package kq0;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPublicKey;

/* loaded from: classes6.dex */
public class h {

    /* renamed from: e, reason: collision with root package name */
    public static final Logger f27941e = Logger.getLogger("org.jmrtd");

    /* renamed from: f, reason: collision with root package name */
    public static final Provider f27942f = eq0.p.j();

    /* renamed from: a, reason: collision with root package name */
    public eq0.b f27943a;

    /* renamed from: b, reason: collision with root package name */
    public w f27944b;

    /* renamed from: c, reason: collision with root package name */
    public int f27945c;

    /* renamed from: d, reason: collision with root package name */
    public boolean f27946d;

    public h(eq0.b bVar, w wVar, int i11, boolean z11) {
        this.f27943a = bVar;
        this.f27944b = wVar;
        this.f27945c = i11;
        this.f27946d = z11;
    }

    public static byte[] a(String str, PublicKey publicKey, PrivateKey privateKey) {
        KeyAgreement keyAgreement = KeyAgreement.getInstance(str, f27942f);
        keyAgreement.init(privateKey);
        keyAgreement.doPhase(publicKey, true);
        return keyAgreement.generateSecret();
    }

    public static byte[] c(String str, PublicKey publicKey) {
        if ("DH".equals(str)) {
            return eq0.p.v(((DHPublicKey) publicKey).getY());
        }
        if ("ECDH".equals(str)) {
            arrow.core.a.a(publicKey);
            throw null;
        }
        throw new IllegalArgumentException("Unsupported agreement algorithm " + str);
    }

    public static byte[] d(String str, PublicKey publicKey) {
        if ("DH".equals(str)) {
            return MessageDigest.getInstance("SHA-1").digest(c(str, publicKey));
        }
        if ("ECDH".equals(str)) {
            arrow.core.a.a(publicKey);
            throw null;
        }
        throw new IllegalArgumentException("Unsupported agreement algorithm " + str);
    }

    public static String e(String str) {
        if (hq0.s.f22375d.equals(str)) {
            f27941e.warning("Could not determine ChipAuthentication algorithm, defaulting to id-CA-ECDH-3DES-CBC-CBC");
            return hq0.s.f22377f;
        }
        if (hq0.s.f22374c.equals(str)) {
            f27941e.warning("Could not determine ChipAuthentication algorithm, defaulting to id-CA-DH-3DES-CBC-CBC");
            return hq0.s.f22376e;
        }
        f27941e.warning("No ChipAuthenticationInfo and unsupported ChipAuthenticationPublicKeyInfo public key OID " + str);
        return null;
    }

    public static w f(String str, byte[] bArr, int i11, boolean z11) {
        String m11 = hq0.j.m(str);
        int o11 = hq0.j.o(str);
        SecretKey e11 = eq0.p.e(bArr, m11, o11, 1);
        SecretKey e12 = eq0.p.e(bArr, m11, o11, 2);
        if (m11.startsWith("DESede")) {
            return new f(e11, e12, i11, z11, 0L);
        }
        if (m11.startsWith("AES")) {
            return new b(e11, e12, i11, z11, 0L);
        }
        throw new IllegalStateException("Unsupported cipher algorithm " + m11);
    }

    public static void g(eq0.b bVar, w wVar, String str, BigInteger bigInteger, PublicKey publicKey) {
        String n11 = hq0.j.n(str);
        String m11 = hq0.j.m(str);
        byte[] c11 = c(n11, publicKey);
        if (m11.startsWith("DESede")) {
            bVar.c(wVar, em0.e.i(145, c11), bigInteger != null ? em0.e.i(132, eq0.p.v(bigInteger)) : null);
            return;
        }
        if (!m11.startsWith("AES")) {
            throw new IllegalStateException("Cannot set up secure channel with cipher " + m11);
        }
        bVar.b(wVar, str, bigInteger);
        byte[] i11 = em0.e.i(128, c11);
        try {
            bVar.a(wVar, i11, true);
        } catch (dm0.e e11) {
            f27941e.log(Level.WARNING, "Failed to send GENERAL AUTHENTICATE, falling back to command chaining", (Throwable) e11);
            List F = eq0.p.F(224, i11);
            Iterator it = F.iterator();
            int i12 = 0;
            while (it.hasNext()) {
                i12++;
                bVar.a(wVar, (byte[]) it.next(), i12 >= F.size());
            }
        }
    }

    public i b(BigInteger bigInteger, String str, String str2, PublicKey publicKey) {
        if (publicKey == null) {
            throw new IllegalArgumentException("PICC public key is null");
        }
        String n11 = hq0.j.n(str);
        if (n11 == null) {
            throw new IllegalArgumentException("Unknown agreement algorithm");
        }
        if (!"ECDH".equals(n11) && !"DH".equals(n11)) {
            throw new IllegalArgumentException("Unsupported agreement algorithm, expected ECDH or DH, found " + n11);
        }
        if (str == null) {
            str = e(str2);
        }
        try {
            AlgorithmParameterSpec params = "DH".equals(n11) ? ((DHPublicKey) publicKey).getParams() : "ECDH".equals(n11) ? ((ECPublicKey) publicKey).getParams() : null;
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(n11, f27942f);
            keyPairGenerator.initialize(params);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            PublicKey publicKey2 = generateKeyPair.getPublic();
            PrivateKey privateKey = generateKeyPair.getPrivate();
            g(this.f27943a, this.f27944b, str, bigInteger, publicKey2);
            byte[] d11 = d(n11, publicKey2);
            w f11 = f(str, a(n11, publicKey, privateKey), this.f27945c, this.f27946d);
            this.f27944b = f11;
            return new i(bigInteger, publicKey, d11, publicKey2, privateKey, f11);
        } catch (GeneralSecurityException e11) {
            throw new dm0.e("Security exception during Chip Authentication", e11);
        }
    }
}
