKeyTypeEnum.QUALIFIED_SIGNATURE.getTypeValue();
        }
    };
    private static final Logger LOGGER = LogManager.getLogger(MCardUtil.class);
    private static final SecureCard.SecurityProtocolParameter TCOS_SC20_SECURE_CARD_SIGNING_CONTEXT_PARAMETER = new PaceInputParameters(PACE.USE_CAN_KEY, (char[]) null, (CertificateHolderAuthorizationTemplate) null, (CertificateDescription) null);
    private static final SecureCardEnvironment SECURE_CARD_SIGNING_ENVIRONMENT_NPA = new SecureCardEnvironment() { // from class: de.governikus.pcard.MCardUtil.2
        @Override // de.governikus.pcard.MCardUtil.SecureCardEnvironment
        public boolean isSecureContextSupported(Card card) {
            if (card != null) {
                return MCardUtil.isRFIDComfortTerminal(card.getTerminal());
            }
            return false;
        }
    };
    private static final SecureCardEnvironment SECURE_CARD_ENVIRONMENT_ALWAYS = new SecureCardEnvironment() { // from class: de.governikus.pcard.MCardUtil.3
        @Override // de.governikus.pcard.MCardUtil.SecureCardEnvironment
        public boolean isSecureContextSupported(Card card) {
            return true;
        }
    };

    /* loaded from: input_file:de/governikus/pcard/MCardUtil$SecureCardContext.class */
    private enum SecureCardContext {
        NPA_SIGN(Card.CardTypeEnum.NPA, MCardUtil.SECURE_CARD_SIGNING_ENVIRONMENT_NPA, "MF", SecureCard.SecurityProtocol.EAC2_PACEPLUS, MCardUtil.NPA_SECURE_CARD_SIGNING_CONTEXT_PARAMETER, (Filter) MCardUtil.FILTER_KEYS_QUALIFIED_SIGNATURE, false),
        TELESEC_SC20_SIGN(new Card.CardTypeEnum[]{Card.CardTypeEnum.TCOS30_SC20M_RFID, Card.CardTypeEnum.TCOS30_SC20_RFID}, MCardUtil.SECURE_CARD_ENVIRONMENT_ALWAYS, new String[]{"MF"}, SecureCard.SecurityProtocol.EAC2_PACE, MCardUtil.TCOS_SC20_SECURE_CARD_SIGNING_CONTEXT_PARAMETER, (Filter) MCardUtil.FILTER_KEYS_QUALIFIED_SIGNATURE, false);

        private final List<String> listApplicationNames;
        private final List<Card.CardTypeEnum> listCardTypes;
        private final Filter<CardKey> filterKeys;
        private final List<Integer> listCardTypeValues;
        private final SecureCard.SecurityProtocol securityProtocol;
        private final boolean cardInternallyUpdating;
        private final SecureCardEnvironment environment;
        private final SecureCard.SecurityProtocolParameter securityProtocolParameter;

        SecureCardContext(Card.CardTypeEnum cardTypeEnum, SecureCardEnvironment secureCardEnvironment, String str, SecureCard.SecurityProtocol securityProtocol, SecureCard.SecurityProtocolParameter securityProtocolParameter, Filter filter, boolean z) {
            this(Arrays.asList(cardTypeEnum), secureCardEnvironment, Arrays.asList(str), securityProtocol, securityProtocolParameter, filter, z);
        }

        SecureCardContext(Card.CardTypeEnum[] cardTypeEnumArr, SecureCardEnvironment secureCardEnvironment, String[] strArr, SecureCard.SecurityProtocol securityProtocol, SecureCard.SecurityProtocolParameter securityProtocolParameter, Filter filter, boolean z) {
            this(Arrays.asList(cardTypeEnumArr), secureCardEnvironment, Arrays.asList(strArr), securityProtocol, securityProtocolParameter, filter, z);
        }

        SecureCardContext(List list, SecureCardEnvironment secureCardEnvironment, List list2, SecureCard.SecurityProtocol securityProtocol, SecureCard.SecurityProtocolParameter securityProtocolParameter, Filter filter, boolean z) {
            this.listCardTypes = list;
            this.listCardTypeValues = new ArrayList();
            Iterator it = list.iterator();
            while (it.hasNext()) {
                this.listCardTypeValues.add(Integer.valueOf(((Card.CardTypeEnum) it.next()).getTypeValue()));
            }
            this.environment = secureCardEnvironment;
            this.listApplicationNames = list2;
            this.securityProtocol = securityProtocol;
            this.securityProtocolParameter = securityProtocolParameter;
            this.filterKeys = filter;
            this.cardInternallyUpdating = z;
        }

        public static SecureCardContext getSecureCardContext(Card card) {
            SecureCardContext secureCardContext = null;
            if (card != null) {
                SecureCard cardService = card.getCardService();
                if (SecureCard.class.isInstance(cardService)) {
                    SecureCardContext[] values = values();
                    int length = values.length;
                    int i = 0;
                    while (true) {
                        if (i >= length) {
                            break;
                        }
                        SecureCardContext secureCardContext2 = values[i];
                        if (secureCardContext2.listCardTypeValues.contains(Integer.valueOf(card.getTypeValue())) && secureCardContext2.environment.isSecureContextSupported(card) && cardService.getSecurityProtocol() != secureCardContext2.securityProtocol && !secureCardContext2.getKeys(card).isEmpty()) {
                            secureCardContext = secureCardContext2;
                            break;
                        }
                        i++;
                    }
                }
            }
            return secureCardContext;
        }

        public List<String> getListApplicationNames() {
            return this.listApplicationNames;
        }

        public List<Card.CardTypeEnum> getListCardTypes() {
            return this.listCardTypes;
        }

        public Filter<CardKey> getFilterKeys() {
            return this.filterKeys;
        }

        public List<Integer> getListCardTypeValues() {
            return this.listCardTypeValues;
        }

        public SecureCard.SecurityProtocol getSecurityProtocol() {
            return this.securityProtocol;
        }

        public boolean isCardInternallyUpdating() {
            return this.cardInternallyUpdating;
        }

        public SecureCardEnvironment getEnvironment() {
            return this.environment;
        }

        public SecureCard.SecurityProtocolParameter getSecurityProtocolParameter() {
            return this.securityProtocolParameter;
        }

        public Collection<CardKey> getKeys(Card card) {
            return card != null ? card.getKeyCollection(this.filterKeys, 1) : Collections.emptyList();
        }

        @Override // java.lang.Enum
        public String toString() {
            return super.toString() + "\n  CardTypes: " + getListCardTypes() + "\n  CardTypesValues: " + getListCardTypeValues() + "\n  Applications: " + getListApplicationNames() + "\n  Environment: " + getEnvironment() + "\n  SecurityProtocol: " + getSecurityProtocol() + "\n  SecurityProtocolParameter: " + getSecurityProtocolParameter() + "\n  KeyFilter: " + getFilterKeys() + "\n  CardInternallyUpdating: " + isCardInternallyUpdating();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:de/governikus/pcard/MCardUtil$SecureCardEnvironment.class */
    public interface SecureCardEnvironment {
        boolean isSecureContextSupported(Card card);
    }

    private MCardUtil() {
    }

    public static void logMCardVersion() {
        LOGGER.debug("Version of MCard: " + OCFProvider.getVersionString());
        LOGGER.debug("MCard uses as CardServiceFactory: " + OCFProvider.Settings.getInstance().getCardServiceFactory());
    }

    public static boolean isRFIDComfortTerminal(Terminal terminal) {
        boolean z = false;
        if (terminal != null) {
            z = isRFIDComfortTerminal(terminal.getCardTerminal());
        }
        return z;
    }

    public static boolean isRFIDComfortTerminal(CardTerminal cardTerminal) {
        Pcsc20Features pcsc20Features;
        PaceCapabilities paceCapabilities;
        List capabilitiesList;
        boolean z = false;
        if (JPCSCCardTerminal.class.isInstance(cardTerminal) && (pcsc20Features = ((JPCSCCardTerminal) JPCSCCardTerminal.class.cast(cardTerminal)).getPcsc20Features()) != null && (paceCapabilities = pcsc20Features.getPaceCapabilities()) != null && (capabilitiesList = paceCapabilities.getCapabilitiesList()) != null) {
            LOGGER.debug("pace capabilities of terminal '" + cardTerminal.getName() + "': " + capabilitiesList);
            z = capabilitiesList.contains(PaceConstants.PaceCapabilityEnum.ESIGN);
        }
        return z;
    }

    public static void allocateSecureCardContext(Card card, KeyStore keyStore) {
        LOGGER.info("allocateSecureCardContext()");
        if (card == null) {
            return;
        }
        SecureCardContext secureCardContext = SecureCardContext.getSecureCardContext(card);
        LOGGER.info("required secure card context for application present: " + (secureCardContext != null));
        if (secureCardContext == null) {
            return;
        }
        boolean z = false;
        Iterator<CardKey> it = secureCardContext.getKeys(card).iterator();
        while (it.hasNext()) {
            if (it.next().getInfo().getX509Certificate() == null) {
                z = true;
            }
        }
        if (z) {
            try {
                SecureCard cardService = card.getCardService();
                if (cardService.allocateSecureContext(secureCardContext.securityProtocol, secureCardContext.securityProtocolParameter).isSecurityProtocolSuccessfulAllocated()) {
                    if (!secureCardContext.cardInternallyUpdating) {
                        LOGGER.debug("try externally updating card informations ...");
                        CardTerminalManager.getInstance((Properties) null, (ProgressSessionListener) null, (CertificateLoader) null).fireGovCSRemoved(cardService);
                        CardTerminalManager.getInstance((Properties) null, (ProgressSessionListener) null, (CertificateLoader) null).fireGovCSAdded(cardService);
                    }
                    LOGGER.debug("aliases after secure context: " + Collections.list(keyStore.aliases()));
                }
                LOGGER.debug("secure card context successfully established");
            } catch (Exception e) {
                LOGGER.debug("secure card context allocation failed: " + e.getMessage());
            }
        }
    }

    static {
        PaceInputParameters paceInputParameters = null;
        try {
            paceInputParameters = new PaceInputParameters(PACE.USE_CAN_KEY, (char[]) null, CertificateHolderAuthorizationTemplate.createFromOIDAndChatMatrix(SignatureTerminals.OID_SIGNATURE_TERMINAL, new byte[]{3}), (CertificateDescription) null);
        } catch (Exception e) {
            LOG.debug(e.getMessage());
        }
        NPA_SECURE_CARD_SIGNING_CONTEXT_PARAMETER = paceInputParameters;
    }
}
