package cr.libre.firmador;

import eu.europa.esig.dss.policy.DateUtils;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.lang.invoke.MethodHandles;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.List;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import org.apache.commons.lang3.StringUtils;
import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLink;
import org.apache.xml.security.keys.content.x509.XMLX509Certificate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sun.security.pkcs11.wrapper.CK_ATTRIBUTE;
import sun.security.pkcs11.wrapper.CK_C_INITIALIZE_ARGS;
import sun.security.pkcs11.wrapper.CK_NOTIFY;
import sun.security.pkcs11.wrapper.CK_SLOT_INFO;
import sun.security.pkcs11.wrapper.CK_TOKEN_INFO;
import sun.security.pkcs11.wrapper.PKCS11;
import sun.security.pkcs11.wrapper.PKCS11Exception;

/* loaded from: input_file:cr/libre/firmador/SmartCardDetector.class */
public class SmartCardDetector implements ConfigListener {
    final Logger LOG = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
    protected Settings settings = SettingsManager.getInstance().getAndCreateSettings();
    private String lib;

    public void updateLib() {
        this.lib = CRSigner.getPkcs11Lib();
    }

    public List<CardSignInfo> readSaveListSmartCard() throws Throwable {
        List<CardSignInfo> arrayList;
        try {
            arrayList = readListSmartCard();
        } catch (Throwable th) {
            this.LOG.info("readListSmartCard thrown", th);
            if (th.getMessage().toString().contains("incompatible architecture")) {
                throw new UnsupportedArchitectureException("Java para ARM detectado. Debe instalar Java para Intel para usar tarjetas de Firma Digital.", th);
            }
            arrayList = new ArrayList();
        }
        for (String str : this.settings.pKCS12File) {
            File file = new File(str);
            if (file.exists()) {
                arrayList.add(new CardSignInfo(CardSignInfo.PKCS12TYPE, str, file.getName()));
            }
        }
        return arrayList;
    }

    public List<CardSignInfo> readListSmartCard() throws Throwable {
        PKCS11 pkcs11;
        ArrayList arrayList = new ArrayList();
        updateLib();
        CK_C_INITIALIZE_ARGS ck_c_initialize_args = new CK_C_INITIALIZE_ARGS();
        try {
            ck_c_initialize_args.flags = 2L;
            pkcs11 = PKCS11.getInstance(this.lib, "C_GetFunctionList", ck_c_initialize_args, false);
        } catch (PKCS11Exception e) {
            this.LOG.debug("C_GetFunctionList didn't like CKF_OS_LOCKING_OK on pInitArgs", e);
            ck_c_initialize_args.flags = 0L;
            pkcs11 = PKCS11.getInstance(this.lib, "C_GetFunctionList", ck_c_initialize_args, false);
        }
        this.LOG.info("Interface: " + new String(pkcs11.C_GetInfo().libraryDescription).trim());
        Boolean bool = true;
        for (long j : pkcs11.C_GetSlotList(bool.booleanValue())) {
            CK_SLOT_INFO C_GetSlotInfo = pkcs11.C_GetSlotInfo(j);
            this.LOG.debug("Slot " + j + ": " + new String(C_GetSlotInfo.slotDescription).trim());
            if ((C_GetSlotInfo.flags & 1) != 0) {
                try {
                    CK_TOKEN_INFO C_GetTokenInfo = pkcs11.C_GetTokenInfo(j);
                    this.LOG.info("Token: " + new String(C_GetTokenInfo.label).trim() + " (" + new String(C_GetTokenInfo.serialNumber).trim() + ")");
                    CK_ATTRIBUTE[] ck_attributeArr = {new CK_ATTRIBUTE(0L, 1L)};
                    long C_OpenSession = pkcs11.C_OpenSession(j, 4L, (Object) null, (CK_NOTIFY) null);
                    pkcs11.C_FindObjectsInit(C_OpenSession, ck_attributeArr);
                    long[] C_FindObjects = pkcs11.C_FindObjects(C_OpenSession, 32L);
                    pkcs11.C_FindObjectsFinal(C_OpenSession);
                    for (long j2 : C_FindObjects) {
                        CK_ATTRIBUTE[] ck_attributeArr2 = {new CK_ATTRIBUTE(17L), new CK_ATTRIBUTE(258L)};
                        pkcs11.C_GetAttributeValue(C_OpenSession, j2, ck_attributeArr2);
                        for (int i = 0; i < ck_attributeArr2.length; i += 2) {
                            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID).generateCertificate(new ByteArrayInputStream((byte[]) ck_attributeArr2[i].pValue));
                            boolean[] keyUsage = x509Certificate.getKeyUsage();
                            if (x509Certificate.getBasicConstraints() == -1 && keyUsage[0] && keyUsage[1]) {
                                String str = "";
                                String str2 = "";
                                String str3 = "";
                                String str4 = "";
                                String str5 = "";
                                for (Rdn rdn : new LdapName(x509Certificate.getSubjectX500Principal().getName("RFC1779")).getRdns()) {
                                    if (rdn.getType().equals("OID.2.5.4.5")) {
                                        str3 = rdn.getValue().toString();
                                    }
                                    if (rdn.getType().equals("OID.2.5.4.4")) {
                                        str2 = rdn.getValue().toString();
                                    }
                                    if (rdn.getType().equals("OID.2.5.4.42")) {
                                        str = rdn.getValue().toString();
                                    }
                                    if (rdn.getType().equals("CN")) {
                                        str4 = rdn.getValue().toString();
                                    }
                                    if (rdn.getType().equals(PDAnnotationLink.HIGHLIGHT_MODE_OUTLINE)) {
                                        str5 = rdn.getValue().toString();
                                    }
                                }
                                String format = new SimpleDateFormat(DateUtils.DEFAULT_DATE_FORMAT).format(x509Certificate.getNotAfter());
                                this.LOG.debug(str + StringUtils.SPACE + str2 + " (" + str3 + "), " + str5 + ", " + x509Certificate.getSerialNumber().toString(16) + " [Token serial number: " + new String(C_GetTokenInfo.serialNumber) + "] (Expires: " + format + ")");
                                this.LOG.debug("Public/Private key pair identifier: " + ck_attributeArr2[i + 1]);
                                arrayList.add(new CardSignInfo(CardSignInfo.PKCS11TYPE, str3, str, str2, str4, str5, format, x509Certificate.getSerialNumber().toString(16), new String(C_GetTokenInfo.serialNumber), j));
                            }
                        }
                    }
                    pkcs11.C_CloseSession(C_OpenSession);
                } catch (PKCS11Exception e2) {
                    if (!e2.getLocalizedMessage().equals("CKR_TOKEN_NOT_RECOGNIZED")) {
                        throw e2;
                    }
                    this.LOG.info("Slot reports token is present but not recognized by the cryptoki library", e2);
                }
            } else {
                this.LOG.info("No token present in this slot");
            }
        }
        return arrayList;
    }

    @Override // cr.libre.firmador.ConfigListener
    public void updateConfig() {
    }
}
