package com.microsoft.identity.common.internal.ui.webview.certbasedauth;

import B6.a;
import D6.f;
import H6.b;
import H6.e;
import J6.i;
import J6.j;
import K6.r;
import K6.w;
import Y2.K;
import androidx.datastore.preferences.protobuf.AbstractC0461f;
import com.microsoft.identity.common.logging.Logger;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;

/* loaded from: classes.dex */
public class YubiKitSmartcardSession implements ISmartcardSession {
    private static final short APDU_EXCEPTION_ERROR_CODE_FILE_NOT_FOUND = 27266;
    private static final String TAG = "YubiKitSmartcardSession";
    private static final String YUBIKEY_PROVIDER = "YKPiv";
    private final i piv;

    public YubiKitSmartcardSession(i iVar) {
        this.piv = iVar;
    }

    private void getAndPutCertDetailsInList(j jVar, i iVar, List<ICertDetails> list) {
        String p10 = AbstractC0461f.p(new StringBuilder(), TAG, ":getAndPutCertDetailsInList");
        try {
            list.add(new YubiKitCertDetails(iVar.d(jVar), jVar));
        } catch (b e2) {
            if (e2.f1905d != 27266) {
                throw e2;
            }
            Logger.verbose(p10, jVar + " slot is empty.");
        }
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    public List<ICertDetails> getCertDetailsList() {
        ArrayList arrayList = new ArrayList();
        getAndPutCertDetailsInList(j.AUTHENTICATION, this.piv, arrayList);
        getAndPutCertDetailsInList(j.SIGNATURE, this.piv, arrayList);
        getAndPutCertDetailsInList(j.KEY_MANAGEMENT, this.piv, arrayList);
        getAndPutCertDetailsInList(j.CARD_AUTH, this.piv, arrayList);
        return arrayList;
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    public PrivateKey getKeyForAuth(ICertDetails iCertDetails, char[] cArr) {
        String p10 = AbstractC0461f.p(new StringBuilder(), TAG, ":getKeyForAuth");
        if (!(iCertDetails instanceof YubiKitCertDetails)) {
            throw new Exception("certDetails is not of type YubiKitCertDetails.");
        }
        KeyStore keyStore = KeyStore.getInstance(YUBIKEY_PROVIDER, new w(new a(1, this.piv)));
        keyStore.load(null);
        Key key = keyStore.getKey(Integer.toString(((YubiKitCertDetails) iCertDetails).getSlot().f2383d, 16), cArr);
        if (key instanceof r) {
            return (r) key;
        }
        Logger.error(p10, "Private key retrieved from YKPiv keystore is not of type PivPrivateKey.", null);
        throw new Exception("Private key retrieved from YKPiv keystore is not of type PivPrivateKey.");
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    public int getPinAttemptsRemaining() {
        i iVar = this.piv;
        iVar.getClass();
        d8.b bVar = i.f2374q;
        bVar.o("Getting PIN attempts");
        f fVar = i.f2373p;
        boolean l7 = fVar.l(iVar.f2376e);
        e eVar = iVar.f2375d;
        if (l7) {
            bVar.o("Getting PIN metadata");
            iVar.a(fVar);
            LinkedHashMap b10 = K.b(eVar.d(new H6.a(-9, 0, -128, null)));
            byte[] bArr = (byte[]) b10.get(6);
            byte b11 = ((byte[]) b10.get(5))[0];
            byte b12 = bArr[0];
            return bArr[1];
        }
        try {
            eVar.d(new H6.a(32, 0, -128, null));
            bVar.o("Using cached value, may be incorrect");
            return iVar.f2377k;
        } catch (b e2) {
            int e10 = iVar.e(e2.f1905d);
            if (e10 < 0) {
                throw e2;
            }
            iVar.f2377k = e10;
            bVar.o("Using value from empty verify");
            return e10;
        }
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ISmartcardSession
    public boolean verifyPin(char[] cArr) {
        String p10 = AbstractC0461f.p(new StringBuilder(), TAG, ":verifyPin");
        try {
            this.piv.s(cArr);
            return true;
        } catch (J6.b unused) {
            Logger.info(p10, "Incorrect PIN entered.");
            return false;
        }
    }
}
