package io.quarkus.security.webauthn;

import com.webauthn4j.credential.CredentialRecordImpl;
import com.webauthn4j.data.AuthenticatorTransport;
import com.webauthn4j.data.attestation.AttestationObject;
import com.webauthn4j.data.attestation.authenticator.AAGUID;
import com.webauthn4j.data.attestation.authenticator.AttestedCredentialData;
import com.webauthn4j.data.attestation.authenticator.EC2COSEKey;
import com.webauthn4j.data.attestation.authenticator.EdDSACOSEKey;
import com.webauthn4j.data.attestation.authenticator.RSACOSEKey;
import com.webauthn4j.data.attestation.statement.AttestationStatement;
import com.webauthn4j.data.attestation.statement.COSEAlgorithmIdentifier;
import com.webauthn4j.data.attestation.statement.COSEKeyType;
import com.webauthn4j.data.client.CollectedClientData;
import com.webauthn4j.data.extension.authenticator.AuthenticationExtensionsAuthenticatorOutputs;
import com.webauthn4j.data.extension.client.AuthenticationExtensionsClientOutputs;
import com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput;
import com.webauthn4j.util.Base64UrlUtil;
import io.vertx.ext.auth.impl.Codec;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.runtime.ObjectMethods;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.EdECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.Set;
import java.util.UUID;

/* loaded from: input_file:io/quarkus/security/webauthn/WebAuthnCredentialRecord.class */
public class WebAuthnCredentialRecord extends CredentialRecordImpl {
    private String username;

    /* renamed from: io.quarkus.security.webauthn.WebAuthnCredentialRecord$1, reason: invalid class name */
    /* loaded from: input_file:io/quarkus/security/webauthn/WebAuthnCredentialRecord$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$webauthn4j$data$attestation$statement$COSEKeyType = new int[COSEKeyType.values().length];

        static {
            try {
                $SwitchMap$com$webauthn4j$data$attestation$statement$COSEKeyType[COSEKeyType.EC2.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$webauthn4j$data$attestation$statement$COSEKeyType[COSEKeyType.OKP.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$webauthn4j$data$attestation$statement$COSEKeyType[COSEKeyType.RSA.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    /* loaded from: input_file:io/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData.class */
    public static final class RequiredPersistedData extends Record {
        private final String username;
        private final String credentialId;
        private final UUID aaguid;
        private final byte[] publicKey;
        private final long publicKeyAlgorithm;
        private final long counter;

        public RequiredPersistedData(String str, String str2, UUID uuid, byte[] bArr, long j, long j2) {
            this.username = str;
            this.credentialId = str2;
            this.aaguid = uuid;
            this.publicKey = bArr;
            this.publicKeyAlgorithm = j;
            this.counter = j2;
        }

        public String getPublicKeyPEM() {
            return "-----BEGIN PUBLIC KEY-----\n" + Base64.getEncoder().encodeToString(this.publicKey) + "\n-----END PUBLIC KEY-----\n";
        }

        @Override // java.lang.Record
        public final String toString() {
            return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, RequiredPersistedData.class), RequiredPersistedData.class, "username;credentialId;aaguid;publicKey;publicKeyAlgorithm;counter", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->username:Ljava/lang/String;", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->credentialId:Ljava/lang/String;", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->aaguid:Ljava/util/UUID;", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->publicKey:[B", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->publicKeyAlgorithm:J", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->counter:J").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final int hashCode() {
            return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, RequiredPersistedData.class), RequiredPersistedData.class, "username;credentialId;aaguid;publicKey;publicKeyAlgorithm;counter", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->username:Ljava/lang/String;", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->credentialId:Ljava/lang/String;", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->aaguid:Ljava/util/UUID;", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->publicKey:[B", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->publicKeyAlgorithm:J", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->counter:J").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final boolean equals(Object obj) {
            return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, RequiredPersistedData.class, Object.class), RequiredPersistedData.class, "username;credentialId;aaguid;publicKey;publicKeyAlgorithm;counter", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->username:Ljava/lang/String;", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->credentialId:Ljava/lang/String;", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->aaguid:Ljava/util/UUID;", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->publicKey:[B", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->publicKeyAlgorithm:J", "FIELD:Lio/quarkus/security/webauthn/WebAuthnCredentialRecord$RequiredPersistedData;->counter:J").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
        }

        public String username() {
            return this.username;
        }

        public String credentialId() {
            return this.credentialId;
        }

        public UUID aaguid() {
            return this.aaguid;
        }

        public byte[] publicKey() {
            return this.publicKey;
        }

        public long publicKeyAlgorithm() {
            return this.publicKeyAlgorithm;
        }

        public long counter() {
            return this.counter;
        }
    }

    public WebAuthnCredentialRecord(String str, AttestationObject attestationObject, CollectedClientData collectedClientData, AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> authenticationExtensionsClientOutputs, Set<AuthenticatorTransport> set) {
        super(attestationObject, collectedClientData, authenticationExtensionsClientOutputs, set);
        this.username = str;
    }

    private WebAuthnCredentialRecord(String str, long j, AttestedCredentialData attestedCredentialData) {
        super((AttestationStatement) null, (Boolean) null, (Boolean) null, (Boolean) null, j, attestedCredentialData, (AuthenticationExtensionsAuthenticatorOutputs) null, (CollectedClientData) null, (AuthenticationExtensionsClientOutputs) null, (Set) null);
        this.username = str;
    }

    public long getCounter() {
        return super.getCounter();
    }

    public String getUsername() {
        return this.username;
    }

    public String getCredentialID() {
        return Base64UrlUtil.encodeToString(getAttestedCredentialData().getCredentialId());
    }

    public RequiredPersistedData getRequiredPersistedData() {
        return new RequiredPersistedData(getUsername(), getCredentialID(), getAttestedCredentialData().getAaguid().getValue(), getAttestedCredentialData().getCOSEKey().getPublicKey().getEncoded(), getAttestedCredentialData().getCOSEKey().getAlgorithm().getValue(), getCounter());
    }

    public static WebAuthnCredentialRecord fromRequiredPersistedData(RequiredPersistedData requiredPersistedData) {
        EC2COSEKey create;
        long counter = requiredPersistedData.counter();
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(requiredPersistedData.publicKey);
        COSEAlgorithmIdentifier create2 = COSEAlgorithmIdentifier.create(requiredPersistedData.publicKeyAlgorithm);
        try {
            switch (AnonymousClass1.$SwitchMap$com$webauthn4j$data$attestation$statement$COSEKeyType[create2.getKeyType().ordinal()]) {
                case 1:
                    create = EC2COSEKey.create((ECPublicKey) KeyFactory.getInstance("EC").generatePublic(x509EncodedKeySpec), create2);
                    break;
                case 2:
                    create = EdDSACOSEKey.create((EdECPublicKey) KeyFactory.getInstance("EdDSA").generatePublic(x509EncodedKeySpec), create2);
                    break;
                case 3:
                    create = RSACOSEKey.create((RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(x509EncodedKeySpec), create2);
                    break;
                default:
                    throw new IllegalArgumentException("Invalid cose algorithm: " + String.valueOf(create2));
            }
            return new WebAuthnCredentialRecord(requiredPersistedData.username(), counter, new AttestedCredentialData(new AAGUID(requiredPersistedData.aaguid()), Codec.base64UrlDecode(requiredPersistedData.credentialId()), create));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new IllegalArgumentException("Invalid public key", e);
        }
    }
}
