package com.yubico.webauthn;

import COSE.CoseException;
import COSE.OneKey;
import com.google.common.primitives.Bytes;
import com.upokecenter.cbor.CBORObject;
import com.yubico.webauthn.data.ByteArray;
import com.yubico.webauthn.data.COSEAlgorithmIdentifier;
import java.io.IOException;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Optional;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:lib/webauthn-server-core-minimal-1.12.2.jar:com/yubico/webauthn/WebAuthnCodecs.class */
public final class WebAuthnCodecs {
    private static final ByteArray ED25519_CURVE_OID = new ByteArray(new byte[]{48, 5, 6, 3, 43, 101, 112});

    WebAuthnCodecs() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Type inference failed for: r2v5, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r5v3, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r5v6, types: [byte[], byte[][]] */
    public static ByteArray ecPublicKeyToRaw(ECPublicKey eCPublicKey) {
        byte[] byteArray = eCPublicKey.getW().getAffineX().toByteArray();
        byte[] byteArray2 = eCPublicKey.getW().getAffineY().toByteArray();
        byte[] bArr = new byte[Math.max(0, 32 - byteArray.length)];
        byte[] bArr2 = new byte[Math.max(0, 32 - byteArray2.length)];
        Arrays.fill(bArr, (byte) 0);
        Arrays.fill(bArr2, (byte) 0);
        return new ByteArray(Bytes.concat((byte[][]) new byte[]{new byte[]{4}, Bytes.concat((byte[][]) new byte[]{bArr, Arrays.copyOfRange(byteArray, Math.max(0, byteArray.length - 32), byteArray.length)}), Bytes.concat((byte[][]) new byte[]{bArr2, Arrays.copyOfRange(byteArray2, Math.max(0, byteArray2.length - 32), byteArray2.length)})}));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ByteArray rawEcKeyToCose(ByteArray byteArray) {
        byte[] bytes = byteArray.getBytes();
        if (bytes.length != 64 && (bytes.length != 65 || bytes[0] != 4)) {
            throw new IllegalArgumentException(String.format("Raw key must be 64 bytes long or be 65 bytes long and start with 0x04, was %d bytes starting with %02x", Integer.valueOf(bytes.length), Byte.valueOf(bytes[0])));
        }
        int i = bytes.length == 64 ? 0 : 1;
        HashMap hashMap = new HashMap();
        hashMap.put(1L, 2L);
        hashMap.put(3L, Long.valueOf(COSEAlgorithmIdentifier.ES256.getId()));
        hashMap.put(-1L, 1L);
        hashMap.put(-2L, Arrays.copyOfRange(bytes, i, i + 32));
        hashMap.put(-3L, Arrays.copyOfRange(bytes, i + 32, i + 64));
        return new ByteArray(CBORObject.FromObject(hashMap).EncodeToBytes());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PublicKey importCosePublicKey(ByteArray byteArray) throws CoseException, IOException, InvalidKeySpecException, NoSuchAlgorithmException {
        CBORObject DecodeFromBytes = CBORObject.DecodeFromBytes(byteArray.getBytes());
        int AsInt32 = DecodeFromBytes.get(CBORObject.FromObject(1)).AsInt32();
        switch (AsInt32) {
            case 1:
                return importCoseEdDsaPublicKey(DecodeFromBytes);
            case 2:
                return importCoseP256PublicKey(DecodeFromBytes);
            case 3:
                return importCoseRsaPublicKey(DecodeFromBytes);
            default:
                throw new IllegalArgumentException("Unsupported key type: " + AsInt32);
        }
    }

    private static PublicKey importCoseRsaPublicKey(CBORObject cBORObject) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return Crypto.getKeyFactory("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(1, cBORObject.get(CBORObject.FromObject(-1)).GetByteString()), new BigInteger(1, cBORObject.get(CBORObject.FromObject(-2)).GetByteString())));
    }

    private static ECPublicKey importCoseP256PublicKey(CBORObject cBORObject) throws CoseException {
        return (ECPublicKey) new OneKey(cBORObject).AsPublicKey();
    }

    private static PublicKey importCoseEdDsaPublicKey(CBORObject cBORObject) throws InvalidKeySpecException, NoSuchAlgorithmException {
        int AsInt32 = cBORObject.get(CBORObject.FromObject(-1)).AsInt32();
        switch (AsInt32) {
            case 6:
                return importCoseEd25519PublicKey(cBORObject);
            default:
                throw new IllegalArgumentException("Unsupported EdDSA curve: " + AsInt32);
        }
    }

    private static PublicKey importCoseEd25519PublicKey(CBORObject cBORObject) throws InvalidKeySpecException, NoSuchAlgorithmException {
        ByteArray byteArray = new ByteArray(cBORObject.get(CBORObject.FromObject(-2)).GetByteString());
        return Crypto.getKeyFactory("EdDSA").generatePublic(new X509EncodedKeySpec(new ByteArray(new byte[]{48, (byte) (ED25519_CURVE_OID.size() + 3 + byteArray.size())}).concat(ED25519_CURVE_OID).concat(new ByteArray(new byte[]{3, (byte) (byteArray.size() + 1), 0})).concat(byteArray).getBytes()));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Optional<COSEAlgorithmIdentifier> getCoseKeyAlg(ByteArray byteArray) {
        return COSEAlgorithmIdentifier.fromId(CBORObject.DecodeFromBytes(byteArray.getBytes()).get(CBORObject.FromObject(3)).AsInt32());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getJavaAlgorithmName(COSEAlgorithmIdentifier cOSEAlgorithmIdentifier) {
        switch (cOSEAlgorithmIdentifier) {
            case EdDSA:
                return "EDDSA";
            case ES256:
                return "SHA256withECDSA";
            case RS256:
                return "SHA256withRSA";
            case RS1:
                return "SHA1withRSA";
            default:
                throw new IllegalArgumentException("Unknown algorithm: " + cOSEAlgorithmIdentifier);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String jwsAlgorithmNameToJavaAlgorithmName(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case 78251122:
                if (str.equals("RS256")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return "SHA256withRSA";
            default:
                throw new IllegalArgumentException("Unknown algorithm: " + str);
        }
    }
}
