package org.gluu.oxauth.fido2.service;

import com.fasterxml.jackson.databind.JsonNode;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.security.AlgorithmParameters;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import org.apache.commons.codec.binary.Hex;
import org.gluu.oxauth.fido2.ctap.CoseEC2Algorithm;
import org.gluu.oxauth.fido2.ctap.CoseKeyType;
import org.gluu.oxauth.fido2.ctap.CoseRSAAlgorithm;
import org.gluu.oxauth.fido2.exception.Fido2RPRuntimeException;
import org.slf4j.Logger;

@ApplicationScoped
/* loaded from: input_file:org/gluu/oxauth/fido2/service/CoseService.class */
public class CoseService {
    private static final byte UNCOMPRESSED_POINT_INDICATOR = 4;

    @Inject
    private Logger log;

    @Inject
    private Base64Service base64Service;

    @Inject
    private DataMapperService dataMapperService;

    private static String convertCoseCurveToSunCurveName(int i) {
        switch (i) {
            case 1:
                return "secp256r1";
            default:
                throw new Fido2RPRuntimeException("Unsupported curve");
        }
    }

    public int getCodeCurve(JsonNode jsonNode) {
        return jsonNode.get("-1").asInt();
    }

    public PublicKey createUncompressedPointFromCOSEPublicKey(JsonNode jsonNode) {
        int asInt = jsonNode.get("1").asInt();
        int asInt2 = jsonNode.get("3").asInt();
        CoseKeyType fromNumericValue = CoseKeyType.fromNumericValue(asInt);
        switch (fromNumericValue) {
            case RSA:
                switch (CoseRSAAlgorithm.fromNumericValue(asInt2)) {
                    case RS65535:
                    case RS256:
                        return convertUncompressedPointToRSAKey(this.base64Service.decode(jsonNode.get("-1").asText()), this.base64Service.decode(jsonNode.get("-2").asText()));
                    default:
                        throw new Fido2RPRuntimeException("Don't know what to do with this key" + fromNumericValue);
                }
            case EC2:
                CoseEC2Algorithm fromNumericValue2 = CoseEC2Algorithm.fromNumericValue(asInt2);
                switch (fromNumericValue2) {
                    case ES256:
                        int asInt3 = jsonNode.get("-1").asInt();
                        byte[] decode = this.base64Service.decode(jsonNode.get("-2").asText());
                        byte[] decode2 = this.base64Service.decode(jsonNode.get("-3").asText());
                        return convertUncompressedPointToECKey(ByteBuffer.allocate(1 + decode.length + decode2.length).put((byte) 4).put(decode).put(decode2).array(), asInt3);
                    default:
                        throw new Fido2RPRuntimeException("Don't know what to do with this key" + fromNumericValue + " and algorithm " + fromNumericValue2);
                }
            case OKP:
                throw new Fido2RPRuntimeException("Don't know what to do with this key" + fromNumericValue);
            default:
                throw new Fido2RPRuntimeException("Don't know what to do with this key" + fromNumericValue);
        }
    }

    private PublicKey convertUncompressedPointToRSAKey(byte[] bArr, byte[] bArr2) {
        try {
            return KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(1, bArr), new BigInteger(1, bArr2)));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            this.log.error("Problem here ", e);
            throw new Fido2RPRuntimeException(e.getMessage());
        }
    }

    public ECPublicKey convertUncompressedPointToECKey(byte[] bArr, int i) {
        try {
            AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance("EC");
            algorithmParameters.init(new ECGenParameterSpec(convertCoseCurveToSunCurveName(i)));
            ECParameterSpec eCParameterSpec = (ECParameterSpec) algorithmParameters.getParameterSpec(ECParameterSpec.class);
            int i2 = 0 + 1;
            if (bArr[0] != 4) {
                throw new IllegalArgumentException("Invalid uncompressedPoint encoding, no uncompressed point indicator");
            }
            int bitLength = ((eCParameterSpec.getOrder().bitLength() + 8) - 1) / 8;
            if (bArr.length != 1 + (2 * bitLength)) {
                throw new IllegalArgumentException("Invalid uncompressedPoint encoding, not the correct size");
            }
            BigInteger bigInteger = new BigInteger(1, Arrays.copyOfRange(bArr, i2, i2 + bitLength));
            int i3 = i2 + bitLength;
            return (ECPublicKey) KeyFactory.getInstance("EC").generatePublic(new ECPublicKeySpec(new ECPoint(bigInteger, new BigInteger(1, Arrays.copyOfRange(bArr, i3, i3 + bitLength))), eCParameterSpec));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException | InvalidParameterSpecException e) {
            throw new Fido2RPRuntimeException(e.getMessage());
        }
    }

    public PublicKey getPublicKeyFromUncompressedECPoint(byte[] bArr) {
        try {
            JsonNode cborReadTree = this.dataMapperService.cborReadTree(bArr);
            this.log.debug("Uncompressed ECpoint node {}", cborReadTree.toString());
            PublicKey createUncompressedPointFromCOSEPublicKey = createUncompressedPointFromCOSEPublicKey(cborReadTree);
            this.log.debug("EC Public key hex {}", Hex.encodeHexString(createUncompressedPointFromCOSEPublicKey.getEncoded()));
            return createUncompressedPointFromCOSEPublicKey;
        } catch (IOException e) {
            throw new Fido2RPRuntimeException("Unable to parse the structure");
        }
    }
}
