package de.authada.eid.card.pace.steps;

import de.authada.eid.card.api.Card;
import de.authada.eid.card.api.CardLostException;
import de.authada.eid.card.api.CardProcessingException;
import de.authada.eid.card.api.CommandAPDU;
import de.authada.eid.card.api.ImmutableByteArray;
import de.authada.eid.card.asn1.pace.PACEInfo;
import de.authada.eid.card.asn1.ta.CompressedEphemeralPublicKey;
import de.authada.eid.card.pace.PACEException;
import de.authada.eid.card.pace.apdus.GeneralAuthenticateKeyAgreementBuilder;
import de.authada.eid.card.pace.apdus.InvalidSecretException;
import de.authada.eid.card.pace.crypto.ECKeyPairGenerator;
import de.authada.eid.card.pace.steps.DomainParameterAgreementPACEStep;
import de.authada.mobile.org.spongycastle.crypto.AsymmetricCipherKeyPair;
import de.authada.mobile.org.spongycastle.crypto.params.ECDomainParameters;
import de.authada.mobile.org.spongycastle.crypto.params.ECPublicKeyParameters;
import java.io.IOException;
import java.util.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes3.dex */
public class KeyAgreementPACEStep {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) KeyAgreementPACEStep.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public static final class KeyAgreementPACEContext extends PACEContextDelegate {
        private ECPublicKeyParameters cardPublicKey;
        private final PACEInfo paceInfo;
        private AsymmetricCipherKeyPair terminalKeyPair;

        private KeyAgreementPACEContext(DomainParameterAgreementPACEStep.DomainParameterAgreementPACEContext domainParameterAgreementPACEContext) {
            super(domainParameterAgreementPACEContext.getPACEContext());
            this.paceInfo = domainParameterAgreementPACEContext.getPaceInfo();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void cardPublicKey(ECPublicKeyParameters eCPublicKeyParameters) {
            this.cardPublicKey = eCPublicKeyParameters;
            getPACEContext().getBuilder().iDPICC(new CompressedEphemeralPublicKey(ImmutableByteArray.of(eCPublicKeyParameters.getQ().getEncoded(false))));
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void terminalKeyPair(AsymmetricCipherKeyPair asymmetricCipherKeyPair) {
            this.terminalKeyPair = asymmetricCipherKeyPair;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Card getCard() {
            return getPACEContext().getCard();
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public ECPublicKeyParameters getCardPublicKey() {
            return this.cardPublicKey;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public PACEInfo getPACEInfo() {
            return this.paceInfo;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public AsymmetricCipherKeyPair getTerminalKeyPair() {
            return this.terminalKeyPair;
        }
    }

    public KeyAgreementPACEContext processStep(DomainParameterAgreementPACEStep.DomainParameterAgreementPACEContext domainParameterAgreementPACEContext) throws PACEException, CardLostException, InvalidSecretException {
        ECDomainParameters domainParameters = domainParameterAgreementPACEContext.getDomainParameters();
        LOGGER.info("Generate terminal random Key pair on ephemeral domain parameters");
        AsymmetricCipherKeyPair generateRandomKeyPairOnCurve = new ECKeyPairGenerator(domainParameters, domainParameterAgreementPACEContext.getSecureRandom()).generateRandomKeyPairOnCurve();
        try {
            LOGGER.info("Build key agreement APDU");
            CommandAPDU<ECPublicKeyParameters> build = new GeneralAuthenticateKeyAgreementBuilder().ephemeralPublicKey((ECPublicKeyParameters) generateRandomKeyPairOnCurve.getPublic()).build();
            LOGGER.info("Retrieve EphemeralPublicKey from card");
            ECPublicKeyParameters eCPublicKeyParameters = (ECPublicKeyParameters) domainParameterAgreementPACEContext.getCard().transceive(build);
            LOGGER.info("Compare ephemeral Public Keys");
            if (Objects.equals(eCPublicKeyParameters.getQ(), ((ECPublicKeyParameters) generateRandomKeyPairOnCurve.getPublic()).getQ())) {
                throw new PACEException("Same public keys for terminal and card");
            }
            KeyAgreementPACEContext keyAgreementPACEContext = new KeyAgreementPACEContext(domainParameterAgreementPACEContext);
            keyAgreementPACEContext.cardPublicKey(eCPublicKeyParameters);
            keyAgreementPACEContext.terminalKeyPair(generateRandomKeyPairOnCurve);
            return keyAgreementPACEContext;
        } catch (InvalidSecretException e) {
            throw e;
        } catch (CardProcessingException e2) {
            e = e2;
            throw new PACEException("Error during key Agreement", e);
        } catch (IOException e3) {
            e = e3;
            throw new PACEException("Error during key Agreement", e);
        }
    }
}
