package de.authada.eid.card.pace.steps;

import de.authada.eid.card.api.Card;
import de.authada.eid.card.api.CardProcessingException;
import de.authada.eid.card.api.CommandAPDU;
import de.authada.eid.card.api.ImmutableByteArray;
import de.authada.eid.card.asn1.pace.PACEInfo;
import de.authada.eid.card.asn1.ta.CompressedEphemeralPublicKey;
import de.authada.eid.card.crypto.keygeneration.ECKeyPairGenerator;
import de.authada.eid.card.pace.PACEException;
import de.authada.eid.card.pace.apdus.GeneralAuthenticateKeyAgreementBuilder;
import de.authada.eid.card.pace.apdus.InvalidSecretException;
import de.authada.eid.card.pace.steps.DomainParameterAgreementPACEStep;
import de.authada.org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import de.authada.org.bouncycastle.crypto.params.ECDomainParameters;
import de.authada.org.bouncycastle.crypto.params.ECPublicKeyParameters;
import java.io.IOException;
import java.util.Objects;
import km.b;
import km.d;

/* loaded from: classes2.dex */
public class KeyAgreementPACEStep {
    private static final b LOGGER = d.b(KeyAgreementPACEStep.class);

    /* loaded from: classes2.dex */
    public static final class KeyAgreementPACEContext extends PACEContextDelegate {
        private ECPublicKeyParameters cardPublicKey;
        private final PACEInfo paceInfo;
        private AsymmetricCipherKeyPair terminalKeyPair;

        private KeyAgreementPACEContext(DomainParameterAgreementPACEStep.DomainParameterAgreementPACEContext domainParameterAgreementPACEContext) {
            super(domainParameterAgreementPACEContext.getPACEContext());
            this.paceInfo = domainParameterAgreementPACEContext.getPaceInfo();
        }

        public /* synthetic */ KeyAgreementPACEContext(DomainParameterAgreementPACEStep.DomainParameterAgreementPACEContext domainParameterAgreementPACEContext, int i10) {
            this(domainParameterAgreementPACEContext);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void cardPublicKey(ECPublicKeyParameters eCPublicKeyParameters) {
            this.cardPublicKey = eCPublicKeyParameters;
            getPACEContext().getBuilder().iDPICC(new CompressedEphemeralPublicKey(ImmutableByteArray.of(eCPublicKeyParameters.getQ().getEncoded(false))));
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void terminalKeyPair(AsymmetricCipherKeyPair asymmetricCipherKeyPair) {
            this.terminalKeyPair = asymmetricCipherKeyPair;
        }

        public Card getCard() {
            return getPACEContext().getCard();
        }

        public ECPublicKeyParameters getCardPublicKey() {
            return this.cardPublicKey;
        }

        public PACEInfo getPACEInfo() {
            return this.paceInfo;
        }

        public AsymmetricCipherKeyPair getTerminalKeyPair() {
            return this.terminalKeyPair;
        }
    }

    public KeyAgreementPACEContext processStep(DomainParameterAgreementPACEStep.DomainParameterAgreementPACEContext domainParameterAgreementPACEContext) {
        ECDomainParameters domainParameters = domainParameterAgreementPACEContext.getDomainParameters();
        b bVar = LOGGER;
        bVar.s("Generate terminal random Key pair on ephemeral domain parameters");
        AsymmetricCipherKeyPair generateRandomKeyPairOnCurve = new ECKeyPairGenerator(domainParameters, domainParameterAgreementPACEContext.getSecureRandom()).generateRandomKeyPairOnCurve();
        try {
            bVar.s("Build key agreement APDU");
            CommandAPDU<ECPublicKeyParameters> build = new GeneralAuthenticateKeyAgreementBuilder().ephemeralPublicKey((ECPublicKeyParameters) generateRandomKeyPairOnCurve.getPublic()).build();
            bVar.s("Retrieve EphemeralPublicKey from card");
            ECPublicKeyParameters eCPublicKeyParameters = (ECPublicKeyParameters) domainParameterAgreementPACEContext.getCard().transceive(build);
            bVar.s("Compare ephemeral Public Keys");
            if (Objects.equals(eCPublicKeyParameters.getQ(), ((ECPublicKeyParameters) generateRandomKeyPairOnCurve.getPublic()).getQ())) {
                throw new PACEException("Same public keys for terminal and card");
            }
            KeyAgreementPACEContext keyAgreementPACEContext = new KeyAgreementPACEContext(domainParameterAgreementPACEContext, 0);
            keyAgreementPACEContext.cardPublicKey(eCPublicKeyParameters);
            keyAgreementPACEContext.terminalKeyPair(generateRandomKeyPairOnCurve);
            return keyAgreementPACEContext;
        } catch (InvalidSecretException e10) {
            throw e10;
        } catch (CardProcessingException e11) {
            e = e11;
            throw new PACEException("Error during key Agreement", e);
        } catch (IOException e12) {
            e = e12;
            throw new PACEException("Error during key Agreement", e);
        }
    }
}
