package com.microsoft.authenticator.ctap.businessLogic;

import ch.qos.logback.core.CoreConstants;
import com.microsoft.authenticator.core.algorithms.BytesUtilsKt;
import com.microsoft.authenticator.core.configuration.ExperimentationFeatureFlag;
import com.microsoft.authenticator.core.crypto.CryptoFactory;
import com.microsoft.authenticator.core.crypto.IMessageDigest;
import com.microsoft.authenticator.core.logging.BaseLogger;
import com.microsoft.authenticator.core.telemetry.TelemetryManager;
import com.microsoft.authenticator.core.telemetry.entities.SharedCoreTelemetryEvent;
import com.microsoft.authenticator.ctap.entities.AAGuid;
import com.microsoft.authenticator.ctap.entities.AadAdditionalClientData;
import com.microsoft.authenticator.ctap.entities.AttestationObject;
import com.microsoft.authenticator.ctap.entities.AttestationStatementPacked;
import com.microsoft.authenticator.ctap.entities.AttestedCredentialData;
import com.microsoft.authenticator.ctap.entities.AuthenticatorData;
import com.microsoft.authenticator.ctap.entities.COSEAlgorithmIdentifier;
import com.microsoft.authenticator.ctap.entities.COSEEllipticCurveKey;
import com.microsoft.authenticator.ctap.entities.CollectedClientData;
import com.microsoft.authenticator.ctap.entities.EllipticCurve;
import com.microsoft.authenticator.ctap.entities.FidoException;
import com.microsoft.authenticator.ctap.entities.IAdditionalClientData;
import com.microsoft.authenticator.ctap.entities.PublicKeyCredentialCreationOptions;
import com.microsoft.authenticator.ctap.entities.WebAuthNOperationType;
import com.microsoft.azure.storage.blob.BlobConstants;
import java.security.interfaces.ECPublicKey;
import java.util.Arrays;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Reflection;
import kotlin.text.Charsets;
import kotlin.text.StringsKt__StringsJVMKt;
import kotlin.text.StringsKt__StringsKt;
import kotlinx.serialization.KSerializer;
import kotlinx.serialization.Serializable;
import kotlinx.serialization.SerializationException;
import kotlinx.serialization.SerializersKt;
import kotlinx.serialization.cbor.ByteString;
import kotlinx.serialization.cbor.Cbor;
import kotlinx.serialization.descriptors.SerialDescriptor;
import kotlinx.serialization.encoding.CompositeEncoder;
import kotlinx.serialization.internal.ByteArraySerializer;
import kotlinx.serialization.internal.PluginExceptionsKt;
import kotlinx.serialization.internal.SerializationConstructorMarker;
import kotlinx.serialization.json.Json;

/* compiled from: CtapAlgorithmsUseCase.kt */
/* loaded from: classes2.dex */
public final class CtapAlgorithmsUseCase {
    private final Json kotlinJson;

    /* JADX INFO: Access modifiers changed from: private */
    /* compiled from: CtapAlgorithmsUseCase.kt */
    @Serializable
    /* loaded from: classes2.dex */
    public static final class AttestationObjectWithoutAttestationStatement {
        public static final Companion Companion = new Companion(null);
        public static final String attStmtPlaceholder = "deadbeefdeadbeef";
        private final byte[] attStmt;
        private final byte[] authenticatorDataPacked;
        private final String format;

        /* compiled from: CtapAlgorithmsUseCase.kt */
        /* loaded from: classes2.dex */
        public static final class Companion {
            private Companion() {
            }

            public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
                this();
            }

            public final KSerializer<AttestationObjectWithoutAttestationStatement> serializer() {
                return CtapAlgorithmsUseCase$AttestationObjectWithoutAttestationStatement$$serializer.INSTANCE;
            }
        }

        public /* synthetic */ AttestationObjectWithoutAttestationStatement(int i, String str, @ByteString byte[] bArr, @ByteString byte[] bArr2, SerializationConstructorMarker serializationConstructorMarker) {
            if (7 != (i & 7)) {
                PluginExceptionsKt.throwMissingFieldException(i, 7, CtapAlgorithmsUseCase$AttestationObjectWithoutAttestationStatement$$serializer.INSTANCE.getDescriptor());
            }
            this.format = str;
            this.attStmt = bArr;
            this.authenticatorDataPacked = bArr2;
        }

        public AttestationObjectWithoutAttestationStatement(String format, byte[] attStmt, byte[] authenticatorDataPacked) {
            Intrinsics.checkNotNullParameter(format, "format");
            Intrinsics.checkNotNullParameter(attStmt, "attStmt");
            Intrinsics.checkNotNullParameter(authenticatorDataPacked, "authenticatorDataPacked");
            this.format = format;
            this.attStmt = attStmt;
            this.authenticatorDataPacked = authenticatorDataPacked;
        }

        public static /* synthetic */ AttestationObjectWithoutAttestationStatement copy$default(AttestationObjectWithoutAttestationStatement attestationObjectWithoutAttestationStatement, String str, byte[] bArr, byte[] bArr2, int i, Object obj) {
            if ((i & 1) != 0) {
                str = attestationObjectWithoutAttestationStatement.format;
            }
            if ((i & 2) != 0) {
                bArr = attestationObjectWithoutAttestationStatement.attStmt;
            }
            if ((i & 4) != 0) {
                bArr2 = attestationObjectWithoutAttestationStatement.authenticatorDataPacked;
            }
            return attestationObjectWithoutAttestationStatement.copy(str, bArr, bArr2);
        }

        @ByteString
        public static /* synthetic */ void getAttStmt$annotations() {
        }

        @ByteString
        public static /* synthetic */ void getAuthenticatorDataPacked$annotations() {
        }

        public static /* synthetic */ void getFormat$annotations() {
        }

        public static final void write$Self(AttestationObjectWithoutAttestationStatement self, CompositeEncoder output, SerialDescriptor serialDesc) {
            Intrinsics.checkNotNullParameter(self, "self");
            Intrinsics.checkNotNullParameter(output, "output");
            Intrinsics.checkNotNullParameter(serialDesc, "serialDesc");
            output.encodeStringElement(serialDesc, 0, self.format);
            ByteArraySerializer byteArraySerializer = ByteArraySerializer.INSTANCE;
            output.encodeSerializableElement(serialDesc, 1, byteArraySerializer, self.attStmt);
            output.encodeSerializableElement(serialDesc, 2, byteArraySerializer, self.authenticatorDataPacked);
        }

        public final String component1() {
            return this.format;
        }

        public final byte[] component2() {
            return this.attStmt;
        }

        public final byte[] component3() {
            return this.authenticatorDataPacked;
        }

        public final AttestationObjectWithoutAttestationStatement copy(String format, byte[] attStmt, byte[] authenticatorDataPacked) {
            Intrinsics.checkNotNullParameter(format, "format");
            Intrinsics.checkNotNullParameter(attStmt, "attStmt");
            Intrinsics.checkNotNullParameter(authenticatorDataPacked, "authenticatorDataPacked");
            return new AttestationObjectWithoutAttestationStatement(format, attStmt, authenticatorDataPacked);
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (!(obj instanceof AttestationObjectWithoutAttestationStatement)) {
                return false;
            }
            AttestationObjectWithoutAttestationStatement attestationObjectWithoutAttestationStatement = (AttestationObjectWithoutAttestationStatement) obj;
            return Intrinsics.areEqual(this.format, attestationObjectWithoutAttestationStatement.format) && Intrinsics.areEqual(this.attStmt, attestationObjectWithoutAttestationStatement.attStmt) && Intrinsics.areEqual(this.authenticatorDataPacked, attestationObjectWithoutAttestationStatement.authenticatorDataPacked);
        }

        public final byte[] getAttStmt() {
            return this.attStmt;
        }

        public final byte[] getAuthenticatorDataPacked() {
            return this.authenticatorDataPacked;
        }

        public final String getFormat() {
            return this.format;
        }

        public int hashCode() {
            return (((this.format.hashCode() * 31) + Arrays.hashCode(this.attStmt)) * 31) + Arrays.hashCode(this.authenticatorDataPacked);
        }

        public String toString() {
            return "AttestationObjectWithoutAttestationStatement(format=" + this.format + ", attStmt=" + Arrays.toString(this.attStmt) + ", authenticatorDataPacked=" + Arrays.toString(this.authenticatorDataPacked) + CoreConstants.RIGHT_PARENTHESIS_CHAR;
        }
    }

    /* compiled from: CtapAlgorithmsUseCase.kt */
    /* loaded from: classes2.dex */
    public /* synthetic */ class WhenMappings {
        public static final /* synthetic */ int[] $EnumSwitchMapping$0;

        static {
            int[] iArr = new int[PublicKeyCredentialCreationOptions.Attestation.values().length];
            try {
                iArr[PublicKeyCredentialCreationOptions.Attestation.NONE.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                iArr[PublicKeyCredentialCreationOptions.Attestation.DIRECT.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            $EnumSwitchMapping$0 = iArr;
        }
    }

    public CtapAlgorithmsUseCase(Json kotlinJson) {
        Intrinsics.checkNotNullParameter(kotlinJson, "kotlinJson");
        this.kotlinJson = kotlinJson;
    }

    private final String cborHexEncodeExceptAttStmt(PublicKeyCredentialCreationOptions.Attestation attestation, byte[] bArr) {
        Cbor.Companion companion = Cbor.INSTANCE;
        AttestationObjectWithoutAttestationStatement attestationObjectWithoutAttestationStatement = new AttestationObjectWithoutAttestationStatement(attestation == PublicKeyCredentialCreationOptions.Attestation.DIRECT ? AttestationObject.FormatType.PACKED.getValue() : AttestationObject.FormatType.NONE.getValue(), BytesUtilsKt.decodeHex(AttestationObjectWithoutAttestationStatement.attStmtPlaceholder), bArr);
        KSerializer<Object> serializer = SerializersKt.serializer(companion.getSerializersModule(), Reflection.typeOf(AttestationObjectWithoutAttestationStatement.class));
        Intrinsics.checkNotNull(serializer, "null cannot be cast to non-null type kotlinx.serialization.KSerializer<T of kotlinx.serialization.internal.Platform_commonKt.cast>");
        return BytesUtilsKt.toHex(companion.encodeToByteArray(serializer, attestationObjectWithoutAttestationStatement));
    }

    private final String replaceAttestationStatementPlaceHolder(String str, AttestationObject attestationObject) {
        CharSequence removeRange;
        String replace$default;
        Cbor.Companion companion = Cbor.INSTANCE;
        AttestationStatementPacked attestationStatementPacked = attestationObject.getAttestationStatementPacked();
        KSerializer<Object> serializer = SerializersKt.serializer(companion.getSerializersModule(), Reflection.typeOf(AttestationStatementPacked.class));
        Intrinsics.checkNotNull(serializer, "null cannot be cast to non-null type kotlinx.serialization.KSerializer<T of kotlinx.serialization.internal.Platform_commonKt.cast>");
        StringBuilder sb = new StringBuilder(BytesUtilsKt.toHex(companion.encodeToByteArray(serializer, attestationStatementPacked)));
        sb.setCharAt(0, 'a');
        sb.setCharAt(1, '2');
        removeRange = StringsKt__StringsKt.removeRange(sb, sb.length() - 2, sb.length());
        replace$default = StringsKt__StringsJVMKt.replace$default(str, "48deadbeefdeadbeef", removeRange.toString(), false, 4, (Object) null);
        return replace$default;
    }

    public final CollectedClientData buildCollectedClientData(String base64EncodedChallenge, String origin, IAdditionalClientData iAdditionalClientData) throws FidoException {
        Intrinsics.checkNotNullParameter(base64EncodedChallenge, "base64EncodedChallenge");
        Intrinsics.checkNotNullParameter(origin, "origin");
        if (iAdditionalClientData instanceof AadAdditionalClientData) {
            AadAdditionalClientData aadAdditionalClientData = (AadAdditionalClientData) iAdditionalClientData;
            return new CollectedClientData(base64EncodedChallenge, origin, WebAuthNOperationType.WEB_AUTH_N_GET, aadAdditionalClientData.getAuthenticatorPolicyChannel(), aadAdditionalClientData.getDeviceId());
        }
        if (iAdditionalClientData == null) {
            return new CollectedClientData(base64EncodedChallenge, origin, WebAuthNOperationType.WEB_AUTH_N_GET, (String) null, (String) null, 24, (DefaultConstructorMarker) null);
        }
        BaseLogger.e("Unexpected AdditionalClientData format");
        throw new FidoException("Unexpected AdditionalClientData format");
    }

    public final byte[] encodeAttestationObject(AttestationObject attestationObject) throws FidoException {
        Intrinsics.checkNotNullParameter(attestationObject, "attestationObject");
        try {
            if (attestationObject.getAttestationType() == null) {
                AttestedCredentialData attestedCredentialData = attestationObject.getAuthData().getAttestedCredentialData();
                if (Intrinsics.areEqual(attestedCredentialData != null ? attestedCredentialData.getAaGuid() : null, AAGuid.NGC.getValue()) && !ExperimentationFeatureFlag.Companion.isFeatureEnabled(ExperimentationFeatureFlag.PSI_V2_AUTOMATED_CBOR)) {
                    TelemetryManager.Companion.getInstance().trackEvent(SharedCoreTelemetryEvent.PsiV2CborValueProducedManually);
                    return encodeAttestationObjectManually(attestationObject);
                }
            }
            return attestationObject.encodeToByteArray();
        } catch (FidoException e) {
            throw new FidoException(e, "Attestation object cbor encoding failed.");
        }
    }

    public final byte[] encodeAttestationObjectManually(AttestationObject attestationObject) throws FidoException {
        CharSequence removeRange;
        String replace$default;
        Intrinsics.checkNotNullParameter(attestationObject, "attestationObject");
        try {
            StringBuilder sb = new StringBuilder(cborHexEncodeExceptAttStmt(attestationObject.getAttestationType(), AuthenticatorData.Companion.packAuthenticatorData(attestationObject.getAuthData())));
            sb.setCharAt(0, 'a');
            sb.setCharAt(1, '3');
            removeRange = StringsKt__StringsKt.removeRange(sb, sb.length() - 2, sb.length());
            String obj = removeRange.toString();
            PublicKeyCredentialCreationOptions.Attestation attestationType = attestationObject.getAttestationType();
            int i = attestationType == null ? -1 : WhenMappings.$EnumSwitchMapping$0[attestationType.ordinal()];
            if (i == 1) {
                replace$default = StringsKt__StringsJVMKt.replace$default(obj, "48deadbeefdeadbeef", "a0", false, 4, (Object) null);
            } else {
                if (i != 2) {
                    if (attestationObject.getAttestationType() == null) {
                        AttestedCredentialData attestedCredentialData = attestationObject.getAuthData().getAttestedCredentialData();
                        if (Intrinsics.areEqual(attestedCredentialData != null ? attestedCredentialData.getAaGuid() : null, AAGuid.NGC.getValue())) {
                            replace$default = replaceAttestationStatementPlaceHolder(obj, attestationObject);
                        }
                    }
                    if (attestationObject.getAttestationType() == null) {
                        throw new FidoException("Cannot encode with empty AttestationType.");
                    }
                    throw new FidoException("Cannot encode with AttestationType:" + attestationObject.getAttestationType() + '.');
                }
                replace$default = replaceAttestationStatementPlaceHolder(obj, attestationObject);
            }
            return BytesUtilsKt.decodeHex(replace$default);
        } catch (SerializationException unused) {
            throw new FidoException("Could not encode AttestationObject");
        }
    }

    public final String encodeToJsonUnescapeSlash(CollectedClientData clientData) throws FidoException {
        String replace;
        Intrinsics.checkNotNullParameter(clientData, "clientData");
        try {
            Json json = this.kotlinJson;
            KSerializer<Object> serializer = SerializersKt.serializer(json.getSerializersModule(), Reflection.typeOf(CollectedClientData.class));
            Intrinsics.checkNotNull(serializer, "null cannot be cast to non-null type kotlinx.serialization.KSerializer<T of kotlinx.serialization.internal.Platform_commonKt.cast>");
            replace = StringsKt__StringsJVMKt.replace(json.encodeToString(serializer, clientData), "\\/", BlobConstants.DEFAULT_DELIMITER, false);
            if (replace.length() == 0) {
                throw new FidoException("Invalid JSON representation for CollectedClientData");
            }
            return replace;
        } catch (SerializationException unused) {
            throw new FidoException("Could not encode CollectedClientData");
        }
    }

    public final byte[] generateEccKeyData(ECPublicKey ecPublicKey) {
        Intrinsics.checkNotNullParameter(ecPublicKey, "ecPublicKey");
        COSEAlgorithmIdentifier cOSEAlgorithmIdentifier = COSEAlgorithmIdentifier.ES256;
        EllipticCurve ellipticCurve = EllipticCurve.P256;
        byte[] byteArray = ecPublicKey.getW().getAffineX().toByteArray();
        Intrinsics.checkNotNullExpressionValue(byteArray, "ecPublicKey.w.affineX.toByteArray()");
        byte[] byteArray2 = ecPublicKey.getW().getAffineY().toByteArray();
        Intrinsics.checkNotNullExpressionValue(byteArray2, "ecPublicKey.w.affineY.toByteArray()");
        return new COSEEllipticCurveKey(cOSEAlgorithmIdentifier, ellipticCurve, byteArray, byteArray2).encodeToByteArray();
    }

    public final byte[] getSha256Hash(String clientDataBytes) {
        Intrinsics.checkNotNullParameter(clientDataBytes, "clientDataBytes");
        IMessageDigest buildMessageDigest = CryptoFactory.Companion.getInstance().buildMessageDigest("SHA-256");
        byte[] bytes = clientDataBytes.getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
        buildMessageDigest.update(bytes);
        return buildMessageDigest.digest();
    }
}
