package com.idemia.android.iso18013.security;

import co.nstant.in.cbor.CborBuilder;
import co.nstant.in.cbor.builder.ArrayBuilder;
import co.nstant.in.cbor.model.DataItem;
import com.idemia.android.iso18013.security.api.ISO18013SecurityInterface;
import com.idemia.android.iso18013.security.common.CborExtsKt;
import com.idemia.android.iso18013.security.common.CoreException;
import com.idemia.android.iso18013.security.defaults.DefaultsKt;
import com.idemia.android.iso18013.security.error.SecuritySDKException;
import com.idemia.android.iso18013.security.logger.ISecurityLogger;
import com.idemia.android.iso18013.security.logger.ISecurityLoggerKt;
import com.idemia.android.iso18013.security.model.DeviceAuthType;
import com.idemia.android.iso18013.security.model.EC2Curve;
import com.idemia.android.iso18013.security.model.ECKeyPair;
import com.idemia.android.iso18013.security.model.SessionInfo;
import com.idemia.android.iso18013.security.model.SigningAlgorithm;
import com.idemia.android.iso18013.security.sessionkey.N1985SKDevice;
import com.idemia.android.iso18013.security.util.DecryptionUtil;
import com.idemia.android.iso18013.security.util.ECKeyUtils;
import com.idemia.android.iso18013.security.util.EncryptionUtil;
import com.idemia.android.iso18013.security.util.SecurityUtils;
import com.idemia.android.iso18013.security.util.SigningUtils;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.interfaces.ECPrivateKey;
import java.util.List;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: ISO18013Security.kt */
@Metadata(bv = {}, d1 = {"\u0000r\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0010\b\n\u0000\n\u0002\u0010\t\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0012\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0007\n\u0002\u0010 \n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0007\n\u0002\u0018\u0002\n\u0002\b\t\bÆ\u0002\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b6\u00107J/\u0010\b\u001a\u0004\u0018\u00010\u00072\b\u0010\u0003\u001a\u0004\u0018\u00010\u00022\b\u0010\u0005\u001a\u0004\u0018\u00010\u00042\b\u0010\u0006\u001a\u0004\u0018\u00010\u0002H\u0016¢\u0006\u0004\b\b\u0010\tJ6\u0010\u0012\u001a\u00020\n2\u0006\u0010\u000b\u001a\u00020\n2\b\u0010\r\u001a\u0004\u0018\u00010\f2\b\u0010\u000f\u001a\u0004\u0018\u00010\u000e2\b\u0010\u0010\u001a\u0004\u0018\u00010\n2\u0006\u0010\u0011\u001a\u00020\u0002H\u0016J8\u0010\u0014\u001a\u00020\n2\b\u0010\u0013\u001a\u0004\u0018\u00010\n2\b\u0010\r\u001a\u0004\u0018\u00010\f2\b\u0010\u000f\u001a\u0004\u0018\u00010\u000e2\b\u0010\u0010\u001a\u0004\u0018\u00010\n2\u0006\u0010\u0011\u001a\u00020\u0002H\u0016J.\u0010\u001a\u001a\b\u0012\u0004\u0012\u00020\u00190\u00162\u0006\u0010\u0015\u001a\u00020\n2\u0006\u0010\u000f\u001a\u00020\u000e2\u000e\u0010\u0018\u001a\n\u0012\u0004\u0012\u00020\u0017\u0018\u00010\u0016H\u0016J&\u0010 \u001a\u0004\u0018\u00010\n2\u0006\u0010\u001c\u001a\u00020\u001b2\b\u0010\u001e\u001a\u0004\u0018\u00010\u001d2\b\u0010\u001f\u001a\u0004\u0018\u00010\nH\u0016J[\u0010+\u001a\u0004\u0018\u00010\n2\u0006\u0010\"\u001a\u00020!2\u0006\u0010\u001c\u001a\u00020\u001b2\b\u0010\u000f\u001a\u0004\u0018\u00010\u000e2\b\u0010#\u001a\u0004\u0018\u00010\n2\u0006\u0010%\u001a\u00020$2#\u0010*\u001a\u001f\u0012\u0013\u0012\u00110\n¢\u0006\f\b'\u0012\b\b(\u0012\u0004\b\b()\u0012\u0006\u0012\u0004\u0018\u00010\n0&H\u0016J\u001e\u0010.\u001a\u0004\u0018\u00010\n2\b\u0010,\u001a\u0004\u0018\u00010!2\b\u0010-\u001a\u0004\u0018\u00010\nH\u0016R$\u00100\u001a\u0004\u0018\u00010/8\u0006@\u0006X\u0086\u000e¢\u0006\u0012\n\u0004\b0\u00101\u001a\u0004\b2\u00103\"\u0004\b4\u00105¨\u00068"}, d2 = {"Lcom/idemia/android/iso18013/security/ISO18013Security;", "Lcom/idemia/android/iso18013/security/api/ISO18013SecurityInterface;", "", "curveIdentifier", "", "cipherSuiteIdentifier", "keyType", "Lcom/idemia/android/iso18013/security/model/ECKeyPair;", "generateKeyPair", "(Ljava/lang/Integer;Ljava/lang/Long;Ljava/lang/Integer;)Lcom/idemia/android/iso18013/security/model/ECKeyPair;", "", "dataToEncrypt", "Ljava/security/PrivateKey;", "mdlPrivateKey", "Lcom/idemia/android/iso18013/security/model/SessionInfo;", "sessionInfo", "initializationVector", "macSize", "encrypt", "encryptedBytes", "decrypt", "requestData", "", "Ljava/security/cert/X509Certificate;", "caCertificateLst", "Lcom/idemia/android/iso18013/security/security/readerAuth/ReaderAuthStatus;", "verifyReaderAuth", "Lcom/idemia/android/iso18013/security/model/SigningAlgorithm;", "algorithm", "Ljava/security/interfaces/ECPrivateKey;", "dsPrivateKey", "msoBytes", "signMSO", "", "docType", "deviceNamespaces", "Lcom/idemia/android/iso18013/security/model/DeviceAuthType;", "authType", "Lkotlin/Function1;", "Lkotlin/ParameterName;", "name", "dataToSign", "doAuth", "signDeviceAuth", "digestAlgorithm", "payload", "calculateElementHash", "Lcom/idemia/android/iso18013/security/logger/ISecurityLogger;", "logger", "Lcom/idemia/android/iso18013/security/logger/ISecurityLogger;", "getLogger", "()Lcom/idemia/android/iso18013/security/logger/ISecurityLogger;", "setLogger", "(Lcom/idemia/android/iso18013/security/logger/ISecurityLogger;)V", "<init>", "()V", "iso18013-security_release"}, k = 1, mv = {1, 6, 0})
/* loaded from: classes4.dex */
public final class ISO18013Security implements ISO18013SecurityInterface {
    public static final ISO18013Security INSTANCE = new ISO18013Security();
    public static ISecurityLogger logger = null;

    /* compiled from: ISO18013Security.kt */
    /* loaded from: classes4.dex */
    public /* synthetic */ class a {
        public static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[DeviceAuthType.values().length];
            iArr[DeviceAuthType.SIGNATURE.ordinal()] = 1;
            a = iArr;
        }
    }

    public byte[] calculateElementHash(String digestAlgorithm, byte[] payload) {
        SecurityUtils.a.getClass();
        if (digestAlgorithm == null || !DefaultsKt.a.contains(digestAlgorithm)) {
            ISecurityLogger logger2 = INSTANCE.getLogger();
            if (logger2 != null) {
                logger2.onLog(ISecurityLoggerKt.getCOMPONENT_NAME(), "DEBUG", false, "digestAlgorithm:" + ((Object) digestAlgorithm) + " is not supported", "SecurityUtils");
            }
        } else {
            try {
                MessageDigest messageDigest = MessageDigest.getInstance(digestAlgorithm);
                if (payload != null) {
                    messageDigest.update(payload);
                    return messageDigest.digest();
                }
            } catch (Exception e) {
                ISecurityLogger logger3 = INSTANCE.getLogger();
                if (logger3 != null) {
                    logger3.onLog(ISecurityLoggerKt.getCOMPONENT_NAME(), "DEBUG", false, "error in hash calculationdigestAlgorithm; " + ((Object) digestAlgorithm) + ", may not supported:" + ((Object) e.getMessage()), "SecurityUtils");
                }
            }
        }
        return null;
    }

    public byte[] decrypt(byte[] encryptedBytes, PrivateKey mdlPrivateKey, SessionInfo sessionInfo, byte[] initializationVector, int macSize) throws SecuritySDKException {
        try {
            if (mdlPrivateKey == null || sessionInfo == null) {
                throw new CoreException.InvalidInputException(1202, "Decryption Error :: Decryption error, Private key Or Session info should not be null");
            }
            byte[] generate = new b(mdlPrivateKey, sessionInfo).generate();
            if (generate == null) {
                throw new CoreException.GenericException(1205, "Security Error :: Session Key Generation error ");
            }
            ISecurityLogger iSecurityLogger = logger;
            if (iSecurityLogger != null) {
                iSecurityLogger.onLog(ISecurityLoggerKt.getCOMPONENT_NAME(), "DEBUG", false, Intrinsics.stringPlus("SessionKey decrypt ", CborExtsKt.b(generate)), "");
            }
            byte[] a2 = DecryptionUtil.a(encryptedBytes, generate, initializationVector, macSize);
            if (a2 != null) {
                return a2;
            }
            throw new CoreException.GenericException(1212, "Decryption Error :: Error while Decrypting Data");
        } catch (Exception e) {
            if (!(e instanceof CoreException)) {
                throw new SecuritySDKException(1210, "Security Error :: Received exception in Decryption");
            }
            CoreException coreException = (CoreException) e;
            throw new SecuritySDKException(coreException.a, coreException.b);
        }
    }

    @Override // com.idemia.android.iso18013.security.api.ISO18013SecurityInterface
    public byte[] encrypt(byte[] dataToEncrypt, PrivateKey mdlPrivateKey, SessionInfo sessionInfo, byte[] initializationVector, int macSize) throws SecuritySDKException {
        Intrinsics.checkNotNullParameter(dataToEncrypt, "dataToEncrypt");
        try {
            if (mdlPrivateKey == null || sessionInfo == null) {
                throw new CoreException.InvalidInputException(1201, "Encryption Error :: Encryption error, Private key Or Session info should not be null");
            }
            byte[] generate = new N1985SKDevice(mdlPrivateKey, sessionInfo).generate();
            if (generate == null) {
                throw new CoreException.GenericException(1205, "Security Error :: Session Key Generation error ");
            }
            ISecurityLogger iSecurityLogger = logger;
            if (iSecurityLogger != null) {
                iSecurityLogger.onLog(ISecurityLoggerKt.getCOMPONENT_NAME(), "DEBUG", false, Intrinsics.stringPlus("SessionKey encrypt ", CborExtsKt.b(generate)), "");
            }
            byte[] a2 = EncryptionUtil.a(dataToEncrypt, generate, initializationVector, macSize);
            if (a2 != null) {
                return a2;
            }
            throw new CoreException.GenericException(1211, "Encryption Error :: Error while Encrypting Data");
        } catch (Exception e) {
            if (!(e instanceof CoreException)) {
                throw new SecuritySDKException(1209, "Security Error :: Received exception in Encryption");
            }
            CoreException coreException = (CoreException) e;
            throw new SecuritySDKException(coreException.a, coreException.b);
        }
    }

    @Override // com.idemia.android.iso18013.security.api.ISO18013SecurityInterface
    public ECKeyPair generateKeyPair(Integer curveIdentifier, Long cipherSuiteIdentifier, Integer keyType) throws SecuritySDKException {
        try {
            ECKeyUtils eCKeyUtils = ECKeyUtils.a;
            EC2Curve byId = EC2Curve.INSTANCE.getById(curveIdentifier);
            if (cipherSuiteIdentifier != null) {
                try {
                    if (cipherSuiteIdentifier.longValue() == 1) {
                        return ECKeyUtils.a.a(byId, keyType);
                    }
                } catch (NoSuchAlgorithmException e) {
                    e.printStackTrace();
                }
            }
            return null;
        } catch (Exception e2) {
            if (!(e2 instanceof CoreException)) {
                throw new SecuritySDKException(1208, "Security Error :: Received exception in generating key pair");
            }
            CoreException coreException = (CoreException) e2;
            throw new SecuritySDKException(coreException.a, coreException.b);
        }
    }

    public final ISecurityLogger getLogger() {
        return logger;
    }

    public final void setLogger(ISecurityLogger iSecurityLogger) {
        logger = iSecurityLogger;
    }

    /* JADX WARN: Type inference failed for: r2v4, types: [java.lang.Object, byte[]] */
    /* JADX WARN: Type inference failed for: r2v5, types: [java.lang.Object, byte[]] */
    public byte[] signDeviceAuth(String docType, SigningAlgorithm algorithm, SessionInfo sessionInfo, byte[] deviceNamespaces, DeviceAuthType authType, Function1<? super byte[], byte[]> doAuth) {
        Intrinsics.checkNotNullParameter(docType, "docType");
        Intrinsics.checkNotNullParameter(algorithm, "algorithm");
        Intrinsics.checkNotNullParameter(authType, "authType");
        Intrinsics.checkNotNullParameter(doAuth, "doAuth");
        DataItem a2 = SecurityUtils.a.a(sessionInfo == null ? null : sessionInfo.getRdrCOSEKeyBytes(), sessionInfo == null ? null : sessionInfo.getEngDataAsCbor(), sessionInfo == null ? null : sessionInfo.nfcHandoverDataItem(), sessionInfo == null ? false : sessionInfo.isNfcEngagement());
        byte[] c = a2 != null ? CborExtsKt.c(a2) : null;
        SigningUtils signingUtils = SigningUtils.a;
        signingUtils.getClass();
        Intrinsics.checkNotNullParameter(docType, "docType");
        CborBuilder cborBuilder = new CborBuilder();
        List<DataItem> build = new CborBuilder().addArray().add("DeviceAuthentication").add((DataItem) CollectionsKt.first((List) CborExtsKt.c(c))).add(docType).add((DataItem) CollectionsKt.first((List) CborExtsKt.c(deviceNamespaces))).end().build();
        Intrinsics.checkNotNullExpressionValue(build, "CborBuilder().addArray()…           .end().build()");
        List<DataItem> build2 = cborBuilder.add(CborExtsKt.c((DataItem) CollectionsKt.first((List) build))).build();
        Intrinsics.checkNotNullExpressionValue(build2, "CborBuilder().add(\n     …coded()\n        ).build()");
        byte[] c2 = CborExtsKt.c(CborExtsKt.a((DataItem) CollectionsKt.first((List) build2)));
        if (a.a[authType.ordinal()] == 1) {
            ?? a3 = SigningUtils.a(signingUtils, c2, algorithm.asCbor(), null, 4, null);
            ISecurityLogger iSecurityLogger = logger;
            if (iSecurityLogger != null) {
                iSecurityLogger.onLog(ISecurityLoggerKt.getCOMPONENT_NAME(), "DEBUG", false, Intrinsics.stringPlus("DeviceAuthentication CoseSign1=Lib:: ", CborExtsKt.b((byte[]) a3)), "");
            }
            return doAuth.invoke(a3);
        }
        byte[] objProtected = algorithm.asCbor();
        Intrinsics.checkNotNullParameter(objProtected, "objProtected");
        ArrayBuilder<CborBuilder> addArray = new CborBuilder().addArray();
        addArray.add("MAC0");
        addArray.add(objProtected);
        addArray.add(new byte[0]);
        addArray.add(c2);
        List<DataItem> build3 = addArray.end().build();
        Intrinsics.checkNotNullExpressionValue(build3, "CborBuilder().addArray()…)\n        }.end().build()");
        ?? c3 = CborExtsKt.c((DataItem) CollectionsKt.first((List) build3));
        ISecurityLogger iSecurityLogger2 = logger;
        if (iSecurityLogger2 != null) {
            iSecurityLogger2.onLog(ISecurityLoggerKt.getCOMPONENT_NAME(), "DEBUG", false, Intrinsics.stringPlus("DeviceAuthentication coseMac0=Lib:: ", CborExtsKt.b((byte[]) c3)), "");
        }
        return doAuth.invoke(c3);
    }

    public byte[] signMSO(SigningAlgorithm algorithm, ECPrivateKey dsPrivateKey, byte[] msoBytes) {
        Intrinsics.checkNotNullParameter(algorithm, "algorithm");
        SigningUtils signingUtils = SigningUtils.a;
        byte[] a2 = SigningUtils.a(signingUtils, msoBytes, algorithm.asCbor(), null, 4, null);
        ISecurityLogger iSecurityLogger = logger;
        if (iSecurityLogger != null) {
            iSecurityLogger.onLog(ISecurityLoggerKt.getCOMPONENT_NAME(), "DEBUG", false, Intrinsics.stringPlus("MSO sign CoseSign1=Lib ", CborExtsKt.b(a2)), "");
        }
        return SigningUtils.a(signingUtils, a2, algorithm.asCbor(), dsPrivateKey, false, 8, null);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:92:0x047e  */
    /* JADX WARN: Removed duplicated region for block: B:94:0x0487  */
    /* JADX WARN: Removed duplicated region for block: B:96:0x0339  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.util.List<com.idemia.android.iso18013.security.security.readerAuth.ReaderAuthStatus> verifyReaderAuth(byte[] r28, com.idemia.android.iso18013.security.model.SessionInfo r29, java.util.List<? extends java.security.cert.X509Certificate> r30) {
        /*
            Method dump skipped, instructions count: 1577
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.idemia.android.iso18013.security.ISO18013Security.verifyReaderAuth(byte[], com.idemia.android.iso18013.security.model.SessionInfo, java.util.List):java.util.List");
    }
}
