package com.xone.android.dniemanager.card;

import android.text.TextUtils;
import com.xone.android.dniemanager.apdu.ExternalAuthenticateApduCommand;
import com.xone.android.dniemanager.apdu.GetChallengeApduCommand;
import com.xone.android.dniemanager.apdu.GetChipInfoApduCommand;
import com.xone.android.dniemanager.apdu.InternalAuthenticateApduCommand;
import com.xone.android.dniemanager.apdu.MseSetAuthenticationKeyApduCommand;
import com.xone.android.dniemanager.apdu.MseSetSignatureKeyApduCommand;
import com.xone.android.dniemanager.apdu.MseSetVerificationKeyApduCommand;
import com.xone.android.dniemanager.apdu.PsoSignHashApduCommand;
import com.xone.android.dniemanager.apdu.PsoVerifyCertificateApduCommand;
import com.xone.android.dniemanager.apdu.ReadBinaryApduCommand;
import com.xone.android.dniemanager.apdu.ResponseApdu;
import com.xone.android.dniemanager.apdu.SelectDfByNameApduCommand;
import com.xone.android.dniemanager.apdu.SelectFileByIdApduCommand;
import com.xone.android.dniemanager.apdu.StatusWord;
import com.xone.android.dniemanager.apdu.VerifyApduCommand;
import com.xone.android.dniemanager.asn1.CertificateDescriptorFile;
import com.xone.android.dniemanager.asn1.CertificateObject;
import com.xone.android.dniemanager.asn1.PrivateKeyDescriptorFile;
import com.xone.android.dniemanager.asn1.PrivateKeyObject;
import com.xone.android.dniemanager.connections.DnieNfcConnection;
import com.xone.android.dniemanager.connections.SecureApduConnection;
import com.xone.android.dniemanager.data.DG1;
import com.xone.android.dniemanager.data.DG11;
import com.xone.android.dniemanager.data.DG13;
import com.xone.android.dniemanager.data.DG2;
import com.xone.android.dniemanager.data.DG7;
import com.xone.android.dniemanager.data.Efcom;
import com.xone.android.dniemanager.exceptions.ApduConnectionException;
import com.xone.android.dniemanager.exceptions.AuthenticationModeLockedException;
import com.xone.android.dniemanager.exceptions.DnieException;
import com.xone.android.dniemanager.exceptions.InvalidDniePasswordException;
import com.xone.android.dniemanager.exceptions.SecureChannelException;
import com.xone.android.dniemanager.exceptions.SmartCardFileNotFoundException;
import com.xone.android.dniemanager.interfaces.ApduConnection;
import com.xone.android.dniemanager.provider.DniePrivateKey;
import com.xone.android.dniemanager.tools.CryptoHelper;
import com.xone.android.dniemanager.tools.DnieConstants;
import com.xone.android.dniemanager.tools.DnieTools;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.Key;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

/* loaded from: classes2.dex */
public final class Dnie {
    private static final byte ERROR_PIN_SW1 = 99;
    private X509Certificate authenticationCertificate;
    private DniePrivateKey authenticationPrivateKey;
    private RSAPublicKey authenticationPublicKey;
    private boolean bRequiresNewPinChannel;
    private boolean bUserChannel;
    private CertificateDescriptorFile certificateDescriptorFile;
    private ApduConnection connection;
    private DG1 dg1;
    private DG11 dg11;
    private DG13 dg13;
    private DG2 dg2;
    private DG7 dg7;
    private X509Certificate dgpCaCertificate;
    private X509Certificate dgpCaCertificateIcc;
    private Efcom efcom;
    private PrivateKeyDescriptorFile privateKeyDescriptorFile;
    private String sPassword;
    private X509Certificate signatureCertificate;
    private DniePrivateKey signaturePrivateKey;
    private RSAPublicKey signaturePublicKey;

    /* renamed from: com.xone.android.dniemanager.card.Dnie$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$xone$android$dniemanager$card$DataGroup;

        static {
            int[] iArr = new int[DataGroup.values().length];
            $SwitchMap$com$xone$android$dniemanager$card$DataGroup = iArr;
            try {
                iArr[DataGroup.DataGroup1.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$xone$android$dniemanager$card$DataGroup[DataGroup.DataGroup2.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$com$xone$android$dniemanager$card$DataGroup[DataGroup.DataGroup7.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                $SwitchMap$com$xone$android$dniemanager$card$DataGroup[DataGroup.DataGroup11.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                $SwitchMap$com$xone$android$dniemanager$card$DataGroup[DataGroup.DataGroup13.ordinal()] = 5;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                $SwitchMap$com$xone$android$dniemanager$card$DataGroup[DataGroup.DataGroup14.ordinal()] = 6;
            } catch (NoSuchFieldError unused6) {
            }
        }
    }

    public Dnie(ApduConnection apduConnection) {
        this.connection = apduConnection;
        selectMasterFile();
        try {
            loadCertificateDescriptorFile();
        } catch (SmartCardFileNotFoundException unused) {
            DnieTools.DebugLog("Certificate descriptor file not found");
        }
        try {
            loadPrivateKeyDescriptorFile();
        } catch (SmartCardFileNotFoundException unused2) {
            DnieTools.DebugLog("Private key descriptor file not found");
        }
    }

    private void doPasswordCheck() {
        if (TextUtils.isEmpty(this.sPassword)) {
            return;
        }
        StatusWord statusWord = getConnection().sendSecure(new VerifyApduCommand((byte) 0, this.sPassword)).getStatusWord();
        byte msb = statusWord.getMsb();
        byte lsb = statusWord.getLsb();
        if (msb == 99) {
            this.sPassword = null;
            throw new InvalidDniePasswordException(Math.abs((-64) - lsb));
        }
        if (msb == 105 && lsb == -125) {
            throw new AuthenticationModeLockedException();
        }
    }

    private void establishPinChannel() {
        if (isSecureConnection() || this.bUserChannel) {
            selectMasterFile();
            this.connection = new SecureApduConnection(this, this.connection);
            this.bRequiresNewPinChannel = false;
            this.bUserChannel = false;
        }
        doPasswordCheck();
        establishUserChannel();
    }

    private void establishUserChannel() {
        if (isUserChannelClosed()) {
            selectMasterFile();
            this.connection = new SecureApduConnection(this, this.connection);
            this.bUserChannel = true;
        }
    }

    private ApduConnection getConnection() {
        return this.connection;
    }

    private DnieNfcConnection getMrtdConnection() {
        return (DnieNfcConnection) this.connection;
    }

    private RSAPublicKey getRsaPublicKey(X509Certificate x509Certificate) {
        PublicKey publicKey = x509Certificate.getPublicKey();
        if (publicKey instanceof RSAPublicKey) {
            return (RSAPublicKey) publicKey;
        }
        if (publicKey == null) {
            throw new IllegalStateException("Cannot extract public key from certificate");
        }
        throw new UnsupportedOperationException("Extracted public key is not an instance of RSAPublicKey, received object type: " + publicKey.getClass().getName());
    }

    private boolean isSecureConnection() {
        return !(this.connection instanceof SecureApduConnection);
    }

    private boolean isUserChannelClosed() {
        return !this.bUserChannel;
    }

    private void loadAuthenticationCertificateAndKeys() {
        X509Certificate x509Certificate = this.authenticationCertificate;
        if (x509Certificate == null || this.privateKeyDescriptorFile == null) {
            throw new UnsupportedOperationException("Authentication certificate not supported on this card");
        }
        X509Certificate loadCertificate = loadCertificate(x509Certificate);
        this.authenticationCertificate = loadCertificate;
        this.authenticationPublicKey = getRsaPublicKey(loadCertificate);
        this.authenticationPrivateKey = new DniePrivateKey(this, DnieConstants.ALIAS_AUTHENTICATION_PRIVATE_KEY, this.privateKeyDescriptorFile.getKey(DnieConstants.ALIAS_AUTHENTICATION_PRIVATE_KEY).getKeyPath(), this.authenticationPublicKey.getModulus());
    }

    private X509Certificate loadCertificate(X509Certificate x509Certificate) {
        if (!(x509Certificate instanceof FakeX509Certificate)) {
            return x509Certificate;
        }
        if (x509Certificate == null) {
            throw new IllegalStateException("Certificate reference object is null");
        }
        Location path = ((FakeX509Certificate) x509Certificate).getPath();
        if (!isUserChannelClosed()) {
            return (X509Certificate) CryptoHelper.generateCertificate(readCompressedFile(path));
        }
        selectMasterFile();
        this.connection = new SecureApduConnection(this, this.connection);
        this.bUserChannel = false;
        doPasswordCheck();
        establishUserChannel();
        return (X509Certificate) CryptoHelper.generateCertificate(readCompressedFile(path));
    }

    private void loadCertificateDescriptorFile() {
        CertificateDescriptorFile certificateDescriptorFile = new CertificateDescriptorFile(readFile(DnieConstants.CDF_LOCATION));
        this.certificateDescriptorFile = certificateDescriptorFile;
        CertificateObject certificate = certificateDescriptorFile.getCertificate(DnieConstants.ALIAS_AUTHENTICATION_CERTIFICATE);
        CertificateObject certificate2 = this.certificateDescriptorFile.getCertificate(DnieConstants.ALIAS_SIGNATURE_CERTIFICATE);
        CertificateObject certificate3 = this.certificateDescriptorFile.getCertificate(DnieConstants.ALIAS_INTERMEDIATE_CA_CERTIFICATE);
        this.authenticationCertificate = new FakeX509Certificate(DnieConstants.ALIAS_AUTHENTICATION_CERTIFICATE, certificate);
        this.signatureCertificate = new FakeX509Certificate(DnieConstants.ALIAS_SIGNATURE_CERTIFICATE, certificate2);
        this.dgpCaCertificate = (X509Certificate) CryptoHelper.generateCertificate(readCompressedFile(certificate3.getPath()));
    }

    private void loadPrivateKeyDescriptorFile() {
        this.privateKeyDescriptorFile = new PrivateKeyDescriptorFile(readFile(DnieConstants.PRKDF_LOCATION));
    }

    private void loadSignatureCertificateAndKeys() {
        X509Certificate x509Certificate = this.signatureCertificate;
        if (x509Certificate == null || this.privateKeyDescriptorFile == null) {
            throw new UnsupportedOperationException("Signature certificate not supported on this card");
        }
        X509Certificate loadCertificate = loadCertificate(x509Certificate);
        this.signatureCertificate = loadCertificate;
        this.signaturePublicKey = getRsaPublicKey(loadCertificate);
        this.signaturePrivateKey = new DniePrivateKey(this, DnieConstants.ALIAS_SIGNATURE_PRIVATE_KEY, this.privateKeyDescriptorFile.getKey(DnieConstants.ALIAS_SIGNATURE_PRIVATE_KEY).getKeyPath(), this.signaturePublicKey.getModulus());
    }

    private ResponseApdu readBinary(byte b, byte b2, byte b3) {
        ResponseApdu sendSecure = getConnection().sendSecure(new ReadBinaryApduCommand((byte) 0, b, b2, b3));
        if (sendSecure.isOk()) {
            return sendSecure;
        }
        throw new ApduConnectionException("Respuesta inválida en la lectura de binario con el código", sendSecure);
    }

    private byte[] readBinaryDataCompressed(int i) {
        ResponseApdu readBinary;
        readBinary((byte) 0, (byte) 0, (byte) 4);
        byte[] dataCopy = readBinary((byte) 0, (byte) 4, (byte) 4).getDataCopy();
        int i2 = (((dataCopy[3] & 255) << 24) | (dataCopy[0] & 255) | ((dataCopy[1] & 255) << 8) | ((dataCopy[2] & 255) << 16)) + 8;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int i3 = 0;
        byte b = 0;
        byte b2 = 0;
        int i4 = 0;
        while (i3 < i2 && i2 < i) {
            int i5 = i2 - i3;
            if (i5 < 239) {
                try {
                    readBinary = readBinary(b, b2, (byte) i5);
                    i3 += i5;
                    i4 += i5;
                } finally {
                    DnieTools.closeSafely(byteArrayOutputStream);
                }
            } else {
                readBinary = readBinary(b, b2, (byte) -17);
                i3 += 239;
                i4 += 239;
            }
            if (!readBinary.isOk()) {
                return readBinary.getStatusWord().getBytes();
            }
            byte[] dataCopy2 = readBinary.getDataCopy();
            byteArrayOutputStream.write(dataCopy2, 0, dataCopy2.length);
            b = (byte) (i4 >> 8);
            b2 = (byte) (i4 & 255);
        }
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] readBinaryDataTlv(int i) {
        ResponseApdu readBinary;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int i2 = 0;
        byte b = 0;
        byte b2 = 0;
        while (i2 < i) {
            try {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(readBinary(b, b2, (byte) 4).getDataCopy());
                if (((byte) byteArrayInputStream.read()) != 48) {
                    break;
                }
                int i3 = 2;
                int read = byteArrayInputStream.read() & 255;
                if (!(read == 128) && read >= 128) {
                    int i4 = read - 128;
                    if (i4 > 3) {
                        throw new ApduConnectionException("TLV demasiado largo");
                    }
                    int i5 = 0;
                    while (i4 > 0) {
                        i5 = (i5 << 8) + (byteArrayInputStream.read() & 255);
                        i4--;
                        i3++;
                    }
                    read = i5;
                }
                int i6 = read + i3;
                int i7 = 0;
                while (i7 < i6) {
                    int i8 = i6 - i7;
                    if (i8 < 239) {
                        readBinary = readBinary(b, b2, (byte) i8);
                        i7 += i8;
                        i2 += i8;
                    } else {
                        readBinary = readBinary(b, b2, (byte) -17);
                        i7 += 239;
                        i2 += 239;
                    }
                    if (!readBinary.isOk()) {
                        return readBinary.getStatusWord().getBytes();
                    }
                    byte[] dataCopy = readBinary.getDataCopy();
                    byteArrayOutputStream.write(dataCopy, 0, dataCopy.length);
                    b = (byte) (i2 >> 8);
                    b2 = (byte) (i2 & 255);
                }
            } finally {
                DnieTools.closeSafely(byteArrayOutputStream);
            }
        }
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] readCompressedFile(Location location) {
        return DnieTools.deflate(readBinaryDataCompressed(selectFile(location)));
    }

    private byte[] readCompressedFile(String str) {
        return readCompressedFile(new Location(str));
    }

    private byte[] readFile(Location location) {
        return readBinaryDataTlv(selectFile(location));
    }

    private byte[] readFile(byte[] bArr) {
        return readBinaryDataTlv(selectFile(bArr));
    }

    private int selectFile(Location location) {
        selectMasterFile();
        int i = 0;
        while (location != null) {
            i = selectFile(location.getFile());
            location = location.getChild();
        }
        return i;
    }

    private int selectFile(byte[] bArr) {
        ResponseApdu sendSecure = getConnection().sendSecure(new SelectFileByIdApduCommand((byte) 0, bArr));
        if (sendSecure.hasFileNotFoundError()) {
            throw new SmartCardFileNotFoundException(bArr);
        }
        if (sendSecure.isOk()) {
            return sendSecure.getFileLength();
        }
        StatusWord statusWord = sendSecure.getStatusWord();
        if (statusWord.equals(new StatusWord((byte) 106, (byte) -126))) {
            throw new SmartCardFileNotFoundException(bArr);
        }
        throw new DnieException(statusWord);
    }

    private void selectFile(String str) {
        ResponseApdu sendSecure = getConnection().sendSecure(new SelectDfByNameApduCommand((byte) 0, DnieTools.getUtf8Bytes(str)));
        if (!sendSecure.isOk() && sendSecure.hasFileNotFoundError()) {
            throw new SmartCardFileNotFoundException(str);
        }
    }

    private void selectMasterFile() {
        selectFile(DnieConstants.MASTER_FILE_ID);
    }

    private void setPublicKeyToVerification(byte[] bArr) {
        if (!getConnection().sendSecure(new MseSetVerificationKeyApduCommand((byte) 0, bArr)).isOk()) {
            throw new SecureChannelException("Error al seleccionar una clave pública para verificación");
        }
    }

    private void verifyCertificate(byte[] bArr) {
        if (!getConnection().sendSecure(new PsoVerifyCertificateApduCommand((byte) 0, bArr)).isOk()) {
            throw new SecureChannelException("Error en la verificación del certificado");
        }
    }

    public boolean externalAuthentication(byte[] bArr) {
        return getConnection().sendSecure(new ExternalAuthenticateApduCommand((byte) 0, bArr)).isOk();
    }

    public List<CertificateObject> getAllCertificates() {
        CertificateDescriptorFile certificateDescriptorFile = this.certificateDescriptorFile;
        return certificateDescriptorFile == null ? new ArrayList() : certificateDescriptorFile.getAllCertificates();
    }

    public List<PrivateKeyObject> getAllPrivateKeys() {
        PrivateKeyDescriptorFile privateKeyDescriptorFile = this.privateKeyDescriptorFile;
        return privateKeyDescriptorFile == null ? new ArrayList() : privateKeyDescriptorFile.getAllPrivateKeys();
    }

    public X509Certificate getCertificate(String str) {
        if (DnieConstants.ALIAS_AUTHENTICATION_CERTIFICATE.equals(str)) {
            X509Certificate x509Certificate = this.authenticationCertificate;
            if ((x509Certificate instanceof FakeX509Certificate) || x509Certificate == null) {
                loadAuthenticationCertificateAndKeys();
            }
            return this.authenticationCertificate;
        }
        if (!DnieConstants.ALIAS_SIGNATURE_CERTIFICATE.equals(str)) {
            if (DnieConstants.ALIAS_INTERMEDIATE_CA_CERTIFICATE.equals(str)) {
                return this.dgpCaCertificate;
            }
            return null;
        }
        X509Certificate x509Certificate2 = this.signatureCertificate;
        if ((x509Certificate2 instanceof FakeX509Certificate) || x509Certificate2 == null) {
            loadSignatureCertificateAndKeys();
        }
        return this.signatureCertificate;
    }

    public byte[] getChallenge() {
        ResponseApdu sendSecure = getConnection().sendSecure(new GetChallengeApduCommand((byte) 0));
        if (sendSecure.isOk()) {
            return sendSecure.getDataCopy();
        }
        throw new ApduConnectionException("Respuesta inválida en la obtención de desafío con el código", sendSecure);
    }

    public byte[] getChrCCvIfd() {
        return ((getConnection() instanceof DnieNfcConnection) || this.bRequiresNewPinChannel) ? DnieCardConstants.CHR_C_CV_IFD_PIN : DnieCardConstants.CHR_C_CV_IFD_USER;
    }

    public DG1 getDataGroup1() {
        if (this.dg1 == null) {
            this.dg1 = getMrtdConnection().readDG1();
        }
        return this.dg1;
    }

    public DG11 getDataGroup11() {
        if (this.dg11 == null) {
            this.dg11 = getMrtdConnection().readDG11();
        }
        return this.dg11;
    }

    public DG13 getDataGroup13() {
        if (this.dg13 == null) {
            this.dg13 = getMrtdConnection().readDG13();
        }
        return this.dg13;
    }

    public DG2 getDataGroup2() {
        if (this.dg2 == null) {
            this.dg2 = getMrtdConnection().readDG2();
        }
        return this.dg2;
    }

    public DG7 getDataGroup7() {
        if (this.dg7 == null) {
            this.dg7 = getMrtdConnection().readDG7();
        }
        return this.dg7;
    }

    public Efcom getEfcom() {
        if (this.efcom == null) {
            this.efcom = getMrtdConnection().readEfcom();
        }
        return this.efcom;
    }

    public byte[] getIccCertEncoded() {
        return readFile(DnieConstants.CERT_ICC_FILE_ID);
    }

    public RSAPrivateKey getIfdPrivateKey() {
        return ((getConnection() instanceof DnieNfcConnection) || this.bRequiresNewPinChannel) ? DnieCardConstants.IFD_PRIVATE_KEY_PIN : DnieCardConstants.IFD_PRIVATE_KEY_USER;
    }

    public byte[] getInternalAuthenticateMessage(byte[] bArr, byte[] bArr2) {
        ResponseApdu sendSecure = getConnection().sendSecure(new InternalAuthenticateApduCommand((byte) 0, bArr, bArr2));
        if (sendSecure.isOk()) {
            return sendSecure.getDataCopy();
        }
        throw new DnieException("Respuesta inválida en la obtención del mensaje de autenticación interna", sendSecure);
    }

    public <T extends Key> T getKey(String str) {
        str.hashCode();
        char c = 65535;
        switch (str.hashCode()) {
            case -1308603522:
                if (str.equals(DnieConstants.ALIAS_AUTHENTICATION_PUBLIC_KEY)) {
                    c = 0;
                    break;
                }
                break;
            case -670400130:
                if (str.equals(DnieConstants.ALIAS_SIGNATURE_PUBLIC_KEY)) {
                    c = 1;
                    break;
                }
                break;
            case 576901455:
                if (str.equals(DnieConstants.ALIAS_SIGNATURE_PRIVATE_KEY)) {
                    c = 2;
                    break;
                }
                break;
            case 1604331495:
                if (str.equals(DnieConstants.ALIAS_AUTHENTICATION_PRIVATE_KEY)) {
                    c = 3;
                    break;
                }
                break;
        }
        switch (c) {
            case 0:
                if (this.authenticationPublicKey == null) {
                    loadAuthenticationCertificateAndKeys();
                }
                return this.authenticationPublicKey;
            case 1:
                if (this.signaturePublicKey == null) {
                    loadSignatureCertificateAndKeys();
                }
                return this.signaturePublicKey;
            case 2:
                if (this.signaturePrivateKey == null) {
                    loadSignatureCertificateAndKeys();
                }
                return this.signaturePrivateKey;
            case 3:
                if (this.authenticationPrivateKey == null) {
                    loadAuthenticationCertificateAndKeys();
                }
                return this.authenticationPrivateKey;
            default:
                return null;
        }
    }

    public byte[] getRefIccPrivateKey() {
        return DnieCardConstants.REF_ICC_PRIVATE_KEY;
    }

    public byte[] getSerialNumber() {
        ResponseApdu sendSecure = getConnection().sendSecure(new GetChipInfoApduCommand());
        if (sendSecure.isOk()) {
            return sendSecure.getDataCopy();
        }
        throw new ApduConnectionException("Respuesta inválida en la obtención del número de serie con el código", sendSecure);
    }

    public boolean isConnected() {
        return this.connection.isConnected();
    }

    public boolean isDataGroupAvailable(DataGroup dataGroup) {
        int binarySearch;
        if (dataGroup == null) {
            throw new IllegalArgumentException("Data group argument cannot be null");
        }
        byte[] tagList = getEfcom().getTagList();
        Arrays.sort(tagList);
        switch (AnonymousClass1.$SwitchMap$com$xone$android$dniemanager$card$DataGroup[dataGroup.ordinal()]) {
            case 1:
                binarySearch = Arrays.binarySearch(tagList, (byte) 97);
                break;
            case 2:
                binarySearch = Arrays.binarySearch(tagList, DataGroup.DATAGROUP_2_TAG);
                break;
            case 3:
                binarySearch = Arrays.binarySearch(tagList, DataGroup.DATAGROUP_7_TAG);
                break;
            case 4:
                binarySearch = Arrays.binarySearch(tagList, DataGroup.DATAGROUP_11_TAG);
                break;
            case 5:
                binarySearch = Arrays.binarySearch(tagList, DataGroup.DATAGROUP_13_TAG);
                break;
            case 6:
                binarySearch = Arrays.binarySearch(tagList, (byte) 99);
                break;
            default:
                throw new IllegalArgumentException("Unknown datagram " + dataGroup.toString());
        }
        return binarySearch >= 0;
    }

    public void setKeysToAuthentication(byte[] bArr, byte[] bArr2) {
        if (!getConnection().sendSecure(new MseSetAuthenticationKeyApduCommand((byte) 0, bArr, bArr2)).isOk()) {
            throw new SecureChannelException("Error durante el establecimiento de las claves pública y privada para autenticación");
        }
    }

    public void setPassword(String str) {
        this.sPassword = str;
    }

    public byte[] sign(byte[] bArr, String str, Location location) {
        if (this.bRequiresNewPinChannel) {
            establishPinChannel();
        }
        if (isUserChannelClosed()) {
            establishUserChannel();
        }
        ResponseApdu sendSecure = getConnection().sendSecure(new MseSetSignatureKeyApduCommand((byte) 0, location.getLastFilePath()));
        if (!sendSecure.isOk()) {
            throw new DnieException("Error en el establecimiento de las variables de entorno para firma", sendSecure);
        }
        ResponseApdu sendSecure2 = getConnection().sendSecure(new PsoSignHashApduCommand((byte) 0, CryptoHelper.encodePkcs1Digest(str, bArr)));
        if (!sendSecure2.isOk()) {
            throw new DnieException("Error durante la operación de firma", sendSecure2);
        }
        this.bRequiresNewPinChannel = true;
        return sendSecure2.getDataCopy();
    }

    public void verifyCaIntermediateIcc() {
        try {
            X509Certificate x509Certificate = (X509Certificate) CryptoHelper.generateCertificate(readFile(DnieConstants.REF_RCA_ICC_PUBLIC_KEY));
            this.dgpCaCertificateIcc = x509Certificate;
            x509Certificate.verify(DnieCardConstants.CA_COMPONENT_PUBLIC_KEY);
        } catch (Exception e) {
            throw new DnieException("Error al verificar certificado de la CA intermedia de componentes", e);
        }
    }

    public void verifyIcc() {
        try {
            ((X509Certificate) CryptoHelper.generateCertificate(readFile(DnieConstants.CERT_ICC_FILE_ID))).verify(this.dgpCaCertificateIcc.getPublicKey());
        } catch (Exception e) {
            throw new DnieException("Error al verificar certificado ICC de componentes", e);
        }
    }

    public void verifyIfdCertificateChain() {
        setPublicKeyToVerification(DnieCardConstants.REF_C_CV_CA_PUBLIC_KEY);
        verifyCertificate(DnieCardConstants.C_CV_CA);
        setPublicKeyToVerification(DnieCardConstants.CHR_C_CV_CA);
        if ((getConnection() instanceof DnieNfcConnection) || this.bRequiresNewPinChannel) {
            verifyCertificate(DnieCardConstants.C_CV_IFD_PIN);
        }
        if (!(getConnection() instanceof SecureApduConnection) || this.bRequiresNewPinChannel) {
            return;
        }
        verifyCertificate(DnieCardConstants.C_CV_IFD_USER);
    }
}
