package com.google.android.attestation;

import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.List;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;

/* loaded from: input_file:com/google/android/attestation/ParsedAttestationRecord.class */
public class ParsedAttestationRecord {
    public final int attestationVersion;
    public final SecurityLevel attestationSecurityLevel;
    public final int keymasterVersion;
    public final SecurityLevel keymasterSecurityLevel;
    public final byte[] attestationChallenge;
    public final byte[] uniqueId;
    public final AuthorizationList softwareEnforced;
    public final AuthorizationList teeEnforced;

    /* loaded from: input_file:com/google/android/attestation/ParsedAttestationRecord$SecurityLevel.class */
    public enum SecurityLevel {
        SOFTWARE,
        TRUSTED_ENVIRONMENT,
        STRONG_BOX
    }

    private ParsedAttestationRecord(ASN1Sequence aSN1Sequence) {
        this.attestationVersion = ASN1Parsing.getIntegerFromAsn1(aSN1Sequence.getObjectAt(0));
        this.attestationSecurityLevel = securityLevelToEnum(ASN1Parsing.getIntegerFromAsn1(aSN1Sequence.getObjectAt(1)));
        this.keymasterVersion = ASN1Parsing.getIntegerFromAsn1(aSN1Sequence.getObjectAt(2));
        this.keymasterSecurityLevel = securityLevelToEnum(ASN1Parsing.getIntegerFromAsn1(aSN1Sequence.getObjectAt(3)));
        this.attestationChallenge = ((ASN1OctetString) aSN1Sequence.getObjectAt(4)).getOctets();
        this.uniqueId = ((ASN1OctetString) aSN1Sequence.getObjectAt(5)).getOctets();
        this.softwareEnforced = AuthorizationList.createAuthorizationList(((ASN1Sequence) aSN1Sequence.getObjectAt(6)).toArray(), this.attestationVersion);
        this.teeEnforced = AuthorizationList.createAuthorizationList(((ASN1Sequence) aSN1Sequence.getObjectAt(7)).toArray(), this.attestationVersion);
    }

    private ParsedAttestationRecord(int i, SecurityLevel securityLevel, int i2, SecurityLevel securityLevel2, byte[] bArr, byte[] bArr2, AuthorizationList authorizationList, AuthorizationList authorizationList2) {
        this.attestationVersion = i;
        this.attestationSecurityLevel = securityLevel;
        this.keymasterVersion = i2;
        this.keymasterSecurityLevel = securityLevel2;
        this.attestationChallenge = bArr;
        this.uniqueId = bArr2;
        this.softwareEnforced = authorizationList;
        this.teeEnforced = authorizationList2;
    }

    public static ParsedAttestationRecord createParsedAttestationRecord(List<X509Certificate> list) throws IOException {
        for (int size = list.size() - 1; size >= 0; size--) {
            byte[] extensionValue = list.get(size).getExtensionValue("1.3.6.1.4.1.11129.2.1.17");
            if (extensionValue != null && extensionValue.length != 0) {
                return new ParsedAttestationRecord(extractAttestationSequence(extensionValue));
            }
        }
        throw new IllegalArgumentException("Couldn't find the keystore attestation extension data.");
    }

    public static ParsedAttestationRecord create(ASN1Sequence aSN1Sequence) {
        return new ParsedAttestationRecord(aSN1Sequence);
    }

    public static ParsedAttestationRecord create(int i, SecurityLevel securityLevel, int i2, SecurityLevel securityLevel2, byte[] bArr, byte[] bArr2, AuthorizationList authorizationList, AuthorizationList authorizationList2) {
        return new ParsedAttestationRecord(i, securityLevel, i2, securityLevel2, bArr, bArr2, authorizationList, authorizationList2);
    }

    private static SecurityLevel securityLevelToEnum(int i) {
        switch (i) {
            case 0:
                return SecurityLevel.SOFTWARE;
            case 1:
                return SecurityLevel.TRUSTED_ENVIRONMENT;
            case 2:
                return SecurityLevel.STRONG_BOX;
            default:
                throw new IllegalArgumentException("Invalid security level.");
        }
    }

    private static int securityLevelToInt(SecurityLevel securityLevel) {
        switch (securityLevel) {
            case SOFTWARE:
                return 0;
            case TRUSTED_ENVIRONMENT:
                return 1;
            case STRONG_BOX:
                return 2;
            default:
                throw new IllegalArgumentException("Invalid security level.");
        }
    }

    private static ASN1Sequence extractAttestationSequence(byte[] bArr) throws IOException {
        ASN1InputStream aSN1InputStream = new ASN1InputStream(bArr);
        try {
            ASN1InputStream aSN1InputStream2 = new ASN1InputStream(((ASN1OctetString) aSN1InputStream.readObject()).getOctets());
            try {
                ASN1Sequence aSN1Sequence = (ASN1Sequence) aSN1InputStream2.readObject();
                aSN1InputStream2.close();
                aSN1InputStream.close();
                return aSN1Sequence;
            } finally {
            }
        } catch (Throwable th) {
            try {
                aSN1InputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public ASN1Sequence toAsn1Sequence() {
        ASN1Encodable[] aSN1EncodableArr = new ASN1Encodable[8];
        aSN1EncodableArr[0] = new ASN1Integer(this.attestationVersion);
        aSN1EncodableArr[1] = new ASN1Enumerated(securityLevelToInt(this.attestationSecurityLevel));
        aSN1EncodableArr[2] = new ASN1Integer(this.keymasterVersion);
        aSN1EncodableArr[3] = new ASN1Enumerated(securityLevelToInt(this.keymasterSecurityLevel));
        aSN1EncodableArr[4] = new DEROctetString(this.attestationChallenge);
        aSN1EncodableArr[5] = new DEROctetString(this.uniqueId);
        if (this.softwareEnforced != null) {
            aSN1EncodableArr[6] = this.softwareEnforced.toAsn1Sequence();
        }
        if (this.teeEnforced != null) {
            aSN1EncodableArr[7] = this.teeEnforced.toAsn1Sequence();
        }
        return new DERSequence(aSN1EncodableArr);
    }
}
