package nl.innovalor.euedl.service;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.Arrays;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import net.sf.scuba.smartcards.APDUWrapper;
import net.sf.scuba.smartcards.CommandAPDU;
import net.sf.scuba.smartcards.ResponseAPDU;
import net.sf.scuba.tlv.TLVUtil;
import net.sf.scuba.util.Hex;

/* loaded from: classes.dex */
public class SecureMessagingWrapper implements APDUWrapper {
    private static final Logger LOGGER = Logger.getLogger("nl.innovalor");
    private static final IvParameterSpec ZERO_IV_PARAM_SPEC = new IvParameterSpec(new byte[8]);
    private Cipher cipher;
    private SecretKey ksEnc;
    private SecretKey ksMac;
    private Mac mac;
    private long ssc;

    public SecureMessagingWrapper(SecretKey secretKey, SecretKey secretKey2) throws GeneralSecurityException {
        this(secretKey, secretKey2, 0L);
    }

    public SecureMessagingWrapper(SecretKey secretKey, SecretKey secretKey2, long j) throws GeneralSecurityException {
        this.ksEnc = secretKey;
        this.ksMac = secretKey2;
        this.ssc = j;
        this.cipher = Cipher.getInstance("DESede/CBC/NoPadding");
        this.mac = Mac.getInstance("ISO9797Alg3Mac");
    }

    private boolean checkMac(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
            this.ssc++;
            dataOutputStream.writeLong(this.ssc);
            byte[] pad = Util.pad(bArr, 0, ((bArr.length - 2) - 8) - 2);
            dataOutputStream.write(pad, 0, pad.length);
            dataOutputStream.flush();
            this.mac.init(this.ksMac);
            byte[] doFinal = this.mac.doFinal(byteArrayOutputStream.toByteArray());
            dataOutputStream.close();
            return Arrays.equals(bArr2, doFinal);
        } catch (IOException e) {
            return false;
        }
    }

    private byte[] readDO87(DataInputStream dataInputStream) throws IOException, GeneralSecurityException {
        int i = 0;
        int readUnsignedByte = dataInputStream.readUnsignedByte();
        if ((readUnsignedByte & 128) != 128) {
            i = readUnsignedByte;
            int readUnsignedByte2 = dataInputStream.readUnsignedByte();
            if (readUnsignedByte2 != 1) {
                throw new IllegalStateException("DO'87 expected 0x01 marker, found " + Hex.byteToHexString((byte) readUnsignedByte2));
            }
        } else {
            int i2 = readUnsignedByte & 127;
            for (int i3 = 0; i3 < i2; i3++) {
                i = (i << 8) | dataInputStream.readUnsignedByte();
            }
            int readUnsignedByte3 = dataInputStream.readUnsignedByte();
            if (readUnsignedByte3 != 1) {
                throw new IllegalStateException("DO'87 expected 0x01 marker, found " + Hex.byteToHexString((byte) readUnsignedByte3));
            }
        }
        int i4 = i - 1;
        byte[] bArr = new byte[i4];
        dataInputStream.read(bArr, 0, i4);
        return Util.unpad(this.cipher.doFinal(bArr));
    }

    private byte[] readDO8E(DataInputStream dataInputStream) throws IOException, GeneralSecurityException {
        if (dataInputStream.readUnsignedByte() != 8) {
            throw new IllegalStateException("DO'8E wrong length");
        }
        byte[] bArr = new byte[8];
        dataInputStream.readFully(bArr);
        return bArr;
    }

    private short readDO99(DataInputStream dataInputStream) throws IOException {
        if (dataInputStream.readUnsignedByte() != 2) {
            throw new IllegalStateException("DO'99 wrong length");
        }
        return (short) (((dataInputStream.readByte() & 255) << 8) | (dataInputStream.readByte() & 255));
    }

    private byte[] unwrapResponseAPDU(byte[] bArr) throws IOException, GeneralSecurityException {
        long j = this.ssc;
        if (bArr != null) {
            try {
                if (bArr.length >= 2) {
                    this.cipher.init(2, this.ksEnc, ZERO_IV_PARAM_SPEC);
                    DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(bArr));
                    byte[] bArr2 = new byte[0];
                    short s = 0;
                    boolean z = false;
                    byte[] bArr3 = null;
                    while (!z) {
                        byte readByte = dataInputStream.readByte();
                        switch (readByte) {
                            case -121:
                                bArr2 = readDO87(dataInputStream);
                                break;
                            case -114:
                                bArr3 = readDO8E(dataInputStream);
                                z = true;
                                break;
                            case -103:
                                s = readDO99(dataInputStream);
                                break;
                            default:
                                LOGGER.warning("Unsupported tag " + Integer.toHexString(readByte));
                                break;
                        }
                    }
                    if (!checkMac(bArr, bArr3)) {
                        throw new IllegalStateException("Invalid MAC");
                    }
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    byteArrayOutputStream.write(bArr2, 0, bArr2.length);
                    byteArrayOutputStream.write((65280 & s) >> 8);
                    byteArrayOutputStream.write(s & 255);
                    return byteArrayOutputStream.toByteArray();
                }
            } finally {
                if (this.ssc == j) {
                    this.ssc++;
                }
            }
        }
        throw new IllegalArgumentException("Invalid response APDU");
    }

    private byte[] wrapCommandAPDU(byte[] bArr, int i) throws IOException, GeneralSecurityException {
        if (bArr == null || bArr.length < 4 || i < 4) {
            throw new IllegalArgumentException("Invalid type");
        }
        int i2 = 0;
        int i3 = bArr[i - 1] & 255;
        if (i == 4) {
            i2 = 0;
            i3 = 0;
        } else if (i == 5) {
            i2 = 0;
        } else if (i > 5) {
            i2 = bArr[4] & 255;
        }
        if (i2 + 4 >= i) {
            i3 = 0;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr2 = new byte[4];
        System.arraycopy(bArr, 0, bArr2, 0, 4);
        bArr2[0] = (byte) (bArr[0] | 12);
        byte[] pad = Util.pad(bArr2);
        byte[] bArr3 = new byte[0];
        byte[] bArr4 = new byte[0];
        byte[] bArr5 = new byte[0];
        if (i3 > 0 || bArr[1] == -120) {
            byteArrayOutputStream.reset();
            byteArrayOutputStream.write(-105);
            byteArrayOutputStream.write(1);
            byteArrayOutputStream.write((byte) i3);
            bArr5 = byteArrayOutputStream.toByteArray();
        }
        if (i2 > 0) {
            byte[] pad2 = Util.pad(bArr, 5, i2);
            this.cipher.init(1, this.ksEnc, ZERO_IV_PARAM_SPEC);
            byte[] doFinal = this.cipher.doFinal(pad2);
            byteArrayOutputStream.reset();
            byteArrayOutputStream.write(-121);
            byteArrayOutputStream.write(TLVUtil.getLengthAsBytes(doFinal.length + 1));
            byteArrayOutputStream.write(1);
            byteArrayOutputStream.write(doFinal, 0, doFinal.length);
            bArr3 = byteArrayOutputStream.toByteArray();
        }
        byteArrayOutputStream.reset();
        byteArrayOutputStream.write(pad, 0, pad.length);
        byteArrayOutputStream.write(bArr3, 0, bArr3.length);
        byteArrayOutputStream.write(bArr5, 0, bArr5.length);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.reset();
        DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
        this.ssc++;
        dataOutputStream.writeLong(this.ssc);
        dataOutputStream.write(byteArray, 0, byteArray.length);
        dataOutputStream.flush();
        byte[] pad3 = Util.pad(byteArrayOutputStream.toByteArray());
        this.mac.init(this.ksMac);
        byte[] doFinal2 = this.mac.doFinal(pad3);
        byteArrayOutputStream.reset();
        byteArrayOutputStream.write(-114);
        byteArrayOutputStream.write(doFinal2.length);
        byteArrayOutputStream.write(doFinal2, 0, doFinal2.length);
        byte[] byteArray2 = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.reset();
        byteArrayOutputStream.write(bArr2, 0, 4);
        byteArrayOutputStream.write((byte) (bArr3.length + bArr5.length + byteArray2.length));
        byteArrayOutputStream.write(bArr3, 0, bArr3.length);
        byteArrayOutputStream.write(bArr5, 0, bArr5.length);
        byteArrayOutputStream.write(byteArray2, 0, byteArray2.length);
        byteArrayOutputStream.write(0);
        return byteArrayOutputStream.toByteArray();
    }

    public long getSendSequenceCounter() {
        return this.ssc;
    }

    @Override // net.sf.scuba.smartcards.APDUWrapper
    public ResponseAPDU unwrap(ResponseAPDU responseAPDU) {
        try {
            return new ResponseAPDU(unwrapResponseAPDU(responseAPDU.getBytes()));
        } catch (IOException e) {
            throw new IllegalStateException(e.toString());
        } catch (GeneralSecurityException e2) {
            throw new IllegalStateException(e2.toString());
        }
    }

    @Override // net.sf.scuba.smartcards.APDUWrapper
    public CommandAPDU wrap(CommandAPDU commandAPDU) {
        try {
            byte[] bytes = commandAPDU.getBytes();
            return new CommandAPDU(wrapCommandAPDU(bytes, bytes.length));
        } catch (IOException e) {
            throw new IllegalStateException(e.toString());
        } catch (GeneralSecurityException e2) {
            throw new IllegalStateException(e2.toString());
        }
    }
}
