package com.microsoft.identity.common.internal.ui.webview.challengehandlers;

import com.microsoft.identity.common.logging.Logger;
import defpackage.a21;
import defpackage.c21;
import defpackage.lf;
import defpackage.n00;
import defpackage.p4;
import defpackage.q4;
import defpackage.ug1;
import defpackage.y;
import defpackage.y11;
import defpackage.yh0;
import defpackage.yn1;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;

/* loaded from: classes2.dex */
public class YubiKitSmartcardSession implements ISmartcardSession {
    private static final short APDU_EXCEPTION_ERROR_CODE_FILE_NOT_FOUND = 27266;
    private static final String TAG = "YubiKitSmartcardSession";
    private static final String YUBIKEY_PROVIDER = "YKPiv";
    private final c21 piv;

    public YubiKitSmartcardSession(c21 c21Var) {
        this.piv = c21Var;
    }

    private void getAndPutCertDetailsInList(ug1 ug1Var, c21 c21Var, List<ICertDetails> list) {
        String e = y.e(new StringBuilder(), TAG, ":getAndPutCertDetailsInList");
        try {
            list.add(new YubiKitCertDetails(c21Var.i(ug1Var), ug1Var));
        } catch (q4 e2) {
            if (e2.a != 27266) {
                throw e2;
            }
            Logger.verbose(e, ug1Var + " slot is empty.");
        }
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.challengehandlers.ISmartcardSession
    public List<ICertDetails> getCertDetailsList() {
        ArrayList arrayList = new ArrayList();
        getAndPutCertDetailsInList(ug1.AUTHENTICATION, this.piv, arrayList);
        getAndPutCertDetailsInList(ug1.SIGNATURE, this.piv, arrayList);
        getAndPutCertDetailsInList(ug1.KEY_MANAGEMENT, this.piv, arrayList);
        getAndPutCertDetailsInList(ug1.CARD_AUTH, this.piv, arrayList);
        return arrayList;
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.challengehandlers.ISmartcardSession
    public PrivateKey getKeyForAuth(ICertDetails iCertDetails, char[] cArr) {
        String e = y.e(new StringBuilder(), TAG, ":getKeyForAuth");
        if (!(iCertDetails instanceof YubiKitCertDetails)) {
            throw new Exception("certDetails is not of type YubiKitCertDetails.");
        }
        final c21 c21Var = this.piv;
        KeyStore keyStore = KeyStore.getInstance(YUBIKEY_PROVIDER, new a21(new lf() { // from class: z11
            @Override // defpackage.lf
            public final void invoke(Object obj) {
                ((lf) obj).invoke(new y91(c21.this, null));
            }
        }));
        keyStore.load(null);
        Key key = keyStore.getKey(Integer.toString(((YubiKitCertDetails) iCertDetails).getSlot().a, 16), cArr);
        if (key instanceof y11) {
            return (y11) key;
        }
        Logger.error(e, "Private key retrieved from YKPiv keystore is not of type PivPrivateKey.", null);
        throw new Exception("Private key retrieved from YKPiv keystore is not of type PivPrivateKey.");
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.challengehandlers.ISmartcardSession
    public int getPinAttemptsRemaining() {
        c21 c21Var = this.piv;
        n00.a aVar = c21.g;
        c21Var.getClass();
        if (aVar.b(c21Var.b)) {
            c21Var.e(aVar);
            LinkedHashMap a = yn1.a(c21Var.a.b(new p4(-9, 0, -128, null)));
            byte[] bArr = (byte[]) a.get(6);
            byte b = ((byte[]) a.get(5))[0];
            byte b2 = bArr[0];
            return bArr[1];
        }
        try {
            c21Var.a.b(new p4(32, 0, -128, null));
            return c21Var.c;
        } catch (q4 e) {
            int m = c21Var.m(e.a);
            if (m < 0) {
                throw e;
            }
            c21Var.c = m;
            return m;
        }
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.challengehandlers.ISmartcardSession
    public boolean verifyPin(char[] cArr) {
        String e = y.e(new StringBuilder(), TAG, ":verifyPin");
        try {
            this.piv.K(cArr);
            return true;
        } catch (yh0 unused) {
            Logger.info(e, "Incorrect PIN entered.");
            return false;
        }
    }
}
