package com.noknok.android.client.asm.core.uaf;

import android.app.Activity;
import android.content.Context;
import android.content.Intent;
import android.content.pm.Signature;
import android.graphics.Bitmap;
import android.graphics.BitmapFactory;
import android.text.TextUtils;
import android.util.Base64;
import com.alibaba.taffy.core.util.codec.MessageDigestAlgorithms;
import com.fido.android.framework.tm.core.prov.CryptoModule;
import com.noknok.android.client.asm.api.AsmError;
import com.noknok.android.client.asm.api.AsmException;
import com.noknok.android.client.asm.api.uaf.json.AuthenticatorInfo;
import com.noknok.android.client.asm.api.uaf.json.DeregisterIn;
import com.noknok.android.client.asm.api.uaf.json.DisplayPNGCharacteristicsDescriptor;
import com.noknok.android.client.asm.api.uaf.json.Extension;
import com.noknok.android.client.asm.api.uaf.json.GetRegistrationsOut;
import com.noknok.android.client.asm.api.uaf.json.RegisterIn;
import com.noknok.android.client.asm.api.uaf.json.RegisterOut;
import com.noknok.android.client.asm.core.GetInfoParams;
import com.noknok.android.client.asm.core.MatcherAssertionException;
import com.noknok.android.client.asm.core.MatcherParamsHelper;
import com.noknok.android.client.asm.core.shared.DescriptorLoader;
import com.noknok.android.client.asm.sdk.IAKDigestMethod;
import com.noknok.android.client.asm.sdk.IAKSelector;
import com.noknok.android.client.asm.sdk.IAuthenticatorDescriptor;
import com.noknok.android.client.asm.sdk.IMatcher;
import com.noknok.android.client.asm.sdk.ProtocolType;
import com.noknok.android.client.asm.sdk.UVTMatcherInParams;
import com.noknok.android.client.asm.sdk.UVTMatcherOutParams;
import com.noknok.android.client.utils.ActivityStarter;
import com.noknok.android.client.utils.Charsets;
import com.noknok.android.client.utils.Logger;
import com.noknok.android.uaf.asmcore.AKProcessor;
import com.noknok.android.uaf.asmcore.AuthenticatorDatabase;
import com.noknok.android.uaf.asmcore.AuthenticatorDatabaseFactory;
import com.noknok.android.uaf.asmcore.SelectFromDialogActivity;
import com.noknok.android.uaf.asmcore.TLVCommandEncoder;
import com.taobao.agoo.a.a.c;
import java.io.ByteArrayOutputStream;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.MessageDigest;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Random;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes5.dex */
public class AuthenticatorCore {
    protected static final int ASMTOKEN_SIZE = 32;
    protected static final String ASM_TOKEN = "ASMToken";
    protected static final int BASE64_ENCODING = 11;
    private static final String NNL_AK_CONFIG = "NNL_AK_CONFIG";
    private static final String TAG = "AuthenticatorCore";
    protected byte[] mASMToken;
    protected AKProcessor mAkProcessor;
    private AntiHammering mAntihammering;
    protected IAuthenticatorDescriptor mAuthDx;
    private IMatcher mAuthMatcher;
    protected AuthenticatorDatabase mAuthenticatorDb;
    protected byte[] mCallerID;
    protected Context mContext;
    protected CryptoModule mCryptoModule;
    protected IAKDigestMethod mDigestMethod;
    private byte[] mFinalChallenge;
    protected AKProcessor.AkAuthnrInfo mInfo;
    private MatcherParamsHelper mMatcherParamsHelper;
    protected byte[] mPersonaID;
    protected IAuthenticatorDescriptor.IUAFDescriptor mUafAuthDx;
    private Map<Class<? extends IMatcher.MatcherInParams>, MatcherParamsHelper.AuthenticatorMatcherType> mapMatcherParamsInfo;
    protected TCDisplayResponse tTCDisplayResponse;

    /* loaded from: classes5.dex */
    public static class Response {
        public Object data;
        public List<Extension> exts;
        public int statusCode;
    }

    /* loaded from: classes5.dex */
    public static class TCDisplayResponse {
        public byte[] additionalAKArgument;
        public int statusCode;
        public byte[] tcToken;
    }

    /* loaded from: classes5.dex */
    public static class UserVerifyResponse {
        public byte[] additionalAKArgument;
        public List<IMatcher.Extension> extensions;
        public IMatcher.MatcherInParams matcherInParams = null;
        public MatcherParamsHelper.AuthenticatorMatcherType matcherType;
        public short statusCode;
        public String userID;
        public byte[] userVerifyToken;
    }

    /* loaded from: classes5.dex */
    public static class Username {
        public String keyHandle;
        public long timeStamp;
        public String username;

        public Username(String str, String str2, long j) {
            this.username = str;
            this.keyHandle = str2;
            this.timeStamp = j;
        }
    }

    public AuthenticatorCore() {
        this.mCryptoModule = null;
        this.mInfo = new AKProcessor.AkAuthnrInfo();
        this.mAuthDx = null;
        this.mUafAuthDx = null;
    }

    public AuthenticatorCore(IAuthenticatorDescriptor iAuthenticatorDescriptor) throws AsmException {
        this.mCryptoModule = null;
        this.mInfo = new AKProcessor.AkAuthnrInfo();
        this.mUafAuthDx = null;
        this.mAuthDx = iAuthenticatorDescriptor;
        IAuthenticatorDescriptor.IUAFDescriptor uAFDescriptor = iAuthenticatorDescriptor.getUAFDescriptor();
        this.mUafAuthDx = uAFDescriptor;
        if (uAFDescriptor == null) {
            Logger.e(TAG, "UAF specific auth descriptor is not provided.");
            throw new AsmException(AsmError.FAILURE);
        }
        HashMap hashMap = new HashMap();
        this.mapMatcherParamsInfo = hashMap;
        hashMap.put(UVTMatcherInParams.class, MatcherParamsHelper.AuthenticatorMatcherType.MATCHER_TYPE_UVT);
    }

    private AKProcessor.AKResponseParams addAuthenticator(IAuthenticatorDescriptor.AAIDInfo aAIDInfo) throws AsmException {
        AKProcessor.AKRequestParams matcherVersion = new AKProcessor.AKRequestParams().setCmd((short) 13320).setAaid(aAIDInfo.aaid.getBytes(Charsets.utf8Charset)).setMatcherVersion(this.mAuthDx.getMatcherVersion());
        int size = aAIDInfo.certificateChain == null ? 0 : aAIDInfo.certificateChain.size();
        matcherVersion.setAttestationCerts(new ArrayList(size));
        for (int i = 0; i < size; i++) {
            matcherVersion.attestationCerts.add(aAIDInfo.certificateChain.get(i));
        }
        return this.mAkProcessor.processAK(matcherVersion);
    }

    private void assertNotAnActivityContext(Context context) {
        if (context instanceof Activity) {
            throw new MatcherAssertionException("Context to be used for IMatcher must not be an Activity Context.");
        }
    }

    private byte[] createFakeUVT(String str, byte[] bArr, byte[] bArr2) {
        ByteBuffer allocate = ByteBuffer.allocate(str.length() + 32 + bArr.length + 4 + bArr2.length + 20);
        allocate.order(ByteOrder.LITTLE_ENDIAN);
        allocate.putShort((short) 25093);
        allocate.putShort((short) str.length());
        allocate.put(str.getBytes(Charsets.utf8Charset));
        allocate.putShort((short) 25095);
        allocate.putShort((short) 32);
        allocate.put(ByteBuffer.allocate(32));
        allocate.putShort((short) 25098);
        allocate.putShort((short) bArr.length);
        allocate.put(bArr);
        allocate.putShort((short) 259);
        allocate.putShort((short) bArr2.length);
        allocate.put(bArr2);
        allocate.putShort((short) 25099);
        allocate.putShort((short) 4);
        allocate.putInt(0);
        return allocate.array();
    }

    private Response deleteRegistration(String str, String str2) {
        int i;
        ArrayList arrayList;
        Response response = new Response();
        try {
            if (this.mInfo.generalInfo.isRoamingAuthenticator) {
                arrayList = null;
            } else {
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add(str2);
                String encodeToString = Base64.encodeToString(this.mCallerID, 11);
                List<AuthenticatorDatabase.RegistrationRecord> registrations = this.mAuthenticatorDb.getRegistrations(encodeToString, str, arrayList2);
                if (registrations == null || registrations.size() <= 0) {
                    arrayList = null;
                } else {
                    arrayList = new ArrayList();
                    Iterator<AuthenticatorDatabase.RegistrationRecord> it = registrations.iterator();
                    while (it.hasNext()) {
                        arrayList.add(Base64.decode(it.next().keyHandle, 11));
                    }
                }
                Logger.e(TAG, "Delete Registration GetRegistrations for calledID: ." + encodeToString);
                this.mAuthenticatorDb.removeRegistration(encodeToString, str, str2);
            }
            try {
                this.mAkProcessor.processAK(new AKProcessor.AKRequestParams().setAppID((this.mInfo.additionalInfo.expectAPPID || this.mInfo.generalInfo.isRoamingAuthenticator) ? str.getBytes(Charsets.utf8Charset) : null).setKeyID(Base64.decode(str2, 11)).setKeyHandles(arrayList).setKHAccessToken(getKHAccessToken(str, this.mCallerID, this.mASMToken, this.mPersonaID)).setAuthenticatorIndex((byte) this.mInfo.generalInfo.authenticatorIndex).setCmd((short) 13316));
            } catch (AsmException e) {
                Logger.w(TAG, "Dereg call to AK failed.", e);
            }
            if (!this.mAuthenticatorDb.hasRegistrations() && !this.mInfo.generalInfo.isRoamingAuthenticator) {
                this.mAuthenticatorDb.storeAKConfig("");
            }
            i = 0;
        } catch (AsmException e2) {
            Logger.w(TAG, "Failed to delete registration.", e2);
            i = 1;
        }
        response.statusCode = i;
        return response;
    }

    private List<Extension> extExtract(AKProcessor.AKResponseParams aKResponseParams) {
        Logger.d(TAG, "extExtract");
        return this.mAkProcessor.extExtract(aKResponseParams);
    }

    private void extInit(AKProcessor.AKRequestParams aKRequestParams) {
        Logger.d(TAG, "extInit");
        this.mAkProcessor.extInit(aKRequestParams);
    }

    private void getASMToken() throws AsmException {
        String aSMToken = this.mAuthenticatorDb.getASMToken();
        if (aSMToken != null) {
            this.mASMToken = Base64.decode(aSMToken, 11);
            return;
        }
        if (this.mUafAuthDx.isRoamingAuthenticator()) {
            return;
        }
        Logger.d(TAG, "Not roaming authenticator setting ASMToken");
        this.mASMToken = new byte[32];
        new Random().nextBytes(this.mASMToken);
        this.mAuthenticatorDb.storeASMToken(Base64.encodeToString(this.mASMToken, 11));
    }

    static String getHex(byte[] bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 2);
        for (byte b : bArr) {
            sb.append("0123456789ABCDEF".charAt((b & 240) >> 4));
            sb.append("0123456789ABCDEF".charAt(b & 15));
        }
        return sb.toString();
    }

    private byte[] getKHAccessToken(String str, byte[] bArr, byte[] bArr2, byte[] bArr3) throws AsmException {
        if (str != null) {
            try {
                this.mDigestMethod.update(str.getBytes(Charsets.utf8Charset));
            } catch (Exception e) {
                Logger.e(TAG, "Error creating access key ", e);
                throw new AsmException(AsmError.FAILURE, "cannot get access key: no such algorithm");
            }
        }
        if (bArr2 != null) {
            this.mDigestMethod.update(bArr2);
        }
        if (bArr3 != null) {
            this.mDigestMethod.update(bArr3);
        }
        if (bArr != null) {
            this.mDigestMethod.update(bArr);
        }
        return this.mDigestMethod.digest();
    }

    private void getPersonaID() {
    }

    private void getResult(IMatcher.RESULT result) throws AsmException {
        if (result == IMatcher.RESULT.CANCEL) {
            throw new AsmException(AsmError.CANCELED);
        }
        if (result == IMatcher.RESULT.TOOMANYATTEMPTS) {
            throw new AsmException(AsmError.FAILURE).setDetails("{\"errorDetails\" : \"Too many failed attempts.\"}");
        }
        if (result == IMatcher.RESULT.CHANGE_AUTHENTICATOR) {
            throw new AsmException(AsmError.CHANGE_TOKEN).setDetails("{\"errorDetails\" : \"change authenticator.\"}");
        }
        if (result == IMatcher.RESULT.CHANGE_TRANSACTION) {
            throw new AsmException(AsmError.UPDATE).setDetails("{\"errorDetails\" : \"User is hanging trans during auth\"}");
        }
        if (result == IMatcher.RESULT.ERRORAUTH) {
            throw new AsmException(AsmError.FAILURE).setDetails("{\"errorDetails\" : \"unspecified failure.\"}");
        }
        if (result == IMatcher.RESULT.MISMATCH) {
            throw new AsmException(AsmError.NO_MATCH).setDetails("{\"errorDetails\" : \"Mismatch.\"}");
        }
        if (result == IMatcher.RESULT.TIMEOUT) {
            throw new AsmException(AsmError.CANCELED).setDetails("{\"errorDetails\" : \"Timeout.\"}");
        }
        if (result == IMatcher.RESULT.USER_LOCKOUT) {
            throw new AsmException(AsmError.USER_LOCKOUT).setDetails("{\"errorDetails\" : \"User Lockout due to too many failed attempts.\"}");
        }
        if (result == IMatcher.RESULT.FINGER_SET_CHANGE) {
            throw new AsmException(AsmError.KEY_DISAPPEARED_PERMANENTLY).setDetails("{\"errorDetails\" : \"User finger have change.\"}");
        }
    }

    private byte[] prepareTCToken(byte[] bArr, byte[] bArr2) throws AsmException {
        try {
            byte[] digest = bArr != null ? MessageDigest.getInstance(MessageDigestAlgorithms.SHA_256).digest(bArr) : new byte[0];
            ByteBuffer allocate = ByteBuffer.allocate((short) (digest.length + 9 + bArr2.length));
            allocate.order(ByteOrder.LITTLE_ENDIAN);
            allocate.putShort(TLVCommandEncoder.TAG_TC_TOKEN_TYPE);
            allocate.putShort((short) 1);
            allocate.put((byte) 0);
            allocate.putShort(TLVCommandEncoder.TAG_TC_TOKEN_CONTENT);
            allocate.putShort((short) (digest.length + bArr2.length));
            allocate.put(digest);
            allocate.put(bArr2);
            return allocate.array();
        } catch (Exception e) {
            Logger.e(TAG, "Error preparing transaction content", e);
            throw new AsmException(AsmError.FAILURE, "cannot hash transaction content.");
        }
    }

    private void validateResult(IMatcher.MatcherOutParams matcherOutParams) throws AsmException {
        getResult(matcherOutParams.getMatchResult());
    }

    void GetNamesToDisplay(List<Username> list, List<AuthenticatorDatabase.RegistrationRecord> list2, Map<String, Username> map) {
        ArrayList<AuthenticatorDatabase.RegistrationRecord> arrayList = new ArrayList();
        for (Username username : list) {
            Iterator<AuthenticatorDatabase.RegistrationRecord> it = list2.iterator();
            while (true) {
                if (it.hasNext()) {
                    AuthenticatorDatabase.RegistrationRecord next = it.next();
                    if (next.keyHandle.equals(username.keyHandle)) {
                        Username username2 = map.get(username.username);
                        if (username2 == null || next.timeStamp > username2.timeStamp) {
                            if (username2 != null) {
                                AuthenticatorDatabase.RegistrationRecord registrationRecord = new AuthenticatorDatabase.RegistrationRecord();
                                Iterator<AuthenticatorDatabase.RegistrationRecord> it2 = list2.iterator();
                                while (true) {
                                    if (!it2.hasNext()) {
                                        break;
                                    }
                                    AuthenticatorDatabase.RegistrationRecord next2 = it2.next();
                                    if (next2.keyHandle.equals(username2.keyHandle)) {
                                        registrationRecord.appID = next2.appID;
                                        registrationRecord.keyID = next2.keyID;
                                        break;
                                    }
                                }
                                arrayList.add(registrationRecord);
                            }
                            username.timeStamp = next.timeStamp;
                            map.put(username.username, username);
                        } else {
                            AuthenticatorDatabase.RegistrationRecord registrationRecord2 = new AuthenticatorDatabase.RegistrationRecord();
                            registrationRecord2.appID = next.appID;
                            registrationRecord2.keyID = next.keyID;
                            arrayList.add(registrationRecord2);
                        }
                    }
                }
            }
        }
        for (AuthenticatorDatabase.RegistrationRecord registrationRecord3 : arrayList) {
            if (deleteRegistration(registrationRecord3.appID, registrationRecord3.keyID).statusCode != 0) {
                Logger.e(TAG, "Database cleanup info: Can't delete old registration");
            }
        }
    }

    /* JADX WARN: Can't wrap try/catch for region: R(13:30|(3:253|254|(17:256|257|258|259|260|261|262|33|34|35|(3:194|195|(7:197|(4:200|(5:202|203|204|205|(2:207|(5:225|226|227|228|229)(6:209|210|(1:212)(1:222)|213|214|(3:219|220|221)(2:216|217)))(3:231|232|233))(2:238|239)|218|198)|240|241|40|41|(2:43|44)(16:45|(3:49|(2:52|50)|53)|(3:57|(2:60|58)|61)|62|63|(1:183)(1:67)|68|69|70|71|(3:73|(3:75|(2:78|76)|79)|80)(2:165|(2:167|168)(3:169|(2:172|170)|173))|81|83|84|85|(3:87|88|89)(8:90|(2:92|(3:94|95|96)(2:97|(3:99|100|101)(10:102|(3:104|(2:107|105)|108)(1:132)|109|(2:111|(3:113|114|115)(1:116))(2:130|131)|117|(1:119)(1:129)|120|(1:122)(1:128)|123|(3:125|126|127))))|133|134|(1:136)|137|138|139))))|37|38|39|40|41|(0)(0)))|32|33|34|35|(0)|37|38|39|40|41|(0)(0)) */
    /* JADX WARN: Code restructure failed: missing block: B:184:0x0260, code lost:
    
        r0 = e;
     */
    /* JADX WARN: Code restructure failed: missing block: B:185:0x05b2, code lost:
    
        r1 = r0;
        r15 = r15;
     */
    /* JADX WARN: Code restructure failed: missing block: B:187:0x025c, code lost:
    
        r0 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:188:0x025d, code lost:
    
        r1 = r0;
        r15 = r15;
     */
    /* JADX WARN: Code restructure failed: missing block: B:190:0x0589, code lost:
    
        r0 = e;
     */
    /* JADX WARN: Code restructure failed: missing block: B:192:0x0587, code lost:
    
        r0 = e;
     */
    /* JADX WARN: Code restructure failed: missing block: B:193:0x05bd, code lost:
    
        r16 = "Failed to authenticates the user with authenticator.";
     */
    /* JADX WARN: Code restructure failed: missing block: B:248:0x0592, code lost:
    
        r0 = e;
     */
    /* JADX WARN: Code restructure failed: missing block: B:249:0x0593, code lost:
    
        r15 = r20;
     */
    /* JADX WARN: Code restructure failed: missing block: B:251:0x058c, code lost:
    
        r0 = e;
     */
    /* JADX WARN: Code restructure failed: missing block: B:252:0x058d, code lost:
    
        r16 = "Failed to authenticates the user with authenticator.";
        r15 = r20;
     */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:144:0x05e6 A[Catch: all -> 0x061e, TryCatch #31 {all -> 0x061e, blocks: (B:142:0x05da, B:144:0x05e6, B:148:0x05f0, B:150:0x05fc, B:151:0x0606, B:155:0x05c2), top: B:21:0x0065 }] */
    /* JADX WARN: Removed duplicated region for block: B:146:0x060f  */
    /* JADX WARN: Removed duplicated region for block: B:148:0x05f0 A[Catch: all -> 0x061e, TryCatch #31 {all -> 0x061e, blocks: (B:142:0x05da, B:144:0x05e6, B:148:0x05f0, B:150:0x05fc, B:151:0x0606, B:155:0x05c2), top: B:21:0x0065 }] */
    /* JADX WARN: Removed duplicated region for block: B:157:0x05cb  */
    /* JADX WARN: Removed duplicated region for block: B:162:0x0622  */
    /* JADX WARN: Removed duplicated region for block: B:164:? A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:194:0x012f A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:43:0x024e A[Catch: all -> 0x0076, JSONException -> 0x025c, AsmException -> 0x0260, TRY_ENTER, TRY_LEAVE, TryCatch #13 {all -> 0x0076, blocks: (B:291:0x006b, B:262:0x00ce, B:195:0x012f, B:197:0x0137, B:198:0x0141, B:200:0x0147, B:202:0x0157, B:205:0x0176, B:207:0x017c, B:226:0x0180, B:228:0x018b, B:210:0x018f, B:212:0x019f, B:214:0x01b8, B:220:0x01bb, B:216:0x01c9, B:222:0x01a9, B:232:0x01da, B:233:0x01e6, B:43:0x024e, B:47:0x026c, B:49:0x0274, B:50:0x027a, B:52:0x0280, B:55:0x028f, B:57:0x0295, B:58:0x0299, B:60:0x029f, B:65:0x02d1, B:73:0x0346, B:75:0x034a, B:76:0x0350, B:78:0x0356, B:167:0x03a7, B:172:0x03bd, B:284:0x059c, B:285:0x05a5), top: B:24:0x0069 }] */
    /* JADX WARN: Removed duplicated region for block: B:45:0x0263 A[Catch: JSONException -> 0x0587, AsmException -> 0x0589, all -> 0x05b5, TRY_ENTER, TRY_LEAVE, TryCatch #11 {all -> 0x05b5, blocks: (B:23:0x0065, B:27:0x0089, B:30:0x0093, B:34:0x0129, B:40:0x024a, B:45:0x0263, B:63:0x02c5, B:68:0x02e5, B:71:0x02f1, B:81:0x03d1, B:165:0x036d, B:169:0x03b3, B:170:0x03b7, B:183:0x02dd, B:39:0x0243), top: B:22:0x0065 }] */
    /* JADX WARN: Type inference failed for: r15v0 */
    /* JADX WARN: Type inference failed for: r15v16 */
    /* JADX WARN: Type inference failed for: r15v17 */
    /* JADX WARN: Type inference failed for: r15v19 */
    /* JADX WARN: Type inference failed for: r15v20 */
    /* JADX WARN: Type inference failed for: r15v26 */
    /* JADX WARN: Type inference failed for: r15v27 */
    /* JADX WARN: Type inference failed for: r15v3 */
    /* JADX WARN: Type inference failed for: r15v30 */
    /* JADX WARN: Type inference failed for: r15v36 */
    /* JADX WARN: Type inference failed for: r15v37 */
    /* JADX WARN: Type inference failed for: r15v38, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r15v4 */
    /* JADX WARN: Type inference failed for: r15v41 */
    /* JADX WARN: Type inference failed for: r15v42 */
    /* JADX WARN: Type inference failed for: r15v43 */
    /* JADX WARN: Type inference failed for: r15v6 */
    /* JADX WARN: Type inference failed for: r15v7 */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.noknok.android.client.asm.core.uaf.AuthenticatorCore.Response authenticate(com.noknok.android.client.asm.api.uaf.json.AuthenticateIn r29, java.util.List<com.noknok.android.client.asm.api.uaf.json.Extension> r30) {
        /*
            Method dump skipped, instructions count: 1589
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.noknok.android.client.asm.core.uaf.AuthenticatorCore.authenticate(com.noknok.android.client.asm.api.uaf.json.AuthenticateIn, java.util.List):com.noknok.android.client.asm.core.uaf.AuthenticatorCore$Response");
    }

    public Response deregister(DeregisterIn deregisterIn, List<Extension> list) throws AsmException {
        String str = TAG;
        Logger.startTimer(str, "deregister");
        Response response = new Response();
        if (deregisterIn.appID == null || deregisterIn.appID.equals("") || deregisterIn.keyID == null) {
            Logger.e(str, "Invalid DeregisterIn.");
        } else if (deregisterIn.keyID.equals("")) {
            response.statusCode = 0;
            Iterator<GetRegistrationsOut.AppRegistration> it = this.mAuthenticatorDb.getAppRegistrations(Base64.encodeToString(this.mCallerID, 11)).appRegs.iterator();
            while (it.hasNext()) {
                Iterator<String> it2 = it.next().keyIDs.iterator();
                while (it2.hasNext()) {
                    Response deleteRegistration = deleteRegistration(deregisterIn.appID, it2.next());
                    if (deleteRegistration.statusCode != 0) {
                        response.statusCode = deleteRegistration.statusCode;
                    }
                }
            }
        } else {
            response = deleteRegistration(deregisterIn.appID, deregisterIn.keyID);
        }
        Logger.endTimer(TAG, "deregister");
        return response;
    }

    public Username displayUsernamePicker(List<Username> list) {
        ArrayList<String> arrayList = new ArrayList<>();
        Iterator<Username> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().username);
        }
        Intent intent = new Intent(this.mContext, (Class<?>) SelectFromDialogActivity.class);
        intent.addFlags(268435456);
        intent.putStringArrayListExtra("DIALOGLIST", arrayList);
        intent.putExtra("DIALOGTITLEID", "Select user");
        String str = (String) ActivityStarter.startActivityForResult(this.mContext, intent, null, 0);
        if (str != null) {
            for (Username username : list) {
                if (username.username.equals(str)) {
                    return username;
                }
            }
        }
        return null;
    }

    public UserVerifyResponse enrollUser(byte[] bArr, IMatcher.MatcherUI matcherUI) throws AsmException {
        Logger.d(TAG, "enrollUser");
        UserVerifyResponse userVerifyResponse = new UserVerifyResponse();
        userVerifyResponse.statusCode = (short) 2;
        GetInfoParams getInfoParams = (matcherUI == null || TextUtils.isEmpty(matcherUI.getGestureUVT())) ? new GetInfoParams() : new GetInfoParams(matcherUI.toJson());
        MatcherParamsHelper.AuthenticatorMatcherType matcherType = MatcherParamsHelper.getMatcherType(this.mAuthDx, this.mAuthMatcher);
        IMatcher.MatcherInParams createMatcherInParams = MatcherParamsHelper.createMatcherInParams(MatcherParamsHelper.MatcherOpEnum.OP_ID_ENROLL, matcherType, getInfoParams, bArr, this.mAuthMatcher, matcherUI, this.mAntihammering);
        userVerifyResponse.matcherInParams = createMatcherInParams;
        userVerifyResponse.matcherType = matcherType;
        if (matcherType == MatcherParamsHelper.AuthenticatorMatcherType.MATCHER_TYPE_AKMANAGED || this.mUafAuthDx.isRoamingAuthenticator()) {
            userVerifyResponse.statusCode = (short) 0;
            userVerifyResponse.userVerifyToken = createFakeUVT(this.mInfo.generalInfo.aaid, bArr, "12345678123456781234567812345678".getBytes());
        } else {
            IMatcher.MatcherOutParams register = this.mAuthMatcher.register(createMatcherInParams);
            validateResult(register);
            userVerifyResponse.statusCode = (short) 0;
            userVerifyResponse.additionalAKArgument = null;
            userVerifyResponse.extensions = register.getExtensions();
            if (register.getUserID() != null) {
                userVerifyResponse.userID = Base64.encodeToString(register.getUserID(), 0);
            }
            if (matcherType == MatcherParamsHelper.AuthenticatorMatcherType.MATCHER_TYPE_UVT) {
                userVerifyResponse.userVerifyToken = createFakeUVT(this.mInfo.generalInfo.aaid, bArr, ((UVTMatcherOutParams) register).getUVT());
            }
        }
        return userVerifyResponse;
    }

    protected byte[] getAuthenticatorConfig() throws AsmException {
        String aKConfig = this.mAuthenticatorDb.getAKConfig();
        return aKConfig != null ? Base64.decode(aKConfig, 11) : new byte[0];
    }

    public byte[] getCallerID(Context context, String str) {
        try {
            Signature[] signatureArr = context.getPackageManager().getPackageInfo(str, 64).signatures;
            if (signatureArr == null || signatureArr.length == 0) {
                return null;
            }
            MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
            messageDigest.update(signatureArr[0].toByteArray());
            return messageDigest.digest();
        } catch (Exception e) {
            Logger.e(TAG, "Failed to get callerId.", e);
            return null;
        }
    }

    public AuthenticatorInfo getInfo() {
        Logger.d(TAG, "GetInfo AttestationType" + this.mInfo.generalInfo.attestationTypes.get(0).toString());
        return this.mInfo.generalInfo;
    }

    public long getReferenceID() {
        return this.mInfo.generalInfo.authenticatorIndex;
    }

    public Response getRegistrations() throws AsmException {
        Response response = new Response();
        response.data = this.mAuthenticatorDb.getAppRegistrations(Base64.encodeToString(this.mCallerID, 11));
        response.statusCode = 0;
        return response;
    }

    public IMatcher.MatcherUI getTitleAndMaxMiss(List<Extension> list) {
        if (list == null) {
            return null;
        }
        for (Extension extension : list) {
            if (extension != null && extension.id != null && (Extension.EXTENSION_ID_UI.equals(extension.id) || Extension.EXTENSION_ID_GESTURE.equals(extension.id))) {
                return new IMatcher.MatcherUI().fromJson(extension.data);
            }
        }
        return null;
    }

    public void initialize(Context context, String str) throws AsmException {
        String str2 = TAG;
        Logger.i(str2, "initialize");
        assertNotAnActivityContext(context);
        this.mContext = context;
        if (this.mAuthDx.isAKManagedMatcher() || this.mUafAuthDx.isRoamingAuthenticator()) {
            Logger.d(str2, "Is AK Managed Matcher.");
            this.mAuthMatcher = DescriptorLoader.loadAuthenticatorUIFromClassName(this.mAuthDx.getMatcherClass(), context, ProtocolType.UAF);
        } else {
            IMatcher loadAuthenticatorUIFromClassName = DescriptorLoader.loadAuthenticatorUIFromClassName(this.mAuthDx.getMatcherClass(), context, ProtocolType.UAF);
            this.mAuthMatcher = loadAuthenticatorUIFromClassName;
            MatcherParamsHelper.AuthenticatorMatcherType matcherType = MatcherParamsHelper.getMatcherType(this.mAuthDx, loadAuthenticatorUIFromClassName);
            if (matcherType != MatcherParamsHelper.AuthenticatorMatcherType.MATCHER_TYPE_UVT) {
                throw new AsmException(AsmError.FAILURE, "Unsupported MatcherType. matcherType = " + matcherType.toString());
            }
        }
        IAKSelector loadAKSelectorFromClassName = DescriptorLoader.loadAKSelectorFromClassName(this.mAuthMatcher, this.mAuthDx, context, ProtocolType.UAF);
        if (loadAKSelectorFromClassName == null || loadAKSelectorFromClassName.getAAIDInfo() == null) {
            throw new AsmException(AsmError.FAILURE, "LoadAKSelector failed. No AAID Selected");
        }
        String str3 = loadAKSelectorFromClassName.getAAIDInfo().aaid;
        Logger.i(str2, "initialize( filePath = " + str3 + " )");
        this.mCryptoModule = new CryptoModule(str3, context);
        this.mCallerID = getCallerID(context, str);
        this.mContext = context;
        this.mDigestMethod = loadAKSelectorFromClassName.getAuthenticatorKernel().getDigestMethod();
        IAuthenticatorDescriptor.AAIDInfo aAIDInfo = loadAKSelectorFromClassName.getAAIDInfo();
        AKProcessor aKProcessor = new AKProcessor(loadAKSelectorFromClassName.getAuthenticatorKernel());
        this.mAkProcessor = aKProcessor;
        try {
            this.mInfo = aKProcessor.getAKInfo(loadAKSelectorFromClassName.getAAIDInfo().aaid);
        } catch (AsmException e) {
            Logger.e(TAG, "Failed to Query the AK and get AK information.", e);
        }
        this.mAuthenticatorDb = AuthenticatorDatabaseFactory.createAuthenticatorStore(this.mUafAuthDx.isRoamingAuthenticator(), str3, this.mCryptoModule, context, loadAKSelectorFromClassName.getAuthenticatorKernel(), this.mInfo.generalInfo.authenticatorIndex);
        getPersonaID();
        getASMToken();
        if (!this.mUafAuthDx.isRoamingAuthenticator()) {
            this.mAntihammering = new AntiHammering(this.mAuthenticatorDb, null, true);
        }
        this.mInfo.generalInfo.userVerification = this.mUafAuthDx.getUserVerification();
        this.mInfo.generalInfo.isSecondFactorOnly = this.mUafAuthDx.isSecondFactorOnly();
        this.mInfo.generalInfo.isRoamingAuthenticator = this.mUafAuthDx.isRoamingAuthenticator();
        this.mInfo.generalInfo.aaid = aAIDInfo.aaid;
        this.mInfo.generalInfo.tcDisplay = this.mUafAuthDx.getTcDisplay();
        this.mInfo.generalInfo.tcDisplayContentType = this.mUafAuthDx.getTcDisplayContentType();
        this.mInfo.generalInfo.tcDisplayPNGCharacteristics = new ArrayList();
        this.mInfo.generalInfo.tcDisplayPNGCharacteristics.add(DisplayPNGCharacteristicsDescriptor.getDefaultPNGDescriptor());
        this.mInfo.generalInfo.attachmentHint = this.mUafAuthDx.getAttachmentHint();
        this.mInfo.generalInfo.hasSettings = this.mAuthDx.hasSettings();
        this.mInfo.generalInfo.isUserEnrolled = isUserEnrolled();
        Bitmap decodeResource = BitmapFactory.decodeResource(this.mContext.getResources(), this.mAuthDx.getIcon());
        if (decodeResource != null) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            decodeResource.compress(Bitmap.CompressFormat.PNG, 100, byteArrayOutputStream);
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            this.mInfo.generalInfo.icon = "data:image/png;base64," + Base64.encodeToString(byteArray, 2);
        } else {
            Logger.e(TAG, "Failed to find authenticator icon resource");
        }
        this.mInfo.generalInfo.description = this.mContext.getString(this.mAuthDx.getDescription());
        this.mInfo.generalInfo.title = "UAF " + this.mContext.getString(this.mAuthDx.getTitle());
        Logger.d(TAG, "ASM info:\n" + this.mInfo.generalInfo);
        if (this.mUafAuthDx.isRoamingAuthenticator()) {
            return;
        }
        this.mAuthenticatorDb.validateUserRegistrations(this.mAuthMatcher);
    }

    public boolean isUserEnrolled() {
        if (this.mUafAuthDx.isRoamingAuthenticator()) {
            return true;
        }
        return this.mAuthenticatorDb.hasRegistrations();
    }

    public Response openSettings() {
        Response response = new Response();
        if (!this.mUafAuthDx.isRoamingAuthenticator() && MatcherParamsHelper.getMatcherType(this.mAuthDx, this.mAuthMatcher) != MatcherParamsHelper.AuthenticatorMatcherType.MATCHER_TYPE_AKMANAGED) {
            IMatcher.MatcherSettingsOutParams matcherSettingsOutParams = this.mAuthMatcher.settings(MatcherParamsHelper.createMatcherManageInParams(this.mAuthMatcher, this.mAntihammering));
            if (matcherSettingsOutParams == null || matcherSettingsOutParams.getResult() != IMatcher.RESULT.SUCCESS) {
                response.statusCode = 0;
                return response;
            }
        }
        response.statusCode = 0;
        return response;
    }

    /* JADX WARN: Not initialized variable reg: 20, insn: 0x0328: MOVE (r3 I:??[OBJECT, ARRAY]) = (r20 I:??[OBJECT, ARRAY]), block:B:94:0x0327 */
    public Response register(RegisterIn registerIn, List<Extension> list) {
        String str;
        AsmException asmException;
        int i;
        byte[] prepareFinalChallenge;
        String str2;
        String str3;
        String str4;
        byte[] bArr;
        RegisterOut registerOut;
        int i2;
        UserVerifyResponse verifyUser;
        String str5 = TAG;
        Logger.startTimer(str5, c.JSON_CMD_REGISTER);
        Response response = new Response();
        RegisterOut registerOut2 = new RegisterOut();
        if (registerIn.appID == null || registerIn.appID.equals("") || registerIn.username == null || registerIn.username.equals("") || registerIn.finalChallenge == null || registerIn.finalChallenge.equals("")) {
            Logger.e(str5, "Invalid RegisterIn.");
            response.statusCode = 2;
            Logger.endTimer(str5, c.JSON_CMD_REGISTER);
            return response;
        }
        Logger.d(str5, "AppID for Register: " + registerIn.appID);
        Logger.d(str5, "AppID for Register in bytes: " + TLVCommandEncoder.getHex(registerIn.appID.getBytes(Charsets.utf8Charset)));
        int i3 = 1;
        try {
            try {
                try {
                    try {
                        prepareFinalChallenge = this.mAkProcessor.prepareFinalChallenge(registerIn.finalChallenge);
                    } catch (AsmException e) {
                        asmException = e;
                        str = "Failed to registers UAF credentials.";
                    }
                } catch (JSONException e2) {
                    e = e2;
                }
            } catch (AsmException e3) {
                str = "Failed to registers UAF credentials.";
                asmException = e3;
            }
            try {
            } catch (AsmException e4) {
                asmException = e4;
                str = str2;
                if (asmException.error().equals(AsmError.CANCELED)) {
                    Logger.w(TAG, "User cancelled to register UAF");
                    i3 = 3;
                } else {
                    Logger.e(TAG, str, asmException);
                }
                this.mAkProcessor.postProcessAK();
                i = i3;
                response.statusCode = i;
                Logger.endTimer(TAG, c.JSON_CMD_REGISTER);
                return response;
            } catch (JSONException e5) {
                e = e5;
                Logger.e(TAG, "Failed to registers UAF credentials.", e);
                this.mAkProcessor.postProcessAK();
                i = 1;
                response.statusCode = i;
                Logger.endTimer(TAG, c.JSON_CMD_REGISTER);
                return response;
            }
            if (prepareFinalChallenge == null) {
                throw new AsmException(AsmError.FAILURE, "Value \"finalChallenge\" is null");
            }
            IMatcher.MatcherUI titleAndMaxMiss = getTitleAndMaxMiss(list);
            if (titleAndMaxMiss == null || TextUtils.isEmpty(titleAndMaxMiss.getGestureUVT())) {
                str3 = "";
            } else {
                byte[] bArr2 = new byte[16];
                byte[] bArr3 = new byte[16];
                str3 = "";
                System.arraycopy(EncodeUtil.getSHA256(new JSONObject(new String(Base64.decode(registerIn.finalChallenge, 10))).getString("challenge").getBytes()), 0, bArr2, 0, 16);
                System.arraycopy(EncodeUtil.getSHA256(titleAndMaxMiss.getGestureUVT().getBytes()), 0, bArr3, 0, 16);
                String encodeToString = Base64.encodeToString(EncodeUtil.aesEncrypt(bArr2, bArr3), 10);
                titleAndMaxMiss.setGestureUVT(encodeToString);
                Logger.w(str5, "reg encode data:" + getHex(Base64.decode(encodeToString, 10)));
            }
            if (isUserEnrolled()) {
                str4 = str3;
                bArr = prepareFinalChallenge;
                registerOut = registerOut2;
                i2 = 2;
                verifyUser = verifyUser(null, null, null, titleAndMaxMiss, prepareFinalChallenge, true);
            } else {
                verifyUser = enrollUser(prepareFinalChallenge, titleAndMaxMiss);
                bArr = prepareFinalChallenge;
                registerOut = registerOut2;
                str4 = str3;
                i2 = 2;
            }
            if (verifyUser.statusCode != 0) {
                Logger.e(str5, "failed to enroll user");
                response.statusCode = i2;
                Logger.endTimer(str5, c.JSON_CMD_REGISTER);
                this.mAkProcessor.postProcessAK();
                return response;
            }
            Logger.w(str5, "APPID is expected:" + this.mInfo.additionalInfo.expectAPPID + "  is RoamingAuthenticator: " + this.mInfo.generalInfo.isRoamingAuthenticator);
            ArrayList arrayList = new ArrayList();
            if (verifyUser.extensions != null && verifyUser.extensions.size() > 0) {
                Iterator<IMatcher.Extension> it = verifyUser.extensions.iterator();
                while (it.hasNext()) {
                    arrayList.add(it.next());
                }
            }
            if (list != null && list.size() > 0) {
                for (Extension extension : list) {
                    IMatcher.Extension extension2 = new IMatcher.Extension();
                    extension2.fail_if_unknown = extension.fail_if_unknown;
                    extension2.id = extension.id;
                    extension2.data = extension.data.getBytes(Charsets.utf8Charset);
                    arrayList.add(extension2);
                }
            }
            AKProcessor.AKRequestParams cmd = new AKProcessor.AKRequestParams().setAuthenticatorIndex((byte) this.mInfo.generalInfo.authenticatorIndex).setAppID(this.mInfo.additionalInfo.expectAPPID | this.mInfo.generalInfo.isRoamingAuthenticator ? registerIn.appID.getBytes(Charsets.utf8Charset) : null).setFinalChallenge(bArr).setUserName(registerIn.username.getBytes(Charsets.utf8Charset)).setAttestationType(registerIn.attestationType).setKHAccessToken(getKHAccessToken(registerIn.appID, this.mCallerID, this.mASMToken, this.mPersonaID)).setUserVerifyToken(verifyUser.userVerifyToken).setAdditionalAKArgument(getAuthenticatorConfig()).setMatcherInParams(verifyUser.matcherInParams).setAuthenticatorDescriptor(this.mAuthDx).setMatcherType(verifyUser.matcherType).setExtensions(arrayList).setCmd((short) 13314);
            extInit(cmd);
            String str6 = TAG;
            Logger.d(str6, "mAkProcessor prepare");
            AKProcessor.AKResponseParams processAK = this.mAkProcessor.processAK(cmd);
            cmd.setAdditionalAKArgument(processAK.additionalAKInfoToBeStored);
            Logger.d(str6, "mAkProcessor finish");
            saveAuthenticatorConfig(processAK.additionalAKInfoToBeStored);
            if (processAK.statusCode != 0) {
                Logger.e(str6, "AK failed to register");
                response.statusCode = processAK.statusCode;
                Logger.endTimer(str6, c.JSON_CMD_REGISTER);
                if (!this.mAuthenticatorDb.hasRegistrations() && !this.mInfo.generalInfo.isRoamingAuthenticator) {
                    this.mAuthenticatorDb.storeAKConfig(str4);
                }
                this.mAkProcessor.postProcessAK();
                return response;
            }
            String str7 = str4;
            processAK.regToBeStored.callerID = Base64.encodeToString(this.mCallerID, 11);
            processAK.regToBeStored.appID = registerIn.appID;
            processAK.regToBeStored.timeStamp = System.currentTimeMillis();
            if (verifyUser.userID == null || verifyUser.userID.equals(str7)) {
                i = 0;
            } else {
                Logger.d(str6, "UserID is not null");
                try {
                    i = 0;
                    Base64.decode(verifyUser.userID, 0);
                    processAK.regToBeStored.userID = verifyUser.userID;
                } catch (IllegalArgumentException unused) {
                    Logger.endTimer(TAG, c.JSON_CMD_REGISTER);
                    throw new AsmException(AsmError.INVALID_MESSAGE);
                }
            }
            if (!this.mInfo.generalInfo.isRoamingAuthenticator) {
                this.mAuthenticatorDb.addRegistration(processAK.regToBeStored);
            }
            RegisterOut registerOut3 = registerOut;
            registerOut3.assertion = processAK.assertion;
            registerOut3.assertionScheme = this.mInfo.generalInfo.assertionScheme;
            response.data = registerOut3;
            if (extExtract(processAK) != null) {
                response.exts = new ArrayList();
                response.exts.addAll(extExtract(processAK));
            }
            this.mAkProcessor.postProcessAK();
            response.statusCode = i;
            Logger.endTimer(TAG, c.JSON_CMD_REGISTER);
            return response;
        } catch (Throwable th) {
            this.mAkProcessor.postProcessAK();
            throw th;
        }
    }

    protected void saveAuthenticatorConfig(byte[] bArr) throws AsmException {
        if (bArr == null || this.mUafAuthDx.isRoamingAuthenticator()) {
            return;
        }
        this.mAuthenticatorDb.storeAKConfig(Base64.encodeToString(bArr, 11));
    }

    public UserVerifyResponse verifyUser(String str, String str2, String str3, IMatcher.MatcherUI matcherUI, byte[] bArr, boolean z) throws AsmException {
        String str4 = TAG;
        Logger.d(str4, "verifyUser");
        UserVerifyResponse userVerifyResponse = new UserVerifyResponse();
        userVerifyResponse.statusCode = (short) 2;
        if (str2 != null) {
            TCDisplayResponse tCDisplayResponse = new TCDisplayResponse();
            this.tTCDisplayResponse = tCDisplayResponse;
            tCDisplayResponse.statusCode = 0;
            byte[] decode = Base64.decode(str2, 11);
            if (decode.length == 0) {
                Logger.e(str4, "Nothing to display");
                this.tTCDisplayResponse.statusCode = 1;
                return userVerifyResponse;
            }
            this.tTCDisplayResponse.tcToken = prepareTCToken(decode, bArr);
        }
        this.mFinalChallenge = bArr;
        GetInfoParams getInfoParams = (matcherUI == null || TextUtils.isEmpty(matcherUI.getGestureUVT())) ? new GetInfoParams(str2, null, null) : new GetInfoParams(str2, null, matcherUI.toJson());
        MatcherParamsHelper.AuthenticatorMatcherType matcherType = MatcherParamsHelper.getMatcherType(this.mAuthDx, this.mAuthMatcher);
        IMatcher.MatcherInParams createMatcherInParams = MatcherParamsHelper.createMatcherInParams(MatcherParamsHelper.MatcherOpEnum.OP_ID_AUTHENTICATE, matcherType, getInfoParams, bArr, this.mAuthMatcher, matcherUI, this.mAntihammering);
        userVerifyResponse.matcherInParams = createMatcherInParams;
        userVerifyResponse.matcherType = matcherType;
        if (matcherType == MatcherParamsHelper.AuthenticatorMatcherType.MATCHER_TYPE_AKMANAGED || this.mUafAuthDx.isRoamingAuthenticator()) {
            userVerifyResponse.statusCode = (short) 0;
            userVerifyResponse.userVerifyToken = createFakeUVT(this.mInfo.generalInfo.aaid, bArr, "12345678123456781234567812345678".getBytes());
        } else {
            IMatcher.MatcherOutParams register = z ? this.mAuthMatcher.register(createMatcherInParams) : this.mAuthMatcher.authenticate(createMatcherInParams);
            if (register == null) {
                userVerifyResponse.statusCode = (short) 1;
                return userVerifyResponse;
            }
            userVerifyResponse.statusCode = (short) 0;
            userVerifyResponse.additionalAKArgument = null;
            userVerifyResponse.extensions = register.getExtensions();
            if (register.getUserID() != null) {
                userVerifyResponse.userID = Base64.encodeToString(register.getUserID(), 0);
            }
            if (matcherType == MatcherParamsHelper.AuthenticatorMatcherType.MATCHER_TYPE_UVT) {
                userVerifyResponse.userVerifyToken = createFakeUVT(this.mInfo.generalInfo.aaid, bArr, ((UVTMatcherOutParams) register).getUVT());
            }
            validateResult(register);
        }
        return userVerifyResponse;
    }
}
