package mixconfig.tools.dataretention;

import anon.crypto.MyRSAPublicKey;
import java.math.BigInteger;
import java.security.PublicKey;
import java.util.List;
import javax.crypto.Cipher;
import javax.smartcardio.Card;
import javax.smartcardio.CardChannel;
import javax.smartcardio.CardTerminal;
import javax.smartcardio.CommandAPDU;
import javax.smartcardio.ResponseAPDU;
import javax.smartcardio.TerminalFactory;
import org.bouncycastle.crypto.digests.SHA512Digest;
import org.bouncycastle.crypto.engines.AESFastEngine;
import org.bouncycastle.crypto.modes.GCMBlockCipher;
import org.bouncycastle.crypto.params.AEADParameters;
import org.bouncycastle.crypto.params.KeyParameter;

/* loaded from: input_file:mixconfig/tools/dataretention/DataRetentionSmartCard.class */
public class DataRetentionSmartCard {
    public static final byte DATE_LENGTH = 4;
    public static final byte DATE_AUTH_TAG_LENGTH = 16;
    public static final short GCM_AUTH_TAG_LENGTH = 128;
    public static final short ENCRYPTED_KEY_LENGTH = 256;
    public static byte[] entity_entry_lengths = {0, 18, 16, 18, 12};
    public static final short AES_BLOCK_LENGTH = 16;
    public static final short AES128_KEY_LENGTH = 16;
    private static final short EXCEPTION_NEW_DATE_IN_PAST = 24577;
    private static final short EXCEPTION_OUTSIDE_RETENTION_PERIOD = 24578;
    private static final short SW_SECURITY_STATUS_NOT_SATISFIED = 24578;
    CardTerminal m_terminal = null;
    CardChannel m_channel = null;
    Card m_card = null;
    private final byte OFFSET_CLA = 0;
    private final byte OFFSET_INS = 1;
    private final byte OFFSET_P1 = 2;
    private final byte OFFSET_P2 = 3;
    private final byte OFFSET_LC = 4;
    private final byte OFFSET_DATA = 5;
    private final byte HEADER_LENGTH = 5;
    private final short RSA_KEY_LENGTH = 256;
    private final byte CLA_ANON = -80;
    private final byte INS_AUTHADMIN = 48;
    private final byte INS_SETDATE = 49;
    private final byte INS_UNBLOCKUSERPIN = 50;
    private final byte INS_SETADMINPIN = 51;
    private final byte INS_AUTHUSER = 80;
    private final byte INS_GETLOGKEY = 81;
    private final byte INS_GETPUBLICKEY_EXP = 82;
    private final byte INS_GETPUBLICKEY_MOD = 83;
    private final byte ANON_LOG_KEY_LENGTH = 16;
    private final short APDU_DATA_LENGTH = 200;
    private final byte[] selectANONApplet = {0, -92, 4, 0, 13, 65, 78, 79, 78, 76, 111, 103, 65, 112, 112, 108, 101, 116};

    public List GetReaderList() {
        try {
            return TerminalFactory.getDefault().terminals().list();
        } catch (Exception e) {
            System.out.println("Exception : " + e);
            return null;
        }
    }

    public boolean connectToSmartCard() throws Exception {
        List GetReaderList = GetReaderList();
        boolean z = false;
        int i = 0;
        while (true) {
            if (i >= GetReaderList.size()) {
                break;
            }
            System.out.println(i + " : " + GetReaderList.get(i));
            this.m_terminal = (CardTerminal) GetReaderList.get(i);
            if (this.m_terminal.isCardPresent()) {
                this.m_card = this.m_terminal.connect("*");
                System.out.println("card: " + this.m_card);
                this.m_channel = this.m_card.getBasicChannel();
                System.out.println(this.m_card.getATR().toString());
                if (sendAPDU(this.selectANONApplet).getSW() == 36864) {
                    z = true;
                    break;
                }
                System.out.println("Not ANON card.");
            }
            i++;
        }
        return z;
    }

    public void DisconnectFromCard() throws Exception {
        if (this.m_card != null) {
            this.m_card.disconnect(false);
            this.m_card = null;
        }
    }

    public MyRSAPublicKey retrievePublicKey() throws Exception {
        byte[] bArr = null;
        byte[] bArr2 = null;
        short s = 0;
        byte[] bArr3 = {-80, 82, 0, 0, 0};
        ResponseAPDU sendAPDU = sendAPDU(bArr3);
        if (sendAPDU.getSW() != 36864) {
            System.out.println("Fail to get public exponent");
        } else {
            byte[] data = sendAPDU.getData();
            bArr = new byte[data.length];
            System.arraycopy(data, 0, bArr, 0, data.length);
        }
        bArr3[0] = -80;
        bArr3[1] = 83;
        bArr3[2] = 0;
        ResponseAPDU sendAPDU2 = sendAPDU(bArr3);
        if (sendAPDU2.getSW() != 36864) {
            System.out.println("Fail to get public modulus");
        } else {
            byte[] data2 = sendAPDU2.getData();
            bArr2 = new byte[256];
            System.arraycopy(data2, 0, bArr2, 0, data2.length);
            s = (short) (0 + data2.length);
        }
        bArr3[0] = -80;
        bArr3[1] = 83;
        bArr3[2] = 1;
        ResponseAPDU sendAPDU3 = sendAPDU(bArr3);
        if (sendAPDU3.getSW() != 36864) {
            System.out.println("Fail to get public modulus");
        } else {
            byte[] data3 = sendAPDU3.getData();
            System.arraycopy(data3, 0, bArr2, s, data3.length);
        }
        BigInteger bigInteger = new BigInteger(1, bArr2);
        System.out.println("Key modulus is :" + bigInteger);
        BigInteger bigInteger2 = new BigInteger(1, bArr);
        System.out.println("Key exponent is :" + bigInteger2);
        return new MyRSAPublicKey(bigInteger, bigInteger2);
    }

    public byte[] EncryptLogKey(byte[] bArr, byte b, byte b2, short s, PublicKey publicKey) throws Exception {
        if (bArr.length != 16) {
            return null;
        }
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        System.out.println("\n" + cipher.getProvider().getInfo());
        System.out.println("\nStart encryption");
        byte[] bArr2 = new byte[bArr.length + 4 + 16];
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
        bArr2[bArr.length] = b;
        bArr2[bArr.length + 1] = b2;
        bArr2[bArr.length + 2] = (byte) (s >> 8);
        bArr2[bArr.length + 3] = (byte) (s & 255);
        GCMBlockCipher gCMBlockCipher = new GCMBlockCipher(new AESFastEngine());
        gCMBlockCipher.init(true, new AEADParameters(new KeyParameter(bArr), 128, new byte[16], null));
        byte[] bArr3 = new byte[gCMBlockCipher.getOutputSize(bArr.length + 4)];
        gCMBlockCipher.doFinal(bArr3, gCMBlockCipher.processBytes(bArr2, 0, bArr.length + 4, bArr3, 0));
        byte[] mac = gCMBlockCipher.getMac();
        System.arraycopy(mac, 0, bArr2, bArr.length + 4, mac.length);
        cipher.init(1, publicKey);
        byte[] doFinal = cipher.doFinal(bArr2);
        System.out.println("Finish encryption: ");
        System.out.println(bytesToHex(doFinal));
        return doFinal;
    }

    public int GetExpectedLogLineLength(int i) throws Exception {
        GCMBlockCipher gCMBlockCipher = new GCMBlockCipher(new AESFastEngine());
        gCMBlockCipher.init(true, new AEADParameters(new KeyParameter(new byte[16]), 128, new byte[16], null));
        return gCMBlockCipher.getOutputSize(i);
    }

    public byte[] EncryptLogLine(byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        GCMBlockCipher gCMBlockCipher = new GCMBlockCipher(new AESFastEngine());
        gCMBlockCipher.init(true, new AEADParameters(new KeyParameter(bArr), 128, bArr3, null));
        byte[] bArr4 = new byte[gCMBlockCipher.getOutputSize(bArr2.length)];
        gCMBlockCipher.doFinal(bArr4, gCMBlockCipher.processBytes(bArr2, 0, bArr2.length, bArr4, 0));
        return bArr4;
    }

    public byte[] DecryptLogLine(byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        byte[] decrpytSymmetricKey = decrpytSymmetricKey(bArr);
        if (decrpytSymmetricKey != null) {
            return DecryptLogLineKey(decrpytSymmetricKey, bArr2, bArr3);
        }
        return null;
    }

    public byte[] DecryptLogLineKey(byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        GCMBlockCipher gCMBlockCipher = new GCMBlockCipher(new AESFastEngine());
        gCMBlockCipher.init(false, new AEADParameters(new KeyParameter(bArr), 128, bArr3, null));
        byte[] bArr4 = new byte[gCMBlockCipher.getOutputSize(bArr2.length)];
        gCMBlockCipher.doFinal(bArr4, gCMBlockCipher.processBytes(bArr2, 0, bArr2.length, bArr4, 0));
        return bArr4;
    }

    public boolean authenticateUser(byte[] bArr) throws Exception {
        boolean z;
        byte[] bArr2 = new byte[5 + bArr.length];
        bArr2[0] = -80;
        bArr2[1] = 80;
        bArr2[2] = 0;
        bArr2[3] = 0;
        bArr2[4] = (byte) bArr.length;
        System.arraycopy(bArr, 0, bArr2, 5, bArr.length);
        if (sendAPDU(bArr2).getSW() != 36864) {
            System.out.println("Fail to verify User PIN");
            z = false;
        } else {
            System.out.println("User PIN verification OK");
            z = true;
        }
        return z;
    }

    public boolean Admin_Authenticate(byte[] bArr) throws Exception {
        boolean z;
        byte[] bArr2 = new byte[5 + bArr.length];
        bArr2[0] = -80;
        bArr2[1] = 48;
        bArr2[2] = 0;
        bArr2[3] = 0;
        bArr2[4] = (byte) bArr.length;
        System.arraycopy(bArr, 0, bArr2, 5, bArr.length);
        if (sendAPDU(bArr2).getSW() != 36864) {
            System.out.println("Fail to verify Admin PIN");
            z = false;
        } else {
            System.out.println("Admin PIN verification OK");
            z = true;
        }
        return z;
    }

    public boolean Admin_SetCurrentDate(byte b, byte b2, short s) throws Exception {
        boolean z;
        if (sendAPDU(new byte[]{-80, 49, 0, 0, 4, b, b2, (byte) (s >> 8), (byte) (s & 255)}).getSW() != 36864) {
            System.out.println("Fail to set current date, check if admin is authenticated.");
            z = false;
        } else {
            System.out.println("Actual date set OK");
            z = true;
        }
        return z;
    }

    public boolean Admin_SetAdminPIN(byte[] bArr) throws Exception {
        boolean z;
        byte[] bArr2 = new byte[5 + bArr.length];
        bArr2[0] = -80;
        bArr2[1] = 51;
        bArr2[2] = 0;
        bArr2[3] = 0;
        bArr2[4] = (byte) bArr.length;
        if (sendAPDU(bArr2).getSW() != 36864) {
            System.out.println("Fail to set admin PIN, check if admin is authenticated.");
            z = false;
        } else {
            System.out.println("Admin PIN set");
            z = true;
        }
        return z;
    }

    public boolean Admin_UnblockUserPIN(byte[] bArr) throws Exception {
        boolean z;
        byte[] bArr2 = bArr == null ? new byte[5] : new byte[5 + bArr.length];
        bArr2[0] = -80;
        bArr2[1] = 50;
        bArr2[2] = (byte) (bArr != null ? 1 : 0);
        bArr2[3] = 0;
        bArr2[4] = (byte) (bArr != null ? bArr.length : 0);
        if (sendAPDU(bArr2).getSW() != 36864) {
            System.out.println("Fail to unblock user PIN, check if admin is authenticated.");
            z = false;
        } else {
            System.out.println("User PIN ublocked");
            z = true;
        }
        return z;
    }

    public byte[] decrpytSymmetricKey(byte[] bArr) throws Exception {
        byte[] bArr2;
        int length = bArr.length;
        byte b = 0;
        int i = 0;
        while (length > 200) {
            byte[] bArr3 = new byte[205];
            bArr3[0] = -80;
            bArr3[1] = 81;
            bArr3[2] = b;
            bArr3[3] = 0;
            bArr3[4] = -56;
            System.arraycopy(bArr, i, bArr3, 5, 200);
            if (sendAPDU(bArr3).getSW() != 36864) {
                System.out.println("Fail to decrypt key");
                return null;
            }
            i += 200;
            length -= 200;
            b = (byte) (b + 1);
        }
        byte[] bArr4 = new byte[5 + length];
        bArr4[0] = -80;
        bArr4[1] = 81;
        bArr4[2] = b;
        bArr4[3] = 1;
        bArr4[4] = (byte) length;
        System.arraycopy(bArr, i, bArr4, 5, length);
        ResponseAPDU sendAPDU = sendAPDU(bArr4);
        if (sendAPDU.getSW() != 36864) {
            System.out.println("Fail to decrypt key");
            return null;
        }
        System.out.println(bytesToHex(sendAPDU.getBytes()));
        byte[] data = sendAPDU.getData();
        if (data.length > 16) {
            bArr2 = new byte[16];
            System.arraycopy(data, 0, bArr2, 0, 16);
            DataRetentionLogFileHeader.verifyMac(data, 0, 20, data, 20, new byte[]{-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -2}, bArr2);
            SHA512Digest sHA512Digest = new SHA512Digest();
            sHA512Digest.update(data, 16, 4);
            byte[] bArr5 = new byte[sHA512Digest.getDigestSize()];
            sHA512Digest.doFinal(bArr5, 0);
            for (int i2 = 0; i2 < 16; i2++) {
                bArr2[i2] = (byte) (data[i2] ^ bArr5[i2]);
            }
        } else {
            bArr2 = data;
        }
        return bArr2;
    }

    public byte[] CreateIV(int i) {
        byte[] bArr = new byte[12];
        for (int i2 = 0; i2 < bArr.length; i2++) {
            bArr[i2] = 0;
        }
        bArr[8] = (byte) ((i >> 24) & 255);
        bArr[9] = (byte) ((i >> 16) & 255);
        bArr[10] = (byte) ((i >> 8) & 255);
        bArr[11] = (byte) (i & 255);
        return bArr;
    }

    public byte[] CreateFooter(byte[] bArr, int i) throws Exception {
        int i2 = i + 1;
        return EncryptLogLine(bArr, new byte[]{(byte) ((i2 >> 24) & 255), (byte) ((i2 >> 16) & 255), (byte) ((i2 >> 8) & 255), (byte) (i2 & 255)}, CreateIV(i2));
    }

    public int VerifyFooter(byte[] bArr, byte[] bArr2, int i) throws Exception {
        byte[] DecryptLogLineKey = DecryptLogLineKey(bArr, bArr2, new byte[]{-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1});
        return (DecryptLogLineKey[0] << 24) | ((DecryptLogLineKey[1] << 16) & 16711680) | ((DecryptLogLineKey[2] << 8) & 65280) | (DecryptLogLineKey[3] & 255);
    }

    public String byteToHex(byte b) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(toHexChar((b >>> 4) & 15));
        stringBuffer.append(toHexChar(b & 15));
        return stringBuffer.toString();
    }

    public char toHexChar(int i) {
        return (0 > i || i > 9) ? (char) (97 + (i - 10)) : (char) (48 + i);
    }

    public String bytesToHex(byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer();
        for (byte b : bArr) {
            stringBuffer.append(byteToHex(b));
            stringBuffer.append(" ");
        }
        return stringBuffer.toString();
    }

    private ResponseAPDU sendAPDU(byte[] bArr) throws Exception {
        CommandAPDU commandAPDU = new CommandAPDU(bArr);
        System.out.println(">>>>");
        System.out.println(commandAPDU);
        System.out.println(bytesToHex(commandAPDU.getBytes()));
        ResponseAPDU transmit = this.m_channel.transmit(commandAPDU);
        System.out.println(transmit);
        System.out.println(bytesToHex(transmit.getBytes()));
        if (transmit.getSW1() == 97) {
            transmit = this.m_channel.transmit(new CommandAPDU(0, -64, 0, 0, transmit.getSW1()));
            System.out.println(bytesToHex(transmit.getBytes()));
        }
        System.out.println("<<<<");
        return transmit;
    }
}
