package com.yubico.webauthn;

import com.google.common.primitives.Bytes;
import com.upokecenter.cbor.CBORObject;
import com.yubico.webauthn.data.ByteArray;
import com.yubico.webauthn.data.COSEAlgorithmIdentifier;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.HashMap;
import java.util.stream.Stream;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/yubico/webauthn/WebAuthnCodecs.class */
public final class WebAuthnCodecs {
    private static final ByteArray EC_PUBLIC_KEY_OID = new ByteArray(new byte[]{42, -122, 72, -50, 61, 2, 1});
    private static final ByteArray P256_CURVE_OID = new ByteArray(new byte[]{42, -122, 72, -50, 61, 3, 1, 7});
    private static final ByteArray P384_CURVE_OID = new ByteArray(new byte[]{43, -127, 4, 0, 34});
    private static final ByteArray P512_CURVE_OID = new ByteArray(new byte[]{43, -127, 4, 0, 35});
    private static final ByteArray ED25519_ALG_ID = new ByteArray(new byte[]{48, 5, 6, 3, 43, 101, 112});

    WebAuthnCodecs() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Type inference failed for: r2v5, types: [byte[], byte[][]] */
    public static ByteArray ecPublicKeyToRaw(ECPublicKey eCPublicKey) {
        int intExact = Math.toIntExact(Math.round(Math.ceil(eCPublicKey.getParams().getCurve().getField().getFieldSize() / 8.0d)));
        byte[] byteArray = eCPublicKey.getW().getAffineX().toByteArray();
        byte[] byteArray2 = eCPublicKey.getW().getAffineY().toByteArray();
        byte[] bArr = new byte[Math.max(0, intExact - byteArray.length)];
        byte[] bArr2 = new byte[Math.max(0, intExact - byteArray2.length)];
        Arrays.fill(bArr, (byte) 0);
        Arrays.fill(bArr2, (byte) 0);
        return new ByteArray(Bytes.concat((byte[][]) new byte[]{new byte[]{4}, bArr, Arrays.copyOfRange(byteArray, Math.max(0, byteArray.length - intExact), byteArray.length), bArr2, Arrays.copyOfRange(byteArray2, Math.max(0, byteArray2.length - intExact), byteArray2.length)}));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ByteArray rawEcKeyToCose(ByteArray byteArray) {
        COSEAlgorithmIdentifier cOSEAlgorithmIdentifier;
        int i;
        byte[] bytes = byteArray.getBytes();
        int length = bytes.length;
        int length2 = bytes.length - 1;
        if (length != 64 && length != 96 && length != 132 && (bytes[0] != 4 || (length2 != 64 && length2 != 96 && length2 != 132))) {
            throw new IllegalArgumentException(String.format("Raw key must be 64, 96 or 132 bytes long, or start with 0x04 and be 65, 97 or 133 bytes long; was %d bytes starting with %02x", Integer.valueOf(bytes.length), Byte.valueOf(bytes[0])));
        }
        int i2 = (length == 64 || length == 96 || length == 132) ? 0 : 1;
        int i3 = (length - i2) / 2;
        HashMap hashMap = new HashMap();
        hashMap.put(1L, 2L);
        switch (length - i2) {
            case 64:
                cOSEAlgorithmIdentifier = COSEAlgorithmIdentifier.ES256;
                i = 1;
                break;
            case 96:
                cOSEAlgorithmIdentifier = COSEAlgorithmIdentifier.ES384;
                i = 2;
                break;
            case 132:
                cOSEAlgorithmIdentifier = COSEAlgorithmIdentifier.ES512;
                i = 3;
                break;
            default:
                throw new RuntimeException("Failed to determine COSE EC algorithm. This should not be possible, please file a bug report.");
        }
        hashMap.put(3L, Long.valueOf(cOSEAlgorithmIdentifier.getId()));
        hashMap.put(-1L, Integer.valueOf(i));
        hashMap.put(-2L, Arrays.copyOfRange(bytes, i2, i2 + i3));
        hashMap.put(-3L, Arrays.copyOfRange(bytes, i2 + i3, i2 + (2 * i3)));
        return new ByteArray(CBORObject.FromObject(hashMap).EncodeToBytes());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PublicKey importCosePublicKey(ByteArray byteArray) throws IOException, InvalidKeySpecException, NoSuchAlgorithmException {
        CBORObject DecodeFromBytes = CBORObject.DecodeFromBytes(byteArray.getBytes());
        int AsInt32 = DecodeFromBytes.get(CBORObject.FromObject(1)).AsInt32();
        switch (AsInt32) {
            case 1:
                return importCoseEdDsaPublicKey(DecodeFromBytes);
            case 2:
                return importCoseEcdsaPublicKey(DecodeFromBytes);
            case 3:
                return importCoseRsaPublicKey(DecodeFromBytes);
            default:
                throw new IllegalArgumentException("Unsupported key type: " + AsInt32);
        }
    }

    private static PublicKey importCoseRsaPublicKey(CBORObject cBORObject) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(1, cBORObject.get(CBORObject.FromObject(-1)).GetByteString()), new BigInteger(1, cBORObject.get(CBORObject.FromObject(-2)).GetByteString())));
    }

    private static PublicKey importCoseEcdsaPublicKey(CBORObject cBORObject) throws NoSuchAlgorithmException, InvalidKeySpecException {
        ByteArray byteArray;
        int AsInt32Value = cBORObject.get(CBORObject.FromObject(-1)).AsInt32Value();
        ByteArray byteArray2 = new ByteArray(cBORObject.get(CBORObject.FromObject(-2)).GetByteString());
        ByteArray byteArray3 = new ByteArray(cBORObject.get(CBORObject.FromObject(-3)).GetByteString());
        switch (AsInt32Value) {
            case 1:
                byteArray = P256_CURVE_OID;
                break;
            case 2:
                byteArray = P384_CURVE_OID;
                break;
            case 3:
                byteArray = P512_CURVE_OID;
                break;
            default:
                throw new IllegalArgumentException("Unknown COSE EC2 curve: " + AsInt32Value);
        }
        return KeyFactory.getInstance("EC").generatePublic(new X509EncodedKeySpec(encodeDerSequence(encodeDerSequence(encodeDerObjectId(EC_PUBLIC_KEY_OID), encodeDerObjectId(byteArray)), encodeDerBitStringWithZeroUnused(new ByteArray(new byte[]{4}).concat(byteArray2).concat(byteArray3))).getBytes()));
    }

    private static ByteArray encodeDerLength(int i) {
        if (i <= 127) {
            return new ByteArray(new byte[]{(byte) i});
        }
        if (i <= 65535) {
            return i <= 255 ? new ByteArray(new byte[]{-127, (byte) i}) : new ByteArray(new byte[]{-126, (byte) (i >> 8), (byte) (i & 255)});
        }
        throw new UnsupportedOperationException("Too long: " + i);
    }

    private static ByteArray encodeDerObjectId(ByteArray byteArray) {
        return new ByteArray(new byte[]{6, (byte) byteArray.size()}).concat(byteArray);
    }

    private static ByteArray encodeDerBitStringWithZeroUnused(ByteArray byteArray) {
        return new ByteArray(new byte[]{3}).concat(encodeDerLength(1 + byteArray.size())).concat(new ByteArray(new byte[]{0})).concat(byteArray);
    }

    private static ByteArray encodeDerSequence(ByteArray... byteArrayArr) {
        ByteArray byteArray = (ByteArray) Stream.of((Object[]) byteArrayArr).reduce((v0, v1) -> {
            return v0.concat(v1);
        }).orElseGet(() -> {
            return new ByteArray(new byte[0]);
        });
        return new ByteArray(new byte[]{48}).concat(encodeDerLength(byteArray.size())).concat(byteArray);
    }

    private static PublicKey importCoseEdDsaPublicKey(CBORObject cBORObject) throws InvalidKeySpecException, NoSuchAlgorithmException {
        int AsInt32 = cBORObject.get(CBORObject.FromObject(-1)).AsInt32();
        switch (AsInt32) {
            case 6:
                return importCoseEd25519PublicKey(cBORObject);
            default:
                throw new IllegalArgumentException("Unsupported EdDSA curve: " + AsInt32);
        }
    }

    private static PublicKey importCoseEd25519PublicKey(CBORObject cBORObject) throws InvalidKeySpecException, NoSuchAlgorithmException {
        return KeyFactory.getInstance("EdDSA").generatePublic(new X509EncodedKeySpec(encodeDerSequence(ED25519_ALG_ID, encodeDerBitStringWithZeroUnused(new ByteArray(cBORObject.get(CBORObject.FromObject(-2)).GetByteString()))).getBytes()));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getJavaAlgorithmName(COSEAlgorithmIdentifier cOSEAlgorithmIdentifier) {
        switch (cOSEAlgorithmIdentifier) {
            case EdDSA:
                return "EDDSA";
            case ES256:
                return "SHA256withECDSA";
            case ES384:
                return "SHA384withECDSA";
            case ES512:
                return "SHA512withECDSA";
            case RS256:
                return "SHA256withRSA";
            case RS384:
                return "SHA384withRSA";
            case RS512:
                return "SHA512withRSA";
            case RS1:
                return "SHA1withRSA";
            default:
                throw new IllegalArgumentException("Unknown algorithm: " + cOSEAlgorithmIdentifier);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String jwsAlgorithmNameToJavaAlgorithmName(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case 78251122:
                if (str.equals("RS256")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return "SHA256withRSA";
            default:
                throw new IllegalArgumentException("Unknown algorithm: " + str);
        }
    }
}
