package mq0;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPublicKey;

/* loaded from: classes5.dex */
public class h {

    /* renamed from: e, reason: collision with root package name */
    public static final Logger f30576e = Logger.getLogger("org.jmrtd");

    /* renamed from: f, reason: collision with root package name */
    public static final Provider f30577f = gq0.p.j();

    /* renamed from: a, reason: collision with root package name */
    public gq0.b f30578a;

    /* renamed from: b, reason: collision with root package name */
    public w f30579b;

    /* renamed from: c, reason: collision with root package name */
    public int f30580c;

    /* renamed from: d, reason: collision with root package name */
    public boolean f30581d;

    public h(gq0.b bVar, w wVar, int i11, boolean z11) {
        this.f30578a = bVar;
        this.f30579b = wVar;
        this.f30580c = i11;
        this.f30581d = z11;
    }

    public static byte[] a(String str, PublicKey publicKey, PrivateKey privateKey) {
        KeyAgreement keyAgreement = KeyAgreement.getInstance(str, f30577f);
        keyAgreement.init(privateKey);
        keyAgreement.doPhase(publicKey, true);
        return keyAgreement.generateSecret();
    }

    public static byte[] c(String str, PublicKey publicKey) {
        if ("DH".equals(str)) {
            return gq0.p.v(((DHPublicKey) publicKey).getY());
        }
        if ("ECDH".equals(str)) {
            arrow.core.a.a(publicKey);
            throw null;
        }
        throw new IllegalArgumentException("Unsupported agreement algorithm " + str);
    }

    public static byte[] d(String str, PublicKey publicKey) {
        if ("DH".equals(str)) {
            return MessageDigest.getInstance("SHA-1").digest(c(str, publicKey));
        }
        if ("ECDH".equals(str)) {
            arrow.core.a.a(publicKey);
            throw null;
        }
        throw new IllegalArgumentException("Unsupported agreement algorithm " + str);
    }

    public static String e(String str) {
        if (jq0.s.f25145d.equals(str)) {
            f30576e.warning("Could not determine ChipAuthentication algorithm, defaulting to id-CA-ECDH-3DES-CBC-CBC");
            return jq0.s.f25147f;
        }
        if (jq0.s.f25144c.equals(str)) {
            f30576e.warning("Could not determine ChipAuthentication algorithm, defaulting to id-CA-DH-3DES-CBC-CBC");
            return jq0.s.f25146e;
        }
        f30576e.warning("No ChipAuthenticationInfo and unsupported ChipAuthenticationPublicKeyInfo public key OID " + str);
        return null;
    }

    public static w f(String str, byte[] bArr, int i11, boolean z11) {
        String l11 = jq0.j.l(str);
        int n11 = jq0.j.n(str);
        SecretKey e11 = gq0.p.e(bArr, l11, n11, 1);
        SecretKey e12 = gq0.p.e(bArr, l11, n11, 2);
        if (l11.startsWith("DESede")) {
            return new f(e11, e12, i11, z11, 0L);
        }
        if (l11.startsWith("AES")) {
            return new b(e11, e12, i11, z11, 0L);
        }
        throw new IllegalStateException("Unsupported cipher algorithm " + l11);
    }

    public static void g(gq0.b bVar, w wVar, String str, BigInteger bigInteger, PublicKey publicKey) {
        String m11 = jq0.j.m(str);
        String l11 = jq0.j.l(str);
        byte[] c11 = c(m11, publicKey);
        if (l11.startsWith("DESede")) {
            bVar.c(wVar, gm0.e.i(145, c11), bigInteger != null ? gm0.e.i(132, gq0.p.v(bigInteger)) : null);
            return;
        }
        if (!l11.startsWith("AES")) {
            throw new IllegalStateException("Cannot set up secure channel with cipher " + l11);
        }
        bVar.b(wVar, str, bigInteger);
        byte[] i11 = gm0.e.i(128, c11);
        try {
            bVar.a(wVar, i11, true);
        } catch (fm0.e e11) {
            f30576e.log(Level.WARNING, "Failed to send GENERAL AUTHENTICATE, falling back to command chaining", (Throwable) e11);
            List F = gq0.p.F(224, i11);
            Iterator it = F.iterator();
            int i12 = 0;
            while (it.hasNext()) {
                i12++;
                bVar.a(wVar, (byte[]) it.next(), i12 >= F.size());
            }
        }
    }

    public i b(BigInteger bigInteger, String str, String str2, PublicKey publicKey) {
        if (publicKey == null) {
            throw new IllegalArgumentException("PICC public key is null");
        }
        String m11 = jq0.j.m(str);
        if (m11 == null) {
            throw new IllegalArgumentException("Unknown agreement algorithm");
        }
        if (!"ECDH".equals(m11) && !"DH".equals(m11)) {
            throw new IllegalArgumentException("Unsupported agreement algorithm, expected ECDH or DH, found " + m11);
        }
        if (str == null) {
            str = e(str2);
        }
        try {
            AlgorithmParameterSpec params = "DH".equals(m11) ? ((DHPublicKey) publicKey).getParams() : "ECDH".equals(m11) ? ((ECPublicKey) publicKey).getParams() : null;
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(m11, f30577f);
            keyPairGenerator.initialize(params);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            PublicKey publicKey2 = generateKeyPair.getPublic();
            PrivateKey privateKey = generateKeyPair.getPrivate();
            g(this.f30578a, this.f30579b, str, bigInteger, publicKey2);
            byte[] d11 = d(m11, publicKey2);
            w f11 = f(str, a(m11, publicKey, privateKey), this.f30580c, this.f30581d);
            this.f30579b = f11;
            return new i(bigInteger, publicKey, d11, publicKey2, privateKey, f11);
        } catch (GeneralSecurityException e11) {
            throw new fm0.e("Security exception during Chip Authentication", e11);
        }
    }
}
