package defpackage;

import android.security.keystore.KeyProperties;
import android.util.Pair;
import com.google.android.gms.chimera.modules.fido.AppContextProvider;
import com.google.android.gms.common.api.Status;
import com.google.android.gms.fido.fido2.api.common.AttestationConveyancePreference;
import com.google.android.gms.fido.fido2.api.common.AuthenticatorAttestationResponse;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredential;
import java.io.IOException;
import java.net.URI;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.InvalidAlgorithmParameterException;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import javax.crypto.spec.SecretKeySpec;

/* compiled from: :com.google.android.gms@243234038@24.32.34 (190400-665920202) */
/* loaded from: classes8.dex */
public final class avxz implements awvt {
    public final awop c;
    public final awot d = new awor(AppContextProvider.a());
    public final ECPublicKey e;
    public final byte[] f;
    public awvs g;
    public avnf h;
    public volatile avxy i;
    public volatile awpc j;
    private final URI l;

    /* renamed from: m, reason: collision with root package name */
    private final String f942m;
    private final Pair n;
    private final ergd o;
    private final byte[] p;
    private final avxs q;
    private byte[] r;
    private byte[] s;
    private byte[] t;
    private avmk u;
    private volatile awoz v;
    public static final amuu a = awom.c("ClientTunnelTransport");
    private static final fora k = new fora(1);
    public static final esfg b = esfg.f;

    public avxz(avxs avxsVar, URI uri, awop awopVar, Pair pair, awpc awpcVar, String str, byte[] bArr, ECPublicKey eCPublicKey, ergd ergdVar, byte[] bArr2) {
        this.i = avxy.NONE;
        this.p = bArr2;
        this.q = avxsVar;
        this.n = pair;
        this.j = awpcVar;
        this.f942m = str;
        this.f = bArr;
        this.e = eCPublicKey;
        this.l = uri;
        this.o = ergdVar;
        this.c = awopVar;
        this.i = avxy.CONNECTING;
    }

    public static byte[] i(byte[] bArr, byte[] bArr2, avxt avxtVar, int i) {
        try {
            return fotz.l(new SecretKeySpec(bArr, KeyProperties.KEY_ALGORITHM_HMAC_SHA256), bArr2, new byte[]{avxtVar.g, 0, 0, 0}, i);
        } catch (Exception e) {
            throw new avyj("Unable to derive key", e);
        }
    }

    private final void j(byte[] bArr) {
        awpc awpcVar;
        int length;
        ((ertf) a.h()).x("handshake response received");
        this.d.y(this.c, autu.TYPE_HYBRID_HANDSHAKE_RESPONSE_RECEIVED);
        try {
            awpcVar = this.j;
            eqwn.a(awpcVar.e != null);
            length = bArr.length;
        } catch (InvalidAlgorithmParameterException unused) {
            ((ertf) a.i()).x("Handshake failed.");
            this.q.c(avxv.HANDSHAKE_FAILED);
        }
        if (length <= 65) {
            throw new InvalidAlgorithmParameterException("handshake response too short");
        }
        byte[] copyOf = Arrays.copyOf(bArr, 65);
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 65, length);
        awpcVar.d.c(copyOf);
        awpcVar.d.e(copyOf);
        ECPublicKey b2 = awpc.b(copyOf);
        awpcVar.d.e(awpc.c((ECPrivateKey) awpcVar.e.second, b2));
        equn equnVar = awpcVar.b;
        if (equnVar.h()) {
            awpcVar.d.e(awpc.c((ECPrivateKey) ((Pair) equnVar.c()).second, b2));
        }
        equn b3 = awpcVar.d.b(copyOfRange);
        if (!b3.h() || ((byte[]) b3.c()).length != 0) {
            throw new InvalidAlgorithmParameterException("bad ciphertext");
        }
        Pair a2 = awpcVar.d.a();
        awpa awpaVar = new awpa((byte[]) a2.first, (byte[]) a2.second, awpcVar.d.a);
        this.t = awpaVar.c;
        this.r = awpaVar.a;
        this.s = awpaVar.b;
        this.v = new awoz(this.r, this.s);
        this.i = avxy.HANDSHAKE_COMPLETE;
    }

    public final void a() {
        ((ertf) a.h()).x("Shutting down websocket");
        this.d.y(this.c, autu.TYPE_HYBRID_SENDING_SHUTDOWN_MESSAGE);
        if (this.i == avxy.READY) {
            h(avxr.SHUTDOWN, null);
            this.g.b();
        }
        this.i = avxy.CLOSE;
    }

    @Override // defpackage.awvt
    public final void b() {
        amuu amuuVar = a;
        ((ertf) amuuVar.h()).x("websocket connected");
        this.i = avxy.CONNECTED;
        if (this.j != null) {
            ((ertf) amuuVar.h()).x("Handshake message sent after websocket is connected.");
            this.d.y(this.c, autu.TYPE_HYBRID_SENDING_HANDSHAKE);
            this.g.e(this.j.d());
        }
    }

    @Override // defpackage.awvt
    public final void c() {
        ((ertf) a.h()).x("tunnel disconnected");
        ((ertf) avxb.b.h()).x("Disconnected from Tunnel Server.");
        avxb avxbVar = (avxb) this.q;
        if (avxbVar.l) {
            return;
        }
        avxbVar.d.n(new awld(Status.f, eqsl.a));
    }

    @Override // defpackage.awvt
    public final void d(awvu awvuVar) {
        byte[] bArr;
        amdo.j();
        if (awvuVar.a == 410 && (bArr = this.p) != null && !avyi.f(bArr)) {
            ((ertf) a.j()).x("Failed to remove link data from HybridDataStore.");
        }
        C3222a.ae(a.i(), "errors from websocket", awvuVar);
        this.q.c(avxv.TUNNEL_SERVER_CONNECT_FAILED);
    }

    @Override // defpackage.awvt
    public final void e(Map map) {
        amuu amuuVar = a;
        ((ertf) amuuVar.h()).x("handshake headers are retrieved");
        if (map.containsKey("sec-websocket-protocol") && ((String) map.get("sec-websocket-protocol")).equals("fido.cable")) {
            return;
        }
        ((ertf) amuuVar.i()).x("Tunnel server didn't select cable protocol");
        this.q.c(avxv.HANDSHAKE_FAILED);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // defpackage.awvt
    public final void f(byte[] bArr) {
        avnf avnfVar;
        Pair pair;
        int ordinal = this.i.ordinal();
        if (ordinal == 2) {
            j(bArr);
            return;
        }
        eqts eqtsVar = null;
        r5 = null;
        List list = null;
        if (ordinal == 3) {
            amuu amuuVar = a;
            ((ertf) amuuVar.h()).x("post handshake message received");
            this.d.y(this.c, autu.TYPE_HYBRID_POST_HANDSHAKE_RESPONSE_RECEIVED);
            if (this.v == null) {
                ((ertf) amuuVar.i()).x("crypter is null");
                this.q.c(avxv.DECRYPT_FAILURE);
                return;
            }
            equn a2 = this.v.a(bArr);
            if (!a2.h()) {
                ((ertf) amuuVar.i()).x("failed to decrypt hybrid message");
                this.q.c(avxv.DECRYPT_FAILURE);
                return;
            }
            Object c = a2.c();
            if (((byte[]) c).length == 0) {
                ((ertf) amuuVar.i()).x("invalid empty message");
                this.q.c(avxv.DECRYPT_FAILURE);
                return;
            }
            try {
                forf forfVar = (forf) forc.q((byte[]) c).m().a.get(new fora(1L));
                if (forfVar == null) {
                    ((ertf) amuuVar.i()).x("Post handshake missing getInfoResponse.");
                    this.q.c(avxv.INVALID_CBOR);
                    return;
                }
                if (fyho.i()) {
                    this.h = avnf.b(forc.q(forfVar.j().d()).m());
                } else {
                    this.h = null;
                    forfVar.j();
                }
                this.i = avxy.READY;
                ((ertf) amuuVar.h()).x("CTAP message sent");
                this.d.y(this.c, autu.TYPE_HYBRID_SENDING_CTAP_MESSAGE);
                h(avxr.CTAP, this.u.e());
                return;
            } catch (foqz e) {
                C3222a.ae(a.i(), "Invalid Ctap2 command.", e);
                this.q.c(avxv.INVALID_CTAP);
                return;
            } catch (foqy | fore | avmp e2) {
                C3222a.ae(a.i(), "Invalid post handshake method.", e2);
                this.q.c(avxv.INVALID_CBOR);
                return;
            }
        }
        if (ordinal != 4) {
            this.q.c(avxv.INTERNAL_ERROR);
            ((ertf) a.i()).B("Invalid state: %s to handle tunnel data.", this.i);
            return;
        }
        amuu amuuVar2 = a;
        ((ertf) amuuVar2.h()).x("CTAP messages received");
        this.d.y(this.c, autu.TYPE_HYBRID_CTAP_MESSAGE_RECEIVED);
        equn a3 = this.v.a(bArr);
        if (!a3.h()) {
            ((ertf) amuuVar2.i()).x("failed to decrypt hybrid message");
            this.q.c(avxv.DECRYPT_FAILURE);
            return;
        }
        Object c2 = a3.c();
        byte[] bArr2 = (byte[]) c2;
        int length = bArr2.length;
        if (length == 0) {
            ((ertf) amuuVar2.i()).x("invalid empty message");
            this.q.c(avxv.DECRYPT_FAILURE);
            return;
        }
        try {
            avxr a4 = avxr.a(((byte[]) c2)[0]);
            ((ertf) amuuVar2.h()).B("Message received with type: %s", a4);
            byte[] copyOfRange = Arrays.copyOfRange(bArr2, 1, length);
            int ordinal2 = a4.ordinal();
            if (ordinal2 == 1) {
                avxs avxsVar = this.q;
                ((ertf) avxb.b.h()).x("Parsing CTAP2 message.");
                avxb avxbVar = (avxb) avxsVar;
                avxbVar.l = true;
                try {
                    avml a5 = avni.a(copyOfRange, ((avxb) avxsVar).e);
                    ((ertf) avxb.b.h()).B("Parsed ctap2Response: %s", a5);
                    avmk avmkVar = ((avxb) avxsVar).e;
                    if (avmkVar instanceof avmv) {
                        eqtsVar = new avji(((avxb) avxsVar).f, null);
                    } else if (avmkVar instanceof avmy) {
                        if (fyho.i() && (avnfVar = ((avxb) avxsVar).k.h) != null) {
                            list = avnfVar.C;
                        }
                        eqtsVar = new avjg(AttestationConveyancePreference.DIRECT, ((avxb) avxsVar).f, true, list, null);
                    }
                    if (eqtsVar == null) {
                        ((ertf) avxb.b.i()).x("Unrecognized CTAP2 command.");
                        ((avxb) avxsVar).d.f(autu.TYPE_HYBRID_GENERATE_CTAP_RESPONSE_ERROR);
                        ((avxb) avxsVar).d.n(new awld(Status.f, eqsl.a));
                        ((avxb) avxsVar).k.a();
                        return;
                    }
                    ((avxb) avxsVar).d.f(autu.TYPE_HYBRID_RECEIVED_SUCCESS_CTAP_RESPONSE);
                    PublicKeyCredential publicKeyCredential = (PublicKeyCredential) eqtsVar.jJ(a5);
                    AuthenticatorAttestationResponse authenticatorAttestationResponse = publicKeyCredential.e;
                    if (authenticatorAttestationResponse != null) {
                        avua avuaVar = new avua();
                        avuaVar.d(authenticatorAttestationResponse.d());
                        avuaVar.c(authenticatorAttestationResponse.c());
                        avuaVar.b(authenticatorAttestationResponse.b());
                        avuaVar.e(avxb.a);
                        avvf avvfVar = new avvf();
                        avvfVar.c = avuaVar.a();
                        avvfVar.b(publicKeyCredential.f());
                        avvfVar.a = publicKeyCredential.b;
                        avvfVar.d = publicKeyCredential.h;
                        publicKeyCredential = avvfVar.a();
                    }
                    ((ertf) avxb.b.h()).B("Received success CTAP2 response: %s", publicKeyCredential);
                    ((avxb) avxsVar).d.n(new awld(Status.b, equn.j(publicKeyCredential)));
                    ((avxb) avxsVar).k.a();
                    return;
                } catch (IOException | IllegalArgumentException e3) {
                    C3222a.ae(avxb.b.i(), "Error parsing CTAP2 message.", e3);
                    avxbVar.d.f(autu.TYPE_HYBRID_GENERATE_CTAP_RESPONSE_ERROR);
                    avxbVar.d.n(new awld(Status.f, eqsl.a));
                    avxbVar.k.a();
                    return;
                }
            }
            if (ordinal2 != 2) {
                return;
            }
            try {
                forf q = forf.q(copyOfRange);
                ((ertf) amuuVar2.h()).x("handle link data message");
                try {
                    forf forfVar2 = (forf) q.m().a.get(k);
                    if (forfVar2 == null) {
                        ((ertf) amuuVar2.h()).x("This update message doesn't contain the link message");
                        return;
                    }
                    this.d.y(this.c, autu.TYPE_HYBRID_LINK_DATA_RECEIVED);
                    try {
                        byte[] s = forfVar2.s();
                        String str = this.f942m;
                        if (str == null || (pair = this.n) == null) {
                            ((ertf) amuuVar2.h()).x("Missing necessary data to parse the link data");
                            return;
                        }
                        try {
                            avyk b2 = avyk.b(s, str, (ECPrivateKey) pair.second, this.t);
                            amdo.j();
                            if (b2.b != null && b2.c != null && b2.d != null && b2.e != null && b2.g.h()) {
                                erfs d = avyi.d();
                                int i = ((erok) d).c;
                                for (int i2 = 0; i2 < i; i2++) {
                                    avyk avykVar = (avyk) d.get(i2);
                                    if (avykVar.d.equals(b2.d)) {
                                        avyi.f(avykVar.b);
                                    }
                                }
                                String o = avyi.a.o(b2.b);
                                try {
                                    try {
                                        String o2 = avyi.a.o(forf.o(new forb[]{new forb(avyi.c, new ford(b2.a)), new forb(avyi.b, forf.k(avyk.f(b2.d))), new forb(avyi.d, forf.k(b2.c)), new forb(avyi.e, new ford(b2.e)), new forb(avyi.f, new ford((String) b2.g.c()))}).s());
                                        bolq c3 = avyi.c("com.google.android.gms.fido.fido2.common.hybrid.HybridDataStore.Client").c();
                                        c3.h(o, o2);
                                        if (bolt.g(c3)) {
                                            ((ertf) a.h()).x("Successfully stored the link data");
                                            return;
                                        }
                                    } catch (foqu | foqz e4) {
                                        throw new avyj("Serializing the authenticator link data failed", e4);
                                    }
                                } catch (avyj unused) {
                                }
                            }
                            ((ertf) a.h()).x("Failed to store the link data");
                        } catch (avyj e5) {
                            C3222a.ae(a.h(), "Invalid link data", e5);
                        }
                    } catch (foqz e6) {
                        C3222a.ae(a.h(), "Encoding the link data in CborValue to byte array failed", e6);
                    }
                } catch (fore e7) {
                    C3222a.ae(a.h(), "A possible link data with an unsupported type", e7);
                }
            } catch (foqy unused2) {
                ((ertf) a.i()).x("invalid CBOR payload in update message");
                this.q.c(avxv.INVALID_CBOR);
            }
        } catch (IllegalArgumentException unused3) {
            this.q.c(avxv.INVALID_MESSAGE_TYPE_BYTE);
        }
    }

    public final void g(avmk avmkVar) {
        amdo.j();
        amuu amuuVar = a;
        ((ertf) amuuVar.h()).x("start reading");
        this.u = avmkVar;
        ((ertf) amuuVar.h()).B("starting websocket with URL: %s", this.l);
        this.d.y(this.c, autu.TYPE_HYBRID_WEBSOCKET_STARTED);
        ergd ergdVar = this.o;
        if (ergdVar == null) {
            this.g = new awvs(this.l, this);
        } else {
            this.g = new awvs(this.l, this, ergdVar);
        }
        this.g.d();
    }

    public final void h(avxr avxrVar, byte[] bArr) {
        eqwn.a(this.i.equals(avxy.READY));
        ByteBuffer allocate = ByteBuffer.allocate((bArr == null ? 0 : bArr.length) + 1);
        allocate.order(ByteOrder.LITTLE_ENDIAN);
        allocate.put(avxrVar.d);
        if (bArr != null) {
            allocate.put(bArr);
        }
        equn b2 = this.v.b(allocate.array());
        if (b2.h()) {
            this.g.e((byte[]) b2.c());
        } else {
            ((ertf) a.i()).x("Failed to encrypt response");
            this.q.c(avxv.ENCRYPT_FAILURE);
        }
    }
}
