package org.devcon.ticket;

import com.fasterxml.jackson.annotation.JsonPropertyOrder;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Date;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.tokenscript.attestation.AttestedObject;
import org.tokenscript.attestation.Timestamp;
import org.tokenscript.attestation.core.ExceptionUtil;
import org.tokenscript.attestation.core.SignatureUtility;
import org.tokenscript.attestation.core.Verifiable;
import org.tokenscript.auth.UnpredictableNumberBundle;
import org.tokenscript.auth.UnpredictableNumberTool;

/* loaded from: input_file:org/devcon/ticket/UseTicketBundle.class */
public class UseTicketBundle implements Verifiable {
    private static final Logger logger = LogManager.getLogger((Class<?>) UseTicketBundle.class);
    private final AttestedObject useTicket;
    private final UnpredictableNumberBundle un;
    private final byte[] signature;
    private final byte[] messageToSign;
    private final ObjectMapper jsonMapper = new ObjectMapper();

    @JsonPropertyOrder({"useTicketDer", "un", "signature"})
    /* loaded from: input_file:org/devcon/ticket/UseTicketBundle$JsonUseTicketBundle.class */
    private static class JsonUseTicketBundle {
        private byte[] useTicketDer;
        private UnpredictableNumberBundle un;
        private byte[] signature;

        public JsonUseTicketBundle() {
        }

        public JsonUseTicketBundle(byte[] bArr, UnpredictableNumberBundle unpredictableNumberBundle, byte[] bArr2) {
            this.useTicketDer = bArr;
            this.un = unpredictableNumberBundle;
            this.signature = bArr2;
        }

        public byte[] getUseTicketDer() {
            return this.useTicketDer;
        }

        public void setUseTicketDer(byte[] bArr) {
            this.useTicketDer = bArr;
        }

        public UnpredictableNumberBundle getUn() {
            return this.un;
        }

        public void setUn(UnpredictableNumberBundle unpredictableNumberBundle) {
            this.un = unpredictableNumberBundle;
        }

        public byte[] getSignature() {
            return this.signature;
        }

        public void setSignature(byte[] bArr) {
            this.signature = bArr;
        }
    }

    public UseTicketBundle(AttestedObject attestedObject, UnpredictableNumberBundle unpredictableNumberBundle, AsymmetricKeyParameter asymmetricKeyParameter) {
        this.useTicket = attestedObject;
        this.un = unpredictableNumberBundle;
        this.messageToSign = computeMessage(unpredictableNumberBundle);
        this.signature = SignatureUtility.signPersonalMsgWithEthereum(getMessageToSign(), asymmetricKeyParameter);
        constructorCheck();
    }

    public UseTicketBundle(AttestedObject attestedObject, UnpredictableNumberBundle unpredictableNumberBundle, byte[] bArr) {
        this.useTicket = attestedObject;
        this.un = unpredictableNumberBundle;
        this.messageToSign = computeMessage(unpredictableNumberBundle);
        this.signature = bArr;
        constructorCheck();
    }

    public UseTicketBundle(String str, AsymmetricKeyParameter asymmetricKeyParameter, AsymmetricKeyParameter asymmetricKeyParameter2) throws Exception {
        JsonUseTicketBundle jsonUseTicketBundle = (JsonUseTicketBundle) this.jsonMapper.readValue(str, JsonUseTicketBundle.class);
        this.useTicket = new AttestedObject(jsonUseTicketBundle.getUseTicketDer(), new TicketDecoder(asymmetricKeyParameter), asymmetricKeyParameter2);
        this.un = jsonUseTicketBundle.getUn();
        this.messageToSign = computeMessage(this.un);
        this.signature = jsonUseTicketBundle.getSignature();
        constructorCheck();
    }

    private void constructorCheck() {
        if (!verify()) {
            throw ((IllegalArgumentException) ExceptionUtil.throwException(logger, new IllegalArgumentException("Could not verify object")));
        }
    }

    private byte[] computeMessage(UnpredictableNumberBundle unpredictableNumberBundle) {
        return ("Authenticate towards \"" + unpredictableNumberBundle.getDomain() + "\" using unpredictable number \"" + unpredictableNumberBundle.getNumber() + "\" for an authentication valid until " + Timestamp.TIMESTAMP_FORMAT.format(new Date(unpredictableNumberBundle.getExpiration()))).getBytes(StandardCharsets.UTF_8);
    }

    public AttestedObject getUseTicket() {
        return this.useTicket;
    }

    public UnpredictableNumberBundle getUn() {
        return this.un;
    }

    public byte[] getSignature() {
        return this.signature;
    }

    public byte[] getMessageToSign() {
        return this.messageToSign;
    }

    public String getJsonBundle() throws Exception {
        return this.jsonMapper.writeValueAsString(new JsonUseTicketBundle(this.useTicket.getDerEncoding(), this.un, this.signature));
    }

    public boolean validateAndVerify(UnpredictableNumberTool unpredictableNumberTool) {
        if (!this.useTicket.checkValidity()) {
            logger.error("Use ticket is not valid");
            return false;
        }
        if (!unpredictableNumberTool.validateUnpredictableNumber(this.un.getNumber(), this.un.getRandomness(), this.un.getExpiration())) {
            logger.error("Unpredictable number is not valid ");
            return false;
        }
        if (Arrays.equals(this.un.getNumber().getBytes(StandardCharsets.UTF_8), this.useTicket.getPok().getUnpredictableNumber())) {
            return verify();
        }
        logger.error("Unpredictable number used in the UseTicket proof is different from the unpredictable number signed");
        return false;
    }

    @Override // org.tokenscript.attestation.core.Verifiable
    public boolean verify() {
        if (!this.useTicket.verify()) {
            logger.error("UseTicket could not be verified");
            return false;
        }
        if (SignatureUtility.verifyPersonalEthereumSignature(computeMessage(this.un), this.signature, this.useTicket.getUserPublicKey())) {
            return true;
        }
        logger.error("Signature could not be verified");
        return false;
    }
}
