package com.ksign.wizpass.fido.uaf.client;

import androidx.core.view.MotionEventCompat;
import com.dream.magic.fido.uaf.auth.crypto.CryptoConst;
import com.ksign.wizpass.fido.asmsw.util.Utils;
import com.ksign.wizpass.fido.uaf.crypto.Asn1;
import com.ksign.wizpass.fido.uaf.crypto.BCrypt;
import com.ksign.wizpass.fido.uaf.crypto.Base64url;
import com.ksign.wizpass.fido.uaf.crypto.KeyCodec;
import com.ksign.wizpass.fido.uaf.crypto.NamedCurve;
import com.ksign.wizpass.fido.uaf.crypto.SHA;
import com.ksign.wizpass.fido.uaf.tlv.TagsEnum;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.util.logging.Logger;

/* loaded from: classes2.dex */
public class AuthAssertionBuilder {
    private Logger logger = Logger.getLogger(getClass().getName());

    private byte[] encodeInt(int i) {
        return new byte[]{(byte) (i & 255), (byte) ((i & MotionEventCompat.ACTION_POINTER_INDEX_MASK) >> 8)};
    }

    private byte[] getAuthAssertion(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5, byte b) throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_UAFV1_SIGNED_DATA.id));
        byte[] signedData = getSignedData(bArr, bArr2, bArr3, bArr4, b);
        byteArrayOutputStream.write(Utils.encodeInt(signedData.length));
        byteArrayOutputStream.write(signedData);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_SIGNATURE.id));
        byte[] signature = getSignature(byteArray, bArr5);
        byteArrayOutputStream.write(encodeInt(signature.length));
        byteArrayOutputStream.write(signature);
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getCounters() throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(encodeInt(0));
        byteArrayOutputStream.write(encodeInt(0));
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getSignature(byte[] bArr, byte[] bArr2) throws Exception {
        PrivateKey privKey = KeyCodec.getPrivKey(bArr2);
        this.logger.info(" : dataForSigning : " + Base64url.encode(bArr));
        byte[] rawSignatureBytes = Asn1.toRawSignatureBytes(NamedCurve.signAndFromatToRS(privKey, SHA.sha(bArr, CryptoConst.ALG_SHA_256)));
        this.logger.info(" : signature : " + Base64url.encode(rawSignatureBytes));
        return rawSignatureBytes;
    }

    private byte[] getSignedData(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte b) throws IOException, NoSuchAlgorithmException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_AAID.id));
        if (bArr != null && bArr.length == 9) {
            byteArrayOutputStream.write(encodeInt(bArr.length));
            byteArrayOutputStream.write(bArr);
            byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_ASSERTION_INFO.id));
            byte[] bArr5 = {1, 0, 1, 1, 0};
            bArr5[2] = b;
            byteArrayOutputStream.write(encodeInt(5));
            byteArrayOutputStream.write(bArr5);
            byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_AUTHENTICATOR_NONCE.id));
            byte[] bytes = SHA.sha256(BCrypt.gensalt()).getBytes();
            byteArrayOutputStream.write(encodeInt(bytes.length));
            byteArrayOutputStream.write(bytes);
            byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_FINAL_CHALLENGE_HASH.id));
            if (bArr2 != null && bArr2.length >= 32) {
                byteArrayOutputStream.write(encodeInt(bArr2.length));
                byteArrayOutputStream.write(bArr2);
                byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_TRANSACTION_CONTENT_HASH.id));
                if (b == 1) {
                    byteArrayOutputStream.write(encodeInt(0));
                } else if (b == 2 && bArr3 != null) {
                    byteArrayOutputStream.write(encodeInt(bArr3.length));
                    byteArrayOutputStream.write(bArr3);
                }
                byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_KEYID.id));
                if (bArr4 == null) {
                    return null;
                }
                byteArrayOutputStream.write(encodeInt(bArr4.length));
                byteArrayOutputStream.write(bArr4);
                byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_COUNTERS.id));
                byte[] counters = getCounters();
                byteArrayOutputStream.write(encodeInt(counters.length));
                byteArrayOutputStream.write(counters);
                return byteArrayOutputStream.toByteArray();
            }
        }
        return null;
    }

    public byte[] generateAssertion(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5, byte b) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            byte[] authAssertion = getAuthAssertion(bArr, bArr2, bArr3, bArr4, bArr5, b);
            if (authAssertion == null) {
                return null;
            }
            byteArrayOutputStream.write(Utils.encodeInt(TagsEnum.TAG_UAFV1_AUTH_ASSERTION.id));
            byteArrayOutputStream.write(Utils.encodeInt(authAssertion.length));
            byteArrayOutputStream.write(authAssertion);
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }
}
