package de.authada.eid.card.pace.steps;

import Bm.b;
import Bm.d;
import de.authada.eid.card.api.Card;
import de.authada.eid.card.api.CardProcessingException;
import de.authada.eid.card.api.CommandAPDU;
import de.authada.eid.card.asn1.CertificateHolderAuthorizationTemplate;
import de.authada.eid.card.asn1.EFCardAccess;
import de.authada.eid.card.asn1.pace.PACEInfo;
import de.authada.eid.card.asn1.pace.UserSecretType;
import de.authada.eid.card.pace.InvalidSecretStateException;
import de.authada.eid.card.pace.PACEException;
import de.authada.eid.card.pace.PACEInfoValidator;
import de.authada.eid.card.pace.Secret;
import de.authada.eid.card.pace.SecretState;
import de.authada.eid.card.pace.apdus.MSESetATBuilder;
import de.authada.eid.card.pace.steps.CardAccessRetrieverPACEStep;
import de.authada.eid.core.support.Optional;
import de.authada.org.bouncycastle.asn1.ASN1ObjectIdentifier;
import de.authada.org.bouncycastle.asn1.x9.X9ECParameters;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.List;
import java.util.Map;

/* loaded from: classes2.dex */
public class SecretTypeAndSelectPACEInfoPACEStep {
    private static final b LOGGER = d.b(SecretTypeAndSelectPACEInfoPACEStep.class);

    /* loaded from: classes2.dex */
    public static final class SecretTypeAndSelectPACEInfoPACEContext extends PACEContextDelegate {
        private PACEInfo paceInfo;

        private SecretTypeAndSelectPACEInfoPACEContext(CardAccessRetrieverPACEStep.CardAccessRetrieverPACEContext cardAccessRetrieverPACEContext) {
            super(cardAccessRetrieverPACEContext.getPACEContext());
        }

        public /* synthetic */ SecretTypeAndSelectPACEInfoPACEContext(CardAccessRetrieverPACEStep.CardAccessRetrieverPACEContext cardAccessRetrieverPACEContext, int i10) {
            this(cardAccessRetrieverPACEContext);
        }

        public void setPaceInfo(PACEInfo pACEInfo) {
            this.paceInfo = pACEInfo;
        }

        public Card getCard() {
            return getPACEContext().getCard();
        }

        public Map<Integer, X9ECParameters> getCurveMapPACE() {
            return getPACEContext().curveMapPACE();
        }

        public PACEInfo getPaceInfo() {
            return this.paceInfo;
        }

        public SecureRandom getSecureRandom() {
            return getPACEContext().getSecureRandom();
        }

        public Secret getUserSecret() {
            return getPACEContext().getUserSecret();
        }

        public List<ASN1ObjectIdentifier> getValidPACEOids() {
            return getPACEContext().validPACEOids();
        }
    }

    private CommandAPDU<SecretState> buildMSESetAT(EFCardAccess eFCardAccess, UserSecretType userSecretType, Optional<CertificateHolderAuthorizationTemplate> optional, PACEInfo pACEInfo) {
        MSESetATBuilder cryptographicMechanismReference = new MSESetATBuilder().cryptographicMechanismReference(pACEInfo.getCryptographicMechanismReference());
        if (eFCardAccess.getPaceInfos().size() > 1) {
            cryptographicMechanismReference.paceParameterId(Optional.of(pACEInfo.getParameterId()));
        } else {
            cryptographicMechanismReference.paceParameterId(Optional.empty());
        }
        cryptographicMechanismReference.chat(optional);
        cryptographicMechanismReference.secret(userSecretType);
        return cryptographicMechanismReference.build();
    }

    private void checkSecretState(SecretState secretState, boolean z10) {
        boolean z11 = (secretState == SecretState.ONE_TRY && z10) ? false : true;
        if (secretState != SecretState.OK && secretState != SecretState.TWO_TRIES && z11) {
            throw new InvalidSecretStateException(secretState);
        }
    }

    public static /* synthetic */ PACEException lambda$processStep$0() {
        return new PACEException("No valid paceinfo in efcardaccess");
    }

    /* JADX WARN: Type inference failed for: r4v1, types: [java.lang.Object, de.authada.eid.core.support.Supplier] */
    public SecretTypeAndSelectPACEInfoPACEContext processStep(CardAccessRetrieverPACEStep.CardAccessRetrieverPACEContext cardAccessRetrieverPACEContext) {
        SecretTypeAndSelectPACEInfoPACEContext secretTypeAndSelectPACEInfoPACEContext = new SecretTypeAndSelectPACEInfoPACEContext(cardAccessRetrieverPACEContext, 0);
        b bVar = LOGGER;
        bVar.s("Validating PACEInfo");
        EFCardAccess efCardAccess = cardAccessRetrieverPACEContext.getEfCardAccess();
        PACEInfo orElseThrow = new PACEInfoValidator(cardAccessRetrieverPACEContext.getValidPACEOids(), cardAccessRetrieverPACEContext.getCurveMapPACE(), efCardAccess.getPaceInfos()).firstValid().orElseThrow(new Object());
        try {
            bVar.s("Checking pin");
            checkSecretState((SecretState) cardAccessRetrieverPACEContext.getCard().transceive(buildMSESetAT(efCardAccess, cardAccessRetrieverPACEContext.getUserSecretType(), cardAccessRetrieverPACEContext.getChat(), orElseThrow)), cardAccessRetrieverPACEContext.isAcceptStateOneTry());
            secretTypeAndSelectPACEInfoPACEContext.setPaceInfo(orElseThrow);
            return secretTypeAndSelectPACEInfoPACEContext;
        } catch (CardProcessingException | IOException e10) {
            throw new PACEException("Error during pace info selection and secret type validation agreement", e10);
        }
    }
}
