package com.fido.uaf.ver0100.engine;

import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.fido.android.framework.tm.Logger;
import com.fido.android.utils.Charsets;
import com.fido.uaf.ver0100.message.AuthenticationRequest;
import com.fido.uaf.ver0100.message.DeregistrationRequest;
import com.fido.uaf.ver0100.message.RegistrationRequest;
import com.fido.uaf.ver0100.message.UafMessage;
import com.fido.uaf.ver0100.types.DeregisterAuthenticator;
import com.fido.uaf.ver0100.types.Extension;
import com.fido.uaf.ver0100.types.MatchCriteria;
import com.fido.uaf.ver0100.types.OperationHeader;
import com.fido.uaf.ver0100.types.Transaction;
import com.fido.uaf.ver0100.types.UafError;
import com.fido.uaf.ver0100.types.UafException;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.JsonParseException;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Pattern;

/* loaded from: classes.dex */
public class UafEngine {
    private static final String TAG = "UafEngine";
    Gson gson = RestrictGson.getGson();

    /* renamed from: com.fido.uaf.ver0100.engine.UafEngine$1, reason: invalid class name */
    /* loaded from: classes.dex */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$fido$uaf$ver0100$types$OperationHeader$OperationType = new int[OperationHeader.OperationType.values().length];

        static {
            try {
                $SwitchMap$com$fido$uaf$ver0100$types$OperationHeader$OperationType[OperationHeader.OperationType.Reg.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$fido$uaf$ver0100$types$OperationHeader$OperationType[OperationHeader.OperationType.Auth.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$com$fido$uaf$ver0100$types$OperationHeader$OperationType[OperationHeader.OperationType.Dereg.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    private boolean isAAIDValid(String str) {
        return Pattern.matches("^[0-9A-Fa-f]{4}#[0-9A-Fa-f]{4}$", str);
    }

    private UafError.Error isAuthenticationRequestValid(AuthenticationRequest authenticationRequest) {
        int i;
        if (authenticationRequest == null || authenticationRequest.challenge == null || "".equals(authenticationRequest.challenge) || authenticationRequest.policy == null || authenticationRequest.policy.accepted == null || authenticationRequest.policy.accepted.isEmpty() || !isServerChallegeValid(authenticationRequest.challenge)) {
            return UafError.Error.PROTOCOL_ERROR;
        }
        for (int i2 = 0; i2 < authenticationRequest.policy.accepted.size(); i2++) {
            List<MatchCriteria> list = authenticationRequest.policy.accepted.get(i2);
            for (int i3 = 0; i3 < list.size(); i3++) {
                if (isMatchCriteriaValid(list.get(i3)) != UafError.Error.NO_ERROR) {
                    return UafError.Error.PROTOCOL_ERROR;
                }
            }
        }
        for (int i4 = 0; i4 < authenticationRequest.policy.disallowed.size(); i4++) {
            if (isMatchCriteriaValid(authenticationRequest.policy.disallowed.get(i4)) != UafError.Error.NO_ERROR) {
                return UafError.Error.PROTOCOL_ERROR;
            }
        }
        if (authenticationRequest.transaction != null) {
            for (0; i < authenticationRequest.transaction.size(); i + 1) {
                Transaction transaction = authenticationRequest.transaction.get(i);
                if (TextUtils.isEmpty(transaction.contentType)) {
                    return UafError.Error.PROTOCOL_ERROR;
                }
                i = (!"text/plain".equals(transaction.contentType) || (!TextUtils.isEmpty(transaction.content) && isValidBase64(transaction.content, 0, 200))) ? i + 1 : 0;
                return UafError.Error.PROTOCOL_ERROR;
            }
        }
        return UafError.Error.NO_ERROR;
    }

    private UafError.Error isDeregistrationRequestValid(DeregistrationRequest deregistrationRequest) {
        if (deregistrationRequest == null) {
            return UafError.Error.PROTOCOL_ERROR;
        }
        if (deregistrationRequest.authenticators == null || deregistrationRequest.authenticators.size() == 0) {
            Logger.e(TAG, "No authenticators list provided");
            return UafError.Error.PROTOCOL_ERROR;
        }
        for (DeregisterAuthenticator deregisterAuthenticator : deregistrationRequest.authenticators) {
            if (deregisterAuthenticator.aaid == null || deregisterAuthenticator.keyID == null) {
                Logger.e(TAG, "Either AAID or KeyID is null");
                return UafError.Error.PROTOCOL_ERROR;
            }
            if (deregisterAuthenticator.aaid.isEmpty()) {
                if (deregisterAuthenticator.keyID.isEmpty()) {
                    return UafError.Error.NO_ERROR;
                }
                Logger.e(TAG, "AAID is empty but KeyID is not");
                return UafError.Error.PROTOCOL_ERROR;
            }
            if (deregisterAuthenticator.aaid.length() != 9 || !isAAIDValid(deregisterAuthenticator.aaid)) {
                Logger.e(TAG, "AAID format is invalid");
                return UafError.Error.PROTOCOL_ERROR;
            }
            if (!TextUtils.isEmpty(deregisterAuthenticator.keyID) && !isValidBase64(deregisterAuthenticator.keyID, 32, 2048)) {
                Logger.e(TAG, "KeyID format is invalid");
                return UafError.Error.PROTOCOL_ERROR;
            }
        }
        return UafError.Error.NO_ERROR;
    }

    private UafError.Error isMatchCriteriaValid(MatchCriteria matchCriteria) {
        if (matchCriteria != null) {
            List<String> list = matchCriteria.aaid;
            List<String> list2 = matchCriteria.vendorID;
            List<String> list3 = matchCriteria.keyIDs;
            long j = matchCriteria.userVerification;
            short s = matchCriteria.keyProtection;
            short s2 = matchCriteria.matcherProtection;
            short s3 = matchCriteria.tcDisplay;
            List<Short> list4 = matchCriteria.authenticationAlgorithms;
            List<String> list5 = matchCriteria.assertionSchemes;
            List<Short> list6 = matchCriteria.attestationTypes;
            List<Extension> list7 = matchCriteria.exts;
            if (list != null) {
                if (list2 != null || j > 0 || s > 0 || s2 > 0 || s3 > 0 || list4 != null || list5 != null || list6 != null) {
                    return UafError.Error.PROTOCOL_ERROR;
                }
            } else if (list4 == null || list4.isEmpty() || list5 == null || list5.isEmpty()) {
                return UafError.Error.PROTOCOL_ERROR;
            }
            if (list3 != null) {
                for (int i = 0; i < list3.size(); i++) {
                    if (!isValidBase64(list3.get(i), 32, 2048)) {
                        Logger.e(TAG, "KeyID format is invalid");
                        return UafError.Error.PROTOCOL_ERROR;
                    }
                }
            }
            if (list7 != null) {
                for (int i2 = 0; i2 < list7.size(); i2++) {
                    Extension extension = list7.get(i2);
                    if (extension.fail_if_unknown != null && !extension.fail_if_unknown.booleanValue() && extension.id != null) {
                        if (extension.id.length() <= 0 || extension.id.length() > 32) {
                            return UafError.Error.PROTOCOL_ERROR;
                        }
                        if (extension.data == null) {
                            return UafError.Error.PROTOCOL_ERROR;
                        }
                    }
                    return UafError.Error.PROTOCOL_ERROR;
                }
            }
        }
        return UafError.Error.NO_ERROR;
    }

    private UafError.Error isRegRequestValid(RegistrationRequest registrationRequest, String str) {
        if (registrationRequest == null) {
            return UafError.Error.PROTOCOL_ERROR;
        }
        if (registrationRequest.challenge == null || "".equals(registrationRequest.challenge)) {
            return UafError.Error.PROTOCOL_ERROR;
        }
        if (registrationRequest.username == null || "".equals(registrationRequest.username) || registrationRequest.username.length() > 128) {
            return UafError.Error.PROTOCOL_ERROR;
        }
        if (Pattern.matches("^.*\"username\":\\s*[0-9]+.*$", str)) {
            return UafError.Error.PROTOCOL_ERROR;
        }
        if (registrationRequest.policy == null || registrationRequest.policy.accepted == null || registrationRequest.policy.accepted.isEmpty()) {
            return UafError.Error.PROTOCOL_ERROR;
        }
        for (int i = 0; i < registrationRequest.policy.accepted.size(); i++) {
            List<MatchCriteria> list = registrationRequest.policy.accepted.get(i);
            for (int i2 = 0; i2 < list.size(); i2++) {
                if (isMatchCriteriaValid(list.get(i2)) != UafError.Error.NO_ERROR) {
                    return UafError.Error.PROTOCOL_ERROR;
                }
            }
        }
        for (int i3 = 0; i3 < registrationRequest.policy.disallowed.size(); i3++) {
            if (isMatchCriteriaValid(registrationRequest.policy.disallowed.get(i3)) != UafError.Error.NO_ERROR) {
                return UafError.Error.PROTOCOL_ERROR;
            }
        }
        return !isServerChallegeValid(registrationRequest.challenge) ? UafError.Error.PROTOCOL_ERROR : UafError.Error.NO_ERROR;
    }

    private boolean isServerChallegeValid(String str) {
        if (str == null || str.equals("")) {
            Logger.e(TAG, "Server Challenge is missing.");
            return false;
        }
        if (isValidBase64(str, 8, 64)) {
            return true;
        }
        Logger.e(TAG, "Server Challenge format is incorrect.");
        return false;
    }

    private UafError.Error isUafMessageValid(UafMessage uafMessage) {
        if (uafMessage.header == null) {
            Logger.e(TAG, "header is null");
            return UafError.Error.PROTOCOL_ERROR;
        }
        if (uafMessage.header.op == null) {
            Logger.e(TAG, "op is null");
            return UafError.Error.PROTOCOL_ERROR;
        }
        if (uafMessage.header.upv == null) {
            Logger.e(TAG, "upv is null");
            return UafError.Error.PROTOCOL_ERROR;
        }
        if (uafMessage.header.upv.major == null) {
            Logger.e(TAG, "major is null");
            return UafError.Error.PROTOCOL_ERROR;
        }
        if (uafMessage.header.upv.minor == null) {
            Logger.e(TAG, "minor is null");
            return UafError.Error.PROTOCOL_ERROR;
        }
        if (uafMessage.header.appID != null && uafMessage.header.appID.length() > 512) {
            Logger.e(TAG, "appID larger than 512");
            return UafError.Error.PROTOCOL_ERROR;
        }
        if (uafMessage.header.serverData != null && (uafMessage.header.serverData.length() <= 0 || uafMessage.header.serverData.length() > 1536)) {
            Logger.e(TAG, "serverData larger than 1536");
            return UafError.Error.PROTOCOL_ERROR;
        }
        if (uafMessage.header.exts != null) {
            Logger.d(TAG, "exts != null");
            for (Extension extension : uafMessage.header.exts) {
                if (extension.fail_if_unknown == null) {
                    Logger.d(TAG, "fail_if_unknown is null");
                    return UafError.Error.PROTOCOL_ERROR;
                }
                if (extension.fail_if_unknown.booleanValue()) {
                    Logger.d(TAG, "fail_if_unknown true null");
                    return UafError.Error.UNKNOWN;
                }
                if (TextUtils.isEmpty(extension.id) || extension.id.length() > 32) {
                    Logger.d(TAG, "id large than 32 or empty");
                    return UafError.Error.PROTOCOL_ERROR;
                }
                if (extension.data == null) {
                    Logger.d(TAG, "data is empty");
                    return UafError.Error.PROTOCOL_ERROR;
                }
            }
        }
        return UafError.Error.NO_ERROR;
    }

    private boolean isValidBase64(String str, int i, int i2) {
        for (char c : str.toCharArray()) {
            if (!Character.isLetterOrDigit(c) && c != '-' && c != '_') {
                Logger.e(TAG, "Base64 data is not URL_SAFE encoded");
                return false;
            }
        }
        if (str.endsWith("=")) {
            Logger.e(TAG, "Base64 data is padded");
            return false;
        }
        try {
            byte[] decode = Base64.decode(str.getBytes(Charsets.utf8Charset), 8);
            if (decode.length >= i && decode.length <= i2) {
                return true;
            }
            Logger.e(TAG, "The data length is not in the range [" + i + "..." + i2 + "].");
            return false;
        } catch (IllegalArgumentException unused) {
            Logger.e(TAG, "The data is not a valid base64-encoded string.");
            return false;
        }
    }

    public String buildResponse(UafMessage[] uafMessageArr) {
        return new GsonBuilder().create().toJson(uafMessageArr);
    }

    public UafMessage parseRequest(String str) throws UafException {
        UafError.Error isRegRequestValid;
        RegistrationRequest registrationRequest;
        Log.d(TAG, "Invalid header1111111");
        if (str == null) {
            throw new UafException(UafError.Error.PROTOCOL_ERROR);
        }
        String replace = str.replace("{\"requests\":", "");
        if (replace.length() > 0 && replace.charAt(replace.length() - 1) == '}') {
            replace = replace.substring(0, replace.length() - 1);
        }
        try {
            UafMessage[] uafMessageArr = (UafMessage[]) this.gson.fromJson(replace, UafMessage[].class);
            if (uafMessageArr.length == 0) {
                throw new UafException(UafError.Error.PROTOCOL_ERROR);
            }
            ArrayList arrayList = new ArrayList();
            for (UafMessage uafMessage : uafMessageArr) {
                Log.d(TAG, uafMessage.toString());
                UafError.Error isUafMessageValid = isUafMessageValid(uafMessage);
                if (isUafMessageValid == UafError.Error.NO_ERROR) {
                    arrayList.add(uafMessage);
                } else if (isUafMessageValid == UafError.Error.UNKNOWN) {
                    throw new UafException(isUafMessageValid);
                }
            }
            if (arrayList.size() != 1) {
                Log.e(TAG, "not only one valid uafmessage");
                throw new UafException(UafError.Error.PROTOCOL_ERROR);
            }
            UafMessage uafMessage2 = (UafMessage) arrayList.get(0);
            UafError.Error error = UafError.Error.NO_ERROR;
            int i = AnonymousClass1.$SwitchMap$com$fido$uaf$ver0100$types$OperationHeader$OperationType[uafMessage2.header.op.ordinal()];
            if (i == 1) {
                try {
                    RegistrationRequest registrationRequest2 = ((RegistrationRequest[]) this.gson.fromJson(replace, RegistrationRequest[].class))[0];
                    isRegRequestValid = isRegRequestValid(registrationRequest2, replace);
                    registrationRequest = registrationRequest2;
                } catch (JsonParseException unused) {
                    throw new UafException(UafError.Error.PROTOCOL_ERROR);
                }
            } else if (i == 2) {
                try {
                    AuthenticationRequest authenticationRequest = ((AuthenticationRequest[]) this.gson.fromJson(replace, AuthenticationRequest[].class))[0];
                    isRegRequestValid = isAuthenticationRequestValid(authenticationRequest);
                    registrationRequest = authenticationRequest;
                } catch (JsonParseException unused2) {
                    throw new UafException(UafError.Error.PROTOCOL_ERROR);
                }
            } else {
                if (i != 3) {
                    throw new UafException(UafError.Error.PROTOCOL_ERROR);
                }
                try {
                    DeregistrationRequest deregistrationRequest = ((DeregistrationRequest[]) this.gson.fromJson(replace, DeregistrationRequest[].class))[0];
                    isRegRequestValid = isDeregistrationRequestValid(deregistrationRequest);
                    registrationRequest = deregistrationRequest;
                } catch (JsonParseException unused3) {
                    throw new UafException(UafError.Error.PROTOCOL_ERROR);
                }
            }
            registrationRequest.uafEngine = this;
            if (isRegRequestValid == UafError.Error.NO_ERROR) {
                return registrationRequest;
            }
            throw new UafException(isRegRequestValid);
        } catch (JsonParseException unused4) {
            Logger.e(TAG, "Parse Uafrequest failed");
            throw new UafException(UafError.Error.PROTOCOL_ERROR);
        }
    }
}
