package com.assaabloy.seos.access.internal.crypto;

import com.assaabloy.mobilekeys.common.tools.ArrayUtils;
import com.assaabloy.mobilekeys.common.tools.HexUtils;
import com.assaabloy.mobilekeys.shaded.bouncycastle.crypto.Digest;
import com.assaabloy.seos.access.apdu.ApduCommand;
import com.assaabloy.seos.access.crypto.EncryptionAlgorithm;
import com.assaabloy.seos.access.crypto.HashAlgorithm;
import com.assaabloy.seos.access.internal.crypto.SecureData;
import com.assaabloy.seos.access.internal.util.FluentOutputStream;
import java.nio.ByteBuffer;
import java.util.Arrays;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public final class SessionCryptoImpl extends SeosCryptoBase implements SessionCrypto {
    private static final int BYTES_IN_LONG = 8;
    private static final int SESSION_KEY_LENGTH = 16;
    private final boolean global;
    private byte[] sendSequenceCounter;
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) SessionCryptoImpl.class);
    private static final byte[] THREE_BYTES_ZERO = HexUtils.toBytes("000000");

    private SessionCryptoImpl(boolean z, EncryptionAlgorithm encryptionAlgorithm, byte[] bArr, byte[] bArr2, byte[] bArr3) {
        super(encryptionAlgorithm, bArr2, bArr, true, new byte[encryptionAlgorithm.blockSize()]);
        this.global = z;
        this.sendSequenceCounter = ArrayUtils.copy(bArr3);
    }

    static long bytesToLong(byte[] bArr) {
        return ByteBuffer.wrap(bArr).getLong();
    }

    private byte[] calculateCommandMac(byte[] bArr, byte[] bArr2) {
        incrementSendSequenceCounter();
        mac().update(this.sendSequenceCounter, 0, this.sendSequenceCounter.length);
        mac().updateWithPadding(bArr);
        return CryptoUtils.trimMacToSeosSize(calculateMac(bArr2));
    }

    static byte[] calculateInitialSendSequenceCounter(byte[] bArr, byte[] bArr2, int i) {
        return new FluentOutputStream().write(Arrays.copyOf(bArr2, i / 2)).write(Arrays.copyOf(bArr, i / 2)).toByteArray();
    }

    static byte[] calculateSessionKeyData(EncryptionAlgorithm encryptionAlgorithm, HashAlgorithm hashAlgorithm, AuthenticationResult authenticationResult) {
        byte b2 = 1;
        FluentOutputStream fluentOutputStream = new FluentOutputStream();
        while (fluentOutputStream.size() < encryptionAlgorithm.keySize() * 2) {
            byte b3 = (byte) (b2 + 1);
            byte[] byteArray = new FluentOutputStream().write(THREE_BYTES_ZERO).write(b2).write(Arrays.copyOf(authenticationResult.keyIfd(), encryptionAlgorithm.keySize() / 2)).write(Arrays.copyOf(authenticationResult.keyIcc(), encryptionAlgorithm.keySize() / 2)).write(encryptionAlgorithm.algorithmId()).write(encryptionAlgorithm.algorithmId()).write(authenticationResult.randomIcc()).write(authenticationResult.randomIfd()).toByteArray();
            Digest createDigest = createDigest(hashAlgorithm);
            createDigest.update(byteArray, 0, byteArray.length);
            byte[] bArr = new byte[createDigest.getDigestSize()];
            createDigest.doFinal(bArr, 0);
            fluentOutputStream.write(bArr);
            b2 = b3;
        }
        return fluentOutputStream.toByteArray();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SessionCryptoImpl createSessionEncryptionService(boolean z, EncryptionAlgorithm encryptionAlgorithm, HashAlgorithm hashAlgorithm, AuthenticationResult authenticationResult) {
        byte[] calculateSessionKeyData = calculateSessionKeyData(encryptionAlgorithm, hashAlgorithm, authenticationResult);
        return new SessionCryptoImpl(z, encryptionAlgorithm, Arrays.copyOfRange(calculateSessionKeyData, 16, 32), Arrays.copyOfRange(calculateSessionKeyData, 0, 16), calculateInitialSendSequenceCounter(authenticationResult.randomIfd(), authenticationResult.randomIcc(), encryptionAlgorithm.blockSize()));
    }

    static byte[] longToBytes(long j) {
        return ByteBuffer.allocate(8).putLong(j).array();
    }

    @Override // com.assaabloy.seos.access.internal.crypto.SessionCrypto
    public SecureData createSecureData(ApduCommand apduCommand, byte[] bArr, Byte b2) {
        SecureDataTag createTag = SecureDataTag.createTag(SecureData.Tags.CRYPTOGRAM, encrypt(bArr));
        SecureDataTag createTag2 = SecureDataTag.createTag(SecureData.Tags.LENGTH_EXPECTED);
        SecureDataTag secureDataTag = new SecureDataTag(SecureData.Tags.MAC, calculateCommandMac(apduCommand.getHeader(), new FluentOutputStream().write(createTag.toByteArray()).write(createTag2.toByteArray()).toByteArray()));
        LOGGER.debug("Securing apdu content {}, {}, {}", HexUtils.toHex(bArr), createTag, secureDataTag);
        return new SecureData(createTag, createTag2, secureDataTag);
    }

    byte[] getSendSequenceCounter() {
        return ArrayUtils.copy(this.sendSequenceCounter);
    }

    void incrementSendSequenceCounter() {
        int length = this.sendSequenceCounter.length - 8;
        byte[] longToBytes = longToBytes(bytesToLong(Arrays.copyOfRange(this.sendSequenceCounter, length, length + 8)) + 1);
        System.arraycopy(longToBytes, 0, this.sendSequenceCounter, length, longToBytes.length);
    }

    @Override // com.assaabloy.seos.access.internal.crypto.SessionCrypto
    public boolean isGlobalKeyReference() {
        return this.global;
    }

    void setSendSequenceCounter(byte[] bArr) {
        this.sendSequenceCounter = ArrayUtils.copy(bArr);
    }

    @Override // com.assaabloy.seos.access.internal.crypto.SessionCrypto
    public void verifyResponseMac(SecureData secureData) {
        incrementSendSequenceCounter();
        mac().update(this.sendSequenceCounter, 0, this.sendSequenceCounter.length);
        CryptoUtils.validateMac(CryptoUtils.trimMacToSeosSize(calculateMac(secureData.toByteArrayExcludeMac())), secureData.getDataTag(SecureData.Tags.MAC).getData());
    }
}
