package com.idemia.mw.icc.gp;

import com.idemia.mw.icc.iso7816.apdu.ApduException;
import com.idemia.mw.icc.iso7816.apdu.CommandApdu;
import com.idemia.mw.icc.iso7816.apdu.ResponseApdu;
import com.idemia.mw.icc.iso7816.apdu.SelectApdu;
import com.idemia.mw.icc.iso7816.stack.StackLayer;
import com.idemia.mw.icc.iso7816.type.Aid;
import com.idemia.mw.icc.iso7816.type.Atr;
import com.idemia.mw.icc.util.ByteArrays;
import java.security.GeneralSecurityException;
import java.util.Arrays;
import java.util.Map;
import java.util.Random;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes2.dex */
public abstract class ScpManager extends StackLayer {
    public static Cipher cipherCbc;
    public static Cipher cipherEcb;
    public static Random rand = new Random();
    public ScpWrapper apduWrapper;
    public KeySet currentKeySet;
    public Aid currentSelectedApplet;
    public byte[] hostCryptogram;
    public boolean icvEncryption;
    public boolean initExplicit;
    public int kvn;
    public IvParameterSpec nullIv;
    public byte[] paddingBlock;
    public byte[] hostChallenge = new byte[8];
    public SecurityLevel securityLevel = null;
    public byte[] cmacIcv = new byte[8];

    /* loaded from: classes2.dex */
    public enum SecChannelProtocol {
        SCP01,
        SCP02,
        SCP03
    }

    public ScpManager(boolean z, boolean z2) {
        this.initExplicit = z;
        this.icvEncryption = z2;
    }

    private void checkSelectDfByNameCommand(CommandApdu commandApdu, ResponseApdu responseApdu) {
        SelectApdu fromApdu = SelectApdu.fromApdu(commandApdu);
        if (fromApdu != null && fromApdu.isSelectDfByName() && responseApdu.getSw() == 36864) {
            Aid aid = fromApdu.getAid();
            if (aid.equals(this.currentSelectedApplet)) {
                return;
            }
            setSecurityLevel(null);
            this.currentSelectedApplet = aid;
        }
    }

    @Override // com.idemia.mw.icc.iso7816.stack.StackLayer, com.idemia.mw.icc.iso7816.stack.StackElement
    public Atr activate(boolean z) {
        setSecurityLevel(null);
        return this.bottom.activate(z);
    }

    public void checkCardCryptogram(byte[] bArr, byte[] bArr2) {
        try {
            cipherCbc.init(1, this.currentKeySet.sessionChannelAuthEncKey, this.nullIv);
            cipherCbc.update(this.hostChallenge);
            cipherCbc.update(bArr);
            if (!Arrays.equals(bArr2, cipherCbc.doFinal(this.paddingBlock))) {
                throw new RuntimeException("card cryptogram");
            }
            cipherCbc.init(1, this.currentKeySet.sessionChannelAuthEncKey, this.nullIv);
            cipherCbc.update(bArr);
            cipherCbc.update(this.hostChallenge);
            this.hostCryptogram = cipherCbc.doFinal(this.paddingBlock);
        } catch (GeneralSecurityException e) {
            throw new Error(e);
        }
    }

    public abstract void checkKeyInfo(int i, int i2);

    public void clearCmacIcv() {
        this.cmacIcv = new byte[8];
    }

    public abstract byte[] cmac(byte[] bArr);

    @Override // com.idemia.mw.icc.iso7816.stack.StackLayer, com.idemia.mw.icc.iso7816.stack.StackElement
    public void deactivate() {
        setSecurityLevel(null);
        this.bottom.deactivate();
    }

    public abstract byte[] encrypt(byte[] bArr);

    public abstract byte[] encryptSensitiveData(byte[] bArr);

    public abstract SecChannelProtocol getCurrentProtocol();

    public byte[] getHostChallenge() {
        rand.nextBytes(this.hostChallenge);
        return (byte[]) this.hostChallenge.clone();
    }

    public byte[] getHostCryptogram() {
        return this.hostCryptogram;
    }

    public SecurityLevel getSecurityLevel() {
        return this.securityLevel;
    }

    public abstract Map<SecurityLevel, ScpWrapper> getWrapperMap();

    public abstract void notifyNewApdu();

    @Override // com.idemia.mw.icc.iso7816.stack.StackLayer, com.idemia.mw.icc.iso7816.stack.StackElement
    public ResponseApdu process(CommandApdu commandApdu) {
        if (this.securityLevel == null) {
            ResponseApdu process = this.bottom.process(commandApdu);
            try {
                checkSelectDfByNameCommand(commandApdu, process);
            } catch (ApduException unused) {
            }
            return process;
        }
        notifyNewApdu();
        ResponseApdu unwrap = unwrap(this.bottom.process(wrap(commandApdu)));
        checkSelectDfByNameCommand(commandApdu, unwrap);
        return unwrap;
    }

    @Override // com.idemia.mw.icc.iso7816.stack.StackLayer, com.idemia.mw.icc.iso7816.stack.StackElement
    public Atr reset() {
        setSecurityLevel(null);
        return this.bottom.reset();
    }

    public abstract void selectKeySet(int i, int i2);

    public void setSecurityLevel(SecurityLevel securityLevel) {
        this.securityLevel = securityLevel;
    }

    public abstract void setupSecureChannel(byte[] bArr, byte[] bArr2, SecurityLevel securityLevel);

    public void submitDiversificationData(byte[] bArr) {
        if (this.currentKeySet instanceof DiversifiedBySnKeySet) {
            ((DiversifiedBySnKeySet) this.currentKeySet).setSn(ByteArrays.trim(bArr, 4, 4));
        }
    }

    public ResponseApdu unwrap(ResponseApdu responseApdu) {
        return responseApdu;
    }

    public CommandApdu wrap(CommandApdu commandApdu) {
        return getWrapperMap().get(this.securityLevel).wrap(commandApdu);
    }
}
