package im.status.keycard.applet;

import im.status.keycard.io.APDUCommand;
import im.status.keycard.io.APDUResponse;
import im.status.keycard.io.CardChannel;
import java.util.Arrays;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.bouncycastle.crypto.tls.CipherSuite;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes.dex */
public class KeycardCommandSet {
    private final CardChannel apduChannel;
    private ApplicationInfo info;
    private SecureChannelSession secureChannel = new SecureChannelSession();

    public KeycardCommandSet(CardChannel cardChannel) {
        this.apduChannel = cardChannel;
    }

    private byte poToP2(boolean z) {
        return z ? (byte) 1 : (byte) 0;
    }

    public void autoOpenSecureChannel() {
        this.secureChannel.autoOpenSecureChannel(this.apduChannel);
    }

    public void autoPair(String str) {
        this.secureChannel.autoPair(this.apduChannel, pairingPasswordToSecret(str));
    }

    public void autoUnpair() {
        this.secureChannel.autoUnpair(this.apduChannel);
    }

    public APDUResponse changePIN(int i, byte[] bArr) {
        return this.secureChannel.transmit(this.apduChannel, this.secureChannel.protectedCommand(128, 33, i, 0, bArr));
    }

    public APDUResponse changePIN(String str) {
        return changePIN(0, str.getBytes());
    }

    public APDUResponse changePUK(String str) {
        return changePIN(1, str.getBytes());
    }

    public APDUResponse changePairingPassword(String str) {
        return changePIN(2, pairingPasswordToSecret(str));
    }

    public APDUResponse deriveKey(String str) {
        KeyPath keyPath = new KeyPath(str);
        return deriveKey(keyPath.getData(), keyPath.getSource());
    }

    public APDUResponse deriveKey(byte[] bArr, int i) {
        return this.secureChannel.transmit(this.apduChannel, this.secureChannel.protectedCommand(128, -47, i, 0, bArr));
    }

    public APDUResponse exportCurrentKey(byte b) {
        return exportKey(0, b, new byte[0]);
    }

    public APDUResponse exportCurrentKey(boolean z) {
        return exportCurrentKey(poToP2(z));
    }

    public APDUResponse exportKey(int i, byte b, byte[] bArr) {
        return this.secureChannel.transmit(this.apduChannel, this.secureChannel.protectedCommand(128, -62, i, b, bArr));
    }

    public APDUResponse exportKey(String str, boolean z, byte b) {
        KeyPath keyPath = new KeyPath(str);
        return exportKey(keyPath.getData(), keyPath.getSource(), z, b);
    }

    public APDUResponse exportKey(String str, boolean z, boolean z2) {
        return exportKey(str, z, poToP2(z2));
    }

    public APDUResponse exportKey(byte[] bArr, int i, boolean z, byte b) {
        return exportKey(i | (z ? 2 : 1), b, bArr);
    }

    public APDUResponse generateMnemonic(int i) {
        return this.secureChannel.transmit(this.apduChannel, this.secureChannel.protectedCommand(128, -46, i, 0, new byte[0]));
    }

    public ApplicationInfo getApplicationInfo() {
        return this.info;
    }

    public Pairing getPairing() {
        return this.secureChannel.getPairing();
    }

    public APDUResponse getStatus(byte b) {
        return this.secureChannel.transmit(this.apduChannel, this.secureChannel.protectedCommand(128, -14, b, 0, new byte[0]));
    }

    public APDUResponse init(String str, String str2, String str3) {
        return init(str, str2, str3, (byte) 0, (byte) 0);
    }

    public APDUResponse init(String str, String str2, String str3, byte b, byte b2) {
        return init(str, null, str2, pairingPasswordToSecret(str3), b, b2);
    }

    public APDUResponse init(String str, String str2, String str3, byte[] bArr, byte b, byte b2) {
        int length = str.length() + str3.length() + bArr.length;
        int length2 = str2 != null ? str2.length() + 2 : (b == 0 && b2 == 0) ? 0 : 2;
        byte[] copyOf = Arrays.copyOf(str.getBytes(), length + length2);
        System.arraycopy(str3.getBytes(), 0, copyOf, str.length(), str3.length());
        System.arraycopy(bArr, 0, copyOf, str.length() + str3.length(), bArr.length);
        if (length2 > 0) {
            copyOf[length] = b;
            copyOf[length + 1] = b2;
            if (length2 > 2) {
                System.arraycopy(str2.getBytes(), 0, copyOf, length + 2, str2.length());
            }
        }
        return this.apduChannel.send(new APDUCommand(128, -2, 0, 0, this.secureChannel.oneShotEncrypt(copyOf)));
    }

    public APDUResponse loadKey(BIP32KeyPair bIP32KeyPair) {
        return loadKey(bIP32KeyPair, false);
    }

    public APDUResponse loadKey(BIP32KeyPair bIP32KeyPair, boolean z) {
        return loadKey(bIP32KeyPair.toTLV(!z), bIP32KeyPair.isExtended() ? (byte) 2 : (byte) 1);
    }

    public APDUResponse loadKey(byte[] bArr) {
        return loadKey(bArr, (byte) 3);
    }

    public APDUResponse loadKey(byte[] bArr, byte b) {
        return this.secureChannel.transmit(this.apduChannel, this.secureChannel.protectedCommand(128, -48, b, 0, bArr));
    }

    public byte[] pairingPasswordToSecret(String str) {
        try {
            return SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256", BouncyCastleProvider.PROVIDER_NAME).generateSecret(new PBEKeySpec(str.toCharArray(), "Keycard Pairing Password Salt".getBytes(), this.apduChannel.pairingPasswordPBKDF2IterationCount(), 256)).getEncoded();
        } catch (Exception unused) {
            throw new RuntimeException("Is Bouncycastle correctly initialized?");
        }
    }

    public APDUResponse removeKey() {
        return this.secureChannel.transmit(this.apduChannel, this.secureChannel.protectedCommand(128, -45, 0, 0, new byte[0]));
    }

    public APDUResponse select() {
        return select(1);
    }

    public APDUResponse select(int i) {
        APDUResponse send = this.apduChannel.send(new APDUCommand(0, CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256, 4, 0, Identifiers.getKeycardInstanceAID(i)));
        if (send.getSw() == 36864) {
            ApplicationInfo applicationInfo = new ApplicationInfo(send.getData());
            this.info = applicationInfo;
            if (applicationInfo.hasSecureChannelCapability()) {
                this.secureChannel.generateSecret(this.info.getSecureChannelPubKey());
                this.secureChannel.reset();
            }
        }
        return send;
    }

    public void setPairing(Pairing pairing) {
        this.secureChannel.setPairing(pairing);
    }

    public APDUResponse sign(byte[] bArr) {
        return sign(bArr, 0);
    }

    public APDUResponse sign(byte[] bArr, int i) {
        return this.secureChannel.transmit(this.apduChannel, this.secureChannel.protectedCommand(128, -64, i, 1, bArr));
    }

    public APDUResponse signWithPath(byte[] bArr, String str, boolean z) {
        KeyPath keyPath = new KeyPath(str);
        byte[] data = keyPath.getData();
        byte[] copyOf = Arrays.copyOf(bArr, bArr.length + data.length);
        System.arraycopy(data, 0, copyOf, bArr.length, data.length);
        return sign(copyOf, keyPath.getSource() | (z ? 2 : 1));
    }

    public APDUResponse unblockPIN(String str, String str2) {
        return this.secureChannel.transmit(this.apduChannel, this.secureChannel.protectedCommand(128, 34, 0, 0, (str + str2).getBytes()));
    }

    public void unpairOthers() {
        this.secureChannel.unpairOthers(this.apduChannel);
    }

    public APDUResponse verifyPIN(String str) {
        return this.secureChannel.transmit(this.apduChannel, this.secureChannel.protectedCommand(128, 32, 0, 0, str.getBytes()));
    }
}
