package com.microsoft.identity.common.internal.ui.webview.certbasedauth;

import android.support.v4.media.session.a;
import com.microsoft.identity.common.logging.Logger;
import com.yubico.yubikit.core.smartcard.ApduException;
import com.yubico.yubikit.piv.InvalidPinException;
import com.yubico.yubikit.piv.Slot;
import com.yubico.yubikit.piv.e;
import com.yubico.yubikit.piv.jca.PivPrivateKey;
import com.yubico.yubikit.piv.jca.PivProvider;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import l8.c;
import lb.b;
import o8.d;

/* loaded from: classes.dex */
public class YubiKitSmartcardSession implements ISmartcardSession {
    private static final short APDU_EXCEPTION_ERROR_CODE_FILE_NOT_FOUND = 27266;
    private static final String TAG = "YubiKitSmartcardSession";
    private static final String YUBIKEY_PROVIDER = "YKPiv";
    private final e piv;

    public YubiKitSmartcardSession(e eVar) {
        this.piv = eVar;
    }

    private void getAndPutCertDetailsInList(Slot slot, e eVar, List<ICertDetails> list) {
        String m10 = a.m(new StringBuilder(), TAG, ":getAndPutCertDetailsInList");
        try {
            list.add(new YubiKitCertDetails(eVar.l(slot), slot));
        } catch (ApduException e10) {
            if (e10.getSw() != 27266) {
                throw e10;
            }
            Logger.verbose(m10, slot + " slot is empty.");
        }
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    public List<ICertDetails> getCertDetailsList() {
        ArrayList arrayList = new ArrayList();
        getAndPutCertDetailsInList(Slot.AUTHENTICATION, this.piv, arrayList);
        getAndPutCertDetailsInList(Slot.SIGNATURE, this.piv, arrayList);
        getAndPutCertDetailsInList(Slot.KEY_MANAGEMENT, this.piv, arrayList);
        getAndPutCertDetailsInList(Slot.CARD_AUTH, this.piv, arrayList);
        return arrayList;
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    public PrivateKey getKeyForAuth(ICertDetails iCertDetails, char[] cArr) {
        String m10 = a.m(new StringBuilder(), TAG, ":getKeyForAuth");
        if (!(iCertDetails instanceof YubiKitCertDetails)) {
            throw new Exception("certDetails is not of type YubiKitCertDetails.");
        }
        KeyStore keyStore = KeyStore.getInstance(YUBIKEY_PROVIDER, new PivProvider(this.piv));
        keyStore.load(null);
        Key key = keyStore.getKey(((YubiKitCertDetails) iCertDetails).getSlot().getStringAlias(), cArr);
        if (key instanceof PivPrivateKey) {
            return (PivPrivateKey) key;
        }
        Logger.error(m10, "Private key retrieved from YKPiv keystore is not of type PivPrivateKey.", null);
        throw new Exception("Private key retrieved from YKPiv keystore is not of type PivPrivateKey.");
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    public int getPinAttemptsRemaining() {
        e eVar = this.piv;
        eVar.getClass();
        b bVar = e.f11701j;
        d.o(bVar, "Getting PIN attempts");
        c cVar = e.f11698g;
        boolean k4 = cVar.k(eVar.f11703b);
        com.yubico.yubikit.core.smartcard.e eVar2 = eVar.f11702a;
        if (k4) {
            d.o(bVar, "Getting PIN metadata");
            eVar.a(cVar);
            LinkedHashMap r10 = d.r(eVar2.b(new com.yubico.yubikit.core.smartcard.a(-9, 0, -128, null)));
            byte[] bArr = (byte[]) r10.get(6);
            byte b10 = ((byte[]) r10.get(5))[0];
            byte b11 = bArr[0];
            return bArr[1];
        }
        try {
            eVar2.b(new com.yubico.yubikit.core.smartcard.a(32, 0, -128, null));
            d.o(bVar, "Using cached value, may be incorrect");
            return eVar.f11704c;
        } catch (ApduException e10) {
            int o10 = eVar.o(e10.getSw());
            if (o10 < 0) {
                throw e10;
            }
            eVar.f11704c = o10;
            d.o(bVar, "Using value from empty verify");
            return o10;
        }
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    public boolean verifyPin(char[] cArr) {
        String m10 = a.m(new StringBuilder(), TAG, ":verifyPin");
        try {
            this.piv.M(cArr);
            return true;
        } catch (InvalidPinException unused) {
            Logger.info(m10, "Incorrect PIN entered.");
            return false;
        }
    }
}
