package de.authada.eid.core.authentication.paos.steps;

import androidx.compose.ui.text.android.LayoutCompat;
import de.authada.eid.card.api.ByteArray;
import de.authada.eid.card.api.Card;
import de.authada.eid.card.api.CardProviderException;
import de.authada.eid.card.asn1.CVCertificate;
import de.authada.eid.card.asn1.CertificateHolderAuthorizationTemplate;
import de.authada.eid.card.sm.SMAdapter;
import de.authada.eid.card.ta.ImmutableTAContext;
import de.authada.eid.card.ta.TerminalAuthentication;
import de.authada.eid.card.ta.TerminalAuthenticationChallengeStep;
import de.authada.eid.card.ta.TerminalAuthenticationException;
import de.authada.eid.core.api.callbacks.AuthenticationCallback;
import de.authada.eid.core.authentication.paos.PAOSException;
import de.authada.eid.core.authentication.paos.PAOSUtils;
import de.authada.eid.core.authentication.paos.TrustedChannelEstablishment;
import de.authada.eid.core.authentication.paos.steps.ImmutableEAC1Context;
import de.authada.eid.core.authentication.paos.steps.ImmutableEAC2Context;
import de.authada.eid.core.authentication.paos.steps.TransmitStep;
import de.authada.eid.core.callback.AuthenticationCallbackHelper;
import de.authada.eid.core.card.CardLostLooper;
import de.authada.eid.core.pace.BasePaceExecutor;
import de.authada.eid.core.pace.PaceChatSupplier;
import de.authada.eid.core.pace.PaceExecutionException;
import de.authada.eid.core.pace.PaceExecutionResult;
import de.authada.eid.core.passwords.PasswordUtils;
import de.authada.eid.core.support.Consumer;
import de.authada.eid.core.support.Optional;
import de.authada.eid.core.utils.LambdaVariable;
import de.authada.eid.paos.models.input.EAC1InputType;
import de.authada.eid.paos.models.output.EAC1OutputTypeBuilder;
import java.util.List;
import java.util.Objects;
import org.immutables.value.Value;

/* loaded from: classes2.dex */
public class EAC1Step {
    private static final km.b LOGGER = km.d.b(EAC1Step.class);

    @Value.Style(builderVisibility = Value.Style.BuilderVisibility.PACKAGE, strictBuilder = LayoutCompat.DEFAULT_FALLBACK_LINE_SPACING)
    @Value.Immutable
    /* loaded from: classes2.dex */
    public static abstract class EAC1Context {
        public abstract AuthenticationCallbackHelper getCallbackHelper();

        public Card getCard(ImmutableEAC2Context.Builder builder) {
            Objects.requireNonNull(builder);
            return getCard();
        }

        public Card getCard(TransmitStep.TransmitContext transmitContext) {
            Objects.requireNonNull(transmitContext);
            return getCard().getCard();
        }

        public abstract SMAdapter getCard();

        public abstract List<CVCertificate> getCvCertificates();

        public abstract EAC1OutputTypeBuilder getEac1OutputTypeBuilder();

        public abstract Optional<ByteArray> getNewCAR();

        @Value.Default
        public Optional<ByteArray> getOldCAR() {
            return Optional.empty();
        }

        public abstract TerminalAuthenticationChallengeStep getTaStep();

        public abstract CVCertificate getTerminalCertificate();
    }

    private void checkCVCA(PaceExecutionResult paceExecutionResult, final EAC1OutputTypeBuilder eAC1OutputTypeBuilder) {
        LOGGER.r("adding CARs to eac1outputtype");
        Optional<ByteArray> newCAR = paceExecutionResult.getNewCAR();
        Objects.requireNonNull(eAC1OutputTypeBuilder);
        newCAR.ifPresent(new Consumer() { // from class: de.authada.eid.core.authentication.paos.steps.e
            @Override // de.authada.eid.core.support.Consumer
            public final void accept(Object obj) {
                EAC1OutputTypeBuilder.this.addCertificationAuthorityReference((ByteArray) obj);
            }
        });
        paceExecutionResult.getOldCAR().ifPresent(new Consumer() { // from class: de.authada.eid.core.authentication.paos.steps.e
            @Override // de.authada.eid.core.support.Consumer
            public final void accept(Object obj) {
                EAC1OutputTypeBuilder.this.addCertificationAuthorityReference((ByteArray) obj);
            }
        });
    }

    private PaceExecutionResult executePACE(BasePaceExecutor basePaceExecutor) {
        try {
            return basePaceExecutor.execute();
        } catch (PaceExecutionException e10) {
            throw new PAOSException("Pace execution failed for paos", e10);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ Optional lambda$processStep$0(PAOSContext pAOSContext, CVCertificate cVCertificate, LambdaVariable lambdaVariable) {
        CertificateHolderAuthorizationTemplate accessRightsForPACE = PAOSUtils.getAccessRightsForPACE(pAOSContext, cVCertificate);
        lambdaVariable.setValue(accessRightsForPACE);
        return Optional.of(accessRightsForPACE);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void lambda$processStep$1(BasePaceExecutor basePaceExecutor, PAOSContext pAOSContext, TrustedChannelEstablishment.TrustedChannelContext trustedChannelContext, CVCertificate cVCertificate, LambdaVariable lambdaVariable, ImmutableEAC1Context.Builder builder, LambdaVariable lambdaVariable2) {
        try {
            km.b bVar = LOGGER;
            bVar.s("Starting PACE");
            PaceExecutionResult executePACE = executePACE(basePaceExecutor);
            pAOSContext.getCallbackHelper().fireStateChanged(AuthenticationCallback.State.PACE_COMPLETED);
            EAC1InputType eac1InputType = trustedChannelContext.getEac1InputType();
            bVar.s("Initiating Terminal Authentication");
            TerminalAuthentication createTerminalAuthentication = createTerminalAuthentication(eac1InputType, cVCertificate, executePACE, executePACE.getCard());
            bVar.s("Retrieving TA Challenge");
            TerminalAuthenticationChallengeStep challenge = createTerminalAuthentication.getChallenge();
            bVar.s("Build eac1outputtype");
            EAC1OutputTypeBuilder challenge2 = new EAC1OutputTypeBuilder().efCardAccess(executePACE.getEFCardAccess()).certificateHolderAuthorizationTemplate(Optional.of((CertificateHolderAuthorizationTemplate) lambdaVariable.getValue())).iDPICC(executePACE.getIDPICC()).challenge(challenge.getChallenge());
            checkCVCA(executePACE, challenge2);
            builder.addAllCvCertificates(eac1InputType.getCvCertificates());
            builder.newCAR(executePACE.getNewCAR());
            builder.oldCAR(executePACE.getOldCAR());
            builder.taStep(challenge);
            builder.card(executePACE.getCard());
            builder.eac1OutputTypeBuilder(challenge2);
            builder.callbackHelper(pAOSContext.getCallbackHelper());
        } catch (TerminalAuthenticationException e10) {
            lambdaVariable2.setValue(new PAOSException("Failed to get challenge", e10));
        } catch (PAOSException e11) {
            lambdaVariable2.setValue(e11);
        }
    }

    public TerminalAuthentication createTerminalAuthentication(EAC1InputType eAC1InputType, CVCertificate cVCertificate, PaceExecutionResult paceExecutionResult, Card card) {
        return new TerminalAuthentication(ImmutableTAContext.builder().card(card).tAInfos(paceExecutionResult.getEFCardAccess().getTaInfos()).terminalCertificate(cVCertificate).authenticatedAuxiliaryData(eAC1InputType.getAuthenticatedAuxiliaryData()).build());
    }

    public EAC1Context processStep(final PAOSContext pAOSContext, final TrustedChannelEstablishment.TrustedChannelContext trustedChannelContext) {
        LOGGER.s("Starting EAC1");
        final CVCertificate terminalCertificate = trustedChannelContext.getTerminalCertificate();
        CardLostLooper cardLostLooper = new CardLostLooper(pAOSContext.getProcessContext().getStoppable(), pAOSContext.getCardProvider(), pAOSContext.getCallbackHelper(), pAOSContext.getConfig().getCardConnectionVerifier());
        final LambdaVariable lambdaVariable = new LambdaVariable();
        final LambdaVariable lambdaVariable2 = new LambdaVariable();
        final BasePaceExecutor apply = pAOSContext.getBasePaceExecutorFactory().apply(cardLostLooper.getCardSupplier(), new PaceChatSupplier() { // from class: de.authada.eid.core.authentication.paos.steps.c
            @Override // de.authada.eid.core.pace.PaceChatSupplier
            public final Optional chat() {
                Optional lambda$processStep$0;
                lambda$processStep$0 = EAC1Step.lambda$processStep$0(PAOSContext.this, terminalCertificate, lambdaVariable2);
                return lambda$processStep$0;
            }
        });
        final ImmutableEAC1Context.Builder builder = ImmutableEAC1Context.builder();
        try {
            try {
                cardLostLooper.run(new CardLostLooper.CardLooper() { // from class: de.authada.eid.core.authentication.paos.steps.d
                    @Override // de.authada.eid.core.card.CardLostLooper.CardLooper
                    public final void loop() {
                        EAC1Step.this.lambda$processStep$1(apply, pAOSContext, trustedChannelContext, terminalCertificate, lambdaVariable2, builder, lambdaVariable);
                    }
                });
                PasswordUtils.clear(apply.getCurrentPassword());
                if (lambdaVariable.hasValue()) {
                    throw ((PAOSException) lambdaVariable.getValue());
                }
                builder.terminalCertificate(terminalCertificate);
                return builder.build();
            } catch (CardProviderException e10) {
                throw new PAOSException("Error retrieving card", e10);
            }
        } catch (Throwable th2) {
            PasswordUtils.clear(apply.getCurrentPassword());
            throw th2;
        }
    }
}
