package pt.zetes.pteid.changeAddress;

import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import org.bouncycastle.util.BigIntegers;

/* loaded from: input_file:pt/zetes/pteid/changeAddress/InternalAuthenticateCommand.class */
public class InternalAuthenticateCommand implements CardCommand {
    private SecurityContext context;
    long initialSsc;

    public InternalAuthenticateCommand(SecurityContext securityContext) {
        this.context = securityContext;
    }

    @Override // pt.zetes.pteid.changeAddress.CardCommand
    public APDU[] createAPDUs() {
        SecureRequestAPDU secureRequestAPDU = new SecureRequestAPDU(this.context, 140, 136, 0, 0, this.context.getRndIFD(), -1);
        this.initialSsc = this.context.getSsc();
        this.context.setSsc(this.context.getSsc() + 1);
        return new APDU[]{secureRequestAPDU};
    }

    @Override // pt.zetes.pteid.changeAddress.CardCommand
    public void processResponses(APDU[] apduArr) throws BadResponseException, SecurityException {
        if (apduArr.length != 1) {
            throw new SecurityException(20, "There should be only one response APDU!");
        }
        this.context.setSsc(this.initialSsc);
        SecureResponseAPDU secureResponseAPDU = new SecureResponseAPDU(this.context, apduArr[0]);
        if (secureResponseAPDU.getSw1() != 144 || secureResponseAPDU.getSw2() != 0) {
            throw new BadResponseException(14, "Bad response to the InternalAuthenticate command!", secureResponseAPDU.getSw1(), secureResponseAPDU.getSw2());
        }
        byte[] content = secureResponseAPDU.getContent();
        if (content == null) {
            throw new SecurityException(26, "Content of response is of incorrect length!");
        }
        this.context.parseCardPublicKey();
        BigInteger cardPubkeyModulus = this.context.getCardPubkeyModulus();
        byte[] asUnsignedByteArray = BigIntegers.asUnsignedByteArray(new BigInteger(1, Arrays.copyOfRange(content, 8, 136)).modPow(this.context.getCardPubkeyExponent(), cardPubkeyModulus));
        byte[] copyOfRange = Arrays.copyOfRange(content, 0, 8);
        byte b = asUnsignedByteArray[0];
        byte b2 = asUnsignedByteArray[127];
        byte[] copyOfRange2 = Arrays.copyOfRange(asUnsignedByteArray, 1, 107);
        byte[] copyOfRange3 = Arrays.copyOfRange(asUnsignedByteArray, 107, 127);
        if (b != 106) {
            throw new SecurityException(23, "Padding byte 1 has an incorrect value!");
        }
        if (b2 != -68) {
            throw new SecurityException(23, "Padding byte 2 has an incorrect value!");
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            messageDigest.update(copyOfRange2);
            messageDigest.update(this.context.getKICC());
            messageDigest.update(copyOfRange);
            messageDigest.update(this.context.getRndIFD());
            messageDigest.update(this.context.getKIFD());
            messageDigest.update(this.context.getG());
            messageDigest.update(this.context.getP());
            messageDigest.update(this.context.getQ());
            if (!Arrays.equals(messageDigest.digest(), copyOfRange3)) {
                throw new SecurityException(24, "Mismatch in the Internal Authentication hash!");
            }
            this.context.computeInitialSSC();
        } catch (NoSuchAlgorithmException e) {
            throw new SecurityException(21, "Algorithm SHA-1 isn't installed in this environment!", e);
        }
    }
}
