package com.util.jm;

import com.util.jm.c.an;
import java.io.Serializable;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.ECPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.ECParameterSpec;
import java.text.SimpleDateFormat;
import java.util.Arrays;
import java.util.Random;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import kotlin.text.Typography;
import net.sf.scuba.smartcards.ISOFileInfo;

/* loaded from: classes2.dex */
public final class i extends h implements Serializable {
    private static final Logger LOGGER = Logger.getLogger("YZWL_CARD_DRIVER");
    public static final SimpleDateFormat aQ = new SimpleDateFormat("yyMMdd");
    private static final Provider aW = e.getBouncyCastleProvider();
    private final int bl;
    public int bm;
    protected j bn;
    private f bo;
    protected Random random;
    private int state;

    /* renamed from: com.util.jm.i$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] bq = new int[an.a.E().length];

        static {
            try {
                bq[an.a.eL - 1] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                bq[an.a.eM - 1] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    public i(com.util.smart.e eVar) {
        this(eVar, 224);
    }

    private i(com.util.smart.e eVar, int i2) {
        super(eVar);
        this.bl = 24375;
        this.bm = 224;
        this.random = new SecureRandom();
        this.bo = new f(this);
        this.state = 0;
        LOGGER.info("DEBUG: isExtendedAPDULengthSupported: " + isExtendedAPDULengthSupported());
    }

    private synchronized void a(SecretKey secretKey, SecretKey secretKey2) {
        byte[] m2 = m();
        byte[] bArr = new byte[8];
        this.random.nextBytes(bArr);
        byte[] bArr2 = new byte[16];
        this.random.nextBytes(bArr2);
        byte[] a2 = a(bArr, m2, bArr2, secretKey, secretKey2);
        byte[] bArr3 = new byte[16];
        System.arraycopy(a2, 16, bArr3, 0, 16);
        byte[] bArr4 = new byte[16];
        for (int i2 = 0; i2 < 16; i2++) {
            bArr4[i2] = (byte) ((bArr2[i2] & 255) ^ (bArr3[i2] & 255));
        }
        this.bn = new d(k.b(bArr4, 1), k.b(bArr4, 2), k.b(m2, bArr));
        this.state = 2;
    }

    private static String e(String str) {
        String replace = str.replace(Typography.less, ' ').trim().replace(' ', Typography.less);
        while (replace.length() < 9) {
            replace = replace + "<";
        }
        return replace;
    }

    public final synchronized void a(c cVar) {
        try {
            String f2 = cVar.f();
            String g2 = cVar.g();
            String h2 = cVar.h();
            if (g2 == null || g2.length() != 6) {
                throw new IllegalArgumentException("Wrong date format used for date of birth. Expected yyMMdd, found " + g2);
            }
            if (h2 == null || h2.length() != 6) {
                throw new IllegalArgumentException("Wrong date format used for date of expiry. Expected yyMMdd, found " + h2);
            }
            if (f2 == null) {
                throw new IllegalArgumentException("Wrong document number. Found " + f2);
            }
            byte[] a2 = k.a(e(f2), g2, h2);
            try {
                a(k.b(a2, 1), k.b(a2, 2));
            } catch (com.util.smart.f e2) {
                LOGGER.warning("BAC failed");
                throw e2;
            }
        } catch (GeneralSecurityException e3) {
            throw new com.util.smart.f(e3.toString());
        }
    }

    public final synchronized void a(c cVar, String str, AlgorithmParameterSpec algorithmParameterSpec) {
        byte[] a2;
        int k2 = an.k(str);
        String l2 = an.l(str);
        String m2 = an.m(str);
        an.n(str);
        int o = an.o(str);
        if (!"ECDH".equals(l2) && !"DH".equals(l2)) {
            throw new IllegalArgumentException("Unsupported agreement algorithm, expected ECDH or DH, found " + l2);
        }
        if ("ECDH".equals(l2)) {
            if (!(algorithmParameterSpec instanceof ECParameterSpec)) {
                throw new IllegalArgumentException("Expected ECParameterSpec for agreement algorithm " + l2);
            }
        } else if ("DH".equals(l2) && !(algorithmParameterSpec instanceof DHParameterSpec)) {
            throw new IllegalArgumentException("Expected DHParameterSpec for agreement algorithm " + l2);
        }
        try {
            String f2 = cVar.f();
            String g2 = cVar.g();
            String h2 = cVar.h();
            if (g2 == null || g2.length() != 6) {
                throw new IllegalArgumentException("Wrong date format used for date of birth. Expected yyMMdd, found " + g2);
            }
            if (h2 == null || h2.length() != 6) {
                throw new IllegalArgumentException("Wrong date format used for date of expiry. Expected yyMMdd, found " + h2);
            }
            if (f2 == null) {
                throw new IllegalArgumentException("Wrong document number. Found " + f2);
            }
            SecretKey a3 = k.a(k.b(e(f2), g2, h2), m2, o, 3);
            Cipher cipher = Cipher.getInstance(m2 + "/CBC/NoPadding");
            try {
                AlgorithmParameterSpec algorithmParameterSpec2 = null;
                a(this.bn, str, 1, (byte[]) null);
                try {
                    try {
                        byte[] b2 = k.b(Byte.MIN_VALUE, a((com.util.smart.c) this.bn, new byte[0], false));
                        cipher.init(2, a3, new IvParameterSpec(new byte[b2.length]));
                        byte[] doFinal = cipher.doFinal(b2);
                        try {
                            try {
                                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(l2, aW);
                                keyPairGenerator.initialize(algorithmParameterSpec);
                                KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                                PublicKey publicKey = generateKeyPair.getPublic();
                                PrivateKey privateKey = generateKeyPair.getPrivate();
                                KeyAgreement keyAgreement = KeyAgreement.getInstance(l2);
                                keyAgreement.init(privateKey);
                                int i2 = k2 - 1;
                                switch (AnonymousClass1.bq[i2]) {
                                    case 1:
                                        a2 = k.a(publicKey);
                                        break;
                                    case 2:
                                        throw new IllegalStateException("IM not yet implemented");
                                    default:
                                        a2 = null;
                                        break;
                                }
                                byte[] a4 = a((com.util.smart.c) this.bn, k.a((byte) -127, a2), false);
                                switch (AnonymousClass1.bq[i2]) {
                                    case 1:
                                        try {
                                            keyAgreement.doPhase(k.a(k.b((byte) -126, a4), algorithmParameterSpec), true);
                                            algorithmParameterSpec2 = k.a(doFinal, keyAgreement.generateSecret(), algorithmParameterSpec);
                                            break;
                                        } catch (GeneralSecurityException e2) {
                                            LOGGER.severe("Exception: " + e2.getMessage());
                                            throw new g("Error during mapping" + e2.getMessage());
                                        }
                                    case 2:
                                        throw new IllegalStateException("DEBUG: IM not yet implemented");
                                }
                                try {
                                    try {
                                        KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance(l2, aW);
                                        keyPairGenerator2.initialize(algorithmParameterSpec2);
                                        KeyPair generateKeyPair2 = keyPairGenerator2.generateKeyPair();
                                        PublicKey publicKey2 = generateKeyPair2.getPublic();
                                        PrivateKey privateKey2 = generateKeyPair2.getPrivate();
                                        KeyAgreement keyAgreement2 = KeyAgreement.getInstance(l2, aW);
                                        keyAgreement2.init(privateKey2);
                                        PublicKey a5 = k.a(k.b((byte) -124, a((com.util.smart.c) this.bn, k.a(ISOFileInfo.FILE_IDENTIFIER, k.a(publicKey2)), false)), algorithmParameterSpec2);
                                        ((ECPublicKey) a5).getW();
                                        k.a(algorithmParameterSpec2);
                                        if (publicKey2.equals(a5)) {
                                            throw new g("PCD's public key and PICC's public key are the same in key agreement step!");
                                        }
                                        keyAgreement2.doPhase(a5, true);
                                        byte[] generateSecret = keyAgreement2.generateSecret();
                                        try {
                                            SecretKey a6 = k.a(generateSecret, m2, o, 1);
                                            SecretKey a7 = k.a(generateSecret, m2, o, 2);
                                            try {
                                                try {
                                                    LOGGER.info("DEBUG: macKey = (" + a7.getEncoded().length + ") " + com.util.c.a.d(a7.getEncoded(), 1000));
                                                    if (!Arrays.equals(k.a(str, a7, publicKey2), k.b((byte) -122, a((com.util.smart.c) this.bn, k.a(ISOFileInfo.PROP_INFO, k.a(str, a7, a5)), true)))) {
                                                        throw new GeneralSecurityException("PICC authentication token mismatch");
                                                    }
                                                    try {
                                                        if (m2.startsWith(cn.eid.mobile.opensdk.core.stdeid.common.i.a.f1289a)) {
                                                            this.bn = new d(a6, a7);
                                                        } else if (m2.startsWith("AES")) {
                                                            this.bn = new a(a6, a7, this.bn == null ? 0L : this.bn.e());
                                                        }
                                                        LOGGER.info("DEBUG: Starting secure messaging based on PACE");
                                                    } catch (GeneralSecurityException e3) {
                                                        LOGGER.severe("Exception: " + e3.getMessage());
                                                        throw new IllegalStateException("Security exception in secure messaging establishment: " + e3.getMessage());
                                                    }
                                                } catch (GeneralSecurityException e4) {
                                                    throw new g("PCD side exception in authentication token generation step: " + e4.getMessage());
                                                }
                                            } catch (com.util.smart.f e5) {
                                                throw new g("PICC side exception in authentication token generation step", e5.fn);
                                            }
                                        } catch (GeneralSecurityException e6) {
                                            LOGGER.severe("Exception: " + e6.getMessage());
                                            throw new g("Security exception during secure messaging key derivation: " + e6.getMessage());
                                        }
                                    } catch (GeneralSecurityException e7) {
                                        throw new g("PCD side exception in key agreement step: " + e7.getMessage());
                                    }
                                } catch (com.util.smart.f e8) {
                                    throw new g("PICC side exception in key agreement step", e8.fn);
                                } catch (IllegalStateException e9) {
                                    throw new g("PCD side exception in key agreement step: " + e9.getMessage());
                                }
                            } catch (com.util.smart.f e10) {
                                throw new g("PICC side exception in mapping nonce step", e10.fn);
                            }
                        } catch (GeneralSecurityException e11) {
                            throw new g("PCD side error in mapping nonce step: " + e11.getMessage());
                        }
                    } catch (GeneralSecurityException e12) {
                        LOGGER.severe("Exception: " + e12.getMessage());
                        throw new g("PCD side exception in tranceiving nonce step: " + e12.getMessage());
                    }
                } catch (com.util.smart.f e13) {
                    throw new g("PICC side exception in tranceiving nonce step", e13.fn);
                }
            } catch (com.util.smart.f e14) {
                throw new g("PICC side error in static PACE key derivation step", e14.fn);
            }
        } catch (GeneralSecurityException unused) {
            throw new g("PCD side error in static PACE key derivation step");
        }
    }

    public final void a(boolean z) {
        if (!z) {
            a((com.util.smart.c) null, bg);
            return;
        }
        LOGGER.info("DEBUG: wrapper = " + this.bn);
        a(this.bn, bg);
    }

    public final synchronized byte[] a(int i2, int i3, boolean z) {
        return a(this.bn, i2, i3, z);
    }

    @Override // com.util.jm.h
    public final synchronized void b(short s) {
        a(this.bn, s);
    }

    public final synchronized com.util.smart.d c(short s) {
        com.util.smart.d dVar;
        synchronized (this.bo) {
            this.bo.a(s);
            dVar = new com.util.smart.d(this.bm, this.bo);
        }
        return dVar;
    }

    @Override // com.util.jm.h, com.util.smart.e
    public final void close() {
        try {
            this.bn = null;
            super.close();
        } finally {
            this.state = 0;
        }
    }

    @Override // com.util.jm.h, com.util.smart.e
    public final boolean isOpen() {
        return this.state != 0;
    }

    @Override // com.util.jm.h, com.util.smart.e
    public final void open() {
        if (isOpen()) {
            return;
        }
        synchronized (this) {
            super.open();
            this.state = 1;
        }
    }
}
