package im.status.keycard.globalplatform;

import im.status.keycard.applet.Identifiers;
import im.status.keycard.io.APDUCommand;
import im.status.keycard.io.APDUException;
import im.status.keycard.io.APDUResponse;
import im.status.keycard.io.CardChannel;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.SecureRandom;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: classes.dex */
public class GlobalPlatformCommandSet {
    static final byte EXTERNAL_AUTHENTICATE_P1 = 1;
    static final byte INSTALL_FOR_INSTALL_P1 = 12;
    static final byte INSTALL_FOR_LOAD_P1 = 2;
    static final byte INS_DELETE = -28;
    static final byte INS_EXTERNAL_AUTHENTICATE = -126;
    static final byte INS_INITIALIZE_UPDATE = 80;
    static final byte INS_INSTALL = -26;
    static final byte INS_LOAD = -24;
    static final byte INS_PUT_KEY = -40;
    static final byte INS_SELECT = -92;
    static final byte LOAD_P1_LAST_BLOCK = Byte.MIN_VALUE;
    static final byte LOAD_P1_MORE_BLOCKS = 0;
    static final byte SELECT_P1_BY_NAME = 4;
    private final CardChannel apduChannel;
    private SCP02Keys cardKeys;
    private final byte[] developmentKey;
    private final byte[] gpDefaultKey = Hex.decode("404142434445464748494a4b4c4d4e4f");
    private final SCP02Keys gpDefaultKeys;
    private SecureChannel secureChannel;
    private Session session;

    public GlobalPlatformCommandSet(CardChannel cardChannel) {
        byte[] bArr = this.gpDefaultKey;
        this.gpDefaultKeys = new SCP02Keys(bArr, bArr, bArr);
        this.developmentKey = Hex.decode("c212e073ff8b4bbfaff4de8ab655221f");
        this.apduChannel = cardChannel;
        setCardKeys(this.developmentKey);
    }

    private void writeSCP02Key(ByteArrayOutputStream byteArrayOutputStream, byte[] bArr) throws IOException {
        byte[] ecb3des = Crypto.ecb3des(this.session.getKeys().getDekKeyData(), bArr);
        byte[] kcv3des = Crypto.kcv3des(bArr);
        byteArrayOutputStream.write(128);
        byteArrayOutputStream.write(ecb3des.length);
        byteArrayOutputStream.write(ecb3des);
        byteArrayOutputStream.write(kcv3des.length);
        byteArrayOutputStream.write(kcv3des);
    }

    public APDUResponse delete(byte[] bArr) throws IOException {
        byte[] bArr2 = new byte[bArr.length + 2];
        bArr2[0] = 79;
        bArr2[1] = (byte) bArr.length;
        System.arraycopy(bArr, 0, bArr2, 2, bArr.length);
        return this.secureChannel.send(new APDUCommand(128, -28, 0, 0, bArr2));
    }

    public APDUResponse deleteCashInstance() throws IOException {
        return delete(Identifiers.CASH_INSTANCE_AID);
    }

    public APDUResponse deleteKeycardInstance() throws IOException {
        return delete(Identifiers.getKeycardInstanceAID());
    }

    public void deleteKeycardInstancesAndPackage() throws IOException, APDUException {
        deleteNDEFInstance().checkSW(36864, APDUResponse.SW_REFERENCED_DATA_NOT_FOUND);
        deleteKeycardInstance().checkSW(36864, APDUResponse.SW_REFERENCED_DATA_NOT_FOUND);
        deleteCashInstance().checkSW(36864, APDUResponse.SW_REFERENCED_DATA_NOT_FOUND);
        deleteKeycardPackage().checkSW(36864, APDUResponse.SW_REFERENCED_DATA_NOT_FOUND);
    }

    public APDUResponse deleteKeycardPackage() throws IOException {
        return delete(Identifiers.PACKAGE_AID);
    }

    public APDUResponse deleteNDEFInstance() throws IOException {
        return delete(Identifiers.NDEF_INSTANCE_AID);
    }

    public APDUResponse externalAuthenticate(byte[] bArr) throws IOException {
        byte[] cardChallenge = this.session.getCardChallenge();
        byte[] bArr2 = new byte[cardChallenge.length + bArr.length];
        System.arraycopy(cardChallenge, 0, bArr2, 0, cardChallenge.length);
        System.arraycopy(bArr, 0, bArr2, cardChallenge.length, bArr.length);
        return this.secureChannel.send(new APDUCommand(132, -126, 1, 0, Crypto.mac3des(this.session.getKeys().encKeyData, Crypto.appendDESPadding(bArr2), Crypto.NullBytes8)));
    }

    public APDUResponse initializeUpdate(byte[] bArr) throws IOException, APDUException {
        APDUResponse send = this.apduChannel.send(new APDUCommand(128, 80, 0, 0, bArr, true));
        if (send.isOK()) {
            try {
                this.session = SecureChannel.verifyChallenge(bArr, this.cardKeys, send);
            } catch (APDUException unused) {
                this.session = SecureChannel.verifyChallenge(bArr, this.gpDefaultKeys, send);
                this.session.markAsUsingFallbackKeys();
            }
            this.secureChannel = new SecureChannel(this.apduChannel, this.session.getKeys());
        }
        return send;
    }

    public APDUResponse installCashApplet() throws IOException {
        return installCashApplet(new byte[0]);
    }

    public APDUResponse installCashApplet(byte[] bArr) throws IOException {
        return installForInstall(Identifiers.PACKAGE_AID, Identifiers.CASH_AID, Identifiers.CASH_INSTANCE_AID, bArr);
    }

    public APDUResponse installForInstall(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(bArr.length);
        byteArrayOutputStream.write(bArr);
        byteArrayOutputStream.write(bArr2.length);
        byteArrayOutputStream.write(bArr2);
        byteArrayOutputStream.write(bArr3.length);
        byteArrayOutputStream.write(bArr3);
        byte[] bArr5 = {0};
        byteArrayOutputStream.write(bArr5.length);
        byteArrayOutputStream.write(bArr5);
        byte[] bArr6 = new byte[bArr4.length + 2];
        bArr6[0] = -55;
        bArr6[1] = (byte) bArr4.length;
        System.arraycopy(bArr4, 0, bArr6, 2, bArr4.length);
        byteArrayOutputStream.write(bArr6.length);
        byteArrayOutputStream.write(bArr6);
        byteArrayOutputStream.write(0);
        return this.secureChannel.send(new APDUCommand(128, -26, 12, 0, byteArrayOutputStream.toByteArray()));
    }

    public APDUResponse installForLoad(byte[] bArr) throws IOException {
        return installForLoad(bArr, new byte[0]);
    }

    public APDUResponse installForLoad(byte[] bArr, byte[] bArr2) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(bArr.length);
        byteArrayOutputStream.write(bArr);
        byteArrayOutputStream.write(bArr2.length);
        byteArrayOutputStream.write(bArr2);
        byteArrayOutputStream.write(0);
        byteArrayOutputStream.write(0);
        byteArrayOutputStream.write(0);
        return this.secureChannel.send(new APDUCommand(128, -26, 2, 0, byteArrayOutputStream.toByteArray()));
    }

    public APDUResponse installKeycardApplet() throws IOException {
        return installForInstall(Identifiers.PACKAGE_AID, Identifiers.KEYCARD_AID, Identifiers.getKeycardInstanceAID(), new byte[0]);
    }

    public APDUResponse installNDEFApplet(byte[] bArr) throws IOException {
        return installForInstall(Identifiers.PACKAGE_AID, Identifiers.NDEF_AID, Identifiers.NDEF_INSTANCE_AID, bArr);
    }

    public APDUResponse load(byte[] bArr, int i, boolean z) throws IOException {
        return this.secureChannel.send(new APDUCommand(128, -24, z ? 0 : -128, i, bArr));
    }

    public void loadKeycardPackage(InputStream inputStream, LoadCallback loadCallback) throws IOException, APDUException {
        installForLoad(Identifiers.PACKAGE_AID).checkOK();
        Load load = new Load(inputStream);
        int blocksCount = load.blocksCount();
        while (true) {
            byte[] nextDataBlock = load.nextDataBlock();
            if (nextDataBlock == null) {
                return;
            }
            load(nextDataBlock, load.getCount() - 1, load.hasMore()).checkOK();
            loadCallback.blockLoaded(load.getCount(), blocksCount);
        }
    }

    public void openSecureChannel() throws APDUException, IOException {
        openSecureChannel(true);
    }

    public void openSecureChannel(boolean z) throws APDUException, IOException {
        byte[] bArr = new byte[8];
        new SecureRandom().nextBytes(bArr);
        initializeUpdate(bArr).checkOK();
        externalAuthenticate(bArr).checkOK();
        if (this.session.usesFallbackKeys() && z) {
            putSCP02Keys(this.cardKeys.getEncKeyData(), this.cardKeys.getMacKeyData(), this.cardKeys.getDekKeyData(), 0, 1).checkOK();
        }
    }

    public APDUResponse putSCP02Keys(byte[] bArr, int i, int i2) throws IOException {
        return putSCP02Keys(bArr, bArr, bArr, i, i2);
    }

    public APDUResponse putSCP02Keys(byte[] bArr, byte[] bArr2, byte[] bArr3, int i, int i2) throws IOException {
        if (bArr.length != 16 || bArr2.length != 16 || bArr3.length != 16) {
            throw new IllegalArgumentException("All keys must be 16-byte 3DES keys");
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(i2);
        writeSCP02Key(byteArrayOutputStream, bArr);
        writeSCP02Key(byteArrayOutputStream, bArr2);
        writeSCP02Key(byteArrayOutputStream, bArr3);
        return this.secureChannel.send(new APDUCommand(132, -40, i, 129, byteArrayOutputStream.toByteArray()));
    }

    public APDUResponse select() throws IOException {
        return this.apduChannel.send(new APDUCommand(0, -92, 4, 0, new byte[0]));
    }

    public void setCardKeys(byte[] bArr) {
        setCardKeys(bArr, bArr, bArr);
    }

    public void setCardKeys(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        this.cardKeys = new SCP02Keys(bArr, bArr2, bArr3);
    }
}
