package at.gv.egiz.bku.smccstal;

import at.gv.egiz.bku.gui.BKUGUIFacade;
import at.gv.egiz.bku.pin.gui.VerifyPINGUI;
import at.gv.egiz.smcc.CancelledException;
import at.gv.egiz.smcc.LockedException;
import at.gv.egiz.smcc.NotActivatedException;
import at.gv.egiz.smcc.SignatureCard;
import at.gv.egiz.smcc.SignatureCardException;
import at.gv.egiz.stal.ErrorResponse;
import at.gv.egiz.stal.InfoboxReadRequest;
import at.gv.egiz.stal.InfoboxReadResponse;
import at.gv.egiz.stal.STALRequest;
import at.gv.egiz.stal.STALResponse;
import java.io.ByteArrayInputStream;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/smccSTAL-1.4.1.jar:at/gv/egiz/bku/smccstal/InfoBoxReadRequestHandler.class */
public class InfoBoxReadRequestHandler extends AbstractRequestHandler {
    private final Logger log = LoggerFactory.getLogger(InfoBoxReadRequestHandler.class);

    private ErrorResponse errorResponse(int i, String str, Exception exc) {
        this.log.error(str, (Throwable) exc);
        ErrorResponse errorResponse = new ErrorResponse(i);
        errorResponse.setErrorMessage(str + (exc == null ? "" : " " + exc));
        return errorResponse;
    }

    @Override // at.gv.egiz.bku.smccstal.AbstractRequestHandler, at.gv.egiz.bku.smccstal.SMCCSTALRequestHandler
    public STALResponse handleRequest(STALRequest sTALRequest) throws InterruptedException {
        byte[] certificate;
        if (!(sTALRequest instanceof InfoboxReadRequest)) {
            return errorResponse(1000, "Got unexpected STAL request: " + sTALRequest, null);
        }
        InfoboxReadRequest infoboxReadRequest = (InfoboxReadRequest) sTALRequest;
        try {
            if (infoboxReadRequest.getInfoboxIdentifier().equals("IdentityLink")) {
                this.log.debug("Handling identitylink infobox.");
                byte[] infobox = this.card.getInfobox(infoboxReadRequest.getInfoboxIdentifier(), new VerifyPINGUI(this.gui), infoboxReadRequest.getDomainIdentifier());
                if (infobox == null) {
                    this.log.info("Infobox doesn't contain any data. Assume card is not activated.");
                    throw new NotActivatedException();
                }
                try {
                    byte[] convertDomainId = DomainIdConverter.convertDomainId(infobox, infoboxReadRequest.getDomainIdentifier());
                    InfoboxReadResponse infoboxReadResponse = new InfoboxReadResponse();
                    infoboxReadResponse.setInfoboxValue(convertDomainId);
                    return infoboxReadResponse;
                } catch (Exception e) {
                    return errorResponse(1000, "Cannot convert domain specific id.", e);
                }
            }
            if (!SignatureCard.KeyboxName.CERTIFIED_KEYPAIR.equals(infoboxReadRequest.getInfoboxIdentifier()) && !SignatureCard.KeyboxName.SECURE_SIGNATURE_KEYPAIR.equals(infoboxReadRequest.getInfoboxIdentifier())) {
                this.log.warn("Unknown infobox identifier: {} trying generic request.", infoboxReadRequest.getInfoboxIdentifier());
                byte[] infobox2 = this.card.getInfobox(infoboxReadRequest.getInfoboxIdentifier(), new VerifyPINGUI(this.gui), infoboxReadRequest.getDomainIdentifier());
                if (infobox2 == null) {
                    return errorResponse(6001, "Could not read infobox", null);
                }
                InfoboxReadResponse infoboxReadResponse2 = new InfoboxReadResponse();
                infoboxReadResponse2.setInfoboxValue(infobox2);
                return infoboxReadResponse2;
            }
            if (SignatureCard.KeyboxName.CERTIFIED_KEYPAIR.equals(infoboxReadRequest.getInfoboxIdentifier())) {
                this.log.debug("Handling certified keypair infobox.");
                certificate = this.card.getCertificate(SignatureCard.KeyboxName.CERTIFIED_KEYPAIR, new VerifyPINGUI(this.gui));
            } else {
                this.log.debug("Handling secure signature keypair infobox.");
                certificate = this.card.getCertificate(SignatureCard.KeyboxName.SECURE_SIGNATURE_KEYPAIR, new VerifyPINGUI(this.gui));
            }
            if (certificate == null) {
                return errorResponse(6001, "Could not get certificate", null);
            }
            try {
                ((X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(certificate))).checkValidity();
                this.log.info("signing certificate is valid");
            } catch (CertificateExpiredException e2) {
                this.log.warn("signing certificate has expired!");
                this.gui.showWarningDialog(BKUGUIFacade.WARNING_CERT_EXPIRED, null, this, null);
                waitForAction();
            } catch (CertificateNotYetValidException e3) {
                this.log.warn("signing certificate is not yet valid!");
                this.gui.showWarningDialog(BKUGUIFacade.WARNING_CERT_NOTYETVALID, null, this, null);
                waitForAction();
            } catch (CertificateException e4) {
                this.log.error("Certificate decoding failed:", (Throwable) e4);
            }
            InfoboxReadResponse infoboxReadResponse3 = new InfoboxReadResponse();
            infoboxReadResponse3.setInfoboxValue(certificate);
            return infoboxReadResponse3;
        } catch (CancelledException e5) {
            return errorResponse(6001, "User cancelled request.", e5);
        } catch (LockedException e6) {
            this.log.info("Citizen card locked.", (Throwable) e6);
            this.gui.showErrorDialog(BKUGUIFacade.ERR_CARD_LOCKED, null, this, null);
            waitForAction();
            this.gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, BKUGUIFacade.MESSAGE_WAIT);
            return errorResponse(6001, "Citizen card locked.", e6);
        } catch (NotActivatedException e7) {
            this.log.info("Citizen card not activated.", (Throwable) e7);
            this.gui.showErrorDialog(BKUGUIFacade.ERR_CARD_NOTACTIVATED, null, this, null);
            waitForAction();
            this.gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, BKUGUIFacade.MESSAGE_WAIT);
            return errorResponse(6001, "Citizen card not activated.", e7);
        } catch (SignatureCardException e8) {
            return errorResponse(ErrorResponse.ERR_4000, "Error while reading infobox. ", e8);
        } catch (IllegalArgumentException e9) {
            return errorResponse(4002, "Infobox " + infoboxReadRequest.getInfoboxIdentifier() + " not supported.", e9);
        }
    }

    @Override // at.gv.egiz.bku.smccstal.SMCCSTALRequestHandler
    public boolean requireCard() {
        return true;
    }
}
