package com.yubico.yubikit.piv.jca;

import com.squareup.moshi.c0;
import com.umeng.commonsdk.statistics.UMErrorCode;
import com.yubico.yubikit.core.application.BadResponseException;
import com.yubico.yubikit.core.smartcard.ApduException;
import com.yubico.yubikit.piv.KeyType;
import com.yubico.yubikit.piv.PinPolicy;
import com.yubico.yubikit.piv.Slot;
import com.yubico.yubikit.piv.TouchPolicy;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.concurrent.ArrayBlockingQueue;
import java.util.concurrent.Callable;
import org.slf4j.event.Level;

/* loaded from: classes.dex */
public final class l extends KeyStoreSpi {

    /* renamed from: b, reason: collision with root package name */
    public static final /* synthetic */ int f11905b = 0;

    /* renamed from: a, reason: collision with root package name */
    public final r8.a f11906a;

    public l(r8.a aVar) {
        this.f11906a = aVar;
    }

    public final void a(final Slot slot, final PrivateKey privateKey, final PinPolicy pinPolicy, final TouchPolicy touchPolicy, final X509Certificate x509Certificate) {
        final ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
        this.f11906a.invoke(new r8.a() { // from class: com.yubico.yubikit.piv.jca.h
            @Override // r8.a
            public final void invoke(Object obj) {
                final PrivateKey privateKey2 = privateKey;
                final Slot slot2 = slot;
                final PinPolicy pinPolicy2 = pinPolicy;
                final TouchPolicy touchPolicy2 = touchPolicy;
                final X509Certificate x509Certificate2 = x509Certificate;
                final r8.b bVar = (r8.b) obj;
                arrayBlockingQueue.add(r8.b.c(new Callable() { // from class: com.yubico.yubikit.piv.jca.j
                    /* JADX WARN: Multi-variable type inference failed */
                    /* JADX WARN: Type inference failed for: r3v21, types: [java.util.List] */
                    @Override // java.util.concurrent.Callable
                    public final Object call() {
                        ArrayList arrayList;
                        com.yubico.yubikit.piv.e eVar = (com.yubico.yubikit.piv.e) r8.b.this.b();
                        PrivateKey privateKey3 = privateKey2;
                        Slot slot3 = slot2;
                        if (privateKey3 != null) {
                            eVar.getClass();
                            KeyType fromKey = KeyType.fromKey(privateKey3);
                            n8.a aVar = eVar.f11869b;
                            byte b10 = aVar.f16338a;
                            PinPolicy pinPolicy3 = pinPolicy2;
                            TouchPolicy touchPolicy3 = touchPolicy2;
                            if (b10 != 0) {
                                if (fromKey == KeyType.ECCP384) {
                                    eVar.a(com.yubico.yubikit.piv.e.f11861d);
                                }
                                if (pinPolicy3 != PinPolicy.DEFAULT || touchPolicy3 != TouchPolicy.DEFAULT) {
                                    eVar.a(com.yubico.yubikit.piv.e.f11862e);
                                    if (touchPolicy3 == TouchPolicy.CACHED) {
                                        eVar.a(com.yubico.yubikit.piv.e.f11863f);
                                    }
                                }
                                if (aVar.b(4, 4, 0) >= 0 && aVar.b(4, 5, 0) < 0) {
                                    if (fromKey == KeyType.RSA1024) {
                                        throw new UnsupportedOperationException("RSA 1024 is not supported on YubiKey FIPS");
                                    }
                                    if (pinPolicy3 == PinPolicy.NEVER) {
                                        throw new UnsupportedOperationException("PinPolicy.NEVER is not allowed on YubiKey FIPS");
                                    }
                                }
                            }
                            com.yubico.yubikit.piv.b bVar2 = fromKey.params;
                            LinkedHashMap linkedHashMap = new LinkedHashMap();
                            int i10 = com.yubico.yubikit.piv.d.f11859a[bVar2.f11857a.ordinal()];
                            int i11 = bVar2.f11858b;
                            if (i10 == 1) {
                                if (privateKey3 instanceof RSAPrivateCrtKey) {
                                    RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) privateKey3;
                                    arrayList = Arrays.asList(rSAPrivateCrtKey.getModulus(), rSAPrivateCrtKey.getPublicExponent(), rSAPrivateCrtKey.getPrivateExponent(), rSAPrivateCrtKey.getPrimeP(), rSAPrivateCrtKey.getPrimeQ(), rSAPrivateCrtKey.getPrimeExponentP(), rSAPrivateCrtKey.getPrimeExponentQ(), rSAPrivateCrtKey.getCrtCoefficient());
                                } else {
                                    if (!"PKCS#8".equals(privateKey3.getFormat())) {
                                        throw new UnsupportedEncodingException("Unsupported private key encoding");
                                    }
                                    try {
                                        ByteBuffer wrap = ByteBuffer.wrap((byte[]) c0.l((byte[]) c0.l(c0.A(48, privateKey3.getEncoded())).get(4)).get(48));
                                        ArrayList arrayList2 = new ArrayList();
                                        while (wrap.hasRemaining()) {
                                            arrayList2.add(r8.c.a(wrap));
                                        }
                                        ArrayList arrayList3 = new ArrayList();
                                        Iterator it = arrayList2.iterator();
                                        while (it.hasNext()) {
                                            r8.c cVar = (r8.c) it.next();
                                            int i12 = cVar.f19703b;
                                            int i13 = cVar.f19705d;
                                            arrayList3.add(new BigInteger(Arrays.copyOfRange(cVar.f19704c, i13, i12 + i13)));
                                        }
                                        int intValue = ((BigInteger) arrayList3.remove(0)).intValue();
                                        arrayList = arrayList3;
                                        if (intValue != 0) {
                                            throw new UnsupportedEncodingException("Expected value 0");
                                        }
                                    } catch (BadResponseException e10) {
                                        throw new UnsupportedEncodingException(e10.getMessage());
                                    }
                                }
                                if (((BigInteger) arrayList.get(1)).intValue() != 65537) {
                                    throw new UnsupportedEncodingException("Unsupported RSA public exponent");
                                }
                                int i14 = (i11 / 8) / 2;
                                linkedHashMap.put(1, com.yubico.yubikit.piv.e.b(i14, (BigInteger) arrayList.get(3)));
                                linkedHashMap.put(2, com.yubico.yubikit.piv.e.b(i14, (BigInteger) arrayList.get(4)));
                                linkedHashMap.put(3, com.yubico.yubikit.piv.e.b(i14, (BigInteger) arrayList.get(5)));
                                linkedHashMap.put(4, com.yubico.yubikit.piv.e.b(i14, (BigInteger) arrayList.get(6)));
                                linkedHashMap.put(5, com.yubico.yubikit.piv.e.b(i14, (BigInteger) arrayList.get(7)));
                            } else if (i10 == 2) {
                                linkedHashMap.put(6, com.yubico.yubikit.piv.e.b(i11 / 8, ((ECPrivateKey) privateKey3).getS()));
                            }
                            if (pinPolicy3 != PinPolicy.DEFAULT) {
                                linkedHashMap.put(170, new byte[]{(byte) pinPolicy3.value});
                            }
                            if (touchPolicy3 != TouchPolicy.DEFAULT) {
                                linkedHashMap.put(171, new byte[]{(byte) touchPolicy3.value});
                            }
                            nb.b bVar3 = com.yubico.yubikit.piv.e.f11867j;
                            m8.d.g(bVar3, "Importing key with pin_policy={}, touch_policy={}", pinPolicy3, touchPolicy3);
                            eVar.f11868a.b(new com.yubico.yubikit.core.smartcard.a(-2, fromKey.value, slot3.value, c0.m(linkedHashMap)));
                            m8.d.r(Level.INFO, bVar3, "Private key imported in slot {} of type {}", slot3, fromKey);
                        }
                        X509Certificate x509Certificate3 = x509Certificate2;
                        if (x509Certificate3 != null) {
                            eVar.getClass();
                            byte[] bArr = {0};
                            m8.d.g(com.yubico.yubikit.piv.e.f11867j, "Storing {}certificate in slot {}", "", slot3);
                            try {
                                byte[] encoded = x509Certificate3.getEncoded();
                                LinkedHashMap linkedHashMap2 = new LinkedHashMap();
                                linkedHashMap2.put(112, encoded);
                                linkedHashMap2.put(Integer.valueOf(UMErrorCode.E_UM_BE_RAW_OVERSIZE), bArr);
                                linkedHashMap2.put(254, null);
                                eVar.D(slot3.objectId, c0.m(linkedHashMap2));
                            } catch (CertificateEncodingException e11) {
                                throw new IllegalArgumentException("Failed to get encoded version of certificate", e11);
                            }
                        }
                        return Boolean.TRUE;
                    }
                }));
            }
        });
        ((r8.b) arrayBlockingQueue.take()).b();
    }

    @Override // java.security.KeyStoreSpi
    public final Enumeration engineAliases() {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public final boolean engineContainsAlias(String str) {
        try {
            Slot.fromStringAlias(str);
            return true;
        } catch (IllegalArgumentException unused) {
            return false;
        }
    }

    @Override // java.security.KeyStoreSpi
    public final void engineDeleteEntry(String str) {
        Slot fromStringAlias = Slot.fromStringAlias(str);
        ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
        this.f11906a.invoke(new i(arrayBlockingQueue, fromStringAlias, 0));
        try {
            ((r8.b) arrayBlockingQueue.take()).b();
        } catch (Exception e10) {
            throw new KeyStoreException(e10);
        }
    }

    @Override // java.security.KeyStoreSpi
    public final Certificate engineGetCertificate(String str) {
        Slot fromStringAlias = Slot.fromStringAlias(str);
        ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
        this.f11906a.invoke(new i(arrayBlockingQueue, fromStringAlias, 1));
        try {
            return (Certificate) ((r8.b) arrayBlockingQueue.take()).b();
        } catch (BadResponseException unused) {
            return null;
        } catch (ApduException e10) {
            if (e10.getSw() == 27266) {
                return null;
            }
            throw new RuntimeException(e10);
        } catch (Exception e11) {
            throw new RuntimeException(e11);
        }
    }

    @Override // java.security.KeyStoreSpi
    public final String engineGetCertificateAlias(Certificate certificate) {
        for (Slot slot : Slot.values()) {
            String stringAlias = slot.getStringAlias();
            if (certificate.equals(engineGetCertificate(stringAlias))) {
                return stringAlias;
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public final Certificate[] engineGetCertificateChain(String str) {
        return new Certificate[]{engineGetCertificate(str)};
    }

    @Override // java.security.KeyStoreSpi
    public final Date engineGetCreationDate(String str) {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public final KeyStore.Entry engineGetEntry(String str, KeyStore.ProtectionParameter protectionParameter) {
        Slot fromStringAlias = Slot.fromStringAlias(str);
        try {
            ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
            this.f11906a.invoke(new o(arrayBlockingQueue, fromStringAlias, protectionParameter, 1));
            return (KeyStore.Entry) ((r8.b) arrayBlockingQueue.take()).b();
        } catch (BadResponseException unused) {
            throw new UnrecoverableEntryException("Make sure the matching certificate is stored");
        } catch (ApduException e10) {
            if (e10.getSw() == 27266) {
                return null;
            }
            throw new RuntimeException(e10);
        } catch (Exception e11) {
            throw new RuntimeException(e11);
        }
    }

    @Override // java.security.KeyStoreSpi
    public final Key engineGetKey(String str, char[] cArr) {
        Slot fromStringAlias = Slot.fromStringAlias(str);
        try {
            ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
            this.f11906a.invoke(new o(arrayBlockingQueue, fromStringAlias, cArr, 2));
            return (Key) ((r8.b) arrayBlockingQueue.take()).b();
        } catch (BadResponseException unused) {
            throw new UnrecoverableKeyException("No way to infer KeyType, make sure the matching certificate is stored");
        } catch (ApduException e10) {
            if (e10.getSw() == 27266) {
                return null;
            }
            throw new RuntimeException(e10);
        } catch (Exception e11) {
            throw new RuntimeException(e11);
        }
    }

    @Override // java.security.KeyStoreSpi
    public final boolean engineIsCertificateEntry(String str) {
        return engineGetCertificate(str) != null;
    }

    @Override // java.security.KeyStoreSpi
    public final boolean engineIsKeyEntry(String str) {
        return engineContainsAlias(str);
    }

    @Override // java.security.KeyStoreSpi
    public final void engineLoad(InputStream inputStream, char[] cArr) {
        throw new InvalidParameterException("KeyStore must be loaded with a null LoadStoreParameter");
    }

    @Override // java.security.KeyStoreSpi
    public final void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) {
        if (loadStoreParameter != null) {
            throw new InvalidParameterException("KeyStore must be loaded with null");
        }
    }

    @Override // java.security.KeyStoreSpi
    public final void engineSetCertificateEntry(String str, Certificate certificate) {
        Slot fromStringAlias = Slot.fromStringAlias(str);
        if (!(certificate instanceof X509Certificate)) {
            throw new KeyStoreException("Certificate must be X509Certificate");
        }
        try {
            a(fromStringAlias, null, PinPolicy.DEFAULT, TouchPolicy.DEFAULT, (X509Certificate) certificate);
        } catch (Exception e10) {
            throw new KeyStoreException(e10);
        }
    }

    @Override // java.security.KeyStoreSpi
    public final void engineSetEntry(String str, KeyStore.Entry entry, KeyStore.ProtectionParameter protectionParameter) {
        Object certificate;
        PrivateKey privateKey;
        Slot fromStringAlias = Slot.fromStringAlias(str);
        if (entry instanceof KeyStore.TrustedCertificateEntry) {
            if (protectionParameter != null) {
                throw new KeyStoreException("Certificate cannot use protParam");
            }
            certificate = ((KeyStore.TrustedCertificateEntry) entry).getTrustedCertificate();
            privateKey = null;
        } else {
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                throw new KeyStoreException("Unsupported KeyStore entry.");
            }
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
            certificate = privateKeyEntry.getCertificate();
            privateKey = privateKeyEntry.getPrivateKey();
        }
        PrivateKey privateKey2 = privateKey;
        if (certificate != null && !(certificate instanceof X509Certificate)) {
            throw new KeyStoreException("Certificate must be X509Certificate");
        }
        PinPolicy pinPolicy = PinPolicy.DEFAULT;
        TouchPolicy touchPolicy = TouchPolicy.DEFAULT;
        if (privateKey2 != null && protectionParameter != null) {
            throw new KeyStoreException("protParam must be an instance of PivKeyStoreKeyParameters");
        }
        try {
            a(fromStringAlias, privateKey2, pinPolicy, touchPolicy, (X509Certificate) certificate);
        } catch (Exception e10) {
            throw new KeyStoreException(e10);
        }
    }

    @Override // java.security.KeyStoreSpi
    public final void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
        Slot fromStringAlias = Slot.fromStringAlias(str);
        if (cArr != null) {
            throw new KeyStoreException("Password can not be set");
        }
        if (certificateArr.length != 1) {
            throw new KeyStoreException("Certificate chain must be a single certificate, or empty");
        }
        Certificate certificate = certificateArr[0];
        if (!(certificate instanceof X509Certificate)) {
            throw new KeyStoreException("Certificate must be X509Certificate");
        }
        try {
            a(fromStringAlias, (PrivateKey) key, PinPolicy.DEFAULT, TouchPolicy.DEFAULT, (X509Certificate) certificate);
        } catch (Exception e10) {
            throw new KeyStoreException(e10);
        }
    }

    @Override // java.security.KeyStoreSpi
    public final void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
        throw new KeyStoreException("Use setKeyEntry with a PrivateKey instance instead of byte[]");
    }

    @Override // java.security.KeyStoreSpi
    public final int engineSize() {
        return Slot.values().length;
    }

    @Override // java.security.KeyStoreSpi
    public final void engineStore(OutputStream outputStream, char[] cArr) {
        throw new UnsupportedOperationException();
    }
}
