package de.authada.eid.card.pace.steps;

import de.authada.eid.card.api.Card;
import de.authada.eid.card.api.CardProcessingException;
import de.authada.eid.card.api.CommandAPDU;
import de.authada.eid.card.asn1.pace.EncryptedNonce;
import de.authada.eid.card.asn1.pace.PACEInfo;
import de.authada.eid.card.crypto.keygeneration.ECKeyPairGenerator;
import de.authada.eid.card.pace.ECUtils;
import de.authada.eid.card.pace.PACEException;
import de.authada.eid.card.pace.apdus.GeneralAuthenticateEncryptedNonceBuilder;
import de.authada.eid.card.pace.apdus.GeneralAuthenticateMapNonceBuilder;
import de.authada.eid.card.pace.apdus.InvalidSecretException;
import de.authada.eid.card.pace.crypto.Nonce;
import de.authada.eid.card.pace.crypto.NonceDecryptor;
import de.authada.eid.card.pace.steps.SecretTypeAndSelectPACEInfoPACEStep;
import de.authada.org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import de.authada.org.bouncycastle.crypto.InvalidCipherTextException;
import de.authada.org.bouncycastle.crypto.params.ECDomainParameters;
import de.authada.org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import de.authada.org.bouncycastle.crypto.params.ECPublicKeyParameters;
import java.io.IOException;
import java.security.SecureRandom;
import km.b;
import km.d;

/* loaded from: classes2.dex */
public class DomainParameterAgreementPACEStep {
    private static final b LOGGER = d.b(DomainParameterAgreementPACEStep.class);
    private final NonceDecryptor nonceDecryptor = new NonceDecryptor();

    /* loaded from: classes2.dex */
    public static final class DomainParameterAgreementPACEContext extends PACEContextDelegate {
        private ECDomainParameters domainParameters;
        private final PACEInfo paceInfo;

        private DomainParameterAgreementPACEContext(SecretTypeAndSelectPACEInfoPACEStep.SecretTypeAndSelectPACEInfoPACEContext secretTypeAndSelectPACEInfoPACEContext) {
            super(secretTypeAndSelectPACEInfoPACEContext.getPACEContext());
            this.paceInfo = secretTypeAndSelectPACEInfoPACEContext.getPaceInfo();
        }

        public /* synthetic */ DomainParameterAgreementPACEContext(SecretTypeAndSelectPACEInfoPACEStep.SecretTypeAndSelectPACEInfoPACEContext secretTypeAndSelectPACEInfoPACEContext, int i10) {
            this(secretTypeAndSelectPACEInfoPACEContext);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void setDomainParameters(ECDomainParameters eCDomainParameters) {
            this.domainParameters = eCDomainParameters;
        }

        public Card getCard() {
            return getPACEContext().getCard();
        }

        public ECDomainParameters getDomainParameters() {
            return this.domainParameters;
        }

        public PACEInfo getPaceInfo() {
            return this.paceInfo;
        }

        public SecureRandom getSecureRandom() {
            return getPACEContext().getSecureRandom();
        }
    }

    public DomainParameterAgreementPACEContext processStep(SecretTypeAndSelectPACEInfoPACEStep.SecretTypeAndSelectPACEInfoPACEContext secretTypeAndSelectPACEInfoPACEContext) {
        try {
            b bVar = LOGGER;
            bVar.s("Retrieve and decrypt nonce");
            Nonce decrypt = this.nonceDecryptor.decrypt((EncryptedNonce) secretTypeAndSelectPACEInfoPACEContext.getCard().transceive(new GeneralAuthenticateEncryptedNonceBuilder().build()), secretTypeAndSelectPACEInfoPACEContext.getUserSecret());
            bVar.s("Generate terminal random Key pair on curve");
            AsymmetricCipherKeyPair generateRandomKeyPairOnCurve = new ECKeyPairGenerator(secretTypeAndSelectPACEInfoPACEContext.getCurveMapPACE().get(Integer.valueOf(secretTypeAndSelectPACEInfoPACEContext.getPaceInfo().getParameterId().getParameterId())), secretTypeAndSelectPACEInfoPACEContext.getSecureRandom()).generateRandomKeyPairOnCurve();
            bVar.s("Build MappingData APDU");
            CommandAPDU<ECPublicKeyParameters> build = new GeneralAuthenticateMapNonceBuilder().ecPublicKeyParameters((ECPublicKeyParameters) generateRandomKeyPairOnCurve.getPublic()).build();
            bVar.s("Retrieve MappingData from card");
            ECPublicKeyParameters eCPublicKeyParameters = (ECPublicKeyParameters) secretTypeAndSelectPACEInfoPACEContext.getCard().transceive(build);
            bVar.s("generate ephemeral domain parameters");
            ECPrivateKeyParameters eCPrivateKeyParameters = (ECPrivateKeyParameters) generateRandomKeyPairOnCurve.getPrivate();
            DomainParameterAgreementPACEContext domainParameterAgreementPACEContext = new DomainParameterAgreementPACEContext(secretTypeAndSelectPACEInfoPACEContext, 0);
            domainParameterAgreementPACEContext.setDomainParameters(ECUtils.calcEphemeralDomainParameters(decrypt, eCPrivateKeyParameters, eCPublicKeyParameters));
            return domainParameterAgreementPACEContext;
        } catch (InvalidSecretException e10) {
            throw e10;
        } catch (CardProcessingException e11) {
            e = e11;
            throw new PACEException("Error during ephemeral domain parameter agreement", e);
        } catch (InvalidCipherTextException e12) {
            e = e12;
            throw new PACEException("Error during ephemeral domain parameter agreement", e);
        } catch (IOException e13) {
            e = e13;
            throw new PACEException("Error during ephemeral domain parameter agreement", e);
        }
    }
}
