package com.eidlink.aar.e;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.util.logging.Logger;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPublicKey;
import net.sf.scuba.smartcards.CardServiceException;
import net.sf.scuba.tlv.TLVUtil;
import org.conscrypt.EvpMdRef;

/* compiled from: EACCAProtocol.java */
/* loaded from: classes4.dex */
public class bk9 {
    public static final Logger a = Logger.getLogger("org.jmrtd");
    public static final Provider b = dh9.l();
    public og9 c;
    public sk9 d;
    public int e;
    public boolean f;

    public bk9(og9 og9Var, sk9 sk9Var, int i, boolean z) {
        this.c = og9Var;
        this.d = sk9Var;
        this.e = i;
        this.f = z;
    }

    public static byte[] a(String str, PublicKey publicKey, PrivateKey privateKey) {
        KeyAgreement keyAgreement = KeyAgreement.getInstance(str, b);
        keyAgreement.init(privateKey);
        keyAgreement.doPhase(publicKey, true);
        return keyAgreement.generateSecret();
    }

    public static byte[] c(String str, PublicKey publicKey) {
        if ("DH".equals(str)) {
            return ((DHPublicKey) publicKey).getY().toByteArray();
        }
        if ("ECDH".equals(str)) {
            return ((iz5) publicKey).V4().m(false);
        }
        throw new IllegalArgumentException("Unsupported agreement algorithm " + str);
    }

    public static byte[] d(String str, PublicKey publicKey) {
        if ("DH".equals(str)) {
            return MessageDigest.getInstance(EvpMdRef.SHA1.JCA_NAME).digest(c(str, publicKey));
        }
        if ("ECDH".equals(str)) {
            return dh9.b(dh9.C(((iz5) publicKey).V4().f().v()), (int) Math.ceil(r5.getParameters().a().w() / 8.0d));
        }
        throw new IllegalArgumentException("Unsupported agreement algorithm " + str);
    }

    public static String f(String str) {
        if (ui9.e.equals(str)) {
            a.warning("Could not determine ChipAuthentication algorithm, defaulting to id-CA-ECDH-3DES-CBC-CBC");
            return ui9.g;
        }
        if (ui9.d.equals(str)) {
            a.warning("Could not determine ChipAuthentication algorithm, defaulting to id-CA-DH-3DES-CBC-CBC");
            return ui9.f;
        }
        a.warning("No ChipAuthenticationInfo and unsupported ChipAuthenticationPublicKeyInfo public key OID " + str);
        return null;
    }

    public static sk9 g(String str, byte[] bArr, int i, boolean z) {
        String j = ii9.j(str);
        int m = ii9.m(str);
        SecretKey g = dh9.g(bArr, j, m, 1);
        SecretKey g2 = dh9.g(bArr, j, m, 2);
        if (j.startsWith("DESede")) {
            return new zj9(g, g2, i, z, 0L);
        }
        if (j.startsWith("AES")) {
            return new vj9(g, g2, i, z, 0L);
        }
        throw new IllegalStateException("Unsupported cipher algorithm " + j);
    }

    public static void h(og9 og9Var, sk9 sk9Var, String str, BigInteger bigInteger, PublicKey publicKey) {
        String l = ii9.l(str);
        String j = ii9.j(str);
        byte[] c = c(l, publicKey);
        if (j.startsWith("DESede")) {
            og9Var.d(sk9Var, TLVUtil.wrapDO(145, c), bigInteger != null ? TLVUtil.wrapDO(132, bigInteger.toByteArray()) : null);
            return;
        }
        if (j.startsWith("AES")) {
            og9Var.c(sk9Var, str, bigInteger);
            og9Var.a(sk9Var, TLVUtil.wrapDO(128, c), true);
        } else {
            throw new IllegalStateException("Cannot set up secure channel with cipher " + j);
        }
    }

    public ck9 b(BigInteger bigInteger, String str, String str2, PublicKey publicKey) {
        if (publicKey == null) {
            throw new IllegalArgumentException("PICC public key is null");
        }
        String l = ii9.l(str);
        if (l == null) {
            throw new IllegalArgumentException("Unknown agreement algorithm");
        }
        if (!"ECDH".equals(l) && !"DH".equals(l)) {
            throw new IllegalArgumentException("Unsupported agreement algorithm, expected ECDH or DH, found " + l);
        }
        if (str == null) {
            str = f(str2);
        }
        AlgorithmParameterSpec algorithmParameterSpec = null;
        try {
            if ("DH".equals(l)) {
                algorithmParameterSpec = ((DHPublicKey) publicKey).getParams();
            } else if ("ECDH".equals(l)) {
                algorithmParameterSpec = ((ECPublicKey) publicKey).getParams();
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(l, b);
            keyPairGenerator.initialize(algorithmParameterSpec);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            PublicKey publicKey2 = generateKeyPair.getPublic();
            PrivateKey privateKey = generateKeyPair.getPrivate();
            h(this.c, this.d, str, bigInteger, publicKey2);
            byte[] d = d(l, publicKey2);
            sk9 g = g(str, a(l, publicKey, privateKey), this.e, this.f);
            this.d = g;
            return new ck9(bigInteger, publicKey, d, publicKey2, privateKey, g);
        } catch (GeneralSecurityException e) {
            throw new CardServiceException("Security exception during Chip Authentication", e);
        }
    }

    public sk9 e() {
        return this.d;
    }
}
