package com.microsoft.identity.common.internal.ui.webview.certbasedauth;

import Do.e;
import Ho.c;
import Ks.b;
import Lo.d;
import No.g;
import No.h;
import Oo.q;
import Oo.v;
import V8.a;
import androidx.annotation.NonNull;
import com.microsoft.identity.common.logging.Logger;
import com.yubico.yubikit.core.smartcard.ApduException;
import com.yubico.yubikit.piv.InvalidPinException;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;

/* loaded from: classes.dex */
public class YubiKitSmartcardSession implements ISmartcardSession {
    private static final short APDU_EXCEPTION_ERROR_CODE_FILE_NOT_FOUND = 27266;
    private static final String TAG = "YubiKitSmartcardSession";
    private static final String YUBIKEY_PROVIDER = "YKPiv";
    private final g piv;

    public YubiKitSmartcardSession(@NonNull g gVar) {
        this.piv = gVar;
    }

    private void getAndPutCertDetailsInList(@NonNull h hVar, @NonNull g gVar, @NonNull List<ICertDetails> list) {
        String p2 = a.p(new StringBuilder(), TAG, ":getAndPutCertDetailsInList");
        try {
            list.add(new YubiKitCertDetails(gVar.e(hVar), hVar));
        } catch (ApduException e9) {
            if (e9.f48013a != 27266) {
                throw e9;
            }
            Logger.verbose(p2, hVar + " slot is empty.");
        }
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    @NonNull
    public List<ICertDetails> getCertDetailsList() {
        ArrayList arrayList = new ArrayList();
        getAndPutCertDetailsInList(h.AUTHENTICATION, this.piv, arrayList);
        getAndPutCertDetailsInList(h.SIGNATURE, this.piv, arrayList);
        getAndPutCertDetailsInList(h.KEY_MANAGEMENT, this.piv, arrayList);
        getAndPutCertDetailsInList(h.CARD_AUTH, this.piv, arrayList);
        return arrayList;
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    @NonNull
    public PrivateKey getKeyForAuth(@NonNull ICertDetails iCertDetails, @NonNull char[] cArr) {
        String p2 = a.p(new StringBuilder(), TAG, ":getKeyForAuth");
        if (!(iCertDetails instanceof YubiKitCertDetails)) {
            throw new Exception("certDetails is not of type YubiKitCertDetails.");
        }
        KeyStore keyStore = KeyStore.getInstance(YUBIKEY_PROVIDER, new v(new e(this.piv, 2)));
        keyStore.load(null);
        Key key = keyStore.getKey(Integer.toString(((YubiKitCertDetails) iCertDetails).getSlot().f17264a, 16), cArr);
        if (key instanceof q) {
            return (q) key;
        }
        Logger.error(p2, "Private key retrieved from YKPiv keystore is not of type PivPrivateKey.", null);
        throw new Exception("Private key retrieved from YKPiv keystore is not of type PivPrivateKey.");
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    public int getPinAttemptsRemaining() {
        g gVar = this.piv;
        gVar.getClass();
        b bVar = g.f17255f;
        bVar.p("Getting PIN attempts");
        c cVar = g.f17254e;
        boolean c10 = cVar.c(gVar.f17257b);
        d dVar = gVar.f17256a;
        if (c10) {
            bVar.p("Getting PIN metadata");
            gVar.a(cVar);
            LinkedHashMap v5 = H2.d.v(dVar.e(new Lo.a(-9, 0, -128, null)));
            byte[] bArr = (byte[]) v5.get(6);
            byte b10 = ((byte[]) v5.get(5))[0];
            byte b11 = bArr[0];
            return bArr[1];
        }
        try {
            dVar.e(new Lo.a(32, 0, -128, null));
            bVar.p("Using cached value, may be incorrect");
            return gVar.f17258c;
        } catch (ApduException e9) {
            int g10 = gVar.g(e9.f48013a);
            if (g10 < 0) {
                throw e9;
            }
            gVar.f17258c = g10;
            bVar.p("Using value from empty verify");
            return g10;
        }
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    public boolean verifyPin(@NonNull char[] cArr) {
        String p2 = a.p(new StringBuilder(), TAG, ":verifyPin");
        try {
            this.piv.s(cArr);
            return true;
        } catch (InvalidPinException unused) {
            Logger.info(p2, "Incorrect PIN entered.");
            return false;
        }
    }
}
