package de.authada.eid.card.pace.steps;

import de.authada.eid.card.api.Card;
import de.authada.eid.card.api.CardLostException;
import de.authada.eid.card.api.CardProcessingException;
import de.authada.eid.card.api.CommandAPDU;
import de.authada.eid.card.asn1.CertificateHolderAuthorizationTemplate;
import de.authada.eid.card.asn1.EFCardAccess;
import de.authada.eid.card.asn1.pace.PACEInfo;
import de.authada.eid.card.asn1.pace.UserSecretType;
import de.authada.eid.card.pace.InvalidSecretStateException;
import de.authada.eid.card.pace.PACEException;
import de.authada.eid.card.pace.PACEInfoValidator;
import de.authada.eid.card.pace.Secret;
import de.authada.eid.card.pace.SecretState;
import de.authada.eid.card.pace.apdus.MSESetATBuilder;
import de.authada.eid.card.pace.steps.CardAccessRetrieverPACEStep;
import de.authada.eid.core.support.Optional;
import de.authada.eid.core.support.Supplier;
import java.io.IOException;
import java.security.SecureRandom;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes3.dex */
public class SecretTypeAndSelectPACEInfoPACEStep {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) SecretTypeAndSelectPACEInfoPACEStep.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public static final class SecretTypeAndSelectPACEInfoPACEContext extends PACEContextDelegate {
        private PACEInfo paceInfo;

        private SecretTypeAndSelectPACEInfoPACEContext(CardAccessRetrieverPACEStep.CardAccessRetrieverPACEContext cardAccessRetrieverPACEContext) {
            super(cardAccessRetrieverPACEContext.getPACEContext());
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void setPaceInfo(PACEInfo pACEInfo) {
            this.paceInfo = pACEInfo;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Card getCard() {
            return getPACEContext().getCard();
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public PACEInfo getPaceInfo() {
            return this.paceInfo;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public SecureRandom getSecureRandom() {
            return getPACEContext().getSecureRandom();
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Secret getUserSecret() {
            return getPACEContext().getUserSecret();
        }
    }

    private CommandAPDU<SecretState> buildMSESetAT(EFCardAccess eFCardAccess, UserSecretType userSecretType, Optional<CertificateHolderAuthorizationTemplate> optional, PACEInfo pACEInfo) throws IOException {
        MSESetATBuilder cryptographicMechanismReference = new MSESetATBuilder().cryptographicMechanismReference(pACEInfo.getCryptographicMechanismReference());
        if (eFCardAccess.getPaceInfos().size() > 1) {
            cryptographicMechanismReference.paceParameterId(Optional.of(pACEInfo.getParameterId()));
        } else {
            cryptographicMechanismReference.paceParameterId(Optional.empty());
        }
        cryptographicMechanismReference.chat(optional);
        cryptographicMechanismReference.secret(userSecretType);
        return cryptographicMechanismReference.build();
    }

    private void checkSecretState(SecretState secretState, boolean z) throws InvalidSecretStateException {
        boolean z2 = false;
        boolean z3 = (secretState == SecretState.ONE_TRY && z) ? false : true;
        if (secretState != SecretState.OK && secretState != SecretState.TWO_TRIES) {
            z2 = true;
        }
        if (z2 && z3) {
            throw new InvalidSecretStateException(secretState);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ PACEException lambda$processStep$0() {
        return new PACEException("No valid paceinfo in efcardaccess");
    }

    public SecretTypeAndSelectPACEInfoPACEContext processStep(CardAccessRetrieverPACEStep.CardAccessRetrieverPACEContext cardAccessRetrieverPACEContext) throws PACEException, CardLostException, InvalidSecretStateException {
        SecretTypeAndSelectPACEInfoPACEContext secretTypeAndSelectPACEInfoPACEContext = new SecretTypeAndSelectPACEInfoPACEContext(cardAccessRetrieverPACEContext);
        LOGGER.info("Validating PACEInfo");
        EFCardAccess efCardAccess = cardAccessRetrieverPACEContext.getEfCardAccess();
        PACEInfo orElseThrow = new PACEInfoValidator(efCardAccess.getPaceInfos()).firstValid().orElseThrow(new Supplier() { // from class: de.authada.eid.card.pace.steps.-$$Lambda$SecretTypeAndSelectPACEInfoPACEStep$xKKxeVpH_SWGEXE5EycTRNQznS0
            @Override // de.authada.eid.core.support.Supplier
            public final Object get() {
                return SecretTypeAndSelectPACEInfoPACEStep.lambda$processStep$0();
            }
        });
        try {
            LOGGER.info("Checking pin");
            checkSecretState((SecretState) cardAccessRetrieverPACEContext.getCard().transceive(buildMSESetAT(efCardAccess, cardAccessRetrieverPACEContext.getUserSecretType(), cardAccessRetrieverPACEContext.getChat(), orElseThrow)), cardAccessRetrieverPACEContext.isAcceptStateOneTry());
            secretTypeAndSelectPACEInfoPACEContext.setPaceInfo(orElseThrow);
            return secretTypeAndSelectPACEInfoPACEContext;
        } catch (CardProcessingException | IOException e) {
            throw new PACEException("Error during pace info selection and secret type validation agreement", e);
        }
    }
}
