package org.mozilla.geckoview;

import android.app.PendingIntent;
import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.support.v4.media.RatingCompat$$ExternalSyntheticOutline0;
import android.util.Base64;
import android.util.Log;
import com.google.android.gms.common.Feature;
import com.google.android.gms.common.api.internal.RemoteCall;
import com.google.android.gms.common.api.internal.TaskApiCall;
import com.google.android.gms.common.internal.safeparcel.SafeParcelableSerializer;
import com.google.android.gms.fido.Fido;
import com.google.android.gms.fido.common.Transport;
import com.google.android.gms.fido.fido2.Fido2PrivilegedApiClient;
import com.google.android.gms.fido.fido2.api.common.Algorithm;
import com.google.android.gms.fido.fido2.api.common.AuthenticationExtensions;
import com.google.android.gms.fido.fido2.api.common.AuthenticatorAssertionResponse;
import com.google.android.gms.fido.fido2.api.common.AuthenticatorAttestationResponse;
import com.google.android.gms.fido.fido2.api.common.AuthenticatorErrorResponse;
import com.google.android.gms.fido.fido2.api.common.BrowserPublicKeyCredentialRequestOptions;
import com.google.android.gms.fido.fido2.api.common.EC2Algorithm;
import com.google.android.gms.fido.fido2.api.common.FidoAppIdExtension;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialDescriptor;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialRequestOptions;
import com.google.android.gms.fido.fido2.api.common.RSAAlgorithm;
import com.google.android.gms.fido.fido2.zzn;
import com.google.android.gms.fido.zza;
import com.google.android.gms.internal.fido.zzh;
import com.google.android.gms.internal.fido.zzl;
import com.google.android.gms.tasks.TaskCompletionSource;
import com.google.android.gms.tasks.TaskExecutors;
import com.google.android.gms.tasks.zzu;
import io.sentry.Hub$$ExternalSyntheticLambda0;
import io.sentry.Sentry$$ExternalSyntheticLambda3;
import io.sentry.SentryTracer$$ExternalSyntheticLambda1;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import java.util.concurrent.Executor;
import org.mozilla.gecko.GeckoAppShell;
import org.mozilla.gecko.annotation.WrapForJNI;
import org.mozilla.gecko.util.GeckoBundle;

/* loaded from: classes2.dex */
public class WebAuthnTokenManager {
    private static final byte AUTHENTICATOR_TRANSPORT_BLE = 4;
    private static final byte AUTHENTICATOR_TRANSPORT_NFC = 2;
    private static final byte AUTHENTICATOR_TRANSPORT_USB = 1;
    private static final String LOGTAG = "WebAuthnTokenManager";
    private static final Algorithm[] SUPPORTED_ALGORITHMS = {EC2Algorithm.ES256, EC2Algorithm.ES384, EC2Algorithm.ES512, EC2Algorithm.ED256, EC2Algorithm.ED512, RSAAlgorithm.PS256, RSAAlgorithm.PS384, RSAAlgorithm.PS512, RSAAlgorithm.RS256, RSAAlgorithm.RS384, RSAAlgorithm.RS512};

    /* loaded from: classes2.dex */
    public enum AttestationPreference {
        NONE,
        INDIRECT,
        DIRECT
    }

    /* loaded from: classes2.dex */
    public static class Exception extends RuntimeException {
        public Exception(String str) {
            super(str);
        }
    }

    @WrapForJNI
    /* loaded from: classes2.dex */
    public static class GetAssertionResponse {
        public final byte[] authData;
        public final byte[] clientDataJson;
        public final byte[] keyHandle;
        public final byte[] signature;
        public final byte[] userHandle;

        public GetAssertionResponse(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5) {
            this.clientDataJson = bArr;
            this.keyHandle = bArr2;
            this.authData = bArr3;
            this.signature = bArr4;
            this.userHandle = bArr5;
        }
    }

    @WrapForJNI
    /* loaded from: classes2.dex */
    public static class MakeCredentialResponse {
        public final byte[] attestationObject;
        public final byte[] clientDataJson;
        public final byte[] keyHandle;

        public MakeCredentialResponse(byte[] bArr, byte[] bArr2, byte[] bArr3) {
            this.clientDataJson = bArr;
            this.keyHandle = bArr2;
            this.attestationObject = bArr3;
        }
    }

    /* loaded from: classes2.dex */
    public static class WebAuthnPublicCredential {
        public final byte[] id;
        public final byte transports;

        public WebAuthnPublicCredential(byte[] bArr, byte b) {
            this.id = bArr;
            this.transports = b;
        }

        public static ArrayList<WebAuthnPublicCredential> CombineBuffers(Object[] objArr, ByteBuffer byteBuffer) {
            if (objArr.length != byteBuffer.remaining()) {
                throw new RuntimeException("Couldn't extract allowed list!");
            }
            ArrayList<WebAuthnPublicCredential> arrayList = new ArrayList<>();
            byte[] bArr = new byte[byteBuffer.remaining()];
            byteBuffer.get(bArr);
            for (int i = 0; i < objArr.length; i++) {
                ByteBuffer byteBuffer2 = (ByteBuffer) objArr[i];
                byte[] bArr2 = new byte[byteBuffer2.remaining()];
                byteBuffer2.get(bArr2);
                arrayList.add(new WebAuthnPublicCredential(bArr2, bArr[i]));
            }
            return arrayList;
        }
    }

    private static GeckoResult<GetAssertionResponse> getAssertion(byte[] bArr, WebAuthnPublicCredential[] webAuthnPublicCredentialArr, GeckoBundle geckoBundle, GeckoBundle geckoBundle2) {
        if (!geckoBundle.containsKey("isWebAuthn")) {
            return GeckoResult.fromException(new Exception("NOT_SUPPORTED_ERR"));
        }
        ArrayList arrayList = new ArrayList();
        for (WebAuthnPublicCredential webAuthnPublicCredential : webAuthnPublicCredentialArr) {
            arrayList.add(new PublicKeyCredentialDescriptor("public-key", webAuthnPublicCredential.id, getTransportsForByte(webAuthnPublicCredential.transports)));
        }
        AuthenticationExtensions authenticationExtensions = new AuthenticationExtensions(geckoBundle2.containsKey("fidoAppId") ? new FidoAppIdExtension(geckoBundle2.getString("fidoAppId", null)) : null, null, null);
        Objects.requireNonNull(bArr, "null reference");
        Double valueOf = Double.valueOf(geckoBundle.getLong("timeoutMS", 0L) / 1000.0d);
        String string = geckoBundle.getString("rpId", null);
        Objects.requireNonNull(string, "null reference");
        PublicKeyCredentialRequestOptions publicKeyCredentialRequestOptions = new PublicKeyCredentialRequestOptions(bArr, valueOf, string, arrayList, null, null, null, authenticationExtensions);
        Uri parse = Uri.parse(geckoBundle.getString("origin", null));
        BrowserPublicKeyCredentialRequestOptions.zzb(parse);
        BrowserPublicKeyCredentialRequestOptions browserPublicKeyCredentialRequestOptions = new BrowserPublicKeyCredentialRequestOptions(publicKeyCredentialRequestOptions, parse);
        Context applicationContext = GeckoAppShell.getApplicationContext();
        int i = Fido.$r8$clinit;
        Fido2PrivilegedApiClient fido2PrivilegedApiClient = new Fido2PrivilegedApiClient(applicationContext);
        TaskApiCall.Builder builder = TaskApiCall.builder();
        builder.zakm = new RemoteCall(fido2PrivilegedApiClient, browserPublicKeyCredentialRequestOptions) { // from class: com.google.android.gms.fido.fido2.zzk
            public final BrowserPublicKeyCredentialRequestOptions zzb;

            {
                this.zzb = browserPublicKeyCredentialRequestOptions;
            }

            @Override // com.google.android.gms.common.api.internal.RemoteCall
            public final void accept(Object obj, Object obj2) {
                BrowserPublicKeyCredentialRequestOptions browserPublicKeyCredentialRequestOptions2 = this.zzb;
                ((zzl) ((zzh) obj).getService()).zza(new zzp((TaskCompletionSource) obj2), browserPublicKeyCredentialRequestOptions2);
            }
        };
        Object doRead = fido2PrivilegedApiClient.doRead(builder.build());
        GeckoResult<GetAssertionResponse> geckoResult = new GeckoResult<>();
        GeckoSession$2$$ExternalSyntheticLambda0 geckoSession$2$$ExternalSyntheticLambda0 = new GeckoSession$2$$ExternalSyntheticLambda0(geckoResult);
        zzu zzuVar = (zzu) doRead;
        Objects.requireNonNull(zzuVar);
        zzuVar.addOnSuccessListener(TaskExecutors.MAIN_THREAD, geckoSession$2$$ExternalSyntheticLambda0);
        return geckoResult;
    }

    private static List<Transport> getTransportsForByte(byte b) {
        ArrayList arrayList = new ArrayList();
        if ((b & AUTHENTICATOR_TRANSPORT_USB) == 1) {
            arrayList.add(Transport.USB);
        }
        if ((b & AUTHENTICATOR_TRANSPORT_NFC) == 2) {
            arrayList.add(Transport.NFC);
        }
        if ((b & AUTHENTICATOR_TRANSPORT_BLE) == 4) {
            arrayList.add(Transport.BLUETOOTH_LOW_ENERGY);
        }
        return arrayList;
    }

    public static void lambda$getAssertion$4(GeckoResult geckoResult, Intent intent) {
        Exception parseErrorIntent = parseErrorIntent(intent);
        if (parseErrorIntent != null) {
            geckoResult.completeExceptionally(parseErrorIntent);
            return;
        }
        if (intent.hasExtra("FIDO2_RESPONSE_EXTRA")) {
            AuthenticatorAssertionResponse authenticatorAssertionResponse = (AuthenticatorAssertionResponse) SafeParcelableSerializer.deserializeFromBytes(intent.getByteArrayExtra("FIDO2_RESPONSE_EXTRA"), AuthenticatorAssertionResponse.CREATOR);
            Base64.encodeToString(authenticatorAssertionResponse.zza, 0);
            Base64.encodeToString(authenticatorAssertionResponse.zzb, 0);
            Base64.encodeToString(authenticatorAssertionResponse.zzc, 0);
            Base64.encodeToString(authenticatorAssertionResponse.zzd, 0);
            byte[] bArr = authenticatorAssertionResponse.zze;
            if (bArr == null) {
                bArr = new byte[0];
            }
            geckoResult.complete(new GetAssertionResponse(authenticatorAssertionResponse.zzb, authenticatorAssertionResponse.zza, authenticatorAssertionResponse.zzc, authenticatorAssertionResponse.zzd, bArr));
        }
    }

    public static /* synthetic */ void lambda$getAssertion$5(GeckoResult geckoResult, Throwable th) {
        Log.w(LOGTAG, "Failed to get FIDO intent", th);
        geckoResult.completeExceptionally(new Exception("UNKNOWN_ERR"));
    }

    public static /* synthetic */ void lambda$getAssertion$6(GeckoResult geckoResult, PendingIntent pendingIntent) {
        GeckoRuntime.getInstance().startActivityForResult(pendingIntent).accept(new Hub$$ExternalSyntheticLambda0(geckoResult), new Sentry$$ExternalSyntheticLambda3(geckoResult));
    }

    public static void lambda$makeCredential$0(GeckoResult geckoResult, Intent intent) {
        Exception parseErrorIntent = parseErrorIntent(intent);
        if (parseErrorIntent != null) {
            geckoResult.completeExceptionally(parseErrorIntent);
            return;
        }
        byte[] byteArrayExtra = intent.getByteArrayExtra("FIDO2_RESPONSE_EXTRA");
        if (byteArrayExtra != null) {
            AuthenticatorAttestationResponse authenticatorAttestationResponse = (AuthenticatorAttestationResponse) SafeParcelableSerializer.deserializeFromBytes(byteArrayExtra, AuthenticatorAttestationResponse.CREATOR);
            Base64.encodeToString(authenticatorAttestationResponse.zza, 0);
            Base64.encodeToString(authenticatorAttestationResponse.zzb, 0);
            Base64.encodeToString(authenticatorAttestationResponse.zzc, 0);
            geckoResult.complete(new MakeCredentialResponse(authenticatorAttestationResponse.zzb, authenticatorAttestationResponse.zza, authenticatorAttestationResponse.zzc));
        }
    }

    public static /* synthetic */ void lambda$makeCredential$1(GeckoResult geckoResult, Throwable th) {
        Log.w(LOGTAG, "Failed to launch activity: ", th);
        geckoResult.completeExceptionally(new Exception("ABORT_ERR"));
    }

    public static /* synthetic */ void lambda$makeCredential$2(GeckoResult geckoResult, PendingIntent pendingIntent) {
        GeckoRuntime.getInstance().startActivityForResult(pendingIntent).accept(new SentryTracer$$ExternalSyntheticLambda1(geckoResult), new GeckoSession$$ExternalSyntheticLambda3(geckoResult, 1));
    }

    public static /* synthetic */ void lambda$makeCredential$3(GeckoResult geckoResult, java.lang.Exception exc) {
        Log.w(LOGTAG, "Failed to get FIDO intent", exc);
        geckoResult.completeExceptionally(new Exception("ABORT_ERR"));
    }

    public static /* synthetic */ void lambda$webAuthnIsUserVerifyingPlatformAuthenticatorAvailable$7(GeckoResult geckoResult, Boolean bool) {
        geckoResult.complete(bool);
    }

    public static /* synthetic */ void lambda$webAuthnIsUserVerifyingPlatformAuthenticatorAvailable$8(GeckoResult geckoResult, java.lang.Exception exc) {
        Log.w(LOGTAG, "isUserVerifyingPlatformAuthenticatorAvailable is failed", exc);
        geckoResult.complete(Boolean.FALSE);
    }

    /* JADX WARN: Code restructure failed: missing block: B:36:0x0074, code lost:
    
        if (r10.equalsIgnoreCase("INDIRECT") != false) goto L50;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static org.mozilla.geckoview.GeckoResult<org.mozilla.geckoview.WebAuthnTokenManager.MakeCredentialResponse> makeCredential(org.mozilla.gecko.util.GeckoBundle r18, byte[] r19, byte[] r20, org.mozilla.geckoview.WebAuthnTokenManager.WebAuthnPublicCredential[] r21, org.mozilla.gecko.util.GeckoBundle r22, org.mozilla.gecko.util.GeckoBundle r23) {
        /*
            Method dump skipped, instructions count: 356
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.mozilla.geckoview.WebAuthnTokenManager.makeCredential(org.mozilla.gecko.util.GeckoBundle, byte[], byte[], org.mozilla.geckoview.WebAuthnTokenManager$WebAuthnPublicCredential[], org.mozilla.gecko.util.GeckoBundle, org.mozilla.gecko.util.GeckoBundle):org.mozilla.geckoview.GeckoResult");
    }

    private static Exception parseErrorIntent(Intent intent) {
        if (!intent.hasExtra("FIDO2_ERROR_EXTRA")) {
            return null;
        }
        AuthenticatorErrorResponse authenticatorErrorResponse = (AuthenticatorErrorResponse) SafeParcelableSerializer.deserializeFromBytes(intent.getByteArrayExtra("FIDO2_ERROR_EXTRA"), AuthenticatorErrorResponse.CREATOR);
        StringBuilder m = RatingCompat$$ExternalSyntheticOutline0.m("errorCode.name: ");
        m.append(authenticatorErrorResponse.zza);
        Log.e(LOGTAG, m.toString());
        Log.e(LOGTAG, "errorMessage: " + authenticatorErrorResponse.zzb);
        return new Exception(authenticatorErrorResponse.zza.name());
    }

    @WrapForJNI
    private static GeckoResult<GetAssertionResponse> webAuthnGetAssertion(ByteBuffer byteBuffer, Object[] objArr, ByteBuffer byteBuffer2, GeckoBundle geckoBundle, GeckoBundle geckoBundle2) {
        byte[] bArr = new byte[byteBuffer.remaining()];
        try {
            byteBuffer.get(bArr);
            try {
                return getAssertion(bArr, (WebAuthnPublicCredential[]) WebAuthnPublicCredential.CombineBuffers(objArr, byteBuffer2).toArray(new WebAuthnPublicCredential[0]), geckoBundle, geckoBundle2);
            } catch (java.lang.Exception e) {
                Log.w(LOGTAG, "Couldn't get assertion", e);
                return GeckoResult.fromException(new Exception("UNKNOWN_ERR"));
            }
        } catch (RuntimeException e2) {
            Log.w(LOGTAG, "Couldn't extract nio byte arrays!", e2);
            return GeckoResult.fromException(new Exception("UNKNOWN_ERR"));
        }
    }

    @WrapForJNI
    private static GeckoResult<Boolean> webAuthnIsUserVerifyingPlatformAuthenticatorAvailable() {
        Context applicationContext = GeckoAppShell.getApplicationContext();
        int i = Fido.$r8$clinit;
        Fido2PrivilegedApiClient fido2PrivilegedApiClient = new Fido2PrivilegedApiClient(applicationContext);
        TaskApiCall.Builder builder = TaskApiCall.builder();
        builder.zakm = new zzn(fido2PrivilegedApiClient);
        builder.zake = new Feature[]{zza.zza};
        Object doRead = fido2PrivilegedApiClient.doRead(builder.build());
        GeckoResult<Boolean> geckoResult = new GeckoResult<>();
        GeckoRuntime$$ExternalSyntheticLambda5 geckoRuntime$$ExternalSyntheticLambda5 = new GeckoRuntime$$ExternalSyntheticLambda5(geckoResult, 1);
        zzu zzuVar = (zzu) doRead;
        Objects.requireNonNull(zzuVar);
        Executor executor = TaskExecutors.MAIN_THREAD;
        zzuVar.addOnSuccessListener(executor, geckoRuntime$$ExternalSyntheticLambda5);
        zzuVar.addOnFailureListener(executor, new GeckoRuntime$$ExternalSyntheticLambda4(geckoResult, 1));
        return geckoResult;
    }

    @WrapForJNI
    private static GeckoResult<MakeCredentialResponse> webAuthnMakeCredential(GeckoBundle geckoBundle, ByteBuffer byteBuffer, ByteBuffer byteBuffer2, Object[] objArr, ByteBuffer byteBuffer3, GeckoBundle geckoBundle2, GeckoBundle geckoBundle3) {
        byte[] bArr = new byte[byteBuffer2.remaining()];
        byte[] bArr2 = new byte[byteBuffer.remaining()];
        try {
            byteBuffer2.get(bArr);
            byteBuffer.get(bArr2);
            try {
                return makeCredential(geckoBundle, bArr2, bArr, (WebAuthnPublicCredential[]) WebAuthnPublicCredential.CombineBuffers(objArr, byteBuffer3).toArray(new WebAuthnPublicCredential[0]), geckoBundle2, geckoBundle3);
            } catch (Exception e) {
                Log.w(LOGTAG, "Couldn't make credential", e);
                return GeckoResult.fromException(new Exception("UNKNOWN_ERR"));
            }
        } catch (RuntimeException e2) {
            Log.w(LOGTAG, "Couldn't extract nio byte arrays!", e2);
            return GeckoResult.fromException(new Exception("UNKNOWN_ERR"));
        }
    }
}
