package org.jmrtd;

import com.tencent.android.tpush.common.Constants;
import java.io.Serializable;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.ECPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.ECParameterSpec;
import java.text.SimpleDateFormat;
import java.util.Arrays;
import java.util.Random;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import org.jmrtd.c.an;

/* loaded from: classes2.dex */
public final class j extends i implements Serializable {
    private static final Logger LOGGER = Logger.getLogger("org.jmrtd");
    public static final SimpleDateFormat iJ = new SimpleDateFormat("yyMMdd");
    private static final Provider iP = f.getBouncyCastleProvider();
    private final int jd;
    public int je;
    protected k jf;
    protected Random jg;
    private g jh;
    private int state;

    /* renamed from: org.jmrtd.j$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] ji = new int[an.a.aw().length];

        static {
            try {
                ji[an.a.mx - 1] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                ji[an.a.my - 1] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    public j(net.sf.scuba.smartcards.e eVar) {
        this(eVar, 224);
    }

    private j(net.sf.scuba.smartcards.e eVar, int i) {
        super(eVar);
        this.jd = 24375;
        this.je = 224;
        this.jg = new SecureRandom();
        this.jh = new g(this);
        this.state = 0;
        LOGGER.info("DEBUG: isExtendedAPDULengthSupported: " + isExtendedAPDULengthSupported());
    }

    private synchronized void a(SecretKey secretKey, SecretKey secretKey2) {
        byte[] af = af();
        byte[] bArr = new byte[8];
        this.jg.nextBytes(bArr);
        byte[] bArr2 = new byte[16];
        this.jg.nextBytes(bArr2);
        byte[] bArr3 = new byte[16];
        System.arraycopy(a(bArr, af, bArr2, secretKey, secretKey2), 16, bArr3, 0, 16);
        byte[] bArr4 = new byte[16];
        for (int i = 0; i < 16; i++) {
            bArr4[i] = (byte) ((bArr2[i] & Constants.NETWORK_TYPE_UNCONNECTED) ^ (bArr3[i] & Constants.NETWORK_TYPE_UNCONNECTED));
        }
        this.jf = new e(l.d(bArr4, 1), l.d(bArr4, 2), l.f(af, bArr));
        this.state = 2;
    }

    private static String j(String str) {
        String replace = str.replace('<', ' ').trim().replace(' ', '<');
        while (replace.length() < 9) {
            replace = replace + "<";
        }
        return replace;
    }

    public final synchronized void a(d dVar) {
        try {
            String ab = dVar.ab();
            String ac = dVar.ac();
            String ad = dVar.ad();
            if (ac == null || ac.length() != 6) {
                throw new IllegalArgumentException("Wrong date format used for date of birth. Expected yyMMdd, found " + ac);
            }
            if (ad == null || ad.length() != 6) {
                throw new IllegalArgumentException("Wrong date format used for date of expiry. Expected yyMMdd, found " + ad);
            }
            if (ab == null) {
                throw new IllegalArgumentException("Wrong document number. Found " + ab);
            }
            byte[] a2 = l.a(j(ab), ac, ad);
            try {
                a(l.d(a2, 1), l.d(a2, 2));
            } catch (net.sf.scuba.smartcards.f e) {
                LOGGER.warning("BAC failed");
                throw e;
            }
        } catch (GeneralSecurityException e2) {
            throw new net.sf.scuba.smartcards.f(e2.toString());
        }
    }

    public final synchronized void a(d dVar, String str, AlgorithmParameterSpec algorithmParameterSpec) {
        byte[] a2;
        AlgorithmParameterSpec a3;
        int p = an.p(str);
        String q = an.q(str);
        String r = an.r(str);
        an.s(str);
        int t = an.t(str);
        if (!"ECDH".equals(q) && !"DH".equals(q)) {
            throw new IllegalArgumentException("Unsupported agreement algorithm, expected ECDH or DH, found " + q);
        }
        if ("ECDH".equals(q)) {
            if (!(algorithmParameterSpec instanceof ECParameterSpec)) {
                throw new IllegalArgumentException("Expected ECParameterSpec for agreement algorithm " + q);
            }
        } else if ("DH".equals(q) && !(algorithmParameterSpec instanceof DHParameterSpec)) {
            throw new IllegalArgumentException("Expected DHParameterSpec for agreement algorithm " + q);
        }
        try {
            String ab = dVar.ab();
            String ac = dVar.ac();
            String ad = dVar.ad();
            if (ac == null || ac.length() != 6) {
                throw new IllegalArgumentException("Wrong date format used for date of birth. Expected yyMMdd, found " + ac);
            }
            if (ad == null || ad.length() != 6) {
                throw new IllegalArgumentException("Wrong date format used for date of expiry. Expected yyMMdd, found " + ad);
            }
            if (ab == null) {
                throw new IllegalArgumentException("Wrong document number. Found " + ab);
            }
            SecretKey a4 = l.a(l.b(j(ab), ac, ad), r, t, 3);
            Cipher cipher = Cipher.getInstance(r + "/CBC/NoPadding");
            try {
                a(this.jf, str, 1, (byte[]) null);
                try {
                    byte[] b = l.b(Byte.MIN_VALUE, a((net.sf.scuba.smartcards.c) this.jf, new byte[0], false));
                    cipher.init(2, a4, new IvParameterSpec(new byte[b.length]));
                    byte[] doFinal = cipher.doFinal(b);
                    try {
                        try {
                            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(q, iP);
                            keyPairGenerator.initialize(algorithmParameterSpec);
                            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                            PublicKey publicKey = generateKeyPair.getPublic();
                            PrivateKey privateKey = generateKeyPair.getPrivate();
                            KeyAgreement keyAgreement = KeyAgreement.getInstance(q);
                            keyAgreement.init(privateKey);
                            switch (AnonymousClass1.ji[p - 1]) {
                                case 1:
                                    a2 = l.a(publicKey);
                                    break;
                                case 2:
                                    throw new IllegalStateException("IM not yet implemented");
                                default:
                                    a2 = null;
                                    break;
                            }
                            byte[] a5 = a((net.sf.scuba.smartcards.c) this.jf, l.a((byte) -127, a2), false);
                            switch (AnonymousClass1.ji[p - 1]) {
                                case 1:
                                    try {
                                        keyAgreement.doPhase(l.a(l.b((byte) -126, a5), algorithmParameterSpec), true);
                                        a3 = l.a(doFinal, keyAgreement.generateSecret(), algorithmParameterSpec);
                                        break;
                                    } catch (GeneralSecurityException e) {
                                        LOGGER.severe("Exception: " + e.getMessage());
                                        throw new h("Error during mapping" + e.getMessage());
                                    }
                                case 2:
                                    throw new IllegalStateException("DEBUG: IM not yet implemented");
                                default:
                                    a3 = null;
                                    break;
                            }
                            try {
                                KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance(q, iP);
                                keyPairGenerator2.initialize(a3);
                                KeyPair generateKeyPair2 = keyPairGenerator2.generateKeyPair();
                                PublicKey publicKey2 = generateKeyPair2.getPublic();
                                PrivateKey privateKey2 = generateKeyPair2.getPrivate();
                                KeyAgreement keyAgreement2 = KeyAgreement.getInstance(q, iP);
                                keyAgreement2.init(privateKey2);
                                PublicKey a6 = l.a(l.b((byte) -124, a((net.sf.scuba.smartcards.c) this.jf, l.a((byte) -125, l.a(publicKey2)), false)), a3);
                                ((ECPublicKey) a6).getW();
                                l.a(a3);
                                if (publicKey2.equals(a6)) {
                                    throw new h("PCD's public key and PICC's public key are the same in key agreement step!");
                                }
                                keyAgreement2.doPhase(a6, true);
                                byte[] generateSecret = keyAgreement2.generateSecret();
                                try {
                                    SecretKey a7 = l.a(generateSecret, r, t, 1);
                                    SecretKey a8 = l.a(generateSecret, r, t, 2);
                                    try {
                                        LOGGER.info("DEBUG: macKey = (" + a8.getEncoded().length + ") " + net.sf.scuba.c.a.r(a8.getEncoded()));
                                        if (!Arrays.equals(l.a(str, a8, publicKey2), l.b((byte) -122, a((net.sf.scuba.smartcards.c) this.jf, l.a((byte) -123, l.a(str, a8, a6)), true)))) {
                                            throw new GeneralSecurityException("PICC authentication token mismatch");
                                        }
                                        try {
                                            if (r.startsWith("DESede")) {
                                                this.jf = new e(a7, a8);
                                            } else if (r.startsWith("AES")) {
                                                this.jf = new a(a7, a8, this.jf == null ? 0L : this.jf.aa());
                                            }
                                            LOGGER.info("DEBUG: Starting secure messaging based on PACE");
                                        } catch (GeneralSecurityException e2) {
                                            LOGGER.severe("Exception: " + e2.getMessage());
                                            throw new IllegalStateException("Security exception in secure messaging establishment: " + e2.getMessage());
                                        }
                                    } catch (GeneralSecurityException e3) {
                                        throw new h("PCD side exception in authentication token generation step: " + e3.getMessage());
                                    } catch (net.sf.scuba.smartcards.f e4) {
                                        throw new h("PICC side exception in authentication token generation step", e4.f2if);
                                    }
                                } catch (GeneralSecurityException e5) {
                                    LOGGER.severe("Exception: " + e5.getMessage());
                                    throw new h("Security exception during secure messaging key derivation: " + e5.getMessage());
                                }
                            } catch (IllegalStateException e6) {
                                throw new h("PCD side exception in key agreement step: " + e6.getMessage());
                            } catch (GeneralSecurityException e7) {
                                throw new h("PCD side exception in key agreement step: " + e7.getMessage());
                            } catch (net.sf.scuba.smartcards.f e8) {
                                throw new h("PICC side exception in key agreement step", e8.f2if);
                            }
                        } catch (GeneralSecurityException e9) {
                            throw new h("PCD side error in mapping nonce step: " + e9.getMessage());
                        }
                    } catch (net.sf.scuba.smartcards.f e10) {
                        throw new h("PICC side exception in mapping nonce step", e10.f2if);
                    }
                } catch (GeneralSecurityException e11) {
                    LOGGER.severe("Exception: " + e11.getMessage());
                    throw new h("PCD side exception in tranceiving nonce step: " + e11.getMessage());
                } catch (net.sf.scuba.smartcards.f e12) {
                    throw new h("PICC side exception in tranceiving nonce step", e12.f2if);
                }
            } catch (net.sf.scuba.smartcards.f e13) {
                throw new h("PICC side error in static PACE key derivation step", e13.f2if);
            }
        } catch (GeneralSecurityException e14) {
            throw new h("PCD side error in static PACE key derivation step");
        }
    }

    public final synchronized byte[] a(int i, int i2, boolean z) {
        return a(this.jf, i, i2, z);
    }

    @Override // org.jmrtd.i
    public final synchronized void b(short s) {
        a(this.jf, s);
    }

    public final synchronized net.sf.scuba.smartcards.d c(short s) {
        net.sf.scuba.smartcards.d dVar;
        synchronized (this.jh) {
            this.jh.a(s);
            dVar = new net.sf.scuba.smartcards.d(this.je, this.jh);
        }
        return dVar;
    }

    public final void c(boolean z) {
        if (!z) {
            a((net.sf.scuba.smartcards.c) null, iY);
        } else {
            LOGGER.info("DEBUG: wrapper = " + this.jf);
            a(this.jf, iY);
        }
    }

    @Override // org.jmrtd.i, net.sf.scuba.smartcards.e
    public final void close() {
        try {
            this.jf = null;
            super.close();
        } finally {
            this.state = 0;
        }
    }

    @Override // org.jmrtd.i, net.sf.scuba.smartcards.e
    public final boolean isOpen() {
        return this.state != 0;
    }

    @Override // org.jmrtd.i, net.sf.scuba.smartcards.e
    public final void open() {
        if (isOpen()) {
            return;
        }
        synchronized (this) {
            super.open();
            this.state = 1;
        }
    }
}
