package org.mozilla.gecko.util;

import android.app.Activity;
import android.content.Intent;
import android.content.IntentSender;
import android.net.Uri;
import android.util.Base64;
import android.util.Log;
import com.google.android.gms.fido.Fido;
import com.google.android.gms.fido.common.Transport;
import com.google.android.gms.fido.fido2.Fido2PendingIntent;
import com.google.android.gms.fido.fido2.api.common.Algorithm;
import com.google.android.gms.fido.fido2.api.common.Attachment;
import com.google.android.gms.fido.fido2.api.common.AttestationConveyancePreference;
import com.google.android.gms.fido.fido2.api.common.AuthenticationExtensions;
import com.google.android.gms.fido.fido2.api.common.AuthenticatorAssertionResponse;
import com.google.android.gms.fido.fido2.api.common.AuthenticatorAttestationResponse;
import com.google.android.gms.fido.fido2.api.common.AuthenticatorErrorResponse;
import com.google.android.gms.fido.fido2.api.common.AuthenticatorSelectionCriteria;
import com.google.android.gms.fido.fido2.api.common.BrowserPublicKeyCredentialCreationOptions;
import com.google.android.gms.fido.fido2.api.common.BrowserPublicKeyCredentialRequestOptions;
import com.google.android.gms.fido.fido2.api.common.EC2Algorithm;
import com.google.android.gms.fido.fido2.api.common.FidoAppIdExtension;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialCreationOptions;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialDescriptor;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialParameters;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialRequestOptions;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialRpEntity;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialType;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialUserEntity;
import com.google.android.gms.fido.fido2.api.common.RSAAlgorithm;
import com.google.android.gms.tasks.OnFailureListener;
import com.google.android.gms.tasks.OnSuccessListener;
import com.google.android.gms.tasks.Task;
import java.util.ArrayList;
import java.util.List;
import org.mozilla.gecko.ActivityHandlerHelper;
import org.mozilla.gecko.GeckoActivityMonitor;
import org.mozilla.gecko.WebAuthnTokenManager;
import org.mozilla.gecko.annotation.ReflectionTarget;

/* loaded from: classes.dex */
public class WebAuthnUtils {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class WebAuthnGetAssertionResult implements ActivityResultHandler {
        private WebAuthnTokenManager.WebAuthnGetAssertionResponse mHandler;

        WebAuthnGetAssertionResult(WebAuthnTokenManager.WebAuthnGetAssertionResponse webAuthnGetAssertionResponse) {
            this.mHandler = webAuthnGetAssertionResponse;
        }

        @Override // org.mozilla.gecko.util.ActivityResultHandler
        public void onActivityResult(int i, Intent intent) {
            if (i == -1) {
                if (intent.hasExtra("FIDO2_ERROR_EXTRA")) {
                    Log.w("WebAuthnUtils", "FIDO2_KEY_ERROR_EXTRA and right");
                    AuthenticatorErrorResponse deserializeFromBytes = AuthenticatorErrorResponse.deserializeFromBytes(intent.getByteArrayExtra("FIDO2_ERROR_EXTRA"));
                    Log.e("WebAuthnUtils", "errorCode.name: " + deserializeFromBytes.getErrorCode());
                    Log.e("WebAuthnUtils", "errorMessage: " + deserializeFromBytes.getErrorMessage());
                    this.mHandler.onFailure(deserializeFromBytes.getErrorCode().name());
                    return;
                }
                if (intent.hasExtra("FIDO2_RESPONSE_EXTRA")) {
                    Log.w("WebAuthnUtils", "FIDO2_KEY_RESPONSE_EXTRA and right");
                    AuthenticatorAssertionResponse deserializeFromBytes2 = AuthenticatorAssertionResponse.deserializeFromBytes(intent.getByteArrayExtra("FIDO2_RESPONSE_EXTRA"));
                    Log.e("WebAuthnUtils", "key handle: " + Base64.encodeToString(deserializeFromBytes2.getKeyHandle(), 0));
                    Log.e("WebAuthnUtils", "clientDataJSON: " + Base64.encodeToString(deserializeFromBytes2.getClientDataJSON(), 0));
                    Log.e("WebAuthnUtils", "auth data: " + Base64.encodeToString(deserializeFromBytes2.getAuthenticatorData(), 0));
                    Log.e("WebAuthnUtils", "signature: " + Base64.encodeToString(deserializeFromBytes2.getSignature(), 0));
                    byte[] userHandle = deserializeFromBytes2.getUserHandle();
                    if (userHandle == null) {
                        userHandle = new byte[0];
                    }
                    this.mHandler.onSuccess(deserializeFromBytes2.getClientDataJSON(), deserializeFromBytes2.getKeyHandle(), deserializeFromBytes2.getAuthenticatorData(), deserializeFromBytes2.getSignature(), userHandle);
                    return;
                }
            }
            if (i != 0) {
                this.mHandler.onFailure("UNKNOWN_ERR");
                return;
            }
            Log.w("WebAuthnUtils", "RESULT_CANCELED" + i);
            this.mHandler.onFailure("ABORT_ERR");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class WebAuthnMakeCredentialResult implements ActivityResultHandler {
        private WebAuthnTokenManager.WebAuthnMakeCredentialResponse mHandler;

        WebAuthnMakeCredentialResult(WebAuthnTokenManager.WebAuthnMakeCredentialResponse webAuthnMakeCredentialResponse) {
            this.mHandler = webAuthnMakeCredentialResponse;
        }

        @Override // org.mozilla.gecko.util.ActivityResultHandler
        public void onActivityResult(int i, Intent intent) {
            if (i == -1) {
                if (intent.hasExtra("FIDO2_ERROR_EXTRA")) {
                    AuthenticatorErrorResponse deserializeFromBytes = AuthenticatorErrorResponse.deserializeFromBytes(intent.getByteArrayExtra("FIDO2_ERROR_EXTRA"));
                    Log.e("WebAuthnUtils", "errorCode.name: " + deserializeFromBytes.getErrorCode());
                    Log.e("WebAuthnUtils", "errorMessage: " + deserializeFromBytes.getErrorMessage());
                    this.mHandler.onFailure(deserializeFromBytes.getErrorCode().name());
                    return;
                }
                if (intent.hasExtra("FIDO2_RESPONSE_EXTRA")) {
                    AuthenticatorAttestationResponse deserializeFromBytes2 = AuthenticatorAttestationResponse.deserializeFromBytes(intent.getByteArrayExtra("FIDO2_RESPONSE_EXTRA"));
                    Log.e("WebAuthnUtils", "key handle: " + Base64.encodeToString(deserializeFromBytes2.getKeyHandle(), 0));
                    Log.e("WebAuthnUtils", "clientDataJSON: " + Base64.encodeToString(deserializeFromBytes2.getClientDataJSON(), 0));
                    Log.e("WebAuthnUtils", "attestation Object: " + Base64.encodeToString(deserializeFromBytes2.getAttestationObject(), 0));
                    this.mHandler.onSuccess(deserializeFromBytes2.getClientDataJSON(), deserializeFromBytes2.getKeyHandle(), deserializeFromBytes2.getAttestationObject());
                    return;
                }
            }
            if (i != 0) {
                this.mHandler.onFailure("UNKNOWN_ERR");
                return;
            }
            Log.w("WebAuthnUtils", "RESULT_CANCELED" + i);
            this.mHandler.onFailure("ABORT_ERR");
        }
    }

    @ReflectionTarget
    public static void getAssertion(byte[] bArr, WebAuthnTokenManager.WebAuthnPublicCredential[] webAuthnPublicCredentialArr, GeckoBundle geckoBundle, GeckoBundle geckoBundle2, final WebAuthnTokenManager.WebAuthnGetAssertionResponse webAuthnGetAssertionResponse) {
        final Activity currentActivity = GeckoActivityMonitor.getInstance().getCurrentActivity();
        if (currentActivity == null) {
            webAuthnGetAssertionResponse.onFailure("UNKNOWN_ERR");
            return;
        }
        if (!geckoBundle.containsKey("isWebAuthn")) {
            webAuthnGetAssertionResponse.onFailure("NOT_SUPPORTED_ERR");
            return;
        }
        ArrayList arrayList = new ArrayList();
        for (WebAuthnTokenManager.WebAuthnPublicCredential webAuthnPublicCredential : webAuthnPublicCredentialArr) {
            arrayList.add(new PublicKeyCredentialDescriptor(PublicKeyCredentialType.PUBLIC_KEY.toString(), webAuthnPublicCredential.mId, getTransportsForByte(webAuthnPublicCredential.mTransports)));
        }
        AuthenticationExtensions.Builder builder = new AuthenticationExtensions.Builder();
        if (geckoBundle2.containsKey("fidoAppId")) {
            builder.setFido2Extension(new FidoAppIdExtension(geckoBundle2.getString("fidoAppId")));
        }
        Task<Fido2PendingIntent> signIntent = Fido.getFido2PrivilegedApiClient(currentActivity.getApplicationContext()).getSignIntent(new BrowserPublicKeyCredentialRequestOptions.Builder().setPublicKeyCredentialRequestOptions(new PublicKeyCredentialRequestOptions.Builder().setChallenge(bArr).setAllowList(arrayList).setTimeoutSeconds(Double.valueOf(geckoBundle.getLong("timeoutMS") / 1000.0d)).setRpId(geckoBundle.getString("rpId")).setAuthenticationExtensions(builder.build()).build()).setOrigin(Uri.parse(geckoBundle.getString("origin"))).build());
        signIntent.addOnSuccessListener(new OnSuccessListener<Fido2PendingIntent>() { // from class: org.mozilla.gecko.util.WebAuthnUtils.3
            @Override // com.google.android.gms.tasks.OnSuccessListener
            public void onSuccess(Fido2PendingIntent fido2PendingIntent) {
                if (fido2PendingIntent.hasPendingIntent()) {
                    try {
                        fido2PendingIntent.launchPendingIntent(currentActivity, ActivityHandlerHelper.registerActivityHandler(new WebAuthnGetAssertionResult(WebAuthnTokenManager.WebAuthnGetAssertionResponse.this)));
                    } catch (IntentSender.SendIntentException e) {
                        Log.w("WebAuthnUtils", "pendingIntent failure", e);
                        WebAuthnTokenManager.WebAuthnGetAssertionResponse.this.onFailure("UNKNOWN_ERR");
                    }
                }
            }
        });
        signIntent.addOnFailureListener(new OnFailureListener() { // from class: org.mozilla.gecko.util.WebAuthnUtils.4
            @Override // com.google.android.gms.tasks.OnFailureListener
            public void onFailure(Exception exc) {
                Log.w("WebAuthnUtils", "onFailure=" + exc);
                exc.printStackTrace();
                WebAuthnTokenManager.WebAuthnGetAssertionResponse.this.onFailure("UNKNOWN_ERR");
            }
        });
    }

    private static List<Transport> getTransportsForByte(byte b) {
        ArrayList arrayList = new ArrayList();
        if ((b & 1) == 1) {
            arrayList.add(Transport.USB);
        }
        if ((b & 2) == 2) {
            arrayList.add(Transport.NFC);
        }
        if ((b & 4) == 4) {
            arrayList.add(Transport.BLUETOOTH_LOW_ENERGY);
        }
        return arrayList;
    }

    @ReflectionTarget
    public static void makeCredential(GeckoBundle geckoBundle, byte[] bArr, byte[] bArr2, WebAuthnTokenManager.WebAuthnPublicCredential[] webAuthnPublicCredentialArr, GeckoBundle geckoBundle2, GeckoBundle geckoBundle3, final WebAuthnTokenManager.WebAuthnMakeCredentialResponse webAuthnMakeCredentialResponse) {
        WebAuthnTokenManager.WebAuthnPublicCredential[] webAuthnPublicCredentialArr2 = webAuthnPublicCredentialArr;
        final Activity currentActivity = GeckoActivityMonitor.getInstance().getCurrentActivity();
        if (currentActivity == null) {
            webAuthnMakeCredentialResponse.onFailure("UNKNOWN_ERR");
            return;
        }
        if (!geckoBundle.containsKey("isWebAuthn")) {
            webAuthnMakeCredentialResponse.onFailure("NOT_SUPPORTED_ERR");
            return;
        }
        PublicKeyCredentialCreationOptions.Builder builder = new PublicKeyCredentialCreationOptions.Builder();
        ArrayList arrayList = new ArrayList();
        int i = 0;
        for (Algorithm algorithm : new Algorithm[]{EC2Algorithm.ES256, EC2Algorithm.ES384, EC2Algorithm.ES512, EC2Algorithm.ED256, EC2Algorithm.ED512, RSAAlgorithm.PS256, RSAAlgorithm.PS384, RSAAlgorithm.PS512, RSAAlgorithm.RS256, RSAAlgorithm.RS384, RSAAlgorithm.RS512}) {
            arrayList.add(new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY.toString(), algorithm.getAlgoValue()));
        }
        PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity(bArr, geckoBundle.getString("userName", ""), geckoBundle.getString("userIcon", ""), geckoBundle.getString("userDisplayName", ""));
        AttestationConveyancePreference attestationConveyancePreference = AttestationConveyancePreference.NONE;
        String string = geckoBundle2.getString("attestationPreference", "NONE");
        if (string.equalsIgnoreCase(AttestationConveyancePreference.DIRECT.name())) {
            attestationConveyancePreference = AttestationConveyancePreference.DIRECT;
        } else if (string.equalsIgnoreCase(AttestationConveyancePreference.INDIRECT.name())) {
            attestationConveyancePreference = AttestationConveyancePreference.INDIRECT;
        }
        AuthenticatorSelectionCriteria.Builder builder2 = new AuthenticatorSelectionCriteria.Builder();
        if (geckoBundle3.containsKey("requirePlatformAttachment") && geckoBundle2.getInt("requirePlatformAttachment") == 1) {
            builder2.setAttachment(Attachment.PLATFORM);
        }
        AuthenticatorSelectionCriteria build = builder2.build();
        AuthenticationExtensions.Builder builder3 = new AuthenticationExtensions.Builder();
        if (geckoBundle3.containsKey("fidoAppId")) {
            builder3.setFido2Extension(new FidoAppIdExtension(geckoBundle3.getString("fidoAppId")));
        }
        AuthenticationExtensions build2 = builder3.build();
        ArrayList arrayList2 = new ArrayList();
        int length = webAuthnPublicCredentialArr2.length;
        while (i < length) {
            WebAuthnTokenManager.WebAuthnPublicCredential webAuthnPublicCredential = webAuthnPublicCredentialArr2[i];
            arrayList2.add(new PublicKeyCredentialDescriptor(PublicKeyCredentialType.PUBLIC_KEY.toString(), webAuthnPublicCredential.mId, getTransportsForByte(webAuthnPublicCredential.mTransports)));
            i++;
            webAuthnPublicCredentialArr2 = webAuthnPublicCredentialArr;
        }
        Task<Fido2PendingIntent> registerIntent = Fido.getFido2PrivilegedApiClient(currentActivity.getApplicationContext()).getRegisterIntent(new BrowserPublicKeyCredentialCreationOptions.Builder().setPublicKeyCredentialCreationOptions(builder.setUser(publicKeyCredentialUserEntity).setAttestationConveyancePreference(attestationConveyancePreference).setAuthenticatorSelection(build).setAuthenticationExtensions(build2).setChallenge(bArr2).setRp(new PublicKeyCredentialRpEntity(geckoBundle.getString("rpId"), geckoBundle.getString("rpName", ""), geckoBundle.getString("rpIcon", ""))).setParameters(arrayList).setTimeoutSeconds(Double.valueOf(geckoBundle.getLong("timeoutMS") / 1000.0d)).setExcludeList(arrayList2).build()).setOrigin(Uri.parse(geckoBundle.getString("origin"))).build());
        registerIntent.addOnSuccessListener(new OnSuccessListener<Fido2PendingIntent>() { // from class: org.mozilla.gecko.util.WebAuthnUtils.1
            @Override // com.google.android.gms.tasks.OnSuccessListener
            public void onSuccess(Fido2PendingIntent fido2PendingIntent) {
                if (fido2PendingIntent.hasPendingIntent()) {
                    try {
                        fido2PendingIntent.launchPendingIntent(currentActivity, ActivityHandlerHelper.registerActivityHandler(new WebAuthnMakeCredentialResult(WebAuthnTokenManager.WebAuthnMakeCredentialResponse.this)));
                    } catch (IntentSender.SendIntentException unused) {
                        WebAuthnTokenManager.WebAuthnMakeCredentialResponse.this.onFailure("UNKNOWN_ERR");
                    }
                }
            }
        });
        registerIntent.addOnFailureListener(new OnFailureListener() { // from class: org.mozilla.gecko.util.WebAuthnUtils.2
            @Override // com.google.android.gms.tasks.OnFailureListener
            public void onFailure(Exception exc) {
                Log.w("WebAuthnUtils", "onFailure=" + exc);
                exc.printStackTrace();
                WebAuthnTokenManager.WebAuthnMakeCredentialResponse.this.onFailure("UNKNOWN_ERR");
            }
        });
    }
}
