package com.authlete.cwt;

import com.authlete.cbor.CBORByteArray;
import com.authlete.cose.COSEException;
import com.authlete.cose.COSEKey;
import com.authlete.cose.COSEProtectedHeader;
import com.authlete.cose.COSEProtectedHeaderBuilder;
import com.authlete.cose.COSESign1;
import com.authlete.cose.COSESign1Builder;
import com.authlete.cose.COSESigner;
import com.authlete.cose.SigStructure;
import com.authlete.cose.SigStructureBuilder;
import com.google.gson.GsonBuilder;
import com.google.gson.ToNumberPolicy;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.time.Instant;
import java.util.Date;
import java.util.Map;

/* loaded from: classes4.dex */
public class CWTKeyProofBuilder {
    private static final String CONTENT_TYPE = "openid4vci-proof+cwt";
    private static final String HELP = "USAGE:%n%n  java %s%n    --issuer ISSUER    # specifies the identifier of the credential issuer.%n    --key FILE         # specifies the file containing a private key in the JWK format.%n    [--client CLIENT]  # specifies the identifier of the client application.%n    [--nonce NONCE]    # specifies the 'c_nonce' value issued by the server.%n    [--issued-at TIME] # specifies the issuance time.%n    [--help]           # shows this help text.%n%nNOTE:%n%n  Supported key algorithms are ES256, ES384 and ES512 only.%n%n  The issuance time can be specified by one of the following formats:%n    (a) integer representing seconds since the Unix epoch%n    (b) string representing a datetime in UTC in the ISO 8601 format%n%n";
    private static final String LABEL_COSE_KEY = "COSE_Key";
    private String client;
    private Date issuedAt;
    private String issuer;
    private COSEKey key;
    private String nonce;

    /* loaded from: classes4.dex */
    private static class Options {
        public String client;
        public Date issuedAt;
        public String issuer;
        public COSEKey key;
        public String nonce;

        private Options() {
        }

        private void help(int i) {
            System.out.format(CWTKeyProofBuilder.HELP, CWTKeyProofBuilder.class.getName());
            System.exit(i);
        }

        private String next(String str, String[] strArr, int i) {
            if (strArr.length > i) {
                return strArr[i];
            }
            throw new IllegalArgumentException(String.format("The option '%s' requires a following argument.", str));
        }

        /* JADX WARN: Failed to find 'out' block for switch in B:5:0x0010. Please report as an issue. */
        private void parse(String[] strArr) throws IOException, COSEException {
            int i = 0;
            while (i < strArr.length) {
                String str = strArr[i];
                str.hashCode();
                char c = 65535;
                switch (str.hashCode()) {
                    case -1618692529:
                        if (str.equals("--nonce")) {
                            c = 0;
                            break;
                        }
                        break;
                    case 43005119:
                        if (str.equals("--key")) {
                            c = 1;
                            break;
                        }
                        break;
                    case 673582325:
                        if (str.equals("--issued-at")) {
                            c = 2;
                            break;
                        }
                        break;
                    case 1042301291:
                        if (str.equals("--client")) {
                            c = 3;
                            break;
                        }
                        break;
                    case 1220853849:
                        if (str.equals("--issuer")) {
                            c = 4;
                            break;
                        }
                        break;
                    case 1333069025:
                        if (str.equals("--help")) {
                            c = 5;
                            break;
                        }
                        break;
                }
                switch (c) {
                    case 0:
                        i++;
                        this.nonce = next(str, strArr, i);
                        break;
                    case 1:
                        i++;
                        this.key = readKey(next(str, strArr, i));
                        break;
                    case 2:
                        i++;
                        this.issuedAt = readIssuedAt(next(str, strArr, i));
                        break;
                    case 3:
                        i++;
                        this.client = next(str, strArr, i);
                        break;
                    case 4:
                        i++;
                        this.issuer = next(str, strArr, i);
                        break;
                    case 5:
                        help(0);
                        break;
                    default:
                        System.err.format("ERROR: Unexpected argument: %s%n%n", str);
                        help(1);
                        break;
                }
                i++;
            }
        }

        private Date readIssuedAt(String str) {
            try {
                try {
                    return new Date(Long.parseLong(str) * 1000);
                } catch (Exception unused) {
                    return Date.from(Instant.parse(str));
                }
            } catch (Exception unused2) {
                throw new IllegalArgumentException(String.format("The value specified by the '--issued-at' option is malformed: %s", str));
            }
        }

        private COSEKey readKey(String str) throws IOException, COSEException {
            return COSEKey.fromJwk((Map) new GsonBuilder().setObjectToNumberStrategy(ToNumberPolicy.LONG_OR_DOUBLE).create().fromJson(new String(Files.readAllBytes(Paths.get(str, new String[0])), StandardCharsets.UTF_8), Map.class));
        }

        private void validate() {
            if (this.issuer == null) {
                throw new IllegalArgumentException("The '--issuer ISSUER' option is mandatory.");
            }
            if (this.key == null) {
                throw new IllegalArgumentException("The '--key FILE' option is mandatory.");
            }
        }

        public Options process(String[] strArr) throws IOException, COSEException {
            parse(strArr);
            validate();
            return this;
        }
    }

    public CWTKeyProofBuilder() {
    }

    private CWTKeyProofBuilder(Options options) {
        this.client = options.client;
        this.issuer = options.issuer;
        this.nonce = options.nonce;
        this.key = options.key;
        this.issuedAt = options.issuedAt;
    }

    private CWTClaimsSet buildClaims() {
        CWTClaimsSetBuilder cWTClaimsSetBuilder = new CWTClaimsSetBuilder();
        if (getClient() != null) {
            cWTClaimsSetBuilder.iss(getClient());
        }
        cWTClaimsSetBuilder.aud(getIssuer());
        cWTClaimsSetBuilder.iat(determineIssuedAt());
        if (getNonce() != null) {
            cWTClaimsSetBuilder.nonce(getNonce());
        }
        return cWTClaimsSetBuilder.build();
    }

    private CBORByteArray buildPayload() {
        return new CBORByteArray(buildClaims().encode());
    }

    private static COSEProtectedHeader buildProtectedHeader(COSEKey cOSEKey) throws COSEException {
        COSEKey cOSEKey2 = cOSEKey.toPublic();
        return new COSEProtectedHeaderBuilder().alg(cOSEKey.getAlg()).contentType(CONTENT_TYPE).put(LABEL_COSE_KEY, new CBORByteArray(cOSEKey2.encode(), cOSEKey2)).build();
    }

    private static SigStructure buildSigStructure(COSEProtectedHeader cOSEProtectedHeader, CBORByteArray cBORByteArray) {
        return new SigStructureBuilder().signature1().bodyAttributes(cOSEProtectedHeader).payload(cBORByteArray).build();
    }

    private static COSESign1 buildSign1(COSEProtectedHeader cOSEProtectedHeader, CBORByteArray cBORByteArray, byte[] bArr) {
        return new COSESign1Builder().protectedHeader(cOSEProtectedHeader).payload(cBORByteArray).signature(bArr).build();
    }

    private static byte[] buildSignature(COSEProtectedHeader cOSEProtectedHeader, CBORByteArray cBORByteArray, COSEKey cOSEKey) throws COSEException {
        return createSigner(cOSEKey).sign(buildSigStructure(cOSEProtectedHeader, cBORByteArray), ((Number) cOSEKey.getAlg()).intValue(), cOSEKey.getKid());
    }

    private void checkIssuer() {
        if (getIssuer() == null) {
            throw new IllegalStateException("'issuer' is not set.");
        }
    }

    private void checkKey() {
        COSEKey key = getKey();
        if (key == null) {
            throw new IllegalStateException("'key' is not set.");
        }
        if (!key.isPrivate()) {
            throw new IllegalStateException("The key is not a private key.");
        }
        if (!(key.getAlg() instanceof Number)) {
            throw new IllegalStateException("The representation of the algorithm of the key is not a number.");
        }
    }

    private void checkState() {
        checkIssuer();
        checkKey();
    }

    private static COSESigner createSigner(COSEKey cOSEKey) throws COSEException {
        return new COSESigner(cOSEKey.createPrivateKey());
    }

    private Date determineIssuedAt() {
        Date issuedAt = getIssuedAt();
        return issuedAt == null ? new Date() : issuedAt;
    }

    public static void main(String[] strArr) {
        try {
            System.out.println(new CWTKeyProofBuilder(new Options().process(strArr)).build().encodeToBase64Url());
        } catch (Exception e) {
            System.err.format("ERROR: %s%n", e.getMessage());
            if (!(e instanceof IllegalArgumentException)) {
                e.printStackTrace(System.err);
            }
            System.exit(1);
        }
    }

    public CWT build() throws IllegalStateException, COSEException {
        checkState();
        COSEKey key = getKey();
        COSEProtectedHeader buildProtectedHeader = buildProtectedHeader(key);
        CBORByteArray buildPayload = buildPayload();
        return new CWT(buildSign1(buildProtectedHeader, buildPayload, buildSignature(buildProtectedHeader, buildPayload, key)));
    }

    public String getClient() {
        return this.client;
    }

    public Date getIssuedAt() {
        return this.issuedAt;
    }

    public String getIssuer() {
        return this.issuer;
    }

    public COSEKey getKey() {
        return this.key;
    }

    public String getNonce() {
        return this.nonce;
    }

    public CWTKeyProofBuilder setClient(String str) {
        this.client = str;
        return this;
    }

    public CWTKeyProofBuilder setIssuedAt(Date date) {
        this.issuedAt = date;
        return this;
    }

    public CWTKeyProofBuilder setIssuer(String str) {
        this.issuer = str;
        return this;
    }

    public CWTKeyProofBuilder setKey(COSEKey cOSEKey) {
        this.key = cOSEKey;
        return this;
    }

    public CWTKeyProofBuilder setNonce(String str) {
        this.nonce = str;
        return this;
    }
}
