package com.yubico.yubikit.piv.jca;

import com.yubico.yubikit.core.application.BadResponseException;
import com.yubico.yubikit.core.smartcard.ApduException;
import com.yubico.yubikit.core.util.Callback;
import com.yubico.yubikit.core.util.Result;
import com.yubico.yubikit.piv.PinPolicy;
import com.yubico.yubikit.piv.PivSession;
import com.yubico.yubikit.piv.Slot;
import com.yubico.yubikit.piv.SlotMetadata;
import com.yubico.yubikit.piv.TouchPolicy;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import java.util.concurrent.ArrayBlockingQueue;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.Callable;
import javax.annotation.Nullable;

/* loaded from: classes9.dex */
public class PivKeyStoreSpi extends KeyStoreSpi {

    /* renamed from: a, reason: collision with root package name */
    public final Callback<Callback<Result<PivSession, Exception>>> f35921a;

    public PivKeyStoreSpi(Callback<Callback<Result<PivSession, Exception>>> callback) {
        this.f35921a = callback;
    }

    public static /* synthetic */ Boolean k(Result result, Slot slot) throws Exception {
        ((PivSession) result.b()).u(slot);
        return Boolean.TRUE;
    }

    public static /* synthetic */ void l(BlockingQueue blockingQueue, final Slot slot, final Result result) {
        blockingQueue.add(Result.e(new Callable() { // from class: com.yubico.yubikit.piv.jca.c
            @Override // java.util.concurrent.Callable
            public final Object call() {
                Boolean k2;
                k2 = PivKeyStoreSpi.k(Result.this, slot);
                return k2;
            }
        }));
    }

    public static /* synthetic */ X509Certificate m(Result result, Slot slot) throws Exception {
        return ((PivSession) result.b()).x(slot);
    }

    public static /* synthetic */ void n(BlockingQueue blockingQueue, final Slot slot, final Result result) {
        blockingQueue.add(Result.e(new Callable() { // from class: com.yubico.yubikit.piv.jca.g
            @Override // java.util.concurrent.Callable
            public final Object call() {
                X509Certificate m2;
                m2 = PivKeyStoreSpi.m(Result.this, slot);
                return m2;
            }
        }));
    }

    public static /* synthetic */ KeyStore.Entry o(Result result, Slot slot, KeyStore.ProtectionParameter protectionParameter) throws Exception {
        PivPrivateKey d2;
        PivSession pivSession = (PivSession) result.b();
        X509Certificate x2 = pivSession.x(slot);
        char[] password = protectionParameter instanceof KeyStore.PasswordProtection ? ((KeyStore.PasswordProtection) protectionParameter).getPassword() : null;
        if (pivSession.c(PivSession.f35834j)) {
            SlotMetadata J = pivSession.J(slot);
            d2 = PivPrivateKey.d(J.c(), slot, J.b(), J.e(), password);
        } else {
            d2 = PivPrivateKey.d(x2.getPublicKey(), slot, null, null, password);
        }
        return new KeyStore.PrivateKeyEntry(d2, new Certificate[]{x2});
    }

    public static /* synthetic */ void p(BlockingQueue blockingQueue, final Slot slot, final KeyStore.ProtectionParameter protectionParameter, final Result result) {
        blockingQueue.add(Result.e(new Callable() { // from class: com.yubico.yubikit.piv.jca.h
            @Override // java.util.concurrent.Callable
            public final Object call() {
                KeyStore.Entry o2;
                o2 = PivKeyStoreSpi.o(Result.this, slot, protectionParameter);
                return o2;
            }
        }));
    }

    public static /* synthetic */ PivPrivateKey q(Result result, Slot slot, char[] cArr) throws Exception {
        PivSession pivSession = (PivSession) result.b();
        if (!pivSession.c(PivSession.f35834j)) {
            return PivPrivateKey.d(pivSession.x(slot).getPublicKey(), slot, null, null, cArr);
        }
        SlotMetadata J = pivSession.J(slot);
        return PivPrivateKey.d(J.c(), slot, J.b(), J.e(), cArr);
    }

    public static /* synthetic */ void r(BlockingQueue blockingQueue, final Slot slot, final char[] cArr, final Result result) {
        blockingQueue.add(Result.e(new Callable() { // from class: com.yubico.yubikit.piv.jca.e
            @Override // java.util.concurrent.Callable
            public final Object call() {
                PivPrivateKey q2;
                q2 = PivKeyStoreSpi.q(Result.this, slot, cArr);
                return q2;
            }
        }));
    }

    public static /* synthetic */ Boolean s(Result result, PrivateKey privateKey, Slot slot, PinPolicy pinPolicy, TouchPolicy touchPolicy, X509Certificate x509Certificate) throws Exception {
        PivSession pivSession = (PivSession) result.b();
        if (privateKey != null) {
            pivSession.Y(slot, privateKey, pinPolicy, touchPolicy);
        }
        if (x509Certificate != null) {
            pivSession.V(slot, x509Certificate);
        }
        return Boolean.TRUE;
    }

    public static /* synthetic */ void t(BlockingQueue blockingQueue, final PrivateKey privateKey, final Slot slot, final PinPolicy pinPolicy, final TouchPolicy touchPolicy, final X509Certificate x509Certificate, final Result result) {
        blockingQueue.add(Result.e(new Callable() { // from class: com.yubico.yubikit.piv.jca.f
            @Override // java.util.concurrent.Callable
            public final Object call() {
                Boolean s2;
                s2 = PivKeyStoreSpi.s(Result.this, privateKey, slot, pinPolicy, touchPolicy, x509Certificate);
                return s2;
            }
        }));
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        try {
            Slot.e(str);
            return true;
        } catch (IllegalArgumentException unused) {
            return false;
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        final Slot e2 = Slot.e(str);
        final ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
        this.f35921a.invoke(new Callback() { // from class: com.yubico.yubikit.piv.jca.i
            @Override // com.yubico.yubikit.core.util.Callback
            public final void invoke(Object obj) {
                PivKeyStoreSpi.l(arrayBlockingQueue, e2, (Result) obj);
            }
        });
        try {
            ((Result) arrayBlockingQueue.take()).b();
        } catch (Exception e3) {
            throw new KeyStoreException(e3);
        }
    }

    @Override // java.security.KeyStoreSpi
    @Nullable
    public Certificate engineGetCertificate(String str) {
        final Slot e2 = Slot.e(str);
        final ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
        this.f35921a.invoke(new Callback() { // from class: com.yubico.yubikit.piv.jca.l
            @Override // com.yubico.yubikit.core.util.Callback
            public final void invoke(Object obj) {
                PivKeyStoreSpi.n(arrayBlockingQueue, e2, (Result) obj);
            }
        });
        try {
            return (Certificate) ((Result) arrayBlockingQueue.take()).b();
        } catch (BadResponseException unused) {
            return null;
        } catch (ApduException e3) {
            if (e3.b() == 27266) {
                return null;
            }
            throw new RuntimeException(e3);
        } catch (Exception e4) {
            throw new RuntimeException(e4);
        }
    }

    @Override // java.security.KeyStoreSpi
    @Nullable
    public String engineGetCertificateAlias(Certificate certificate) {
        for (Slot slot : Slot.values()) {
            String g2 = slot.g();
            if (certificate.equals(engineGetCertificate(g2))) {
                return g2;
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        return new Certificate[]{engineGetCertificate(str)};
    }

    @Override // java.security.KeyStoreSpi
    @Nullable
    public Date engineGetCreationDate(String str) {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    @Nullable
    public KeyStore.Entry engineGetEntry(String str, final KeyStore.ProtectionParameter protectionParameter) throws UnrecoverableEntryException {
        final Slot e2 = Slot.e(str);
        try {
            final ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
            this.f35921a.invoke(new Callback() { // from class: com.yubico.yubikit.piv.jca.d
                @Override // com.yubico.yubikit.core.util.Callback
                public final void invoke(Object obj) {
                    PivKeyStoreSpi.p(arrayBlockingQueue, e2, protectionParameter, (Result) obj);
                }
            });
            return (KeyStore.Entry) ((Result) arrayBlockingQueue.take()).b();
        } catch (BadResponseException unused) {
            throw new UnrecoverableEntryException("Make sure the matching certificate is stored");
        } catch (ApduException e3) {
            if (e3.b() == 27266) {
                return null;
            }
            throw new RuntimeException(e3);
        } catch (Exception e4) {
            throw new RuntimeException(e4);
        }
    }

    @Override // java.security.KeyStoreSpi
    @Nullable
    public Key engineGetKey(String str, final char[] cArr) throws UnrecoverableKeyException {
        final Slot e2 = Slot.e(str);
        try {
            final ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
            this.f35921a.invoke(new Callback() { // from class: com.yubico.yubikit.piv.jca.k
                @Override // com.yubico.yubikit.core.util.Callback
                public final void invoke(Object obj) {
                    PivKeyStoreSpi.r(arrayBlockingQueue, e2, cArr, (Result) obj);
                }
            });
            return (Key) ((Result) arrayBlockingQueue.take()).b();
        } catch (BadResponseException unused) {
            throw new UnrecoverableKeyException("No way to infer KeyType, make sure the matching certificate is stored");
        } catch (ApduException e3) {
            if (e3.b() == 27266) {
                return null;
            }
            throw new RuntimeException(e3);
        } catch (Exception e4) {
            throw new RuntimeException(e4);
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return engineGetCertificate(str) != null;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return engineContainsAlias(str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) {
        throw new InvalidParameterException("KeyStore must be loaded with a null LoadStoreParameter");
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(@Nullable KeyStore.LoadStoreParameter loadStoreParameter) {
        if (loadStoreParameter != null) {
            throw new InvalidParameterException("KeyStore must be loaded with null");
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        Slot e2 = Slot.e(str);
        if (!(certificate instanceof X509Certificate)) {
            throw new KeyStoreException("Certificate must be X509Certificate");
        }
        try {
            u(e2, null, PinPolicy.DEFAULT, TouchPolicy.DEFAULT, (X509Certificate) certificate);
        } catch (Exception e3) {
            throw new KeyStoreException(e3);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetEntry(String str, KeyStore.Entry entry, @Nullable KeyStore.ProtectionParameter protectionParameter) throws KeyStoreException {
        Object certificate;
        PrivateKey privateKey;
        PinPolicy pinPolicy;
        TouchPolicy touchPolicy;
        Slot e2 = Slot.e(str);
        if (entry instanceof KeyStore.TrustedCertificateEntry) {
            if (protectionParameter != null) {
                throw new KeyStoreException("Certificate cannot use protParam");
            }
            certificate = ((KeyStore.TrustedCertificateEntry) entry).getTrustedCertificate();
            privateKey = null;
        } else {
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                throw new KeyStoreException("Unsupported KeyStore entry.");
            }
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
            certificate = privateKeyEntry.getCertificate();
            privateKey = privateKeyEntry.getPrivateKey();
        }
        PrivateKey privateKey2 = privateKey;
        if (certificate != null && !(certificate instanceof X509Certificate)) {
            throw new KeyStoreException("Certificate must be X509Certificate");
        }
        PinPolicy pinPolicy2 = PinPolicy.DEFAULT;
        TouchPolicy touchPolicy2 = TouchPolicy.DEFAULT;
        if (privateKey2 == null || protectionParameter == null) {
            pinPolicy = pinPolicy2;
            touchPolicy = touchPolicy2;
        } else {
            if (!(protectionParameter instanceof PivKeyStoreKeyParameters)) {
                throw new KeyStoreException("protParam must be an instance of PivKeyStoreKeyParameters");
            }
            PivKeyStoreKeyParameters pivKeyStoreKeyParameters = (PivKeyStoreKeyParameters) protectionParameter;
            pinPolicy = pivKeyStoreKeyParameters.f35919a;
            touchPolicy = pivKeyStoreKeyParameters.f35920b;
        }
        try {
            u(e2, privateKey2, pinPolicy, touchPolicy, (X509Certificate) certificate);
        } catch (Exception e3) {
            throw new KeyStoreException(e3);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, @Nullable char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        Slot e2 = Slot.e(str);
        if (cArr != null) {
            throw new KeyStoreException("Password can not be set");
        }
        if (certificateArr.length != 1) {
            throw new KeyStoreException("Certificate chain must be a single certificate, or empty");
        }
        Certificate certificate = certificateArr[0];
        if (!(certificate instanceof X509Certificate)) {
            throw new KeyStoreException("Certificate must be X509Certificate");
        }
        try {
            u(e2, (PrivateKey) key, PinPolicy.DEFAULT, TouchPolicy.DEFAULT, (X509Certificate) certificate);
        } catch (Exception e3) {
            throw new KeyStoreException(e3);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new KeyStoreException("Use setKeyEntry with a PrivateKey instance instead of byte[]");
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return Slot.values().length;
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) {
        throw new UnsupportedOperationException();
    }

    public final void u(final Slot slot, @Nullable final PrivateKey privateKey, final PinPolicy pinPolicy, final TouchPolicy touchPolicy, @Nullable final X509Certificate x509Certificate) throws Exception {
        final ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
        this.f35921a.invoke(new Callback() { // from class: com.yubico.yubikit.piv.jca.j
            @Override // com.yubico.yubikit.core.util.Callback
            public final void invoke(Object obj) {
                PivKeyStoreSpi.t(arrayBlockingQueue, privateKey, slot, pinPolicy, touchPolicy, x509Certificate, (Result) obj);
            }
        });
        ((Result) arrayBlockingQueue.take()).b();
    }
}
