package org.jmrtd;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Provider;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import net.sf.scuba.smartcards.APDUEvent;
import net.sf.scuba.smartcards.APDUListener;
import net.sf.scuba.smartcards.APDUWrapper;
import net.sf.scuba.smartcards.CardService;
import net.sf.scuba.smartcards.CardServiceException;
import net.sf.scuba.smartcards.CommandAPDU;
import net.sf.scuba.smartcards.ISOFileInfo;
import net.sf.scuba.smartcards.ResponseAPDU;
import net.sf.scuba.tlv.TLVInputStream;
import net.sf.scuba.util.Hex;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.crypto.tls.CipherSuite;

/* loaded from: classes3.dex */
public class PassportApduService extends CardService {
    public static final byte CAN_PACE_KEY_REFERENCE = 2;
    private static final byte INS_PACE_GENERAL_AUTHENTICATE = -122;
    public static final byte MRZ_PACE_KEY_REFERENCE = 1;
    public static final byte PIN_PACE_KEY_REFERENCE = 3;
    public static final byte PUK_PACE_REFERENCE = 4;
    private static final long serialVersionUID = 2451509825132976178L;
    private byte[] atr;
    private transient Cipher cipher;
    private transient Mac mac;
    private CardService service;
    private static final Logger LOGGER = Logger.getLogger("org.jmrtd");
    private static final Provider BC_PROVIDER = JMRTDSecurityProvider.getBouncyCastleProvider();
    protected static final byte[] APPLET_AID = {ISOFileInfo.A0, 0, 0, 2, 71, 16, 1};
    private static final IvParameterSpec ZERO_IV_PARAM_SPEC = new IvParameterSpec(new byte[]{0, 0, 0, 0, 0, 0, 0, 0});
    private Collection<APDUListener> plainTextAPDUListeners = new HashSet();
    private int plainAPDUCount = 0;

    public PassportApduService(CardService cardService) throws CardServiceException {
        this.service = cardService;
        try {
            this.mac = Mac.getInstance("ISO9797Alg3Mac", BC_PROVIDER);
            this.cipher = Cipher.getInstance("DESede/CBC/NoPadding");
        } catch (GeneralSecurityException e) {
            LOGGER.severe("Exception: " + e.getMessage());
            throw new CardServiceException(e.toString());
        }
    }

    private static void checkStatusWordAfterFileOperation(CommandAPDU commandAPDU, ResponseAPDU responseAPDU) throws CardServiceException {
        short sw = (short) responseAPDU.getSW();
        String str = "CAPDU = " + Hex.bytesToHexString(commandAPDU.getBytes()) + ", RAPDU = " + Hex.bytesToHexString(responseAPDU.getBytes());
        switch (sw) {
            case -28672:
                return;
            case 27010:
            case 27013:
            case 27014:
                throw new CardServiceException("Access to file denied, " + str, sw);
            case 27266:
                throw new CardServiceException("File not found, " + str, sw);
            default:
                throw new CardServiceException("Error occured, " + str, sw);
        }
    }

    private ResponseAPDU transmit(APDUWrapper aPDUWrapper, CommandAPDU commandAPDU) throws CardServiceException {
        ResponseAPDU transmit = transmit(aPDUWrapper != null ? aPDUWrapper.wrap(commandAPDU) : commandAPDU);
        short sw = (short) transmit.getSW();
        try {
            if (aPDUWrapper == null) {
                return transmit;
            }
            try {
                if (transmit.getBytes().length == 2) {
                    throw new CardServiceException("Exception during transmission of wrapped APDU\nC=" + Hex.bytesToHexString(commandAPDU.getBytes()), sw);
                }
                ResponseAPDU unwrap = aPDUWrapper.unwrap(transmit, transmit.getBytes().length);
                int i = this.plainAPDUCount + 1;
                this.plainAPDUCount = i;
                notifyExchangedPlainTextAPDU(i, commandAPDU, unwrap);
                return unwrap;
            } catch (Exception e) {
                if (e instanceof CardServiceException) {
                    throw ((CardServiceException) e);
                }
                throw new CardServiceException("Exception during transmission of wrapped APDU\nC=" + Hex.bytesToHexString(commandAPDU.getBytes()) + "\n" + e.getMessage(), sw);
            }
        } catch (Throwable th) {
            int i2 = this.plainAPDUCount + 1;
            this.plainAPDUCount = i2;
            notifyExchangedPlainTextAPDU(i2, commandAPDU, transmit);
            throw th;
        }
    }

    @Override // net.sf.scuba.smartcards.CardService
    public void addAPDUListener(APDUListener aPDUListener) {
        this.service.addAPDUListener(aPDUListener);
    }

    public void addPlainTextAPDUListener(APDUListener aPDUListener) {
        if (this.plainTextAPDUListeners != null) {
            this.plainTextAPDUListeners.add(aPDUListener);
        }
    }

    @Override // net.sf.scuba.smartcards.CardService
    public void close() {
        if (this.service != null) {
            this.service.close();
        }
    }

    @Override // net.sf.scuba.smartcards.CardService
    public byte[] getATR() {
        return this.atr;
    }

    @Override // net.sf.scuba.smartcards.CardService
    public synchronized boolean isOpen() {
        return this.service.isOpen();
    }

    protected void notifyExchangedPlainTextAPDU(int i, CommandAPDU commandAPDU, ResponseAPDU responseAPDU) {
        if (this.plainTextAPDUListeners == null || this.plainTextAPDUListeners.size() < 1) {
            return;
        }
        APDUEvent aPDUEvent = new APDUEvent(this, "PLAINTEXT", i, commandAPDU, responseAPDU);
        Iterator<APDUListener> it = this.plainTextAPDUListeners.iterator();
        while (it.hasNext()) {
            it.next().exchangedAPDU(aPDUEvent);
        }
    }

    @Override // net.sf.scuba.smartcards.CardService
    public void open() throws CardServiceException {
        if (!this.service.isOpen()) {
            this.service.open();
        }
        this.atr = this.service.getATR();
    }

    @Override // net.sf.scuba.smartcards.CardService
    public void removeAPDUListener(APDUListener aPDUListener) {
        this.service.removeAPDUListener(aPDUListener);
    }

    public void removePlainTextAPDUListener(APDUListener aPDUListener) {
        if (this.plainTextAPDUListeners != null) {
            this.plainTextAPDUListeners.add(aPDUListener);
        }
    }

    public synchronized byte[] sendGeneralAuthenticate(APDUWrapper aPDUWrapper, byte[] bArr, boolean z) throws CardServiceException {
        byte[] unwrapDO;
        synchronized (this) {
            ResponseAPDU transmit = transmit(aPDUWrapper, new CommandAPDU(z ? 0 : 16, -122, 0, 0, Util.wrapDO((byte) 124, bArr), 256));
            short sw = (short) transmit.getSW();
            if (sw != -28672) {
                throw new CardServiceException("Sending general authenticate failed", sw);
            }
            unwrapDO = Util.unwrapDO((byte) 124, transmit.getData());
        }
        return unwrapDO;
    }

    public synchronized byte[] sendGetChallenge() throws CardServiceException {
        return sendGetChallenge(null);
    }

    public synchronized byte[] sendGetChallenge(APDUWrapper aPDUWrapper) throws CardServiceException {
        return transmit(aPDUWrapper, new CommandAPDU(0, -124, 0, 0, 8)).getData();
    }

    public synchronized byte[] sendInternalAuthenticate(APDUWrapper aPDUWrapper, byte[] bArr) throws CardServiceException {
        if (bArr != null) {
            if (bArr.length == 8) {
            }
        }
        throw new IllegalArgumentException("rndIFD wrong length");
        return transmit(aPDUWrapper, new CommandAPDU(0, -120, 0, 0, bArr, 256)).getData();
    }

    public synchronized void sendMSEKAT(APDUWrapper aPDUWrapper, byte[] bArr, byte[] bArr2) throws CardServiceException {
        synchronized (this) {
            byte[] bArr3 = new byte[(bArr2 != null ? bArr2.length : 0) + bArr.length];
            System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
            if (bArr2 != null) {
                System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
            }
            short sw = (short) transmit(aPDUWrapper, new CommandAPDU(0, 34, 65, CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256, bArr3)).getSW();
            if (sw != -28672) {
                throw new CardServiceException("Sending MSE KAT failed", sw);
            }
        }
    }

    public synchronized void sendMSESetATExtAuth(APDUWrapper aPDUWrapper, byte[] bArr) throws CardServiceException {
        short sw = (short) transmit(aPDUWrapper, new CommandAPDU(0, 34, 129, CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256, bArr)).getSW();
        if (sw != -28672) {
            throw new CardServiceException("Sending MSE AT failed", sw);
        }
    }

    public synchronized void sendMSESetATMutualAuth(APDUWrapper aPDUWrapper, String str, int i, byte[] bArr) throws CardServiceException {
        if (str == null) {
            throw new IllegalArgumentException("OID cannot be null");
        }
        try {
            TLVInputStream tLVInputStream = new TLVInputStream(new ByteArrayInputStream(new ASN1ObjectIdentifier(str).getEncoded()));
            tLVInputStream.readTag();
            tLVInputStream.readLength();
            byte[] readValue = tLVInputStream.readValue();
            tLVInputStream.close();
            byte[] wrapDO = Util.wrapDO(ISOFileInfo.DATA_BYTES1, readValue);
            if (i != 1 && i != 2 && i != 3 && i != 4) {
                throw new IllegalArgumentException("Unsupported key type reference (MRZ, CAN, etc), found " + i);
            }
            byte[] wrapDO2 = Util.wrapDO(ISOFileInfo.FILE_IDENTIFIER, new byte[]{(byte) i});
            if (bArr != null) {
                bArr = Util.wrapDO((byte) -124, bArr);
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                byteArrayOutputStream.write(wrapDO);
                byteArrayOutputStream.write(wrapDO2);
                if (bArr != null) {
                    byteArrayOutputStream.write(bArr);
                }
                short sw = (short) transmit(aPDUWrapper, new CommandAPDU(0, 34, CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256, CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256, byteArrayOutputStream.toByteArray())).getSW();
                if (sw != -28672) {
                    throw new CardServiceException("Sending MSE AT failed", sw);
                }
            } catch (IOException e) {
                LOGGER.severe("Error while copying data: " + e.getMessage());
                throw new IllegalStateException("Error while copying data");
            }
        } catch (IOException e2) {
            throw new IllegalArgumentException("Illegal OID: " + str + " (" + e2.getMessage() + ")");
        }
    }

    public synchronized void sendMSESetDST(APDUWrapper aPDUWrapper, byte[] bArr) throws CardServiceException {
        short sw = (short) transmit(aPDUWrapper, new CommandAPDU(0, 34, 129, CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, bArr)).getSW();
        if (sw != -28672) {
            throw new CardServiceException("Sending MSE Set DST failed", sw);
        }
    }

    public synchronized byte[] sendMutualAuth(byte[] bArr, byte[] bArr2, byte[] bArr3, SecretKey secretKey, SecretKey secretKey2) throws CardServiceException {
        byte[] doFinal;
        if (bArr != null) {
            try {
                if (bArr.length == 8) {
                    if (bArr2 == null || bArr2.length != 8) {
                        bArr2 = new byte[8];
                    }
                    if (bArr3 == null || bArr3.length != 16) {
                        throw new IllegalArgumentException("kIFD wrong length");
                    }
                    if (secretKey == null) {
                        throw new IllegalArgumentException("kEnc == null");
                    }
                    if (secretKey2 == null) {
                        throw new IllegalArgumentException("kMac == null");
                    }
                    this.cipher.init(1, secretKey, ZERO_IV_PARAM_SPEC);
                    byte[] bArr4 = new byte[32];
                    System.arraycopy(bArr, 0, bArr4, 0, 8);
                    System.arraycopy(bArr2, 0, bArr4, 8, 8);
                    System.arraycopy(bArr3, 0, bArr4, 16, 16);
                    byte[] doFinal2 = this.cipher.doFinal(bArr4);
                    if (doFinal2.length != 32) {
                        throw new IllegalStateException("Cryptogram wrong length " + doFinal2.length);
                    }
                    this.mac.init(secretKey2);
                    byte[] doFinal3 = this.mac.doFinal(Util.padWithMRZ(doFinal2));
                    if (doFinal3.length != 8) {
                        throw new IllegalStateException("MAC wrong length");
                    }
                    byte[] bArr5 = new byte[40];
                    System.arraycopy(doFinal2, 0, bArr5, 0, 32);
                    System.arraycopy(doFinal3, 0, bArr5, 32, 8);
                    ResponseAPDU transmit = transmit(new CommandAPDU(0, -126, 0, 0, bArr5, 40));
                    byte[] bytes = transmit.getBytes();
                    short sw = (short) transmit.getSW();
                    if (bytes == null) {
                        throw new CardServiceException("Mutual authentication failed", sw);
                    }
                    if (sw != -28672) {
                        ResponseAPDU transmit2 = transmit(new CommandAPDU(0, -126, 0, 0, bArr5, 0));
                        bytes = transmit2.getBytes();
                        sw = (short) transmit2.getSW();
                    }
                    if (bytes.length != 42) {
                        throw new CardServiceException("Mutual authentication failed: expected length: 40 + 2, actual length: " + bytes.length, sw);
                    }
                    this.cipher.init(2, secretKey, ZERO_IV_PARAM_SPEC);
                    doFinal = this.cipher.doFinal(bytes, 0, (bytes.length - 8) - 2);
                    if (doFinal.length != 32) {
                        throw new IllegalStateException("Cryptogram wrong length " + doFinal.length);
                    }
                }
            } catch (GeneralSecurityException e) {
                throw new CardServiceException(e.toString());
            }
        }
        throw new IllegalArgumentException("rndIFD wrong length");
        return doFinal;
    }

    public synchronized void sendMutualAuthenticate(APDUWrapper aPDUWrapper, byte[] bArr) throws CardServiceException {
        short sw = (short) transmit(aPDUWrapper, new CommandAPDU(0, -126, 0, 0, bArr)).getSW();
        if (sw != -28672) {
            throw new CardServiceException("Sending External Authenticate failed.", sw);
        }
    }

    public synchronized void sendPSOChainMode(APDUWrapper aPDUWrapper, byte[] bArr, byte[] bArr2) throws CardServiceException {
        int i = 0;
        synchronized (this) {
            byte[] bArr3 = new byte[bArr.length + bArr2.length];
            System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
            System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
            int length = bArr3.length;
            if (bArr3.length > 223) {
                int length2 = bArr3.length / 223;
                int i2 = length2 * 223 < bArr3.length ? length2 + 1 : length2;
                int i3 = 0;
                while (i3 < i2 - 1) {
                    short sw = (short) transmit(aPDUWrapper, new CommandAPDU(16, 42, 0, 190, bArr3, i, length)).getSW();
                    if (sw != -28672) {
                        throw new CardServiceException("Sending PSO failed", sw);
                    }
                    length -= 223;
                    i3++;
                    i += 223;
                }
            }
            short sw2 = (short) transmit(aPDUWrapper, new CommandAPDU(0, 42, 0, 190, bArr3, i, length)).getSW();
            if (sw2 != -28672) {
                throw new CardServiceException("Sending PSO failed", sw2);
            }
        }
    }

    public synchronized void sendPSOExtendedLengthMode(APDUWrapper aPDUWrapper, byte[] bArr, byte[] bArr2) throws CardServiceException {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        short sw = (short) transmit(aPDUWrapper, new CommandAPDU(0, 42, 0, 190, bArr3)).getSW();
        if (sw != -28672) {
            throw new CardServiceException("Sending PSO failed", sw);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:12:0x0012, code lost:
    
        if (r12 > 256) goto L13;
     */
    /* JADX WARN: Removed duplicated region for block: B:24:0x0049  */
    /* JADX WARN: Removed duplicated region for block: B:45:0x007e A[Catch: all -> 0x0061, TryCatch #1 {, blocks: (B:17:0x0021, B:19:0x003c, B:21:0x0040, B:29:0x0052, B:31:0x0058, B:32:0x0060, B:33:0x0083, B:35:0x008c, B:36:0x0092, B:38:0x009f, B:40:0x00dc, B:42:0x00a2, B:45:0x007e, B:48:0x0076, B:52:0x0069), top: B:14:0x001e }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized byte[] sendReadBinary(net.sf.scuba.smartcards.APDUWrapper r10, int r11, int r12, boolean r13) throws net.sf.scuba.smartcards.CardServiceException {
        /*
            Method dump skipped, instructions count: 233
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jmrtd.PassportApduService.sendReadBinary(net.sf.scuba.smartcards.APDUWrapper, int, int, boolean):byte[]");
    }

    public synchronized byte[] sendReadBinary(short s, int i, boolean z) throws CardServiceException {
        return sendReadBinary(null, s, i, z);
    }

    public synchronized void sendSelectApplet(APDUWrapper aPDUWrapper, byte[] bArr) throws CardServiceException {
        CommandAPDU commandAPDU = new CommandAPDU(0, -92, 4, 12, bArr);
        checkStatusWordAfterFileOperation(commandAPDU, transmit(aPDUWrapper, commandAPDU));
    }

    public synchronized void sendSelectFile(APDUWrapper aPDUWrapper, short s) throws CardServiceException {
        CommandAPDU commandAPDU = new CommandAPDU(0, -92, 2, 12, new byte[]{(byte) ((s >> 8) & 255), (byte) (s & 255)}, 0);
        ResponseAPDU transmit = transmit(aPDUWrapper, commandAPDU);
        if (transmit != null) {
            checkStatusWordAfterFileOperation(commandAPDU, transmit);
        }
    }

    public synchronized void sendSelectFile(short s) throws CardServiceException {
        sendSelectFile(null, s);
    }

    public void setService(CardService cardService) {
        this.service = cardService;
    }

    @Override // net.sf.scuba.smartcards.CardService
    public synchronized ResponseAPDU transmit(CommandAPDU commandAPDU) throws CardServiceException {
        return this.service.transmit(commandAPDU);
    }
}
