package com.kbstar.caq.kbsign.usim;

import java.util.Random;

/* loaded from: classes3.dex */
public class KBSignSecureChannel {
    private byte[] D_ENC;
    private byte[] D_KEK;
    private byte[] D_MAC;
    private byte[] S_ENC = new byte[16];
    private byte[] S_MAC = new byte[16];
    private byte[] S_KEK = new byte[16];
    private byte[] mHostRandom = new byte[8];
    String mCSN = null;
    String mKeyInfo = null;
    String mSequenceCounter = null;
    String mCardChallenge = null;
    String mCardCryptogram = null;
    private Random random = new Random();

    public KBSignSecureChannel(byte[] bArr, byte[] bArr2, byte[] bArr3) throws UsimException {
        this.D_ENC = null;
        this.D_MAC = null;
        this.D_KEK = null;
        if (bArr == null || bArr.length != 16) {
            throw new UsimException(KBSignErrorCode.INVALID_INPUT, "Invalid input");
        }
        if (bArr2 == null || bArr2.length != 16) {
            throw new UsimException(KBSignErrorCode.INVALID_INPUT, "Invalid input");
        }
        if (bArr3 == null || bArr3.length != 16) {
            throw new UsimException(KBSignErrorCode.INVALID_INPUT, "Invalid input");
        }
        byte[] bArr4 = new byte[bArr.length];
        this.D_ENC = bArr4;
        System.arraycopy(bArr, 0, bArr4, 0, bArr4.length);
        KBSignDebug.printHex("D_ENC", this.D_ENC);
        byte[] bArr5 = new byte[bArr2.length];
        this.D_MAC = bArr5;
        System.arraycopy(bArr2, 0, bArr5, 0, bArr5.length);
        KBSignDebug.printHex("D_MAC", this.D_MAC);
        byte[] bArr6 = new byte[bArr3.length];
        this.D_KEK = bArr6;
        System.arraycopy(bArr3, 0, bArr6, 0, bArr6.length);
        KBSignDebug.printHex("D_KEK", this.D_KEK);
        this.random.nextBytes(this.mHostRandom);
    }

    private boolean checkCardCryptogram() throws UsimException {
        byte[] tdesEncrypt = KBSignUtil.tdesEncrypt(KBSignUtil.hexDecode(KBSignUtil.hexEncode(this.mHostRandom) + this.mSequenceCounter + this.mCardChallenge + "8000000000000000"), this.S_ENC, new byte[8]);
        return this.mCardCryptogram.equals(KBSignUtil.hexEncode(tdesEncrypt, tdesEncrypt.length - 8, 8));
    }

    private byte[] generateHostCryptogram() throws UsimException {
        byte[] tdesEncrypt = KBSignUtil.tdesEncrypt(KBSignUtil.hexDecode(this.mSequenceCounter + this.mCardChallenge + KBSignUtil.hexEncode(this.mHostRandom) + "8000000000000000"), this.S_ENC, new byte[8]);
        byte[] bArr = new byte[8];
        System.arraycopy(tdesEncrypt, tdesEncrypt.length - 8, bArr, 0, 8);
        return bArr;
    }

    private byte[] generateHostCryptogramMac(byte[] bArr) throws UsimException {
        String str = "8482030010" + KBSignUtil.hexEncode(bArr) + "800000";
        byte[] hexDecode = KBSignUtil.hexDecode(str.substring(0, 16));
        byte[] hexDecode2 = KBSignUtil.hexDecode(str.substring(16, 32));
        byte[] bArr2 = new byte[8];
        System.arraycopy(this.S_MAC, 0, bArr2, 0, 8);
        byte[] desEncrypt = KBSignUtil.desEncrypt(hexDecode, bArr2, new byte[8]);
        for (int i = 0; i < hexDecode2.length; i++) {
            hexDecode2[i] = (byte) (hexDecode2[i] ^ desEncrypt[i]);
        }
        byte[] tdesEncrypt = KBSignUtil.tdesEncrypt(hexDecode2, this.S_MAC, new byte[8]);
        byte[] bArr3 = new byte[8];
        System.arraycopy(tdesEncrypt, tdesEncrypt.length - 8, bArr3, 0, 8);
        return bArr3;
    }

    private void generateSessionKeys() throws UsimException {
        String str = "0182" + this.mSequenceCounter + "000000000000000000000000";
        String str2 = "0101" + this.mSequenceCounter + "000000000000000000000000";
        String str3 = "0181" + this.mSequenceCounter + "000000000000000000000000";
        this.S_ENC = KBSignUtil.tdesEncrypt(KBSignUtil.hexDecode(str), this.D_ENC, new byte[8]);
        this.S_MAC = KBSignUtil.tdesEncrypt(KBSignUtil.hexDecode(str2), this.D_MAC, new byte[8]);
        this.S_KEK = KBSignUtil.tdesEncrypt(KBSignUtil.hexDecode(str3), this.D_KEK, new byte[8]);
    }

    public void clear() {
        KBSignUtil.memset(this.D_ENC);
        KBSignUtil.memset(this.D_MAC);
        KBSignUtil.memset(this.D_KEK);
        KBSignUtil.memset(this.S_ENC);
        KBSignUtil.memset(this.S_MAC);
        KBSignUtil.memset(this.S_KEK);
    }

    public byte[] generateEncryptedKey(byte[] bArr) throws UsimException {
        return KBSignUtil.tdesEncrypt(bArr, this.S_KEK, null);
    }

    public byte[] getExternalAuthentication(byte[] bArr) throws UsimException {
        if (bArr == null || bArr.length != 28) {
            throw new UsimException(KBSignErrorCode.INVALID_INPUT, "Invalid input");
        }
        String hexEncode = KBSignUtil.hexEncode(bArr);
        try {
            this.mCSN = hexEncode.substring(8, 20);
            this.mKeyInfo = hexEncode.substring(20, 24);
            this.mSequenceCounter = hexEncode.substring(24, 28);
            this.mCardChallenge = hexEncode.substring(28, 40);
            this.mCardCryptogram = hexEncode.substring(40, 56);
            generateSessionKeys();
            if (!checkCardCryptogram()) {
                throw new Exception("Check card cryptogram fail");
            }
            byte[] generateHostCryptogram = generateHostCryptogram();
            byte[] generateHostCryptogramMac = generateHostCryptogramMac(generateHostCryptogram);
            byte[] bArr2 = new byte[generateHostCryptogram.length + generateHostCryptogramMac.length];
            System.arraycopy(generateHostCryptogram, 0, bArr2, 0, generateHostCryptogram.length);
            System.arraycopy(generateHostCryptogramMac, 0, bArr2, generateHostCryptogram.length, generateHostCryptogramMac.length);
            return bArr2;
        } catch (Exception unused) {
            throw new UsimException(KBSignErrorCode.EXT_AUTH_FAIL, "External authentication fail");
        }
    }

    public byte[] getHostRandom() {
        return this.mHostRandom;
    }
}
