package defpackage;

import android.util.Pair;
import com.google.android.gms.chimera.modules.fido.AppContextProvider;
import com.google.android.gms.common.api.Status;
import com.google.android.gms.fido.fido2.api.common.AttestationConveyancePreference;
import com.google.android.gms.fido.fido2.api.common.AuthenticatorAttestationResponse;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredential;
import java.io.IOException;
import java.net.URI;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.InvalidAlgorithmParameterException;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import javax.crypto.spec.SecretKeySpec;

/* compiled from: :com.google.android.gms@244034107@24.40.34 (080306-682300402) */
/* loaded from: classes2.dex */
public final class adln implements aeit {
    public final aecd c;
    public final aech d = new aecf(AppContextProvider.a());
    public final ECPublicKey e;
    public final byte[] f;
    public aeis g;
    public adbv h;
    public volatile adlm i;
    public volatile aecq j;
    private final URI l;
    private final String m;
    private final Pair n;
    private final byld o;
    private final byte[] p;
    private final adlg q;
    private byte[] r;
    private byte[] s;
    private byte[] t;
    private adba u;
    private volatile aecn v;
    public static final zxk a = aeca.c("ClientTunnelTransport");
    private static final cmac k = new cmac(1);
    public static final bzfn b = bzfn.f;

    public adln(adlg adlgVar, URI uri, aecd aecdVar, Pair pair, aecq aecqVar, String str, byte[] bArr, ECPublicKey eCPublicKey, byld byldVar, byte[] bArr2) {
        this.i = adlm.NONE;
        this.p = bArr2;
        this.q = adlgVar;
        this.n = pair;
        this.j = aecqVar;
        this.m = str;
        this.f = bArr;
        this.e = eCPublicKey;
        this.l = uri;
        this.o = byldVar;
        this.c = aecdVar;
        this.i = adlm.CONNECTING;
    }

    public static byte[] i(byte[] bArr, byte[] bArr2, adlh adlhVar, int i) {
        try {
            return cmcw.k(new SecretKeySpec(bArr, "HmacSHA256"), bArr2, new byte[]{adlhVar.g, 0, 0, 0}, i);
        } catch (Exception e) {
            throw new adly("Unable to derive key", e);
        }
    }

    private final void j(byte[] bArr) {
        aecq aecqVar;
        int length;
        ((bywl) a.h()).x("handshake response received");
        this.d.y(this.c, acid.TYPE_HYBRID_HANDSHAKE_RESPONSE_RECEIVED);
        try {
            aecqVar = this.j;
            bycg.a(aecqVar.e != null);
            length = bArr.length;
        } catch (InvalidAlgorithmParameterException unused) {
            ((bywl) a.i()).x("Handshake failed.");
            this.q.c(adlj.HANDSHAKE_FAILED);
        }
        if (length <= 65) {
            throw new InvalidAlgorithmParameterException("handshake response too short");
        }
        byte[] copyOf = Arrays.copyOf(bArr, 65);
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 65, length);
        aecqVar.d.c(copyOf);
        aecqVar.d.e(copyOf);
        ECPublicKey b2 = aecq.b(copyOf);
        aecqVar.d.e(aecq.c((ECPrivateKey) aecqVar.e.second, b2));
        byah byahVar = aecqVar.b;
        if (byahVar.h()) {
            aecqVar.d.e(aecq.c((ECPrivateKey) ((Pair) byahVar.c()).second, b2));
        }
        byah b3 = aecqVar.d.b(copyOfRange);
        if (!b3.h() || ((byte[]) b3.c()).length != 0) {
            throw new InvalidAlgorithmParameterException("bad ciphertext");
        }
        Pair a2 = aecqVar.d.a();
        aeco aecoVar = new aeco((byte[]) a2.first, (byte[]) a2.second, aecqVar.d.a);
        this.t = aecoVar.c;
        this.r = aecoVar.a;
        this.s = aecoVar.b;
        this.v = new aecn(this.r, this.s);
        this.i = adlm.HANDSHAKE_COMPLETE;
    }

    public final void a() {
        zxk zxkVar = a;
        ((bywl) zxkVar.h()).x("shutdown(): Shutting down websocket");
        this.d.y(this.c, acid.TYPE_HYBRID_SENDING_SHUTDOWN_MESSAGE);
        if (cqpj.h()) {
            if (this.i != adlm.READY) {
                ((bywl) zxkVar.j()).B("Shutdown message sent when state was %s", this.i);
            }
            h(adlf.SHUTDOWN, null);
            this.g.b();
        } else if (this.i == adlm.READY) {
            h(adlf.SHUTDOWN, null);
            this.g.b();
        }
        this.i = adlm.CLOSE;
    }

    @Override // defpackage.aeit
    public final void b() {
        zxk zxkVar = a;
        ((bywl) zxkVar.h()).x("websocket connected");
        this.i = adlm.CONNECTED;
        if (this.j != null) {
            ((bywl) zxkVar.h()).x("Handshake message sent after websocket is connected.");
            this.d.y(this.c, acid.TYPE_HYBRID_SENDING_HANDSHAKE);
            this.g.e(this.j.d());
        }
    }

    @Override // defpackage.aeit
    public final void c() {
        ((bywl) a.h()).x("tunnel disconnected");
        ((bywl) adkp.b.h()).x("Disconnected from Tunnel Server.");
        adkp adkpVar = (adkp) this.q;
        if (adkpVar.l) {
            return;
        }
        adkpVar.d.o(new adyq(Status.f, bxyi.a));
    }

    @Override // defpackage.aeit
    public final void d(aeiu aeiuVar) {
        byte[] bArr;
        zgi.i();
        if (aeiuVar.a == 410 && (bArr = this.p) != null && !adlx.f(bArr)) {
            ((bywl) a.j()).x("Failed to remove link data from HybridDataStore.");
        }
        ((bywl) ((bywl) a.i()).s(aeiuVar)).x("errors from websocket");
        this.q.c(adlj.TUNNEL_SERVER_CONNECT_FAILED);
    }

    @Override // defpackage.aeit
    public final void e(Map map) {
        zxk zxkVar = a;
        ((bywl) zxkVar.h()).B("handshake headers are retrieved: %s", map);
        if (map.containsKey("sec-websocket-protocol") && ((String) map.get("sec-websocket-protocol")).equals("fido.cable")) {
            return;
        }
        ((bywl) zxkVar.i()).x("Tunnel server didn't select cable protocol");
        this.q.c(adlj.HANDSHAKE_FAILED);
    }

    @Override // defpackage.aeit
    public final void f(byte[] bArr) {
        adbv adbvVar;
        Pair pair;
        zxk zxkVar = a;
        ((bywl) zxkVar.h()).B("onMessage() with state: %s", this.i);
        int ordinal = this.i.ordinal();
        if (ordinal == 2) {
            j(bArr);
            return;
        }
        bxzp bxzpVar = null;
        r6 = null;
        List list = null;
        if (ordinal == 3) {
            ((bywl) zxkVar.h()).x("post handshake message received");
            this.d.y(this.c, acid.TYPE_HYBRID_POST_HANDSHAKE_RESPONSE_RECEIVED);
            if (this.v == null) {
                ((bywl) zxkVar.i()).x("crypter is null");
                this.q.c(adlj.DECRYPT_FAILURE);
                return;
            }
            byah a2 = this.v.a(bArr);
            if (!a2.h()) {
                ((bywl) zxkVar.i()).x("failed to decrypt hybrid message");
                this.q.c(adlj.DECRYPT_FAILURE);
                return;
            }
            Object c = a2.c();
            if (((byte[]) c).length == 0) {
                ((bywl) zxkVar.i()).x("invalid empty message");
                this.q.c(adlj.DECRYPT_FAILURE);
                return;
            }
            try {
                cmah cmahVar = (cmah) cmae.q((byte[]) c).m().a.get(new cmac(1L));
                if (cmahVar == null) {
                    ((bywl) zxkVar.i()).x("Post handshake missing getInfoResponse.");
                    this.q.c(adlj.INVALID_CBOR);
                    return;
                }
                if (cqpj.j()) {
                    this.h = adbv.b(cmae.q(cmahVar.j().d()).m());
                } else {
                    this.h = null;
                    cmahVar.j();
                }
                this.i = adlm.READY;
                ((bywl) zxkVar.h()).B("CTAP message sent :%s", this.u);
                this.d.y(this.c, acid.TYPE_HYBRID_SENDING_CTAP_MESSAGE);
                h(adlf.CTAP, this.u.e());
                return;
            } catch (adbf e) {
                e = e;
                ((bywl) ((bywl) a.i()).s(e)).x("Invalid post handshake method.");
                this.q.c(adlj.INVALID_CBOR);
                return;
            } catch (cmaa e2) {
                e = e2;
                ((bywl) ((bywl) a.i()).s(e)).x("Invalid post handshake method.");
                this.q.c(adlj.INVALID_CBOR);
                return;
            } catch (cmab e3) {
                ((bywl) ((bywl) a.i()).s(e3)).x("Invalid Ctap2 command.");
                this.q.c(adlj.INVALID_CTAP);
                return;
            } catch (cmag e4) {
                e = e4;
                ((bywl) ((bywl) a.i()).s(e)).x("Invalid post handshake method.");
                this.q.c(adlj.INVALID_CBOR);
                return;
            }
        }
        if (ordinal != 4) {
            this.q.c(adlj.INTERNAL_ERROR);
            ((bywl) zxkVar.i()).B("Invalid state: %s to handle tunnel data.", this.i);
            return;
        }
        ((bywl) zxkVar.h()).x("CTAP messages received");
        this.d.y(this.c, acid.TYPE_HYBRID_CTAP_MESSAGE_RECEIVED);
        byah a3 = this.v.a(bArr);
        if (!a3.h()) {
            ((bywl) zxkVar.i()).x("failed to decrypt hybrid message");
            this.q.c(adlj.DECRYPT_FAILURE);
            return;
        }
        Object c2 = a3.c();
        byte[] bArr2 = (byte[]) c2;
        int length = bArr2.length;
        if (length == 0) {
            ((bywl) zxkVar.i()).x("invalid empty message");
            this.q.c(adlj.DECRYPT_FAILURE);
            return;
        }
        try {
            adlf a4 = adlf.a(((byte[]) c2)[0]);
            ((bywl) zxkVar.h()).B("Message received with type: %s", a4);
            byte[] copyOfRange = Arrays.copyOfRange(bArr2, 1, length);
            int ordinal2 = a4.ordinal();
            if (ordinal2 == 1) {
                adlg adlgVar = this.q;
                ((bywl) adkp.b.h()).x("Parsing CTAP2 message.");
                adkp adkpVar = (adkp) adlgVar;
                adkpVar.l = true;
                try {
                    adbb a5 = adby.a(copyOfRange, ((adkp) adlgVar).e);
                    ((bywl) adkp.b.h()).B("Parsed ctap2Response: %s", a5);
                    adba adbaVar = ((adkp) adlgVar).e;
                    if (adbaVar instanceof adbl) {
                        bxzpVar = new acxy(((adkp) adlgVar).f, null);
                    } else if (adbaVar instanceof adbo) {
                        if (cqpj.j() && (adbvVar = ((adkp) adlgVar).k.h) != null) {
                            list = adbvVar.C;
                        }
                        bxzpVar = new acxw(AttestationConveyancePreference.DIRECT, ((adkp) adlgVar).f, true, list, null);
                    }
                    if (bxzpVar == null) {
                        ((bywl) adkp.b.i()).x("Unrecognized CTAP2 command.");
                        ((adkp) adlgVar).d.g(acid.TYPE_HYBRID_GENERATE_CTAP_RESPONSE_ERROR);
                        ((adkp) adlgVar).d.o(new adyq(Status.f, bxyi.a));
                        ((adkp) adlgVar).k.a();
                        return;
                    }
                    ((adkp) adlgVar).d.g(acid.TYPE_HYBRID_RECEIVED_SUCCESS_CTAP_RESPONSE);
                    PublicKeyCredential publicKeyCredential = (PublicKeyCredential) bxzpVar.e(a5);
                    AuthenticatorAttestationResponse authenticatorAttestationResponse = publicKeyCredential.e;
                    if (authenticatorAttestationResponse != null) {
                        adhp adhpVar = new adhp();
                        adhpVar.d(authenticatorAttestationResponse.d());
                        adhpVar.c(authenticatorAttestationResponse.c());
                        adhpVar.b(authenticatorAttestationResponse.b());
                        adhpVar.e(adkp.a);
                        adiu adiuVar = new adiu();
                        adiuVar.c = adhpVar.a();
                        adiuVar.b(publicKeyCredential.f());
                        adiuVar.a = publicKeyCredential.b;
                        adiuVar.d = publicKeyCredential.h;
                        publicKeyCredential = adiuVar.a();
                    }
                    ((bywl) adkp.b.h()).B("Received success CTAP2 response: %s", publicKeyCredential);
                    ((adkp) adlgVar).d.o(new adyq(Status.b, byah.j(publicKeyCredential)));
                    ((adkp) adlgVar).k.a();
                    return;
                } catch (IOException | IllegalArgumentException e5) {
                    ((bywl) ((bywl) adkp.b.i()).s(e5)).x("Error parsing CTAP2 message.");
                    adkpVar.d.g(acid.TYPE_HYBRID_GENERATE_CTAP_RESPONSE_ERROR);
                    adkpVar.d.o(new adyq(Status.f, bxyi.a));
                    adkpVar.k.a();
                    return;
                }
            }
            if (ordinal2 != 2) {
                return;
            }
            try {
                cmah q = cmah.q(copyOfRange);
                ((bywl) zxkVar.h()).x("handle link data message");
                try {
                    cmah cmahVar2 = (cmah) q.m().a.get(k);
                    if (cmahVar2 == null) {
                        ((bywl) zxkVar.h()).x("This update message doesn't contain the link message");
                        return;
                    }
                    this.d.y(this.c, acid.TYPE_HYBRID_LINK_DATA_RECEIVED);
                    try {
                        byte[] s = cmahVar2.s();
                        String str = this.m;
                        if (str == null || (pair = this.n) == null) {
                            ((bywl) zxkVar.h()).x("Missing necessary data to parse the link data");
                            return;
                        }
                        try {
                            adlz b2 = adlz.b(s, str, (ECPrivateKey) pair.second, this.t);
                            zgi.i();
                            if (b2.b != null && b2.c != null && b2.d != null && b2.e != null && b2.g.h()) {
                                byku d = adlx.d();
                                int i = ((byso) d).c;
                                for (int i2 = 0; i2 < i; i2++) {
                                    adlz adlzVar = (adlz) d.get(i2);
                                    if (adlzVar.d.equals(b2.d)) {
                                        adlx.f(adlzVar.b);
                                    }
                                }
                                String m = adlx.a.m(b2.b);
                                try {
                                    try {
                                        String m2 = adlx.a.m(cmah.o(new cmad(adlx.c, new cmaf(b2.a)), new cmad(adlx.b, cmah.k(adlz.f(b2.d))), new cmad(adlx.d, cmah.k(b2.c)), new cmad(adlx.e, new cmaf(b2.e)), new cmad(adlx.f, new cmaf((String) b2.g.c()))).s());
                                        aooo c3 = adlx.c("com.google.android.gms.fido.fido2.common.hybrid.HybridDataStore.Client").c();
                                        c3.g(m, m2);
                                        if (aoor.g(c3)) {
                                            ((bywl) a.h()).x("Successfully stored the link data");
                                            return;
                                        }
                                    } catch (clzw | cmab e6) {
                                        throw new adly("Serializing the authenticator link data failed", e6);
                                    }
                                } catch (adly unused) {
                                }
                            }
                            ((bywl) a.j()).x("Failed to store the link data");
                        } catch (adly e7) {
                            ((bywl) ((bywl) a.h()).s(e7)).x("Invalid link data");
                        }
                    } catch (cmab e8) {
                        ((bywl) ((bywl) a.h()).s(e8)).x("Encoding the link data in CborValue to byte array failed");
                    }
                } catch (cmag e9) {
                    ((bywl) ((bywl) a.h()).s(e9)).x("A possible link data with an unsupported type");
                }
            } catch (cmaa unused2) {
                ((bywl) a.i()).x("invalid CBOR payload in update message");
                this.q.c(adlj.INVALID_CBOR);
            }
        } catch (IllegalArgumentException unused3) {
            this.q.c(adlj.INVALID_MESSAGE_TYPE_BYTE);
        }
    }

    public final void g(adba adbaVar) {
        zgi.i();
        zxk zxkVar = a;
        ((bywl) zxkVar.h()).x("startConnecting(): start reading");
        this.u = adbaVar;
        ((bywl) zxkVar.h()).Q("starting websocket with URL: %s, headers: %s, protocol: %s", this.l, this.o, "fido.cable");
        this.d.y(this.c, acid.TYPE_HYBRID_WEBSOCKET_STARTED);
        byld byldVar = this.o;
        if (byldVar == null) {
            this.g = new aeis(this.l, this);
        } else {
            this.g = new aeis(this.l, this, byldVar);
        }
        this.g.d();
    }

    public final void h(adlf adlfVar, byte[] bArr) {
        zxk zxkVar = a;
        ((bywl) zxkVar.h()).M("write() msgType: %s with state: %s", adlfVar, this.i);
        if (!cqpj.h()) {
            bycg.a(this.i.equals(adlm.READY));
        } else if (adlfVar != adlf.SHUTDOWN) {
            bycg.a(this.i.equals(adlm.READY));
        } else if (this.i.equals(adlm.CLOSE)) {
            return;
        }
        ByteBuffer allocate = ByteBuffer.allocate((bArr == null ? 0 : bArr.length) + 1);
        allocate.order(ByteOrder.LITTLE_ENDIAN);
        allocate.put(adlfVar.d);
        if (bArr != null) {
            allocate.put(bArr);
        }
        byah b2 = this.v.b(allocate.array());
        if (b2.h()) {
            this.g.e((byte[]) b2.c());
        } else {
            ((bywl) zxkVar.i()).x("Failed to encrypt response");
            this.q.c(adlj.ENCRYPT_FAILURE);
        }
    }
}
