package org.tokenscript.attestation;

import java.io.IOException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory;
import org.tokenscript.attestation.IdentifierAttestation;
import org.tokenscript.attestation.core.ASNEncodable;
import org.tokenscript.attestation.core.AttestationCrypto;
import org.tokenscript.attestation.core.ExceptionUtil;
import org.tokenscript.attestation.core.SignatureUtility;
import org.tokenscript.attestation.core.Validateable;
import org.tokenscript.attestation.core.Verifiable;

/* loaded from: input_file:org/tokenscript/attestation/UseAttestation.class */
public class UseAttestation implements ASNEncodable, Verifiable, Validateable {
    private static final Logger logger = LogManager.getLogger((Class<?>) UseAttestation.class);
    private final SignedIdentifierAttestation attestation;
    private final IdentifierAttestation.AttestationType type;
    private final FullProofOfExponent pok;
    private final AsymmetricKeyParameter sessionPublicKey;
    private final byte[] encoding;

    public UseAttestation(SignedIdentifierAttestation signedIdentifierAttestation, IdentifierAttestation.AttestationType attestationType, FullProofOfExponent fullProofOfExponent, AsymmetricKeyParameter asymmetricKeyParameter) {
        this.attestation = signedIdentifierAttestation;
        this.type = attestationType;
        this.pok = fullProofOfExponent;
        this.sessionPublicKey = asymmetricKeyParameter;
        this.encoding = makeEncoding(signedIdentifierAttestation, attestationType, fullProofOfExponent, asymmetricKeyParameter);
        constructorCheck();
    }

    public UseAttestation(byte[] bArr, AsymmetricKeyParameter asymmetricKeyParameter) {
        this.encoding = bArr;
        try {
            ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(new ASN1InputStream(bArr).readObject());
            int i = 0 + 1;
            this.attestation = new SignedIdentifierAttestation(aSN1Sequence.getObjectAt(0).toASN1Primitive().getEncoded(), asymmetricKeyParameter);
            int i2 = i + 1;
            this.type = IdentifierAttestation.AttestationType.values()[ASN1Integer.getInstance(aSN1Sequence.getObjectAt(i)).getValue().intValueExact()];
            int i3 = i2 + 1;
            this.pok = new FullProofOfExponent(aSN1Sequence.getObjectAt(i2).toASN1Primitive().getEncoded());
            int i4 = i3 + 1;
            this.sessionPublicKey = SignatureUtility.restoreKeyFromSPKI(aSN1Sequence.getObjectAt(i3).toASN1Primitive().getEncoded());
            constructorCheck();
        } catch (IOException e) {
            throw ExceptionUtil.makeRuntimeException(logger, "Could not decode asn1", e);
        }
    }

    private void constructorCheck() {
        if (!verify()) {
            throw ((IllegalArgumentException) ExceptionUtil.throwException(logger, new IllegalArgumentException("Could not verify object")));
        }
    }

    private byte[] makeEncoding(SignedIdentifierAttestation signedIdentifierAttestation, IdentifierAttestation.AttestationType attestationType, FullProofOfExponent fullProofOfExponent, AsymmetricKeyParameter asymmetricKeyParameter) {
        try {
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(ASN1Sequence.getInstance(signedIdentifierAttestation.getDerEncoding()));
            aSN1EncodableVector.add(new ASN1Integer(attestationType.ordinal()));
            aSN1EncodableVector.add(ASN1Sequence.getInstance(fullProofOfExponent.getDerEncoding()));
            aSN1EncodableVector.add(SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(asymmetricKeyParameter));
            return new DERSequence(aSN1EncodableVector).getEncoded();
        } catch (IOException e) {
            throw ExceptionUtil.makeRuntimeException(logger, "Could not encode asn1", e);
        }
    }

    public SignedIdentifierAttestation getAttestation() {
        return this.attestation;
    }

    public IdentifierAttestation.AttestationType getType() {
        return this.type;
    }

    public FullProofOfExponent getPok() {
        return this.pok;
    }

    public AsymmetricKeyParameter getSessionPublicKey() {
        return this.sessionPublicKey;
    }

    @Override // org.tokenscript.attestation.core.ASNEncodable
    public byte[] getDerEncoding() {
        return this.encoding;
    }

    @Override // org.tokenscript.attestation.core.Verifiable
    public boolean verify() {
        if (!this.attestation.verify()) {
            logger.error("Could not verify the attestation");
            return false;
        }
        if (AttestationCrypto.verifyFullProof(this.pok)) {
            return true;
        }
        logger.error("Could not verify proof of knowledge of identifier in the attestation");
        return false;
    }

    @Override // org.tokenscript.attestation.core.Validateable
    public boolean checkValidity() {
        if (this.attestation.checkValidity()) {
            return true;
        }
        logger.error("Attestation is not valid");
        return false;
    }
}
