package com.idemia.mdw.j.b.a;

import com.idemia.mdw.b.a.e;
import com.idemia.mdw.b.c;
import com.idemia.mdw.d.a.d;
import com.idemia.mdw.d.a.l;
import com.idemia.mdw.d.a.m;
import com.idemia.mdw.d.b;
import com.idemia.mdw.exception.CredentialValueException;
import com.idemia.mdw.exception.CryptographicSWException;
import com.idemia.mdw.exception.DataException;
import com.idemia.mdw.exception.FCPException;
import com.idemia.mdw.exception.FailedCredentialException;
import com.idemia.mdw.exception.GenericSWException;
import com.idemia.mdw.exception.GenericServiceException;
import com.idemia.mdw.exception.InvalidDataException;
import com.idemia.mdw.exception.MrzParseException;
import com.idemia.mdw.exception.MrzParsingException;
import com.idemia.mdw.exception.SecureMessagingException;
import com.idemia.mdw.exception.SecurityViolationException;
import com.idemia.mdw.exception.TransmitException;
import com.idemia.mdw.g.i;
import com.idemia.mdw.i.b.aU;
import com.idemia.mdw.icc.asn1.type.Asn1Integer;
import com.idemia.mdw.icc.asn1.type.ConstructedSequence;
import com.idemia.mdw.icc.iso7816.type.FcpTemplate;
import com.idemia.mdw.j.f;
import com.idemia.mdw.k.o;
import com.idemia.mdw.security.a.a;
import com.idemia.mdw.security.b;
import com.idemia.mdw.security.b.h;
import com.idemia.mdw.security.f;
import com.idemia.mdw.security.g;
import com.idemia.mdw.security.k;
import com.idemia.mdw.smartcardio.CardException;
import com.idemia.mdw.smartcardio.CommandAPDU;
import com.idemia.mdw.smartcardio.ResponseAPDU;
import com.idemia.mdw.smartcardio.TerminalType;
import com.idemia.mdw.smartcardio.apdu.PerformSecurityOperation;
import com.idemia.mdw.smartcardio.apdu.j;
import com.mobilesecuritycard.openmobileapi.FileViewProvider;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.interfaces.ECPublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes2.dex */
public class a extends com.idemia.mdw.j.b.a {
    private static final Logger j = LoggerFactory.getLogger((Class<?>) a.class);
    private static final b k = b.CAN;
    private static final Short l = 220;
    private d m;

    public a(com.idemia.mdw.smartcardio.stack.a aVar) {
        super(aVar);
        j.info("New CombICAO Smartcard");
        this.f1096a = Integer.valueOf(l.intValue());
        this.m = d.a(this);
    }

    @Override // com.idemia.mdw.j.b.a, com.idemia.mdw.j.e
    public final c a(f fVar, String str, c.a aVar) throws DataException {
        j.debug("findCredential");
        if (fVar.equals(f.FILE_CREATE) || fVar.equals(f.KEY_CREATE) || fVar.equals(f.KEY_PAIR_GENERATE)) {
            return aVar.equals(c.a.Password) ? r() : q();
        }
        if (this.d.containsKey(str)) {
            com.idemia.mdw.g.c a2 = com.idemia.mdw.g.c.a(fVar, ((h) this.d.get(str)).l().d());
            if (((h) this.d.get(str)).j().containsKey(a2)) {
                for (c cVar : ((h) this.d.get(str)).j().get(a2)) {
                    if (cVar.e().equals(aVar)) {
                        return cVar;
                    }
                }
            }
            com.idemia.mdw.g.c a3 = com.idemia.mdw.g.c.a(fVar, !((h) this.d.get(str)).l().d());
            if (((h) this.d.get(str)).j().containsKey(a3)) {
                for (c cVar2 : ((h) this.d.get(str)).j().get(a3)) {
                    if (cVar2.e().equals(aVar)) {
                        return cVar2;
                    }
                }
            }
        } else {
            if (this.f.containsKey(str)) {
                com.idemia.mdw.g.b a4 = com.idemia.mdw.g.b.a(fVar);
                if (((com.idemia.mdw.security.b.a) this.f.get(str)).d().containsKey(a4)) {
                    for (c cVar3 : ((com.idemia.mdw.security.b.a) this.f.get(str)).d().get(a4)) {
                        if (cVar3.e().equals(aVar)) {
                            return cVar3;
                        }
                    }
                }
                return aVar.equals(c.a.Password) ? r() : q();
            }
            if (this.c.containsKey(str)) {
                com.idemia.mdw.g.b a5 = com.idemia.mdw.g.b.a(fVar);
                if ((this.c.get(str) instanceof com.idemia.mdw.data.b.b) && ((com.idemia.mdw.data.b.b) this.c.get(str)).b().containsKey(a5)) {
                    for (c cVar4 : ((com.idemia.mdw.data.b.b) this.c.get(str)).b().get(a5)) {
                        if (cVar4.e().equals(aVar)) {
                            return cVar4;
                        }
                    }
                }
            } else if (!this.e.containsKey(str)) {
                throw new DataException("Alias Not Found: " + str);
            }
        }
        return null;
    }

    @Override // com.idemia.mdw.j.b.a
    protected final l a(com.idemia.mdw.security.f fVar, int i, byte[] bArr) throws GenericServiceException {
        throw new RuntimeException("not implemented");
    }

    @Override // com.idemia.mdw.j.b.a
    protected final CommandAPDU a(k kVar) throws DataException {
        throw new RuntimeException("not implemented");
    }

    @Override // com.idemia.mdw.j.b.a
    protected final List<CommandAPDU> a(com.idemia.mdw.g.f fVar, com.idemia.mdw.security.f fVar2, int i, aU aUVar, byte[] bArr) throws GenericServiceException {
        throw new RuntimeException("not implemented");
    }

    @Override // com.idemia.mdw.j.b.a
    protected final List<CommandAPDU> a(com.idemia.mdw.g.f fVar, g gVar, int i, byte[] bArr, byte[] bArr2) throws GenericServiceException {
        throw new RuntimeException("not implemented");
    }

    @Override // com.idemia.mdw.j.b.a
    protected final List<CommandAPDU> a(com.idemia.mdw.g.f fVar, Certificate certificate, byte[] bArr) throws GenericServiceException {
        throw new RuntimeException("not implemented");
    }

    @Override // com.idemia.mdw.j.b.a
    protected final List<CommandAPDU> a(com.idemia.mdw.g.f fVar, byte[] bArr) {
        throw new RuntimeException("not implemented");
    }

    @Override // com.idemia.mdw.j.b.a
    protected final List<CommandAPDU> a(byte[] bArr, short s, int i, int i2, byte[] bArr2) {
        throw new RuntimeException("not implemented");
    }

    @Override // com.idemia.mdw.j.b.a, com.idemia.mdw.j.e
    public final void a(boolean z) throws GenericServiceException {
        j.debug("discoveryCardContent");
        super.a(z);
        if (z) {
            com.idemia.mdw.g.d dVar = new com.idemia.mdw.g.d(com.idemia.mdw.j.c.e, this);
            com.idemia.mdw.j.a.a aVar = new com.idemia.mdw.j.a.a(this.b, this.m);
            aVar.a(z);
            for (Map.Entry<String, com.idemia.mdw.data.a> entry : aVar.g().entrySet()) {
                this.c.put(o.a(this.c.keySet(), entry.getKey() + " [" + dVar.b() + "]"), new com.idemia.mdw.data.a.a(((com.idemia.mdw.data.a.a) entry.getValue()).b(), this));
            }
            this.h.a(dVar);
        }
    }

    @Override // com.idemia.mdw.j.d
    public final boolean a() {
        return !this.m.a().isEmpty();
    }

    @Override // com.idemia.mdw.j.b.a, com.idemia.mdw.j.d, com.idemia.mdw.j.e
    public final boolean a(c cVar, byte[] bArr) throws DataException, CredentialValueException, GenericSWException, TransmitException {
        Logger logger = j;
        logger.debug("authenticate");
        Objects.requireNonNull(cVar, "Null credential");
        Objects.requireNonNull(bArr, "Null buffer");
        if (!this.e.containsValue(cVar)) {
            logger.error("Authenticate: Credential (" + cVar.f() + ") not found");
            return false;
        }
        if (cVar.a()) {
            com.idemia.mdw.g.d h = cVar.e().equals(c.a.Password) ? ((e) cVar).h() : ((com.idemia.mdw.b.a.a) cVar).j();
            if (!this.h.b().containsValue(h)) {
                throw new DataException("This credential is located in an unknown application - ADF = " + h.b());
            }
            if (!this.h.b().containsKey(this.i)) {
                throw new IllegalStateException("Current directory (ADF) \"" + this.i + "\" does not exist");
            }
            if (!h.equals(this.h.b().get(this.i)) || this.b.b().getCard().a().getType().equals(TerminalType.MICROSD)) {
                a(h.a());
            }
        }
        logger.info("Authentication with credential: " + cVar.f());
        com.idemia.mdw.smartcardio.apdu.o c = com.idemia.mdw.smartcardio.apdu.o.c();
        c.d(cVar.c());
        if (cVar.e().equals(c.a.Password)) {
            c.a(((e) cVar).a(bArr));
        } else {
            c.a(true).a(com.idemia.mdw.j.b.a(bArr, (byte) 0, false));
        }
        this.g = "";
        a(c.a());
        this.g = i.a(this.e, cVar);
        return this.e.containsKey(this.g);
    }

    @Override // com.idemia.mdw.j.e
    public final boolean a(Key key) throws GenericServiceException, NoSuchAlgorithmException {
        Logger logger = j;
        logger.debug("openSession");
        if (!a()) {
            return true;
        }
        com.idemia.mdw.d.a aVar = new com.idemia.mdw.d.a(new m(this.b, this.m));
        try {
            if (aVar.init(key)) {
                this.b.a(aVar);
                return true;
            }
            logger.error("Failed to initialize secure messaging");
            return false;
        } catch (FailedCredentialException e) {
            throw new CredentialValueException(e);
        } catch (MrzParsingException e2) {
            throw new MrzParseException("An exception occurred", e2);
        } catch (SecureMessagingException e3) {
            throw new GenericServiceException("An exception occurred while establishing secure messaging", e3);
        }
    }

    @Override // com.idemia.mdw.j.b.a, com.idemia.mdw.j.d, com.idemia.mdw.j.e
    public final byte[] a(com.idemia.mdw.j.a aVar) throws GenericSWException, TransmitException {
        Logger logger = j;
        logger.debug("selectAID");
        if (!this.h.b().containsKey(this.i) || !this.h.b().get(this.i).a().equals(aVar) || this.b.b().getCard().a().getType().equals(TerminalType.MICROSD)) {
            return super.a(aVar);
        }
        logger.debug("Application Dedicated File (ADF) \"" + this.i + "\" is already selected");
        return new byte[0];
    }

    @Override // com.idemia.mdw.j.d
    protected final byte[] a(b.e eVar, b.EnumC0036b enumC0036b, byte[] bArr) throws NoSuchAlgorithmException {
        return bArr;
    }

    @Override // com.idemia.mdw.j.d, com.idemia.mdw.j.e
    public final byte[] a(k kVar, ECPublicKey eCPublicKey) throws GenericServiceException {
        j.debug("generateSharedSecret");
        ArrayList arrayList = new ArrayList();
        if (!(kVar instanceof h)) {
            throw new DataException("Invalid data type: keyRef is not an instance of P15PrivateKeyRecord");
        }
        h hVar = (h) kVar;
        com.idemia.mdw.g.d l2 = hVar.l();
        if (!this.h.b().containsValue(l2)) {
            throw new DataException("This key is located in an unknown application - ADF = " + l2.b());
        }
        if (!this.h.b().containsKey(this.i)) {
            throw new IllegalStateException("Current directory (ADF) \"" + this.i + "\" does not exist");
        }
        if (!hVar.a().type.equals(f.a.ECC)) {
            throw new GenericServiceException("Invalid private key type");
        }
        if (!hVar.j().containsKey(com.idemia.mdw.g.c.PSO_DECIPHER)) {
            throw new GenericServiceException("Invalid private key usage");
        }
        String a2 = com.idemia.mdw.k.a.a(eCPublicKey.getParams());
        if (a2.isEmpty()) {
            throw new GenericServiceException("Invalid public key: unknown domain parameters");
        }
        if (!a2.equalsIgnoreCase(hVar.a().name)) {
            throw new GenericServiceException("Incompatible keys: EC domain parameters do not match. Private key " + hVar.a().name + " - Public Key " + a2);
        }
        arrayList.add(j.c().a(j.b.a(com.idemia.mdw.a.a.d.CONFIDENTIALITY.p1)).a(j.a.a(com.idemia.mdw.a.a.d.CONFIDENTIALITY.p2)).a(com.idemia.mdw.a.a.c.a(com.idemia.mdw.a.a.d.CONFIDENTIALITY, com.idemia.mdw.a.a.a.KEY_AGREEMENT_ECDH, hVar).a()).a());
        arrayList.add(PerformSecurityOperation.c().a(com.idemia.mdw.smartcardio.a.a.a.DECIPHER).a(com.idemia.mdw.c.a.d.a(new byte[]{0}, o.a(eCPublicKey.getW(), eCPublicKey.getParams().getCurve()))).a(0).a());
        if (!l2.equals(this.h.b().get(this.i)) || this.b.b().getCard().a().getType().equals(TerminalType.MICROSD)) {
            a(l2.a());
        }
        try {
            ResponseAPDU a3 = this.b.a(arrayList);
            if (a3.getSW() == 27010) {
                throw new SecurityViolationException(a3.getSW());
            }
            if (a3.getSW() == 27264) {
                throw new InvalidDataException(a3.getSW(), "Wrong command data field format");
            }
            if (a3.isOk()) {
                return a3.getData();
            }
            throw new CryptographicSWException(a3.getSW());
        } catch (CardException e) {
            throw new TransmitException("Transmit error during generate shared secret", e);
        }
    }

    @Override // com.idemia.mdw.j.d
    protected final byte[] a(byte[] bArr, boolean z) {
        j.debug("extractSignature");
        if (!z) {
            return bArr;
        }
        byte[] a2 = com.idemia.mdw.c.a.d.a(new Asn1Integer(o.b(com.idemia.mdw.c.a.d.a(bArr, 0, bArr.length >> 1))).getBerElement(), new Asn1Integer(o.b(com.idemia.mdw.c.a.d.a(bArr, bArr.length >> 1, bArr.length >> 1))).getBerElement());
        return new ConstructedSequence(a2, 0, a2.length).getBerElement();
    }

    @Override // com.idemia.mdw.j.d
    protected final List<CommandAPDU> b(k kVar, byte[] bArr, b.d dVar) throws DataException {
        byte[] a2;
        Logger logger = j;
        logger.debug("decipherCommand");
        ArrayList arrayList = new ArrayList();
        if (!dVar.equals(b.d.NONE) && !dVar.equals(b.d.RSA_PKCS1) && !dVar.equals(b.d.RSA_OAEP)) {
            throw new DataException("Invalid padding mechanism for smartcard: " + dVar.name);
        }
        if (kVar.a().type.equals(f.a.RSA)) {
            a2 = com.idemia.mdw.c.a.d.a(new byte[]{FileViewProvider.FCP.FCPTAG_TOTAL_FILE_SIZE}, bArr);
        } else {
            if (!kVar.a().type.equals(f.a.ECC)) {
                throw new DataException("Invalid key algorithm " + kVar.a().name);
            }
            a2 = com.idemia.mdw.c.a.d.a(new byte[]{0}, bArr);
        }
        com.idemia.mdw.a.a.a a3 = com.idemia.mdw.a.a.a.a(kVar.a().type, dVar);
        logger.debug("Algorithm name resolution: " + a3.name());
        arrayList.add(j.c().a(j.b.a(com.idemia.mdw.a.a.d.CONFIDENTIALITY.p1)).a(j.a.a(com.idemia.mdw.a.a.d.CONFIDENTIALITY.p2)).a(com.idemia.mdw.a.a.c.a(com.idemia.mdw.a.a.d.CONFIDENTIALITY, a3, kVar).a()).a());
        arrayList.add(PerformSecurityOperation.c().a(com.idemia.mdw.smartcardio.a.a.a.DECIPHER).a(a2).a(0).a());
        return arrayList;
    }

    @Override // com.idemia.mdw.j.d
    protected final List<CommandAPDU> b(k kVar, byte[] bArr, b.e eVar, b.EnumC0036b enumC0036b, b.d dVar, boolean z) throws DataException, GenericServiceException {
        boolean z2;
        j.debug("signCommand");
        ArrayList arrayList = new ArrayList();
        if (!(kVar instanceof h)) {
            throw new DataException("Invalid data type: keyRef is not an instance of P15PrivateKeyRecord");
        }
        h hVar = (h) kVar;
        if (hVar.a().type.equals(f.a.ECC) && !enumC0036b.equals(b.EnumC0036b.NONE) && ((hVar.a().privBitLength == 192 && !enumC0036b.equals(b.EnumC0036b.SHA1)) || ((hVar.a().privBitLength == 224 && !enumC0036b.equals(b.EnumC0036b.SHA1) && !enumC0036b.equals(b.EnumC0036b.SHA224)) || ((hVar.a().privBitLength == 256 && !enumC0036b.equals(b.EnumC0036b.SHA1) && !enumC0036b.equals(b.EnumC0036b.SHA224) && !enumC0036b.equals(b.EnumC0036b.SHA256)) || (hVar.a().privBitLength == 384 && !enumC0036b.equals(b.EnumC0036b.SHA1) && !enumC0036b.equals(b.EnumC0036b.SHA224) && !enumC0036b.equals(b.EnumC0036b.SHA256) && !enumC0036b.equals(b.EnumC0036b.SHA384)))))) {
            throw new DataException("Invalid input: invalid hash and signature combination. Hash: " + enumC0036b.algorithmName + " - Key algorithm: " + hVar.a().name);
        }
        if (z) {
            Iterator<com.idemia.mdw.security.a.a> it = hVar.b().iterator();
            while (true) {
                if (!it.hasNext()) {
                    z2 = false;
                    break;
                }
                com.idemia.mdw.security.a.a next = it.next();
                if (Arrays.asList(next.purposes).contains(a.EnumC0035a.SIGN) && next.type.name.equals(hVar.a().type.name) && !next.hash.equals(b.EnumC0036b.NONE)) {
                    z2 = true;
                    break;
                }
            }
            if (!z2) {
                throw new DataException("Invalid input: hashing on card is not supported for private key 0x" + com.idemia.mdw.k.g.a(hVar.d()));
            }
        }
        if (hVar.j().containsKey(com.idemia.mdw.g.c.INTERNAL_AUTHENTICATE)) {
            com.idemia.mdw.a.a.a a2 = com.idemia.mdw.a.a.a.a(com.idemia.mdw.a.a.d.INTERNAL_AUTHENTICATION, eVar, enumC0036b, dVar, z);
            j.debug("Algorithm name resolution: " + a2.name());
            arrayList.add(j.c().a(j.b.a(com.idemia.mdw.a.a.d.INTERNAL_AUTHENTICATION.p1)).a(j.a.a(com.idemia.mdw.a.a.d.INTERNAL_AUTHENTICATION.p2)).a(com.idemia.mdw.a.a.c.a(com.idemia.mdw.a.a.d.INTERNAL_AUTHENTICATION, a2, hVar).a()).a());
            try {
                arrayList.add(com.idemia.mdw.smartcardio.apdu.i.c().a(com.idemia.mdw.k.e.a(bArr, eVar, enumC0036b, dVar.equals(b.d.PSS))).a(0).b());
            } catch (NoSuchAlgorithmException e) {
                throw new GenericServiceException("Error in hash management", e);
            }
        } else if (hVar.j().containsKey(com.idemia.mdw.g.c.PSO_COMPUTE_DIGITAL_SIGNATURE)) {
            com.idemia.mdw.a.a.a a3 = com.idemia.mdw.a.a.a.a(com.idemia.mdw.a.a.d.DATA_SIGNATURE, eVar, enumC0036b, dVar, z);
            Logger logger = j;
            logger.debug("Algorithm name resolution: " + a3.name());
            arrayList.add(j.c().a(j.b.a(com.idemia.mdw.a.a.d.DATA_SIGNATURE.p1)).a(j.a.a(com.idemia.mdw.a.a.d.DATA_SIGNATURE.p2)).a(com.idemia.mdw.a.a.c.a(com.idemia.mdw.a.a.d.DATA_SIGNATURE, a3, hVar).a()).a());
            if (z) {
                logger.info("Signing with hash computed on card");
            } else {
                try {
                    bArr = com.idemia.mdw.k.e.a(bArr, enumC0036b);
                } catch (NoSuchAlgorithmException e2) {
                    throw new GenericServiceException("Error in hash management", e2);
                }
            }
            arrayList.add(PerformSecurityOperation.c().a(com.idemia.mdw.smartcardio.a.a.a.COMPUTE_DIGITAL_SIGNATURE).a(bArr).a(0).a());
        }
        return arrayList;
    }

    @Override // com.idemia.mdw.j.d, com.idemia.mdw.j.e
    public final boolean b() {
        return a() && !this.b.a().isInitialized();
    }

    @Override // com.idemia.mdw.j.d, com.idemia.mdw.j.e
    public final String f() {
        return k.name();
    }

    @Override // com.idemia.mdw.j.d
    protected final int g(byte[] bArr) throws FCPException {
        j.debug("extractSizeFromFCP");
        com.idemia.mdw.icc.asn1.type.c a2 = new com.idemia.mdw.icc.iso7816.type.e().a(bArr, 0, bArr.length);
        boolean z = a2 instanceof FcpTemplate;
        if (!z || (z && ((FcpTemplate) a2).getNumberOfBytesExcludingStructural() == null)) {
            throw new FCPException("Invalid input: File Control Parameter is wrong or file size attribute is missing. FCP = " + com.idemia.mdw.k.g.a(bArr, true));
        }
        return ((FcpTemplate) a2).getNumberOfBytesExcludingStructural().getValue();
    }

    @Override // com.idemia.mdw.j.e
    public final boolean p() {
        j.debug("hasBioTemplate");
        Iterator<Map.Entry<String, c>> it = this.e.entrySet().iterator();
        while (it.hasNext()) {
            if (it.next().getValue().e().equals(c.a.Biometric)) {
                return true;
            }
        }
        return false;
    }
}
