package nl.innovalor.euedl.service;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.KeySpec;
import java.util.Random;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import net.sf.scuba.smartcards.APDUListener;
import net.sf.scuba.smartcards.CardFileInputStream;
import net.sf.scuba.smartcards.CardService;
import net.sf.scuba.smartcards.CardServiceException;
import net.sf.scuba.smartcards.CommandAPDU;
import net.sf.scuba.smartcards.FileInfo;
import net.sf.scuba.smartcards.FileSystemStructured;
import net.sf.scuba.smartcards.ISO7816;
import net.sf.scuba.smartcards.ISOFileInfo;
import net.sf.scuba.smartcards.ResponseAPDU;
import net.sf.scuba.tlv.TLVInputStream;
import net.sf.scuba.util.Hex;
import nl.innovalor.euedl.lds.DrivingLicenseFile;
import org.spongycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes.dex */
public class DrivingLicenseService extends CardService {
    static final /* synthetic */ boolean $assertionsDisabled;
    private static final byte[] APPLET_AID;
    private static final int BAP_AUTHENTICATED_STATE = 2;
    private static final Provider BC_PROVIDER;
    public static final short EF_COM = 30;
    public static final short EF_DG1 = 1;
    public static final short EF_DG10 = 10;
    public static final short EF_DG11 = 11;
    public static final short EF_DG12 = 12;
    public static final short EF_DG13 = 13;
    public static final short EF_DG14 = 14;
    public static final short EF_DG2 = 2;
    public static final short EF_DG3 = 3;
    public static final short EF_DG4 = 4;
    public static final short EF_DG5 = 5;
    public static final short EF_DG6 = 6;
    public static final short EF_DG7 = 7;
    public static final short EF_DG8 = 8;
    public static final short EF_DG9 = 9;
    public static final short EF_SOD = 29;
    private static final Logger LOGGER;
    private static final int SESSION_STARTED_STATE = 1;
    private static final int SESSION_STOPPED_STATE = 0;
    public static final byte SF_COM = 30;
    public static final byte SF_DG1 = 1;
    public static final byte SF_DG10 = 10;
    public static final byte SF_DG11 = 11;
    public static final byte SF_DG12 = 12;
    public static final byte SF_DG13 = 13;
    public static final byte SF_DG14 = 14;
    public static final byte SF_DG2 = 2;
    public static final byte SF_DG3 = 3;
    public static final byte SF_DG4 = 4;
    public static final byte SF_DG5 = 5;
    public static final byte SF_DG6 = 6;
    public static final byte SF_DG7 = 7;
    public static final byte SF_DG8 = 8;
    public static final byte SF_DG9 = 9;
    public static final byte SF_SOD = 29;
    private static final IvParameterSpec ZERO_IV_PARAM_SPEC;
    public static int maxBlockSize = 0;
    private static final long serialVersionUID = 1251224366317059401L;
    private Cipher cipher;
    private DrivingLicenseFileSystem fs;
    private Mac mac;
    private Random random;
    private CardService service;
    private int state = 0;
    private SecureMessagingWrapper wrapper;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class DrivingLicenseFileInfo extends FileInfo {
        private short fid;
        private int length;

        public DrivingLicenseFileInfo(short s, int i) {
            this.fid = s;
            this.length = i;
        }

        @Override // net.sf.scuba.smartcards.FileInfo
        public short getFID() {
            return this.fid;
        }

        @Override // net.sf.scuba.smartcards.FileInfo
        public int getFileLength() {
            return this.length;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class DrivingLicenseFileSystem implements FileSystemStructured {
        private DrivingLicenseFileInfo selectedFile;

        private DrivingLicenseFileSystem() {
        }

        public synchronized int getFileLength() throws CardServiceException {
            byte[] readBinary;
            ByteArrayInputStream byteArrayInputStream;
            int readLength;
            try {
                readBinary = readBinary(0, 8);
                byteArrayInputStream = new ByteArrayInputStream(readBinary);
                TLVInputStream tLVInputStream = new TLVInputStream(byteArrayInputStream);
                tLVInputStream.readTag();
                readLength = tLVInputStream.readLength();
                tLVInputStream.close();
            } catch (IOException e) {
                throw new CardServiceException(e.toString());
            }
            return (readBinary.length - byteArrayInputStream.available()) + readLength;
        }

        @Override // net.sf.scuba.smartcards.FileSystemStructured
        public FileInfo[] getSelectedPath() {
            return new DrivingLicenseFileInfo[]{this.selectedFile};
        }

        @Override // net.sf.scuba.smartcards.FileSystemStructured
        public synchronized byte[] readBinary(int i, int i2) throws CardServiceException {
            return DrivingLicenseService.this.sendReadBinary((short) i, i2);
        }

        @Override // net.sf.scuba.smartcards.FileSystemStructured
        public synchronized void selectFile(short s) throws CardServiceException {
            if (this.selectedFile == null || this.selectedFile.getFID() != s) {
                DrivingLicenseService.this.trySelectFile(s);
                this.selectedFile = new DrivingLicenseFileInfo(s, getFileLength());
            }
        }
    }

    static {
        $assertionsDisabled = !DrivingLicenseService.class.desiredAssertionStatus();
        LOGGER = Logger.getLogger("nl.innovalor");
        APPLET_AID = new byte[]{ISOFileInfo.A0, 0, 0, 4, 86, 69, ISO7816.INS_REHABILITATE_CHV, 76, 45, ISO7816.INS_DECREASE, 49};
        maxBlockSize = 223;
        ZERO_IV_PARAM_SPEC = new IvParameterSpec(new byte[8]);
        BC_PROVIDER = new BouncyCastleProvider();
    }

    public DrivingLicenseService(CardService cardService) throws CardServiceException {
        this.service = cardService;
        try {
            this.cipher = Cipher.getInstance("DESede/CBC/NoPadding");
            this.mac = Mac.getInstance("ISO9797Alg3Mac", BC_PROVIDER);
            this.random = new SecureRandom();
            this.fs = new DrivingLicenseFileSystem();
        } catch (GeneralSecurityException e) {
            throw new CardServiceException(e.toString());
        }
    }

    private void trySelectApplet() throws CardServiceException {
        if (((short) sendSelectApplet(APPLET_AID)) != -28672) {
            throw new CardServiceException("Could not select driving license");
        }
    }

    @Override // net.sf.scuba.smartcards.CardService
    public void addAPDUListener(APDUListener aPDUListener) {
        this.service.addAPDUListener(aPDUListener);
    }

    @Override // net.sf.scuba.smartcards.CardService
    public void close() {
        try {
            this.wrapper = null;
            if (this.service != null) {
                this.service.close();
            }
        } finally {
            this.state = 0;
        }
    }

    public synchronized void doBAP(KeySpec keySpec) throws CardServiceException {
        if (!$assertionsDisabled && !(keySpec instanceof BAPKey)) {
            throw new AssertionError();
        }
        try {
            byte[] digest = MessageDigest.getInstance("SHA1").digest(((BAPKey) keySpec).getMRZString().substring(1, r18.length() - 1).getBytes());
            if (!$assertionsDisabled && digest.length < 16) {
                throw new AssertionError("Key seed too short");
            }
            byte[] bArr = new byte[16];
            System.arraycopy(digest, 0, bArr, 0, 16);
            try {
                SecretKey deriveKey = Util.deriveKey(bArr, 1);
                SecretKey deriveKey2 = Util.deriveKey(bArr, 2);
                byte[] sendGetChallenge = sendGetChallenge(this.wrapper);
                byte[] bArr2 = new byte[8];
                this.random.nextBytes(bArr2);
                byte[] bArr3 = new byte[16];
                this.random.nextBytes(bArr3);
                byte[] bArr4 = new byte[16];
                System.arraycopy(sendMutualAuth(bArr2, sendGetChallenge, bArr3, deriveKey, deriveKey2), 16, bArr4, 0, 16);
                byte[] bArr5 = new byte[16];
                for (int i = 0; i < 16; i++) {
                    bArr5[i] = (byte) ((bArr3[i] & 255) ^ (bArr4[i] & 255));
                }
                this.wrapper = new SecureMessagingWrapper(Util.deriveKey(bArr5, 1), Util.deriveKey(bArr5, 2), Util.computeSendSequenceCounter(sendGetChallenge, bArr2));
                this.state = 2;
            } catch (GeneralSecurityException e) {
                throw new CardServiceException(e.toString());
            }
        } catch (NoSuchAlgorithmException e2) {
            LOGGER.log(Level.WARNING, "Unexpected exception", (Throwable) e2);
            throw new CardServiceException("Unexpected exception" + e2.getMessage());
        }
    }

    @Override // net.sf.scuba.smartcards.CardService
    public byte[] getATR() throws CardServiceException {
        return this.service.getATR();
    }

    public FileSystemStructured getFileSystem() {
        return this.fs;
    }

    public synchronized CardFileInputStream getInputStream(short s) throws CardServiceException {
        CardFileInputStream cardFileInputStream;
        synchronized (this.fs) {
            this.fs.selectFile(s);
            cardFileInputStream = new CardFileInputStream(maxBlockSize, this.fs);
        }
        return cardFileInputStream;
    }

    public SecureMessagingWrapper getWrapper() {
        return this.wrapper;
    }

    @Override // net.sf.scuba.smartcards.CardService
    public boolean isOpen() {
        return this.state != 0;
    }

    @Override // net.sf.scuba.smartcards.CardService
    public void open() throws CardServiceException {
        if (isOpen()) {
            return;
        }
        if (!this.service.isOpen()) {
            this.service.open();
        }
        trySelectApplet();
        this.state = 1;
    }

    public CardFileInputStream readDataGroup(int i) throws CardServiceException {
        this.fs.selectFile(DrivingLicenseFile.lookupFIDByTag(i));
        return readFile();
    }

    public CardFileInputStream readFile() throws CardServiceException {
        return new CardFileInputStream(maxBlockSize, this.fs);
    }

    @Override // net.sf.scuba.smartcards.CardService
    public void removeAPDUListener(APDUListener aPDUListener) {
        this.service.removeAPDUListener(aPDUListener);
    }

    public byte[] sendAA(PublicKey publicKey, byte[] bArr) throws CardServiceException {
        if (!$assertionsDisabled && publicKey == null) {
            throw new AssertionError("AA failed: bad key");
        }
        if ($assertionsDisabled || (bArr != null && bArr.length == 8)) {
            return sendInternalAuthenticate(bArr);
        }
        throw new AssertionError("AA failed: bad challenge");
    }

    public synchronized byte[] sendGetChallenge(SecureMessagingWrapper secureMessagingWrapper) throws CardServiceException {
        return transmitSecure(new CommandAPDU(0, -124, 0, 0, 8)).getData();
    }

    public synchronized byte[] sendInternalAuthenticate(byte[] bArr) throws CardServiceException {
        if (!$assertionsDisabled && (bArr == null || bArr.length != 8)) {
            throw new AssertionError();
        }
        return transmitSecure(new CommandAPDU(0, -120, 0, 0, bArr, 256)).getData();
    }

    public synchronized byte[] sendMutualAuth(byte[] bArr, byte[] bArr2, byte[] bArr3, SecretKey secretKey, SecretKey secretKey2) throws CardServiceException {
        byte[] doFinal;
        try {
            if (!$assertionsDisabled && (bArr == null || bArr.length != 8)) {
                throw new AssertionError("rndIFD wrong length");
            }
            if (!$assertionsDisabled && (bArr3 == null || bArr3.length != 16)) {
                throw new AssertionError("kIFD wrong length");
            }
            if (!$assertionsDisabled && secretKey == null) {
                throw new AssertionError();
            }
            if (!$assertionsDisabled && secretKey2 == null) {
                throw new AssertionError();
            }
            if (bArr2 == null || bArr2.length != 8) {
                bArr2 = new byte[8];
            }
            this.cipher.init(1, secretKey, ZERO_IV_PARAM_SPEC);
            byte[] bArr4 = new byte[32];
            System.arraycopy(bArr, 0, bArr4, 0, 8);
            System.arraycopy(bArr2, 0, bArr4, 8, 8);
            System.arraycopy(bArr3, 0, bArr4, 16, 16);
            byte[] doFinal2 = this.cipher.doFinal(bArr4);
            if (!$assertionsDisabled && doFinal2.length != bArr4.length) {
                throw new AssertionError("Cryptogram wrong length");
            }
            this.mac.init(secretKey2);
            byte[] doFinal3 = this.mac.doFinal(Util.pad(doFinal2));
            if (!$assertionsDisabled && doFinal3.length != 8) {
                throw new AssertionError("MAC wrong length");
            }
            byte[] bArr5 = new byte[doFinal2.length + doFinal3.length];
            System.arraycopy(doFinal2, 0, bArr5, 0, doFinal2.length);
            System.arraycopy(doFinal3, 0, bArr5, doFinal2.length, doFinal3.length);
            ResponseAPDU transmit = transmit(new CommandAPDU(0, -126, 0, 0, bArr5, 40));
            byte[] bytes = transmit.getBytes();
            if (bytes == null) {
                throw new CardServiceException("Mutual authentication failed");
            }
            String shortToHexString = Hex.shortToHexString((short) transmit.getSW());
            if (bytes.length == 2) {
                throw new CardServiceException("Mutual authentication failed: error code:  " + shortToHexString);
            }
            if (bytes.length != 42) {
                throw new CardServiceException("Mutual authentication failed: expected length: 42, actual length: " + bytes.length + ", error code: " + shortToHexString);
            }
            this.cipher.init(2, secretKey, ZERO_IV_PARAM_SPEC);
            doFinal = this.cipher.doFinal(bytes, 0, (bytes.length - 8) - 2);
            if (!$assertionsDisabled && doFinal.length != (bytes.length - 8) - 2) {
                throw new AssertionError("Cryptogram wrong length " + doFinal.length);
            }
        } catch (GeneralSecurityException e) {
            throw new CardServiceException(e.toString());
        }
        return doFinal;
    }

    /* JADX WARN: Code restructure failed: missing block: B:12:0x002c, code lost:
    
        r0 = r6.getData();
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized byte[] sendReadBinary(short r9, int r10) throws net.sf.scuba.smartcards.CardServiceException {
        /*
            r8 = this;
            monitor-enter(r8)
            r7 = 0
            r6 = 0
        L3:
            r7 = 0
            if (r10 != 0) goto L9
            r0 = 0
        L7:
            monitor-exit(r8)
            return r0
        L9:
            net.sf.scuba.smartcards.CommandAPDU r0 = new net.sf.scuba.smartcards.CommandAPDU     // Catch: java.lang.Throwable -> L31
            r1 = 0
            r2 = -80
            r3 = 65280(0xff00, float:9.1477E-41)
            r3 = r3 & r9
            int r3 = r3 >> 8
            r4 = r9 & 255(0xff, float:3.57E-43)
            r5 = r10
            r0.<init>(r1, r2, r3, r4, r5)     // Catch: java.lang.Throwable -> L31
            net.sf.scuba.smartcards.ResponseAPDU r6 = r8.transmitSecure(r0)     // Catch: java.lang.Throwable -> L31
            int r0 = r6.getSW()     // Catch: java.lang.Throwable -> L31
            short r0 = (short) r0     // Catch: java.lang.Throwable -> L31
            r1 = 25218(0x6282, float:3.5338E-41)
            if (r0 != r1) goto L2a
            int r10 = r10 + (-1)
            r7 = 1
        L2a:
            if (r7 != 0) goto L3
            byte[] r0 = r6.getData()     // Catch: java.lang.Throwable -> L31
            goto L7
        L31:
            r0 = move-exception
            monitor-exit(r8)
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: nl.innovalor.euedl.service.DrivingLicenseService.sendReadBinary(short, int):byte[]");
    }

    public synchronized int sendSelectApplet(byte[] bArr) throws CardServiceException {
        return transmit(new CommandAPDU(0, -92, 4, 0, bArr, 256)).getSW();
    }

    @Override // net.sf.scuba.smartcards.CardService
    public synchronized ResponseAPDU transmit(CommandAPDU commandAPDU) throws CardServiceException {
        return this.service.transmit(commandAPDU);
    }

    public synchronized ResponseAPDU transmitSecure(CommandAPDU commandAPDU) throws CardServiceException {
        ResponseAPDU transmit;
        if (this.wrapper != null) {
            commandAPDU = this.wrapper.wrap(commandAPDU);
        }
        transmit = transmit(commandAPDU);
        if (this.wrapper != null) {
            transmit = this.wrapper.unwrap(transmit);
        }
        return transmit;
    }

    public synchronized void trySelectFile(short s) throws CardServiceException {
        short sw = (short) transmitSecure(new CommandAPDU(0, -92, 2, 12, new byte[]{(byte) ((s >> 8) & 255), (byte) (s & 255)}, 256)).getSW();
        if (sw == 27266) {
            throw new CardServiceException("File not found.");
        }
        if (sw != -28672) {
            throw new CardServiceException("Error occured.");
        }
    }
}
