package com.ssenstone.stonepass.libstonepass_sdk.op.processor;

import android.content.Context;
import android.util.Base64;
import android.util.Log;
import com.ssenstone.stonepass.libstonepass_sdk.b.c;
import com.ssenstone.stonepass.libstonepass_sdk.c.a;
import com.ssenstone.stonepass.libstonepass_sdk.c.b;
import com.ssenstone.stonepass.libstonepass_sdk.msg.obj.TagsEnum;
import com.ssenstone.stonepass.libstonepass_sdk.utils.Utils;
import java.io.ByteArrayOutputStream;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;

/* loaded from: classes2.dex */
public class AuthAssertionBuilder {
    private static final String TAG = "AuthAssertionBuilder";
    private Context mContext;

    public AuthAssertionBuilder(Context context) {
        this.mContext = context;
    }

    private byte[] getAAID(a aVar) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(aVar.d.getBytes());
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getAuthAssertion(a aVar, String str, String str2) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_UAFV1_SIGNED_DATA.id));
        byte[] signedData = getSignedData(aVar, str, str2);
        byteArrayOutputStream.write(Utils.encodeInt(signedData.length));
        byteArrayOutputStream.write(signedData);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_SIGNATURE.id));
        byte[] signatureFromKeyStore = getSignatureFromKeyStore(aVar, byteArray);
        byteArrayOutputStream.write(Utils.encodeInt(signatureFromKeyStore.length));
        byteArrayOutputStream.write(signatureFromKeyStore);
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getCounters(a aVar) {
        int i = aVar.h + 1;
        b a2 = b.a(this.mContext);
        a2.a(a2.getReadableDatabase(), aVar, i);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(Utils.encodeInt(i, 1));
        byteArrayOutputStream.write(Utils.encodeInt(0, 1));
        byteArrayOutputStream.write(Utils.encodeInt(0, 1));
        byteArrayOutputStream.write(Utils.encodeInt(0, 1));
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getFC(String str) {
        return c.a(str.getBytes(), McElieceCCA2KeyGenParameterSpec.SHA256);
    }

    private byte[] getKeyId(a aVar) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(Base64.decode(aVar.e.getBytes(), 11));
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getSignedData(a aVar, String str, String str2) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_AAID.id));
        byte[] aaid = getAAID(aVar);
        byteArrayOutputStream.write(Utils.encodeInt(aaid.length));
        byteArrayOutputStream.write(aaid);
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_ASSERTION_INFO.id));
        byte[] bArr = new byte[5];
        if (str2 == null || str2.length() == 0) {
            bArr[0] = 1;
            bArr[1] = 0;
            bArr[2] = 1;
            bArr[3] = 1;
            bArr[4] = 0;
        } else {
            Log.d(TAG, "[getSignedData] Transaction");
            bArr[0] = 1;
            bArr[1] = 0;
            bArr[2] = 1;
            bArr[3] = 1;
            bArr[4] = 0;
        }
        byteArrayOutputStream.write(Utils.encodeInt(5));
        byteArrayOutputStream.write(bArr);
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_AUTHENTICATOR_NONCE.id));
        byte[] bytes = c.b(com.ssenstone.stonepass.libstonepass_sdk.b.a.a()).getBytes();
        byteArrayOutputStream.write(Utils.encodeInt(bytes.length));
        byteArrayOutputStream.write(bytes);
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_FINAL_CHALLENGE.id));
        byte[] fc = getFC(str);
        byteArrayOutputStream.write(Utils.encodeInt(fc.length));
        byteArrayOutputStream.write(fc);
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_TRANSACTION_CONTENT_HASH.id));
        if (str2 == null || str2.length() == 0) {
            byteArrayOutputStream.write(Utils.encodeInt(0));
        } else {
            byte[] transactionContent = getTransactionContent(str2);
            byteArrayOutputStream.write(Utils.encodeInt(transactionContent.length));
            byteArrayOutputStream.write(transactionContent);
        }
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_KEYID.id));
        byte[] keyId = getKeyId(aVar);
        byteArrayOutputStream.write(Utils.encodeInt(keyId.length));
        byteArrayOutputStream.write(keyId);
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_COUNTERS.id));
        byte[] counters = getCounters(aVar);
        byteArrayOutputStream.write(Utils.encodeInt(counters.length));
        byteArrayOutputStream.write(counters);
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getTransactionContent(String str) {
        return c.a(Base64.decode(str, 11), McElieceCCA2KeyGenParameterSpec.SHA256);
    }

    public String getAssertions(a aVar, String str, String str2) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_UAFV1_AUTH_ASSERTION.id));
        byte[] authAssertion = getAuthAssertion(aVar, str, str2);
        byteArrayOutputStream.write(Utils.encodeInt(authAssertion.length));
        byteArrayOutputStream.write(authAssertion);
        return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 11);
    }

    public byte[] getSignatureFromKeyStore(a aVar, byte[] bArr) {
        String str;
        PrivateKey c;
        StringBuilder sb;
        String str2 = aVar.d;
        String str3 = aVar.g;
        if (str2.equalsIgnoreCase("0042#0201")) {
            StringBuilder sb2 = new StringBuilder();
            sb2.append(str3);
            str = "0201";
            sb2.append("0201");
            c = com.ssenstone.stonepass.libstonepass_sdk.b.b.c(sb2.toString());
            sb = new StringBuilder();
        } else if (str2.equalsIgnoreCase("0042#0202")) {
            StringBuilder sb3 = new StringBuilder();
            sb3.append(str3);
            str = "0202";
            sb3.append("0202");
            c = com.ssenstone.stonepass.libstonepass_sdk.b.b.c(sb3.toString());
            sb = new StringBuilder();
        } else if (str2.equalsIgnoreCase("0042#0203")) {
            StringBuilder sb4 = new StringBuilder();
            sb4.append(str3);
            str = "0203";
            sb4.append("0203");
            c = com.ssenstone.stonepass.libstonepass_sdk.b.b.c(sb4.toString());
            sb = new StringBuilder();
        } else if (str2.equalsIgnoreCase("0042#0204")) {
            StringBuilder sb5 = new StringBuilder();
            sb5.append(str3);
            str = "0204";
            sb5.append("0204");
            c = com.ssenstone.stonepass.libstonepass_sdk.b.b.c(sb5.toString());
            sb = new StringBuilder();
        } else {
            StringBuilder sb6 = new StringBuilder();
            sb6.append(str3);
            str = "0200";
            sb6.append("0200");
            c = com.ssenstone.stonepass.libstonepass_sdk.b.b.c(sb6.toString());
            sb = new StringBuilder();
        }
        sb.append(str3);
        sb.append(str);
        PublicKey b = com.ssenstone.stonepass.libstonepass_sdk.b.b.b(sb.toString());
        Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initSign(c);
        signature.update(bArr);
        byte[] sign = signature.sign();
        signature.initVerify(b);
        signature.update(bArr);
        if (signature.verify(sign)) {
            return sign;
        }
        throw new RuntimeException("Signature match fail");
    }
}
