package ir.co.pki.dastinelib;

import ir.co.pki.dastinelib.GPData;
import ir.co.pki.dastinelib.GPKeySet;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.EnumSet;
import java.util.Iterator;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes.dex */
public class GlobalPlatform {
    private static final byte CLA_GP = Byte.MIN_VALUE;
    private static final byte CLA_MAC = -124;
    private static final byte INS_INITIALIZE_UPDATE = 80;
    public static final int SCP_01_05 = 1;
    public static final int SCP_01_15 = 2;
    public static final int SCP_02_04 = 3;
    public static final int SCP_02_05 = 4;
    public static final int SCP_02_0A = 5;
    public static final int SCP_02_0B = 6;
    public static final int SCP_02_14 = 7;
    public static final int SCP_02_15 = 8;
    public static final int SCP_02_1A = 9;
    public static final int SCP_02_1B = 10;
    public static final int SCP_ANY = 0;
    public static final short SHORT_0 = 0;
    public static EnumSet<APDUMode> defaultMode = EnumSet.of(APDUMode.ENC);
    CardChannel channel;
    private GPKeySet sessionKeys;
    public AID sdAID = null;
    GPSpec spec = GPSpec.GP211;
    private int scpMajorVersion = 0;
    private byte[] diversification_data = null;
    private SCPWrapper wrapper = null;
    int blockSize = 255;

    /* loaded from: classes.dex */
    public enum APDUMode {
        CLR(0),
        MAC(1),
        ENC(2),
        RMAC(16);

        private final int value;

        APDUMode(int i) {
            this.value = i;
        }

        public static int getSetValue(EnumSet<APDUMode> enumSet) {
            Iterator it = enumSet.iterator();
            int i = 0;
            while (it.hasNext()) {
                i |= ((APDUMode) it.next()).value;
            }
            return i;
        }
    }

    /* loaded from: classes.dex */
    public enum GPSpec {
        OP201,
        GP211,
        GP22
    }

    /* loaded from: classes.dex */
    public static class SCP0102Wrapper extends SCPWrapper {
        private byte[] icv;
        private boolean icvEnc;
        private boolean postAPDU;
        private boolean preAPDU;
        private final ByteArrayOutputStream rMac;
        private byte[] ricv;
        private int scp;

        private SCP0102Wrapper(GPKeySet gPKeySet, int i, EnumSet<APDUMode> enumSet, byte[] bArr, byte[] bArr2, int i2) {
            this.icv = null;
            this.ricv = null;
            this.scp = 0;
            this.rMac = new ByteArrayOutputStream();
            this.icvEnc = false;
            this.preAPDU = false;
            this.postAPDU = false;
            this.blockSize = i2;
            this.sessionKeys = gPKeySet;
            this.icv = bArr;
            this.ricv = bArr2;
            setSCPVersion(i);
            setSecurityLevel(enumSet);
        }

        private static byte clearBits(byte b, byte b2) {
            return (byte) (b & (~b2) & 255);
        }

        private static byte setBits(byte b, byte b2) {
            return (byte) ((b | b2) & 255);
        }

        public byte[] getIV() {
            return this.icv;
        }

        public void setRMACIV(byte[] bArr) {
            this.ricv = bArr;
        }

        public void setSCPVersion(int i) {
            this.scp = 2;
            if (i < 3) {
                this.scp = 1;
            }
            if (i == 2 || i == 7 || i == 8 || i == 9 || i == 10) {
                this.icvEnc = true;
            } else {
                this.icvEnc = false;
            }
            if (i == 1 || i == 2 || i == 3 || i == 4 || i == 7 || i == 8) {
                this.preAPDU = true;
            } else {
                this.preAPDU = false;
            }
            if (i == 5 || i == 6 || i == 9 || i == 10) {
                this.postAPDU = true;
            } else {
                this.postAPDU = false;
            }
        }

        @Override // ir.co.pki.dastinelib.GlobalPlatform.SCPWrapper
        public ResponseAPDU unwrap(ResponseAPDU responseAPDU) {
            if (!this.rmac) {
                return responseAPDU;
            }
            if (responseAPDU.getData().length < 8) {
                throw new RuntimeException("Wrong response length (too short).");
            }
            int length = responseAPDU.getData().length - 8;
            this.rMac.write(length);
            this.rMac.write(responseAPDU.getData(), 0, length);
            this.rMac.write(responseAPDU.getSW1());
            this.rMac.write(responseAPDU.getSW2());
            this.ricv = GPCrypto.mac_des_3des(this.sessionKeys.getKey(GPData.KeyType.RMAC), GPCrypto.pad80(this.rMac.toByteArray(), 8), this.ricv);
            byte[] bArr = new byte[8];
            System.arraycopy(responseAPDU.getData(), length, bArr, 0, 8);
            if (!Arrays.equals(this.ricv, bArr)) {
                throw new GPException("RMAC invalid.");
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write(responseAPDU.getBytes(), 0, length);
            byteArrayOutputStream.write(responseAPDU.getSW1());
            byteArrayOutputStream.write(responseAPDU.getSW2());
            return new ResponseAPDU(byteArrayOutputStream.toByteArray());
        }

        @Override // ir.co.pki.dastinelib.GlobalPlatform.SCPWrapper
        public CommandAPDU wrap(CommandAPDU commandAPDU) {
            byte[] bArr;
            int i;
            Cipher cipher;
            try {
                if (this.rmac) {
                    this.rMac.reset();
                    this.rMac.write(clearBits((byte) commandAPDU.getCLA(), (byte) 7));
                    this.rMac.write(commandAPDU.getINS());
                    this.rMac.write(commandAPDU.getP1());
                    this.rMac.write(commandAPDU.getP2());
                    if (commandAPDU.getNc() >= 0) {
                        this.rMac.write(commandAPDU.getNc());
                        this.rMac.write(commandAPDU.getData());
                    }
                }
                if (!this.mac && !this.enc) {
                    return commandAPDU;
                }
                int cla = commandAPDU.getCLA();
                int ins = commandAPDU.getINS();
                int p1 = commandAPDU.getP1();
                int p2 = commandAPDU.getP2();
                byte[] data = commandAPDU.getData();
                int nc = commandAPDU.getNc();
                int ne = commandAPDU.getNe();
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                if (nc > getBlockSize()) {
                    throw new IllegalArgumentException("APDU too long for wrapping.");
                }
                if (this.mac) {
                    if (this.icv == null) {
                        this.icv = new byte[8];
                    } else if (this.icvEnc) {
                        if (this.scp == 1) {
                            cipher = Cipher.getInstance(GPCrypto.DES3_ECB_CIPHER);
                            cipher.init(1, this.sessionKeys.getKeyFor(GPData.KeyType.MAC));
                        } else {
                            cipher = Cipher.getInstance(GPCrypto.DES_ECB_CIPHER);
                            cipher.init(1, this.sessionKeys.getKey(GPData.KeyType.MAC).getKey(GPKeySet.GPKey.Type.DES));
                        }
                        this.icv = cipher.doFinal(this.icv);
                    }
                    if (this.preAPDU) {
                        cla = setBits((byte) cla, (byte) 4);
                        i = nc + 8;
                    } else {
                        i = nc;
                    }
                    byteArrayOutputStream.write(cla);
                    byteArrayOutputStream.write(ins);
                    byteArrayOutputStream.write(p1);
                    byteArrayOutputStream.write(p2);
                    byteArrayOutputStream.write(i);
                    byteArrayOutputStream.write(data);
                    int i2 = this.scp;
                    if (i2 == 1) {
                        this.icv = GPCrypto.mac_3des(this.sessionKeys.getKey(GPData.KeyType.MAC), byteArrayOutputStream.toByteArray(), this.icv);
                    } else if (i2 == 2) {
                        this.icv = GPCrypto.mac_des_3des(this.sessionKeys.getKey(GPData.KeyType.MAC), byteArrayOutputStream.toByteArray(), this.icv);
                    }
                    if (this.postAPDU) {
                        cla = setBits((byte) cla, (byte) 4);
                        i += 8;
                    }
                    byteArrayOutputStream.reset();
                    bArr = data;
                } else {
                    bArr = null;
                    i = nc;
                }
                if (this.enc && nc > 0) {
                    if (this.scp == 1) {
                        byteArrayOutputStream.write(nc);
                        byteArrayOutputStream.write(data);
                        if (byteArrayOutputStream.size() % 8 != 0) {
                            byte[] pad80 = GPCrypto.pad80(byteArrayOutputStream.toByteArray(), 8);
                            byteArrayOutputStream.reset();
                            byteArrayOutputStream.write(pad80);
                        }
                    } else {
                        byteArrayOutputStream.write(GPCrypto.pad80(data, 8));
                    }
                    i += byteArrayOutputStream.size() - data.length;
                    Cipher cipher2 = Cipher.getInstance(GPCrypto.DES3_CBC_CIPHER);
                    cipher2.init(1, this.sessionKeys.getKeyFor(GPData.KeyType.ENC), GPCrypto.iv_null_des);
                    bArr = cipher2.doFinal(byteArrayOutputStream.toByteArray());
                    byteArrayOutputStream.reset();
                }
                byteArrayOutputStream.write(cla);
                byteArrayOutputStream.write(ins);
                byteArrayOutputStream.write(p1);
                byteArrayOutputStream.write(p2);
                if (i > 0) {
                    byteArrayOutputStream.write(i);
                    byteArrayOutputStream.write(bArr);
                }
                if (this.mac) {
                    byteArrayOutputStream.write(this.icv);
                }
                if (ne > 0) {
                    byteArrayOutputStream.write(ne);
                }
                return new CommandAPDU(byteArrayOutputStream.toByteArray());
            } catch (IOException e) {
                throw new RuntimeException("APDU wrapping failed", e);
            } catch (InvalidAlgorithmParameterException e2) {
                e = e2;
                throw new GPException("APDU wrapping failed", e);
            } catch (InvalidKeyException e3) {
                e = e3;
                throw new GPException("APDU wrapping failed", e);
            } catch (NoSuchAlgorithmException e4) {
                e = e4;
                throw new IllegalStateException("APDU wrapping failed", e);
            } catch (BadPaddingException e5) {
                e = e5;
                throw new GPException("APDU wrapping failed", e);
            } catch (IllegalBlockSizeException e6) {
                e = e6;
                throw new GPException("APDU wrapping failed", e);
            } catch (NoSuchPaddingException e7) {
                e = e7;
                throw new IllegalStateException("APDU wrapping failed", e);
            }
        }
    }

    /* loaded from: classes.dex */
    public static class SCP03Wrapper extends SCPWrapper {
        byte[] chaining_value;
        byte[] encryption_counter;

        private SCP03Wrapper(GPKeySet gPKeySet, int i, EnumSet<APDUMode> enumSet, byte[] bArr, byte[] bArr2, int i2) {
            byte[] bArr3 = new byte[16];
            this.chaining_value = bArr3;
            this.encryption_counter = new byte[16];
            this.sessionKeys = gPKeySet;
            this.blockSize = i2;
            byte[] bArr4 = GPCrypto.null_bytes_16;
            System.arraycopy(bArr4, 0, bArr3, 0, bArr4.length);
            System.arraycopy(bArr4, 0, this.encryption_counter, 0, bArr4.length);
            setSecurityLevel(enumSet);
        }

        @Override // ir.co.pki.dastinelib.GlobalPlatform.SCPWrapper
        protected ResponseAPDU unwrap(ResponseAPDU responseAPDU) {
            return responseAPDU;
        }

        @Override // ir.co.pki.dastinelib.GlobalPlatform.SCPWrapper
        protected CommandAPDU wrap(CommandAPDU commandAPDU) {
            byte[] bArr;
            try {
                int cla = commandAPDU.getCLA();
                int nc = commandAPDU.getNc();
                byte[] data = commandAPDU.getData();
                int i = 132;
                if (this.enc) {
                    GPCrypto.buffer_increment(this.encryption_counter);
                    if (commandAPDU.getData().length > 0) {
                        byte[] pad80 = GPCrypto.pad80(commandAPDU.getData(), 16);
                        Cipher cipher = Cipher.getInstance(GPCrypto.AES_CBC_CIPHER);
                        GPKeySet gPKeySet = this.sessionKeys;
                        GPData.KeyType keyType = GPData.KeyType.ENC;
                        cipher.init(1, gPKeySet.getKeyFor(keyType), GPCrypto.iv_null_aes);
                        cipher.init(1, this.sessionKeys.getKeyFor(keyType), new IvParameterSpec(cipher.doFinal(this.encryption_counter)));
                        byte[] doFinal = cipher.doFinal(pad80);
                        nc = doFinal.length;
                        data = doFinal;
                    }
                    cla = 132;
                }
                if (this.mac) {
                    nc += 8;
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    byteArrayOutputStream.write(this.chaining_value);
                    byteArrayOutputStream.write(132);
                    byteArrayOutputStream.write(commandAPDU.getINS());
                    byteArrayOutputStream.write(commandAPDU.getP1());
                    byteArrayOutputStream.write(commandAPDU.getP2());
                    byteArrayOutputStream.write(nc);
                    byteArrayOutputStream.write(data);
                    byte[] scp03_mac = GPCrypto.scp03_mac(this.sessionKeys.getKey(GPData.KeyType.MAC), byteArrayOutputStream.toByteArray(), 128);
                    byte[] bArr2 = this.chaining_value;
                    System.arraycopy(scp03_mac, 0, bArr2, 0, bArr2.length);
                    bArr = Arrays.copyOf(scp03_mac, 8);
                } else {
                    i = cla;
                    bArr = null;
                }
                ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                byteArrayOutputStream2.write(i);
                byteArrayOutputStream2.write(commandAPDU.getINS());
                byteArrayOutputStream2.write(commandAPDU.getP1());
                byteArrayOutputStream2.write(commandAPDU.getP2());
                byteArrayOutputStream2.write(nc);
                byteArrayOutputStream2.write(data);
                if (this.mac) {
                    byteArrayOutputStream2.write(bArr);
                }
                return new CommandAPDU(byteArrayOutputStream2.toByteArray());
            } catch (IOException e) {
                throw new RuntimeException("APDU wrapping failed", e);
            } catch (InvalidAlgorithmParameterException e2) {
                e = e2;
                throw new GPException("APDU wrapping failed", e);
            } catch (InvalidKeyException e3) {
                e = e3;
                throw new GPException("APDU wrapping failed", e);
            } catch (NoSuchAlgorithmException e4) {
                e = e4;
                throw new IllegalStateException("APDU wrapping failed", e);
            } catch (BadPaddingException e5) {
                e = e5;
                throw new GPException("APDU wrapping failed", e);
            } catch (IllegalBlockSizeException e6) {
                e = e6;
                throw new GPException("APDU wrapping failed", e);
            } catch (NoSuchPaddingException e7) {
                e = e7;
                throw new IllegalStateException("APDU wrapping failed", e);
            }
        }
    }

    /* loaded from: classes.dex */
    public static abstract class SCPWrapper {
        protected int blockSize = 0;
        protected GPKeySet sessionKeys = null;
        protected boolean mac = false;
        protected boolean enc = false;
        protected boolean rmac = false;

        protected int getBlockSize() {
            int i = this.blockSize;
            if (this.mac) {
                i -= 8;
            }
            return this.enc ? i - 8 : i;
        }

        public void setSecurityLevel(EnumSet<APDUMode> enumSet) {
            this.mac = enumSet.contains(APDUMode.MAC);
            this.enc = enumSet.contains(APDUMode.ENC);
            this.rmac = enumSet.contains(APDUMode.RMAC);
        }

        protected abstract ResponseAPDU unwrap(ResponseAPDU responseAPDU);

        protected abstract CommandAPDU wrap(CommandAPDU commandAPDU);
    }

    protected void giveStrictWarning(String str) {
        throw new GPException("STRICT WARNING: " + str);
    }

    /* JADX WARN: Code restructure failed: missing block: B:81:0x00f7, code lost:
    
        if (r27 == 2) goto L47;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void openSecureChannel(ir.co.pki.dastinelib.SessionKeyProvider r25, byte[] r26, int r27, java.util.EnumSet<ir.co.pki.dastinelib.GlobalPlatform.APDUMode> r28, ir.co.pki.dastinelib.CardChannel r29) {
        /*
            Method dump skipped, instructions count: 611
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ir.co.pki.dastinelib.GlobalPlatform.openSecureChannel(ir.co.pki.dastinelib.SessionKeyProvider, byte[], int, java.util.EnumSet, ir.co.pki.dastinelib.CardChannel):void");
    }

    public ResponseAPDU transmit(CommandAPDU commandAPDU) {
        return this.wrapper.unwrap(this.channel.transmit(this.wrapper.wrap(commandAPDU)));
    }
}
