package de.authada.eid.card.sm;

import de.authada.eid.card.api.CLA;
import de.authada.eid.card.api.CardProcessingException;
import de.authada.eid.card.api.Case;
import de.authada.eid.card.api.CommandAPDU;
import de.authada.eid.card.api.ResponseAPDU;
import de.authada.eid.card.asn1.sm.ProtectedLe;
import de.authada.org.bouncycastle.crypto.InvalidCipherTextException;
import de.authada.org.bouncycastle.crypto.RuntimeCryptoException;
import de.authada.org.bouncycastle.util.Arrays;
import java.io.ByteArrayOutputStream;
import java.io.IOException;

/* loaded from: classes2.dex */
class SMHandler {
    private final SMApduFactory smApduFactory;
    private final SMCryptoProvider smCryptoProvider;

    public SMHandler(SMCryptoProvider sMCryptoProvider) {
        this.smCryptoProvider = sMCryptoProvider;
        this.smApduFactory = new SMApduFactory(sMCryptoProvider);
    }

    private CommandAPDU<ResponseAPDU> encryptData(byte[] bArr, Case r11, boolean z10, CLA cla) {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                try {
                    if (r11 == Case.NO_DATA) {
                        byteArrayOutputStream2.write(bArr, 0, 4);
                    } else {
                        byteArrayOutputStream2.write(this.smCryptoProvider.padHeader(Arrays.copyOfRange(bArr, 0, 4)));
                    }
                    if (r11 == Case.SENDING_DATA || r11 == Case.TRANSCEIVING_DATA) {
                        byte[] encoded = this.smCryptoProvider.computeCryptogram(extractBody(bArr, z10, r11 == Case.TRANSCEIVING_DATA)).getEncoded();
                        byteArrayOutputStream.write(encoded);
                        byteArrayOutputStream2.write(encoded);
                    }
                    if (r11 == Case.RECEIVING_DATA || r11 == Case.TRANSCEIVING_DATA) {
                        byte[] encoded2 = new ProtectedLe(extractLe(bArr, z10)).getEncoded();
                        byteArrayOutputStream.write(encoded2);
                        byteArrayOutputStream2.write(encoded2);
                    }
                    SMCryptoProvider sMCryptoProvider = this.smCryptoProvider;
                    byteArrayOutputStream.write(sMCryptoProvider.calcChecksum(sMCryptoProvider.getSendSequenceCounter().nextBytes(), byteArrayOutputStream2.toByteArray()).getEncoded());
                    byteArrayOutputStream2.close();
                    CommandAPDU<ResponseAPDU> create = this.smApduFactory.create(z10, r11, cla, bArr, byteArrayOutputStream.toByteArray());
                    byteArrayOutputStream.close();
                    return create;
                } finally {
                }
            } catch (Throwable th2) {
                try {
                    byteArrayOutputStream.close();
                } catch (Throwable th3) {
                    th2.addSuppressed(th3);
                }
                throw th2;
            }
        } catch (InvalidCipherTextException | RuntimeCryptoException | IOException e10) {
            throw new CardProcessingException("Failed to create SM APDU data", e10);
        }
    }

    private byte[] extractBody(byte[] bArr, boolean z10, boolean z11) {
        if (z10) {
            int length = bArr.length;
            if (z11) {
                length -= 2;
            }
            return Arrays.copyOfRange(bArr, 7, length);
        }
        int length2 = bArr.length;
        if (z11) {
            length2--;
        }
        return Arrays.copyOfRange(bArr, 5, length2);
    }

    private byte[] extractLe(byte[] bArr, boolean z10) {
        return z10 ? Arrays.copyOfRange(bArr, bArr.length - 2, bArr.length) : Arrays.copyOfRange(bArr, bArr.length - 1, bArr.length);
    }

    private CLA mapCLA(CLA cla) {
        if (cla == CLA.PLAIN) {
            return CLA.SECURE;
        }
        if (cla == CLA.PLAIN_CHAINING) {
            return CLA.SECURE_CHAINING;
        }
        if (cla == CLA.SECURE || cla == CLA.SECURE_CHAINING) {
            return cla;
        }
        throw new IllegalArgumentException("Invalid CLA");
    }

    public <R> CommandAPDU<ResponseAPDU> encrypt(CommandAPDU<R> commandAPDU) {
        byte[] bytes = commandAPDU.getBytes().getBytes();
        CLA mapCLA = mapCLA(commandAPDU.getCLA());
        bytes[0] = mapCLA.getClassByte();
        CommandAPDU<ResponseAPDU> encryptData = encryptData(bytes, commandAPDU.getCase(), commandAPDU.isExtendedLength(), mapCLA);
        this.smCryptoProvider.getSendSequenceCounter().increment();
        return encryptData;
    }
}
