package de.cardcontact.opencard.security;

import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import opencard.core.OpenCardException;
import opencard.core.service.CardServiceException;

/* loaded from: input_file:de/cardcontact/opencard/security/GPSCP02Authenticator.class */
public class GPSCP02Authenticator extends GPSCPAuthenticator {
    private static final byte[] EIGHT_BYTES_PADDING_BLOCK = {Byte.MIN_VALUE, 0, 0, 0, 0, 0, 0, 0};
    private static final byte[] defaultICV = {0, 0, 0, 0, 0, 0, 0, 0};
    private Cipher desCipher;
    private Mac desMac;
    private Mac desRetailMac;

    public GPSCP02Authenticator(byte[] bArr) {
        super(bArr);
        try {
            this.desCipher = Cipher.getInstance("DESede/CBC/NoPadding");
            this.desMac = Mac.getInstance("DESEDEMAC64");
            this.desRetailMac = Mac.getInstance("ISO9797ALG3Mac");
        } catch (Exception e) {
            throw new RuntimeException("Failed to create cipher instance", e);
        }
    }

    @Override // de.cardcontact.opencard.security.GPSCPAuthenticator
    public void processInitializeUpdateResponse(byte[] bArr) throws OpenCardException {
        if (bArr.length != 28) {
            throw new CardServiceException("INITIALIZE UPDATE failed - wrong length of response data (" + bArr.length + ")");
        }
        this.keyDiversificationData = new byte[10];
        System.arraycopy(bArr, 0, this.keyDiversificationData, 0, this.keyDiversificationData.length);
        this.keyInformation = new byte[2];
        System.arraycopy(bArr, 10, this.keyInformation, 0, this.keyInformation.length);
        this.sequenceCounter = new byte[2];
        System.arraycopy(bArr, 12, this.sequenceCounter, 0, this.sequenceCounter.length);
        this.cardChallenge = new byte[6];
        System.arraycopy(bArr, 14, this.cardChallenge, 0, this.cardChallenge.length);
        this.cardCryptogram = new byte[8];
        System.arraycopy(bArr, 20, this.cardCryptogram, 0, this.cardCryptogram.length);
    }

    @Override // de.cardcontact.opencard.security.GPSCPAuthenticator
    public void deriveSessionKeys(GPKeySet gPKeySet) {
        IvParameterSpec ivParameterSpec = new IvParameterSpec(defaultICV);
        byte[] bArr = new byte[16];
        bArr[0] = 1;
        bArr[2] = this.sequenceCounter[0];
        bArr[3] = this.sequenceCounter[1];
        try {
            bArr[1] = -126;
            this.desCipher.init(1, gPKeySet.getEncKey(), ivParameterSpec);
            SecretKeySpec secretKeySpec = new SecretKeySpec(this.desCipher.doFinal(bArr), "DESede");
            bArr[1] = 1;
            this.desCipher.init(1, gPKeySet.getMacKey(), ivParameterSpec);
            SecretKeySpec secretKeySpec2 = new SecretKeySpec(this.desCipher.doFinal(bArr), "DESede");
            bArr[1] = -127;
            this.desCipher.init(1, gPKeySet.getDekKey(), ivParameterSpec);
            this.sessionKeys = new GPKeySet(secretKeySpec, secretKeySpec2, new SecretKeySpec(this.desCipher.doFinal(bArr), "DESede"));
        } catch (Exception e) {
            throw new RuntimeException("Failed to derive session keys", e);
        }
    }

    @Override // de.cardcontact.opencard.security.GPSCPAuthenticator
    public boolean isCardCryptogramValid() {
        byte[] bArr = new byte[24];
        System.arraycopy(this.hostChallenge, 0, bArr, 0, 8);
        System.arraycopy(this.sequenceCounter, 0, bArr, 8, 2);
        System.arraycopy(this.cardChallenge, 0, bArr, 10, 6);
        System.arraycopy(EIGHT_BYTES_PADDING_BLOCK, 0, bArr, 16, 8);
        try {
            this.desMac.init(this.sessionKeys.getEncKey(), new IvParameterSpec(defaultICV));
            return Arrays.compare(this.cardCryptogram, this.desMac.doFinal(bArr)) == 0;
        } catch (Exception e) {
            throw new RuntimeException("Failed to calculate MAC", e);
        }
    }

    @Override // de.cardcontact.opencard.security.GPSCPAuthenticator
    public byte[] calculateHostCryptogram(byte b) {
        byte[] bArr = new byte[24];
        System.arraycopy(this.sequenceCounter, 0, bArr, 0, 2);
        System.arraycopy(this.cardChallenge, 0, bArr, 2, 6);
        System.arraycopy(this.hostChallenge, 0, bArr, 8, 8);
        System.arraycopy(EIGHT_BYTES_PADDING_BLOCK, 0, bArr, 16, 8);
        try {
            this.desMac.init(this.sessionKeys.getEncKey(), new IvParameterSpec(defaultICV));
            byte[] doFinal = this.desMac.doFinal(bArr);
            byte[] bArr2 = new byte[16];
            bArr2[0] = -124;
            bArr2[1] = -126;
            bArr2[2] = b;
            bArr2[3] = 0;
            bArr2[4] = 16;
            System.arraycopy(doFinal, 0, bArr2, 5, 8);
            bArr2[13] = Byte.MIN_VALUE;
            try {
                this.desRetailMac.init(this.sessionKeys.getMacKey(), new IvParameterSpec(defaultICV));
                byte[] doFinal2 = this.desRetailMac.doFinal(bArr2);
                System.arraycopy(doFinal, 0, bArr2, 0, 8);
                System.arraycopy(doFinal2, 0, bArr2, 8, 8);
                this.secureChannel = new GPSCP02SecureChannel(this.sessionKeys.getEncKey(), this.sessionKeys.getMacKey(), this.sessionKeys.getDekKey(), doFinal2, b, "BC");
                return bArr2;
            } catch (Exception e) {
                throw new RuntimeException("Failed to calculate MAC", e);
            }
        } catch (Exception e2) {
            throw new RuntimeException("Failed to calculate MAC", e2);
        }
    }
}
