package com.gallagher.security.fidoauthenticators;

import com.gallagher.security.fidoauthenticators.TLVBuilder;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECPoint;

/* loaded from: classes.dex */
class FidoAssertionBuilder {
    static final Charset UTF8 = Charset.forName("UTF-8");

    FidoAssertionBuilder() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String buildAuthAssertion(final byte[] bArr, final short s, final FidoAuthenticationAlgorithm fidoAuthenticationAlgorithm, final String str, final byte[] bArr2, final Signature signature, final long j) throws GeneralSecurityException, FidoAuthenticationException {
        final TLVBuilder tLVBuilder = new TLVBuilder();
        if (bArr2.length > 2048) {
            throw new FidoAuthenticationException("Key ID too long!");
        }
        tLVBuilder.writeComposite(15876, new TLVBuilder.Scope() { // from class: com.gallagher.security.fidoauthenticators.FidoAssertionBuilder.3
            @Override // com.gallagher.security.fidoauthenticators.TLVBuilder.Scope
            public void build() throws GeneralSecurityException {
                TLVBuilder.this.write(11787, bArr);
                TLVBuilder.this.writeComposite(11790, new TLVBuilder.Scope() { // from class: com.gallagher.security.fidoauthenticators.FidoAssertionBuilder.3.1
                    @Override // com.gallagher.security.fidoauthenticators.TLVBuilder.Scope
                    public void build() {
                        TLVBuilder.this.writeUInt16(s);
                        TLVBuilder.this.writeUInt8(1);
                        TLVBuilder.this.writeUInt16(fidoAuthenticationAlgorithm.value);
                    }
                });
                byte[] bArr3 = new byte[32];
                new SecureRandom().nextBytes(bArr3);
                TLVBuilder.this.write(11791, bArr3);
                TLVBuilder.this.write(11786, FidoAssertionBuilder.sha256hash(str));
                TLVBuilder.this.write(11792, 0);
                TLVBuilder.this.write(11785, bArr2);
                TLVBuilder.this.writeComposite(11789, new TLVBuilder.Scope() { // from class: com.gallagher.security.fidoauthenticators.FidoAssertionBuilder.3.2
                    @Override // com.gallagher.security.fidoauthenticators.TLVBuilder.Scope
                    public void build() {
                        TLVBuilder.this.writeUInt32(j);
                    }
                });
            }
        });
        final byte[] bytes = tLVBuilder.toBytes();
        tLVBuilder.clear();
        tLVBuilder.writeComposite(15874, new TLVBuilder.Scope() { // from class: com.gallagher.security.fidoauthenticators.FidoAssertionBuilder.4
            @Override // com.gallagher.security.fidoauthenticators.TLVBuilder.Scope
            public void build() throws GeneralSecurityException {
                TLVBuilder.this.write(bytes);
                TLVBuilder.this.write(11782, FidoAssertionBuilder.sha256ecdsaSign(bytes, signature));
            }
        });
        return Base64.encodeBase64UrlSafe(tLVBuilder.toBytes());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String buildRegAssertion(final byte[] bArr, final short s, final FidoAuthenticationAlgorithm fidoAuthenticationAlgorithm, final FidoPublicKeyEncoding fidoPublicKeyEncoding, final String str, final byte[] bArr2, final PublicKey publicKey, final Signature signature, final long j) throws GeneralSecurityException, FidoAuthenticationException {
        final TLVBuilder tLVBuilder = new TLVBuilder();
        if (bArr2.length > 2048) {
            throw new FidoAuthenticationException("Key ID too long!");
        }
        tLVBuilder.writeComposite(15875, new TLVBuilder.Scope() { // from class: com.gallagher.security.fidoauthenticators.FidoAssertionBuilder.1
            @Override // com.gallagher.security.fidoauthenticators.TLVBuilder.Scope
            public void build() throws GeneralSecurityException {
                TLVBuilder.this.write(11787, bArr);
                TLVBuilder.this.writeComposite(11790, new TLVBuilder.Scope() { // from class: com.gallagher.security.fidoauthenticators.FidoAssertionBuilder.1.1
                    @Override // com.gallagher.security.fidoauthenticators.TLVBuilder.Scope
                    public void build() {
                        TLVBuilder.this.writeUInt16(s);
                        TLVBuilder.this.writeUInt8(1);
                        TLVBuilder.this.writeUInt16(fidoAuthenticationAlgorithm.value);
                        TLVBuilder.this.writeUInt16(fidoPublicKeyEncoding.value);
                    }
                });
                TLVBuilder.this.write(11786, FidoAssertionBuilder.sha256hash(str));
                TLVBuilder.this.write(11785, bArr2);
                TLVBuilder.this.writeComposite(11789, new TLVBuilder.Scope() { // from class: com.gallagher.security.fidoauthenticators.FidoAssertionBuilder.1.2
                    @Override // com.gallagher.security.fidoauthenticators.TLVBuilder.Scope
                    public void build() {
                        TLVBuilder.this.writeUInt32(1L);
                        TLVBuilder.this.writeUInt32(j);
                    }
                });
                TLVBuilder.this.writeComposite(11788, new TLVBuilder.Scope() { // from class: com.gallagher.security.fidoauthenticators.FidoAssertionBuilder.1.3
                    @Override // com.gallagher.security.fidoauthenticators.TLVBuilder.Scope
                    public void build() {
                        TLVBuilder.this.writeUInt8(4);
                        ECPoint w = ((ECPublicKey) publicKey).getW();
                        TLVBuilder.this.writeBigInt(w.getAffineX().toByteArray(), 32);
                        TLVBuilder.this.writeBigInt(w.getAffineY().toByteArray(), 32);
                    }
                });
            }
        });
        final byte[] bytes = tLVBuilder.toBytes();
        tLVBuilder.clear();
        tLVBuilder.writeComposite(15873, new TLVBuilder.Scope() { // from class: com.gallagher.security.fidoauthenticators.FidoAssertionBuilder.2
            @Override // com.gallagher.security.fidoauthenticators.TLVBuilder.Scope
            public void build() throws GeneralSecurityException {
                TLVBuilder.this.write(bytes);
                TLVBuilder.this.writeComposite(15880, new TLVBuilder.Scope() { // from class: com.gallagher.security.fidoauthenticators.FidoAssertionBuilder.2.1
                    @Override // com.gallagher.security.fidoauthenticators.TLVBuilder.Scope
                    public void build() throws GeneralSecurityException {
                        TLVBuilder.this.write(11782, FidoAssertionBuilder.sha256ecdsaSign(bytes, signature));
                    }
                });
            }
        });
        return Base64.encodeBase64UrlSafe(tLVBuilder.toBytes());
    }

    public static byte[] convertDERtoRAW(byte[] bArr) {
        byte[] bArr2 = new byte[64];
        byte b = bArr[3];
        byte b2 = 32;
        int i = 4;
        if (b > 32) {
            i = 4 + (b - 32);
            b = 32;
        }
        System.arraycopy(bArr, i, bArr2, 32 - b, b);
        int i2 = i + b + 1;
        int i3 = i2 + 1;
        byte b3 = bArr[i2];
        if (b3 > 32) {
            i3 += b3 - 32;
        } else {
            b2 = b3;
        }
        System.arraycopy(bArr, i3, bArr2, 64 - b2, b2);
        return bArr2;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static byte[] sha256ecdsaSign(byte[] bArr, Signature signature) throws GeneralSecurityException {
        signature.update(bArr);
        return convertDERtoRAW(signature.sign());
    }

    static byte[] sha256hash(String str) {
        try {
            return MessageDigest.getInstance("SHA-256").digest(str.getBytes(UTF8));
        } catch (NoSuchAlgorithmException unused) {
            throw new FatalError("Device does not support MessageDigest.getInstance(SHA-256)!");
        }
    }
}
