package de.cotech.hw.fido2.internal.operations.ctap1;

import de.cotech.hw.fido2.PublicKeyCredential;
import de.cotech.hw.fido2.PublicKeyCredentialCreate;
import de.cotech.hw.fido2.domain.PublicKeyCredentialParameters;
import de.cotech.hw.fido2.domain.PublicKeyCredentialType;
import de.cotech.hw.fido2.domain.create.AttestationConveyancePreference;
import de.cotech.hw.fido2.domain.create.AttestationObject;
import de.cotech.hw.fido2.domain.create.AttestedCredentialData;
import de.cotech.hw.fido2.domain.create.AuthenticatorAttestationResponse;
import de.cotech.hw.fido2.domain.create.AuthenticatorData;
import de.cotech.hw.fido2.internal.Fido2AppletConnection;
import de.cotech.hw.fido2.internal.Fido2CommandApduFactory;
import de.cotech.hw.fido2.internal.cbor.CborAttestationObjectSerializer;
import de.cotech.hw.fido2.internal.cbor.CborCtap1AttestationStatementUtil;
import de.cotech.hw.fido2.internal.cose.CoseIdentifiers;
import de.cotech.hw.fido2.internal.cose.CosePublicKeyUtils;
import de.cotech.hw.fido2.internal.ctap2.commands.makeCredential.AuthenticatorMakeCredential;
import de.cotech.hw.fido2.internal.operations.WebauthnSecurityKeyOperation;
import de.cotech.hw.fido2.internal.operations.ctap2.AuthenticatorMakeCredentialOperation;
import de.cotech.hw.fido2.internal.webauthn.AuthenticatorDataParser;
import de.cotech.hw.internal.iso7816.CommandApdu;
import de.cotech.hw.internal.iso7816.ResponseApdu;
import de.cotech.hw.util.Arrays;
import de.cotech.hw.util.HashUtil;
import de.cotech.hw.util.HwTimber;
import java.io.IOException;
import java.util.List;
import java.util.Map;

/* loaded from: classes2.dex */
public class AuthenticatorMakeCredentialCtap1Operation extends WebauthnSecurityKeyOperation<PublicKeyCredential, PublicKeyCredentialCreate> {
    private static final CoseIdentifiers.CoseAlg COSE_ALG_FALLBACK = CoseIdentifiers.CoseAlg.ES256;
    private final AuthenticatorMakeCredentialOperation ctap2Operation;
    private final Fido2CommandApduFactory fido2CommandApduFactory = new Fido2CommandApduFactory();
    private final AuthenticatorDataParser authenticatorDataParser = new AuthenticatorDataParser();

    public AuthenticatorMakeCredentialCtap1Operation(AuthenticatorMakeCredentialOperation authenticatorMakeCredentialOperation) {
        this.ctap2Operation = authenticatorMakeCredentialOperation;
    }

    private AttestationObject createAttestationObject(AttestationConveyancePreference attestationConveyancePreference, AuthenticatorData authenticatorData, U2fRegisterResponse u2fRegisterResponse) {
        byte[] bytes = this.authenticatorDataParser.toBytes(authenticatorData);
        return attestationConveyancePreference == AttestationConveyancePreference.DIRECT ? AttestationObject.create("fido-u2f", bytes, CborCtap1AttestationStatementUtil.toAttestionStatement(u2fRegisterResponse.attestationCertificate(), u2fRegisterResponse.signature())) : AttestationObject.create("none", bytes, CborCtap1AttestationStatementUtil.emptyAttestationStatement());
    }

    private CommandApdu createCtap1CommandApdu(AuthenticatorMakeCredential authenticatorMakeCredential, byte[] bArr) {
        return this.fido2CommandApduFactory.createRegistrationCommand(Arrays.concatenate(authenticatorMakeCredential.clientDataHash(), bArr));
    }

    private PublicKeyCredential ctap1ResponseApduToWebauthnResponse(AuthenticatorMakeCredential authenticatorMakeCredential, byte[] bArr, AttestationConveyancePreference attestationConveyancePreference, ResponseApdu responseApdu) throws IOException {
        U2fRegisterResponse fromBytes = U2fRegisterResponse.fromBytes(responseApdu.getData());
        AuthenticatorData create = AuthenticatorData.create(bArr, (byte) 65, 0, AttestedCredentialData.create(new byte[16], fromBytes.keyHandle(), CosePublicKeyUtils.encodex962PublicKeyAsCose(fromBytes.publicKey(), findPublicKeyAlgorithm(authenticatorMakeCredential.pubKeyCredParams()))), null);
        AttestationObject createAttestationObject = createAttestationObject(attestationConveyancePreference, create, fromBytes);
        return PublicKeyCredential.create(create.attestedCredentialData().credentialId(), AuthenticatorAttestationResponse.create(authenticatorMakeCredential.clientDataJson().getBytes(), new CborAttestationObjectSerializer().serializeAttestationObject(createAttestationObject)));
    }

    private CoseIdentifiers.CoseAlg findPublicKeyAlgorithm(List<PublicKeyCredentialParameters> list) {
        if (list.size() == 0) {
            HwTimber.e("Malformed MakeCredential request: Missing pubKeyCredParams. Assuming public-key type with ES256 algorithm.", new Object[0]);
            return COSE_ALG_FALLBACK;
        }
        Map<PublicKeyCredentialType, CoseIdentifiers.CoseAlg> parameters = list.get(0).parameters();
        if (parameters.containsKey(PublicKeyCredentialType.PUBLIC_KEY)) {
            return parameters.get(PublicKeyCredentialType.PUBLIC_KEY);
        }
        HwTimber.e("Malformed MakeCredential request: Missing public-key param in pubKeyCredParams. Assuming public-key type with ES256 algorithm.", new Object[0]);
        return COSE_ALG_FALLBACK;
    }

    @Override // de.cotech.hw.fido2.internal.operations.WebauthnSecurityKeyOperation
    public PublicKeyCredential performWebauthnSecurityKeyOperation(Fido2AppletConnection fido2AppletConnection, PublicKeyCredentialCreate publicKeyCredentialCreate) throws IOException {
        AuthenticatorMakeCredential webauthnToCtap2Command = this.ctap2Operation.webauthnToCtap2Command(publicKeyCredentialCreate, null);
        byte[] sha256 = HashUtil.sha256(webauthnToCtap2Command.rp().id());
        return ctap1ResponseApduToWebauthnResponse(webauthnToCtap2Command, sha256, publicKeyCredentialCreate.options().attestation(), fido2AppletConnection.communicateOrThrow(createCtap1CommandApdu(webauthnToCtap2Command, sha256)));
    }
}
