package pro.javacard.fido2.common;

import apdu4j.core.CommandAPDU;
import com.fasterxml.jackson.dataformat.cbor.CBORFactory;
import com.fasterxml.jackson.dataformat.cbor.CBORGenerator;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:pro/javacard/fido2/common/U2FAuthenticate.class */
public class U2FAuthenticate {
    private static final Logger logger = LoggerFactory.getLogger(U2FAuthenticate.class);

    static void verifyU2FAuthentication(GetAssertionCommand getAssertionCommand) throws IllegalArgumentException {
        if (getAssertionCommand.options.getOrDefault("uv", false).booleanValue()) {
            throw new IllegalArgumentException("uv is not supported");
        }
        if (getAssertionCommand.extensions.size() > 0) {
            throw new IllegalArgumentException("extensions are not supported");
        }
        if (getAssertionCommand.allowList.size() != 1) {
            throw new IllegalArgumentException("Allow list must have exactly one entry");
        }
    }

    public static byte[] toAuthenticateCommand(GetAssertionCommand getAssertionCommand) throws IOException {
        verifyU2FAuthentication(getAssertionCommand);
        byte[] sha256 = PINProtocols.sha256(getAssertionCommand.origin.getBytes(StandardCharsets.UTF_8));
        logger.debug("AppID: {}", Hex.toHexString(sha256));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(getAssertionCommand.clientDataHash);
        byteArrayOutputStream.write(sha256);
        byteArrayOutputStream.write(getAssertionCommand.allowList.get(0).length);
        byteArrayOutputStream.write(getAssertionCommand.allowList.get(0));
        return new CommandAPDU(0, 2, getAssertionCommand.options.getOrDefault("up", true).booleanValue() ? 3 : 8, 0, byteArrayOutputStream.toByteArray(), 65536).getBytes();
    }

    public static byte[] toCBOR(GetAssertionCommand getAssertionCommand, byte[] bArr) throws IOException {
        byte[] sha256 = PINProtocols.sha256(getAssertionCommand.origin.getBytes(StandardCharsets.UTF_8));
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 1, 5);
        logger.debug("counter: {}", Hex.toHexString(copyOfRange));
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr, 5, bArr.length);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(sha256);
        byteArrayOutputStream.write(bArr[0]);
        byteArrayOutputStream.write(copyOfRange);
        logger.debug("Authenticator data: " + Hex.toHexString(byteArrayOutputStream.toByteArray()));
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
        CBORGenerator createGenerator = new CBORFactory().createGenerator(byteArrayOutputStream2);
        createGenerator.writeStartObject(3);
        createGenerator.writeFieldId(1L);
        createGenerator.writeStartObject(2);
        createGenerator.writeFieldName("type");
        createGenerator.writeString("public-key");
        createGenerator.writeFieldName("id");
        createGenerator.writeBinary(getAssertionCommand.allowList.get(0));
        createGenerator.writeEndObject();
        createGenerator.writeFieldId(2L);
        createGenerator.writeBinary(byteArrayOutputStream.toByteArray());
        createGenerator.writeFieldId(3L);
        createGenerator.writeBinary(copyOfRange2);
        createGenerator.writeEndObject();
        createGenerator.close();
        return byteArrayOutputStream2.toByteArray();
    }
}
