package org.gluu.oxauth.fido2.cryptoutils;

import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.X509Certificate;
import javax.enterprise.context.ApplicationScoped;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Sequence;

@ApplicationScoped
/* loaded from: input_file:org/gluu/oxauth/fido2/cryptoutils/AndroidKeyUtils.class */
public class AndroidKeyUtils {
    public static final String KEY_DESCRIPTION_OID = "1.3.6.1.4.1.11129.2.1.17";
    public static final int ATTESTATION_VERSION_INDEX = 0;
    public static final int ATTESTATION_SECURITY_LEVEL_INDEX = 1;
    public static final int KEYMASTER_SECURITY_LEVEL_INDEX = 3;
    public static final int ATTESTATION_CHALLENGE_INDEX = 4;
    public static final int SW_ENFORCED_INDEX = 6;
    public static final int TEE_ENFORCED_INDEX = 7;
    public static final int KM_TAG_PURPOSE = 1;
    public static final int KM_TAG_ALGORITHM = 2;
    public static final int KM_TAG_KEY_SIZE = 3;
    public static final int KM_TAG_USER_AUTH_TYPE = 504;
    public static final int KM_TAG_AUTH_TIMEOUT = 505;
    public static final int KM_TAG_ORIGIN = 702;
    public static final int KM_TAG_ROLLBACK_RESISTANT = 703;
    public static final int KM_PURPOSE_SIGN = 2;
    public static final int KM_ALGORITHM_EC = 3;
    public static final int HW_AUTH_PASSWORD = 1;
    public static final int HW_AUTH_FINGERPRINT = 2;
    public static final int KM_ORIGIN_GENERATED = 0;
    public static final int KM_SECURITY_LEVEL_SOFTWARE = 0;
    public static final int KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT = 1;
    public static final int EXPECTED_ATTESTATION_VERSION = 1;

    public static int getIntegerFromAsn1(ASN1Encodable aSN1Encodable) throws Exception {
        if (aSN1Encodable instanceof ASN1Integer) {
            return bigIntegerToInt(((ASN1Integer) aSN1Encodable).getValue());
        }
        if (aSN1Encodable instanceof ASN1Enumerated) {
            return bigIntegerToInt(((ASN1Enumerated) aSN1Encodable).getValue());
        }
        throw new Exception("Integer value expected; found " + aSN1Encodable.getClass().getName() + " instead.");
    }

    public static int bigIntegerToInt(BigInteger bigInteger) throws Exception {
        if (bigInteger.compareTo(BigInteger.valueOf(2147483647L)) > 0 || bigInteger.compareTo(BigInteger.ZERO) < 0) {
            throw new Exception("INTEGER out of bounds");
        }
        return bigInteger.intValue();
    }

    public ASN1Sequence extractAttestationSequence(X509Certificate x509Certificate) throws Exception, IOException {
        byte[] extensionValue = x509Certificate.getExtensionValue(KEY_DESCRIPTION_OID);
        if (extensionValue == null || extensionValue.length == 0) {
            throw new Exception("Couldn't find the keystore attestation extension data.");
        }
        ASN1InputStream aSN1InputStream = new ASN1InputStream(extensionValue);
        try {
            ASN1InputStream aSN1InputStream2 = new ASN1InputStream(aSN1InputStream.readObject().getOctets());
            try {
                ASN1Sequence readObject = aSN1InputStream2.readObject();
                aSN1InputStream2.close();
                aSN1InputStream.close();
                return readObject;
            } finally {
            }
        } catch (Throwable th) {
            try {
                aSN1InputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }
}
