package com.microsoft.identity.common.internal.ui.webview.certbasedauth;

import R8.a;
import Sb.b;
import Y8.d;
import c9.C0592a;
import com.microsoft.identity.common.logging.Logger;
import com.yubico.yubikit.core.smartcard.ApduException;
import com.yubico.yubikit.piv.InvalidPinException;
import e9.C1001c;
import i9.C1159a;
import i9.f;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import k9.j;
import k9.k;
import l9.r;
import l9.v;
import u0.AbstractC1642a;

/* loaded from: classes2.dex */
public class YubiKitSmartcardSession implements ISmartcardSession {
    private static final short APDU_EXCEPTION_ERROR_CODE_FILE_NOT_FOUND = 27266;
    private static final String TAG = "YubiKitSmartcardSession";
    private static final String YUBIKEY_PROVIDER = "YKPiv";
    private final j piv;

    public YubiKitSmartcardSession(j jVar) {
        this.piv = jVar;
    }

    private void getAndPutCertDetailsInList(k kVar, j jVar, List<ICertDetails> list) {
        String t10 = AbstractC1642a.t(new StringBuilder(), TAG, ":getAndPutCertDetailsInList");
        try {
            list.add(new YubiKitCertDetails(jVar.d(kVar), kVar));
        } catch (ApduException e8) {
            if (e8.f15406b != 27266) {
                throw e8;
            }
            Logger.verbose(t10, kVar + " slot is empty.");
        }
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    public List<ICertDetails> getCertDetailsList() {
        ArrayList arrayList = new ArrayList();
        getAndPutCertDetailsInList(k.AUTHENTICATION, this.piv, arrayList);
        getAndPutCertDetailsInList(k.SIGNATURE, this.piv, arrayList);
        getAndPutCertDetailsInList(k.KEY_MANAGEMENT, this.piv, arrayList);
        getAndPutCertDetailsInList(k.CARD_AUTH, this.piv, arrayList);
        return arrayList;
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    public PrivateKey getKeyForAuth(ICertDetails iCertDetails, char[] cArr) {
        String t10 = AbstractC1642a.t(new StringBuilder(), TAG, ":getKeyForAuth");
        if (!(iCertDetails instanceof YubiKitCertDetails)) {
            throw new Exception("certDetails is not of type YubiKitCertDetails.");
        }
        KeyStore keyStore = KeyStore.getInstance(YUBIKEY_PROVIDER, new v(new C0592a(2, this.piv)));
        keyStore.load(null);
        Key key = keyStore.getKey(((YubiKitCertDetails) iCertDetails).getSlot().getStringAlias(), cArr);
        if (key instanceof r) {
            return (r) key;
        }
        Logger.error(t10, "Private key retrieved from YKPiv keystore is not of type PivPrivateKey.", null);
        throw new Exception("Private key retrieved from YKPiv keystore is not of type PivPrivateKey.");
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    public int getPinAttemptsRemaining() {
        j jVar = this.piv;
        jVar.getClass();
        b bVar = j.f17391r;
        d.b(bVar, "Getting PIN attempts");
        C1001c c1001c = j.f17389p;
        boolean p10 = c1001c.p(jVar.f17393d);
        f fVar = jVar.f17392b;
        if (p10) {
            d.b(bVar, "Getting PIN metadata");
            jVar.a(c1001c);
            LinkedHashMap e8 = a.e(fVar.c(new C1159a(-9, null, 0, -128)));
            byte[] bArr = (byte[]) e8.get(6);
            byte b3 = ((byte[]) e8.get(5))[0];
            byte b10 = bArr[0];
            return bArr[1];
        }
        try {
            fVar.c(new C1159a(32, null, 0, -128));
            d.b(bVar, "Using cached value, may be incorrect");
            return jVar.f17394e;
        } catch (ApduException e10) {
            int e11 = jVar.e(e10.f15406b);
            if (e11 < 0) {
                throw e10;
            }
            jVar.f17394e = e11;
            d.b(bVar, "Using value from empty verify");
            return e11;
        }
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    public boolean verifyPin(char[] cArr) {
        String t10 = AbstractC1642a.t(new StringBuilder(), TAG, ":verifyPin");
        try {
            this.piv.G(cArr);
            return true;
        } catch (InvalidPinException unused) {
            Logger.info(t10, "Incorrect PIN entered.");
            return false;
        }
    }
}
