package com.webauthn4j.validator;

import com.webauthn4j.WebAuthnRegistrationContext;
import com.webauthn4j.attestation.AttestationObject;
import com.webauthn4j.attestation.authenticator.AuthenticatorData;
import com.webauthn4j.attestation.statement.AttestationCertificate;
import com.webauthn4j.attestation.statement.AttestationStatement;
import com.webauthn4j.attestation.statement.AttestationType;
import com.webauthn4j.attestation.statement.CertificateBaseAttestationStatement;
import com.webauthn4j.client.CollectedClientData;
import com.webauthn4j.converter.AttestationObjectConverter;
import com.webauthn4j.converter.CollectedClientDataConverter;
import com.webauthn4j.server.ServerProperty;
import com.webauthn4j.util.AssertUtil;
import com.webauthn4j.util.exception.NotImplementedException;
import com.webauthn4j.validator.attestation.AttestationStatementValidator;
import com.webauthn4j.validator.attestation.fido.NullFIDOU2FAttestationStatementValidator;
import com.webauthn4j.validator.attestation.none.NoneAttestationStatementValidator;
import com.webauthn4j.validator.attestation.packed.NullPackedAttestationStatementValidator;
import com.webauthn4j.validator.attestation.trustworthiness.certpath.CertPathTrustworthinessValidator;
import com.webauthn4j.validator.attestation.trustworthiness.certpath.NullCertPathTrustworthinessValidator;
import com.webauthn4j.validator.attestation.trustworthiness.ecdaa.ECDAATrustworthinessValidator;
import com.webauthn4j.validator.attestation.trustworthiness.ecdaa.NullECDAATrustworthinessValidator;
import com.webauthn4j.validator.attestation.trustworthiness.self.DefaultSelfAttestationTrustworthinessValidator;
import com.webauthn4j.validator.attestation.trustworthiness.self.NullSelfAttestationTrustworthinessValidator;
import com.webauthn4j.validator.attestation.trustworthiness.self.SelfAttestationTrustworthinessValidator;
import com.webauthn4j.validator.exception.BadAttestationStatementException;
import com.webauthn4j.validator.exception.MaliciousDataException;
import java.util.Arrays;
import java.util.List;
import java.util.Objects;

/* loaded from: input_file:com/webauthn4j/validator/WebAuthnRegistrationContextValidator.class */
public class WebAuthnRegistrationContextValidator {
    private final List<AttestationStatementValidator> attestationStatementValidators;
    private final CertPathTrustworthinessValidator certPathTrustworthinessValidator;
    private final ECDAATrustworthinessValidator ecdaaTrustworthinessValidator;
    private final SelfAttestationTrustworthinessValidator selfAttestationTrustworthinessValidator;
    private final ChallengeValidator challengeValidator;
    private final OriginValidator originValidator;
    private final TokenBindingValidator tokenBindingValidator;
    private final RpIdHashValidator rpIdHashValidator;
    private final CollectedClientDataConverter collectedClientDataConverter;
    private final AttestationObjectConverter attestationObjectConverter;

    /* renamed from: com.webauthn4j.validator.WebAuthnRegistrationContextValidator$1, reason: invalid class name */
    /* loaded from: input_file:com/webauthn4j/validator/WebAuthnRegistrationContextValidator$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$webauthn4j$attestation$statement$AttestationType = new int[AttestationType.values().length];

        static {
            try {
                $SwitchMap$com$webauthn4j$attestation$statement$AttestationType[AttestationType.SELF.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$webauthn4j$attestation$statement$AttestationType[AttestationType.ECDAA.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$webauthn4j$attestation$statement$AttestationType[AttestationType.BASIC.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$webauthn4j$attestation$statement$AttestationType[AttestationType.ATT_CA.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$com$webauthn4j$attestation$statement$AttestationType[AttestationType.NONE.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
        }
    }

    public WebAuthnRegistrationContextValidator(List<AttestationStatementValidator> list, CertPathTrustworthinessValidator certPathTrustworthinessValidator, ECDAATrustworthinessValidator eCDAATrustworthinessValidator, SelfAttestationTrustworthinessValidator selfAttestationTrustworthinessValidator) {
        this.challengeValidator = new ChallengeValidator();
        this.originValidator = new OriginValidator();
        this.tokenBindingValidator = new TokenBindingValidator();
        this.rpIdHashValidator = new RpIdHashValidator();
        this.collectedClientDataConverter = new CollectedClientDataConverter();
        this.attestationObjectConverter = new AttestationObjectConverter();
        AssertUtil.notNull(list, "attestationStatementValidators must not be null");
        AssertUtil.notNull(certPathTrustworthinessValidator, "certPathTrustworthinessValidator must not be null");
        AssertUtil.notNull(eCDAATrustworthinessValidator, "ecdaaTrustworthinessValidator must not be null");
        AssertUtil.notNull(selfAttestationTrustworthinessValidator, "selfAttestationTrustworthinessValidator must not be null");
        this.attestationStatementValidators = list;
        this.certPathTrustworthinessValidator = certPathTrustworthinessValidator;
        this.ecdaaTrustworthinessValidator = eCDAATrustworthinessValidator;
        this.selfAttestationTrustworthinessValidator = selfAttestationTrustworthinessValidator;
    }

    public WebAuthnRegistrationContextValidator(List<AttestationStatementValidator> list, CertPathTrustworthinessValidator certPathTrustworthinessValidator, ECDAATrustworthinessValidator eCDAATrustworthinessValidator) {
        this(list, certPathTrustworthinessValidator, eCDAATrustworthinessValidator, new DefaultSelfAttestationTrustworthinessValidator());
    }

    public static WebAuthnRegistrationContextValidator createNullAttestationStatementValidator() {
        return new WebAuthnRegistrationContextValidator(Arrays.asList(new NoneAttestationStatementValidator(), new NullFIDOU2FAttestationStatementValidator(), new NullPackedAttestationStatementValidator()), new NullCertPathTrustworthinessValidator(), new NullECDAATrustworthinessValidator(), new NullSelfAttestationTrustworthinessValidator());
    }

    public void validate(WebAuthnRegistrationContext webAuthnRegistrationContext) {
        BeanAssertUtil.validate(webAuthnRegistrationContext);
        byte[] collectedClientData = webAuthnRegistrationContext.getCollectedClientData();
        byte[] attestationObject = webAuthnRegistrationContext.getAttestationObject();
        CollectedClientData convert = this.collectedClientDataConverter.convert(collectedClientData);
        AttestationObject convert2 = this.attestationObjectConverter.convert(attestationObject);
        BeanAssertUtil.validate(convert);
        BeanAssertUtil.validate(convert2);
        RegistrationObject registrationObject = new RegistrationObject(convert, collectedClientData, convert2, attestationObject, webAuthnRegistrationContext.getServerProperty());
        AuthenticatorData authenticatorData = convert2.getAuthenticatorData();
        ServerProperty serverProperty = webAuthnRegistrationContext.getServerProperty();
        if (!Objects.equals(convert.getType(), CollectedClientData.TYPE_WEBAUTHN_CREATE)) {
            throw new MaliciousDataException("Bad client data type");
        }
        this.challengeValidator.validate(convert, serverProperty);
        this.originValidator.validate(convert, serverProperty);
        this.tokenBindingValidator.validate(convert.getTokenBinding(), serverProperty.getTokenBindingId());
        this.rpIdHashValidator.validate(authenticatorData.getRpIdHash(), serverProperty);
        AttestationType validateAttestationStatement = validateAttestationStatement(registrationObject);
        AttestationStatement attestationStatement = convert2.getAttestationStatement();
        switch (AnonymousClass1.$SwitchMap$com$webauthn4j$attestation$statement$AttestationType[validateAttestationStatement.ordinal()]) {
            case AuthenticatorData.BIT_UP /* 1 */:
                if (!(attestationStatement instanceof CertificateBaseAttestationStatement)) {
                    throw new IllegalStateException();
                }
                this.selfAttestationTrustworthinessValidator.validate((CertificateBaseAttestationStatement) attestationStatement);
                return;
            case 2:
                this.ecdaaTrustworthinessValidator.validate(attestationStatement);
                return;
            case AttestationCertificate.CERTIFICATE_VERSION_3 /* 3 */:
            case AuthenticatorData.BIT_UV /* 4 */:
                if (!(attestationStatement instanceof CertificateBaseAttestationStatement)) {
                    throw new IllegalStateException();
                }
                this.certPathTrustworthinessValidator.validate((CertificateBaseAttestationStatement) attestationStatement);
                return;
            case 5:
                return;
            default:
                throw new NotImplementedException();
        }
    }

    private AttestationType validateAttestationStatement(RegistrationObject registrationObject) {
        for (AttestationStatementValidator attestationStatementValidator : this.attestationStatementValidators) {
            if (attestationStatementValidator.supports(registrationObject)) {
                return attestationStatementValidator.validate(registrationObject);
            }
        }
        throw new BadAttestationStatementException("Supplied AttestationStatement format is not configured.");
    }
}
