package com.webauthn4j.test.authenticator.webauthn;

import com.webauthn4j.data.attestation.statement.AndroidKeyAttestationStatement;
import com.webauthn4j.data.attestation.statement.AttestationCertificatePath;
import com.webauthn4j.data.attestation.statement.AttestationStatement;
import com.webauthn4j.data.attestation.statement.COSEAlgorithmIdentifier;
import com.webauthn4j.test.AttestationCertificateBuilder;
import com.webauthn4j.test.TestDataUtil;
import com.webauthn4j.test.client.RegistrationEmulationOption;
import java.security.cert.X509Certificate;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DLSequence;

/* loaded from: input_file:com/webauthn4j/test/authenticator/webauthn/AndroidKeyAuthenticator.class */
public class AndroidKeyAuthenticator extends WebAuthnModelAuthenticator {
    @Override // com.webauthn4j.test.authenticator.webauthn.WebAuthnModelAuthenticator
    public AttestationStatement createAttestationStatement(AttestationStatementRequest attestationStatementRequest, RegistrationEmulationOption registrationEmulationOption) {
        return new AndroidKeyAttestationStatement(COSEAlgorithmIdentifier.ES256, registrationEmulationOption.isSignatureOverrideEnabled() ? registrationEmulationOption.getSignature() : TestDataUtil.calculateSignature(attestationStatementRequest.getCredentialKeyPair(), attestationStatementRequest.getSignedData()), new AttestationCertificatePath(getAttestationCertificate(attestationStatementRequest, registrationEmulationOption.getAttestationOption() == null ? new AndroidKeyAttestationOption() : registrationEmulationOption.getAttestationOption()), getCACertificatePath()));
    }

    @Override // com.webauthn4j.test.authenticator.webauthn.WebAuthnModelAuthenticator
    protected X509Certificate createAttestationCertificate(AttestationStatementRequest attestationStatementRequest, AttestationOption attestationOption) {
        AttestationCertificateBuilder attestationCertificateBuilder = new AttestationCertificateBuilder(getAttestationIssuerCertificate(), new X500Principal(attestationOption.getSubjectDN()), attestationStatementRequest.getCredentialKeyPair().getPublicKey());
        attestationCertificateBuilder.addExtension(new ASN1ObjectIdentifier("1.3.6.1.4.1.11129.2.1.17"), false, createKeyDescriptor(attestationStatementRequest.getClientDataHash()));
        attestationCertificateBuilder.addBasicConstraintsExtension();
        attestationCertificateBuilder.addKeyUsageExtension();
        return attestationCertificateBuilder.build(getAttestationIssuerPrivateKey());
    }

    private X509Certificate createAttestationCertificate(AttestationStatementRequest attestationStatementRequest) {
        return createAttestationCertificate(attestationStatementRequest, new AndroidKeyAttestationOption());
    }

    private ASN1Encodable createKeyDescriptor(byte[] bArr) {
        ASN1Integer aSN1Integer = new ASN1Integer(2L);
        ASN1Enumerated aSN1Enumerated = new ASN1Enumerated(0);
        ASN1Integer aSN1Integer2 = new ASN1Integer(1L);
        ASN1Enumerated aSN1Enumerated2 = new ASN1Enumerated(0);
        DEROctetString dEROctetString = new DEROctetString(bArr);
        DEROctetString dEROctetString2 = new DEROctetString(new byte[0]);
        DLSequence dLSequence = new DLSequence(new ASN1EncodableVector());
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new DERTaggedObject(702, new ASN1Integer(0L)));
        aSN1EncodableVector.add(new DERTaggedObject(1, new DERSet(new ASN1Integer(2L))));
        DLSequence dLSequence2 = new DLSequence(aSN1EncodableVector);
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        aSN1EncodableVector2.add(aSN1Integer);
        aSN1EncodableVector2.add(aSN1Enumerated);
        aSN1EncodableVector2.add(aSN1Integer2);
        aSN1EncodableVector2.add(aSN1Enumerated2);
        aSN1EncodableVector2.add(dEROctetString);
        aSN1EncodableVector2.add(dEROctetString2);
        aSN1EncodableVector2.add(dLSequence);
        aSN1EncodableVector2.add(dLSequence2);
        return new DLSequence(aSN1EncodableVector2);
    }
}
