package com.assaabloy.seos.access.commands;

import com.assaabloy.seos.access.auth.PrivacyKeyset;
import com.assaabloy.seos.access.crypto.EncryptionAlgorithm;
import com.assaabloy.seos.access.crypto.HashAlgorithm;
import com.assaabloy.seos.access.crypto.SymmetricKeyPair;
import com.assaabloy.seos.access.domain.Diversifier;
import com.assaabloy.seos.access.domain.Oid;
import com.assaabloy.seos.access.domain.SelectionResult;
import com.assaabloy.seos.access.domain.SeosInputStream;
import com.assaabloy.seos.access.domain.SeosObject;
import com.assaabloy.seos.access.util.SeosException;
import java.io.IOException;
import java.util.Arrays;
import kotlin.C0464;
import kotlin.C0576;
import kotlin.C0587;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
final class PrivacyUtils {
    private static final Logger LOGGER = LoggerFactory.b(PrivacyUtils.class);

    private PrivacyUtils() {
    }

    private static byte[] decryptAndVerifySecureData(PrivacyKeyset privacyKeyset, C0576 c0576, EncryptionAlgorithm encryptionAlgorithm, C0587 c0587) {
        byte[] m2307040104010401 = c0587.m2307040104010401();
        int blockSize = encryptionAlgorithm.blockSize();
        byte[] copyOf = Arrays.copyOf(m2307040104010401, blockSize);
        byte[] copyOfRange = Arrays.copyOfRange(m2307040104010401, blockSize, m2307040104010401.length);
        SymmetricKeyPair privacyKeys = privacyKeyset.privacyKeys(encryptionAlgorithm);
        byte[] m18480401 = C0464.m18480401(privacyKeys.macKey().cmac(c0576.m2230040104010401()));
        if (m18480401 != null) {
            C0464.m184704010401(m18480401, c0576.m222904010401040104010401(C0576.EnumC0577.MAC).m2307040104010401());
        }
        return privacyKeys.encryptionKey().decrypt(copyOfRange, copyOf, false);
    }

    public static SelectionResult parseSelectResponse(PrivacyKeyset privacyKeyset, byte[] bArr) {
        C0576 m22280401 = C0576.m22280401(bArr);
        C0587 m222904010401040104010401 = m22280401.m222904010401040104010401(C0576.EnumC0577.ALGORITHM_INFO);
        try {
            EncryptionAlgorithm fromId = EncryptionAlgorithm.fromId(m222904010401040104010401.m2307040104010401()[0]);
            HashAlgorithm fromId2 = HashAlgorithm.fromId(m222904010401040104010401.m2307040104010401()[1]);
            C0587 m2229040104010401040104012 = m22280401.m222904010401040104010401(C0576.EnumC0577.CRYPTOGRAM);
            byte[] decryptAndVerifySecureData = m2229040104010401040104012 != null ? decryptAndVerifySecureData(privacyKeyset, m22280401, fromId, m2229040104010401040104012) : Arrays.copyOfRange(bArr, m222904010401040104010401.m230804010401(), bArr.length);
            if (decryptAndVerifySecureData.length == 0) {
                throw new SeosException("Selection failed, no data in response");
            }
            try {
                SeosInputStream seosInputStream = new SeosInputStream(decryptAndVerifySecureData);
                SeosObject readObject = seosInputStream.readObject();
                SeosObject readObject2 = seosInputStream.readObject();
                LOGGER.getClass();
                return new SelectionResult(fromId, fromId2, (Oid) readObject, (Diversifier) readObject2);
            } catch (IOException e) {
                throw new SeosException("Failed to read selection response", e);
            }
        } catch (IllegalArgumentException e2) {
            throw new SeosException("Encryption or hash algorithm not supported: " + e2.getMessage(), e2);
        }
    }
}
