package de.cotech.hw.fido2.internal.operations.ctap1;

import de.cotech.hw.fido2.PublicKeyCredential;
import de.cotech.hw.fido2.PublicKeyCredentialGet;
import de.cotech.hw.fido2.domain.PublicKeyCredentialDescriptor;
import de.cotech.hw.fido2.domain.create.AuthenticatorData;
import de.cotech.hw.fido2.domain.get.AuthenticatorAssertionResponse;
import de.cotech.hw.fido2.exceptions.FidoWrongKeyHandleException;
import de.cotech.hw.fido2.internal.Fido2AppletConnection;
import de.cotech.hw.fido2.internal.Fido2CommandApduFactory;
import de.cotech.hw.fido2.internal.ctap2.commands.getAssertion.AuthenticatorGetAssertion;
import de.cotech.hw.fido2.internal.operations.WebauthnSecurityKeyOperation;
import de.cotech.hw.fido2.internal.operations.ctap2.AuthenticatorGetAssertionOperation;
import de.cotech.hw.fido2.internal.webauthn.AuthenticatorDataParser;
import de.cotech.hw.internal.iso7816.CommandApdu;
import de.cotech.hw.internal.iso7816.ResponseApdu;
import de.cotech.hw.util.Arrays;
import de.cotech.hw.util.HashUtil;
import de.cotech.hw.util.HwTimber;
import java.io.IOException;
import java.util.List;

/* loaded from: classes3.dex */
public class AuthenticatorGetAssertionCtap1Operation extends WebauthnSecurityKeyOperation<PublicKeyCredential, PublicKeyCredentialGet> {
    private final AuthenticatorGetAssertionOperation ctap2Operation;
    private final Fido2CommandApduFactory fido2CommandApduFactory = new Fido2CommandApduFactory();

    public AuthenticatorGetAssertionCtap1Operation(AuthenticatorGetAssertionOperation authenticatorGetAssertionOperation) {
        this.ctap2Operation = authenticatorGetAssertionOperation;
    }

    private PublicKeyCredential attemptU2fAuthentication(Fido2AppletConnection fido2AppletConnection, AuthenticatorGetAssertion authenticatorGetAssertion, byte[] bArr, PublicKeyCredentialDescriptor publicKeyCredentialDescriptor) throws IOException {
        return ctap1ResponseApduToWebauthnResponse(authenticatorGetAssertion, publicKeyCredentialDescriptor, bArr, fido2AppletConnection.communicateOrThrow(createCtap1CommandApdu(authenticatorGetAssertion.clientDataHash(), bArr, publicKeyCredentialDescriptor.id())));
    }

    private CommandApdu createCtap1CommandApdu(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return this.fido2CommandApduFactory.createAuthenticationCommand(Arrays.concatenate(bArr, bArr2, new byte[]{(byte) bArr3.length}, bArr3));
    }

    private PublicKeyCredential ctap1ResponseApduToWebauthnResponse(AuthenticatorGetAssertion authenticatorGetAssertion, PublicKeyCredentialDescriptor publicKeyCredentialDescriptor, byte[] bArr, ResponseApdu responseApdu) throws IOException {
        U2fAuthenticateResponse fromBytes = U2fAuthenticateResponse.fromBytes(responseApdu.getData());
        return PublicKeyCredential.create(publicKeyCredentialDescriptor.id(), AuthenticatorAssertionResponse.create(authenticatorGetAssertion.clientDataJson().getBytes(), new AuthenticatorDataParser().toBytes(AuthenticatorData.create(bArr, (byte) 1, fromBytes.counter(), null, null)), fromBytes.signature(), null));
    }

    @Override // de.cotech.hw.fido2.internal.operations.WebauthnSecurityKeyOperation
    public PublicKeyCredential performWebauthnSecurityKeyOperation(Fido2AppletConnection fido2AppletConnection, PublicKeyCredentialGet publicKeyCredentialGet) throws IOException {
        AuthenticatorGetAssertion webauthnCommandToCtap2Command = this.ctap2Operation.webauthnCommandToCtap2Command(publicKeyCredentialGet, null);
        byte[] sha256 = HashUtil.sha256(webauthnCommandToCtap2Command.rpId());
        List<PublicKeyCredentialDescriptor> allowList = webauthnCommandToCtap2Command.allowList();
        int size = allowList.size();
        for (int i = 0; i < size; i++) {
            try {
                PublicKeyCredentialDescriptor publicKeyCredentialDescriptor = allowList.get(i);
                HwTimber.i("Attempting credentials (%d/%d): %s", Integer.valueOf(i + 1), Integer.valueOf(size), publicKeyCredentialDescriptor);
                return attemptU2fAuthentication(fido2AppletConnection, webauthnCommandToCtap2Command, sha256, publicKeyCredentialDescriptor);
            } catch (FidoWrongKeyHandleException unused) {
                HwTimber.d("Key handle rejected", new Object[0]);
            }
        }
        throw new IOException("No valid credentials provided!");
    }
}
