package defpackage;

import android.security.keystore.KeyProperties;
import android.util.Pair;
import com.google.android.gms.chimera.modules.fido.AppContextProvider;
import com.google.android.gms.common.api.Status;
import com.google.android.gms.fido.fido2.api.common.AttestationConveyancePreference;
import com.google.android.gms.fido.fido2.api.common.AuthenticatorAttestationResponse;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredential;
import java.io.IOException;
import java.net.URI;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.InvalidAlgorithmParameterException;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes11.dex */
public final class awhq implements axfr {
    public final awym c;
    public final awyq d = new awyo(AppContextProvider.a());
    public final ECPublicKey e;
    public final byte[] f;
    public axfq g;
    public avwy h;
    public volatile awhp i;
    public volatile awyz j;
    private final URI l;

    /* renamed from: m, reason: collision with root package name */
    private final String f521m;
    private final Pair n;
    private final etmw o;
    private final byte[] p;
    private final awhj q;
    private byte[] r;
    private byte[] s;
    private byte[] t;
    private avwd u;
    private volatile awyw v;
    public static final angv a = awyj.c("ClientTunnelTransport");
    private static final frdz k = new frdz(1);
    public static final eumd b = eumd.f;

    public awhq(awhj awhjVar, URI uri, awym awymVar, Pair pair, awyz awyzVar, String str, byte[] bArr, ECPublicKey eCPublicKey, etmw etmwVar, byte[] bArr2) {
        this.i = awhp.NONE;
        this.p = bArr2;
        this.q = awhjVar;
        this.n = pair;
        this.j = awyzVar;
        this.f521m = str;
        this.f = bArr;
        this.e = eCPublicKey;
        this.l = uri;
        this.o = etmwVar;
        this.c = awymVar;
        this.i = awhp.CONNECTING;
    }

    public static byte[] i(byte[] bArr, byte[] bArr2, awhk awhkVar, int i) {
        try {
            return frgy.l(new SecretKeySpec(bArr, KeyProperties.KEY_ALGORITHM_HMAC_SHA256), bArr2, new byte[]{awhkVar.g, 0, 0, 0}, i);
        } catch (Exception e) {
            throw new awib("Unable to derive key", e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private final void j(byte[] bArr) {
        awyz awyzVar;
        int length;
        ((euaa) a.h()).x("handshake response received");
        this.d.y(this.c, avdk.TYPE_HYBRID_HANDSHAKE_RESPONSE_RECEIVED);
        try {
            awyzVar = this.j;
            etdg.a(awyzVar.e != null);
            length = bArr.length;
        } catch (InvalidAlgorithmParameterException unused) {
            ((euaa) a.i()).x("Handshake failed.");
            this.q.c(awhm.HANDSHAKE_FAILED);
        }
        if (length <= 65) {
            throw new InvalidAlgorithmParameterException("handshake response too short");
        }
        byte[] copyOf = Arrays.copyOf(bArr, 65);
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 65, length);
        awyzVar.d.c(copyOf);
        awyzVar.d.e(copyOf);
        ECPublicKey b2 = awyz.b(copyOf);
        awyzVar.d.e(awyz.c((ECPrivateKey) awyzVar.e.second, b2));
        etbg etbgVar = awyzVar.b;
        if (etbgVar.h()) {
            awyzVar.d.e(awyz.c((ECPrivateKey) ((Pair) etbgVar.c()).second, b2));
        }
        etbg b3 = awyzVar.d.b(copyOfRange);
        if (!b3.h() || ((byte[]) b3.c()).length != 0) {
            throw new InvalidAlgorithmParameterException("bad ciphertext");
        }
        Pair a2 = awyzVar.d.a();
        awyx awyxVar = new awyx((byte[]) a2.first, (byte[]) a2.second, awyzVar.d.a);
        this.t = awyxVar.c;
        this.r = awyxVar.a;
        this.s = awyxVar.b;
        this.v = new awyw(this.r, this.s);
        this.i = awhp.HANDSHAKE_COMPLETE;
    }

    public final void a() {
        angv angvVar = a;
        ((euaa) angvVar.h()).x("shutdown(): Shutting down websocket");
        this.d.y(this.c, avdk.TYPE_HYBRID_SENDING_SHUTDOWN_MESSAGE);
        if (gavv.h()) {
            if (this.i != awhp.READY) {
                ((euaa) angvVar.j()).B("Shutdown message sent when state was %s", this.i);
            }
            h(awhi.SHUTDOWN, null);
            this.g.b();
        } else if (this.i == awhp.READY) {
            h(awhi.SHUTDOWN, null);
            this.g.b();
        }
        this.i = awhp.CLOSE;
    }

    @Override // defpackage.axfr
    public final void b() {
        angv angvVar = a;
        ((euaa) angvVar.h()).x("websocket connected");
        this.i = awhp.CONNECTED;
        if (this.j != null) {
            ((euaa) angvVar.h()).x("Handshake message sent after websocket is connected.");
            this.d.y(this.c, avdk.TYPE_HYBRID_SENDING_HANDSHAKE);
            this.g.e(this.j.d());
        }
    }

    @Override // defpackage.axfr
    public final void c() {
        ((euaa) a.h()).x("tunnel disconnected");
        ((euaa) awgs.b.h()).x("Disconnected from Tunnel Server.");
        awgs awgsVar = (awgs) this.q;
        if (awgsVar.l) {
            return;
        }
        awgsVar.d.o(new awuz(Status.f, esze.a));
    }

    @Override // defpackage.axfr
    public final void d(axfs axfsVar) {
        byte[] bArr;
        ampn.j();
        if (axfsVar.a == 410 && (bArr = this.p) != null && !awia.f(bArr)) {
            ((euaa) a.j()).x("Failed to remove link data from HybridDataStore.");
        }
        ((euaa) ((euaa) a.i()).s(axfsVar)).x("errors from websocket");
        this.q.c(awhm.TUNNEL_SERVER_CONNECT_FAILED);
    }

    @Override // defpackage.axfr
    public final void e(Map map) {
        angv angvVar = a;
        ((euaa) angvVar.h()).B("handshake headers are retrieved: %s", map);
        if (map.containsKey("sec-websocket-protocol") && ((String) map.get("sec-websocket-protocol")).equals("fido.cable")) {
            return;
        }
        ((euaa) angvVar.i()).x("Tunnel server didn't select cable protocol");
        this.q.c(awhm.HANDSHAKE_FAILED);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // defpackage.axfr
    public final void f(byte[] bArr) {
        avwy avwyVar;
        Pair pair;
        angv angvVar = a;
        ((euaa) angvVar.h()).B("onMessage() with state: %s", this.i);
        int ordinal = this.i.ordinal();
        if (ordinal == 2) {
            j(bArr);
            return;
        }
        etal etalVar = null;
        r6 = null;
        List list = null;
        if (ordinal == 3) {
            ((euaa) angvVar.h()).x("post handshake message received");
            this.d.y(this.c, avdk.TYPE_HYBRID_POST_HANDSHAKE_RESPONSE_RECEIVED);
            if (this.v == null) {
                ((euaa) angvVar.i()).x("crypter is null");
                this.q.c(awhm.DECRYPT_FAILURE);
                return;
            }
            etbg a2 = this.v.a(bArr);
            if (!a2.h()) {
                ((euaa) angvVar.i()).x("failed to decrypt hybrid message");
                this.q.c(awhm.DECRYPT_FAILURE);
                return;
            }
            Object c = a2.c();
            if (((byte[]) c).length == 0) {
                ((euaa) angvVar.i()).x("invalid empty message");
                this.q.c(awhm.DECRYPT_FAILURE);
                return;
            }
            try {
                free freeVar = (free) freb.q((byte[]) c).m().a.get(new frdz(1L));
                if (freeVar == null) {
                    ((euaa) angvVar.i()).x("Post handshake missing getInfoResponse.");
                    this.q.c(awhm.INVALID_CBOR);
                    return;
                }
                if (gavv.j()) {
                    this.h = avwy.b(freb.q(freeVar.j().d()).m());
                } else {
                    this.h = null;
                    freeVar.j();
                }
                this.i = awhp.READY;
                ((euaa) angvVar.h()).x("CTAP message sent");
                this.d.y(this.c, avdk.TYPE_HYBRID_SENDING_CTAP_MESSAGE);
                h(awhi.CTAP, this.u.e());
                return;
            } catch (frdx | fred | avwi e) {
                ((euaa) ((euaa) a.i()).s(e)).x("Invalid post handshake method.");
                this.q.c(awhm.INVALID_CBOR);
                return;
            } catch (frdy e2) {
                ((euaa) ((euaa) a.i()).s(e2)).x("Invalid Ctap2 command.");
                this.q.c(awhm.INVALID_CTAP);
                return;
            }
        }
        if (ordinal != 4) {
            this.q.c(awhm.INTERNAL_ERROR);
            ((euaa) angvVar.i()).B("Invalid state: %s to handle tunnel data.", this.i);
            return;
        }
        ((euaa) angvVar.h()).x("CTAP messages received");
        this.d.y(this.c, avdk.TYPE_HYBRID_CTAP_MESSAGE_RECEIVED);
        etbg a3 = this.v.a(bArr);
        if (!a3.h()) {
            ((euaa) angvVar.i()).x("failed to decrypt hybrid message");
            this.q.c(awhm.DECRYPT_FAILURE);
            return;
        }
        Object c2 = a3.c();
        byte[] bArr2 = (byte[]) c2;
        int length = bArr2.length;
        if (length == 0) {
            ((euaa) angvVar.i()).x("invalid empty message");
            this.q.c(awhm.DECRYPT_FAILURE);
            return;
        }
        try {
            awhi a4 = awhi.a(((byte[]) c2)[0]);
            ((euaa) angvVar.h()).B("Message received with type: %s", a4);
            byte[] copyOfRange = Arrays.copyOfRange(bArr2, 1, length);
            int ordinal2 = a4.ordinal();
            if (ordinal2 == 1) {
                awhj awhjVar = this.q;
                ((euaa) awgs.b.h()).x("Parsing CTAP2 message.");
                awgs awgsVar = (awgs) awhjVar;
                awgsVar.l = true;
                try {
                    avwe a5 = avxb.a(copyOfRange, ((awgs) awhjVar).e);
                    ((euaa) awgs.b.h()).B("Parsed ctap2Response: %s", a5);
                    avwd avwdVar = ((awgs) awhjVar).e;
                    if (avwdVar instanceof avwo) {
                        etalVar = new avtb(((awgs) awhjVar).f, null);
                    } else if (avwdVar instanceof avwr) {
                        if (gavv.j() && (avwyVar = ((awgs) awhjVar).k.h) != null) {
                            list = avwyVar.C;
                        }
                        etalVar = new avsz(AttestationConveyancePreference.DIRECT, ((awgs) awhjVar).f, true, list, null);
                    }
                    if (etalVar == null) {
                        ((euaa) awgs.b.i()).x("Unrecognized CTAP2 command.");
                        ((awgs) awhjVar).d.g(avdk.TYPE_HYBRID_GENERATE_CTAP_RESPONSE_ERROR);
                        ((awgs) awhjVar).d.o(new awuz(Status.f, esze.a));
                        ((awgs) awhjVar).k.a();
                        return;
                    }
                    ((awgs) awhjVar).d.g(avdk.TYPE_HYBRID_RECEIVED_SUCCESS_CTAP_RESPONSE);
                    PublicKeyCredential publicKeyCredential = (PublicKeyCredential) etalVar.jY(a5);
                    AuthenticatorAttestationResponse authenticatorAttestationResponse = publicKeyCredential.e;
                    if (authenticatorAttestationResponse != null) {
                        awdq awdqVar = new awdq();
                        awdqVar.d(authenticatorAttestationResponse.d());
                        awdqVar.c(authenticatorAttestationResponse.c());
                        awdqVar.b(authenticatorAttestationResponse.b());
                        awdqVar.e(awgs.a);
                        awev awevVar = new awev();
                        awevVar.c = awdqVar.a();
                        awevVar.b(publicKeyCredential.f());
                        awevVar.a = publicKeyCredential.b;
                        awevVar.d = publicKeyCredential.h;
                        publicKeyCredential = awevVar.a();
                    }
                    ((euaa) awgs.b.h()).B("Received success CTAP2 response: %s", publicKeyCredential);
                    ((awgs) awhjVar).d.o(new awuz(Status.b, etbg.j(publicKeyCredential)));
                    ((awgs) awhjVar).k.a();
                    return;
                } catch (IOException | IllegalArgumentException e3) {
                    ((euaa) ((euaa) awgs.b.i()).s(e3)).x("Error parsing CTAP2 message.");
                    awgsVar.d.g(avdk.TYPE_HYBRID_GENERATE_CTAP_RESPONSE_ERROR);
                    awgsVar.d.o(new awuz(Status.f, esze.a));
                    awgsVar.k.a();
                    return;
                }
            }
            if (ordinal2 != 2) {
                return;
            }
            try {
                free q = free.q(copyOfRange);
                ((euaa) angvVar.h()).x("handle link data message");
                try {
                    free freeVar2 = (free) q.m().a.get(k);
                    if (freeVar2 == null) {
                        ((euaa) angvVar.h()).x("This update message doesn't contain the link message");
                        return;
                    }
                    this.d.y(this.c, avdk.TYPE_HYBRID_LINK_DATA_RECEIVED);
                    try {
                        byte[] s = freeVar2.s();
                        String str = this.f521m;
                        if (str == null || (pair = this.n) == null) {
                            ((euaa) angvVar.h()).x("Missing necessary data to parse the link data");
                            return;
                        }
                        try {
                            awic b2 = awic.b(s, str, (ECPrivateKey) pair.second, this.t);
                            ampn.j();
                            if (b2.b != null && b2.c != null && b2.d != null && b2.e != null && b2.g.h()) {
                                etml d = awia.d();
                                int i = ((etvd) d).c;
                                for (int i2 = 0; i2 < i; i2++) {
                                    awic awicVar = (awic) d.get(i2);
                                    if (awicVar.d.equals(b2.d)) {
                                        awia.f(awicVar.b);
                                    }
                                }
                                String o = awia.a.o(b2.b);
                                try {
                                    try {
                                        String o2 = awia.a.o(free.o(new frea[]{new frea(awia.c, new frec(b2.a)), new frea(awia.b, free.k(awic.f(b2.d))), new frea(awia.d, free.k(b2.c)), new frea(awia.e, new frec(b2.e)), new frea(awia.f, new frec((String) b2.g.c()))}).s());
                                        bpfo c3 = awia.c("com.google.android.gms.fido.fido2.common.hybrid.HybridDataStore.Client").c();
                                        c3.h(o, o2);
                                        if (bpfr.g(c3)) {
                                            ((euaa) a.h()).x("Successfully stored the link data");
                                            return;
                                        }
                                    } catch (frdt | frdy e4) {
                                        throw new awib("Serializing the authenticator link data failed", e4);
                                    }
                                } catch (awib unused) {
                                }
                            }
                            ((euaa) a.j()).x("Failed to store the link data");
                        } catch (awib e5) {
                            ((euaa) ((euaa) a.h()).s(e5)).x("Invalid link data");
                        }
                    } catch (frdy e6) {
                        ((euaa) ((euaa) a.h()).s(e6)).x("Encoding the link data in CborValue to byte array failed");
                    }
                } catch (fred e7) {
                    ((euaa) ((euaa) a.h()).s(e7)).x("A possible link data with an unsupported type");
                }
            } catch (frdx unused2) {
                ((euaa) a.i()).x("invalid CBOR payload in update message");
                this.q.c(awhm.INVALID_CBOR);
            }
        } catch (IllegalArgumentException unused3) {
            this.q.c(awhm.INVALID_MESSAGE_TYPE_BYTE);
        }
    }

    public final void g(avwd avwdVar) {
        ampn.j();
        angv angvVar = a;
        ((euaa) angvVar.h()).x("startConnecting(): start reading");
        this.u = avwdVar;
        ((euaa) angvVar.h()).S("starting websocket with URL: %s, headers: %s, protocol: %s", this.l, this.o, "fido.cable");
        this.d.y(this.c, avdk.TYPE_HYBRID_WEBSOCKET_STARTED);
        etmw etmwVar = this.o;
        if (etmwVar == null) {
            this.g = new axfq(this.l, this);
        } else {
            this.g = new axfq(this.l, this, etmwVar);
        }
        this.g.d();
    }

    public final void h(awhi awhiVar, byte[] bArr) {
        angv angvVar = a;
        ((euaa) angvVar.h()).N("write() msgType: %s with state: %s", awhiVar, this.i);
        if (!gavv.h()) {
            etdg.a(this.i.equals(awhp.READY));
        } else if (awhiVar != awhi.SHUTDOWN) {
            etdg.a(this.i.equals(awhp.READY));
        } else if (this.i.equals(awhp.CLOSE)) {
            return;
        }
        ByteBuffer allocate = ByteBuffer.allocate((bArr == null ? 0 : bArr.length) + 1);
        allocate.order(ByteOrder.LITTLE_ENDIAN);
        allocate.put(awhiVar.d);
        if (bArr != null) {
            allocate.put(bArr);
        }
        etbg b2 = this.v.b(allocate.array());
        if (b2.h()) {
            this.g.e((byte[]) b2.c());
        } else {
            ((euaa) angvVar.i()).x("Failed to encrypt response");
            this.q.c(awhm.ENCRYPT_FAILURE);
        }
    }
}
