package org.ebayopensource.fidouaf.marvin.client;

import android.util.Base64;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.logging.Logger;
import org.ebayopensource.fidouaf.marvin.client.crypto.SHA;
import org.ebayopensource.fidouaf.marvin.client.exception.UafAuthenticationException;
import org.ebayopensource.fidouaf.marvin.client.msg.AuthenticationResponse;
import org.ebayopensource.fidouaf.marvin.client.tlv.TagsEnum;
import org.ebayopensource.fidouaf.marvin.client.tlv.UnsignedUtil;

/* loaded from: classes2.dex */
public class AuthAssertionBuilder {
    private static final int BCRYPT_SALT_LEN = 16;
    private static final int GENSALT_DEFAULT_LOG2_ROUNDS = 10;
    private Logger logger = Logger.getLogger(getClass().getName());
    private OperationalParamsIntf operationalParams;

    private static String gensalt(int i, SecureRandom secureRandom) {
        if (i < 4 || i > 31) {
            throw new IllegalArgumentException("Bad number of rounds");
        }
        StringBuilder sb = new StringBuilder();
        byte[] bArr = new byte[16];
        secureRandom.nextBytes(bArr);
        sb.append("$2a$");
        if (i < 10) {
            sb.append("0");
        }
        sb.append(i);
        sb.append("$");
        sb.append(Base64.encodeToString(bArr, 0));
        return sb.toString();
    }

    private byte[] getAAID() throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(this.operationalParams.getAAID().getBytes());
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getAuthAssertion(AuthenticationResponse authenticationResponse) throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(TagsEnum.TAG_UAFV1_SIGNED_DATA.id));
        byte[] signedData = getSignedData(authenticationResponse);
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(signedData.length));
        byteArrayOutputStream.write(signedData);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(TagsEnum.TAG_SIGNATURE.id));
        byte[] signature = this.operationalParams.getSignature(byteArray, this.operationalParams.getKeyId(authenticationResponse.header.appID));
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(signature.length));
        byteArrayOutputStream.write(signature);
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getCounters() throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(0));
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(1));
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getFC(AuthenticationResponse authenticationResponse) throws NoSuchAlgorithmException {
        return SHA.sha(authenticationResponse.fcParams.getBytes(), "SHA-256");
    }

    private byte[] getKeyId(String str) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(Base64.encodeToString(this.operationalParams.getKeyId(str).getBytes(), 8).getBytes());
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] getSignedData(AuthenticationResponse authenticationResponse) throws IOException, NoSuchAlgorithmException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(TagsEnum.TAG_AAID.id));
        byte[] aaid = getAAID();
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(aaid.length));
        byteArrayOutputStream.write(aaid);
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(TagsEnum.TAG_ASSERTION_INFO.id));
        byte[] bArr = {0, 0, 1, 1, 0};
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(bArr.length));
        byteArrayOutputStream.write(bArr);
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(TagsEnum.TAG_AUTHENTICATOR_NONCE.id));
        byte[] bytes = SHA.sha256(gensalt(10, new SecureRandom())).getBytes();
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(bytes.length));
        byteArrayOutputStream.write(bytes);
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(TagsEnum.TAG_FINAL_CHALLENGE.id));
        byte[] fc = getFC(authenticationResponse);
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(fc.length));
        byteArrayOutputStream.write(fc);
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(TagsEnum.TAG_TRANSACTION_CONTENT_HASH.id));
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(0));
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(TagsEnum.TAG_KEYID.id));
        byte[] keyId = getKeyId(authenticationResponse.header.appID);
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(keyId.length));
        byteArrayOutputStream.write(keyId);
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(TagsEnum.TAG_COUNTERS.id));
        byte[] counters = getCounters();
        byteArrayOutputStream.write(UnsignedUtil.encodeInt(counters.length));
        byteArrayOutputStream.write(counters);
        return byteArrayOutputStream.toByteArray();
    }

    public String getAssertions(AuthenticationResponse authenticationResponse, OperationalParamsIntf operationalParamsIntf) throws UafAuthenticationException {
        try {
            this.operationalParams = operationalParamsIntf;
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write(UnsignedUtil.encodeInt(TagsEnum.TAG_UAFV1_AUTH_ASSERTION.id));
            byte[] authAssertion = getAuthAssertion(authenticationResponse);
            byteArrayOutputStream.write(UnsignedUtil.encodeInt(authAssertion.length));
            byteArrayOutputStream.write(authAssertion);
            String encodeToString = Base64.encodeToString(byteArrayOutputStream.toByteArray(), 1);
            this.logger.info(" : assertion : " + encodeToString);
            return encodeToString;
        } catch (Exception e) {
            throw new UafAuthenticationException(e);
        }
    }
}
