package ca.bluink.eidmemobilesdk.data;

import android.util.Base64;
import android.util.Log;
import ca.bluink.bluink_image_understanding.Native.FIDO2;
import ca.bluink.bluink_image_understanding.Native.NativeCrypto;
import ca.bluink.bluink_image_understanding.Native.U2F_AUTHENTICATE_REQ;
import ca.bluink.bluink_image_understanding.Native.U2F_AUTHENTICATE_RESP;
import ca.bluink.bluink_image_understanding.Native.U2F_REGISTER_REQ;
import ca.bluink.bluink_image_understanding.Native.U2F_REGISTER_RESP;
import ca.bluink.bluink_image_understanding.Native.bluink_FIDO2_context_t;
import ca.bluink.bluink_image_understanding.Native.comboStruct;
import ca.bluink.bluink_image_understanding.Native.credentialSetStruct;
import ca.bluink.bluink_image_understanding.Native.items;
import ca.bluink.eidmemobilesdk.dataModels.IssuanceFinishResult;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.util.Arrays;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class AppU2F {
    private static final String TAG = "APPU2F";
    private bluink_FIDO2_context_t mFidoContext;

    private final boolean createAttestationKey() {
        byte[] decode = Base64.decode(FIDO2.PC_getAttPriKey(), 0);
        int bluink_U2F_createAttestationKey = FIDO2.bluink_U2F_createAttestationKey(this.mFidoContext, 1, decode, decode.length);
        if (bluink_U2F_createAttestationKey == 0) {
            return true;
        }
        Log.d(TAG, "Failed to create attestation key: " + bluink_U2F_createAttestationKey);
        return false;
    }

    public static String createAuthRequest(String str, String str2, String str3) {
        String encodeToString = Base64.encodeToString(str2.getBytes(Charset.forName("UTF-8")), 11);
        String replaceAll = str3.replaceAll("/", "\\/");
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.accumulate("version", "U2F_V2");
            jSONObject.accumulate("appId", replaceAll);
            jSONObject.accumulate("keyHandle", encodeToString);
            jSONObject.accumulate("challenge", str);
            Log.d(TAG, "auth request json: " + jSONObject.toString());
            byte[] sha256 = NativeCrypto.sha256(jSONObject.toString().getBytes(Charset.forName("UTF-8")));
            if (sha256 == null) {
                Log.d(TAG, "Create auth request failed. Request hash is null.");
                return null;
            }
            byte[] sha2562 = NativeCrypto.sha256(str3.getBytes(Charset.forName("UTF-8")));
            if (sha2562 == null) {
                Log.d(TAG, "Create auth request failed. AppId hash is null.");
                return null;
            }
            byte[] bytes = str2.getBytes(Charset.forName("UTF-8"));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                byteArrayOutputStream.write(sha256);
                byteArrayOutputStream.write(sha2562);
                byteArrayOutputStream.write(str2.length());
                byteArrayOutputStream.write(bytes);
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                byteArrayOutputStream.close();
                return Base64.encodeToString(byteArray, 11);
            } catch (IOException unused) {
                Log.d(TAG, "Could not write to byte buffer.");
                return null;
            }
        } catch (JSONException unused2) {
        }
    }

    private final boolean createCredKeyPair() {
        String createKeyHandle = NativeCrypto.createKeyHandle();
        if (NativeCrypto.generateKeyPair(createKeyHandle, 1, 2048) != 0) {
            Log.d(TAG, "Failed to generate keypair!");
            return false;
        }
        AppSettings.INSTANCE.setCredKeyHandle(createKeyHandle);
        return true;
    }

    private final credentialSetStruct loadCreds() {
        AppSettings appSettings = AppSettings.INSTANCE;
        String credKeyHandle = appSettings.getCredKeyHandle();
        if (credKeyHandle == null) {
            Log.d(TAG, "Missing keyhandle to decrypt credstore. Returning null.");
            return null;
        }
        String credStore = appSettings.getCredStore();
        if (credStore == null) {
            Log.d(TAG, "No initial cred store data. Returning null...");
            return null;
        }
        byte[] decode = Base64.decode(credStore, 0);
        if (decode == null) {
            Log.d(TAG, "Unable to base64 decrypt the encrypted cred store bytes...returning null.");
            return null;
        }
        byte[] decrypt = NativeCrypto.decrypt(credKeyHandle, 1, decode);
        if (decrypt == null) {
            Log.d(TAG, "Unable to RSA decrypt cred store bytes. Returning null.");
            return null;
        }
        comboStruct loadCredentialsAndWizards = FIDO2.loadCredentialsAndWizards(decrypt, decrypt.length, new int[]{0});
        if (loadCredentialsAndWizards != null) {
            return loadCredentialsAndWizards.getCreds();
        }
        Log.d(TAG, "Deserializing credentialset failed. Returning null.");
        return null;
    }

    private void saveContext() {
        bluink_FIDO2_context_t bluink_fido2_context_t = this.mFidoContext;
        if (bluink_fido2_context_t == null) {
            return;
        }
        credentialSetStruct m_creds = bluink_fido2_context_t.getM_creds();
        comboStruct combostruct = new comboStruct();
        combostruct.setCreds(m_creds);
        long[] jArr = new long[1];
        FIDO2.saveCredentialsAndWizards(null, jArr, combostruct, 0, 0);
        if (jArr[0] <= 0) {
            Log.d(TAG, "Failed to retrieve buffer size from saving credentials.");
            return;
        }
        byte[] bArr = new byte[(int) jArr[0]];
        FIDO2.saveCredentialsAndWizards(bArr, jArr, combostruct, 0, 0);
        saveCreds(bArr);
    }

    private void saveCreds(byte[] bArr) {
        AppSettings appSettings = AppSettings.INSTANCE;
        String credKeyHandle = appSettings.getCredKeyHandle();
        if (credKeyHandle == null) {
            Log.d(TAG, "Missing keyhandle to encrypt credstore.");
            return;
        }
        byte[] encrypt = NativeCrypto.encrypt(credKeyHandle, 1, bArr);
        if (encrypt == null) {
            Log.d(TAG, "Unable to RSA encrypt cred store bytes.");
            return;
        }
        String encodeToString = Base64.encodeToString(encrypt, 2);
        if (encodeToString == null) {
            Log.d(TAG, "Failed to b64 encode encrypted cred store bytes.");
        } else {
            appSettings.setCredStore(encodeToString);
        }
    }

    public final String authenticate(String str) {
        if (this.mFidoContext == null && !initializeU2FContext()) {
            Log.d(TAG, "Failed to create context");
            return null;
        }
        if (str == null || str.isEmpty()) {
            Log.d(TAG, "Cannot use an empty/null challenge for authentication.");
            return null;
        }
        byte[] decode = Base64.decode(str, 11);
        if (decode == null) {
            Log.d(TAG, "Failed to b64 decode u2f authenticate request.");
            return null;
        }
        U2F_AUTHENTICATE_REQ castFromBytes = U2F_AUTHENTICATE_REQ.castFromBytes(decode);
        if (castFromBytes == null) {
            Log.d(TAG, "Failed to cast bytes into U2F_AUTHENTICATE_REQ.");
            return null;
        }
        Log.d(TAG, "Context: " + this.mFidoContext.toString());
        if (FIDO2.bluink_U2F_establishContext(this.mFidoContext, castFromBytes) != 0) {
            Log.d(TAG, "Failed to establish FIDO U2F context with given authReq and fido context.");
            return null;
        }
        U2F_AUTHENTICATE_RESP castFromBytes2 = U2F_AUTHENTICATE_RESP.castFromBytes(new byte[8256]);
        int[] iArr = new int[1];
        int bluink_U2F_doAuthentication = FIDO2.bluink_U2F_doAuthentication(this.mFidoContext, castFromBytes, castFromBytes2, iArr, 0);
        if (bluink_U2F_doAuthentication == 36864) {
            saveContext();
            return Base64.encodeToString(Arrays.copyOf(U2F_AUTHENTICATE_RESP.castToBytes(castFromBytes2, new int[1]), iArr[0]), 2);
        }
        Log.d(TAG, "Failed to FIDO U2F authenticate. Error code: " + Integer.toString(bluink_U2F_doAuthentication, 16));
        return null;
    }

    public bluink_FIDO2_context_t getFidoContext() {
        return this.mFidoContext;
    }

    public boolean initializeU2FContext() {
        if (AppSettings.INSTANCE.getCredKeyHandle() == null && !createCredKeyPair()) {
            return false;
        }
        this.mFidoContext = FIDO2.bluink_FIDO2_init(loadCreds());
        return createAttestationKey();
    }

    public boolean initializeU2FContext(IssuanceFinishResult.AppKeyHandles appKeyHandles) {
        AppSettings appSettings = AppSettings.INSTANCE;
        appSettings.setRegEmail(appKeyHandles.getRegEmail());
        appSettings.setRsUUID(appKeyHandles.getRsUUID());
        appSettings.setApiAuthKeyHandle(appKeyHandles.getApiAuthKeyHandle());
        appSettings.setIdentityKeyHandle(appKeyHandles.getIdentityKeyHandle());
        appSettings.setCommKeyAlias(appKeyHandles.getCommKeyAlias());
        appSettings.setCredStore(appKeyHandles.getCredStore());
        appSettings.setCredKeyHandle(appKeyHandles.getCredKeyHandle());
        appSettings.setServerKeyAlias(appKeyHandles.getServerKeyAlias());
        appSettings.setEncryptedServerKey(appKeyHandles.getEncryptedServerKey());
        appSettings.setSelectedJurisdictions(Arrays.asList(appKeyHandles.getSelectedJurisdiction().split("^")));
        if (appSettings.getCredKeyHandle() == null && !createCredKeyPair()) {
            return false;
        }
        this.mFidoContext = FIDO2.bluink_FIDO2_init(loadCreds());
        return createAttestationKey();
    }

    public final String register(String str, String str2) {
        if (str == null || str.isEmpty()) {
            Log.d(TAG, "Cannot use empty/null string for register request.");
            return null;
        }
        byte[] decode = Base64.decode(str, 2);
        if (decode == null) {
            Log.d(TAG, "An error occurred decoding base64 encoded request string.");
            return null;
        }
        if (decode.length != U2F_REGISTER_REQ.sizeOf()) {
            Log.d(TAG, "Decoded U2F_REGISTER_REQ bytes not the proper size.");
            return null;
        }
        U2F_REGISTER_REQ castFromBytes = U2F_REGISTER_REQ.castFromBytes(decode);
        if (castFromBytes == null) {
            Log.d(TAG, "Could not cast U2F_REGISTER_REQ bytes into object.");
            return null;
        }
        if (str2 == null) {
            str2 = NativeCrypto.createKeyHandle();
        }
        String str3 = str2;
        U2F_REGISTER_RESP u2f_register_resp = new U2F_REGISTER_RESP();
        if (this.mFidoContext == null) {
            Log.d(TAG, "Context is null");
        } else {
            Log.d(TAG, "Doreg ctx = " + this.mFidoContext.toString());
            Log.d(TAG, "Doreg regReq = " + castFromBytes.toString());
            Log.d(TAG, "Doreg regResp = " + u2f_register_resp.toString());
            Log.d(TAG, "Doreg token = " + str3.toString());
        }
        int[] iArr = new int[1];
        int bluink_U2F_doRegistration = FIDO2.bluink_U2F_doRegistration(this.mFidoContext, castFromBytes, u2f_register_resp, iArr, 0, str3);
        if (bluink_U2F_doRegistration == 0) {
            saveContext();
            return Base64.encodeToString(Arrays.copyOf(U2F_REGISTER_RESP.castToBytes(u2f_register_resp, new int[1]), iArr[0]), 2);
        }
        Log.d(TAG, "FIDO U2F Registration failed. Response code: " + bluink_U2F_doRegistration);
        return null;
    }

    public final void resetU2FData() {
        bluink_FIDO2_context_t bluink_fido2_context_t = this.mFidoContext;
        if (bluink_fido2_context_t != null) {
            for (credentialSetStruct m_creds = bluink_fido2_context_t.getM_creds(); m_creds != null; m_creds = items.deleteCredentialSet(m_creds, m_creds)) {
            }
        }
        AppSettings appSettings = AppSettings.INSTANCE;
        String credKeyHandle = appSettings.getCredKeyHandle();
        if (credKeyHandle != null) {
            NativeCrypto.deleteKeyPair(credKeyHandle);
        }
        appSettings.setCredStore(null);
        initializeU2FContext();
    }

    public void setContext(bluink_FIDO2_context_t bluink_fido2_context_t) {
        this.mFidoContext = bluink_fido2_context_t;
    }
}
