package net.lardcave.keepassnfc;

import android.content.Intent;
import android.nfc.NdefMessage;
import android.nfc.Tag;
import android.nfc.tech.IsoDep;
import android.util.Log;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class KPNFCApplet {
    static final /* synthetic */ boolean $assertionsDisabled;
    private static final byte CLA_CARD_KPNFC_CMD = -80;
    public static final byte HEADER_LENGTH = 5;
    private static final byte INS_CARD_DECRYPT_BLOCK = 115;
    private static final byte INS_CARD_GENERATE_CARD_KEY = 117;
    private static final byte INS_CARD_GET_CARD_PUBKEY = 112;
    private static final byte INS_CARD_GET_VERSION = 116;
    private static final byte INS_CARD_PREPARE_DECRYPTION = 114;
    private static final byte INS_CARD_SET_PASSWORD_KEY = 113;
    private static final byte INS_CARD_WRITE_TO_SCRATCH = 118;
    public static final String LOG_TAG = "KPNFC Applet";
    public static final int MAX_CHUNK_SIZE = 120;
    public static final byte OFFSET_CLA = 0;
    public static final byte OFFSET_DATA = 5;
    public static final byte OFFSET_INS = 1;
    public static final byte OFFSET_LC = 4;
    public static final byte OFFSET_P1 = 2;
    public static final byte OFFSET_P2 = 3;
    private static final byte RESPONSE_FAILED = 2;
    private static final byte RESPONSE_SUCCEEDED = 1;
    public static final byte[] selectKPNFCAppletAPDU;
    public static final byte[] selectNdefAppletAPDU;
    public static final byte[] selectNdefDataAPDU;
    SecureRandom rng = new SecureRandom();

    static {
        $assertionsDisabled = !KPNFCApplet.class.desiredAssertionStatus();
        selectKPNFCAppletAPDU = new byte[]{0, -92, 4, 0, 16, -16, 55, 84, INS_CARD_PREPARE_DECRYPTION, Byte.MIN_VALUE, 79, -43, -6, 15, 36, 62, 66, -63, -74, 56, 37, 0};
        selectNdefAppletAPDU = new byte[]{0, -92, 4, 0, 7, -46, INS_CARD_WRITE_TO_SCRATCH, 0, 0, -123, 1, 1, 0};
        selectNdefDataAPDU = new byte[]{0, -92, 0, 12, 2, -31, 4, 0};
    }

    private IsoDep connect(Intent intent) throws IOException {
        IsoDep isoDep = IsoDep.get((Tag) intent.getParcelableExtra("android.nfc.extra.TAG"));
        if (isoDep == null) {
            return null;
        }
        isoDep.connect();
        isoDep.setTimeout(2000);
        isoDep.transceive(selectKPNFCAppletAPDU);
        return isoDep;
    }

    public static byte[] constructApdu(byte b) {
        return constructApdu(b, new byte[0]);
    }

    public static byte[] constructApdu(byte b, byte[] bArr) {
        byte[] bArr2 = new byte[bArr.length + 5];
        bArr2[0] = CLA_CARD_KPNFC_CMD;
        bArr2[1] = b;
        bArr2[2] = 0;
        bArr2[3] = 0;
        bArr2[4] = (byte) bArr.length;
        System.arraycopy(bArr, 0, bArr2, 5, bArr.length);
        return bArr2;
    }

    private byte[] decrypt_internal(IsoDep isoDep, byte[] bArr, byte[] bArr2) throws IOException {
        byte[] randomBytes = randomBytes(16);
        byte[] randomBytes2 = randomBytes(16);
        byte[] bArr3 = new byte[32];
        byte[] encryptWithCardKey = encryptWithCardKey(isoDep, randomBytes);
        if (encryptWithCardKey == null) {
            return null;
        }
        writeToScratchArea(isoDep, encryptWithCardKey);
        System.arraycopy(randomBytes2, 0, bArr3, 0, 16);
        System.arraycopy(bArr, 0, bArr3, 16, 16);
        isoDep.transceive(constructApdu(INS_CARD_PREPARE_DECRYPTION, bArr3));
        byte[] bArr4 = new byte[bArr2.length];
        for (int i = 0; i < bArr2.length; i += 112) {
            int length = bArr2.length - i;
            if (length > 112) {
                length = 112;
            }
            byte[] bArr5 = new byte[length];
            System.arraycopy(bArr2, i, bArr5, 0, length);
            byte[] transceive = isoDep.transceive(constructApdu(INS_CARD_DECRYPT_BLOCK, bArr5));
            if (transceive.length > 1 && transceive[0] == 1) {
                System.arraycopy(transceive, 1, bArr4, i, length);
            }
        }
        return decryptWithTransactionKey(bArr4, randomBytes, randomBytes2);
    }

    private byte[] encryptWithCardKey(IsoDep isoDep, byte[] bArr) throws IOException {
        RSAPublicKey cardPubKey = getCardPubKey(isoDep);
        if (cardPubKey == null) {
            System.err.println("Key invalid, can't encrypt with card key");
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            try {
                cipher.init(1, cardPubKey);
                try {
                    return cipher.doFinal(bArr);
                } catch (BadPaddingException | IllegalBlockSizeException e) {
                    System.err.println("Couldn't encrypt with card key:");
                    e.printStackTrace();
                    return null;
                }
            } catch (InvalidKeyException e2) {
                System.err.println("Invalid key");
                return null;
            }
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e3) {
            System.err.println("RSA cipher not supported");
            return null;
        }
    }

    public static char nibbleToChar(byte b) {
        if ($assertionsDisabled || b < 16) {
            return b < 10 ? (char) (b + 48) : (char) ((b - 10) + 65);
        }
        throw new AssertionError();
    }

    private byte[] randomBytes(int i) {
        byte[] bArr = new byte[i];
        this.rng.nextBytes(bArr);
        return bArr;
    }

    private boolean resultWasSuccess(byte[] bArr, int i) {
        if (i != bArr.length) {
            return false;
        }
        switch (i) {
            case 2:
                return bArr[0] == -112 && bArr[1] == 0;
            case 3:
                return bArr[0] == 1 && bArr[1] == -112 && bArr[2] == 0;
            default:
                throw new RuntimeException("Unexpected expectedLength");
        }
    }

    public static String toHex(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            sb.append(nibbleToChar((byte) ((b & 255) >> 4)));
            sb.append(nibbleToChar((byte) (b & 15)));
            sb.append(' ');
        }
        return sb.toString();
    }

    private boolean writeNdef(IsoDep isoDep, NdefMessage ndefMessage) throws IOException {
        byte[] byteArray = ndefMessage.toByteArray();
        byte[] bArr = new byte[byteArray.length + 7];
        bArr[0] = 0;
        bArr[1] = -42;
        bArr[2] = 0;
        bArr[3] = 0;
        bArr[4] = (byte) (byteArray.length + 2);
        bArr[5] = 0;
        bArr[6] = (byte) byteArray.length;
        System.arraycopy(byteArray, 0, bArr, 7, byteArray.length);
        for (byte[] bArr2 : new byte[][]{selectNdefAppletAPDU, selectNdefDataAPDU, bArr}) {
            if (!resultWasSuccess(isoDep.transceive(bArr2), 2)) {
                return false;
            }
        }
        return true;
    }

    public byte[] decrypt(Intent intent, byte[] bArr) throws IOException {
        if (bArr.length % 16 != 0) {
            Log.d(LOG_TAG, "Encrypted bytes not a multiple of AES block size");
            return null;
        }
        byte[] bArr2 = new byte[16];
        IsoDep connect = connect(intent);
        if (connect == null) {
            return null;
        }
        byte[] decrypt_internal = decrypt_internal(connect, bArr2, bArr);
        connect.close();
        return decrypt_internal;
    }

    public byte[] decryptWithTransactionKey(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            try {
                cipher.init(2, new SecretKeySpec(bArr2, "AES"), new IvParameterSpec(bArr3));
                try {
                    return cipher.doFinal(bArr, 0, bArr.length);
                } catch (BadPaddingException | IllegalBlockSizeException e) {
                    e.printStackTrace();
                    return null;
                }
            } catch (InvalidAlgorithmParameterException | InvalidKeyException e2) {
                e2.printStackTrace();
                return null;
            }
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e3) {
            e3.printStackTrace();
            return null;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r12v0 */
    protected RSAPublicKey getCardPubKey(IsoDep isoDep) throws IOException {
        short s;
        byte[] bArr = {1, 0, 0};
        byte[] transceive = isoDep.transceive(constructApdu(INS_CARD_GET_CARD_PUBKEY, bArr));
        if (transceive == null || transceive[0] != 1) {
            System.err.println("Couldn't retrieve exponent");
            return null;
        }
        BigInteger bigInteger = new BigInteger(1, Arrays.copyOfRange(transceive, 3, transceive[2] + 3));
        ArrayList<byte[]> arrayList = new ArrayList();
        bArr[0] = 2;
        int i = 0;
        do {
            putShort(bArr, 1, i);
            byte[] transceive2 = isoDep.transceive(constructApdu(INS_CARD_GET_CARD_PUBKEY, bArr));
            if (transceive2 == null || transceive2[0] != 1) {
                System.err.println("Couldn't retrieve modulus");
                return null;
            }
            short s2 = getShort(transceive2, 1);
            s = getShort(transceive2, 3);
            arrayList.add(Arrays.copyOfRange(transceive2, 5, transceive2.length - 2));
            i = (short) (i + s2);
        } while (s > 0);
        byte[] bArr2 = new byte[i];
        short s3 = 0;
        for (byte[] bArr3 : arrayList) {
            System.arraycopy(bArr3, 0, bArr2, s3, bArr3.length);
            s3 = (short) (bArr3.length + s3);
        }
        try {
            try {
                return (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(1, bArr2), bigInteger));
            } catch (InvalidKeySpecException e) {
                System.err.println("Couldn't produce a PublicKey object");
                return null;
            }
        } catch (NoSuchAlgorithmException e2) {
            System.err.println("Couldn't create RSA keyfactory");
            return null;
        }
    }

    protected short getShort(byte[] bArr, int i) {
        return (short) (((bArr[i] & 255) << 8) | (bArr[i + 1] & 255));
    }

    protected void putShort(byte[] bArr, int i, short s) {
        bArr[i] = (byte) ((s & 255) >> 8);
        bArr[i + 1] = (byte) (s & 255);
    }

    public void setPasswordKey(IsoDep isoDep, byte[] bArr) throws IOException {
        byte[] encryptWithCardKey = encryptWithCardKey(isoDep, bArr);
        if (encryptWithCardKey == null) {
            return;
        }
        writeToScratchArea(isoDep, encryptWithCardKey);
        isoDep.transceive(constructApdu(INS_CARD_SET_PASSWORD_KEY));
    }

    public boolean write(Intent intent, byte[] bArr, NdefMessage ndefMessage) throws IOException {
        IsoDep connect = connect(intent);
        if (connect == null) {
            return false;
        }
        setPasswordKey(connect, bArr);
        writeNdef(connect, ndefMessage);
        connect.close();
        return true;
    }

    public void writeToScratchArea(IsoDep isoDep, byte[] bArr) throws IOException {
        for (int i = 0; i < bArr.length; i += MAX_CHUNK_SIZE) {
            int length = bArr.length - i;
            if (length > 120) {
                length = MAX_CHUNK_SIZE;
            }
            byte[] bArr2 = new byte[length + 2];
            putShort(bArr2, 0, (short) i);
            System.arraycopy(bArr, i, bArr2, 2, length);
            isoDep.transceive(constructApdu(INS_CARD_WRITE_TO_SCRATCH, bArr2));
        }
    }
}
