package net.lardcave.keepassnfc.javaclient;

import com.beust.jcommander.JCommander;
import com.beust.jcommander.Parameter;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.smartcardio.Card;
import javax.smartcardio.CardChannel;
import javax.smartcardio.CardException;
import javax.smartcardio.CardTerminal;
import javax.smartcardio.CommandAPDU;
import javax.smartcardio.ResponseAPDU;
import javax.smartcardio.TerminalFactory;

/* loaded from: input_file:net/lardcave/keepassnfc/javaclient/Client.class */
public class Client {

    @Parameter(names = {"-chat"}, description = "Show APDU (smartcard) communication")
    public boolean showChat;

    @Parameter(names = {"-password-key"}, description = "Password key (hex)")
    public String passwordKeyString;

    @Parameter(names = {"-default-key"}, description = "Use test values for password key")
    public boolean useDefaultKey;

    @Parameter(names = {"-data"}, description = "Data (hex string)")
    public String testDataString;

    @Parameter(description = "Command {set_card_key, set_password_key, encrypt, decrypt}")
    public List<String> command = new ArrayList();
    private static final byte[] TEST_PASSWORD_KEY;
    private static final byte[] TEST_INPUT;
    private byte[] passwordKey;
    private byte[] passwordKeyIv;
    private byte[] testData;
    private SecureRandom random;
    private static final byte CLA_CARD_KPNFC_CMD = -80;
    private static final byte INS_CARD_GET_CARD_PUBKEY = 112;
    private static final byte INS_CARD_SET_PASSWORD_KEY = 113;
    private static final byte INS_CARD_PREPARE_DECRYPTION = 114;
    private static final byte INS_CARD_DECRYPT_BLOCK = 115;
    private static final byte INS_CARD_GET_VERSION = 116;
    private static final byte INS_CARD_GENERATE_CARD_KEY = 117;
    private static final byte INS_CARD_WRITE_TO_SCRATCH = 118;
    private static final byte RESPONSE_SUCCEEDED = 1;
    private static final byte RESPONSE_FAILED = 2;
    public static final byte OFFSET_CLA = 0;
    public static final byte OFFSET_INS = 1;
    public static final byte OFFSET_P1 = 2;
    public static final byte OFFSET_P2 = 3;
    public static final byte OFFSET_LC = 4;
    public static final byte OFFSET_DATA = 5;
    public static final byte HEADER_LENGTH = 5;
    public static final byte[] selectAppletAPDU;
    public static final int MAX_CHUNK_SIZE = 120;
    static final /* synthetic */ boolean $assertionsDisabled;

    public static void main(String[] strArr) throws CardException {
        Client client = new Client();
        new JCommander(client, strArr);
        client.run();
    }

    public void run() throws CardException {
        if (this.command.size() == 0) {
            System.err.println("Specify a command.");
            return;
        }
        this.random = new SecureRandom();
        this.passwordKey = new byte[16];
        if (this.useDefaultKey) {
            System.arraycopy(TEST_PASSWORD_KEY, 0, this.passwordKey, 0, this.passwordKey.length);
        } else if (this.passwordKeyString != null) {
            this.passwordKey = decodeHexString(this.passwordKeyString);
        } else {
            this.passwordKey = randomBytes(16);
        }
        this.passwordKeyIv = new byte[16];
        if (this.testDataString != null) {
            this.testData = decodeHexString(this.testDataString);
        }
        String str = this.command.get(0);
        boolean z = -1;
        switch (str.hashCode()) {
            case -1607257499:
                if (str.equals("encrypt")) {
                    z = 2;
                    break;
                }
                break;
            case -989323400:
                if (str.equals("set_password_key")) {
                    z = true;
                    break;
                }
                break;
            case 351608024:
                if (str.equals("version")) {
                    z = 4;
                    break;
                }
                break;
            case 702328890:
                if (str.equals("generate_card_key")) {
                    z = false;
                    break;
                }
                break;
            case 1542543757:
                if (str.equals("decrypt")) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case OFFSET_CLA /* 0 */:
                generateCardKey();
                return;
            case true:
                setPasswordKey();
                return;
            case true:
                encrypt();
                return;
            case OFFSET_P2 /* 3 */:
                decrypt();
                return;
            case OFFSET_LC /* 4 */:
                version();
                return;
            default:
                System.err.println("Unknown command '" + this.command + "'");
                return;
        }
    }

    public void generateCardKey() throws CardException {
        sendSingleCommand(constructApdu((byte) 117));
    }

    protected short getShort(byte[] bArr, int i) {
        return (short) (((bArr[i] & 255) << 8) | (bArr[i + 1] & 255));
    }

    protected void putShort(byte[] bArr, int i, short s) {
        bArr[i] = (byte) ((s & 255) >> 8);
        bArr[i + 1] = (byte) (s & 255);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r15v0 */
    /* JADX WARN: Type inference failed for: r15v1 */
    /* JADX WARN: Type inference failed for: r15v2, types: [int] */
    public RSAPublicKey getCardPubKey(CardChannel cardChannel) throws CardException {
        short s;
        byte[] bArr = {1, 0, 0};
        byte[] bytes = sendAPDU(cardChannel, constructApdu((byte) 112, bArr)).getBytes();
        if (bytes == null || bytes[0] != 1) {
            System.err.println("Couldn't retrieve exponent");
            return null;
        }
        BigInteger bigInteger = new BigInteger(1, Arrays.copyOfRange(bytes, 3, bytes[2] + 3));
        ArrayList<byte[]> arrayList = new ArrayList();
        bArr[0] = 2;
        int i = 0;
        do {
            putShort(bArr, 1, i);
            byte[] bytes2 = sendAPDU(cardChannel, constructApdu((byte) 112, bArr)).getBytes();
            if (bytes2 == null || bytes2[0] != 1) {
                System.err.println("Couldn't retrieve modulus");
                return null;
            }
            short s2 = getShort(bytes2, 1);
            s = getShort(bytes2, 3);
            arrayList.add(Arrays.copyOfRange(bytes2, 5, bytes2.length - 2));
            i = (short) (i + s2);
        } while (s > 0);
        byte[] bArr2 = new byte[i];
        short s3 = 0;
        for (byte[] bArr3 : arrayList) {
            System.arraycopy(bArr3, 0, bArr2, s3, bArr3.length);
            s3 = (short) (s3 + bArr3.length);
        }
        try {
            try {
                return (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(1, bArr2), bigInteger));
            } catch (InvalidKeySpecException e) {
                System.err.println("Couldn't produce a PublicKey object");
                return null;
            }
        } catch (NoSuchAlgorithmException e2) {
            System.err.println("Couldn't create RSA keyfactory");
            return null;
        }
    }

    public void writeToScratchArea(CardChannel cardChannel, byte[] bArr) throws CardException {
        for (int i = 0; i < bArr.length; i += MAX_CHUNK_SIZE) {
            int length = bArr.length - i;
            if (length > 120) {
                length = 120;
            }
            byte[] bArr2 = new byte[length + 2];
            putShort(bArr2, 0, (short) i);
            System.arraycopy(bArr, i, bArr2, 2, length);
            sendAPDU(cardChannel, constructApdu((byte) 118, bArr2));
        }
    }

    public void setPasswordKey() throws CardException {
        byte[] encryptWithCardKey;
        CardChannel cardChannel = getCardChannel();
        if (cardChannel == null || (encryptWithCardKey = encryptWithCardKey(cardChannel, this.passwordKey)) == null) {
            return;
        }
        writeToScratchArea(cardChannel, encryptWithCardKey);
        sendAPDU(cardChannel, constructApdu((byte) 113));
        System.out.println("Password key set to " + toHex(this.passwordKey));
    }

    private byte[] sendSingleCommand(byte[] bArr) throws CardException {
        CardChannel cardChannel = getCardChannel();
        if (cardChannel != null) {
            return sendAPDU(cardChannel, bArr).getBytes();
        }
        return null;
    }

    private byte[] encryptWithCardKey(CardChannel cardChannel, byte[] bArr) throws CardException {
        RSAPublicKey cardPubKey = getCardPubKey(cardChannel);
        if (cardPubKey == null) {
            System.err.println("Key invalid, can't encrypt with card key");
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            try {
                cipher.init(1, cardPubKey);
                try {
                    return cipher.doFinal(bArr);
                } catch (BadPaddingException | IllegalBlockSizeException e) {
                    System.err.println("Couldn't encrypt with card key:");
                    e.printStackTrace();
                    return null;
                }
            } catch (InvalidKeyException e2) {
                System.err.println("Invalid key");
                return null;
            }
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e3) {
            System.err.println("RSA cipher not supported");
            return null;
        }
    }

    public void encrypt() {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            try {
                cipher.init(1, new SecretKeySpec(this.passwordKey, "AES"), new IvParameterSpec(this.passwordKeyIv));
                try {
                    byte[] doFinal = cipher.doFinal(TEST_INPUT);
                    System.out.println("Original:  " + toHex(TEST_INPUT));
                    System.out.println("IV:        " + toHex(this.passwordKeyIv));
                    System.out.println("Encrypted: " + toHex(doFinal));
                } catch (BadPaddingException | IllegalBlockSizeException e) {
                    e.printStackTrace();
                }
            } catch (InvalidAlgorithmParameterException | InvalidKeyException e2) {
                e2.printStackTrace();
            }
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e3) {
            e3.printStackTrace();
        }
    }

    public byte[] randomBytes(int i) {
        byte[] bArr = new byte[i];
        this.random.nextBytes(bArr);
        return bArr;
    }

    public void decrypt() throws CardException {
        byte[] encryptWithCardKey;
        byte[] randomBytes = randomBytes(16);
        byte[] randomBytes2 = randomBytes(16);
        byte[] bArr = new byte[32];
        CardChannel cardChannel = getCardChannel();
        if (cardChannel == null || (encryptWithCardKey = encryptWithCardKey(cardChannel, randomBytes)) == null) {
            return;
        }
        writeToScratchArea(cardChannel, encryptWithCardKey);
        System.arraycopy(randomBytes2, 0, bArr, 0, 16);
        System.arraycopy(this.passwordKeyIv, 0, bArr, 16, 16);
        sendAPDU(cardChannel, constructApdu((byte) 114, bArr));
        byte[] decryptWithTransactionKey = decryptWithTransactionKey(sendAPDU(cardChannel, constructApdu((byte) 115, this.testData)).getBytes(), 1, 16, randomBytes, randomBytes2);
        if (decryptWithTransactionKey != null) {
            for (byte b : decryptWithTransactionKey) {
                System.out.print((char) b);
            }
            System.out.println();
        }
    }

    public void version() throws CardException {
        byte[] sendSingleCommand = sendSingleCommand(constructApdu((byte) 116, new byte[0]));
        if (sendSingleCommand != null) {
            System.out.println("Applet version " + ((int) sendSingleCommand[1]));
        }
    }

    public byte[] decryptWithTransactionKey(byte[] bArr, int i, int i2, byte[] bArr2, byte[] bArr3) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            try {
                cipher.init(2, new SecretKeySpec(bArr2, "AES"), new IvParameterSpec(bArr3));
                try {
                    return cipher.doFinal(bArr, i, i2);
                } catch (BadPaddingException | IllegalBlockSizeException e) {
                    e.printStackTrace();
                    return null;
                }
            } catch (InvalidAlgorithmParameterException | InvalidKeyException e2) {
                e2.printStackTrace();
                return null;
            }
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e3) {
            e3.printStackTrace();
            return null;
        }
    }

    public static byte[] constructApdu(byte b) {
        return constructApdu(b, new byte[0]);
    }

    public static byte[] constructApdu(byte b, byte[] bArr) {
        byte[] bArr2 = new byte[5 + bArr.length];
        bArr2[0] = CLA_CARD_KPNFC_CMD;
        bArr2[1] = b;
        bArr2[2] = 0;
        bArr2[3] = 0;
        bArr2[4] = (byte) bArr.length;
        System.arraycopy(bArr, 0, bArr2, 5, bArr.length);
        return bArr2;
    }

    public CardChannel getCardChannel() throws CardException {
        CardTerminal firstCardTerminal = getFirstCardTerminal();
        if (firstCardTerminal == null) {
            return null;
        }
        if (!firstCardTerminal.isCardPresent()) {
            System.err.println("No card present in first terminal");
            return null;
        }
        Card connect = firstCardTerminal.connect("*");
        CardChannel basicChannel = connect.getBasicChannel();
        sendAPDU(basicChannel, new byte[]{-1, 0, 65, -16, 0});
        connect.getATR();
        byte[] bytes = sendAPDU(basicChannel, selectAppletAPDU).getBytes();
        if (bytes[0] == -112 || bytes[1] == 0) {
            return basicChannel;
        }
        System.out.println("Applet select failed: " + toHex(bytes));
        return null;
    }

    private static CardTerminal getFirstCardTerminal() throws CardException {
        List list = TerminalFactory.getDefault().terminals().list();
        if (list.size() != 0) {
            return (CardTerminal) list.get(0);
        }
        System.err.println("No card terminals found.");
        return null;
    }

    private ResponseAPDU sendAPDU(CardChannel cardChannel, byte[] bArr) throws CardException {
        if (this.showChat) {
            System.out.println("OUT: " + toHex(bArr));
        }
        ResponseAPDU transmit = cardChannel.transmit(new CommandAPDU(bArr));
        if (this.showChat) {
            System.out.println("IN:  " + toHex(transmit.getBytes()));
        }
        return transmit;
    }

    public static String toHex(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            sb.append(nibbleToChar((byte) ((b & 255) >> 4)));
            sb.append(nibbleToChar((byte) (b & 15)));
            sb.append(' ');
        }
        return sb.toString();
    }

    public static char nibbleToChar(byte b) {
        if ($assertionsDisabled || b < 16) {
            return b < 10 ? (char) (48 + b) : (char) (65 + (b - 10));
        }
        throw new AssertionError();
    }

    public static byte charToNibble(char c) {
        if (c >= '0' && c <= '9') {
            return (byte) (c - '0');
        }
        if (c >= 'A' && c <= 'F') {
            return (byte) ((c - 'A') + 10);
        }
        if (c < 'a' || c > 'f') {
            throw new RuntimeException("Not a hex character");
        }
        return (byte) ((c - 'a') + 10);
    }

    public static byte[] decodeHexString(String str) {
        byte[] bArr = new byte[8];
        byte b = 0;
        boolean z = false;
        int i = 0;
        for (char c : str.toCharArray()) {
            if (c != ' ' && c != ':') {
                byte charToNibble = (byte) (b | charToNibble(c));
                if (z) {
                    if (i == bArr.length) {
                        byte[] bArr2 = new byte[bArr.length * 2];
                        System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
                        bArr = bArr2;
                    }
                    bArr[i] = charToNibble;
                    i++;
                    z = false;
                    b = 0;
                } else {
                    b = (byte) (charToNibble << 4);
                    z = true;
                }
            }
        }
        return Arrays.copyOfRange(bArr, 0, i);
    }

    static {
        $assertionsDisabled = !Client.class.desiredAssertionStatus();
        TEST_PASSWORD_KEY = new byte[]{15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0};
        TEST_INPUT = new byte[]{INS_CARD_GET_CARD_PUBKEY, 101, INS_CARD_PREPARE_DECRYPTION, INS_CARD_DECRYPT_BLOCK, 105, 109, 109, 111, 110, INS_CARD_DECRYPT_BLOCK, 32, 45, 32, 121, INS_CARD_GENERATE_CARD_KEY, 109};
        selectAppletAPDU = new byte[]{0, -92, 4, 0, 16, -16, 55, 84, INS_CARD_PREPARE_DECRYPTION, Byte.MIN_VALUE, 79, -43, -6, 15, 36, 62, 66, -63, -74, 56, 37, 0};
    }
}
