package com.assaabloy.seos.access.commands;

import com.assaabloy.seos.access.auth.PrivacyKeyset;
import com.assaabloy.seos.access.crypto.EncryptionAlgorithm;
import com.assaabloy.seos.access.crypto.HashAlgorithm;
import com.assaabloy.seos.access.crypto.SymmetricKeyPair;
import com.assaabloy.seos.access.domain.Diversifier;
import com.assaabloy.seos.access.domain.Oid;
import com.assaabloy.seos.access.domain.SelectionResult;
import com.assaabloy.seos.access.domain.SeosInputStream;
import com.assaabloy.seos.access.domain.SeosObject;
import com.assaabloy.seos.access.util.SeosException;
import java.io.IOException;
import java.util.Arrays;
import kotlin.C0466;
import kotlin.C0578;
import kotlin.C0589;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
final class PrivacyUtils {
    private static final Logger LOGGER = LoggerFactory.b(PrivacyUtils.class);

    private PrivacyUtils() {
    }

    private static byte[] decryptAndVerifySecureData(PrivacyKeyset privacyKeyset, C0578 c0578, EncryptionAlgorithm encryptionAlgorithm, C0589 c0589) {
        byte[] m2438040104010401 = c0589.m2438040104010401();
        int blockSize = encryptionAlgorithm.blockSize();
        byte[] copyOf = Arrays.copyOf(m2438040104010401, blockSize);
        byte[] copyOfRange = Arrays.copyOfRange(m2438040104010401, blockSize, m2438040104010401.length);
        SymmetricKeyPair privacyKeys = privacyKeyset.privacyKeys(encryptionAlgorithm);
        byte[] m19790401 = C0466.m19790401(privacyKeys.macKey().cmac(c0578.m2361040104010401()));
        if (m19790401 != null) {
            C0466.m197804010401(m19790401, c0578.m236004010401040104010401(C0578.EnumC0579.MAC).m2438040104010401());
        }
        return privacyKeys.encryptionKey().decrypt(copyOfRange, copyOf, false);
    }

    public static SelectionResult parseSelectResponse(PrivacyKeyset privacyKeyset, byte[] bArr) {
        C0578 m23590401 = C0578.m23590401(bArr);
        C0589 m236004010401040104010401 = m23590401.m236004010401040104010401(C0578.EnumC0579.ALGORITHM_INFO);
        try {
            EncryptionAlgorithm fromId = EncryptionAlgorithm.fromId(m236004010401040104010401.m2438040104010401()[0]);
            HashAlgorithm fromId2 = HashAlgorithm.fromId(m236004010401040104010401.m2438040104010401()[1]);
            C0589 m2360040104010401040104012 = m23590401.m236004010401040104010401(C0578.EnumC0579.CRYPTOGRAM);
            byte[] decryptAndVerifySecureData = m2360040104010401040104012 != null ? decryptAndVerifySecureData(privacyKeyset, m23590401, fromId, m2360040104010401040104012) : Arrays.copyOfRange(bArr, m236004010401040104010401.m243904010401(), bArr.length);
            if (decryptAndVerifySecureData.length == 0) {
                throw new SeosException("Selection failed, no data in response");
            }
            try {
                SeosInputStream seosInputStream = new SeosInputStream(decryptAndVerifySecureData);
                SeosObject readObject = seosInputStream.readObject();
                SeosObject readObject2 = seosInputStream.readObject();
                LOGGER.getClass();
                return new SelectionResult(fromId, fromId2, (Oid) readObject, (Diversifier) readObject2);
            } catch (IOException e) {
                throw new SeosException("Failed to read selection response", e);
            }
        } catch (IllegalArgumentException e2) {
            throw new SeosException("Encryption or hash algorithm not supported: " + e2.getMessage(), e2);
        }
    }
}
