package com.samsung.android.authfw.asm.authenticator.op.cmd;

import android.content.Context;
import com.samsung.android.authfw.asm.AsmLog;
import com.samsung.android.authfw.asm.authenticator.Authenticator;
import com.samsung.android.authfw.asm.authenticator.AuthenticatorCommandOperation;
import com.samsung.android.authfw.asm.authenticator.AuthenticatorManager;
import com.samsung.android.authfw.asm.skpm.SkpmOperation;
import com.samsung.android.authfw.asm.skpm.SkpmStorage;
import com.samsung.android.authfw.common.authenticator.operation.MultimodalUserVerification;
import com.samsung.android.authfw.trustzone.TzApp;
import com.sec.android.fido.uaf.message.asm.AuthenticatorInfo;
import com.sec.android.fido.uaf.message.internal.ext.ap.tag.ApTagExtensionId;
import com.sec.android.fido.uaf.message.internal.tag.cmdtlv.TlvRegisterCommand;
import com.sec.android.fido.uaf.message.internal.tag.uafv1tlv.TlvExtension;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import q4.c;

/* loaded from: classes.dex */
public class BoundTeeAuthServiceCommandMultimodalableOperation implements AuthenticatorCommandOperation {
    private static final String TAG = "BoundTeeAuthServiceCommandMultimodalableOperation";
    private final short MESSAGE_SIZE = 32;
    private Context context;

    public BoundTeeAuthServiceCommandMultimodalableOperation(Context context) {
        this.context = context;
    }

    @Override // com.samsung.android.authfw.asm.authenticator.AuthenticatorCommandOperation
    public byte[] postProcessIdentify(int i2, byte[] bArr) {
        Iterator<Integer> it = MultimodalUserVerification.getSupportedUserVerifications().iterator();
        while (it.hasNext()) {
            if ((it.next().intValue() & i2) != 2) {
                if (bArr.length != 0) {
                    return Arrays.copyOfRange(bArr, 4, bArr.length);
                }
                AsmLog.v(TAG, "message length is 0");
                return bArr;
            }
            String str = TAG;
            AsmLog.v(str, "postProcessIdentify for FingerprintHelper");
            if (32 != bArr.length) {
                AsmLog.v(str, "Invalid message");
            } else {
                byte[] wrappedObject = TzApp.getInstance().getWrappedObject(bArr);
                if (wrappedObject.length != 0) {
                    return Arrays.copyOfRange(wrappedObject, 4, wrappedObject.length);
                }
                AsmLog.v(str, "getWrappedObject() failed");
            }
        }
        return null;
    }

    @Override // com.samsung.android.authfw.asm.authenticator.AuthenticatorCommandOperation
    public int preProcessIdentify(int i2, byte[] bArr) {
        if ((i2 & 2) != 0) {
            String str = TAG;
            AsmLog.v(str, "preProcessIdentify for FingerprintHelper");
            if (32 != bArr.length) {
                AsmLog.e(str, "Invalid message");
                return 66;
            }
            if (!c.a(this.context).f8623a.c(bArr)) {
                AsmLog.e(str, "preProcessIdentify failed." + bArr.length);
                return 65;
            }
        }
        if ((i2 & 64) != 0) {
            AsmLog.v(TAG, "preProcessIdentify for iris");
        }
        if ((i2 & 16) == 0) {
            return 64;
        }
        AsmLog.v(TAG, "preProcessIdentify for face");
        return 64;
    }

    @Override // com.samsung.android.authfw.asm.authenticator.AuthenticatorCommandOperation
    public byte[] processTlv(short s4, byte[] bArr) {
        boolean z10;
        String str = TAG;
        AsmLog.d(str, "org commandTlv length:" + bArr.length);
        if (s4 == 13314) {
            TlvRegisterCommand tlvRegisterCommand = new TlvRegisterCommand(bArr);
            short authenticatorIndex = tlvRegisterCommand.getTlvAuthenticatorIndex().getAuthenticatorIndex();
            Authenticator authenticator = AuthenticatorManager.getInstance(this.context).getAuthenticator(authenticatorIndex);
            if (authenticator == null) {
                AsmLog.e(str, "authenticator is null");
                return null;
            }
            AuthenticatorInfo authenticatorInfo = authenticator.getAuthenticatorInfo(authenticatorIndex);
            if (authenticatorInfo == null) {
                AsmLog.e(str, "authenticatorInfo is null");
                return null;
            }
            int userVerification = authenticatorInfo.getUserVerification();
            boolean isRoamingAuthenticator = authenticatorInfo.isRoamingAuthenticator();
            AsmLog.d(str, "userVerification:" + userVerification);
            AsmLog.d(str, "isRoaming:" + isRoamingAuthenticator);
            List<TlvExtension> tlvExtensionList = tlvRegisterCommand.getTlvExtensionList();
            if (tlvExtensionList != null) {
                Iterator<TlvExtension> it = tlvExtensionList.iterator();
                while (it.hasNext()) {
                    if (Arrays.equals(it.next().getTlvExtensionId().getId(), ApTagExtensionId.REGISTER_COMMAND_ALIREGREQDATA.getBytes(StandardCharsets.UTF_8))) {
                        z10 = true;
                        break;
                    }
                }
            }
            z10 = false;
            String str2 = TAG;
            AsmLog.d(str2, "alipay mode:" + z10);
            short authenticationAlgorithm = authenticatorInfo.getAuthenticationAlgorithm();
            if (z10) {
                authenticationAlgorithm = 3;
            }
            byte[] loadCertificate = SkpmStorage.loadCertificate(SkpmOperation.getInstance().getSkpmSavedKeyName(userVerification, authenticationAlgorithm, isRoamingAuthenticator));
            if (loadCertificate == null) {
                AsmLog.d(str2, "cert from asset");
                loadCertificate = TzApp.getInstance().getCertificate(userVerification, isRoamingAuthenticator, z10);
                if (loadCertificate == null) {
                    AsmLog.e(str2, "certificate is null");
                    return null;
                }
            }
            byte[] bArr2 = new byte[bArr.length + loadCertificate.length];
            System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
            System.arraycopy(loadCertificate, 0, bArr2, bArr.length, loadCertificate.length);
            bArr = bArr2;
        }
        byte[] execSecurely = TzApp.getInstance().execSecurely(bArr);
        if (execSecurely.length != 0) {
            return execSecurely;
        }
        AsmLog.e(TAG, "failed to securely tz-execute");
        return new byte[0];
    }
}
