package com.yubico.yubikit.piv.jca;

import Rg.c;
import Tg.a;
import com.yubico.yubikit.core.application.BadResponseException;
import com.yubico.yubikit.core.smartcard.ApduException;
import com.yubico.yubikit.piv.KeyType;
import com.yubico.yubikit.piv.PinPolicy;
import com.yubico.yubikit.piv.Slot;
import com.yubico.yubikit.piv.TouchPolicy;
import com.yubico.yubikit.piv.a;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Date;
import java.util.Enumeration;
import java.util.LinkedHashMap;
import java.util.Objects;
import java.util.concurrent.ArrayBlockingQueue;
import java.util.concurrent.Callable;
import javax.annotation.Nullable;
import org.slf4j.event.Level;

/* loaded from: classes7.dex */
public final class r extends KeyStoreSpi {

    /* renamed from: a, reason: collision with root package name */
    public final Wg.a<Wg.a<Wg.d<com.yubico.yubikit.piv.a, Exception>>> f33772a;

    public r(Wg.a<Wg.a<Wg.d<com.yubico.yubikit.piv.a, Exception>>> aVar) {
        this.f33772a = aVar;
    }

    public final void a(final Slot slot, @Nullable final PrivateKey privateKey, final PinPolicy pinPolicy, final TouchPolicy touchPolicy, @Nullable final X509Certificate x509Certificate) throws Exception {
        final ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
        this.f33772a.invoke(new Wg.a() { // from class: com.yubico.yubikit.piv.jca.j
            @Override // Wg.a
            public final void invoke(Object obj) {
                final Wg.d dVar = (Wg.d) obj;
                final TouchPolicy touchPolicy2 = touchPolicy;
                final X509Certificate x509Certificate2 = x509Certificate;
                final PrivateKey privateKey2 = privateKey;
                final Slot slot2 = slot;
                final PinPolicy pinPolicy2 = pinPolicy;
                arrayBlockingQueue.add(Wg.d.c(new Callable() { // from class: com.yubico.yubikit.piv.jca.o
                    @Override // java.util.concurrent.Callable
                    public final Object call() {
                        com.yubico.yubikit.piv.a aVar = (com.yubico.yubikit.piv.a) Wg.d.this.b();
                        PrivateKey privateKey3 = privateKey2;
                        Slot slot3 = slot2;
                        if (privateKey3 != null) {
                            aVar.getClass();
                            Tg.a a10 = Tg.a.a(privateKey3);
                            KeyType fromKeyParams = KeyType.fromKeyParams(a10);
                            PinPolicy pinPolicy3 = pinPolicy2;
                            TouchPolicy touchPolicy3 = touchPolicy2;
                            aVar.c(fromKeyParams, pinPolicy3, touchPolicy3, false);
                            KeyType.b bVar = fromKeyParams.params;
                            LinkedHashMap linkedHashMap = new LinkedHashMap();
                            int i10 = a.b.f33709a[bVar.f33698a.ordinal()];
                            if (i10 == 1) {
                                int i11 = (bVar.f33699b / 8) / 2;
                                a.b bVar2 = (a.b) a10;
                                linkedHashMap.put(1, B0.p.B(i11, bVar2.f5095f));
                                linkedHashMap.put(2, B0.p.B(i11, bVar2.f5096g));
                                BigInteger bigInteger = bVar2.f5097k;
                                Objects.requireNonNull(bigInteger);
                                linkedHashMap.put(3, B0.p.B(i11, bigInteger));
                                BigInteger bigInteger2 = bVar2.f5098n;
                                Objects.requireNonNull(bigInteger2);
                                linkedHashMap.put(4, B0.p.B(i11, bigInteger2));
                                BigInteger bigInteger3 = bVar2.f5099p;
                                Objects.requireNonNull(bigInteger3);
                                linkedHashMap.put(5, B0.p.B(i11, bigInteger3));
                            } else if (i10 == 2) {
                                byte[] bArr = ((a.C0115a) a10).f5092e;
                                linkedHashMap.put(6, Arrays.copyOf(bArr, bArr.length));
                            }
                            if (pinPolicy3 != PinPolicy.DEFAULT) {
                                linkedHashMap.put(170, new byte[]{(byte) pinPolicy3.value});
                            }
                            if (touchPolicy3 != TouchPolicy.DEFAULT) {
                                linkedHashMap.put(171, new byte[]{(byte) touchPolicy3.value});
                            }
                            Di.b bVar3 = com.yubico.yubikit.piv.a.f33705n;
                            Sg.a.c(bVar3, "Importing key with pin_policy={}, touch_policy={}", pinPolicy3, touchPolicy3);
                            aVar.f33706a.c(new Vg.a(-2, fromKeyParams.value, slot3.value, Wg.f.d(linkedHashMap)));
                            Sg.a.e(Level.INFO, bVar3, "Private key imported in slot {} of type {}", slot3, fromKeyParams);
                        }
                        X509Certificate x509Certificate3 = x509Certificate2;
                        if (x509Certificate3 != null) {
                            aVar.getClass();
                            byte[] bArr2 = {0};
                            Sg.a.c(com.yubico.yubikit.piv.a.f33705n, "Storing {}certificate in slot {}", "", slot3);
                            try {
                                byte[] encoded = x509Certificate3.getEncoded();
                                LinkedHashMap linkedHashMap2 = new LinkedHashMap();
                                linkedHashMap2.put(112, encoded);
                                linkedHashMap2.put(113, bArr2);
                                linkedHashMap2.put(254, null);
                                aVar.n(slot3.objectId, Wg.f.d(linkedHashMap2));
                            } catch (CertificateEncodingException e10) {
                                throw new IllegalArgumentException("Failed to get encoded version of certificate", e10);
                            }
                        }
                        return Boolean.TRUE;
                    }
                }));
            }
        });
        ((Wg.d) arrayBlockingQueue.take()).b();
    }

    @Override // java.security.KeyStoreSpi
    public final Enumeration<String> engineAliases() {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public final boolean engineContainsAlias(String str) {
        try {
            Slot.fromStringAlias(str);
            return true;
        } catch (IllegalArgumentException unused) {
            return false;
        }
    }

    @Override // java.security.KeyStoreSpi
    public final void engineDeleteEntry(String str) throws KeyStoreException {
        final Slot fromStringAlias = Slot.fromStringAlias(str);
        final ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
        this.f33772a.invoke(new Wg.a() { // from class: com.yubico.yubikit.piv.jca.i
            @Override // Wg.a
            public final void invoke(Object obj) {
                final Wg.d dVar = (Wg.d) obj;
                final Slot slot = fromStringAlias;
                arrayBlockingQueue.add(Wg.d.c(new Callable() { // from class: com.yubico.yubikit.piv.jca.m
                    @Override // java.util.concurrent.Callable
                    public final Object call() {
                        com.yubico.yubikit.piv.a aVar = (com.yubico.yubikit.piv.a) Wg.d.this.b();
                        aVar.getClass();
                        Di.b bVar = com.yubico.yubikit.piv.a.f33705n;
                        Slot slot2 = slot;
                        Sg.a.b(bVar, "Deleting certificate in slot {}", slot2);
                        aVar.n(slot2.objectId, null);
                        return Boolean.TRUE;
                    }
                }));
            }
        });
        try {
            ((Wg.d) arrayBlockingQueue.take()).b();
        } catch (Exception e10) {
            throw new KeyStoreException(e10);
        }
    }

    @Override // java.security.KeyStoreSpi
    @Nullable
    public final Certificate engineGetCertificate(String str) {
        final Slot fromStringAlias = Slot.fromStringAlias(str);
        final ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
        this.f33772a.invoke(new Wg.a() { // from class: com.yubico.yubikit.piv.jca.l
            @Override // Wg.a
            public final void invoke(Object obj) {
                final Wg.d dVar = (Wg.d) obj;
                final Slot slot = fromStringAlias;
                arrayBlockingQueue.add(Wg.d.c(new Callable() { // from class: com.yubico.yubikit.piv.jca.p
                    @Override // java.util.concurrent.Callable
                    public final Object call() {
                        return ((com.yubico.yubikit.piv.a) Wg.d.this.b()).f(slot);
                    }
                }));
            }
        });
        try {
            return (Certificate) ((Wg.d) arrayBlockingQueue.take()).b();
        } catch (BadResponseException unused) {
            return null;
        } catch (ApduException e10) {
            if (e10.getSw() == 27266) {
                return null;
            }
            throw new RuntimeException(e10);
        } catch (Exception e11) {
            throw new RuntimeException(e11);
        }
    }

    @Override // java.security.KeyStoreSpi
    @Nullable
    public final String engineGetCertificateAlias(Certificate certificate) {
        for (Slot slot : Slot.values()) {
            String stringAlias = slot.getStringAlias();
            if (certificate.equals(engineGetCertificate(stringAlias))) {
                return stringAlias;
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public final Certificate[] engineGetCertificateChain(String str) {
        return new Certificate[]{engineGetCertificate(str)};
    }

    @Override // java.security.KeyStoreSpi
    @Nullable
    public final Date engineGetCreationDate(String str) {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    @Nullable
    public final KeyStore.Entry engineGetEntry(String str, final KeyStore.ProtectionParameter protectionParameter) throws UnrecoverableEntryException {
        final Slot fromStringAlias = Slot.fromStringAlias(str);
        try {
            final ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
            this.f33772a.invoke(new Wg.a() { // from class: com.yubico.yubikit.piv.jca.h
                @Override // Wg.a
                public final void invoke(Object obj) {
                    final Wg.d dVar = (Wg.d) obj;
                    final Slot slot = fromStringAlias;
                    final KeyStore.ProtectionParameter protectionParameter2 = protectionParameter;
                    arrayBlockingQueue.add(Wg.d.c(new Callable() { // from class: com.yubico.yubikit.piv.jca.q
                        @Override // java.util.concurrent.Callable
                        public final Object call() {
                            PivPrivateKey from;
                            com.yubico.yubikit.piv.a aVar = (com.yubico.yubikit.piv.a) Wg.d.this.b();
                            Slot slot2 = slot;
                            X509Certificate f6 = aVar.f(slot2);
                            KeyStore.ProtectionParameter protectionParameter3 = protectionParameter2;
                            char[] password = protectionParameter3 instanceof KeyStore.PasswordProtection ? ((KeyStore.PasswordProtection) protectionParameter3).getPassword() : null;
                            if (com.yubico.yubikit.piv.a.f33703g.b(aVar.f33707b)) {
                                Xg.b h10 = aVar.h(slot2);
                                from = PivPrivateKey.from(h10.a(), slot2, h10.f6139b, h10.f6140c, password);
                            } else {
                                from = PivPrivateKey.from(f6.getPublicKey(), slot2, null, null, password);
                            }
                            return new KeyStore.PrivateKeyEntry(from, new Certificate[]{f6});
                        }
                    }));
                }
            });
            return (KeyStore.Entry) ((Wg.d) arrayBlockingQueue.take()).b();
        } catch (BadResponseException unused) {
            throw new UnrecoverableEntryException("Make sure the matching certificate is stored");
        } catch (ApduException e10) {
            if (e10.getSw() == 27266) {
                return null;
            }
            throw new RuntimeException(e10);
        } catch (Exception e11) {
            throw new RuntimeException(e11);
        }
    }

    @Override // java.security.KeyStoreSpi
    @Nullable
    public final Key engineGetKey(String str, final char[] cArr) throws UnrecoverableKeyException {
        final Slot fromStringAlias = Slot.fromStringAlias(str);
        try {
            final ArrayBlockingQueue arrayBlockingQueue = new ArrayBlockingQueue(1);
            this.f33772a.invoke(new Wg.a() { // from class: com.yubico.yubikit.piv.jca.k
                @Override // Wg.a
                public final void invoke(Object obj) {
                    final Wg.d dVar = (Wg.d) obj;
                    final Slot slot = fromStringAlias;
                    final char[] cArr2 = cArr;
                    arrayBlockingQueue.add(Wg.d.c(new Callable() { // from class: com.yubico.yubikit.piv.jca.n
                        @Override // java.util.concurrent.Callable
                        public final Object call() {
                            com.yubico.yubikit.piv.a aVar = (com.yubico.yubikit.piv.a) Wg.d.this.b();
                            c.a aVar2 = com.yubico.yubikit.piv.a.f33703g;
                            aVar.getClass();
                            boolean b10 = aVar2.b(aVar.f33707b);
                            Slot slot2 = slot;
                            char[] cArr3 = cArr2;
                            if (!b10) {
                                return PivPrivateKey.from(aVar.f(slot2).getPublicKey(), slot2, null, null, cArr3);
                            }
                            Xg.b h10 = aVar.h(slot2);
                            return PivPrivateKey.from(h10.a(), slot2, h10.f6139b, h10.f6140c, cArr3);
                        }
                    }));
                }
            });
            return (Key) ((Wg.d) arrayBlockingQueue.take()).b();
        } catch (BadResponseException unused) {
            throw new UnrecoverableKeyException("No way to infer KeyType, make sure the matching certificate is stored");
        } catch (ApduException e10) {
            if (e10.getSw() == 27266) {
                return null;
            }
            throw new RuntimeException(e10);
        } catch (Exception e11) {
            throw new RuntimeException(e11);
        }
    }

    @Override // java.security.KeyStoreSpi
    public final boolean engineIsCertificateEntry(String str) {
        return engineGetCertificate(str) != null;
    }

    @Override // java.security.KeyStoreSpi
    public final boolean engineIsKeyEntry(String str) {
        return engineContainsAlias(str);
    }

    @Override // java.security.KeyStoreSpi
    public final void engineLoad(InputStream inputStream, char[] cArr) {
        throw new InvalidParameterException("KeyStore must be loaded with a null LoadStoreParameter");
    }

    @Override // java.security.KeyStoreSpi
    public final void engineLoad(@Nullable KeyStore.LoadStoreParameter loadStoreParameter) {
        if (loadStoreParameter != null) {
            throw new InvalidParameterException("KeyStore must be loaded with null");
        }
    }

    @Override // java.security.KeyStoreSpi
    public final void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        Slot fromStringAlias = Slot.fromStringAlias(str);
        if (!(certificate instanceof X509Certificate)) {
            throw new KeyStoreException("Certificate must be X509Certificate");
        }
        try {
            a(fromStringAlias, null, PinPolicy.DEFAULT, TouchPolicy.DEFAULT, (X509Certificate) certificate);
        } catch (Exception e10) {
            throw new KeyStoreException(e10);
        }
    }

    @Override // java.security.KeyStoreSpi
    public final void engineSetEntry(String str, KeyStore.Entry entry, @Nullable KeyStore.ProtectionParameter protectionParameter) throws KeyStoreException {
        Object certificate;
        PrivateKey privateKey;
        TouchPolicy touchPolicy;
        PinPolicy pinPolicy;
        Slot fromStringAlias = Slot.fromStringAlias(str);
        if (entry instanceof KeyStore.TrustedCertificateEntry) {
            if (protectionParameter != null) {
                throw new KeyStoreException("Certificate cannot use protParam");
            }
            certificate = ((KeyStore.TrustedCertificateEntry) entry).getTrustedCertificate();
            privateKey = null;
        } else {
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                throw new KeyStoreException("Unsupported KeyStore entry.");
            }
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
            certificate = privateKeyEntry.getCertificate();
            privateKey = privateKeyEntry.getPrivateKey();
        }
        if (certificate != null && !(certificate instanceof X509Certificate)) {
            throw new KeyStoreException("Certificate must be X509Certificate");
        }
        PinPolicy pinPolicy2 = PinPolicy.DEFAULT;
        TouchPolicy touchPolicy2 = TouchPolicy.DEFAULT;
        if (privateKey == null || protectionParameter == null) {
            touchPolicy = touchPolicy2;
            pinPolicy = pinPolicy2;
        } else {
            if (!(protectionParameter instanceof g)) {
                throw new KeyStoreException("protParam must be an instance of PivKeyStoreKeyParameters");
            }
            pinPolicy = null;
            touchPolicy = null;
        }
        try {
            a(fromStringAlias, privateKey, pinPolicy, touchPolicy, (X509Certificate) certificate);
        } catch (Exception e10) {
            throw new KeyStoreException(e10);
        }
    }

    @Override // java.security.KeyStoreSpi
    public final void engineSetKeyEntry(String str, Key key, @Nullable char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        Slot fromStringAlias = Slot.fromStringAlias(str);
        if (cArr != null) {
            throw new KeyStoreException("Password can not be set");
        }
        if (certificateArr.length != 1) {
            throw new KeyStoreException("Certificate chain must be a single certificate, or empty");
        }
        Certificate certificate = certificateArr[0];
        if (!(certificate instanceof X509Certificate)) {
            throw new KeyStoreException("Certificate must be X509Certificate");
        }
        try {
            a(fromStringAlias, (PrivateKey) key, PinPolicy.DEFAULT, TouchPolicy.DEFAULT, (X509Certificate) certificate);
        } catch (Exception e10) {
            throw new KeyStoreException(e10);
        }
    }

    @Override // java.security.KeyStoreSpi
    public final void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new KeyStoreException("Use setKeyEntry with a PrivateKey instance instead of byte[]");
    }

    @Override // java.security.KeyStoreSpi
    public final int engineSize() {
        return Slot.values().length;
    }

    @Override // java.security.KeyStoreSpi
    public final void engineStore(OutputStream outputStream, char[] cArr) {
        throw new UnsupportedOperationException();
    }
}
