package com.garmin.android.gfdi.auth;

import android.support.annotation.NonNull;
import android.text.TextUtils;
import com.garmin.android.gfdi.auth.AuthNegotiationMessage;
import com.garmin.android.gfdi.auth.AuthNegotiationResponseMessage;
import com.garmin.android.gfdi.auth.LtkKeyDistributionResponseMessage;
import com.garmin.android.gfdi.auth.PasskeyRedisplayRequestResponseMessage;
import com.garmin.android.gfdi.auth.SessionKeyDiversifierDistributionResponseMessage;
import com.garmin.android.gfdi.auth.SessionKeyVerificationResponseMessage;
import com.garmin.android.gfdi.auth.StkBeginGenerationMessage;
import com.garmin.android.gfdi.auth.StkBeginGenerationResponseMessage;
import com.garmin.android.gfdi.auth.StkConfirmNumberResponseMessage;
import com.garmin.android.gfdi.auth.StkGenerationStatusMessage;
import com.garmin.android.gfdi.auth.StkRandNumberResponseMessage;
import com.garmin.android.gfdi.framework.Dispatcher;
import com.garmin.android.gfdi.framework.EncryptionUtil;
import com.garmin.android.gfdi.framework.Gfdi;
import com.garmin.android.gfdi.framework.MessageBase;
import com.garmin.android.gfdi.framework.RequestListener;
import com.garmin.android.gfdi.framework.ResponseBase;
import com.garmin.android.gfdi.framework.ResponseListener;
import com.garmin.android.gfdi.framework.StateManager;
import com.garmin.android.gfdi.utils.DumpByteUtil;
import java.util.Arrays;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class AuthStateManager implements RequestListener, ResponseListener, StateManager {
    private static final byte[] DEFAULT_JUST_WORKS_PASSKEY = new byte[16];
    private static final int DEFAULT_PASSKEY_TIMEOUT_SECONDS = 30;
    private static final int DEVICE_INITIALIZATION_VECTOR_OFFSET = 8;
    private static final int DEVICE_PACKET_COUNTER_OFFSET = 4;
    public static final String INTENT_ACTION = "com.garmin.android.gfdi.auth.AuthStateManager";
    private final AuthStateCallback authCallback;
    private final AuthDelegate authDelegate;
    private final Dispatcher dispatcher;
    private final Logger mLogger;
    private final String macAddress;
    private byte[] tempKey = null;
    private byte[] masterRandomNumber = null;
    private byte[] slaveRandomNumber = null;
    private byte[] slaveConfirmNumber = null;
    private byte[] shortTermKey = null;
    private byte[] secureSessionKey = null;
    private byte[] ltk = null;
    private byte[] ediv = null;
    private byte[] rand = null;
    private StkBeginGenerationMessage.PasskeyMode selectedPasskeyMode = null;
    private final byte[] lock = new byte[0];
    private final byte[] oobLock = new byte[0];

    public AuthStateManager(@NonNull Dispatcher dispatcher, @NonNull AuthDelegate authDelegate, @NonNull AuthStateCallback authStateCallback, @NonNull String str) {
        this.dispatcher = dispatcher;
        this.authDelegate = authDelegate;
        this.authCallback = authStateCallback;
        this.macAddress = str;
        this.mLogger = LoggerFactory.getLogger(Gfdi.createTag("AuthStateManager", this, dispatcher.getMacAddress()));
    }

    private void broadcastPairingPasskeyRedisplayFailure(String str) {
        this.authCallback.onDevicePairingPasskeyRedisplayFailure(str);
    }

    private void broadcastPairingPasskeyRedisplayed() {
        this.authCallback.onDevicePairingPasskeyRedisplayed();
    }

    private void broadcastPairingPasskeyRequired(int i) {
        this.authCallback.onDevicePairingPasskeyRequired(i);
    }

    private void broadcastRemoteDeviceAuthenticateFailure(String str) {
        this.authCallback.onDeviceAuthenticationFailure(str);
    }

    private void broadcastRemoteDeviceAuthenticated(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        this.authCallback.onDeviceAuthenticated(bArr, bArr2, bArr3);
    }

    private void broadcastRemoteDeviceAuthenticating() {
        if (this.selectedPasskeyMode != null) {
            this.authCallback.onDeviceAuthenticating(this.selectedPasskeyMode.name());
        }
    }

    private byte[] getEncryptedDiversifier() {
        if (this.ediv == null) {
            this.ediv = this.authDelegate.getEncryptedDiversifier();
        }
        return this.ediv;
    }

    private byte[] getLongTermKey() {
        if (this.ltk == null) {
            this.ltk = this.authDelegate.getLongTermKey();
        }
        return this.ltk;
    }

    private byte[] getMasterRandomNumber() {
        return this.masterRandomNumber;
    }

    private byte[] getRandomNumber() {
        if (this.rand == null) {
            this.rand = this.authDelegate.getRandomNumber();
        }
        return this.rand;
    }

    private byte[] getSessionKey() {
        return this.authDelegate.getSessionKey();
    }

    private byte[] getShortTermKey() {
        return this.shortTermKey;
    }

    private byte[] getSlaveConfirmNumber() {
        return this.slaveConfirmNumber;
    }

    private byte[] getSlaveRandomNumber() {
        return this.slaveRandomNumber;
    }

    private byte[] getTemporaryKey() {
        return this.tempKey;
    }

    private void sendResponse(ResponseBase responseBase) {
        this.mLogger.info("Sending " + responseBase.toString());
        this.dispatcher.sendResponse(responseBase);
    }

    private void sendStkConfirmNumber(@NonNull byte[] bArr) {
        if (bArr != null) {
            byte[] generateRandomNumber = Auth.generateRandomNumber();
            setMasterRandomNumber(generateRandomNumber);
            this.dispatcher.writeWithRetries(new StkConfirmNumberMessage(Auth.computeConfirmNumber(bArr, generateRandomNumber, this.macAddress)), this);
        }
    }

    private void setMasterRandomNumber(byte[] bArr) {
        this.masterRandomNumber = bArr;
    }

    private void setSessionKey(byte[] bArr) {
        this.authDelegate.setSessionKey(bArr);
    }

    private void setShortTermKey(byte[] bArr) {
        this.shortTermKey = bArr;
    }

    private void setSlaveConfirmNumber(byte[] bArr) {
        this.slaveConfirmNumber = bArr;
    }

    private void setSlaveRandomNumber(byte[] bArr) {
        this.slaveRandomNumber = bArr;
    }

    private void setTemporaryKey(byte[] bArr) {
        this.tempKey = bArr;
    }

    @Override // com.garmin.android.gfdi.framework.StateManager
    @NonNull
    public String getIntentAction() {
        return INTENT_ACTION;
    }

    @Override // com.garmin.android.gfdi.framework.StateManager
    public void initialize() {
        this.dispatcher.registerRequestListener(AuthNegotiationMessage.MESSAGE_ID, this);
        this.dispatcher.registerRequestListener(StkBeginGenerationMessage.MESSAGE_ID, this);
        this.dispatcher.registerRequestListener(LtkKeyDistributionMessage.MESSAGE_ID, this);
        this.dispatcher.registerRequestListener(SessionKeyDiversifierDistributionMessage.MESSAGE_ID, this);
        this.dispatcher.registerRequestListener(SessionKeyVerificationMessage.MESSAGE_ID, this);
        this.dispatcher.registerRequestListener(SecureSessionMessage.MESSAGE_ID, this);
        this.dispatcher.registerRequestListener(OutOfBandPasskeyMessage.MESSAGE_ID, this);
    }

    @Override // com.garmin.android.gfdi.framework.ResponseListener
    public void onFailedToSendMessage(int i) {
    }

    @Override // com.garmin.android.gfdi.framework.ResponseListener
    public void onMessageAcknowledged(ResponseBase responseBase) {
        if (responseBase.getRequestMessageId() == 5104) {
            StkConfirmNumberResponseMessage stkConfirmNumberResponseMessage = new StkConfirmNumberResponseMessage(responseBase);
            byte response = stkConfirmNumberResponseMessage.getResponse();
            if (response == StkConfirmNumberResponseMessage.ResponseType.SUCCESSFUL.getValue()) {
                setSlaveConfirmNumber(stkConfirmNumberResponseMessage.getConfirmNumber());
                this.dispatcher.writeWithRetries(new StkRandNumberMessage(getMasterRandomNumber()), this);
                return;
            }
            String str = "Remote device returned unregistered response type: " + ((int) response);
            try {
                StkConfirmNumberResponseMessage.ResponseType responseType = StkConfirmNumberResponseMessage.ResponseType.getResponseType(stkConfirmNumberResponseMessage.getResponse());
                if (responseType != null) {
                    str = responseType.name();
                }
            } catch (Exception unused) {
            }
            broadcastRemoteDeviceAuthenticateFailure(str);
            return;
        }
        if (responseBase.getRequestMessageId() != 5105) {
            if (responseBase.getRequestMessageId() == 5110) {
                PasskeyRedisplayRequestResponseMessage passkeyRedisplayRequestResponseMessage = new PasskeyRedisplayRequestResponseMessage(responseBase);
                byte response2 = passkeyRedisplayRequestResponseMessage.getResponse();
                if (response2 == PasskeyRedisplayRequestResponseMessage.ResponseType.SUCCESSFUL.getValue()) {
                    broadcastPairingPasskeyRedisplayed();
                    return;
                }
                String str2 = "Remote device returned unregistered response type: " + ((int) response2);
                try {
                    PasskeyRedisplayRequestResponseMessage.ResponseType responseType2 = PasskeyRedisplayRequestResponseMessage.ResponseType.getResponseType(passkeyRedisplayRequestResponseMessage.getResponse());
                    if (responseType2 != null) {
                        str2 = responseType2.name();
                    }
                } catch (Exception unused2) {
                }
                broadcastPairingPasskeyRedisplayFailure(str2);
                return;
            }
            return;
        }
        StkRandNumberResponseMessage stkRandNumberResponseMessage = new StkRandNumberResponseMessage(responseBase);
        byte response3 = stkRandNumberResponseMessage.getResponse();
        if (response3 != StkRandNumberResponseMessage.ResponseType.SUCCESSFUL.getValue()) {
            String str3 = "Remote device returned unregistered response type: " + ((int) response3);
            try {
                StkRandNumberResponseMessage.ResponseType responseType3 = StkRandNumberResponseMessage.ResponseType.getResponseType(stkRandNumberResponseMessage.getResponse());
                if (responseType3 != null) {
                    str3 = responseType3.name();
                }
            } catch (Exception unused3) {
            }
            broadcastRemoteDeviceAuthenticateFailure(str3);
            return;
        }
        setSlaveRandomNumber(stkRandNumberResponseMessage.getRandNumber());
        byte[] slaveConfirmNumber = getSlaveConfirmNumber();
        byte[] computeConfirmNumber = Auth.computeConfirmNumber(getTemporaryKey(), getSlaveRandomNumber(), this.macAddress);
        if (Arrays.equals(slaveConfirmNumber, computeConfirmNumber)) {
            setShortTermKey(Auth.computeShortTermKey(getTemporaryKey(), getMasterRandomNumber(), getSlaveRandomNumber()));
            this.dispatcher.writeWithRetries(new StkGenerationStatusMessage(StkGenerationStatusMessage.StatusType.SUCCESS), this);
            return;
        }
        String str4 = "Slave Confirm NOT IDENTICAL: supplied sConfirm=" + DumpByteUtil.arrayToHexString(slaveConfirmNumber) + "; computed sConfirm=" + DumpByteUtil.arrayToHexString(computeConfirmNumber);
        this.mLogger.warn("Slave Confirm NOT IDENTICAL");
        broadcastRemoteDeviceAuthenticateFailure(str4);
        this.dispatcher.writeWithRetries(new StkGenerationStatusMessage(StkGenerationStatusMessage.StatusType.CONFIRM_VALUE_FAILED), this);
    }

    @Override // com.garmin.android.gfdi.framework.RequestListener
    public void onMessageReceived(MessageBase messageBase) {
        boolean z = true;
        if (messageBase.getMessageId() == 5101) {
            AuthNegotiationMessage authNegotiationMessage = new AuthNegotiationMessage(messageBase);
            AuthNegotiationResponseMessage authNegotiationResponseMessage = new AuthNegotiationResponseMessage();
            if (!this.authDelegate.onAuthStarted()) {
                authNegotiationResponseMessage.setMessageStatus(1);
                sendResponse(authNegotiationResponseMessage);
                return;
            }
            if ((Auth.getSupportedEncryptionAlgorithmBitMask() & authNegotiationMessage.getSupportedEncryptionAlgorithms()) == 0) {
                authNegotiationResponseMessage.setResponse(AuthNegotiationResponseMessage.ResponseType.NO_COMMON_ALGORITHM);
            } else {
                authNegotiationResponseMessage.setResponse(AuthNegotiationResponseMessage.ResponseType.SUCCESSFUL);
            }
            authNegotiationResponseMessage.setSupportedAlgorithms(Auth.getSupportedEncryptionAlgorithmBitMask());
            if (this.authDelegate.getLongTermKey() == null) {
                this.mLogger.warn("Ltk NOT found. Assume pair new process!");
                authNegotiationResponseMessage.setLongTermKeyAvailability(AuthNegotiationResponseMessage.LongTermKeyStatus.NO_LONG_TERM_KEY_AVAILABLE);
                z = false;
            } else {
                authNegotiationResponseMessage.setLongTermKeyAvailability(AuthNegotiationResponseMessage.LongTermKeyStatus.LONG_TERM_KEY_AVAILABLE);
            }
            sendResponse(authNegotiationResponseMessage);
            if (z) {
                this.dispatcher.writeWithRetries(new LtkReconnectMessage(this.authDelegate.getEncryptedDiversifier(), this.authDelegate.getRandomNumber()), this);
                return;
            }
            return;
        }
        if (messageBase.getMessageId() == 5103) {
            StkBeginGenerationMessage stkBeginGenerationMessage = new StkBeginGenerationMessage(messageBase);
            StkBeginGenerationMessage.PasskeyMode resolvePasskeyMode = StkBeginGenerationMessage.PasskeyMode.resolvePasskeyMode(stkBeginGenerationMessage.getPasskeyMode());
            Logger logger = this.mLogger;
            StringBuilder sb = new StringBuilder();
            sb.append("passkeyMode=");
            sb.append(resolvePasskeyMode != null ? resolvePasskeyMode.name() : "null");
            logger.debug(sb.toString());
            switch (resolvePasskeyMode) {
                case VISIBLE:
                    this.mLogger.debug("Visible mode requested! Waiting for user to enter passkey...");
                    int passkeyTimeout = stkBeginGenerationMessage.getPasskeyTimeout();
                    if (passkeyTimeout <= 0) {
                        passkeyTimeout = 30;
                    }
                    broadcastPairingPasskeyRequired(passkeyTimeout);
                    break;
                case JUST_WORKS:
                    this.mLogger.debug("Just Works mode requested! Continue auth processing with default passkey...");
                    broadcastRemoteDeviceAuthenticating();
                    setTemporaryKey(DEFAULT_JUST_WORKS_PASSKEY);
                    sendResponse(new StkBeginGenerationResponseMessage(StkBeginGenerationResponseMessage.ResponseType.SUCCESSFUL, resolvePasskeyMode));
                    sendStkConfirmNumber(DEFAULT_JUST_WORKS_PASSKEY);
                    return;
                case OUT_OF_BAND:
                    synchronized (this.oobLock) {
                        this.selectedPasskeyMode = resolvePasskeyMode;
                    }
                    byte[] outOfBandPasskey = this.authDelegate.getOutOfBandPasskey();
                    if (outOfBandPasskey == null) {
                        this.mLogger.warn("Out-of-band passkey mode requested! Waiting for the OOB passkey...");
                        break;
                    } else {
                        this.mLogger.debug("Out-of-band mode requested! OOB passkey available, proceeding...");
                        onOutOfBandPasskeyReceived(outOfBandPasskey);
                        break;
                    }
                case SIMULATED:
                    onPasskeyReceived("19229");
                    break;
                default:
                    StringBuilder sb2 = new StringBuilder();
                    sb2.append("Mr Developer, the supplied passkey mode [");
                    sb2.append(resolvePasskeyMode != null ? resolvePasskeyMode.name() : "null");
                    sb2.append("] is NOT supported!!! ");
                    sb2.append("Defaulting to VISIBLE passkey mode. Now waiting for user to enter passkey...");
                    this.mLogger.warn(sb2.toString());
                    broadcastPairingPasskeyRequired(30);
                    break;
            }
            sendResponse(new StkBeginGenerationResponseMessage(StkBeginGenerationResponseMessage.ResponseType.SUCCESSFUL, resolvePasskeyMode));
            return;
        }
        if (messageBase.getMessageId() == 5107) {
            byte[] decrypt = EncryptionUtil.decrypt(new LtkKeyDistributionMessage(messageBase).getEncryptedData(), getShortTermKey(), false);
            byte[] bArr = new byte[16];
            System.arraycopy(decrypt, 0, bArr, 0, 16);
            byte[] bArr2 = new byte[2];
            System.arraycopy(decrypt, 16, bArr2, 0, 2);
            byte[] bArr3 = new byte[8];
            System.arraycopy(decrypt, 18, bArr3, 0, 8);
            this.ltk = bArr;
            this.ediv = bArr2;
            this.rand = bArr3;
            this.authDelegate.setAuthenticationInfo(bArr, bArr2, bArr3);
            sendResponse(new LtkKeyDistributionResponseMessage(LtkKeyDistributionResponseMessage.ResponseType.SUCCESSFUL));
            return;
        }
        if (messageBase.getMessageId() == 5108) {
            byte[] bArr4 = new byte[8];
            System.arraycopy(Auth.generateRandomNumber(), 8, bArr4, 0, 8);
            byte[] computeSessionKey = Auth.computeSessionKey(getLongTermKey(), bArr4, new SessionKeyDiversifierDistributionMessage(messageBase).getSlaveSessionKeyDiversifier());
            this.secureSessionKey = computeSessionKey;
            setSessionKey(computeSessionKey);
            sendResponse(new SessionKeyDiversifierDistributionResponseMessage(SessionKeyDiversifierDistributionResponseMessage.ResponseType.SUCCESSFUL, bArr4));
            return;
        }
        if (messageBase.getMessageId() == 5109) {
            if (Arrays.equals(Auth.extractSessionKey(new SessionKeyVerificationMessage(messageBase).getEncryptedData(), getSessionKey()), getSessionKey())) {
                broadcastRemoteDeviceAuthenticated(getLongTermKey(), getEncryptedDiversifier(), getRandomNumber());
                sendResponse(new SessionKeyVerificationResponseMessage(SessionKeyVerificationResponseMessage.ResponseType.SUCCESSFUL));
                return;
            } else {
                this.mLogger.warn("Session key NOT IDENTICAL");
                sendResponse(new SessionKeyVerificationResponseMessage(SessionKeyVerificationResponseMessage.ResponseType.MISMATCHED_SESSION_KEY));
                return;
            }
        }
        if (messageBase.getMessageId() != 5111) {
            if (messageBase.getMessageId() == 5112) {
                OutOfBandPasskeyMessage outOfBandPasskeyMessage = new OutOfBandPasskeyMessage(messageBase);
                this.mLogger.debug("Received OutOfBandPasskeyMessage: " + outOfBandPasskeyMessage.toString());
                this.authDelegate.onOutOfBandPasskeyReceived(outOfBandPasskeyMessage.getOutOfBandPasskey());
                OutOfBandPasskeyResponseMessage outOfBandPasskeyResponseMessage = new OutOfBandPasskeyResponseMessage();
                outOfBandPasskeyResponseMessage.setMessageStatus(0);
                this.dispatcher.sendResponse(outOfBandPasskeyResponseMessage);
                return;
            }
            return;
        }
        SecureSessionMessage secureSessionMessage = new SecureSessionMessage(messageBase);
        this.mLogger.debug("Received securesession message: " + secureSessionMessage.toString());
        byte[] decrypt2 = EncryptionUtil.decrypt(secureSessionMessage.getPayload(), this.secureSessionKey, false);
        byte b = decrypt2[0];
        byte[] bArr5 = new byte[4];
        System.arraycopy(decrypt2, 8, bArr5, 0, 4);
        System.arraycopy(decrypt2, 4, new byte[4], 0, 4);
        SecureSessionResponseMessage secureSessionResponseMessage = new SecureSessionResponseMessage(b, this.secureSessionKey);
        byte[] bArr6 = {(byte) secureSessionResponseMessage.getGCMIv(), (byte) (r8 >> 8), (byte) (r8 >> 16), (byte) (r8 >> 24)};
        synchronized (this.lock) {
            sendResponse(secureSessionResponseMessage);
            this.dispatcher.enableEncryption(this.secureSessionKey, bArr5, bArr6);
        }
    }

    @Override // com.garmin.android.gfdi.framework.ResponseListener
    public void onMessageUnknownOrNotSupported(ResponseBase responseBase) {
    }

    public void onOutOfBandPasskeyReceived(@NonNull byte[] bArr) {
        this.mLogger.debug("AuthStateManager: onOutOfBandPasskeyReceived");
        synchronized (this.oobLock) {
            if (this.selectedPasskeyMode == null) {
                this.authDelegate.setOutOfBandPasskey(bArr);
                this.mLogger.warn("Passkey mode indicator has not been received from remote device. OOB passkey has been stored for now.");
            } else if (this.selectedPasskeyMode == StkBeginGenerationMessage.PasskeyMode.OUT_OF_BAND) {
                broadcastRemoteDeviceAuthenticating();
                if (bArr == null) {
                    this.mLogger.error("Invalid OOB passkey: null");
                    broadcastRemoteDeviceAuthenticateFailure("Invalid OOB passkey: null");
                } else if (bArr.length == 16) {
                    this.mLogger.debug("OOB passkey mode & passkey are set, authentication continues...");
                    setTemporaryKey(bArr);
                    sendStkConfirmNumber(bArr);
                } else {
                    String str = "Invalid OOB passkey length. 16 bytes required.";
                    this.mLogger.error(str);
                    broadcastRemoteDeviceAuthenticateFailure(str);
                }
            } else {
                this.mLogger.debug("Passkey mode indicator is not OOB. OOB passkey ignored.");
            }
        }
    }

    public void onPasskeyReceived(@NonNull String str) {
        if (TextUtils.isEmpty(str)) {
            return;
        }
        broadcastRemoteDeviceAuthenticating();
        byte[] computeTemporaryKey = Auth.computeTemporaryKey(str);
        setTemporaryKey(computeTemporaryKey);
        sendStkConfirmNumber(computeTemporaryKey);
    }

    public void sendAuthNegotiationBegin() {
        AuthNegotiationMessage authNegotiationMessage = new AuthNegotiationMessage();
        authNegotiationMessage.setLongTermKeyAvailability(AuthNegotiationMessage.LongTermKeyStatus.NO_LONG_TERM_KEY);
        authNegotiationMessage.setSupportedEncryptionAlgorithms(Auth.getSupportedEncryptionAlgorithmBitMask());
        this.dispatcher.writeWithRetries(authNegotiationMessage, this);
    }

    public void sendPasskeyRedisplayRequest() {
        this.dispatcher.writeWithRetries(new PasskeyRedisplayRequestMessage(), this);
    }

    @Override // com.garmin.android.gfdi.framework.StateManager
    public void terminate() {
    }
}
