package com.surepassid.obfuscate.client.virtual;

import android.content.Context;
import com.surepassid.obfuscate.fido.crypto.CryptoUtility;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.nio.ByteBuffer;
import java.nio.ShortBuffer;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Arrays;
import java.util.Date;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

/* loaded from: classes.dex */
public class VirtualCard {
    private static final byte[] BUILD_NUMBER;
    private static final String COUNT_FILENAME = "countFile";
    private static final byte FLAG_CHECK_ONLY = 7;
    private static final byte FLAG_ENFORCE_USER_PRESENCE = 3;
    private static final byte INS_BUILD = -47;
    private static final byte INS_GET_RESPONSE = -64;
    private static final byte INS_SELECT = -92;
    private static final byte INS_U2F_AUTHENTICATE = 2;
    private static final byte INS_U2F_REGISTER = 1;
    private static final byte INS_U2F_VENDOR_FIRST = -48;
    private static final byte INS_U2F_VENDOR_LAST = -1;
    private static final byte INS_U2F_VERSION = 3;
    private static final String SIGNATURE_AGLO = "SHA256withECDSA";
    private static final byte[] U2F_VERSION;
    private static final int USER_PUBLIC_KEY_SIZE = 65;
    Context context;
    private byte[] outBuffer = new byte[32767];
    private short hi_count = 0;
    private short lo_count = 0;

    static {
        System.loadLibrary("surepassid");
        U2F_VERSION = new byte[]{85, 50, 70, 95, 86, 50};
        BUILD_NUMBER = new byte[]{83, 80, 66, 48, 49, 46, 48, 48, 51};
    }

    private void getCounter(byte[] bArr, int i) {
        readCounters();
        short s = (short) (this.lo_count + 1);
        this.lo_count = s;
        if (s == 0) {
            this.hi_count = (short) (this.hi_count + 1);
        }
        bArr[i] = (byte) (this.hi_count >> 8);
        bArr[i + 1] = (byte) this.hi_count;
        bArr[i + 2] = (byte) (this.lo_count >> 8);
        bArr[i + 3] = (byte) this.lo_count;
        writeCounters();
    }

    private int processEnrollRequest(byte[] bArr, int i, int i2) {
        int i3 = 0;
        if (i != 64) {
            ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
        }
        this.outBuffer[0] = 5;
        int i4 = 0 + 1;
        KeyPairGenerator keyPairGenerator = null;
        try {
            keyPairGenerator = KeyPairGenerator.getInstance(Utils.ALGO_NAME, CryptoUtility.BOUNCY_CASTLE_PROVIDER);
            keyPairGenerator.initialize(new ECGenParameterSpec(Utils.CURVE_NAME));
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException e) {
            ISOException.throwIt(ISO7816.SW_DATA_INVALID);
        }
        KeyPair genKeyPair = keyPairGenerator.genKeyPair();
        byte[] bArr2 = new byte[65];
        System.arraycopy(genKeyPair.getPublic().getEncoded(), 26, bArr2, 0, 65);
        int length = bArr2.length;
        if (65 != length) {
            ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
        }
        System.arraycopy(bArr2, 0, this.outBuffer, i4, length);
        int i5 = length + 1;
        byte[] encoded = ((ECPrivateKey) genKeyPair.getPrivate()).getEncoded();
        int i6 = 0;
        try {
            byte[] bArr3 = new byte[32];
            System.arraycopy(bArr, i2 + 32, bArr3, 0, 32);
            byte[] generateKeyHandleBytes = CryptoUtility.generateKeyHandleBytes(this.context, new CryptoUtility.KeyHandle(bArr3, encoded));
            i6 = generateKeyHandleBytes.length;
            this.outBuffer[i5] = (byte) i6;
            i5++;
            i3 = i5;
            System.arraycopy(generateKeyHandleBytes, 0, this.outBuffer, i3, generateKeyHandleBytes.length);
            i5 += generateKeyHandleBytes.length;
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e2) {
            ISOException.throwIt(ISO7816.SW_DATA_INVALID);
        }
        byte[] bArr4 = null;
        X509Certificate parseCertificate = Utils.parseCertificate(Attestation.getAttestationCertificate());
        try {
            parseCertificate.checkValidity(new Date());
            bArr4 = parseCertificate.getEncoded();
        } catch (CertificateException e3) {
            ISOException.throwIt(ISO7816.SW_DATA_INVALID);
        }
        System.arraycopy(bArr4, 0, this.outBuffer, i5, bArr4.length);
        int length2 = i5 + bArr4.length;
        byte[] bArr5 = new byte[i6 + 65 + 65];
        bArr5[0] = 0;
        short s = (short) 1;
        System.arraycopy(bArr, i2 + 32, bArr5, s, 32);
        short s2 = (short) (s + 32);
        System.arraycopy(bArr, i2 + 0, bArr5, s2, 32);
        short s3 = (short) (s2 + 32);
        System.arraycopy(this.outBuffer, i3, bArr5, s3, i6);
        short s4 = (short) (s3 + i6);
        System.arraycopy(this.outBuffer, 1, bArr5, s4, length);
        try {
            Signature signature = Signature.getInstance(SIGNATURE_AGLO, CryptoUtility.BOUNCY_CASTLE_PROVIDER);
            signature.initSign(Utils.parsePrivateKey(Attestation.getAttestationKey()));
            signature.update(bArr5);
            byte[] sign = signature.sign();
            System.arraycopy(sign, 0, this.outBuffer, length2, sign.length);
            length2 += sign.length;
            signature.initVerify(parseCertificate.getPublicKey());
            signature.update(bArr5);
            if (!signature.verify(sign)) {
                ISOException.throwIt(ISO7816.SW_DATA_INVALID);
            }
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e4) {
            ISOException.throwIt(ISO7816.SW_DATA_INVALID);
        }
        return length2;
    }

    private short processSignRequest(byte[] bArr, int i, int i2) {
        if (bArr[2] != 7 && bArr[2] != 3) {
            ISOException.throwIt(ISO7816.SW_WRONG_DATA);
        }
        CryptoUtility.KeyHandle keyHandle = null;
        try {
            keyHandle = CryptoUtility.decryptKeyHandleBytes(this.context, Arrays.copyOfRange(bArr, i2 + 64 + 1, i2 + 64 + 1 + (bArr[i2 + 64] & 255)));
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            ISOException.throwIt(ISO7816.SW_DATA_INVALID);
        }
        if (!Utils.compareBytes(bArr, i2 + 32, keyHandle.getAppId(), 0, 32)) {
            ISOException.throwIt(ISO7816.SW_WRONG_DATA);
        }
        if (bArr[2] == 7) {
            ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);
        }
        this.outBuffer[0] = 1;
        short s = (short) 1;
        getCounter(this.outBuffer, s);
        short s2 = (short) (s + 4);
        byte[] bArr2 = new byte[69];
        System.arraycopy(bArr, i2 + 32, bArr2, 0, 32);
        short s3 = (short) 32;
        bArr2[s3] = 1;
        short s4 = (short) (s3 + 1);
        System.arraycopy(this.outBuffer, 1, bArr2, s4, 4);
        System.arraycopy(bArr, i2, bArr2, (short) (s4 + 4), 32);
        byte[] bArr3 = null;
        try {
            PrivateKey generatePrivate = KeyFactory.getInstance(Utils.ALGO_NAME, CryptoUtility.BOUNCY_CASTLE_PROVIDER).generatePrivate(new PKCS8EncodedKeySpec(keyHandle.getPrivateKey()));
            Signature signature = Signature.getInstance(SIGNATURE_AGLO, CryptoUtility.BOUNCY_CASTLE_PROVIDER);
            signature.initSign(generatePrivate);
            signature.update(bArr2);
            bArr3 = signature.sign();
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException | InvalidKeySpecException e2) {
            ISOException.throwIt(ISO7816.SW_WRONG_DATA);
        }
        System.arraycopy(bArr3, 0, this.outBuffer, s2, bArr3.length);
        return (short) (bArr3.length + s2);
    }

    private void readCounters() {
        try {
            FileInputStream openFileInput = this.context.openFileInput(COUNT_FILENAME);
            byte[] bArr = new byte[4];
            openFileInput.read(bArr);
            openFileInput.close();
            ShortBuffer asShortBuffer = ByteBuffer.wrap(bArr).asShortBuffer();
            this.lo_count = asShortBuffer.get(0);
            this.hi_count = asShortBuffer.get(1);
        } catch (Exception e) {
            e.printStackTrace();
            this.lo_count = (short) 0;
            this.hi_count = (short) 0;
        }
    }

    private void sendLongDataToCaller(APDU apdu, int i) {
        int i2 = 0;
        apdu.setOutgoing();
        apdu.setOutgoingLength(i);
        while (i > 0) {
            int i3 = 255;
            if (i < 255) {
                i3 = i;
            }
            apdu.sendBytesLong(this.outBuffer, (short) i2, (short) i3);
            i -= 255;
            i2 += 255;
        }
    }

    private void writeCounters() {
        try {
            byte[] bArr = new byte[4];
            ShortBuffer asShortBuffer = ByteBuffer.wrap(bArr).asShortBuffer();
            asShortBuffer.put(0, this.lo_count);
            asShortBuffer.put(1, this.hi_count);
            FileOutputStream openFileOutput = this.context.openFileOutput(COUNT_FILENAME, 0);
            openFileOutput.write(bArr);
            openFileOutput.close();
            readCounters();
        } catch (Exception e) {
            e.printStackTrace();
            ISOException.throwIt(ISO7816.SW_DATA_INVALID);
        }
    }

    public void process(APDU apdu) {
        byte[] buffer = apdu.getBuffer();
        switch (buffer[1]) {
            case -92:
                try {
                    apdu.setOutgoing();
                    apdu.setOutgoingLength((short) U2F_VERSION.length);
                    apdu.sendBytesLong(U2F_VERSION, (short) 0, (short) U2F_VERSION.length);
                    return;
                } catch (APDUException e) {
                    ISOException.throwIt(ISO7816.SW_DATA_INVALID);
                    return;
                }
            case -47:
                System.arraycopy(BUILD_NUMBER, 0, buffer, 0, (short) BUILD_NUMBER.length);
                apdu.setOutgoingAndSend((short) 0, (short) BUILD_NUMBER.length);
                return;
            case 0:
            default:
                return;
            case 1:
                try {
                    apdu.setIncomingAndReceive();
                    sendLongDataToCaller(apdu, processEnrollRequest(buffer, 64, apdu.getOffsetCdata()));
                    return;
                } catch (APDUException e2) {
                    ISOException.throwIt(ISO7816.SW_DATA_INVALID);
                    return;
                }
            case 2:
                short processSignRequest = processSignRequest(buffer, apdu.setIncomingAndReceive(), apdu.getOffsetCdata());
                apdu.setOutgoing();
                apdu.setOutgoingLength(processSignRequest);
                apdu.sendBytesLong(this.outBuffer, (short) 0, processSignRequest);
                return;
            case 3:
                System.arraycopy(U2F_VERSION, 0, buffer, 0, (short) U2F_VERSION.length);
                apdu.setOutgoingAndSend((short) 0, (short) U2F_VERSION.length);
                return;
        }
    }

    public void setContext(Context context) {
        this.context = context;
        readCounters();
        writeCounters();
    }
}
