package se.linkon.x2ab.mtb;

import com.nimbusds.jose.jwk.JWKParameterNames;
import com.upokecenter.cbor.CBORObject;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import se.linkon.x2ab.mtb.domain.common.CBOREncodedMTBContainer;
import se.linkon.x2ab.mtb.domain.common.IssuerDetails;
import se.linkon.x2ab.mtb.domain.common.MTSVersion;
import se.linkon.x2ab.mtb.domain.container.device.DeviceHeader;
import se.linkon.x2ab.mtb.domain.container.issuer.IssuerHeader;
import se.linkon.x2ab.mtb.domain.container.ticket.Ticket;
import se.linkon.x2ab.mtb.domain.container.ticket.TicketBundle;
import se.linkon.x2ab.mtb.domain.exception.EncodeMTBContainerException;
import se.linkon.x2ab.mtb.domain.exception.MTBSignatureException;
import se.linkon.x2ab.mtb.domain.security.IssuerSignatureAlgorithm;
import se.linkon.x2ab.mtb.domain.security.IssuerSignatureKey;
import se.linkon.x2ab.mtb.util.DeviceSignatureUtil;
import se.linkon.x2ab.mtb.util.IssuerSignatureUtil;

/* loaded from: classes21.dex */
public class MTBEncoder {
    private byte[] createDeviceSignature(DeviceHeader deviceHeader, String str, byte[] bArr) throws InvalidKeyException, NoSuchAlgorithmException, IOException {
        return DeviceSignatureUtil.createSignature(bArr, DeviceSignatureUtil.getDeviceKey(deviceHeader.getDeviceId(), deviceHeader.getKeyId(), str), deviceHeader.getDeviceSignatureAlgorithm());
    }

    private byte[] createIssuerSignature(byte[] bArr, PrivateKey privateKey, IssuerSignatureAlgorithm issuerSignatureAlgorithm) throws InvalidKeyException, MTBSignatureException {
        return IssuerSignatureUtil.createJWSSignature(bArr, privateKey, issuerSignatureAlgorithm);
    }

    private CBORObject createMTBContainer(CBORObject cBORObject, CBORObject cBORObject2) {
        return CBORObject.NewMap().Add("v", cBORObject.EncodeToBytes()).Add(JWKParameterNames.RSA_FIRST_PRIME_FACTOR, cBORObject2.EncodeToBytes());
    }

    private CBORObject createVersionObject(MTSVersion mTSVersion) {
        return mTSVersion.equals(MTSVersion.MTS_VERSION_1_2) ? CBORObject.FromObject(mTSVersion.getMajorVersion()) : CBORObject.FromObject(String.valueOf(mTSVersion.getMajorVersion()));
    }

    private byte[] toByteArray(CBORObject cBORObject) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CBORObject.Write(cBORObject, (OutputStream) byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    private void verifyMTSVersion(MTSVersion mTSVersion, TicketBundle ticketBundle) throws EncodeMTBContainerException {
        if (!MTSVersion.isVersionSupported(mTSVersion)) {
            throw new EncodeMTBContainerException(String.format("Unsupported MTS version %s.%s found.", Integer.valueOf(mTSVersion.getMajorVersion()), Integer.valueOf(mTSVersion.getMinorVersion())));
        }
        for (Ticket ticket : ticketBundle.getAllTickets()) {
            if (!ticket.isVersionSupported(mTSVersion)) {
                throw new EncodeMTBContainerException(String.format("Ticket %s does not support MTS version %s.%s.", ticket.getTicketId(), Integer.valueOf(mTSVersion.getMajorVersion()), Integer.valueOf(mTSVersion.getMinorVersion())));
            }
        }
    }

    public byte[] addDeviceDetailsToMTB(DeviceHeader deviceHeader, String str, CBOREncodedMTBContainer cBOREncodedMTBContainer) throws EncodeMTBContainerException {
        try {
            CBORObject version = cBOREncodedMTBContainer.getVersion();
            CBORObject Add = CBORObject.NewArray().Add(CBORObject.FromJSONString(deviceHeader.toJSON()).EncodeToBytes()).Add(cBOREncodedMTBContainer.getIssuerSignedTicketBundle().EncodeToBytes());
            return toByteArray(createMTBContainer(version, Add.Add(createDeviceSignature(deviceHeader, str, Add.EncodeToBytes()))));
        } catch (Exception e) {
            throw new EncodeMTBContainerException("Failed to add device header and signature to the MTB container.", e);
        }
    }

    public byte[] encodeMTBData(TicketBundle ticketBundle, IssuerDetails issuerDetails, MTSVersion mTSVersion) throws EncodeMTBContainerException {
        verifyMTSVersion(mTSVersion, ticketBundle);
        try {
            IssuerSignatureKey issuerSignatureKey = issuerDetails.getIssuerSignatureKey();
            CBORObject Add = CBORObject.NewArray().Add(CBORObject.FromJSONString(new IssuerHeader(issuerSignatureKey.getSignatureAlgorithm(), issuerDetails.getIssuerId(), issuerSignatureKey.getKeyId(), mTSVersion, issuerDetails.getSignatureExpiryDate()).toJSON()).EncodeToBytes()).Add(CBORObject.FromJSONString(ticketBundle.toJSON()).EncodeToBytes());
            return toByteArray(createMTBContainer(createVersionObject(mTSVersion), Add.Add(createIssuerSignature(Add.EncodeToBytes(), issuerSignatureKey.getPrivateKey(), issuerSignatureKey.getSignatureAlgorithm()))));
        } catch (Exception e) {
            throw new EncodeMTBContainerException(String.format("Failed to encode MTB container for ticket bundle '%s'.", ticketBundle.toJSON()), e);
        }
    }
}
