package com.yubico.u2f;

import com.google.common.base.Optional;
import com.yubico.u2f.crypto.BouncyCastleCrypto;
import com.yubico.u2f.crypto.ChallengeGenerator;
import com.yubico.u2f.crypto.Crypto;
import com.yubico.u2f.crypto.RandomChallengeGenerator;
import com.yubico.u2f.data.DeviceRegistration;
import com.yubico.u2f.data.messages.AuthenticateResponse;
import com.yubico.u2f.data.messages.ClientData;
import com.yubico.u2f.data.messages.RegisterResponse;
import com.yubico.u2f.data.messages.StartedAuthentication;
import com.yubico.u2f.data.messages.StartedRegistration;
import com.yubico.u2f.data.messages.key.RawAuthenticateResponse;
import com.yubico.u2f.data.messages.key.RawRegisterResponse;
import com.yubico.u2f.exceptions.U2fException;
import java.util.Set;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:com/yubico/u2f/U2F.class */
public class U2F {
    public static final String U2F_VERSION = "U2F_V2";
    private static final ChallengeGenerator challengeGenerator = new RandomChallengeGenerator();
    public static final Crypto crypto = new BouncyCastleCrypto();
    public static final String AUTHENTICATE_TYP = "navigator.id.getAssertion";
    public static final String REGISTER_TYPE = "navigator.id.finishEnrollment";

    public static StartedRegistration startRegistration(String str) {
        return new StartedRegistration(Base64.encodeBase64URLSafeString(challengeGenerator.generateChallenge()), str);
    }

    public static DeviceRegistration finishRegistration(StartedRegistration startedRegistration, RegisterResponse registerResponse) throws U2fException {
        return finishRegistration(startedRegistration, registerResponse, null);
    }

    public static DeviceRegistration finishRegistration(StartedRegistration startedRegistration, RegisterResponse registerResponse, Set<String> set) throws U2fException {
        ClientData clientData = registerResponse.getClientData();
        clientData.checkContent(REGISTER_TYPE, startedRegistration.getChallenge(), Optional.fromNullable(set));
        RawRegisterResponse fromBase64 = RawRegisterResponse.fromBase64(registerResponse.getRegistrationData());
        fromBase64.checkSignature(startedRegistration.getAppId(), clientData.getRawClientData());
        return fromBase64.createDevice();
    }

    public static StartedAuthentication startAuthentication(String str, DeviceRegistration deviceRegistration) {
        return new StartedAuthentication(Base64.encodeBase64URLSafeString(challengeGenerator.generateChallenge()), str, Base64.encodeBase64URLSafeString(deviceRegistration.getKeyHandle()));
    }

    public static void finishAuthentication(StartedAuthentication startedAuthentication, AuthenticateResponse authenticateResponse, DeviceRegistration deviceRegistration) throws U2fException {
        finishAuthentication(startedAuthentication, authenticateResponse, deviceRegistration, null);
    }

    public static void finishAuthentication(StartedAuthentication startedAuthentication, AuthenticateResponse authenticateResponse, DeviceRegistration deviceRegistration, Set<String> set) throws U2fException {
        ClientData clientData = authenticateResponse.getClientData();
        clientData.checkContent(AUTHENTICATE_TYP, startedAuthentication.getChallenge(), Optional.fromNullable(set));
        RawAuthenticateResponse fromBase64 = RawAuthenticateResponse.fromBase64(authenticateResponse.getSignatureData());
        fromBase64.checkSignature(startedAuthentication.getAppId(), clientData.getRawClientData(), deviceRegistration.getPublicKey());
        fromBase64.checkUserPresence();
        deviceRegistration.checkAndIncrementCounter(fromBase64.getCounter());
    }
}
