package com.ncsoft.fido.uaf.operation;

import com.ncsoft.fido.client.FidoPreferences;
import com.ncsoft.fido.client.LogUtil;
import com.ncsoft.fido.uaf.Constant;
import com.ncsoft.fido.uaf.crypto.BCrypt;
import com.ncsoft.fido.uaf.crypto.Base64url;
import com.ncsoft.fido.uaf.crypto.FixedCertFidoAttestationSigner;
import com.ncsoft.fido.uaf.crypto.KeyCodec;
import com.ncsoft.fido.uaf.crypto.SHA;
import com.ncsoft.fido.uaf.model.UafResponseData;
import com.ncsoft.fido.uaf.tlv.AlgAndEncodingEnum;
import com.ncsoft.fido.uaf.tlv.Tags;
import com.ncsoft.fido.uaf.tlv.TagsEnum;
import com.ncsoft.fido.uaf.tlv.TlvAssertionParser;
import java.io.ByteArrayOutputStream;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.KeyPair;
import java.security.PublicKey;

/* loaded from: classes.dex */
public class RegAssertionBuilder {
    private static final String KEY_ID_PREFIX = "ncsoft-fido-key-";
    private static final String TAG = RegAssertionBuilder.class.getSimpleName();
    private KeyPair keyPair;
    private TlvAssertionParser parser = new TlvAssertionParser();
    private String username;

    public RegAssertionBuilder(String str, KeyPair keyPair) {
        this.keyPair = null;
        this.keyPair = keyPair;
        this.username = str;
    }

    private byte[] encodeInt(int i) {
        return new byte[]{(byte) (i & 255), (byte) ((65280 & i) >> 8)};
    }

    private byte[] getAAID() {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(Constant.AAID.getBytes());
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getAttestationBasicFull(byte[] bArr) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_SIGNATURE.id));
        byte[] signature = getSignature(bArr);
        byteArrayOutputStream.write(encodeInt(signature.length));
        byteArrayOutputStream.write(signature);
        byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_ATTESTATION_CERT.id));
        byte[] decode = Base64url.decode(AttestationCertificate.base64DERCert);
        byteArrayOutputStream.write(encodeInt(decode.length));
        byteArrayOutputStream.write(decode);
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getCounters() {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(encodeInt(0));
        byteArrayOutputStream.write(encodeInt(1));
        byteArrayOutputStream.write(encodeInt(0));
        byteArrayOutputStream.write(encodeInt(1));
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getFC(UafResponseData uafResponseData) {
        return SHA.sha(uafResponseData.getFcParams().getBytes(), "SHA-256");
    }

    private byte[] getKeyId() {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        String encodeToString = Base64url.encodeToString((KEY_ID_PREFIX + Base64url.encodeToString(BCrypt.gensalt().getBytes())).getBytes());
        FidoPreferences.INSTANCE.setUserKeyId(this.username, encodeToString);
        byteArrayOutputStream.write(encodeToString.getBytes());
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getPubKeyId() {
        PublicKey publicKey = this.keyPair.getPublic();
        LogUtil.INSTANCE.d(TAG, String.format("key: alg: %s enc: %s", publicKey.getAlgorithm(), publicKey.getFormat()));
        return KeyCodec.getPubKeyAsRawBytes(publicKey);
    }

    private byte[] getRegAssertion(UafResponseData uafResponseData) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_UAFV1_KRD.id));
        byte[] signedData = getSignedData(uafResponseData);
        byteArrayOutputStream.write(encodeInt(signedData.length));
        byteArrayOutputStream.write(signedData);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_ATTESTATION_BASIC_FULL.id));
        byte[] attestationBasicFull = getAttestationBasicFull(byteArray);
        byteArrayOutputStream.write(encodeInt(attestationBasicFull.length));
        byteArrayOutputStream.write(attestationBasicFull);
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getSignature(byte[] bArr) {
        FixedCertFidoAttestationSigner fixedCertFidoAttestationSigner = new FixedCertFidoAttestationSigner();
        LogUtil.INSTANCE.d(TAG, "dataForSigning : " + Base64url.encodeToString(bArr));
        byte[] signWithAttestationCert = fixedCertFidoAttestationSigner.signWithAttestationCert(bArr);
        LogUtil.INSTANCE.d(TAG, "signature: " + Base64url.encodeToString(signWithAttestationCert));
        return signWithAttestationCert;
    }

    private byte[] getSignedData(UafResponseData uafResponseData) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_AAID.id));
        byte[] aaid = getAAID();
        byteArrayOutputStream.write(encodeInt(aaid.length));
        byteArrayOutputStream.write(aaid);
        byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_ASSERTION_INFO.id));
        byte[] makeAssertionInfo = makeAssertionInfo();
        byteArrayOutputStream.write(encodeInt(makeAssertionInfo.length));
        byteArrayOutputStream.write(makeAssertionInfo);
        byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_FINAL_CHALLENGE.id));
        byte[] fc = getFC(uafResponseData);
        byteArrayOutputStream.write(encodeInt(fc.length));
        byteArrayOutputStream.write(fc);
        byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_KEYID.id));
        byte[] keyId = getKeyId();
        byteArrayOutputStream.write(encodeInt(keyId.length));
        byteArrayOutputStream.write(keyId);
        byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_COUNTERS.id));
        byte[] counters = getCounters();
        byteArrayOutputStream.write(encodeInt(counters.length));
        byteArrayOutputStream.write(counters);
        byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_PUB_KEY.id));
        byte[] pubKeyId = getPubKeyId();
        byteArrayOutputStream.write(encodeInt(pubKeyId.length));
        byteArrayOutputStream.write(pubKeyId);
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] makeAssertionInfo() {
        ByteBuffer allocate = ByteBuffer.allocate(7);
        allocate.order(ByteOrder.LITTLE_ENDIAN);
        allocate.put((byte) 0);
        allocate.put((byte) 0);
        allocate.put((byte) 1);
        allocate.putShort((short) AlgAndEncodingEnum.UAF_ALG_SIGN_SECP256R1_ECDSA_SHA256_RAW.id);
        allocate.putShort((short) AlgAndEncodingEnum.UAF_ALG_KEY_ECC_X962_RAW.id);
        return (byte[]) allocate.array().clone();
    }

    public String getAssertions(UafResponseData uafResponseData) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(encodeInt(TagsEnum.TAG_UAFV1_REG_ASSERTION.id));
        byte[] regAssertion = getRegAssertion(uafResponseData);
        byteArrayOutputStream.write(encodeInt(regAssertion.length));
        byteArrayOutputStream.write(regAssertion);
        String encodeToString = Base64url.encodeToString(byteArrayOutputStream.toByteArray());
        Tags parse = this.parser.parse(encodeToString);
        String str = new String(parse.getTags().get(Integer.valueOf(TagsEnum.TAG_AAID.id)).value);
        String str2 = new String(parse.getTags().get(Integer.valueOf(TagsEnum.TAG_KEYID.id)).value);
        LogUtil.INSTANCE.d(TAG, "assertion : " + encodeToString);
        LogUtil.INSTANCE.d(TAG, "tags: " + parse.toString());
        LogUtil.INSTANCE.d(TAG, "AAID: " + str);
        LogUtil.INSTANCE.d(TAG, "keyID: " + str2);
        return encodeToString;
    }
}
