package org.openecard.ifd.protocol.pace;

import iso.std.iso_iec._24727.tech.schema.EstablishChannel;
import iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse;
import java.io.UnsupportedEncodingException;
import org.openecard.common.ECardConstants;
import org.openecard.common.WSHelper;
import org.openecard.common.apdu.utils.CardUtils;
import org.openecard.common.ifd.Protocol;
import org.openecard.common.ifd.anytype.PACEInputType;
import org.openecard.common.ifd.anytype.PACEOutputType;
import org.openecard.common.ifd.protocol.exception.ProtocolException;
import org.openecard.common.interfaces.Dispatcher;
import org.openecard.crypto.common.asn1.eac.SecurityInfos;
import org.openecard.crypto.common.asn1.eac.ef.EFCardAccess;
import org.openecard.gui.UserConsent;
import org.openecard.ifd.protocol.pace.gui.GUIContentMap;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/openecard/ifd/protocol/pace/PACEProtocol.class */
public class PACEProtocol implements Protocol {
    private static final Logger logger = LoggerFactory.getLogger(PACEProtocol.class.getName());
    private SecureMessaging sm;

    @Override // org.openecard.common.ifd.Protocol
    public EstablishChannelResponse establish(EstablishChannel establishChannel, Dispatcher dispatcher, UserConsent userConsent) {
        PACEInputType pACEInputType;
        byte pinid;
        byte[] chat;
        byte[] bytes;
        EstablishChannelResponse establishChannelResponse = new EstablishChannelResponse();
        try {
            pACEInputType = new PACEInputType(establishChannel.getAuthenticationProtocolData());
            pinid = pACEInputType.getPINID();
            chat = pACEInputType.getCHAT();
            if (pACEInputType.getPIN() == null || pACEInputType.getPIN().isEmpty()) {
                GUIContentMap gUIContentMap = new GUIContentMap();
                gUIContentMap.add(GUIContentMap.ELEMENT.PIN_ID, Byte.valueOf(pinid));
                new PACEUserConsent(userConsent).show(gUIContentMap);
                bytes = ((String) gUIContentMap.get(GUIContentMap.ELEMENT.PIN)).getBytes("ISO-8859-1");
            } else {
                bytes = pACEInputType.getPIN().getBytes("ISO-8859-1");
            }
        } catch (UnsupportedEncodingException e) {
            logger.error(e.getMessage(), (Throwable) e);
            establishChannelResponse.setResult(WSHelper.makeResultError("http://www.bsi.bund.de/ecard/api/1.1/resultminor/ifdl/IO#unknownPINFormat", "Cannot encode the PIN in ISO-8859-1 charset."));
        } catch (ProtocolException e2) {
            logger.error(e2.getMessage(), (Throwable) e2);
            establishChannelResponse.setResult(WSHelper.makeResult(e2));
        } catch (Throwable th) {
            logger.error(th.getMessage(), th);
            establishChannelResponse.setResult(WSHelper.makeResult(th));
        }
        if (bytes == null || bytes.length == 0) {
            establishChannelResponse.setResult(WSHelper.makeResultError(ECardConstants.Minor.IFD.CANCELLATION_BY_USER, "No PIN was entered."));
            return establishChannelResponse;
        }
        byte[] slotHandle = establishChannel.getSlotHandle();
        byte[] readFile = new CardUtils(dispatcher).readFile(slotHandle, (short) 284);
        PACEImplementation pACEImplementation = new PACEImplementation(dispatcher, slotHandle, new EFCardAccess(SecurityInfos.getInstance(readFile)).getPACESecurityInfos());
        pACEImplementation.execute(bytes, pinid, chat);
        this.sm = new SecureMessaging(pACEImplementation.getKeyMAC(), pACEImplementation.getKeyENC());
        PACEOutputType outputType = pACEInputType.getOutputType();
        outputType.setEFCardAccess(readFile);
        outputType.setCurrentCAR(pACEImplementation.getCurrentCAR());
        outputType.setPreviousCAR(pACEImplementation.getPreviousCAR());
        outputType.setIDPICC(pACEImplementation.getIDPICC());
        outputType.setRetryCounter(pACEImplementation.getRetryCounter());
        establishChannelResponse.setResult(WSHelper.makeResultOK());
        establishChannelResponse.setAuthenticationProtocolData(outputType.getAuthDataType());
        return establishChannelResponse;
    }

    @Override // org.openecard.common.ifd.Protocol
    public byte[] applySM(byte[] bArr) {
        try {
            if (this.sm != null) {
                return this.sm.encrypt(bArr);
            }
            throw new RuntimeException("No established Secure Messaging channel available");
        } catch (Exception e) {
            this.sm = null;
            logger.error(e.getMessage(), (Throwable) e);
            throw new RuntimeException(e);
        }
    }

    @Override // org.openecard.common.ifd.Protocol
    public byte[] removeSM(byte[] bArr) {
        try {
            if (this.sm != null) {
                return this.sm.decrypt(bArr);
            }
            throw new RuntimeException("No established Secure Messaging channel available");
        } catch (Exception e) {
            this.sm = null;
            logger.error(e.getMessage(), (Throwable) e);
            throw new RuntimeException(e);
        }
    }
}
