package nl.innovalor.mrtd;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Collection;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;
import net.sf.scuba.smartcards.CardService;
import net.sf.scuba.smartcards.CardServiceException;
import net.sf.scuba.smartcards.CommandAPDU;
import net.sf.scuba.smartcards.ISO7816;
import net.sf.scuba.smartcards.ResponseAPDU;
import nl.innovalor.mrtd.ReaderConfig;
import org.bouncycastle.asn1.x509.DisplayText;

/* loaded from: classes2.dex */
public class c {
    public static final ReaderConfig.SymmetricCipherPreferredOrder d = ReaderConfig.SymmetricCipherPreferredOrder.PREFER_DESEDE_OVER_AES;
    public static final ReaderConfig.AgreementTypePreferredOrder e = ReaderConfig.AgreementTypePreferredOrder.PREFER_ECDH_OVER_DH;
    private static final Provider f = org.jmrtd.p.m();
    private static final Logger g = Logger.getLogger("nl.innovalor.reader");
    private final CardService a;
    private final org.jmrtd.c b;
    private final org.jmrtd.protocol.w c;

    /* loaded from: classes2.dex */
    public static class a {
        private final b a;
        private final PrivateKey b;

        public a(b bVar, PrivateKey privateKey) {
            this.a = bVar;
            this.b = privateKey;
        }

        public b a() {
            return this.a;
        }

        public PrivateKey b() {
            return this.b;
        }
    }

    public c(CardService cardService, org.jmrtd.c cVar, org.jmrtd.protocol.w wVar) {
        this.a = cardService;
        this.b = cVar;
        this.c = wVar;
    }

    private static String a(org.jmrtd.lds.k kVar, org.jmrtd.lds.l lVar) {
        String d2 = kVar == null ? null : kVar.d();
        if (d2 != null) {
            return d2;
        }
        String d3 = lVar.d();
        if (org.jmrtd.lds.t.d.equals(d3)) {
            return org.jmrtd.lds.t.f;
        }
        if (org.jmrtd.lds.t.c.equals(d3)) {
            return org.jmrtd.lds.t.e;
        }
        return null;
    }

    private static KeyPair b(String str, PublicKey publicKey) {
        AlgorithmParameterSpec e2 = e(str, publicKey);
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str, f);
            try {
                keyPairGenerator.initialize(e2);
                return keyPairGenerator.generateKeyPair();
            } catch (InvalidAlgorithmParameterException e3) {
                throw new IllegalStateException("Cannot initialize keypair generator with controlled parameters", e3);
            }
        } catch (NoSuchAlgorithmException e4) {
            throw new IllegalStateException("Cannot create create EC or DH keypair generator", e4);
        }
    }

    private static a c(String str, BigInteger bigInteger, String str2, PublicKey publicKey, KeyPair keyPair) {
        PrivateKey privateKey = keyPair.getPrivate();
        try {
            return new a(new b(bigInteger, str2, keyPair.getPublic(), org.jmrtd.protocol.i.f(str2, org.jmrtd.protocol.i.a(str, publicKey, privateKey), 256, true).wrap(new CommandAPDU(0, 176, ISO7816.TAG_SM_CRYPTOGRAPHIC_CHECKSUM, 0, DisplayText.DISPLAY_TEXT_MAXIMUM_SIZE))), privateKey);
        } catch (GeneralSecurityException e2) {
            g.log(Level.WARNING, "Exception", (Throwable) e2);
            return null;
        }
    }

    private static org.jmrtd.lds.l d(org.jmrtd.lds.k kVar, Collection<org.jmrtd.lds.t> collection, ReaderConfig.AgreementTypePreferredOrder agreementTypePreferredOrder) {
        return kVar != null ? v.g(kVar.g(), collection) : v.k(collection, agreementTypePreferredOrder);
    }

    private static AlgorithmParameterSpec e(String str, PublicKey publicKey) {
        if ("DH".equals(str)) {
            return ((DHPublicKey) publicKey).getParams();
        }
        if ("ECDH".equals(str)) {
            return ((ECPublicKey) publicKey).getParams();
        }
        return null;
    }

    public static a h(Collection<org.jmrtd.lds.t> collection, ReaderConfig.SymmetricCipherPreferredOrder symmetricCipherPreferredOrder, ReaderConfig.AgreementTypePreferredOrder agreementTypePreferredOrder) {
        return i(collection, symmetricCipherPreferredOrder, agreementTypePreferredOrder, null);
    }

    public static a i(Collection<org.jmrtd.lds.t> collection, ReaderConfig.SymmetricCipherPreferredOrder symmetricCipherPreferredOrder, ReaderConfig.AgreementTypePreferredOrder agreementTypePreferredOrder, byte[] bArr) {
        PublicKey h;
        org.jmrtd.lds.k j = v.j(collection, symmetricCipherPreferredOrder, agreementTypePreferredOrder);
        org.jmrtd.lds.l d2 = d(j, collection, agreementTypePreferredOrder);
        if (d2 == null || (h = d2.h()) == null) {
            return null;
        }
        String a2 = a(j, d2);
        String i = org.jmrtd.lds.k.i(a2);
        if (i == null) {
            throw new IllegalArgumentException("Unknown agreement algorithm");
        }
        if (!"ECDH".equals(i) && !"DH".equals(i)) {
            throw new IllegalArgumentException("Unsupported agreement algorithm, expected ECDH or DH, found " + i);
        }
        if (bArr == null) {
            return c(i, d2.g(), a2, h, b(i, h));
        }
        try {
            PrivateKey generatePrivate = KeyFactory.getInstance(i, f).generatePrivate(new PKCS8EncodedKeySpec(bArr));
            return c(i, d2.g(), a2, h, new KeyPair(j(i, generatePrivate), generatePrivate));
        } catch (GeneralSecurityException unused) {
            throw new IllegalArgumentException("Could not decode private key");
        }
    }

    public static PublicKey j(String str, PrivateKey privateKey) throws GeneralSecurityException {
        KeyFactory keyFactory = KeyFactory.getInstance(str, f);
        if ("DH".equals(str)) {
            DHPrivateKey dHPrivateKey = (DHPrivateKey) privateKey;
            DHParameterSpec params = dHPrivateKey.getParams();
            return keyFactory.generatePublic(new DHPublicKeySpec(params.getG().modPow(dHPrivateKey.getX(), params.getP()), params.getP(), params.getG()));
        }
        if (!"ECDH".equals(str)) {
            throw new IllegalArgumentException("Unsupported agreement algorithm");
        }
        ECPrivateKey eCPrivateKey = (ECPrivateKey) privateKey;
        ECParameterSpec params2 = eCPrivateKey.getParams();
        return keyFactory.generatePublic(new ECPublicKeySpec(org.jmrtd.p.E(eCPrivateKey.getS(), eCPrivateKey.getParams().getGenerator(), params2), params2));
    }

    public ResponseAPDU f(BigInteger bigInteger, String str, PublicKey publicKey, CommandAPDU commandAPDU) throws CardServiceException {
        org.jmrtd.protocol.i.h(this.b, this.c, str, bigInteger, publicKey);
        return this.a.transmit(commandAPDU);
    }

    public ResponseAPDU g(b bVar) throws CardServiceException {
        return f(bVar.c(), bVar.d(), bVar.b(), bVar.a());
    }
}
