package com.yubico.webauthn;

import COSE.CoseException;
import COSE.OneKey;
import com.google.common.primitives.Bytes;
import com.upokecenter.cbor.CBORObject;
import com.upokecenter.numbers.EContext;
import com.yubico.webauthn.data.ByteArray;
import com.yubico.webauthn.data.COSEAlgorithmIdentifier;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.HashMap;
import org.apache.hc.client5.http.routing.HttpRouteDirector;

/* JADX INFO: Access modifiers changed from: package-private */
/* JADX WARN: Classes with same name are omitted:
  input_file:com/yubico/webauthn/WebAuthnCodecs.class
 */
/* loaded from: input_file:webauthn-server-core-2.4.0.jar:com/yubico/webauthn/WebAuthnCodecs.class */
public final class WebAuthnCodecs {
    private static final ByteArray ED25519_CURVE_OID = new ByteArray(new byte[]{48, 5, 6, 3, 43, 101, 112});

    /* JADX WARN: Classes with same name are omitted:
      input_file:com/yubico/webauthn/WebAuthnCodecs$1.class
     */
    /* renamed from: com.yubico.webauthn.WebAuthnCodecs$1, reason: invalid class name */
    /* loaded from: input_file:webauthn-server-core-2.4.0.jar:com/yubico/webauthn/WebAuthnCodecs$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$yubico$webauthn$data$COSEAlgorithmIdentifier = new int[COSEAlgorithmIdentifier.values().length];

        static {
            try {
                $SwitchMap$com$yubico$webauthn$data$COSEAlgorithmIdentifier[COSEAlgorithmIdentifier.EdDSA.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$yubico$webauthn$data$COSEAlgorithmIdentifier[COSEAlgorithmIdentifier.ES256.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$yubico$webauthn$data$COSEAlgorithmIdentifier[COSEAlgorithmIdentifier.ES384.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$yubico$webauthn$data$COSEAlgorithmIdentifier[COSEAlgorithmIdentifier.ES512.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$com$yubico$webauthn$data$COSEAlgorithmIdentifier[COSEAlgorithmIdentifier.RS256.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$com$yubico$webauthn$data$COSEAlgorithmIdentifier[COSEAlgorithmIdentifier.RS384.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$com$yubico$webauthn$data$COSEAlgorithmIdentifier[COSEAlgorithmIdentifier.RS512.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$com$yubico$webauthn$data$COSEAlgorithmIdentifier[COSEAlgorithmIdentifier.RS1.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
        }
    }

    WebAuthnCodecs() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Type inference failed for: r2v5, types: [byte[], byte[][]] */
    public static ByteArray ecPublicKeyToRaw(ECPublicKey eCPublicKey) {
        int intExact = Math.toIntExact(Math.round(Math.ceil(eCPublicKey.getParams().getCurve().getField().getFieldSize() / 8.0d)));
        byte[] byteArray = eCPublicKey.getW().getAffineX().toByteArray();
        byte[] byteArray2 = eCPublicKey.getW().getAffineY().toByteArray();
        byte[] bArr = new byte[Math.max(0, intExact - byteArray.length)];
        byte[] bArr2 = new byte[Math.max(0, intExact - byteArray2.length)];
        Arrays.fill(bArr, (byte) 0);
        Arrays.fill(bArr2, (byte) 0);
        return new ByteArray(Bytes.concat((byte[][]) new byte[]{new byte[]{4}, bArr, Arrays.copyOfRange(byteArray, Math.max(0, byteArray.length - intExact), byteArray.length), bArr2, Arrays.copyOfRange(byteArray2, Math.max(0, byteArray2.length - intExact), byteArray2.length)}));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ByteArray rawEcKeyToCose(ByteArray byteArray) {
        COSEAlgorithmIdentifier cOSEAlgorithmIdentifier;
        int i;
        byte[] bytes = byteArray.getBytes();
        int length = bytes.length;
        int length2 = bytes.length - 1;
        if (length != 64 && length != 96 && length != 132 && (bytes[0] != 4 || (length2 != 64 && length2 != 96 && length2 != 132))) {
            throw new IllegalArgumentException(String.format("Raw key must be 64, 96 or 132 bytes long, or start with 0x04 and be 65, 97 or 133 bytes long; was %d bytes starting with %02x", Integer.valueOf(bytes.length), Byte.valueOf(bytes[0])));
        }
        int i2 = (length == 64 || length == 96 || length == 132) ? 0 : 1;
        int i3 = (length - i2) / 2;
        HashMap hashMap = new HashMap();
        hashMap.put(1L, 2L);
        switch (length - i2) {
            case EContext.FlagInvalid /* 64 */:
                cOSEAlgorithmIdentifier = COSEAlgorithmIdentifier.ES256;
                i = 1;
                break;
            case 96:
                cOSEAlgorithmIdentifier = COSEAlgorithmIdentifier.ES384;
                i = 2;
                break;
            case 132:
                cOSEAlgorithmIdentifier = COSEAlgorithmIdentifier.ES512;
                i = 3;
                break;
            default:
                throw new RuntimeException("Failed to determine COSE EC algorithm. This should not be possible, please file a bug report.");
        }
        hashMap.put(3L, Long.valueOf(cOSEAlgorithmIdentifier.getId()));
        hashMap.put(-1L, Integer.valueOf(i));
        hashMap.put(-2L, Arrays.copyOfRange(bytes, i2, i2 + i3));
        hashMap.put(-3L, Arrays.copyOfRange(bytes, i2 + i3, i2 + (2 * i3)));
        return new ByteArray(CBORObject.FromObject(hashMap).EncodeToBytes());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PublicKey importCosePublicKey(ByteArray byteArray) throws CoseException, IOException, InvalidKeySpecException, NoSuchAlgorithmException {
        CBORObject DecodeFromBytes = CBORObject.DecodeFromBytes(byteArray.getBytes());
        int AsInt32 = DecodeFromBytes.get(CBORObject.FromObject(1)).AsInt32();
        switch (AsInt32) {
            case 1:
                return importCoseEdDsaPublicKey(DecodeFromBytes);
            case 2:
                return importCoseP256PublicKey(DecodeFromBytes);
            case HttpRouteDirector.TUNNEL_TARGET /* 3 */:
                return importCoseRsaPublicKey(DecodeFromBytes);
            default:
                throw new IllegalArgumentException("Unsupported key type: " + AsInt32);
        }
    }

    private static PublicKey importCoseRsaPublicKey(CBORObject cBORObject) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(1, cBORObject.get(CBORObject.FromObject(-1)).GetByteString()), new BigInteger(1, cBORObject.get(CBORObject.FromObject(-2)).GetByteString())));
    }

    private static ECPublicKey importCoseP256PublicKey(CBORObject cBORObject) throws CoseException {
        return (ECPublicKey) new OneKey(cBORObject).AsPublicKey();
    }

    private static PublicKey importCoseEdDsaPublicKey(CBORObject cBORObject) throws InvalidKeySpecException, NoSuchAlgorithmException {
        int AsInt32 = cBORObject.get(CBORObject.FromObject(-1)).AsInt32();
        switch (AsInt32) {
            case 6:
                return importCoseEd25519PublicKey(cBORObject);
            default:
                throw new IllegalArgumentException("Unsupported EdDSA curve: " + AsInt32);
        }
    }

    private static PublicKey importCoseEd25519PublicKey(CBORObject cBORObject) throws InvalidKeySpecException, NoSuchAlgorithmException {
        ByteArray byteArray = new ByteArray(cBORObject.get(CBORObject.FromObject(-2)).GetByteString());
        return KeyFactory.getInstance("EdDSA").generatePublic(new X509EncodedKeySpec(new ByteArray(new byte[]{48, (byte) (ED25519_CURVE_OID.size() + 3 + byteArray.size())}).concat(ED25519_CURVE_OID).concat(new ByteArray(new byte[]{3, (byte) (byteArray.size() + 1), 0})).concat(byteArray).getBytes()));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getJavaAlgorithmName(COSEAlgorithmIdentifier cOSEAlgorithmIdentifier) {
        switch (AnonymousClass1.$SwitchMap$com$yubico$webauthn$data$COSEAlgorithmIdentifier[cOSEAlgorithmIdentifier.ordinal()]) {
            case 1:
                return "EDDSA";
            case 2:
                return "SHA256withECDSA";
            case HttpRouteDirector.TUNNEL_TARGET /* 3 */:
                return "SHA384withECDSA";
            case 4:
                return "SHA512withECDSA";
            case 5:
                return "SHA256withRSA";
            case 6:
                return "SHA384withRSA";
            case 7:
                return "SHA512withRSA";
            case EContext.FlagUnderflow /* 8 */:
                return "SHA1withRSA";
            default:
                throw new IllegalArgumentException("Unknown algorithm: " + cOSEAlgorithmIdentifier);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String jwsAlgorithmNameToJavaAlgorithmName(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case 78251122:
                if (str.equals("RS256")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return "SHA256withRSA";
            default:
                throw new IllegalArgumentException("Unknown algorithm: " + str);
        }
    }
}
