package com.ksign.wizpass.fido.uaf.client;

import android.util.Base64;
import com.dream.magic.fido.uaf.auth.crypto.CryptoConst;
import com.ksign.wizpass.fido.asmsw.util.Utils;
import com.ksign.wizpass.fido.uaf.crypto.Asn1;
import com.ksign.wizpass.fido.uaf.crypto.KeyCodec;
import com.ksign.wizpass.fido.uaf.crypto.NamedCurve;
import com.ksign.wizpass.fido.uaf.crypto.SHA;
import com.ksign.wizpass.fido.uaf.tlv.TagsEnum;
import com.ksign.wizpass.fido.uaf.tlv.TlvAssertionParser;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.util.logging.Logger;
import org.spongycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.spongycastle.jce.interfaces.ECPublicKey;

/* loaded from: classes2.dex */
public class RegAssertionBuilder {
    private KeyPair keyPair;
    private Logger logger = Logger.getLogger(getClass().getName());
    private TlvAssertionParser parser = new TlvAssertionParser();

    public RegAssertionBuilder(KeyPair keyPair) {
        this.keyPair = null;
        this.keyPair = keyPair;
    }

    private byte[] getAttestationBasicFull(byte[] bArr) throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_SIGNATURE.id));
        byte[] signature = getSignature(bArr);
        byteArrayOutputStream.write(Utils.encodeInt(signature.length));
        byteArrayOutputStream.write(signature);
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_ATTESTATION_CERT.id));
        byte[] decode = Base64.decode(AttestCert.base64DERCert, 1);
        byteArrayOutputStream.write(Utils.encodeInt(decode.length));
        byteArrayOutputStream.write(decode);
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getCounters() throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(Utils.encodeInt(0));
        byteArrayOutputStream.write(Utils.encodeInt(0));
        byteArrayOutputStream.write(Utils.encodeInt(0));
        byteArrayOutputStream.write(Utils.encodeInt(0));
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getKeyId() throws IOException {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    private byte[] getPubKeyId() throws Exception {
        return KeyCodec.getKeyAsRawBytes((BCECPublicKey) this.keyPair.getPublic());
    }

    private byte[] getRegAssertion(byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_UAFV1_KRD.id));
        byte[] signedData = getSignedData(bArr, bArr2, bArr3);
        byteArrayOutputStream.write(Utils.encodeInt(signedData.length));
        byteArrayOutputStream.write(signedData);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_ATTESTATION_BASIC_FULL.id));
        byte[] attestationBasicFull = getAttestationBasicFull(byteArray);
        byteArrayOutputStream.write(Utils.encodeInt(attestationBasicFull.length));
        byteArrayOutputStream.write(attestationBasicFull);
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getSignature(byte[] bArr) throws Exception {
        PrivateKey privKey = KeyCodec.getPrivKey(Base64.decode(AttestCert.priv, 1));
        byte[] decode = Base64.decode(AttestCert.pubCert, 1);
        BigInteger[] signAndFromatToRS = NamedCurve.signAndFromatToRS(privKey, SHA.sha(bArr, CryptoConst.ALG_SHA_256));
        if (NamedCurve.verify(KeyCodec.getKeyAsRawBytes((ECPublicKey) KeyCodec.getPubKey(decode)), SHA.sha(bArr, CryptoConst.ALG_SHA_256), Asn1.decodeToBigIntegerArray(Asn1.getEncoded(signAndFromatToRS)))) {
            return Asn1.toRawSignatureBytes(signAndFromatToRS);
        }
        throw new RuntimeException("Signature match fail");
    }

    private byte[] getSignedData(byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_AAID.id));
        byteArrayOutputStream.write(Utils.encodeInt(bArr.length));
        byteArrayOutputStream.write(bArr);
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_ASSERTION_INFO.id));
        byteArrayOutputStream.write(Utils.encodeInt(7));
        byteArrayOutputStream.write(new byte[]{1, 0, 1, 1, 0, 0, 1});
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_FINAL_CHALLENGE_HASH.id));
        byteArrayOutputStream.write(Utils.encodeInt(bArr2.length));
        byteArrayOutputStream.write(bArr2);
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_KEYID.id));
        if (bArr3 == null || bArr3.length != 32) {
            return null;
        }
        byteArrayOutputStream.write(Utils.encodeInt(bArr3.length));
        byteArrayOutputStream.write(bArr3);
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_COUNTERS.id));
        byte[] counters = getCounters();
        byteArrayOutputStream.write(Utils.encodeInt(counters.length));
        byteArrayOutputStream.write(counters);
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_PUB_KEY.id));
        byte[] pubKeyId = getPubKeyId();
        byteArrayOutputStream.write(Utils.encodeInt(pubKeyId.length));
        byteArrayOutputStream.write(pubKeyId);
        return byteArrayOutputStream.toByteArray();
    }

    public byte[] generateAssertion(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            byte[] regAssertion = getRegAssertion(bArr, bArr2, bArr3);
            if (regAssertion == null) {
                return null;
            }
            byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_UAFV1_REG_ASSERTION.id));
            byteArrayOutputStream.write(Utils.encodeInt(regAssertion.length));
            byteArrayOutputStream.write(regAssertion);
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }
}
