package pro.javacard.fido2.common;

import apdu4j.core.CommandAPDU;
import com.fasterxml.jackson.dataformat.cbor.CBORFactory;
import com.fasterxml.jackson.dataformat.cbor.CBORGenerator;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:pro/javacard/fido2/common/U2FRegister.class */
public class U2FRegister {
    private static final Logger logger = LoggerFactory.getLogger(U2FRegister.class);

    void verifyU2FRegistration(MakeCredentialCommand makeCredentialCommand) throws IllegalArgumentException {
        if (makeCredentialCommand.options.getOrDefault("rk", false).booleanValue()) {
            throw new IllegalArgumentException("rk is not supported");
        }
        if (makeCredentialCommand.options.getOrDefault("uv", false).booleanValue()) {
            throw new IllegalArgumentException("uv is not supported");
        }
        if (makeCredentialCommand.extensions.size() > 0) {
            throw new IllegalArgumentException("extensions are not supported");
        }
        if (makeCredentialCommand.algorithms.size() != 1 || makeCredentialCommand.algorithms.get(0).intValue() != -7) {
            throw new IllegalArgumentException("U2F supports only P256");
        }
    }

    public static byte[] toCBOR(MakeCredentialCommand makeCredentialCommand, byte[] bArr) throws IOException {
        int i = 0 + 1;
        if (bArr[0] != 5) {
            throw new IllegalArgumentException("response[0] is not 0x05");
        }
        byte[] copyOfRange = Arrays.copyOfRange(bArr, i, i + 65);
        int i2 = i + 65;
        logger.debug("Pubkey: {}", Hex.toHexString(copyOfRange));
        int i3 = i2 + 1;
        int i4 = bArr[i2] & 255;
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr, i3, i3 + i4);
        int i5 = i3 + i4;
        logger.debug("keyhandle: {}", Hex.toHexString(copyOfRange2));
        ASN1InputStream aSN1InputStream = new ASN1InputStream(Arrays.copyOfRange(bArr, i5, bArr.length));
        try {
            byte[] encoded = new X509CertificateHolder(Certificate.getInstance(aSN1InputStream.readObject())).getEncoded();
            int length = i5 + encoded.length;
            aSN1InputStream.close();
            byte[] copyOfRange3 = Arrays.copyOfRange(bArr, length, bArr.length);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write(new byte[16]);
            byteArrayOutputStream.write(0);
            byteArrayOutputStream.write(i4);
            byteArrayOutputStream.write(copyOfRange2);
            byteArrayOutputStream.write(P256.pubkey2cbor(P256.uncompressed2pubkey(copyOfRange)));
            logger.debug("Attestation data: " + Hex.toHexString(byteArrayOutputStream.toByteArray()));
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            byteArrayOutputStream2.write(PINProtocols.sha256(makeCredentialCommand.origin.getBytes(StandardCharsets.UTF_8)));
            byteArrayOutputStream2.write(65);
            byteArrayOutputStream2.write(new byte[4]);
            byteArrayOutputStream2.write(byteArrayOutputStream.toByteArray());
            logger.debug("Authenticator data: " + Hex.toHexString(byteArrayOutputStream2.toByteArray()));
            ByteArrayOutputStream byteArrayOutputStream3 = new ByteArrayOutputStream();
            CBORGenerator createGenerator = new CBORFactory().createGenerator(byteArrayOutputStream3);
            createGenerator.writeStartObject(3);
            createGenerator.writeFieldId(1L);
            createGenerator.writeString("fido-u2f");
            createGenerator.writeFieldId(2L);
            createGenerator.writeBinary(byteArrayOutputStream2.toByteArray());
            createGenerator.writeFieldId(3L);
            createGenerator.writeStartObject(2);
            createGenerator.writeFieldName("sig");
            createGenerator.writeBinary(copyOfRange3);
            createGenerator.writeFieldName("x5c");
            createGenerator.writeStartArray(1);
            createGenerator.writeBinary(encoded);
            createGenerator.writeEndArray();
            createGenerator.writeEndObject();
            createGenerator.writeEndObject();
            createGenerator.close();
            return byteArrayOutputStream3.toByteArray();
        } catch (Throwable th) {
            try {
                aSN1InputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    /* JADX WARN: Type inference failed for: r0v6, types: [byte[], byte[][]] */
    public static byte[] toRegisterCommand(MakeCredentialCommand makeCredentialCommand) {
        byte[] sha256 = PINProtocols.sha256(makeCredentialCommand.origin.getBytes(StandardCharsets.UTF_8));
        logger.debug("AppID: {}", Hex.toHexString(sha256));
        return new CommandAPDU(0, 1, 0, 0, CryptoUtils.concatenate(new byte[]{makeCredentialCommand.clientDataHash, sha256}), 65536).getBytes();
    }
}
