package com.android.identity;

import android.content.Context;
import androidx.core.util.Pair;
import co.nstant.in.cbor.CborBuilder;
import co.nstant.in.cbor.builder.MapBuilder;
import co.nstant.in.cbor.model.UnicodeString;
import com.android.identity.DataTransport;
import com.android.identity.DeviceRetrievalHelper;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.PublicKey;
import java.util.List;
import java.util.OptionalLong;
import java.util.concurrent.Executor;

/* loaded from: classes4.dex */
public class DeviceRetrievalHelper {
    private static final String TAG = "DeviceRetrievalHelper";
    private byte[] mAlternateDeviceEngagement;
    private byte[] mAlternateHandover;
    SessionEncryptionDevice mAlternateSessionEncryption;
    private Context mContext;
    private byte[] mDeviceEngagement;
    private PublicKey mEReaderKey;
    private byte[] mEncodedAlternateSessionTranscript;
    private byte[] mEncodedSessionTranscript;
    private KeyPair mEphemeralKeyPair;
    private byte[] mHandover;
    private boolean mInhibitCallbacks;
    Listener mListener;
    Executor mListenerExecutor;
    PresentationSession mPresentationSession;
    boolean mReceivedSessionTerminated;
    private byte[] mReverseEngagementEncodedEReaderKey;
    private List<OriginInfo> mReverseEngagementOriginInfos;
    private byte[] mReverseEngagementReaderEngagement;
    private boolean mSendSessionTerminationMessage;
    SessionEncryptionDevice mSessionEncryption;
    DataTransport mTransport;
    private boolean mUseTransportSpecificSessionTermination;

    /* loaded from: classes4.dex */
    public static class Builder {
        DeviceRetrievalHelper mHelper;

        public Builder(Context context, Listener listener, Executor executor, PresentationSession presentationSession) {
            DeviceRetrievalHelper deviceRetrievalHelper = new DeviceRetrievalHelper();
            this.mHelper = deviceRetrievalHelper;
            deviceRetrievalHelper.mContext = context;
            if (listener != null && executor == null) {
                throw new IllegalStateException("Cannot have non-null listener with null executor");
            }
            this.mHelper.mListener = listener;
            this.mHelper.mListenerExecutor = executor;
            this.mHelper.mPresentationSession = presentationSession;
            DeviceRetrievalHelper deviceRetrievalHelper2 = this.mHelper;
            deviceRetrievalHelper2.mEphemeralKeyPair = deviceRetrievalHelper2.mPresentationSession.getEphemeralKeyPair();
        }

        public Builder addAlternateForwardEngagement(byte[] bArr, byte[] bArr2) {
            if (this.mHelper.mDeviceEngagement == null) {
                throw new IllegalStateException("Helper isn't configured to use forward engagement");
            }
            if (this.mHelper.mAlternateDeviceEngagement != null) {
                throw new IllegalStateException("Can only add a single alternate engagement");
            }
            this.mHelper.mAlternateDeviceEngagement = bArr;
            this.mHelper.mAlternateHandover = bArr2;
            return this;
        }

        public DeviceRetrievalHelper build() {
            if (this.mHelper.mTransport == null) {
                throw new IllegalStateException("Neither forward nor reverse engagement configured");
            }
            this.mHelper.start();
            return this.mHelper;
        }

        public Builder useForwardEngagement(DataTransport dataTransport, byte[] bArr, byte[] bArr2) {
            this.mHelper.mTransport = dataTransport;
            this.mHelper.mDeviceEngagement = bArr;
            this.mHelper.mHandover = bArr2;
            return this;
        }

        public Builder useReverseEngagement(DataTransport dataTransport, byte[] bArr, List<OriginInfo> list) {
            this.mHelper.mTransport = dataTransport;
            this.mHelper.mReverseEngagementReaderEngagement = bArr;
            this.mHelper.mReverseEngagementOriginInfos = list;
            return this;
        }
    }

    /* loaded from: classes4.dex */
    public interface Listener {
        void onDeviceDisconnected(boolean z);

        void onDeviceRequest(byte[] bArr);

        void onError(Throwable th);
    }

    DeviceRetrievalHelper() {
    }

    private void ensureSessionEncryption(byte[] bArr) {
        if (this.mSessionEncryption != null) {
            return;
        }
        byte[] bArr2 = this.mReverseEngagementEncodedEReaderKey;
        if (bArr2 == null) {
            bArr2 = Util.cborMapExtractByteString(Util.cborDecode(bArr), "eReaderKey");
        } else if (Util.cborMapHasKey(Util.cborDecode(bArr), "eReaderKey")) {
            Logger.w(TAG, "Ignoring eReaderKey in SessionEstablishment since we already got this get in ReaderEngagement");
        }
        this.mEReaderKey = Util.coseKeyDecode(Util.cborDecode(bArr2));
        this.mEncodedSessionTranscript = Util.cborEncode(new CborBuilder().addArray().add(Util.cborBuildTaggedByteString(this.mDeviceEngagement)).add(Util.cborBuildTaggedByteString(bArr2)).add(Util.cborDecode(this.mHandover)).end().build().get(0));
        this.mSessionEncryption = new SessionEncryptionDevice(this.mEphemeralKeyPair.getPrivate(), this.mEReaderKey, this.mEncodedSessionTranscript);
        if (this.mAlternateDeviceEngagement == null || this.mAlternateHandover == null) {
            return;
        }
        this.mEncodedAlternateSessionTranscript = Util.cborEncode(new CborBuilder().addArray().add(Util.cborBuildTaggedByteString(this.mAlternateDeviceEngagement)).add(Util.cborBuildTaggedByteString(bArr2)).add(Util.cborDecode(this.mAlternateHandover)).end().build().get(0));
        this.mAlternateSessionEncryption = new SessionEncryptionDevice(this.mEphemeralKeyPair.getPrivate(), this.mEReaderKey, this.mEncodedAlternateSessionTranscript);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void processMessageReceived(byte[] bArr) {
        Logger.dCbor(TAG, "SessionData received", bArr);
        ensureSessionEncryption(bArr);
        try {
            Pair<byte[], OptionalLong> decryptMessageFromReader = this.mSessionEncryption.decryptMessageFromReader(bArr);
            if (decryptMessageFromReader == null && this.mAlternateSessionEncryption != null) {
                Logger.d(TAG, "Decryption failed, trying alternate");
                SessionEncryptionDevice sessionEncryptionDevice = this.mAlternateSessionEncryption;
                this.mSessionEncryption = sessionEncryptionDevice;
                this.mEncodedSessionTranscript = this.mEncodedAlternateSessionTranscript;
                try {
                    decryptMessageFromReader = sessionEncryptionDevice.decryptMessageFromReader(bArr);
                } catch (RuntimeException e) {
                    this.mTransport.sendMessage(this.mSessionEncryption.encryptMessageToReader(null, OptionalLong.of(10L)));
                    this.mTransport.close();
                    reportError(new Error("Error decrypting message from reader", e));
                    return;
                }
            }
            if (decryptMessageFromReader == null) {
                Logger.d(TAG, "Decryption failed!");
                this.mTransport.sendMessage(this.mSessionEncryption.encryptMessageToReader(null, OptionalLong.of(10L)));
                this.mTransport.close();
                reportError(new Error("Error decrypting message from reader"));
                return;
            }
            if (decryptMessageFromReader.first != null) {
                if (this.mSessionEncryption.getNumMessagesEncrypted() == 0) {
                    this.mPresentationSession.setSessionTranscript(this.mEncodedSessionTranscript);
                    try {
                        this.mPresentationSession.setReaderEphemeralPublicKey(this.mEReaderKey);
                    } catch (InvalidKeyException e2) {
                        this.mTransport.close();
                        reportError(new Error("Reader ephemeral public key is invalid", e2));
                        return;
                    }
                }
                Logger.dCbor(TAG, "DeviceRequest received", decryptMessageFromReader.first);
                reportDeviceRequest(decryptMessageFromReader.first);
                return;
            }
            if (!decryptMessageFromReader.second.isPresent()) {
                this.mTransport.close();
                reportError(new Error("No data and no status in SessionData"));
                return;
            }
            long asLong = decryptMessageFromReader.second.getAsLong();
            Logger.d(TAG, "Message received from reader with status: " + asLong);
            if (asLong != 20) {
                this.mTransport.close();
                reportError(new Error("Expected status code 20, got " + asLong + " instead"));
            } else {
                this.mReceivedSessionTerminated = true;
                this.mTransport.close();
                reportDeviceDisconnected(false);
            }
        } catch (RuntimeException e3) {
            this.mTransport.sendMessage(this.mSessionEncryption.encryptMessageToReader(null, OptionalLong.of(10L)));
            this.mTransport.close();
            reportError(new Error("Error decrypting message from reader", e3));
        }
    }

    public void disconnect() {
        this.mInhibitCallbacks = true;
        if (this.mTransport != null) {
            SessionEncryptionDevice sessionEncryptionDevice = this.mSessionEncryption;
            boolean z = sessionEncryptionDevice != null && sessionEncryptionDevice.getNumMessagesDecrypted() > 0;
            if (!this.mSendSessionTerminationMessage || !z) {
                Logger.d(TAG, "Not sending session termination message");
            } else if (this.mUseTransportSpecificSessionTermination && this.mTransport.supportsTransportSpecificTerminationMessage()) {
                Logger.d(TAG, "Sending transport-specific termination message");
                this.mTransport.sendTransportSpecificTerminationMessage();
            } else {
                Logger.d(TAG, "Sending generic session termination message");
                this.mTransport.sendMessage(this.mSessionEncryption.encryptMessageToReader(null, OptionalLong.of(20L)));
            }
            this.mTransport.close();
            this.mTransport = null;
        }
    }

    public byte[] getDeviceEngagement() {
        return this.mDeviceEngagement;
    }

    public byte[] getSessionTranscript() {
        byte[] bArr = this.mEncodedSessionTranscript;
        if (bArr != null) {
            return bArr;
        }
        throw new IllegalStateException("No message received from verifier");
    }

    public boolean isTransportSpecificTerminationSupported() {
        DataTransport dataTransport = this.mTransport;
        if (dataTransport == null) {
            return false;
        }
        return dataTransport.supportsTransportSpecificTerminationMessage();
    }

    void reportDeviceDisconnected(final boolean z) {
        Logger.d(TAG, "reportDeviceDisconnected: transportSpecificTermination: " + z);
        final Listener listener = this.mListener;
        Executor executor = this.mListenerExecutor;
        if (this.mInhibitCallbacks || listener == null || executor == null) {
            return;
        }
        executor.execute(new Runnable() { // from class: com.android.identity.DeviceRetrievalHelper$$ExternalSyntheticLambda2
            @Override // java.lang.Runnable
            public final void run() {
                DeviceRetrievalHelper.Listener.this.onDeviceDisconnected(z);
            }
        });
    }

    void reportDeviceRequest(final byte[] bArr) {
        Logger.d(TAG, "reportDeviceRequest: deviceRequestBytes: " + bArr.length + " bytes");
        final Listener listener = this.mListener;
        Executor executor = this.mListenerExecutor;
        if (this.mInhibitCallbacks || listener == null || executor == null) {
            return;
        }
        executor.execute(new Runnable() { // from class: com.android.identity.DeviceRetrievalHelper$$ExternalSyntheticLambda1
            @Override // java.lang.Runnable
            public final void run() {
                DeviceRetrievalHelper.Listener.this.onDeviceRequest(bArr);
            }
        });
    }

    void reportError(final Throwable th) {
        Logger.d(TAG, "reportError: error: ", th);
        final Listener listener = this.mListener;
        Executor executor = this.mListenerExecutor;
        if (this.mInhibitCallbacks || listener == null || executor == null) {
            return;
        }
        executor.execute(new Runnable() { // from class: com.android.identity.DeviceRetrievalHelper$$ExternalSyntheticLambda0
            @Override // java.lang.Runnable
            public final void run() {
                DeviceRetrievalHelper.Listener.this.onError(th);
            }
        });
    }

    public void sendDeviceResponse(byte[] bArr) {
        sendDeviceResponse(bArr, null, null);
    }

    public void sendDeviceResponse(byte[] bArr, TransmissionProgressListener transmissionProgressListener, Executor executor) {
        Logger.dCbor(TAG, "DeviceResponse to send", bArr);
        this.mTransport.sendMessage(this.mSessionEncryption.encryptMessageToReader(bArr, OptionalLong.empty()), transmissionProgressListener, executor);
    }

    public void setSendSessionTerminationMessage(boolean z) {
        this.mSendSessionTerminationMessage = z;
    }

    public void setUseTransportSpecificSessionTermination(boolean z) {
        this.mUseTransportSpecificSessionTermination = z;
    }

    void start() {
        this.mTransport.setListener(new DataTransport.Listener() { // from class: com.android.identity.DeviceRetrievalHelper.1
            @Override // com.android.identity.DataTransport.Listener
            public void onConnected() {
                Logger.d(DeviceRetrievalHelper.TAG, "onConnected");
                if (DeviceRetrievalHelper.this.mReverseEngagementReaderEngagement == null) {
                    throw new IllegalStateException("Unexpected onConnected callback");
                }
                Logger.d(DeviceRetrievalHelper.TAG, "onConnected for reverse engagement");
                EngagementGenerator engagementGenerator = new EngagementGenerator(DeviceRetrievalHelper.this.mEphemeralKeyPair.getPublic(), EngagementGenerator.ENGAGEMENT_VERSION_1_1);
                engagementGenerator.setOriginInfos(DeviceRetrievalHelper.this.mReverseEngagementOriginInfos);
                DeviceRetrievalHelper.this.mDeviceEngagement = engagementGenerator.generate();
                DeviceRetrievalHelper deviceRetrievalHelper = DeviceRetrievalHelper.this;
                deviceRetrievalHelper.mHandover = Util.cborEncode(Util.cborBuildTaggedByteString(deviceRetrievalHelper.mReverseEngagementReaderEngagement));
                CborBuilder cborBuilder = new CborBuilder();
                MapBuilder<CborBuilder> addMap = cborBuilder.addMap();
                addMap.put(new UnicodeString("deviceEngagementBytes"), Util.cborBuildTaggedByteString(DeviceRetrievalHelper.this.mDeviceEngagement));
                addMap.end();
                byte[] cborEncode = Util.cborEncode(cborBuilder.build().get(0));
                Logger.dCbor(DeviceRetrievalHelper.TAG, "MessageData for reverse engagement to send", cborEncode);
                DeviceRetrievalHelper.this.mTransport.sendMessage(cborEncode);
            }

            @Override // com.android.identity.DataTransport.Listener
            public void onConnecting() {
                Logger.d(DeviceRetrievalHelper.TAG, "onConnecting");
            }

            @Override // com.android.identity.DataTransport.Listener
            public void onConnectionMethodReady() {
                Logger.d(DeviceRetrievalHelper.TAG, "onConnectionMethodReady");
            }

            @Override // com.android.identity.DataTransport.Listener
            public void onDisconnected() {
                Logger.d(DeviceRetrievalHelper.TAG, "onDisconnected");
                DeviceRetrievalHelper.this.mTransport.close();
                if (DeviceRetrievalHelper.this.mReceivedSessionTerminated) {
                    DeviceRetrievalHelper.this.reportDeviceDisconnected(false);
                } else {
                    DeviceRetrievalHelper.this.reportError(new Error("Peer disconnected without proper session termination"));
                }
            }

            @Override // com.android.identity.DataTransport.Listener
            public void onError(Throwable th) {
                DeviceRetrievalHelper.this.mTransport.close();
                DeviceRetrievalHelper.this.reportError(th);
            }

            @Override // com.android.identity.DataTransport.Listener
            public void onMessageReceived() {
                byte[] message = DeviceRetrievalHelper.this.mTransport.getMessage();
                if (message == null) {
                    DeviceRetrievalHelper.this.reportError(new Error("onMessageReceived but no message"));
                } else {
                    DeviceRetrievalHelper.this.processMessageReceived(message);
                }
            }

            @Override // com.android.identity.DataTransport.Listener
            public void onTransportSpecificSessionTermination() {
                Logger.d(DeviceRetrievalHelper.TAG, "Received transport-specific session termination");
                DeviceRetrievalHelper.this.mReceivedSessionTerminated = true;
                DeviceRetrievalHelper.this.mTransport.close();
                DeviceRetrievalHelper.this.reportDeviceDisconnected(true);
            }
        }, this.mListenerExecutor);
        byte[] message = this.mTransport.getMessage();
        if (message != null) {
            processMessageReceived(message);
        }
        if (this.mReverseEngagementReaderEngagement != null) {
            this.mReverseEngagementEncodedEReaderKey = Util.cborExtractTaggedCbor(new EngagementParser(this.mReverseEngagementReaderEngagement).parse().getESenderKeyBytes());
            this.mTransport.setEDeviceKeyBytes(Util.cborEncode(Util.cborBuildTaggedByteString(Util.cborEncode(Util.cborBuildCoseKey(this.mEphemeralKeyPair.getPublic())))));
            this.mTransport.connect();
        }
    }
}
