package com.noknok.android.fido.asm.implementation.authenticatorcore;

import android.content.Context;
import android.util.Base64;
import com.noknok.android.fido.asm.implementation.asmcore.ASMDatabase;
import com.noknok.android.fido.asm.implementation.asmcore.e;
import com.noknok.android.fido.asm.implementation.authenticatorcore.a;
import com.noknok.android.fido.asm.sdk.api.AuthenticateIn;
import com.noknok.android.fido.asm.sdk.api.AuthenticateOut;
import com.noknok.android.fido.asm.sdk.api.DeregisterIn;
import com.noknok.android.fido.asm.sdk.api.RegisterIn;
import com.noknok.android.fido.asm.sdk.api.RegisterOut;
import com.noknok.android.fido.asm.sdk.authenticatorcore.IAKDigestMethod;
import com.noknok.android.fido.asm.sdk.authenticatorcore.b;
import com.noknok.android.fido.asm.sdk.exception.ASMError$a;
import com.noknok.android.fido.asm.sdk.exception.ASMException;
import com.noknok.android.utils.ByteUtil;
import com.noknok.android.utils.Logger;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Random;

/* loaded from: classes.dex */
public abstract class b implements com.noknok.android.fido.asm.sdk.authenticatorcore.b {
    private static final String TAG = "b";
    protected ASMDatabase Y;
    protected a Z;
    protected byte[] ac;
    protected byte[] ad;
    protected byte[] ae;
    protected byte[] af;
    protected b.C0001b ah;
    protected IAKDigestMethod ai;
    protected Context mContext;
    protected e aa = null;
    protected a.c ab = new a.c();
    protected List<String> ag = new ArrayList();

    public b() throws ASMException {
        k();
    }

    private b.a a(String str, String str2) {
        b.a aVar = new b.a();
        int i = 0;
        try {
            if (!this.ab.O.isRoamingAuthenticator) {
                ArrayList arrayList = new ArrayList();
                arrayList.add(str2);
                List<ASMDatabase.RegistrationRecord> registrations = this.Y.getRegistrations(str, arrayList, false);
                String encodeToString = Base64.encodeToString(this.ac, 11);
                Iterator<ASMDatabase.RegistrationRecord> it = registrations.iterator();
                while (it.hasNext()) {
                    if (encodeToString.equals(it.next().callerID)) {
                        this.Y.deleteRegistration(str, str2);
                    }
                }
            }
            a.C0000a c0000a = new a.C0000a();
            if (this.ab.P.V) {
                c0000a.y = str.getBytes();
            }
            c0000a.F = Base64.decode(str2, 11);
            c0000a.C = a(str, this.ac, this.ae, this.ad);
            c0000a.x = (byte) this.ab.O.authenticatorIndex;
            c0000a.w = (short) 13316;
            this.Z.a(c0000a);
            if (this.Y.getNumberOfRegistrations() == 0) {
                this.Y.storeKeyValue("NNL_AK_CONFIG", "");
            }
        } catch (ASMException e) {
            i = 1;
            Logger.e(TAG, e);
        }
        aVar.statusCode = i;
        return aVar;
    }

    private byte[] a(String str, byte[] bArr, byte[] bArr2, byte[] bArr3) throws ASMException {
        if (str != null) {
            try {
                this.ai.update(str.getBytes());
            } catch (Exception unused) {
                throw new ASMException(null, "cannot get access key: no such algorithm");
            }
        }
        if (bArr2 != null) {
            this.ai.update(bArr2);
        }
        if (bArr3 != null) {
            this.ai.update(bArr3);
        }
        if (bArr != null) {
            this.ai.update(bArr);
        }
        return this.ai.digest();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String c(byte[] bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 2);
        for (byte b : bArr) {
            sb.append("0123456789ABCDEF".charAt((b & 240) >> 4));
            sb.append("0123456789ABCDEF".charAt(b & 15));
        }
        return sb.toString();
    }

    private void l() {
    }

    private void m() throws ASMException {
        String value = this.Y.getValue("ASMToken");
        if (value != null) {
            this.ae = Base64.decode(value, 11);
            return;
        }
        this.ae = new byte[32];
        new Random().nextBytes(this.ae);
        this.Y.storeKeyValue("ASMToken", Base64.encodeToString(this.ae, 11));
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r14v1 */
    /* JADX WARN: Type inference failed for: r14v2, types: [int] */
    /* JADX WARN: Type inference failed for: r14v3 */
    @Override // com.noknok.android.fido.asm.sdk.authenticatorcore.b
    public b.a a(AuthenticateIn authenticateIn, String str) throws ASMException {
        String str2;
        ?? r14;
        byte[] bArr;
        int i;
        b.c a;
        b.C0001b c0001b;
        byte[] bArr2;
        boolean z;
        b.C0001b c0001b2;
        byte[] bArr3;
        byte[] bArr4;
        a.b bVar;
        b.d dVar;
        String str3 = TAG;
        Logger.startTimer(str3, "authenticate");
        b.a aVar = new b.a();
        a.C0000a c0000a = new a.C0000a();
        String str4 = authenticateIn.appID;
        int i2 = 1;
        if (str4 == null || str4.equals("") || (str2 = authenticateIn.finalChallenge) == null || str2.equals("")) {
            Logger.e(str3, "Invalid AuthenticateIn.");
            Logger.endTimer(str3, "authenticate");
            aVar.statusCode = 1;
            return aVar;
        }
        List<String> list = authenticateIn.keyIDs;
        if (!((list == null || list.size() == 0) ? false : true) && this.ab.O.isSecondFactorOnly) {
            Logger.e(str3, "keyIDList not provided for 2nd factor authenticator");
            aVar.statusCode = 2;
            Logger.endTimer(str3, "authenticate");
            return aVar;
        }
        try {
        } catch (ASMException e) {
            char c = e.error().equals(ASMError$a.CANCELED) ? (char) 3 : (char) 1;
            Logger.e(TAG, e);
            r14 = c;
        }
        if (!r()) {
            Logger.e(str3, "user is not enrolled");
            aVar.statusCode = 2;
            Logger.endTimer(str3, "authenticate");
            return aVar;
        }
        byte[] f = this.Z.f(authenticateIn.finalChallenge);
        List<AuthenticateIn.Transaction> list2 = authenticateIn.transaction;
        List<ASMDatabase.RegistrationRecord> list3 = null;
        if (list2 == null || list2.size() == 0 || authenticateIn.transaction.get(0).content == null || authenticateIn.transaction.get(0).content.equals("")) {
            bArr = f;
            i = 3;
            a = a(null, null, null, bArr, false, str);
            c0001b = null;
            bArr2 = null;
        } else {
            bArr = f;
            i = 3;
            a = a(authenticateIn.transaction.get(0).contentType, authenticateIn.transaction.get(0).content, authenticateIn.appID, f, false, str);
            if (a.statusCode == 3) {
                Logger.e(str3, "Transaction cancelled by user");
                aVar.statusCode = 3;
                Logger.endTimer(str3, "authenticate");
                return aVar;
            }
            c0001b = this.ah;
            if (!authenticateIn.transaction.get(0).contentType.equals("text/plain")) {
                Logger.e(str3, "Don't support Transaction content type");
                aVar.statusCode = 1;
                Logger.endTimer(str3, "authenticate");
                return aVar;
            }
            bArr2 = Base64.decode(authenticateIn.transaction.get(0).content.getBytes(), 11);
            if (bArr2.length == 0) {
                Logger.e(str3, "Nothing to display");
                aVar.statusCode = 1;
                Logger.endTimer(str3, "authenticate");
                return aVar;
            }
            if (bArr2.length > 200) {
                Logger.e(str3, "Too large to display");
                aVar.statusCode = 1;
                Logger.endTimer(str3, "authenticate");
                return aVar;
            }
            c0000a.A = bArr2;
            c0000a.E = c0001b.ay;
        }
        if (a.statusCode != 0) {
            Logger.e(str3, "user not verified");
            aVar.statusCode = 2;
            Logger.endTimer(str3, "authenticate");
            return aVar;
        }
        q();
        c0000a.w = (short) 13315;
        if (this.ab.P.V) {
            c0000a.y = authenticateIn.appID.getBytes();
        }
        c0000a.C = a(authenticateIn.appID, this.ac, this.ae, this.ad);
        c0000a.D = a.D;
        c0000a.H = this.af;
        c0000a.x = (byte) this.ab.O.authenticatorIndex;
        byte[] bArr5 = bArr;
        c0000a.z = bArr5;
        c0000a.G = new ArrayList();
        if (this.ab.O.isRoamingAuthenticator) {
            Iterator<String> it = authenticateIn.keyIDs.iterator();
            while (it.hasNext()) {
                c0000a.G.add(it.next().getBytes());
            }
        } else {
            list3 = this.Y.getRegistrations(authenticateIn.appID, authenticateIn.keyIDs, true);
            if (list3.size() == 0) {
                Logger.e(str3, "No registration found.");
                aVar.statusCode = 2;
                Logger.endTimer(str3, "authenticate");
                return aVar;
            }
            Iterator<ASMDatabase.RegistrationRecord> it2 = list3.iterator();
            while (it2.hasNext()) {
                c0000a.G.add(Base64.decode(it2.next().keyHandle, 11));
            }
        }
        a.b a2 = this.Z.a(c0000a);
        d(a2.L);
        if (a2.statusCode != 0) {
            String str5 = TAG;
            Logger.e(str5, "AK failed to sign");
            aVar.statusCode = a2.statusCode;
            Logger.endTimer(str5, "authenticate");
            return aVar;
        }
        String str6 = TAG;
        Logger.d(str6, "Check if assertion is null.");
        if (a2.assertion == null) {
            Logger.d(str6, "ASSERTION IS NULL");
            if (a2.N.size() == 0) {
                Logger.e(str6, "no keyhandle returned");
                aVar.statusCode = 2;
                Logger.endTimer(str6, "authenticate");
                return aVar;
            }
            if (this.ab.O.isSecondFactorOnly) {
                Logger.e(str6, "no assertion is returned for this second factor authenticator");
                aVar.statusCode = 2;
                Logger.endTimer(str6, "authenticate");
                return aVar;
            }
            HashMap hashMap = new HashMap();
            if (this.ab.O.isRoamingAuthenticator) {
                Logger.d(str6, "Get Username to display for Roaming authenticator.");
                for (b.d dVar2 : a2.N) {
                    hashMap.put(dVar2.username, dVar2);
                }
            } else {
                Logger.d(str6, "Get Username to display for bound authenticator.");
                for (b.d dVar3 : a2.N) {
                    Logger.d(TAG, "Username: " + dVar3.username);
                    Iterator<ASMDatabase.RegistrationRecord> it3 = list3.iterator();
                    while (true) {
                        if (it3.hasNext()) {
                            ASMDatabase.RegistrationRecord next = it3.next();
                            b.c cVar = a;
                            if (next.keyHandle.equals(dVar3.keyHandle)) {
                                b.d dVar4 = (b.d) hashMap.get(dVar3.username);
                                if (dVar4 != null) {
                                    c0001b2 = c0001b;
                                    bArr3 = bArr2;
                                    bArr4 = bArr5;
                                    bVar = a2;
                                    if (next.timeStamp > dVar4.timeStamp) {
                                    }
                                    bArr2 = bArr3;
                                    a = cVar;
                                    c0001b = c0001b2;
                                    a2 = bVar;
                                    bArr5 = bArr4;
                                } else {
                                    c0001b2 = c0001b;
                                    bArr3 = bArr2;
                                    bArr4 = bArr5;
                                    bVar = a2;
                                }
                                dVar3.timeStamp = next.timeStamp;
                                hashMap.put(dVar3.username, dVar3);
                                bArr2 = bArr3;
                                a = cVar;
                                c0001b = c0001b2;
                                a2 = bVar;
                                bArr5 = bArr4;
                            } else {
                                a = cVar;
                            }
                        }
                    }
                    i2 = 1;
                    i = 3;
                }
            }
            if (hashMap.size() > i2) {
                String str7 = TAG;
                Logger.d(str7, "nameToDisplay1.size() > 1");
                dVar = a(new ArrayList(hashMap.values()));
                if (dVar == null) {
                    Logger.e(str7, "user canceled username selection");
                    aVar.statusCode = i;
                    Logger.endTimer(str7, "authenticate");
                    return aVar;
                }
            } else {
                dVar = (b.d) hashMap.get(a2.N.get(0).username);
            }
            q();
            a.C0000a c0000a2 = new a.C0000a();
            c0000a2.G = new ArrayList();
            c0000a2.w = (short) 13315;
            if (this.ab.P.V) {
                c0000a2.y = authenticateIn.appID.getBytes();
            }
            c0000a2.C = a(authenticateIn.appID, this.ac, this.ae, this.ad);
            c0000a2.z = bArr5;
            c0000a2.A = bArr2;
            c0000a2.D = a.D;
            if (c0001b != null) {
                c0000a2.E = c0001b.ay;
            }
            c0000a2.H = this.af;
            c0000a2.x = (byte) this.ab.O.authenticatorIndex;
            c0000a2.G.add(Base64.decode(dVar.keyHandle, 11));
            a2 = this.Z.a(c0000a2);
            d(a2.L);
            if (a2.statusCode != 0) {
                String str8 = TAG;
                Logger.e(str8, "AK failed to sign");
                aVar.statusCode = a2.statusCode;
                Logger.endTimer(str8, "authenticate");
                return aVar;
            }
            z = false;
        } else {
            z = false;
        }
        b(z);
        AuthenticateOut authenticateOut = new AuthenticateOut();
        authenticateOut.assertion = a2.assertion;
        authenticateOut.assertionScheme = this.ab.O.assertionScheme;
        aVar.data = authenticateOut;
        r14 = z;
        aVar.statusCode = r14;
        Logger.endTimer(TAG, "authenticate");
        return aVar;
    }

    @Override // com.noknok.android.fido.asm.sdk.authenticatorcore.b
    public b.a a(DeregisterIn deregisterIn) throws ASMException {
        String str;
        String str2 = TAG;
        Logger.startTimer(str2, "deregister");
        b.a aVar = new b.a();
        String str3 = deregisterIn.appID;
        if (str3 == null || str3.equals("") || (str = deregisterIn.keyID) == null || str.equals("")) {
            Logger.e(str2, "Invalid DeregisterIn.");
            this.Y.eraseDB();
        } else {
            aVar = a(deregisterIn.appID, deregisterIn.keyID);
        }
        Logger.endTimer(str2, "deregister");
        return aVar;
    }

    @Override // com.noknok.android.fido.asm.sdk.authenticatorcore.b
    public b.a a(RegisterIn registerIn, String str) throws ASMException {
        String str2;
        String str3;
        int i;
        byte[] f;
        b.c a;
        String str4 = TAG;
        Logger.startTimer(str4, "register");
        b.a aVar = new b.a();
        RegisterOut registerOut = new RegisterOut();
        String str5 = registerIn.appID;
        if (str5 == null || str5.equals("") || (str2 = registerIn.username) == null || str2.equals("") || (str3 = registerIn.finalChallenge) == null || str3.equals("")) {
            Logger.e(str4, "Invalid RegisterIn.");
            Logger.endTimer(str4, "register");
            aVar.statusCode = 1;
            return aVar;
        }
        try {
            f = this.Z.f(registerIn.finalChallenge);
            a = a(null, null, null, f, true, str);
            Logger.e(str4, "userVerifyResponse back");
        } catch (ASMException e) {
            int i2 = e.error().equals(ASMError$a.CANCELED) ? 3 : 1;
            Logger.e(TAG, e);
            i = i2;
        }
        if (a.statusCode != 0) {
            Logger.e(str4, "failed to enroll user");
            aVar.statusCode = 2;
            Logger.endTimer(str4, "register");
            return aVar;
        }
        q();
        a.C0000a c0000a = new a.C0000a();
        a.c cVar = this.ab;
        c0000a.x = (byte) cVar.O.authenticatorIndex;
        if (cVar.P.V) {
            c0000a.y = registerIn.appID.getBytes();
        }
        c0000a.z = f;
        c0000a.B = registerIn.username.getBytes();
        c0000a.attestationType = registerIn.attestationType;
        c0000a.C = a(registerIn.appID, this.ac, this.ae, this.ad);
        c0000a.D = a.D;
        c0000a.H = this.af;
        c0000a.w = (short) 13314;
        a.b a2 = this.Z.a(c0000a);
        byte[] bArr = a2.L;
        c0000a.H = bArr;
        d(bArr);
        if (a2.statusCode != 0) {
            Logger.e(str4, "AK failed to register");
            aVar.statusCode = a2.statusCode;
            Logger.endTimer(str4, "register");
            return aVar;
        }
        b(true);
        a2.M.userIdentify = ByteUtil.sha256Encrypt(registerIn.username.getBytes());
        a2.M.callerID = Base64.encodeToString(this.ac, 11);
        ASMDatabase.RegistrationRecord registrationRecord = a2.M;
        String str6 = registerIn.appID;
        registrationRecord.appID = str6;
        registrationRecord.appID = str6;
        registrationRecord.timeStamp = System.currentTimeMillis();
        String str7 = a.userID;
        if (str7 != null && !str7.equals("")) {
            Logger.d(str4, "UserID is not null");
            Logger.e(str4 + "_ISVALID", "register base64(userID):" + a.userID);
            try {
                a2.M.userID = a.userID;
            } catch (IllegalArgumentException e2) {
                String str8 = TAG;
                Logger.e(str8, "UserID not valid base64 encoding", e2);
                Logger.endTimer(str8, "register");
                throw new ASMException(ASMError$a.INVALID_MESSAGE);
            }
        }
        if (!this.ab.O.isRoamingAuthenticator) {
            this.Y.addRegistrationRecord(a2.M);
        }
        registerOut.assertion = a2.assertion;
        registerOut.assertionScheme = this.ab.O.assertionScheme;
        aVar.data = registerOut;
        i = 0;
        aVar.statusCode = i;
        Logger.endTimer(TAG, "register");
        return aVar;
    }

    public void a(byte[] bArr, String str, Context context) throws ASMException {
        Logger.i(TAG, "initialize( aFilePath = " + str + " )");
        e eVar = new e(str, context);
        this.aa = eVar;
        ASMDatabase aSMDatabase = new ASMDatabase(str, eVar, context);
        this.Y = aSMDatabase;
        aSMDatabase.load();
        this.ac = bArr;
        this.mContext = context;
        l();
        m();
        q();
    }

    public abstract void b(boolean z);

    protected void d(byte[] bArr) throws ASMException {
        if (bArr != null) {
            this.Y.storeKeyValue("NNL_AK_CONFIG", Base64.encodeToString(bArr, 11));
        }
    }

    protected void k() {
        this.ag.add("com.noknok.android.uaf.ak.aktee.AuthenticatorKernelTEE");
        this.ag.add("com.noknok.android.uaf.ak.akse.AuthenticatorKernelSE");
        this.ag.add("com.noknok.android.uaf.ak.akwb.AuthenticatorKernelWB");
        this.ag.add("com.noknok.android.uaf.ak.akjava.AuthenticatorKernelJava");
    }

    @Override // com.noknok.android.fido.asm.sdk.authenticatorcore.b
    public long n() {
        return this.ab.O.authenticatorIndex;
    }

    @Override // com.noknok.android.fido.asm.sdk.authenticatorcore.b
    public b.a p() throws ASMException {
        b.a aVar = new b.a();
        aVar.data = this.Y.getAppRegistrations(Base64.encodeToString(this.ac, 11));
        aVar.statusCode = 0;
        return aVar;
    }

    protected void q() throws ASMException {
        String value = this.Y.getValue("NNL_AK_CONFIG");
        if (value != null) {
            this.af = Base64.decode(value, 11);
        } else {
            this.af = new byte[0];
        }
    }
}
