package nl.innovalor.euedl.service;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Random;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import net.sf.scuba.smartcards.APDUListener;
import net.sf.scuba.smartcards.CardFileInputStream;
import net.sf.scuba.smartcards.CardService;
import net.sf.scuba.smartcards.CardServiceException;
import net.sf.scuba.smartcards.CommandAPDU;
import net.sf.scuba.smartcards.ISO7816;
import net.sf.scuba.smartcards.ResponseAPDU;
import net.sf.scuba.util.Hex;
import org.jmrtd.AccessKeySpec;
import org.jmrtd.d;
import org.jmrtd.e;
import org.jmrtd.f;
import org.jmrtd.g;
import org.jmrtd.k;
import org.jmrtd.p;
import org.jmrtd.protocol.BACResult;
import org.jmrtd.protocol.EACCAResult;
import org.jmrtd.protocol.EACTAResult;
import org.jmrtd.protocol.PACEResult;
import org.jmrtd.protocol.h;
import org.jmrtd.protocol.i;
import org.jmrtd.protocol.j;
import org.jmrtd.protocol.l;
import org.jmrtd.protocol.t;
import org.jmrtd.protocol.u;
import org.jmrtd.protocol.w;
import org.msgpack.core.MessagePack;

/* loaded from: classes2.dex */
public class c extends g {
    private static final Logger r = Logger.getLogger("nl.innovalor.euedl.service");
    private static final Provider s = p.m();
    private static final byte[] t = {-96, 0, 0, 4, 86, 69, ISO7816.INS_REHABILITATE_CHV, 76, 45, ISO7816.INS_DECREASE, 49};
    public static final Map<Short, Byte> u = k();
    private static final IvParameterSpec v = new IvParameterSpec(new byte[8]);
    private w a;
    private Random b;
    private CardService c;
    private Cipher d;
    private Mac e;
    private int f;
    private int g;
    private k h;
    private k i;
    private boolean j;
    private boolean k = false;
    private org.jmrtd.b l;
    private e m;
    private org.jmrtd.c n;
    private org.jmrtd.a o;
    private d p;
    private f q;

    public c(CardService cardService, int i, int i2, boolean z, boolean z2) throws CardServiceException {
        this.c = cardService;
        this.l = new org.jmrtd.protocol.e(cardService);
        this.m = new l(cardService);
        this.o = new org.jmrtd.protocol.a(cardService);
        this.n = new h(cardService);
        this.p = new j(cardService);
        this.q = new u(cardService);
        this.f = i;
        this.g = i2;
        this.h = new k(this.q, false);
        this.i = new k(this.q, z, u);
        this.j = z2;
        try {
            this.d = Cipher.getInstance("DESede/CBC/NoPadding");
            this.e = Mac.getInstance("ISO9797Alg3Mac", s);
            this.b = new SecureRandom();
        } catch (GeneralSecurityException e) {
            throw new CardServiceException("Unexpected security exception", e);
        }
    }

    private static Map<Short, Byte> k() {
        HashMap hashMap = new HashMap(20);
        hashMap.put((short) 30, (byte) 30);
        hashMap.put((short) 1, (byte) 1);
        hashMap.put((short) 2, (byte) 2);
        hashMap.put((short) 3, (byte) 3);
        hashMap.put((short) 4, (byte) 4);
        hashMap.put((short) 5, (byte) 5);
        hashMap.put((short) 6, (byte) 6);
        hashMap.put((short) 7, (byte) 7);
        hashMap.put((short) 8, (byte) 8);
        hashMap.put((short) 9, (byte) 9);
        hashMap.put((short) 10, (byte) 10);
        hashMap.put((short) 11, (byte) 11);
        hashMap.put((short) 12, (byte) 12);
        hashMap.put((short) 13, (byte) 13);
        hashMap.put((short) 14, Byte.valueOf(ISO7816.INS_ERASE_BINARY));
        hashMap.put((short) 29, (byte) 29);
        return Collections.unmodifiableMap(hashMap);
    }

    @Override // org.jmrtd.l
    public synchronized CardFileInputStream a(short s2, int i) throws CardServiceException {
        CardFileInputStream cardFileInputStream;
        CardFileInputStream cardFileInputStream2;
        if (this.k) {
            synchronized (this.i) {
                this.i.selectFile(s2);
                cardFileInputStream = new CardFileInputStream(i, this.i);
            }
            return cardFileInputStream;
        }
        synchronized (this.h) {
            this.h.selectFile(s2);
            cardFileInputStream2 = new CardFileInputStream(i, this.h);
        }
        return cardFileInputStream2;
    }

    @Override // net.sf.scuba.smartcards.CardService
    public void addAPDUListener(APDUListener aPDUListener) {
        this.c.addAPDUListener(aPDUListener);
    }

    @Override // org.jmrtd.g
    public org.jmrtd.protocol.c b(PublicKey publicKey, String str, String str2, byte[] bArr) throws CardServiceException {
        return new org.jmrtd.protocol.b(this.o, h()).a(publicKey, str, str2, bArr);
    }

    @Override // org.jmrtd.g
    public BACResult c(AccessKeySpec accessKeySpec) throws CardServiceException {
        l(accessKeySpec);
        this.i.g(this.a);
        return new BACResult(this.a);
    }

    @Override // net.sf.scuba.smartcards.CardService
    public void close() {
        this.a = null;
        CardService cardService = this.c;
        if (cardService != null) {
            cardService.close();
        }
    }

    @Override // org.jmrtd.g
    public synchronized EACCAResult d(BigInteger bigInteger, String str, String str2, PublicKey publicKey) throws CardServiceException {
        EACCAResult b;
        b = new i(this.n, h(), this.f, this.j).b(bigInteger, str, str2, publicKey);
        w e = b.e();
        this.a = e;
        this.i.g(e);
        return b;
    }

    @Override // org.jmrtd.g
    public synchronized EACTAResult e(org.jmrtd.cert.b bVar, List<org.jmrtd.cert.c> list, PrivateKey privateKey, String str, EACCAResult eACCAResult, String str2) throws CardServiceException {
        return new org.jmrtd.protocol.k(this.p, h()).c(bVar, list, privateKey, str, eACCAResult, str2);
    }

    @Override // org.jmrtd.g
    public synchronized EACTAResult f(org.jmrtd.cert.b bVar, List<org.jmrtd.cert.c> list, PrivateKey privateKey, String str, EACCAResult eACCAResult, PACEResult pACEResult) throws CardServiceException {
        return new org.jmrtd.protocol.k(this.p, h()).d(bVar, list, privateKey, str, eACCAResult, pACEResult);
    }

    @Override // org.jmrtd.g
    public synchronized PACEResult g(AccessKeySpec accessKeySpec, String str, AlgorithmParameterSpec algorithmParameterSpec, BigInteger bigInteger) throws CardServiceException {
        PACEResult f;
        f = new t(this.m, this.a, 256, this.f, this.j).f(accessKeySpec, str, algorithmParameterSpec, bigInteger);
        w j = f.j();
        this.a = j;
        this.i.g(j);
        return f;
    }

    @Override // net.sf.scuba.smartcards.CardService
    public byte[] getATR() throws CardServiceException {
        return this.c.getATR();
    }

    @Override // org.jmrtd.g
    public w h() {
        w wVar = (w) this.i.c();
        if (wVar != null && wVar.j() > this.a.j()) {
            this.a = wVar;
        }
        return this.a;
    }

    @Override // org.jmrtd.g
    public void i(boolean z) throws CardServiceException {
        if (this.k) {
            r.info("Re-selecting eDL applet");
        }
        if (z) {
            this.q.b(this.a, t);
        } else {
            this.q.b(null, t);
        }
        this.k = true;
    }

    @Override // net.sf.scuba.smartcards.CardService
    public boolean isConnectionLost(Exception exc) {
        return this.c.isConnectionLost(exc);
    }

    @Override // net.sf.scuba.smartcards.CardService
    public boolean isOpen() {
        return this.c.isOpen();
    }

    @Override // org.jmrtd.g
    public void j() throws CardServiceException {
        this.q.a();
        this.a = null;
    }

    public synchronized void l(AccessKeySpec accessKeySpec) throws CardServiceException {
        if (!(accessKeySpec instanceof a)) {
            throw new IllegalArgumentException("Key needs to be of type BAPKey");
        }
        String a = ((a) accessKeySpec).a();
        try {
            byte[] bArr = new byte[16];
            System.arraycopy(MessageDigest.getInstance("SHA1").digest(a.substring(1, a.length() - 1).getBytes()), 0, bArr, 0, 16);
            try {
                SecretKey e = p.e(bArr, 1);
                SecretKey e2 = p.e(bArr, 2);
                byte[] m = m(this.a);
                byte[] bArr2 = new byte[8];
                this.b.nextBytes(bArr2);
                byte[] bArr3 = new byte[16];
                this.b.nextBytes(bArr3);
                byte[] bArr4 = new byte[16];
                System.arraycopy(n(bArr2, m, bArr3, e, e2), 16, bArr4, 0, 16);
                byte[] bArr5 = new byte[16];
                for (int i = 0; i < 16; i++) {
                    bArr5[i] = (byte) ((bArr3[i] & MessagePack.Code.EXT_TIMESTAMP) ^ (bArr4[i] & MessagePack.Code.EXT_TIMESTAMP));
                }
                this.a = new org.jmrtd.protocol.g(p.e(bArr5, 1), p.e(bArr5, 2), this.f, this.j, org.jmrtd.protocol.f.a(m, bArr2));
            } catch (GeneralSecurityException e3) {
                throw new CardServiceException("Unexpected security exception", e3);
            }
        } catch (NoSuchAlgorithmException e4) {
            throw new CardServiceException("Unexpected exception", e4);
        }
    }

    public synchronized byte[] m(w wVar) throws CardServiceException {
        return o(new CommandAPDU(0, -124, 0, 0, 8)).getData();
    }

    public synchronized byte[] n(byte[] bArr, byte[] bArr2, byte[] bArr3, SecretKey secretKey, SecretKey secretKey2) throws CardServiceException {
        byte[] doFinal;
        byte[] bArr4 = bArr2;
        synchronized (this) {
            if (bArr != null) {
                try {
                    if (bArr.length == 8) {
                        if (bArr3 == null || bArr3.length != 16) {
                            throw new IllegalArgumentException("kIFD wrong length");
                        }
                        if (secretKey == null) {
                            throw new IllegalArgumentException("Encryption key null");
                        }
                        if (secretKey2 == null) {
                            throw new IllegalArgumentException("Message authenticaiton key null");
                        }
                        if (bArr4 == null || bArr4.length != 8) {
                            bArr4 = new byte[8];
                        }
                        Cipher cipher = this.d;
                        IvParameterSpec ivParameterSpec = v;
                        cipher.init(1, secretKey, ivParameterSpec);
                        byte[] bArr5 = new byte[32];
                        System.arraycopy(bArr, 0, bArr5, 0, 8);
                        System.arraycopy(bArr4, 0, bArr5, 8, 8);
                        System.arraycopy(bArr3, 0, bArr5, 16, 16);
                        byte[] doFinal2 = this.d.doFinal(bArr5);
                        if (doFinal2.length != 32) {
                            throw new IllegalStateException("Cryptogram wrong length");
                        }
                        this.e.init(secretKey2);
                        byte[] doFinal3 = this.e.doFinal(p.J(doFinal2, 8));
                        if (doFinal3.length != 8) {
                            throw new IllegalStateException("MAC wrong length");
                        }
                        byte[] bArr6 = new byte[doFinal2.length + doFinal3.length];
                        System.arraycopy(doFinal2, 0, bArr6, 0, doFinal2.length);
                        System.arraycopy(doFinal3, 0, bArr6, doFinal2.length, doFinal3.length);
                        ResponseAPDU transmit = transmit(new CommandAPDU(0, -126, 0, 0, bArr6, 40));
                        byte[] bytes = transmit.getBytes();
                        if (bytes == null) {
                            throw new CardServiceException("Mutual authentication failed");
                        }
                        String shortToHexString = Hex.shortToHexString((short) transmit.getSW());
                        if (bytes.length == 2) {
                            throw new CardServiceException("Mutual authentication failed: error code:  " + shortToHexString);
                        }
                        if (bytes.length != 42) {
                            throw new CardServiceException("Mutual authentication failed: expected length: 42, actual length: " + bytes.length + ", error code: " + shortToHexString);
                        }
                        this.d.init(2, secretKey, ivParameterSpec);
                        doFinal = this.d.doFinal(bytes, 0, (bytes.length - 8) - 2);
                        if (doFinal.length != (bytes.length - 8) - 2) {
                            throw new IllegalStateException("Cryptogram wrong length " + doFinal.length);
                        }
                    }
                } catch (GeneralSecurityException e) {
                    throw new CardServiceException("Unexpected security exception", e);
                }
            }
            throw new IllegalArgumentException("rndIFD wrong length");
        }
        return doFinal;
    }

    public synchronized ResponseAPDU o(CommandAPDU commandAPDU) throws CardServiceException {
        ResponseAPDU transmit;
        w wVar = this.a;
        if (wVar != null) {
            commandAPDU = wVar.wrap(commandAPDU);
        }
        transmit = transmit(commandAPDU);
        w wVar2 = this.a;
        if (wVar2 != null) {
            transmit = wVar2.unwrap(transmit);
        }
        return transmit;
    }

    @Override // net.sf.scuba.smartcards.CardService
    public void open() throws CardServiceException {
        if (isOpen() || this.c.isOpen()) {
            return;
        }
        this.c.open();
    }

    @Override // net.sf.scuba.smartcards.CardService
    public void removeAPDUListener(APDUListener aPDUListener) {
        this.c.removeAPDUListener(aPDUListener);
    }

    @Override // net.sf.scuba.smartcards.CardService
    public synchronized ResponseAPDU transmit(CommandAPDU commandAPDU) throws CardServiceException {
        return this.c.transmit(commandAPDU);
    }
}
