package pro.javacard.fido2.cli;

import apdu4j.core.ResponseAPDU;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import com.sun.jna.Platform;
import java.io.IOException;
import java.io.UncheckedIOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.interfaces.ECPublicKey;
import java.util.Arrays;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Locale;
import java.util.Objects;
import java.util.Optional;
import java.util.OptionalInt;
import java.util.UUID;
import java.util.stream.Collectors;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.TextOutputCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import joptsimple.OptionSet;
import org.bouncycastle.util.encoders.Hex;
import org.hid4java.HidDevice;
import pro.javacard.fido2.common.AssertionVerifier;
import pro.javacard.fido2.common.AttestationVerifier;
import pro.javacard.fido2.common.AuthenticatorData;
import pro.javacard.fido2.common.COSEPublicKey;
import pro.javacard.fido2.common.CTAP2Commands;
import pro.javacard.fido2.common.CTAP2Enums;
import pro.javacard.fido2.common.CTAP2Extension;
import pro.javacard.fido2.common.CTAP2ProtocolHelpers;
import pro.javacard.fido2.common.CTAP2Transport;
import pro.javacard.fido2.common.CTAPVersion;
import pro.javacard.fido2.common.ClientPINCommand;
import pro.javacard.fido2.common.CredentialManagementCommand;
import pro.javacard.fido2.common.CryptoUtils;
import pro.javacard.fido2.common.FIDOCredential;
import pro.javacard.fido2.common.GetAssertionCommand;
import pro.javacard.fido2.common.MakeCredentialCommand;
import pro.javacard.fido2.common.P256;
import pro.javacard.fido2.common.PINProtocols;
import pro.javacard.fido2.common.TransportMetadata;
import pro.javacard.fido2.common.U2FAuthenticate;
import pro.javacard.fido2.common.U2FProtocolHelpers;
import pro.javacard.fido2.common.U2FRegister;
import pro.javacard.fido2.transports.ISO7816Transport;
import pro.javacard.fido2.transports.NFCTransport;
import pro.javacard.fido2.transports.TCPTransport;
import pro.javacard.fido2.transports.USBTransport;

/* loaded from: input_file:pro/javacard/fido2/cli/FIDOTool.class */
public final class FIDOTool extends CommandLineInterface {
    static final long TIMEOUT = 15;
    static CallbackHandler handler;
    static OptionSet options = null;

    static void setupLogging(OptionSet optionSet) {
        System.setProperty("org.slf4j.simpleLogger.showThreadName", "false");
        System.setProperty("org.slf4j.simpleLogger.levelInBrackets", "true");
        System.setProperty("org.slf4j.simpleLogger.showShortLogName", "true");
        System.setProperty("org.slf4j.simpleLogger.defaultLogLevel", "warn");
        if (optionSet.has(OPT_VERBOSE)) {
            System.setProperty("org.slf4j.simpleLogger.defaultLogLevel", "info");
        }
        if (optionSet.has(OPT_DEBUG)) {
            System.setProperty("org.slf4j.simpleLogger.defaultLogLevel", "debug");
            System.setProperty("org.slf4j.simpleLogger.showDateTime", "true");
            System.setProperty("org.slf4j.simpleLogger.dateTimeFormat", "HH:mm:ss:SSS");
        }
        if (optionSet.has(OPT_DEBUG) && System.getenv().containsKey("CTAP2_TRACE")) {
            System.setProperty("org.slf4j.simpleLogger.defaultLogLevel", "trace");
        }
    }

    static boolean useU2F(CTAP2Transport cTAP2Transport, OptionSet optionSet) {
        return optionSet.has(OPT_U2F) || !cTAP2Transport.getMetadata().getTransportVersions().contains(CTAPVersion.FIDO_2_0);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Optional<String> logAndUseEnvironment(CallbackHandler callbackHandler, String str) {
        return Optional.ofNullable(System.getenv(str)).map(str2 -> {
            try {
                callbackHandler.handle(new TextOutputCallback[]{new TextOutputCallback(0, String.format("Using $%s", str))});
                return str2;
            } catch (IOException e) {
                throw new UncheckedIOException(e);
            } catch (UnsupportedCallbackException e2) {
                throw new IllegalStateException("Invalid codebase");
            }
        });
    }

    static byte[] fileOrHex(String str) throws IOException {
        Path path = Paths.get(str, new String[0]);
        return Files.exists(path, new LinkOption[0]) ? Hex.decode(Files.readAllLines(path).get(0).trim()) : Hex.decode(str);
    }

    /* JADX WARN: Finally extract failed */
    public static void main(String[] strArr) {
        KeyPair ephemeral;
        ECPublicKey eCPublicKey;
        byte[] bArr;
        byte[] bArr2;
        JsonNode jsonNode;
        HidDevice hidDevice;
        NFCTransport uSBTransport;
        ObjectNode ctap2;
        byte[] decode;
        String str;
        try {
            options = parseArguments(strArr);
            setupLogging(options);
            handler = new CLICallbacks();
            if (options.has(OPT_VERBOSE) || options.has(OPT_VERSION)) {
                System.out.println("# fido utility v0.1");
                if (options.has(OPT_VERBOSE)) {
                    System.out.printf("# Running on %s %s %s", System.getProperty("os.name"), System.getProperty("os.version"), System.getProperty("os.arch"));
                    System.out.printf(", Java %s by %s%n", System.getProperty("java.version"), System.getProperty("java.vendor"));
                    List list = (List) System.getenv().entrySet().stream().filter(entry -> {
                        return ((String) entry.getKey()).startsWith("CTAP2_") || ((String) entry.getKey()).startsWith("FIDO_");
                    }).map(entry2 -> {
                        return String.format("$%s=%s", entry2.getKey(), entry2.getValue());
                    }).collect(Collectors.toList());
                    if (list.size() > 0) {
                        System.out.println("# " + String.join(" ", list));
                    }
                    System.out.println("# fido " + String.join(" ", (List) Arrays.stream(strArr).map(str2 -> {
                        return str2.contains(" ") ? String.format("'%s'", str2) : str2;
                    }).collect(Collectors.toList())));
                }
            }
            if (options.has(OPT_VERBOSE) || options.has(OPT_DEBUG)) {
                CTAP2ProtocolHelpers.setProtocolDebug(System.out);
            }
            if (Platform.isWindows() && !isUserWindowsAdmin()) {
                System.err.println("This tool must be run as an Administrator!");
                exitWith(1);
            }
            ephemeral = P256.ephemeral();
            eCPublicKey = null;
            bArr = null;
            bArr2 = null;
            jsonNode = null;
        } catch (Throwable th) {
            System.err.printf("%s: %s%n", th.getClass().getSimpleName(), th.getMessage());
            if (System.getenv().containsKey("CTAP2_TRACE")) {
                th.printStackTrace(System.err);
            }
            exitWith(2);
        }
        if (options.has(OPT_NFC) && options.has(OPT_USB)) {
            throw new IllegalArgumentException("Specify only HID device or NFC reader, not both");
        }
        Optional or = optional(options, OPT_NFC).or(() -> {
            return logAndUseEnvironment(handler, "FIDO_NFC_DEVICE");
        });
        Optional or2 = optional(options, OPT_USB).or(() -> {
            return logAndUseEnvironment(handler, "FIDO_USB_DEVICE");
        });
        if (options.has(OPT_NFC)) {
            List list2 = NFCTransport.list();
            if (options.has(OPT_NFC) && or.isEmpty() && list2.size() > 1) {
                System.out.println("PC/SC readers:");
                Iterator it = list2.iterator();
                while (it.hasNext()) {
                    System.out.printf("- %s%n", (String) it.next());
                }
                return;
            }
            if ((list2.size() == 1 && or.isEmpty()) || (or.isPresent() && ((String) or.get()).equals(list2.get(0)))) {
                str = (String) list2.get(0);
            } else {
                if (list2.size() <= 0 || !or.isPresent()) {
                    throw new IllegalArgumentException("No PC/SC readers available!");
                }
                String lowerCase = ((String) or.get()).toLowerCase(Locale.ROOT);
                List list3 = (List) list2.stream().filter(str3 -> {
                    return lowerCase.length() > 2 && str3.toLowerCase().contains(lowerCase);
                }).collect(Collectors.toList());
                if (list3.size() == 0) {
                    throw new IllegalArgumentException("Reader not found: " + ((String) or.get()) + " " + list2);
                }
                if (list3.size() > 1) {
                    throw new IllegalArgumentException("Name not unique: " + ((String) or.get()));
                }
                str = (String) list3.get(0);
            }
            uSBTransport = NFCTransport.getInstance(str);
        } else if (options.has(OPT_TCP)) {
            String[] split = ((String) options.valueOf(OPT_TCP)).split(":");
            if (split.length != 2) {
                throw new IllegalArgumentException("Specify host:port");
            }
            uSBTransport = TCPTransport.getInstance(split[0], Integer.parseInt(split[1]));
        } else {
            List<HidDevice> list4 = USBTransport.list();
            if (options.has(OPT_USB) && !options.hasArgument(OPT_USB)) {
                System.out.println("USB HID devices:");
                for (HidDevice hidDevice2 : list4) {
                    if (Platform.isLinux()) {
                        System.out.printf("- %s (by %s): %s%n", hidDevice2.getProduct(), hidDevice2.getManufacturer(), hidDevice2.getPath());
                    } else {
                        USBTransport uSBTransport2 = USBTransport.getInstance(hidDevice2, handler);
                        System.out.printf("- %s (v%s by %s, supporting %s)%n", hidDevice2.getProduct(), uSBTransport2.getMetadata().getDeviceVersion(), hidDevice2.getManufacturer(), (String) uSBTransport2.getMetadata().getTransportVersions().stream().map((v0) -> {
                            return v0.toString();
                        }).collect(Collectors.joining(", ")));
                    }
                }
                hidDevice = null;
                exitWith(0);
            } else if (!Platform.isLinux() && list4.size() == 1 && or2.isEmpty()) {
                hidDevice = (HidDevice) list4.get(0);
            } else {
                if (!or2.isPresent()) {
                    if (!Platform.isLinux()) {
                        throw new IllegalArgumentException("Need a USB device name! Use " + OPT_USB);
                    }
                    throw new IllegalArgumentException("Need a USB device path! Use " + OPT_USB);
                }
                String str4 = (String) or2.get();
                String lowerCase2 = str4.toLowerCase(Locale.ROOT);
                List list5 = (List) list4.stream().filter(hidDevice3 -> {
                    if (hidDevice3.getPath().equalsIgnoreCase(lowerCase2)) {
                        return true;
                    }
                    return (hidDevice3.getProduct() != null && hidDevice3.getProduct().equalsIgnoreCase(lowerCase2)) || String.format("%04x:%04x", Integer.valueOf(hidDevice3.getVendorId()), Integer.valueOf(hidDevice3.getProductId())).equalsIgnoreCase(lowerCase2) || String.format("0x%04x:0x%04x", Integer.valueOf(hidDevice3.getVendorId()), Integer.valueOf(hidDevice3.getProductId())).equalsIgnoreCase(lowerCase2);
                }).collect(Collectors.toList());
                if (list5.size() == 0) {
                    list5 = (List) list4.stream().filter(hidDevice4 -> {
                        return hidDevice4.getProduct() != null && hidDevice4.getProduct().toLowerCase(Locale.ROOT).contains(lowerCase2.toLowerCase(Locale.ROOT));
                    }).collect(Collectors.toList());
                }
                if (list5.size() == 0) {
                    throw new IllegalArgumentException("Device not found: " + str4);
                }
                if (list5.size() != 1) {
                    throw new IllegalArgumentException("Device identifier not unique: " + str4);
                }
                hidDevice = (HidDevice) list5.get(0);
            }
            if (options.has(OPT_VERBOSE) && hidDevice != null) {
                System.out.printf("# Using device: %s%n", hidDevice.getProduct());
            }
            uSBTransport = USBTransport.getInstance(hidDevice, handler);
        }
        try {
            if (options.has(OPT_WINK)) {
                uSBTransport.wink();
            }
            TransportMetadata metadata = uSBTransport.getMetadata();
            if ((options.has(OPT_GET_INFO) || requiresPIN(options)) && options.has(OPT_GET_INFO) && metadata.getTransportVersions().contains(CTAPVersion.U2F_V2)) {
                System.out.printf("%s (v%s, %s)%n", metadata.getDeviceName(), metadata.getDeviceVersion(), (String) metadata.getTransportVersions().stream().map((v0) -> {
                    return v0.name();
                }).collect(Collectors.joining(", ")));
            }
            if (metadata.getTransportVersions().contains(CTAPVersion.FIDO_2_0)) {
                jsonNode = CTAP2ProtocolHelpers.ctap2(CTAP2ProtocolHelpers.ctap2command(CTAP2Enums.Command.authenticatorGetInfo, new byte[0]), uSBTransport);
                if (options.has(OPT_GET_INFO)) {
                    System.out.println(CTAP2ProtocolHelpers.pretty(CTAP2ProtocolHelpers.hexify(jsonNode)));
                }
            }
            if (jsonNode != null && jsonNode.get("options").has("clientPin") && !useU2F(uSBTransport, options)) {
                if (options.has(OPT_PIN) || requiresPIN(options)) {
                    eCPublicKey = P256.node2pubkey(CTAP2ProtocolHelpers.ctap2(ClientPINCommand.getKeyAgreementV1().build(), uSBTransport).get("keyAgreement"));
                    bArr = PINProtocols.shared_secret(eCPublicKey, ephemeral);
                }
                if (!jsonNode.get("options").get("clientPin").asBoolean(true)) {
                    if (options.has(OPT_PIN)) {
                        CTAP2ProtocolHelpers.ctap2(CTAP2Commands.make_setPIN(getPIN(options), eCPublicKey, P256.ephemeral()), uSBTransport);
                        System.out.println("PIN code set");
                        exitWith(0);
                    } else {
                        System.err.println("PIN code not set!");
                    }
                }
            }
            if (!useU2F(uSBTransport, options) && ((requiresPIN(options) || options.has(OPT_PIN)) && jsonNode != null && jsonNode.get("options").get("clientPin").asBoolean(false))) {
                bArr2 = PINProtocols.aes256_decrypt(bArr, CTAP2ProtocolHelpers.ctap2(CTAP2Commands.make_getPinToken(getPIN(options), eCPublicKey, ephemeral), uSBTransport).get("pinToken").binaryValue());
            }
            if (options.has(OPT_CHANGE_PIN)) {
                CTAP2ProtocolHelpers.ctap2(CTAP2Commands.make_changePIN((String) options.valueOf(OPT_PIN), (String) options.valueOf(OPT_CHANGE_PIN), eCPublicKey, ephemeral), uSBTransport);
            } else if (options.has(OPT_LIST_CREDENTIALS)) {
                List<FIDOCredential> listCredentials = CTAP2ProtocolHelpers.listCredentials(jsonNode, uSBTransport, bArr2);
                OptionalInt max = listCredentials.stream().mapToInt(fIDOCredential -> {
                    return (fIDOCredential.getUsername() + "@" + fIDOCredential.getRpId()).length();
                }).max();
                if (max.isPresent()) {
                    String format = String.format("%%-%ds%%s%%n", Integer.valueOf(max.getAsInt() + 3));
                    for (FIDOCredential fIDOCredential2 : listCredentials) {
                        System.out.printf(format, fIDOCredential2.toString(), Hex.toHexString(fIDOCredential2.getCredentialID()));
                        if (options.has(OPT_VERBOSE)) {
                            System.out.println(padLeft(max.getAsInt() + 3, fIDOCredential2.getPublicKey().toString()));
                        }
                    }
                }
            } else if (options.has(OPT_DELETE)) {
                for (String str5 : options.valuesOf(OPT_DELETE)) {
                    if (str5.contains("@")) {
                        String[] split2 = str5.split("@");
                        if (split2.length != 2) {
                            throw new IllegalArgumentException("Specify user@   domain");
                        }
                        List list6 = (List) CTAP2ProtocolHelpers.listCredentials(jsonNode, uSBTransport, bArr2).stream().filter(fIDOCredential3 -> {
                            return Objects.equals(fIDOCredential3.getRpId(), split2[1]) && fIDOCredential3.getUsername().equals(split2[0]);
                        }).collect(Collectors.toList());
                        if (list6.size() == 0) {
                            System.err.println("Credential not found: " + str5);
                            exitWith(1);
                            throw new IllegalStateException("Not reached, but IDE sugar");
                        }
                        if (list6.size() > 1) {
                            System.err.println("More than one credential found:");
                            list6.forEach(fIDOCredential4 -> {
                                System.err.printf("%s@%s (%s)%n", fIDOCredential4.getUsername(), fIDOCredential4.getRpId(), Hex.toHexString(fIDOCredential4.getCredentialID()));
                            });
                            exitWith(1);
                            throw new IllegalStateException("Not reached, but IDE sugar");
                        }
                        decode = ((FIDOCredential) list6.get(0)).getCredentialID();
                    } else {
                        decode = Hex.decode(str5);
                    }
                    CTAP2ProtocolHelpers.ctap2(CredentialManagementCommand.deleteCredential(decode).withPinToken(bArr2).build(), uSBTransport);
                    System.out.printf("Credential %s deleted%n", Hex.toHexString(decode));
                }
            } else if (options.has(OPT_REGISTER)) {
                MakeCredentialCommand makeCredentialCommand = new MakeCredentialCommand();
                byte[] bArr3 = (byte[]) optional(options, OPT_CLIENTDATAHASH).map(Hex::decode).orElse(CryptoUtils.random(32));
                makeCredentialCommand.withClientDataHash(bArr3);
                String[] split3 = ((String) options.valueOf(OPT_REGISTER)).split("@");
                if (split3.length != 2) {
                    throw new IllegalArgumentException("Invalid format for " + ((String) options.valueOf(OPT_REGISTER)));
                }
                makeCredentialCommand.withUserName(split3[0]);
                makeCredentialCommand.withDomainName(split3[1]);
                if (!useU2F(uSBTransport, options)) {
                    makeCredentialCommand.withUserID((byte[]) optional(options, OPT_UID).map(Hex::decode).orElse(PINProtocols.sha256(split3[0].getBytes(StandardCharsets.UTF_8))));
                }
                if (!useU2F(uSBTransport, options)) {
                    if (options.has(OPT_RK)) {
                        makeCredentialCommand.withOption("rk");
                    }
                    if (options.has(OPT_NO_UP)) {
                        makeCredentialCommand.withOption("up", false);
                    }
                    if (options.has(OPT_HMAC_SECRET)) {
                        makeCredentialCommand.withExtension(new CTAP2Extension.HMACSecret());
                    }
                    if (options.has(OPT_PROTECT)) {
                        makeCredentialCommand.withExtension(new CTAP2Extension.CredProtect(((Integer) options.valueOf(OPT_PROTECT)).byteValue()));
                    }
                    if (options.has(OPT_PIN)) {
                        makeCredentialCommand.withV1PinAuth(PINProtocols.left16(PINProtocols.hmac_sha256(bArr2, bArr3)));
                    }
                    if (options.has(OPT_ED25519)) {
                        makeCredentialCommand.withAlgorithm(-8);
                    } else {
                        makeCredentialCommand.withAlgorithm(-7);
                    }
                }
                ObjectNode cbor2object = useU2F(uSBTransport, options) ? CTAP2ProtocolHelpers.cbor2object(CTAP2Enums.Command.authenticatorMakeCredential, U2FRegister.toCBOR(makeCredentialCommand, U2FProtocolHelpers.checkSuccess(U2FProtocolHelpers.presenceOrTimeout(uSBTransport, U2FRegister.toRegisterCommand(makeCredentialCommand), TIMEOUT, new CLICallbacks())))) : CTAP2ProtocolHelpers.ctap2(makeCredentialCommand.build(), uSBTransport);
                System.out.println("Registration: \n" + CTAP2ProtocolHelpers.pretty(CTAP2ProtocolHelpers.hexify(cbor2object)));
                AuthenticatorData fromBytes = AuthenticatorData.fromBytes(cbor2object.get("authData").binaryValue());
                if (options.has(OPT_CREDENTIAL)) {
                    Files.writeString(Paths.get((String) options.valueOf(OPT_CREDENTIAL), new String[0]), Hex.toHexString(fromBytes.getAttestation().getCredentialID()), new OpenOption[0]);
                }
                if (options.has(OPT_PUBKEY)) {
                    Files.writeString(Paths.get((String) options.valueOf(OPT_PUBKEY), new String[0]), Hex.toHexString(COSEPublicKey.pubkey2bytes(fromBytes.getAttestation().getPublicKey())), new OpenOption[0]);
                }
                System.out.println("Authenticator data: \n" + CTAP2ProtocolHelpers.pretty(fromBytes.toJSON()));
                AttestationVerifier.dumpAttestation(makeCredentialCommand, cbor2object);
                if (!isZero(fromBytes.getAttestation().getAAGUID())) {
                    System.out.println("Used device:   " + fromBytes.getAttestation().getAAGUID());
                }
                System.out.println("Credential ID: " + Hex.toHexString(fromBytes.getAttestation().getCredentialID()));
                System.out.println("Public key:    " + Hex.toHexString(COSEPublicKey.pubkey2bytes(fromBytes.getAttestation().getPublicKey())));
            } else if (options.has(OPT_AUTHENTICATE)) {
                GetAssertionCommand getAssertionCommand = new GetAssertionCommand();
                byte[] bArr4 = (byte[]) optional(options, OPT_CLIENTDATAHASH).map(Hex::decode).orElse(CryptoUtils.random(32));
                getAssertionCommand.withClientDataHash(bArr4);
                if (options.has(OPT_HMAC_SECRET)) {
                    if (!options.hasArgument(OPT_HMAC_SECRET)) {
                        throw new IllegalArgumentException("Need hmac secret argument!");
                    }
                    if (eCPublicKey == null || bArr == null) {
                        bArr = PINProtocols.shared_secret(P256.node2pubkey(CTAP2ProtocolHelpers.ctap2(ClientPINCommand.getKeyAgreementV1().build(), uSBTransport).get("keyAgreement")), ephemeral);
                    }
                    byte[] aes256_encrypt = PINProtocols.aes256_encrypt(bArr, Hex.decode((String) options.valueOf(OPT_HMAC_SECRET)));
                    getAssertionCommand.withExtension(new CTAP2Extension.HMACSecret((ECPublicKey) ephemeral.getPublic(), aes256_encrypt, PINProtocols.left16(PINProtocols.hmac_sha256(bArr, aes256_encrypt))));
                }
                if (options.hasArgument(OPT_AUTHENTICATE)) {
                    String str6 = (String) options.valueOf(OPT_AUTHENTICATE);
                    if (str6.contains("@")) {
                        String[] split4 = str6.split("@");
                        if (split4.length != 2) {
                            throw new IllegalArgumentException("Invalid formation: " + str6);
                        }
                        getAssertionCommand.withDomain(split4[1]);
                    } else {
                        if (!str6.contains(".")) {
                            throw new IllegalArgumentException("Specify credential to use!");
                        }
                        getAssertionCommand.withDomain(str6);
                    }
                }
                if (options.has(OPT_CREDENTIAL)) {
                    Iterator it2 = options.valuesOf(OPT_CREDENTIAL).iterator();
                    while (it2.hasNext()) {
                        getAssertionCommand.withAllowed(fileOrHex((String) it2.next()));
                    }
                }
                getAssertionCommand.withOption("up", !options.has(OPT_NO_UP));
                if (options.has(OPT_UV)) {
                    getAssertionCommand.withOption("uv", true);
                }
                if (options.has(OPT_PIN)) {
                    getAssertionCommand.withV1PinAuth(PINProtocols.left16(PINProtocols.hmac_sha256(bArr2, bArr4)));
                }
                if (useU2F(uSBTransport, options)) {
                    byte[] presenceOrTimeout = U2FProtocolHelpers.presenceOrTimeout(uSBTransport, U2FAuthenticate.toAuthenticateCommand(getAssertionCommand), TIMEOUT, new CLICallbacks());
                    if (new ResponseAPDU(presenceOrTimeout).getSW() == 27264) {
                        System.err.println("Invalid credentialID!");
                        exitWith(3);
                    }
                    ctap2 = CTAP2ProtocolHelpers.cbor2object(CTAP2Enums.Command.authenticatorGetAssertion, U2FAuthenticate.toCBOR(getAssertionCommand, U2FProtocolHelpers.checkSuccess(presenceOrTimeout)));
                } else {
                    ctap2 = CTAP2ProtocolHelpers.ctap2(getAssertionCommand.build(), uSBTransport);
                }
                byte[] binaryValue = ctap2.get("authData").binaryValue();
                byte[] binaryValue2 = ctap2.get(CTAP2Enums.GetAssertionResponseParameter.signature.name()).binaryValue();
                AuthenticatorData fromBytes2 = AuthenticatorData.fromBytes(binaryValue);
                System.out.println("Authenticator data: \n" + CTAP2ProtocolHelpers.pretty(fromBytes2.toJSON()));
                if (options.has(OPT_PUBKEY)) {
                    if (!AssertionVerifier.verify(fromBytes2, bArr4, binaryValue2, CryptoUtils.bytes2pubkey(fileOrHex((String) options.valueOf(OPT_PUBKEY))))) {
                        throw new GeneralSecurityException("Assertion not verified!");
                    }
                    System.out.println("Verified OK.");
                }
            }
            if (uSBTransport instanceof ISO7816Transport) {
                if (options.has(OPT_X_INFO)) {
                    LinkedHashMap linkedHashMap = new LinkedHashMap();
                    linkedHashMap.put("cmd", "info");
                    CTAP2ProtocolHelpers.ctap2raw(CTAP2ProtocolHelpers.ctap2command(CTAP2Enums.Command.vendorCBOR, linkedHashMap), uSBTransport);
                } else if (options.has(OPT_X_LIST)) {
                    LinkedHashMap linkedHashMap2 = new LinkedHashMap();
                    linkedHashMap2.put("cmd", "read");
                    linkedHashMap2.put("what", options.valueOf(OPT_X_LIST));
                    for (byte[] ctap2raw = CTAP2ProtocolHelpers.ctap2raw(CTAP2ProtocolHelpers.ctap2command(CTAP2Enums.Command.vendorCBOR, linkedHashMap2), uSBTransport); CTAP2ProtocolHelpers.status(ctap2raw) == CTAP2Enums.Error.CTAP1_ERR_SUCCESS; ctap2raw = CTAP2ProtocolHelpers.ctap2raw(CTAP2ProtocolHelpers.ctap2command(CTAP2Enums.Command.vendorCBOR, linkedHashMap2), uSBTransport)) {
                        linkedHashMap2.put("cmd", "next");
                        linkedHashMap2.put("what", options.valueOf(OPT_X_LIST));
                    }
                } else if (options.has(OPT_X_READ)) {
                    LinkedHashMap linkedHashMap3 = new LinkedHashMap();
                    linkedHashMap3.put("cmd", "read");
                    linkedHashMap3.put("what", options.valueOf(OPT_X_READ));
                    CTAP2ProtocolHelpers.ctap2raw(CTAP2ProtocolHelpers.ctap2command(CTAP2Enums.Command.vendorCBOR, linkedHashMap3), uSBTransport);
                }
            }
            if (uSBTransport != null) {
                uSBTransport.close();
            }
            exitWith(0);
        } catch (Throwable th2) {
            if (uSBTransport != null) {
                uSBTransport.close();
            }
            throw th2;
        }
    }

    static String getPIN(OptionSet optionSet) {
        if (optionSet.has(OPT_PIN) && optionSet.hasArgument(OPT_PIN)) {
            return (String) optionSet.valueOf(OPT_PIN);
        }
        PasswordCallback[] passwordCallbackArr = {new PasswordCallback("Authenticator PIN", true)};
        try {
            handler.handle(passwordCallbackArr);
            return String.valueOf(passwordCallbackArr[0].getPassword());
        } catch (IOException | UnsupportedCallbackException e) {
            throw new RuntimeException("Can not log into authenticator: " + e.getMessage(), e);
        }
    }

    static String padLeft(int i, String str) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i2 = 0; i2 < i; i2++) {
            stringBuffer.append(" ");
        }
        stringBuffer.append(str);
        return stringBuffer.toString();
    }

    static boolean isZero(UUID uuid) {
        return uuid.getMostSignificantBits() == 0 && uuid.getLeastSignificantBits() == 0;
    }
}
