package com.linecorp.ltsm.fido2.authenticator;

import android.content.Context;
import android.content.pm.PackageManager;
import android.util.Log;
import com.linecorp.ltsm.fido2.Assertion;
import com.linecorp.ltsm.fido2.AssertionRequest;
import com.linecorp.ltsm.fido2.Attestation;
import com.linecorp.ltsm.fido2.CreationOptions;
import com.linecorp.ltsm.fido2.CredInfo;
import com.linecorp.ltsm.fido2.CredQuery;
import com.linecorp.ltsm.fido2.Fido2Exception;
import com.linecorp.ltsm.fido2.Fido2Status;
import com.linecorp.ltsm.fido2.RequestOptions;
import com.linecorp.ltsm.fido2.callback.OnGetAssertionResultListener;
import com.linecorp.ltsm.fido2.callback.OnMakeCredentialResultListener;
import com.linecorp.ltsm.fido2.util.Fido2Utils;
import java.io.ByteArrayOutputStream;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.util.Arrays;
import org.json.JSONException;

/* loaded from: classes.dex */
public abstract class Fido2AuthenticatorBase implements Fido2Authenticator {
    private static final String TAG = "Fido2AuthenticatorBase";
    protected byte[] aaguid;
    protected String aaguidStr;
    protected Context appContext;
    private byte[] clientDataJSON;
    protected Fido2AuthenticatorSupport nativeAuthr;
    private CredInfo selectedCred;

    /* loaded from: classes.dex */
    public interface LocalOnError {
        void onError(int i10, String str);
    }

    public Fido2AuthenticatorBase(Context context, String str, Fido2AuthenticatorSupport fido2AuthenticatorSupport) {
        this.appContext = context;
        this.aaguidStr = str;
        this.aaguid = Fido2Utils.aaguidFromStr(str);
        this.nativeAuthr = fido2AuthenticatorSupport;
    }

    private void addExtensionsForAssertion(RequestOptions requestOptions, Assertion assertion) {
        if (requestOptions.extensions.lineAuthenSelPresent()) {
            assertion.getAuthExtsClientOutputs().lineAuthenSel(true);
        }
        if (requestOptions.extensions.lineTransConfPresent()) {
            if (Fido2Utils.containSequence(assertion.getAuthenticatorData(), "lineTransConf".getBytes(StandardCharsets.UTF_8)) && Fido2Utils.containSequence(assertion.getAuthenticatorData(), requestOptions.extensions.lineTransConf)) {
                assertion.getAuthExtsClientOutputs().lineTransConf(true);
            } else {
                assertion.getAuthExtsClientOutputs().lineTransConf(false);
            }
        }
    }

    private void addExtensionsForAttestation(CreationOptions creationOptions, Attestation attestation) {
        if (creationOptions.extensions.lineAuthenSelPresent()) {
            attestation.getAuthExtsClientOutputs().lineAuthenSel(true);
        }
    }

    private byte[] getClientDataJson(RequestOptions requestOptions, LocalOnError localOnError) {
        try {
            return Fido2Utils.buildClientData(this.appContext, "webauthn.get", requestOptions.challenge).getBytes(StandardCharsets.UTF_8);
        } catch (PackageManager.NameNotFoundException | GeneralSecurityException | JSONException e2) {
            Log.e(TAG, "Failed to build client data: " + e2.getMessage(), e2);
            localOnError.onError(Fido2Status.FIDO2_ERROR_UNKNOWN, Log.getStackTraceString(e2));
            return null;
        }
    }

    private CredInfo getFilteredCred(RequestOptions requestOptions, CredInfo[] credInfoArr, LocalOnError localOnError) {
        CredInfo[] filter = CredInfo.filter(credInfoArr, requestOptions.allowCredentials);
        if (filter.length != 0) {
            return filter[0];
        }
        Log.e(TAG, "Filtered all credentials!");
        localOnError.onError(51, null);
        return null;
    }

    public Assertion createAssertion(RequestOptions requestOptions, AssertionRequest assertionRequest, OnGetAssertionResultListener onGetAssertionResultListener) {
        String str;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
        try {
            this.nativeAuthr.getAssertionFinalize(assertionRequest, byteArrayOutputStream, byteArrayOutputStream2);
            Assertion assertion = new Assertion(this.selectedCred.credentialId, this.clientDataJSON, byteArrayOutputStream.toByteArray(), byteArrayOutputStream2.toByteArray(), this.selectedCred.userId);
            addExtensionsForAssertion(requestOptions, assertion);
            return assertion;
        } catch (Fido2Exception e2) {
            onGetAssertionResultListener.onError(e2.getStatus(), Log.getStackTraceString(e2));
            return null;
        } catch (Exception e10) {
            int fromString = Fido2Status.fromString(e10.getMessage());
            if (fromString == 255) {
                Log.e(TAG, "Unexpected error " + e10.getMessage(), e10);
                str = Log.getStackTraceString(e10);
            } else {
                str = null;
            }
            onGetAssertionResultListener.onError(fromString, str);
            return null;
        }
    }

    public AssertionRequest createAssertionRequest(CredInfo credInfo, RequestOptions requestOptions, byte[] bArr) {
        return this.nativeAuthr.getAssertionInit(MessageDigest.getInstance("SHA256").digest(bArr), requestOptions, credInfo);
    }

    public Attestation createAttestation(CreationOptions creationOptions, OnMakeCredentialResultListener onMakeCredentialResultListener) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
        try {
            byte[] bytes = Fido2Utils.buildClientData(this.appContext, "webauthn.create", creationOptions.challenge).getBytes(StandardCharsets.UTF_8);
            makeCredential(creationOptions, bytes, byteArrayOutputStream, byteArrayOutputStream2);
            Attestation attestation = new Attestation(byteArrayOutputStream.toByteArray(), bytes, byteArrayOutputStream2.toByteArray());
            addExtensionsForAttestation(creationOptions, attestation);
            return attestation;
        } catch (PackageManager.NameNotFoundException e2) {
            e = e2;
            Log.e(TAG, "Failed to build client data: " + e.getMessage(), e);
            onMakeCredentialResultListener.onError(Fido2Status.FIDO2_ERROR_UNKNOWN, Log.getStackTraceString(e));
            return null;
        } catch (Fido2Exception e10) {
            onMakeCredentialResultListener.onError(e10.getStatus(), Log.getStackTraceString(e10));
            return null;
        } catch (GeneralSecurityException e11) {
            e = e11;
            Log.e(TAG, "Failed to build client data: " + e.getMessage(), e);
            onMakeCredentialResultListener.onError(Fido2Status.FIDO2_ERROR_UNKNOWN, Log.getStackTraceString(e));
            return null;
        } catch (JSONException e12) {
            e = e12;
            Log.e(TAG, "Failed to build client data: " + e.getMessage(), e);
            onMakeCredentialResultListener.onError(Fido2Status.FIDO2_ERROR_UNKNOWN, Log.getStackTraceString(e));
            return null;
        } catch (Exception e13) {
            int fromString = Fido2Status.fromString(e13.getMessage());
            Log.e(TAG, "Unexpected error " + e13.getMessage(), e13);
            onMakeCredentialResultListener.onError(fromString, Log.getStackTraceString(e13));
            return null;
        }
    }

    public boolean excludedCredentialsExist(CredInfo[] credInfoArr, CreationOptions creationOptions) {
        return creationOptions.excludedCredentialsExist(credInfoArr);
    }

    public AssertionRequest getAssertionRequest(RequestOptions requestOptions, final LocalOnError localOnError) {
        Fido2AuthenticatorSupport fido2AuthenticatorSupport = this.nativeAuthr;
        byte[] bArr = this.aaguid;
        String str = requestOptions.rpId;
        localOnError.getClass();
        final int i10 = 0;
        CredInfo[] lookupRegCred = lookupRegCred(fido2AuthenticatorSupport, bArr, str, new LocalOnError() { // from class: com.linecorp.ltsm.fido2.authenticator.f
            @Override // com.linecorp.ltsm.fido2.authenticator.Fido2AuthenticatorBase.LocalOnError
            public final void onError(int i11, String str2) {
                int i12 = i10;
                localOnError.onError(i11, str2);
            }
        });
        if (lookupRegCred == null) {
            return null;
        }
        final int i11 = 1;
        CredInfo filteredCred = getFilteredCred(requestOptions, lookupRegCred, new LocalOnError() { // from class: com.linecorp.ltsm.fido2.authenticator.f
            @Override // com.linecorp.ltsm.fido2.authenticator.Fido2AuthenticatorBase.LocalOnError
            public final void onError(int i112, String str2) {
                int i12 = i11;
                localOnError.onError(i112, str2);
            }
        });
        this.selectedCred = filteredCred;
        if (filteredCred == null) {
            return null;
        }
        byte[] clientDataJson = getClientDataJson(requestOptions, localOnError);
        this.clientDataJSON = clientDataJson;
        if (clientDataJson == null) {
            return null;
        }
        try {
            return createAssertionRequest(this.selectedCred, requestOptions, clientDataJson);
        } catch (Fido2Exception e2) {
            localOnError.onError(e2.getStatus(), Log.getStackTraceString(e2));
            return null;
        } catch (GeneralSecurityException e10) {
            Log.e(TAG, "Failed to build client data: " + e10.getMessage(), e10);
            localOnError.onError(Fido2Status.FIDO2_ERROR_UNKNOWN, Log.getStackTraceString(e10));
            return null;
        }
    }

    public boolean hasExcludeCredential(CreationOptions creationOptions, OnMakeCredentialResultListener onMakeCredentialResultListener) {
        Fido2AuthenticatorSupport fido2AuthenticatorSupport = this.nativeAuthr;
        byte[] bArr = this.aaguid;
        String str = creationOptions.rpId;
        onMakeCredentialResultListener.getClass();
        CredInfo[] lookupRegCred = lookupRegCred(fido2AuthenticatorSupport, bArr, str, new a(onMakeCredentialResultListener, 3));
        if (lookupRegCred == null) {
            return true;
        }
        String str2 = TAG;
        Log.d(str2, "Found " + lookupRegCred.length + " already registered credentials");
        if (!excludedCredentialsExist(lookupRegCred, creationOptions)) {
            return false;
        }
        String str3 = "ExcludeCredential: Key(s) already created: [" + Arrays.toString(creationOptions.excludeCredentials) + "]";
        Log.w(str2, str3);
        onMakeCredentialResultListener.onError(1, str3);
        return true;
    }

    public CredInfo[] lookupRegCred(Fido2AuthenticatorSupport fido2AuthenticatorSupport, byte[] bArr, String str, LocalOnError localOnError) {
        String str2;
        try {
            CredInfo[] lookupCredentials = fido2AuthenticatorSupport.lookupCredentials(CredQuery.createAaguidQuery(str, bArr));
            Log.d(TAG, String.format("found %d credentials for rpId=[%s]", Integer.valueOf(lookupCredentials.length), str));
            return lookupCredentials;
        } catch (Fido2Exception e2) {
            String stackTraceString = Log.getStackTraceString(e2);
            if (e2.getStatus() == 255) {
                Log.e(TAG, "Failed to lookup credentials: " + e2.getMessage(), e2);
            }
            localOnError.onError(e2.getStatus(), stackTraceString);
            return null;
        } catch (Exception e10) {
            int fromString = Fido2Status.fromString(e10.getMessage());
            if (fromString == 255) {
                Log.e(TAG, "Failed to lookup credentials " + e10.getMessage(), e10);
                str2 = Log.getStackTraceString(e10);
            } else {
                str2 = null;
            }
            localOnError.onError(fromString, str2);
            return null;
        }
    }

    public void makeCredential(CreationOptions creationOptions, byte[] bArr, ByteArrayOutputStream byteArrayOutputStream, ByteArrayOutputStream byteArrayOutputStream2) {
        byte[] digest = MessageDigest.getInstance("SHA256").digest(bArr);
        creationOptions.aaguid = (byte[]) getAaguid().clone();
        this.nativeAuthr.makeCredential(digest, creationOptions, byteArrayOutputStream, byteArrayOutputStream2);
    }
}
