package org.gluu.oxauth.fido2.service.processors.impl;

import com.fasterxml.jackson.databind.JsonNode;
import java.security.PublicKey;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.gluu.oxauth.fido2.cryptoutils.CoseService;
import org.gluu.oxauth.fido2.ctap.AttestationFormat;
import org.gluu.oxauth.fido2.exception.Fido2RPRuntimeException;
import org.gluu.oxauth.fido2.model.auth.AuthData;
import org.gluu.oxauth.fido2.model.entry.Fido2AuthenticationData;
import org.gluu.oxauth.fido2.model.entry.Fido2RegistrationData;
import org.gluu.oxauth.fido2.service.AuthenticatorDataParser;
import org.gluu.oxauth.fido2.service.Base64Service;
import org.gluu.oxauth.fido2.service.DataMapperService;
import org.gluu.oxauth.fido2.service.verifier.CommonVerifiers;
import org.slf4j.Logger;

@ApplicationScoped
/* loaded from: input_file:org/gluu/oxauth/fido2/service/processors/impl/U2FAssertionFormatProcessor.class */
public class U2FAssertionFormatProcessor implements AssertionFormatProcessor {

    @Inject
    private Logger log;

    @Inject
    private CoseService coseService;

    @Inject
    private CommonVerifiers commonVerifiers;

    @Inject
    private AuthenticatorDataParser authenticatorDataParser;

    @Inject
    private DataMapperService dataMapperService;

    @Inject
    private Base64Service base64Service;

    @Override // org.gluu.oxauth.fido2.service.processors.impl.AssertionFormatProcessor
    public AttestationFormat getAttestationFormat() {
        return AttestationFormat.fido_u2f;
    }

    @Override // org.gluu.oxauth.fido2.service.processors.impl.AssertionFormatProcessor
    public void process(String str, String str2, String str3, Fido2RegistrationData fido2RegistrationData, Fido2AuthenticationData fido2AuthenticationData) {
        AuthData parseAssertionData = this.authenticatorDataParser.parseAssertionData(str);
        this.commonVerifiers.verifyUserPresent(parseAssertionData);
        byte[] digest = DigestUtils.getSha256Digest().digest(this.base64Service.urlDecode(str3));
        try {
            JsonNode cborReadTree = this.dataMapperService.cborReadTree(this.base64Service.urlDecode(fido2RegistrationData.getUncompressedECPoint()));
            PublicKey createUncompressedPointFromCOSEPublicKey = this.coseService.createUncompressedPointFromCOSEPublicKey(cborReadTree);
            this.coseService.getCodeCurve(cborReadTree);
            this.log.info("Uncompressed ECpoint node {}", cborReadTree.toString());
            this.log.info("Public key hex {}", Hex.encodeHexString(createUncompressedPointFromCOSEPublicKey.getEncoded()));
            this.commonVerifiers.verifyAssertionSignature(parseAssertionData, digest, str2, createUncompressedPointFromCOSEPublicKey, fido2RegistrationData.getSignatureAlgorithm());
            int parseCounter = this.authenticatorDataParser.parseCounter(parseAssertionData.getCounters());
            this.commonVerifiers.verifyCounter(fido2RegistrationData.getCounter(), parseCounter);
            fido2RegistrationData.setCounter(parseCounter);
        } catch (Exception e) {
            throw new Fido2RPRuntimeException("General server error " + e.getMessage());
        }
    }
}
