package de.culture4life.luca.document.provider.baercode;

import com.fasterxml.jackson.databind.l;
import com.fasterxml.jackson.databind.t;
import de.culture4life.luca.crypto.AsymmetricCipherProvider;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.PublicKey;
import java.security.Signature;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.DERSequence;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class CoseMessage {
    public static final t MAPPER = new mf.a();
    private static final HashMap<Integer, String> algorithms = new HashMap() { // from class: de.culture4life.luca.document.provider.baercode.CoseMessage.1
        {
            put(-7, AsymmetricCipherProvider.SIGNATURE_ALGORITHM);
            put(-36, "SHA512withECDSA");
            put(-35, "SHA384withECDSA");
        }
    };
    private int algorithm;
    private l coseEncrypt0;
    private l coseSignMessage;
    private byte[] plaintext;
    protected byte[] signature;

    public CoseMessage(byte[] bArr) {
        parse(bArr);
    }

    private byte[] createAAD() {
        byte[] A = this.coseEncrypt0.I(0).A();
        ArrayList arrayList = new ArrayList();
        arrayList.add("Encrypt0");
        arrayList.add(A);
        arrayList.add(new byte[0]);
        return MAPPER.writeValueAsBytes(arrayList);
    }

    private byte[] createSignatureStructure() {
        byte[] A = this.coseSignMessage.I(3).I(0).I(0).A();
        ArrayList arrayList = new ArrayList();
        arrayList.add("Signature");
        arrayList.add(new byte[0]);
        arrayList.add(A);
        arrayList.add(new byte[0]);
        arrayList.add(this.plaintext);
        return MAPPER.writeValueAsBytes(arrayList);
    }

    private void parse(byte[] bArr) {
        t tVar = MAPPER;
        l readTree = tVar.readTree(bArr);
        this.coseSignMessage = readTree;
        this.plaintext = readTree.I(2).A();
        this.signature = this.coseSignMessage.I(3).I(0).I(2).A();
        this.algorithm = tVar.readTree(this.coseSignMessage.I(3).I(0).I(0).A()).J("1").t();
        this.coseEncrypt0 = tVar.readTree(this.coseSignMessage.I(2).A());
    }

    private static byte[] toDERSignature(byte[] bArr) {
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 0, bArr.length / 2);
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr, bArr.length / 2, bArr.length);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ASN1OutputStream create = ASN1OutputStream.create(byteArrayOutputStream, ASN1Encoding.DER);
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ASN1Integer(new BigInteger(1, copyOfRange)));
        aSN1EncodableVector.add(new ASN1Integer(new BigInteger(1, copyOfRange2)));
        create.writeObject((ASN1Primitive) new DERSequence(aSN1EncodableVector));
        create.close();
        return byteArrayOutputStream.toByteArray();
    }

    public byte[] decodeCypherText(BaercodeKey baercodeKey) {
        byte[] A = this.coseEncrypt0.I(2).A();
        byte[] A2 = this.coseEncrypt0.I(1).J("5").A();
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(2, new SecretKeySpec(baercodeKey.getAesKey(), "AES"), new IvParameterSpec(A2));
        cipher.updateAAD(createAAD());
        return cipher.doFinal(A);
    }

    public l getCoseSignMessage() {
        return this.coseSignMessage;
    }

    public boolean verify(PublicKey publicKey) {
        byte[] createSignatureStructure = createSignatureStructure();
        HashMap<Integer, String> hashMap = algorithms;
        if (!hashMap.containsKey(Integer.valueOf(this.algorithm))) {
            throw new IllegalArgumentException(String.format("Unknown algorithm %d", Integer.valueOf(this.algorithm)));
        }
        Signature signature = Signature.getInstance(hashMap.get(Integer.valueOf(this.algorithm)));
        signature.initVerify(publicKey);
        signature.update(createSignatureStructure);
        return signature.verify(toDERSignature(this.signature));
    }
}
