package com.logica.apps.ivs.client.manager;

import com.baltimore.jpkiplus.x509.JCRYPTO_X509CertRequest;
import com.baltimore.jpkiplus.x509.JCRYPTO_X509CertificateGenerator;
import com.baltimore.jpkiplus.x509.JCRYPTO_X509Extensions;
import com.baltimore.jpkiplus.x509.Name;
import com.baltimore.jpkiplus.x509.extensions.KeyUsage;
import com.baltimore.jpkiplus.x509.utils.Validity;
import com.logica.apps.ivs.client.devmgr.CAPIDeviceMgr;
import com.logica.apps.ivs.client.devmgr.PKCS11DeviceMgr;
import com.logica.apps.ivs.client.devmgr.PKCS12DeviceMgr;
import com.logica.apps.ivs.client.devmgr.SlotInfo;
import com.logica.apps.ivs.client.resource.PKIManagerResource;
import com.logica.apps.ivs.client.util.CryptoDeviceCache;
import com.logica.apps.ivs.client.util.StructCertInfo;
import com.logica.apps.ivs.client.util.StructCertInfoList;
import com.logica.asn1.ASN1Sequence;
import com.logica.asn1.DERInputStream;
import com.logica.asn1.DEROctetString;
import com.logica.asn1.pkcs.PKCSObjectIdentifiers;
import com.logica.asn1.x509.AlgorithmIdentifier;
import com.logica.asn1.x509.DigestInfo;
import com.logica.common.logging.LLogger;
import com.logica.common.logging.LLoggerFactory;
import com.logica.common.util.LUtils;
import com.logica.common.util.PropertyConfigResource;
import com.logica.security.device.BaltPFXAnyJCEDevice;
import com.logica.security.device.CAPIDevice;
import com.logica.security.device.CryptoDevException;
import com.logica.security.device.CryptoDevice;
import com.logica.security.device.PKCS11AnyJCEDevice;
import com.logica.security.device.PKCS11Device;
import com.logica.security.device.VirtualDevice;
import com.logica.security.pkcs11.exceptions.ckException;
import com.logica.security.pkcs11.exceptions.p11Exception;
import com.logica.security.pkcs_7.PKCS7Generator;
import com.logica.security.pkcs_7.asn1.IssuerAndSerialNumber;
import com.logica.security.util.Base64Coder;
import com.logica.security.util.X509Utils;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.Locale;

/* loaded from: input_file:com/logica/apps/ivs/client/manager/PKIManager.class */
public class PKIManager implements IPKIManager, PKIMgrConstants {
    private static final LLogger logger;
    protected static final boolean DEBUG_ON = true;
    protected static boolean FORCE_ONE_SIGNATURE;
    protected static PKIManagerResource resource;
    protected PKCS11DeviceMgr p11Manager;
    protected PKCS12DeviceMgr p12Manager;
    protected CAPIDeviceMgr capiManager;
    protected String activeReaderName;
    protected boolean bHasPinpad;
    static Class class$com$logica$apps$ivs$client$manager$PKIManager;
    protected int signingDeviceType = 0;
    protected StructCertInfo lastSigningDeviceInfo = null;
    protected CryptoDevice signingCryptoDevice = null;
    protected PKIMgrError lastError = new PKIMgrError();
    protected String locale = "cz";
    protected int dialogTimeout = 0;
    protected String dialogStyle = "corp";
    protected CryptoDeviceCache cipherDevices = new CryptoDeviceCache();
    protected String dllName = PKIMgrError.NO_ERROR_MESSAGE;
    protected int smartCardSlot = -1;
    protected String p12Root = PKIMgrError.NO_ERROR_MESSAGE;
    protected ISignCallback signCallback = null;
    protected boolean bReaderSettingsDetected = false;
    protected String signatureMode = PKIMgrConstants.SIGMODE_PKCS7;
    protected List<byte[]> batchSignDataList = new ArrayList();

    public PKIManager() {
        resource = PKIManagerResource.getInstance(Locale.getDefault().getCountry());
    }

    public PKIManager(String str) {
        resource = PKIManagerResource.getInstance(str);
        setLocale(str);
    }

    public String signLoginChallenge(String str, String str2) {
        try {
            byte[] signData = signData(Base64Coder.decode(str.getBytes("ISO-8859-1")), str2 != null ? Base64Coder.decode(str2.getBytes("ISO-8859-1")) : null);
            DEBUG_MSG("Login challenge signed.");
            return new String(Base64Coder.encode(signData), "ISO-8859-1");
        } catch (CryptoDevException e) {
            e.printStackTrace();
            this.lastError.setError(getCryptoDevErrorMessage(this.signingCryptoDevice, e, null), e.getErrorCode());
            handleCancelledEvent(e);
            return null;
        } catch (Exception e2) {
            e2.printStackTrace();
            this.lastError.setError(resource.getString("applet.error.login"));
            return null;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public String signDataBase64(String str) {
        try {
            if (str == null) {
                throw new NullPointerException("data cannot be null");
            }
            byte[] signData = signData(Base64Coder.decode(str.getBytes("ISO-8859-1")), null);
            DEBUG_MSG("Data signed.");
            return new String(Base64Coder.encode(signData), "ISO-8859-1");
        } catch (CryptoDevException e) {
            e.printStackTrace();
            this.lastError.setError(getCryptoDevErrorMessage(this.signingCryptoDevice, e, null), e.getErrorCode());
            handleCancelledEvent(e);
            return null;
        } catch (Exception e2) {
            e2.printStackTrace();
            this.lastError.setError(resource.getString("applet.error.login"));
            return null;
        }
    }

    private void handleCancelledEvent(CryptoDevException cryptoDevException) {
        if (cryptoDevException.getErrorCode() != 80) {
            logoutSigning();
        } else {
            logger.logApp(1, "Error code 0x50 - cancelled, not logging off.", null);
        }
    }

    public String[] signFinal(String str) {
        try {
            try {
                if (this.batchSignDataList == null) {
                    throw new NullPointerException("batchSignDataList cannot be null");
                }
                logger.logApp(2, "signFinal started.", null);
                if (str != null && str.length() > 0) {
                    logger.logApp(2, "Data is not null - adding the last data to the cached list.", null);
                    this.batchSignDataList.add(Base64Coder.decode(str.getBytes("ISO-8859-1")));
                }
                if (this.batchSignDataList.size() == 0) {
                    throw new IllegalStateException("batchSignDataList is empty, nothing to sign.");
                }
                String[] strArr = new String[this.batchSignDataList.size()];
                logger.logApp(2, "Processing the batch data signature", null);
                byte[] generateBatchInputBuffer = generateBatchInputBuffer(this.batchSignDataList);
                if (isWYSIWYSSetup()) {
                    logger.logApp(2, "signFinal (batch mode) with PKCS11Device in WYSIWYS mode - applying the custom CP+ batch signature.", null);
                    ((PKCS11Device) this.signingCryptoDevice).setBatchOper(true);
                    List<byte[]> parseBatchOutputBuffer = parseBatchOutputBuffer(this.signingCryptoDevice.signData(generateBatchInputBuffer, PKCS11Device.SHAWITHRSA_OID));
                    for (int i = 0; i < parseBatchOutputBuffer.size(); i++) {
                        byte[] bArr = parseBatchOutputBuffer.get(i);
                        PKCS7Generator pKCS7Generator = new PKCS7Generator(this.signingCryptoDevice);
                        pKCS7Generator.setSignatureAlgorithm(PKIMGR_SIGNATURE_ALG);
                        pKCS7Generator.setStyle(1);
                        pKCS7Generator.setCertChainMode(false);
                        pKCS7Generator.resetSignedAttributes();
                        pKCS7Generator.setPrecomputedSignature(bArr);
                        strArr[i] = new String(Base64Coder.encode(pKCS7Generator.getSignedMessage(this.batchSignDataList.get(i), false)), "ISO-8859-1");
                    }
                } else {
                    for (int i2 = 0; i2 < this.batchSignDataList.size(); i2++) {
                        logger.logApp(2, "signFinal (batch mode) with PKCS12 device (or PKCS11 non-WYSIWYS) - applying the standard signature.", null);
                        strArr[i2] = new String(Base64Coder.encode(signDataFlexibly(this.batchSignDataList.get(i2), false, null)), "ISO-8859-1");
                    }
                }
                clearSignTransCache();
                return strArr;
            } catch (CryptoDevException e) {
                e.printStackTrace();
                this.lastError.setError(getCryptoDevErrorMessage(this.signingCryptoDevice, e, null), e.getErrorCode());
                handleCancelledEvent(e);
                clearSignTransCache();
                return null;
            } catch (Exception e2) {
                e2.printStackTrace();
                this.lastError.setError(resource.getString("applet.error.login"));
                clearSignTransCache();
                return null;
            }
        } catch (Throwable th) {
            clearSignTransCache();
            throw th;
        }
    }

    public void clearSignTransCache() {
        logger.logApp(1, "Signature cache cleared", null);
        if (this.batchSignDataList != null) {
            this.batchSignDataList.clear();
        }
    }

    private static byte[] intToByteArray(int i) {
        return new byte[]{(byte) (i >>> 24), (byte) (i >>> 16), (byte) (i >>> 8), (byte) i};
    }

    private static int byteArrayToInt(byte[] bArr) {
        return (bArr[0] << 24) + ((bArr[1] & 255) << 16) + ((bArr[2] & 255) << 8) + (bArr[3] & 255);
    }

    protected byte[] generateBatchInputBuffer(List<byte[]> list) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(intToByteArray(list.size()));
        for (int i = 0; i < list.size(); i++) {
            byte[] bArr = list.get(i);
            byteArrayOutputStream.write(intToByteArray(bArr.length));
            byteArrayOutputStream.write(bArr);
        }
        byteArrayOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    protected List<byte[]> parseBatchOutputBuffer(byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        ArrayList arrayList = new ArrayList();
        byte[] bArr2 = new byte[4];
        if (byteArrayInputStream.read(bArr2, 0, 4) != 4) {
            throw new IllegalArgumentException("Unexpected data on input - read bytes' length != 4");
        }
        int byteArrayToInt = byteArrayToInt(bArr2);
        if (byteArrayToInt < 0) {
            throw new IllegalArgumentException("Unexpected data on input - noTrans < 0");
        }
        for (int i = 0; i < byteArrayToInt; i++) {
            byte[] bArr3 = new byte[4];
            if (byteArrayInputStream.read(bArr3, 0, 4) != 4) {
                throw new IllegalArgumentException("Unexpected data on input - read bytes' length != 4");
            }
            int byteArrayToInt2 = byteArrayToInt(bArr3);
            if (byteArrayToInt2 < 0) {
                throw new IllegalArgumentException("Unexpected data on input - nSingleSignatureLen < 0");
            }
            byte[] bArr4 = new byte[byteArrayToInt2];
            if (byteArrayInputStream.read(bArr4, 0, byteArrayToInt2) != byteArrayToInt2) {
                throw new IllegalArgumentException(String.format("Unexpected data on input - read bytes' length != %d", new Integer(byteArrayToInt2)));
            }
            arrayList.add(bArr4);
        }
        byteArrayInputStream.close();
        return arrayList;
    }

    public byte[] signData(byte[] bArr, byte[] bArr2) throws CryptoDevException, Exception {
        if (this.signatureMode.equals(PKIMgrConstants.SIGMODE_PKCS7)) {
            return signDataFlexibly(bArr, false, bArr2);
        }
        if (!this.signatureMode.equals(PKIMgrConstants.SIGMODE_BATCHTRANS)) {
            if (this.signatureMode.equals(PKIMgrConstants.SIGMODE_PDF)) {
                return signDigest(bArr);
            }
            throw new Exception(new StringBuffer().append("Unsupported signature format - ").append(this.signatureMode).toString());
        }
        if (this.batchSignDataList == null) {
            throw new NullPointerException("batchSignDataList cannot be null");
        }
        logger.logApp(2, "signData in the batch mode - storing data to a cached list.", null);
        this.batchSignDataList.add(bArr);
        return new StringBuffer().append("BATCH_").append(String.valueOf(this.batchSignDataList.size() - 1)).toString().getBytes();
    }

    private byte[] signDigest(byte[] bArr) throws Exception {
        DEBUG_MSG("Signing data in PDF mode");
        DERInputStream dERInputStream = new DERInputStream(new ByteArrayInputStream(bArr));
        ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(dERInputStream.readObject());
        dERInputStream.close();
        if (aSN1Sequence == null) {
            throw new NullPointerException("Could not parse input digest info");
        }
        DigestInfo digestInfo = DigestInfo.getInstance(aSN1Sequence);
        AlgorithmIdentifier algorithmId = digestInfo.getAlgorithmId();
        if (!algorithmId.getObjectId().getId().equals(PKIMGR_DIGEST_ALG)) {
            throw new IllegalArgumentException(new StringBuffer().append("Bad input digest algorithm. Required:").append(PKIMGR_DIGEST_ALG).append(", found:").append(algorithmId.getObjectId()).toString());
        }
        if (isWYSIWYSSetup()) {
            logger.logApp(1, "WYSIWYS in PDF mode - using CKM_RSA_PKCS mechanism.", null);
            ((PKCS11Device) this.signingCryptoDevice).setWysiwysMode(false);
        }
        PKCS7Generator pKCS7Generator = new PKCS7Generator(this.signingCryptoDevice);
        pKCS7Generator.setSignatureAlgorithm(PKIMGR_SIGNATURE_ALG);
        pKCS7Generator.setStyle(1);
        pKCS7Generator.setCertChainMode(false);
        pKCS7Generator.addSignedAttribute(PKCSObjectIdentifiers.pkcs_9_at_contentType, PKCSObjectIdentifiers.data);
        pKCS7Generator.addSignedAttribute(PKCSObjectIdentifiers.messageDigest, new DEROctetString(digestInfo.getDigest()));
        if (this.signCallback != null) {
            this.signCallback.setCustomAttributes(pKCS7Generator);
        }
        if (FORCE_ONE_SIGNATURE) {
            logoutSigning();
        }
        byte[] detachedSignedMessage = pKCS7Generator.getDetachedSignedMessage(false);
        if (isWYSIWYSSetup()) {
            logger.logApp(1, "WYSIWYS in PDF mode - returning WYSIWYS mechanism.", null);
            ((PKCS11Device) this.signingCryptoDevice).setWysiwysMode(true);
        }
        return detachedSignedMessage;
    }

    private byte[] signDataFlexibly(byte[] bArr, boolean z, byte[] bArr2) throws Exception {
        if (needLocateSigningDevice()) {
            throw new Exception(getStringFromResource("applet.error.loginFirst"));
        }
        PKCS7Generator pKCS7Generator = new PKCS7Generator(this.signingCryptoDevice);
        pKCS7Generator.setSignatureAlgorithm(PKIMGR_SIGNATURE_ALG);
        pKCS7Generator.setStyle(1);
        pKCS7Generator.setCertChainMode(false);
        if (this.signingCryptoDevice instanceof PKCS11Device) {
            ((PKCS11Device) this.signingCryptoDevice).setBatchOper(false);
        }
        if (this.signCallback != null) {
            this.signCallback.setCustomAttributes(pKCS7Generator);
        }
        if (isWYSIWYSEnabled()) {
            logger.logApp(1, "WYSIWYS enabled in - signDataFlexibly - explicitly removing signed attributes..", null);
            pKCS7Generator.resetSignedAttributes();
            if (bArr2 != null && isWYSIWYSSetup()) {
                logger.logApp(1, "WYSIWYS with the PIN policy - applying the policy param, using CKM_RSA_PKCS mechanism.", null);
                pKCS7Generator.setPinPolicyBytes(bArr2);
                ((PKCS11Device) this.signingCryptoDevice).setWysiwysMode(false);
            }
        }
        byte[] detachedSignedMessage = z ? pKCS7Generator.getDetachedSignedMessage(bArr, false) : pKCS7Generator.getSignedMessage(bArr, false);
        if (FORCE_ONE_SIGNATURE) {
            logoutSigning();
        }
        if (isWYSIWYSSetup()) {
            logger.logApp(1, "WYSIWYS with the PIN policy - returning WYSIWYS mechanism.", null);
            ((PKCS11Device) this.signingCryptoDevice).setWysiwysMode(true);
        }
        return detachedSignedMessage;
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public String signDetachedBase64(String str) {
        try {
            byte[] signDataFlexibly = signDataFlexibly(Base64Coder.decode(str.getBytes("ISO-8859-1")), true, null);
            DEBUG_MSG("Data signed.");
            return new String(Base64Coder.encode(signDataFlexibly), "ISO-8859-1");
        } catch (CryptoDevException e) {
            e.printStackTrace();
            this.lastError.setError(getCryptoDevErrorMessage(this.signingCryptoDevice, e, null), e.getErrorCode());
            handleCancelledEvent(e);
            return null;
        } catch (Exception e2) {
            e2.printStackTrace();
            this.lastError.setError(resource.getString("applet.error.login"));
            return null;
        }
    }

    public byte[] signDetached(byte[] bArr) throws Exception {
        return signDataFlexibly(bArr, true, null);
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean setSignatureMode(String str) {
        logger.logApp(2, new StringBuffer().append("setSignatureMode entered - ").append(str).toString(), null);
        if (str.equals(PKIMgrConstants.SIGMODE_PKCS7) || str.equals(PKIMgrConstants.SIGMODE_PDF) || str.equals(PKIMgrConstants.SIGMODE_BATCHTRANS)) {
            this.signatureMode = str;
            return true;
        }
        setErrorMesssage(getStringFromResource("applet.wrong.signmode"));
        return false;
    }

    public byte[] digestData(byte[] bArr) throws Exception {
        PKCS7Generator pKCS7Generator = new PKCS7Generator(new VirtualDevice());
        pKCS7Generator.setOnlyDigestAlgorithm(PKIMGR_DIGEST_ALG);
        pKCS7Generator.setStyle(1);
        return pKCS7Generator.getDigestedMessage(bArr, false);
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public String digestDataBase64(String str) {
        try {
            byte[] digestData = digestData(Base64Coder.decode(str.getBytes("ISO-8859-1")));
            DEBUG_MSG("Data digested.");
            return new String(Base64Coder.encode(digestData), "ISO-8859-1");
        } catch (CryptoDevException e) {
            e.printStackTrace();
            this.lastError.setError(getCryptoDevErrorMessage(this.signingCryptoDevice, e, null), e.getErrorCode());
            return null;
        } catch (Exception e2) {
            e2.printStackTrace();
            this.lastError.setError(resource.getString("applet.error.login"));
            return null;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public void setSignCallback(ISignCallback iSignCallback) {
        this.signCallback = iSignCallback;
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public StructCertInfoList getPKCS12Certificates(String str, boolean z) {
        try {
            StructCertInfoList listPKCS12Certificates = listPKCS12Certificates(str, z, false);
            if (listPKCS12Certificates == null) {
                throw new Exception(resource.getParamString("applet.list.cert.pkcs12", str));
            }
            listPKCS12Certificates.sort();
            this.p12Root = getPath(str);
            return listPKCS12Certificates;
        } catch (Exception e) {
            e.printStackTrace();
            this.lastError.setError(e.getMessage());
            return null;
        }
    }

    protected StructCertInfoList listPKCS12Certificates(String str, boolean z, boolean z2) throws Exception {
        DEBUG_MSG("listPKCS12Certificates -> Creating a new instance of PKCS12DeviceMgr");
        instantiateP12DevMgr();
        this.p12Manager.open(str, z2);
        try {
            StructCertInfoList listCertificates = this.p12Manager.listCertificates(z);
            this.p12Manager.close();
            return listCertificates;
        } catch (Throwable th) {
            this.p12Manager.close();
            throw th;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public StructCertInfoList getPKCS11Certificates(String str, String str2, boolean z) {
        try {
            if (str == null) {
                throw new Exception(resource.getParamString("applet.error.dllnotfound", str));
            }
            if (!this.bReaderSettingsDetected) {
                doDetectReaderSettings(str);
            }
            if (this.smartCardSlot == -1) {
                throw new Exception(resource.getString("applet.error.nocard"));
            }
            DEBUG_MSG(new StringBuffer().append("Will open slot ").append(this.smartCardSlot).toString());
            StructCertInfoList listPKCS11Certificates = listPKCS11Certificates(str, this.smartCardSlot, z);
            if (listPKCS11Certificates == null) {
                throw new Exception(resource.getParamString("applet.list.cert.pkcs11", new Integer(this.smartCardSlot)));
            }
            listPKCS11Certificates.sort();
            return listPKCS11Certificates;
        } catch (Exception e) {
            logger.logApp(3, "getPKCS11Certificates failed", e);
            resetReaderDetectStatus();
            if ((e instanceof ckException) || (e instanceof p11Exception)) {
                this.lastError.setError(resource.getString("applet.error.login.pkcs11.general"));
                return null;
            }
            this.lastError.setError(e.getMessage());
            return null;
        }
    }

    protected StructCertInfoList listPKCS11Certificates(String str, int i, boolean z) throws Exception {
        if (this.p11Manager == null) {
            DEBUG_MSG(new StringBuffer().append("listPKCS11Certificates -> Creating a new instance of PKCS11DeviceMgr using ").append(str).append(PKIMgrConstants.PKIMGR_CAPI_PARAMS_DELIMITER).append(i).toString());
            instantiateP11DevMgr(str);
            this.p11Manager.open(i, null);
        } else {
            DEBUG_MSG("listPKCS11Certificates -> Using a cached instance of PKCS11DeviceMgr.");
        }
        return this.p11Manager.listCertificates(z);
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public StructCertInfoList getCAPIRegisteredCertificates(boolean z, boolean z2) {
        try {
            StructCertInfoList listCAPIRegisteredCertificates = listCAPIRegisteredCertificates(z, z2);
            if (listCAPIRegisteredCertificates == null) {
                throw new Exception(resource.getString("applet.list.cert.capi"));
            }
            listCAPIRegisteredCertificates.sort();
            return listCAPIRegisteredCertificates;
        } catch (Exception e) {
            e.printStackTrace();
            this.lastError.setError(e.getMessage());
            return null;
        }
    }

    protected StructCertInfoList listCAPIRegisteredCertificates(boolean z, boolean z2) throws Exception {
        DEBUG_MSG("listCAPIRegisteredCertificates -> Creating a new instance of CAPIDeviceMgr");
        instantiateCapiDevMgr(z);
        this.capiManager.open();
        try {
            StructCertInfoList listCertificates = this.capiManager.listCertificates(z2);
            this.capiManager.close();
            return listCertificates;
        } catch (Throwable th) {
            this.capiManager.close();
            throw th;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean loginSigning(String str, String str2) {
        try {
            DEBUG_MSG(new StringBuffer().append("Login to signing - ").append(str).toString());
            switch (this.signingDeviceType) {
                case 0:
                    throw new Exception("You did not log in signing device. Call LoginSigning+ first.");
                case 1:
                    return loginSigningPKCS12(str, str2);
                case 2:
                    return loginSigningPKCS11(str, this.dllName, String.valueOf(this.smartCardSlot), str2);
                case 3:
                    return loginSigningCAPI(str, str2);
                default:
                    throw new Exception(new StringBuffer().append("unknown signing device type - ").append(this.signingDeviceType).toString());
            }
        } catch (Exception e) {
            e.printStackTrace();
            this.lastError.setError(e.getMessage());
            return false;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean loginSigningPKCS12(String str, String str2) {
        if (isLoggedInSigning()) {
            logoutSigning();
        }
        try {
            BaltPFXAnyJCEDevice baltPFXAnyJCEDevice = new BaltPFXAnyJCEDevice();
            baltPFXAnyJCEDevice.setVaultInfo(str, str2);
            this.signingCryptoDevice = baltPFXAnyJCEDevice;
            this.lastSigningDeviceInfo = new StructCertInfo(this.signingCryptoDevice.getCert(), str);
            System.out.println("- Logged in to signing device.");
            this.signingDeviceType = 1;
            return true;
        } catch (CryptoDevException e) {
            e.printStackTrace();
            this.lastError.setError(resource.getString("applet.error.login.signing.pkcs12"), e.getErrorCode());
            return false;
        } catch (Exception e2) {
            e2.printStackTrace();
            this.lastError.setError(resource.getString("applet.error.login.signing.pkcs12"));
            return false;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean loginSigningPKCS11(String str, String str2, String str3, String str4) {
        if (isLoggedInSigning()) {
            logoutSigning();
        }
        try {
            if (str2 == null) {
                throw new Exception(resource.getParamString("applet.error.dllnotfound", str2));
            }
            PKCS11AnyJCEDevice pKCS11AnyJCEDevice = new PKCS11AnyJCEDevice();
            pKCS11AnyJCEDevice.setCryptoPlusSupport(true);
            pKCS11AnyJCEDevice.setSecurityProvider(PKIMgrConstants.PKIMGR_SECURITY_PROVIDER);
            pKCS11AnyJCEDevice.setLocale(this.locale);
            pKCS11AnyJCEDevice.setDlgTimeout(this.dialogTimeout);
            pKCS11AnyJCEDevice.setDlgStyle(this.dialogStyle);
            pKCS11AnyJCEDevice.setVaultInfoByLabel(str2, str4, Integer.parseInt(str3), str);
            if (isWYSIWYSEnabled()) {
                pKCS11AnyJCEDevice.setConfirmPIN(true);
                pKCS11AnyJCEDevice.setWysiwysMode(true);
            } else {
                pKCS11AnyJCEDevice.setConfirmPIN(false);
                pKCS11AnyJCEDevice.setWysiwysMode(false);
            }
            pKCS11AnyJCEDevice.setBatchOper(false);
            this.signingCryptoDevice = pKCS11AnyJCEDevice;
            this.lastSigningDeviceInfo = new StructCertInfo(this.signingCryptoDevice.getCert(), str);
            System.out.println("- Logged in to signing device.");
            this.signingDeviceType = 2;
            return true;
        } catch (CryptoDevException e) {
            logger.logApp(3, "loginSigningPKCS11(label,dll,slot,pin) failed", e);
            resetReaderDetectStatus();
            this.lastError.setError(getCryptoDevErrorMessage(new PKCS11AnyJCEDevice(), e, "applet.error.login.signing.pkcs11"), e.getErrorCode());
            return false;
        } catch (Exception e2) {
            logger.logApp(3, "loginSigningPKCS11(label,dll,slot,pin) failed", e2);
            resetReaderDetectStatus();
            this.lastError.setError(resource.getString("applet.error.login.signing.pkcs11"));
            return false;
        }
    }

    protected boolean isWYSIWYSEnabled() {
        Class cls;
        logger.logApp(1, "Checking the WYSIWYS settings.", null);
        try {
            if (class$com$logica$apps$ivs$client$manager$PKIManager == null) {
                cls = class$("com.logica.apps.ivs.client.manager.PKIManager");
                class$com$logica$apps$ivs$client$manager$PKIManager = cls;
            } else {
                cls = class$com$logica$apps$ivs$client$manager$PKIManager;
            }
            InputStream resourceAsStream = cls.getClassLoader().getResourceAsStream("smardcardSettings.properties");
            if (resourceAsStream == null) {
                logger.logApp(1, "smardcardSettings.properties not found, default is ENABLED", null);
                return true;
            }
            logger.logApp(1, "smardcardSettings.properties found, checking content..", null);
            boolean z = new PropertyConfigResource(resourceAsStream).getBoolean("wysiwys.mode", true);
            resourceAsStream.close();
            LLogger lLogger = logger;
            Object[] objArr = new Object[1];
            objArr[0] = z ? "ENABLED" : "DISABLED";
            lLogger.logApp(1, String.format("WYSIWYS mode config: %s.", objArr), null);
            return z;
        } catch (Exception e) {
            logger.logApp(3, "Failed to load smardcardSettings.properties, default is ENABLED", e);
            return true;
        }
    }

    private boolean isWYSIWYSSetup() {
        return (this.signingCryptoDevice instanceof PKCS11Device) && ((PKCS11Device) this.signingCryptoDevice).isConfirmPIN();
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean loginSigningCAPI(String str, String str2) {
        if (isLoggedInSigning()) {
            logoutSigning();
        }
        try {
            CAPIDevice cAPIDevice = new CAPIDevice();
            String substring = str.substring(0, str.indexOf(PKIMgrConstants.PKIMGR_CAPI_PARAMS_DELIMITER));
            String substring2 = str.substring(str.indexOf(PKIMgrConstants.PKIMGR_CAPI_PARAMS_DELIMITER) + 1);
            cAPIDevice.setVaultInfo(substring, substring2);
            this.signingCryptoDevice = cAPIDevice;
            this.lastSigningDeviceInfo = new StructCertInfo(this.signingCryptoDevice.getCert(), new StringBuffer().append(substring).append(PKIMgrConstants.PKIMGR_CAPI_PARAMS_DELIMITER).append(substring2).toString());
            System.out.println("- Logged in to signing device.");
            this.signingDeviceType = 3;
            return true;
        } catch (CryptoDevException e) {
            e.printStackTrace();
            this.lastError.setError(resource.getString("applet.error.login.signing.capi"), e.getErrorCode());
            return false;
        } catch (Exception e2) {
            e2.printStackTrace();
            this.lastError.setError(resource.getString("applet.error.login.signing.capi"));
            return false;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean loginCipher(String str, String str2) {
        try {
            switch (this.signingDeviceType) {
                case 0:
                    throw new Exception("You did not log in signing device. Call LoginSigning* first.");
                case 1:
                    return loginCipherPKCS12(str, str2);
                case 2:
                    return loginCipherPKCS11(str, this.dllName, String.valueOf(this.smartCardSlot), str2);
                default:
                    throw new Exception(new StringBuffer().append("unknown signing device type - ").append(this.signingDeviceType).append(". Unable to find CipherDevice.").toString());
            }
        } catch (Exception e) {
            e.printStackTrace();
            this.lastError.setError(e.getMessage());
            return false;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean loginCipherPKCS12(String str, String str2) {
        try {
            BaltPFXAnyJCEDevice baltPFXAnyJCEDevice = new BaltPFXAnyJCEDevice();
            baltPFXAnyJCEDevice.setVaultInfo(str, str2);
            this.cipherDevices.addCryptoDevice(PKIMgrUtils.getUniqCertID(baltPFXAnyJCEDevice.getCert()), baltPFXAnyJCEDevice);
            System.out.println("- Logged in to cipher device.");
            return true;
        } catch (CryptoDevException e) {
            e.printStackTrace();
            this.lastError.setError(resource.getString("applet.error.login.cipher.pkcs12"), e.getErrorCode());
            return false;
        } catch (Exception e2) {
            e2.printStackTrace();
            this.lastError.setError(resource.getString("applet.error.login.cipher.pkcs12"));
            return false;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean loginCipherPKCS11(String str, String str2, String str3, String str4) {
        try {
            PKCS11AnyJCEDevice pKCS11AnyJCEDevice = new PKCS11AnyJCEDevice();
            pKCS11AnyJCEDevice.setCryptoPlusSupport(true);
            pKCS11AnyJCEDevice.setSecurityProvider(PKIMgrConstants.PKIMGR_SECURITY_PROVIDER);
            pKCS11AnyJCEDevice.setVaultInfoByLabel(str2, str4, Integer.parseInt(str3), str);
            this.cipherDevices.addCryptoDevice(PKIMgrUtils.getUniqCertID(pKCS11AnyJCEDevice.getCert()), pKCS11AnyJCEDevice);
            System.out.println("- Logged in to cipher device.");
            return true;
        } catch (CryptoDevException e) {
            logger.logApp(3, "loginCipherPKCS11 failed", e);
            resetReaderDetectStatus();
            this.lastError.setError(resource.getString("applet.error.login.cipher.pkcs11"), e.getErrorCode());
            return false;
        } catch (Exception e2) {
            logger.logApp(3, "loginCipherPKCS11 failed", e2);
            resetReaderDetectStatus();
            this.lastError.setError(resource.getString("applet.error.login.cipher.pkcs11"));
            return false;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean isLoggedInSigning() {
        return (needLocateSigningDevice() && this.signingDeviceType == 0) ? false : true;
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean isLoggedInCipher() {
        return (needLocateCipherDevice() && this.cipherDevices.isEmpty()) ? false : true;
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean logout() {
        try {
            if (this.p11Manager != null) {
                this.p11Manager.close();
                System.out.println("- Logged out from PKCS11DeviceMgr.");
                this.p11Manager = null;
                this.bReaderSettingsDetected = false;
            }
        } catch (Exception e) {
            System.out.println("WARNING - failed to logout from the PKCS11DeviceMgr.");
            e.printStackTrace();
            this.p11Manager = null;
        }
        boolean z = logoutCipher() && logoutSigning();
        if (z) {
            this.signingDeviceType = 0;
        }
        return z;
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean logoutSigning() {
        try {
            try {
                if (this.signingCryptoDevice != null) {
                    this.signingCryptoDevice.close();
                    System.out.println("- Logged out from signing device.");
                }
                this.signingCryptoDevice = null;
                this.signingDeviceType = 0;
                return true;
            } catch (CryptoDevException e) {
                e.printStackTrace();
                this.lastError.setError(e.getMessage(), e.getErrorCode());
                this.signingCryptoDevice = null;
                this.signingDeviceType = 0;
                return false;
            } catch (Exception e2) {
                e2.printStackTrace();
                this.lastError.setError(e2.getMessage());
                this.signingCryptoDevice = null;
                this.signingDeviceType = 0;
                return false;
            }
        } catch (Throwable th) {
            this.signingCryptoDevice = null;
            this.signingDeviceType = 0;
            throw th;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean logoutCipher() {
        try {
            if (!isLoggedInCipher() || this.cipherDevices.isEmpty()) {
                return true;
            }
            this.cipherDevices.invalidateAll();
            System.out.println("- Logged out from all cipher devices.");
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            this.lastError.setError(e.getMessage());
            return false;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public String getCardBlockedInfo(String str, int i) throws Exception {
        if (!this.bReaderSettingsDetected) {
            doDetectReaderSettings(str);
        }
        try {
            if (this.smartCardSlot == -1) {
                throw new CryptoDevException(resource.getString("applet.error.nocard"));
            }
            return String.valueOf(this.p11Manager.getCardBlockedInfo());
        } catch (Exception e) {
            logger.logApp(3, "getCardBlockedInfo failed", e);
            resetReaderDetectStatus();
            if (e instanceof CryptoDevException) {
                throw e;
            }
            throw new Exception(getStringFromResource("applet.error.login.pkcs11.general"));
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean isDeviceInstalled(String str) {
        try {
            try {
                if (!this.bReaderSettingsDetected) {
                    doDetectReaderSettings(str);
                }
                boolean isDeviceInstalled = this.p11Manager.isDeviceInstalled();
                cleanupP11Manager();
                return isDeviceInstalled;
            } catch (Exception e) {
                e.printStackTrace();
                this.lastError.setError(e.getMessage());
                cleanupP11Manager();
                return false;
            }
        } catch (Throwable th) {
            cleanupP11Manager();
            throw th;
        }
    }

    protected void cleanupP11Manager() {
        if (this.bReaderSettingsDetected || this.p11Manager == null) {
            return;
        }
        try {
            this.p11Manager.close();
        } catch (Exception e) {
            logger.logApp(3, "close() failed", e);
        }
        this.p11Manager = null;
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean hasPinpad() {
        try {
            try {
                if (!this.bReaderSettingsDetected) {
                    doDetectReaderSettings(this.dllName);
                }
                boolean z = this.bHasPinpad;
                cleanupP11Manager();
                return z;
            } catch (Exception e) {
                logger.logApp(3, "hasPinpad failed.", e);
                setErrorMesssage(getStringFromResource("applet.error.readerCommError"));
                cleanupP11Manager();
                return false;
            }
        } catch (Throwable th) {
            cleanupP11Manager();
            throw th;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean isSomeCardPresent(String str) {
        try {
            try {
                if (!this.bReaderSettingsDetected) {
                    doDetectReaderSettings(str);
                }
                if (this.smartCardSlot == -2) {
                    setError(getStringFromResource("applet.error.moreComplCards"), -2);
                    cleanupP11Manager();
                    return false;
                }
                boolean z = this.smartCardSlot != -1;
                cleanupP11Manager();
                return z;
            } catch (Exception e) {
                logger.logApp(3, "isSomeCardPresent failed.", e);
                setErrorMesssage(getStringFromResource("applet.error.readerCommError"));
                cleanupP11Manager();
                return false;
            }
        } catch (Throwable th) {
            cleanupP11Manager();
            throw th;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean needLocateSigningDevice() {
        return this.signingCryptoDevice == null;
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public StructCertInfo locateSigningDevice() {
        return this.lastSigningDeviceInfo;
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public boolean needLocateCipherDevice() {
        return !this.cipherDevices.isEmpty();
    }

    public CryptoDevice findCipherDeviceInCache(String str) {
        return this.cipherDevices.findCryptoDevice(str);
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public StructCertInfo locateCipherDevice(IssuerAndSerialNumber[] issuerAndSerialNumberArr) {
        StructCertInfoList listPKCS11Certificates;
        try {
            if (this.signingDeviceType == 1) {
                listPKCS11Certificates = listPKCS12Certificates(this.p12Root, false, true);
            } else {
                if (this.signingDeviceType != 2) {
                    throw new Exception(new StringBuffer().append("unknown signing device type - ").append(this.signingDeviceType).append(". Unable to find CipherDevice.").toString());
                }
                listPKCS11Certificates = listPKCS11Certificates(this.dllName, this.smartCardSlot, false);
            }
            StructCertInfo structCertInfo = null;
            if (issuerAndSerialNumberArr != null) {
                for (IssuerAndSerialNumber issuerAndSerialNumber : issuerAndSerialNumberArr) {
                    structCertInfo = locateCipherCert(listPKCS11Certificates, issuerAndSerialNumber);
                }
            }
            if (structCertInfo == null) {
                throw new Exception(resource.getString("applet.error.cipher.notfound"));
            }
            return structCertInfo;
        } catch (Exception e) {
            e.printStackTrace();
            this.lastError.setError(e.getMessage());
            return null;
        }
    }

    protected StructCertInfo locateCipherCert(StructCertInfoList structCertInfoList, IssuerAndSerialNumber issuerAndSerialNumber) throws Exception {
        for (int i = 0; i < structCertInfoList.size(); i++) {
            X509Certificate baseCertificate = structCertInfoList.get(i).getBaseCertificate();
            if (issuerAndSerialNumber.toString().equals(PKIMgrUtils.getUniqCertID(baseCertificate)) && isSignAndCipherPair(this.lastSigningDeviceInfo.getBaseCertificate(), baseCertificate)) {
                return structCertInfoList.get(i);
            }
        }
        return null;
    }

    public boolean isSignAndCipherPair(X509Certificate x509Certificate, X509Certificate x509Certificate2) throws Exception {
        boolean[] keyUsage = x509Certificate2.getKeyUsage();
        boolean z = (1 != 0 && keyUsage == null) || keyUsage[2];
        String userUniqueId = getUserUniqueId(x509Certificate);
        String userUniqueId2 = getUserUniqueId(x509Certificate2);
        boolean z2 = z && userUniqueId != null && userUniqueId2 != null && userUniqueId.equals(userUniqueId2);
        String subjectEmailAddress = X509Utils.getSubjectEmailAddress(x509Certificate);
        String subjectEmailAddress2 = X509Utils.getSubjectEmailAddress(x509Certificate2);
        return z2 && subjectEmailAddress != null && subjectEmailAddress2 != null && subjectEmailAddress.equals(subjectEmailAddress2);
    }

    protected String getUserUniqueId(X509Certificate x509Certificate) {
        throw new UnsupportedOperationException("must be overriden");
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public int getSmartCardSlot() {
        return this.smartCardSlot;
    }

    public String getCryptoplusVersion(String str) {
        try {
            try {
                logger.logApp(2, "getCryptoplusVersion called", null);
                if (!this.bReaderSettingsDetected) {
                    doDetectReaderSettings(str);
                }
                String cryptoplusVersion = this.p11Manager.getCryptoplusVersion();
                logger.logApp(2, String.format("Cryptoplus version: %s", cryptoplusVersion), null);
                cleanupP11Manager();
                return cryptoplusVersion;
            } catch (Exception e) {
                e.printStackTrace();
                this.lastError.setError(e.getMessage());
                cleanupP11Manager();
                return null;
            }
        } catch (Throwable th) {
            cleanupP11Manager();
            throw th;
        }
    }

    public String getCPHash(String str) {
        try {
            try {
                logger.logApp(2, "getCPHash called", null);
                MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
                messageDigest.update(LUtils.loadMessage(str));
                String hexString = LUtils.toHexString(messageDigest.digest());
                logger.logApp(2, String.format("cpHash: %s", hexString), null);
                cleanupP11Manager();
                return hexString;
            } catch (Exception e) {
                e.printStackTrace();
                this.lastError.setError(e.getMessage());
                cleanupP11Manager();
                return null;
            }
        } catch (Throwable th) {
            cleanupP11Manager();
            throw th;
        }
    }

    public CryptoDevice getSigningCryptoDevice() {
        return this.signingCryptoDevice;
    }

    public CryptoDeviceCache getCipherDevices() {
        return this.cipherDevices;
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public String getStringFromResource(String str) {
        if (str == null) {
            return null;
        }
        String string = resource.getString(str);
        if (string.equals(str)) {
            return null;
        }
        return string;
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public String getPath(String str) {
        try {
            File file = new File(PKIMgrUtils.toPathString(str));
            if (file.isDirectory()) {
                return file.getAbsolutePath();
            }
            if (file.isFile()) {
                return file.getParent();
            }
            throw new Exception(resource.getString("applet.error.path.notfound"));
        } catch (Exception e) {
            e.printStackTrace();
            this.lastError.setError(e.getMessage());
            return null;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public String formatCertInfo(StructCertInfo structCertInfo, int i) {
        try {
            if (structCertInfo == null) {
                throw new NullPointerException("info cannot null");
            }
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(structCertInfo.getCommonName());
            String str = PKIMgrError.NO_ERROR_MESSAGE;
            for (int i2 = 0; i2 < structCertInfo.getKeyUsage().length(); i2++) {
                if (structCertInfo.getKeyUsage().charAt(i2) == '1') {
                    str = new StringBuffer().append(str).append(resource.getString(new StringBuffer().append("applet.keyusagebit_").append(i2).toString())).append(" ").toString();
                }
            }
            if (str.length() > 0) {
                str = new StringBuffer().append("(").append(str.trim()).append(")").toString();
            }
            stringBuffer.append(" ");
            stringBuffer.append(str);
            int length = i - structCertInfo.getNotAfter().length();
            if (length > 0) {
                while (stringBuffer.length() < length) {
                    stringBuffer.append(" ");
                }
            }
            stringBuffer.append(structCertInfo.getNotAfter());
            return stringBuffer.toString();
        } catch (Exception e) {
            e.printStackTrace();
            this.lastError.setError(e.getMessage());
            return null;
        }
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public String getErrorMessage() {
        return this.lastError.getErrorMessage();
    }

    @Override // com.logica.apps.ivs.client.manager.IPKIManager
    public int getErrorCode() {
        return this.lastError.getErrorCode();
    }

    public void setErrorMesssage(String str) {
        this.lastError.setError(str);
    }

    public void setError(String str, int i) {
        this.lastError.setError(str, i);
    }

    public void setLocale(String str) {
        String lowerCase = str == null ? null : str.toLowerCase();
        resource = PKIManagerResource.getInstance(lowerCase);
        this.locale = lowerCase;
        if (this.signingCryptoDevice == null || !(this.signingCryptoDevice instanceof PKCS11Device)) {
            return;
        }
        ((PKCS11Device) this.signingCryptoDevice).setLocale(lowerCase);
    }

    public String getLocale() {
        return this.locale;
    }

    public void setDialogTimeout(int i) {
        this.dialogTimeout = i;
        if (this.signingCryptoDevice == null || !(this.signingCryptoDevice instanceof PKCS11Device)) {
            return;
        }
        ((PKCS11Device) this.signingCryptoDevice).setDlgTimeout(i);
    }

    public void setDialogStyle(String str) {
        this.dialogStyle = str;
        if (this.signingCryptoDevice == null || !(this.signingCryptoDevice instanceof PKCS11Device)) {
            return;
        }
        ((PKCS11Device) this.signingCryptoDevice).setDlgStyle(str);
    }

    protected void instantiateP11DevMgr(String str) {
        this.p11Manager = new PKCS11DeviceMgr(str);
        this.dllName = str;
    }

    protected void instantiateP12DevMgr() {
        this.p12Manager = new PKCS12DeviceMgr();
    }

    protected void instantiateCapiDevMgr(boolean z) {
        this.capiManager = new CAPIDeviceMgr(z);
    }

    protected final void DEBUG_MSG(String str) {
        System.out.println(new StringBuffer().append("[DEBUG]   ").append(str).toString());
    }

    public static String getCryptoDevErrorMessage(CryptoDevice cryptoDevice, CryptoDevException cryptoDevException, String str) {
        String message;
        if (cryptoDevice == null) {
            throw new NullPointerException("crypto device cannot be null");
        }
        if (cryptoDevException == null) {
            throw new NullPointerException("crypto device exception cannot be null");
        }
        if (cryptoDevice instanceof PKCS11Device) {
            String stringBuffer = new StringBuffer().append("applet.error.login.pkcs11.").append(String.valueOf(cryptoDevException.getErrorCode())).toString();
            String string = resource.getString(stringBuffer);
            if (string.equals(stringBuffer)) {
                string = resource.getString(str != null ? str : "applet.error.login.pkcs11.general");
            }
            message = string;
        } else {
            message = cryptoDevException.getMessage();
        }
        return message;
    }

    public void selfDiagnostics() throws Exception {
        DEBUG_MSG("PKIManager::selfDiagnostics() -> START");
        Class.forName("com.baltimore.jcrypto.provider.JCRYPTO");
        Class.forName("com.logica.security.pkcs_7.PKCS7Generator");
        Class.forName("com.logica.security.device.CryptoDevice");
        Class.forName("com.logica.security.devicemgr.PKCS11DeviceManager");
        Name name = new Name("CN=Test, OU=Test, O=Test, C=CZ");
        DEBUG_MSG(new StringBuffer().append(" Generating ").append(1024).append(" ").append("RSA").append(" bit keypair").toString());
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(1024, SecureRandom.getInstance("BBS"));
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        PrivateKey privateKey = generateKeyPair.getPrivate();
        JCRYPTO_X509CertRequest jCRYPTO_X509CertRequest = new JCRYPTO_X509CertRequest(name, generateKeyPair.getPublic());
        JCRYPTO_X509Extensions jCRYPTO_X509Extensions = new JCRYPTO_X509Extensions();
        jCRYPTO_X509Extensions.addExtension(new KeyUsage(new boolean[]{true, true, true, true, false, false, false, false, false}));
        for (int i = 0; i < jCRYPTO_X509Extensions.getNumberExtensions(); i++) {
            jCRYPTO_X509CertRequest.addExtension(jCRYPTO_X509Extensions.getExtension(i));
        }
        jCRYPTO_X509CertRequest.sign(privateKey);
        DEBUG_MSG("PKCS#10 request generated");
        X509Certificate sign = new JCRYPTO_X509CertificateGenerator(privateKey, name).sign(jCRYPTO_X509CertRequest, new Validity(1));
        DEBUG_MSG("Certificate generated");
        VirtualDevice virtualDevice = new VirtualDevice();
        virtualDevice.setSecurityProvider(PKIMgrConstants.PKIMGR_SECURITY_PROVIDER);
        virtualDevice.setCert(sign);
        virtualDevice.setPrivateKey(privateKey);
        this.signingCryptoDevice = virtualDevice;
        signData("test".getBytes(), null);
        logoutSigning();
        DEBUG_MSG("PKIManager::selfDiagnostics() -> SUCCESS");
    }

    protected void doDetectReaderSettings(String str) throws Exception {
        SlotInfo slotWithCard = PKCS11DeviceMgr.getSlotWithCard(str, -1);
        this.smartCardSlot = slotWithCard.getSlot();
        this.activeReaderName = slotWithCard.getReaderName();
        if (this.p11Manager == null) {
            DEBUG_MSG(new StringBuffer().append("detectReaderSettings -> Creating a new instance of PKCS11DeviceMgr using ").append(str).append(PKIMgrConstants.PKIMGR_CAPI_PARAMS_DELIMITER).append(this.smartCardSlot).toString());
            instantiateP11DevMgr(str);
            if (!slotWithCard.cardDetected()) {
                resetReaderDetectStatus();
                return;
            }
            try {
                this.p11Manager.open(this.smartCardSlot, null);
            } catch (Exception e) {
                logger.logApp(3, new StringBuffer().append("Complete settings detection failed, cannot open slot ").append(this.smartCardSlot).toString(), e);
                resetReaderDetectStatus();
                return;
            }
        } else {
            DEBUG_MSG("detectReaderSettings -> Using a cached instance of PKCS11DeviceMgr.");
        }
        this.bHasPinpad = this.p11Manager.hasPinpad();
        this.bReaderSettingsDetected = true;
    }

    protected void resetReaderDetectStatus() {
        logger.logApp(2, "Resetting the reader detection status.", null);
        this.bReaderSettingsDetected = false;
        if (this.smartCardSlot >= 0) {
            this.smartCardSlot = -1;
        }
        this.activeReaderName = null;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$logica$apps$ivs$client$manager$PKIManager == null) {
            cls = class$("com.logica.apps.ivs.client.manager.PKIManager");
            class$com$logica$apps$ivs$client$manager$PKIManager = cls;
        } else {
            cls = class$com$logica$apps$ivs$client$manager$PKIManager;
        }
        logger = LLoggerFactory.getLogger(cls);
        FORCE_ONE_SIGNATURE = false;
        resource = null;
    }
}
