package com.afwsamples.testdpc.policy.utils;

import com.google.common.base.CharMatcher;
import com.google.common.io.BaseEncoding;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import org.bouncycastle.asn1.ASN1Sequence;

/* loaded from: classes.dex */
public class Attestation {
    static final int ATTESTATION_CHALLENGE_INDEX = 4;
    static final int ATTESTATION_SECURITY_LEVEL_INDEX = 1;
    static final int ATTESTATION_VERSION_INDEX = 0;
    static final int KEYMASTER_SECURITY_LEVEL_INDEX = 3;
    static final int KEYMASTER_VERSION_INDEX = 2;
    static final String KEY_DESCRIPTION_OID = "1.3.6.1.4.1.11129.2.1.17";
    public static final int KM_SECURITY_LEVEL_SOFTWARE = 0;
    public static final int KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT = 1;
    static final int SW_ENFORCED_INDEX = 6;
    static final int TEE_ENFORCED_INDEX = 7;
    static final int UNIQUE_ID_INDEX = 5;
    private final byte[] attestationChallenge;
    private final int attestationSecurityLevel;
    private final int attestationVersion;
    private final int keymasterSecurityLevel;
    private final int keymasterVersion;
    private final AuthorizationList softwareEnforced;
    private final AuthorizationList teeEnforced;
    private final byte[] uniqueId;

    public Attestation(X509Certificate x509Certificate) throws CertificateParsingException {
        ASN1Sequence attestationSequence = getAttestationSequence(x509Certificate);
        this.attestationVersion = Asn1Utils.getIntegerFromAsn1(attestationSequence.getObjectAt(0));
        this.attestationSecurityLevel = Asn1Utils.getIntegerFromAsn1(attestationSequence.getObjectAt(1));
        this.keymasterVersion = Asn1Utils.getIntegerFromAsn1(attestationSequence.getObjectAt(2));
        this.keymasterSecurityLevel = Asn1Utils.getIntegerFromAsn1(attestationSequence.getObjectAt(3));
        this.attestationChallenge = Asn1Utils.getByteArrayFromAsn1(attestationSequence.getObjectAt(4));
        this.uniqueId = Asn1Utils.getByteArrayFromAsn1(attestationSequence.getObjectAt(5));
        this.softwareEnforced = new AuthorizationList(attestationSequence.getObjectAt(6));
        this.teeEnforced = new AuthorizationList(attestationSequence.getObjectAt(7));
    }

    private ASN1Sequence getAttestationSequence(X509Certificate x509Certificate) throws CertificateParsingException {
        byte[] extensionValue = x509Certificate.getExtensionValue(KEY_DESCRIPTION_OID);
        if (extensionValue == null || extensionValue.length == 0) {
            throw new CertificateParsingException("Did not find extension with OID 1.3.6.1.4.1.11129.2.1.17");
        }
        return Asn1Utils.getAsn1SequenceFromBytes(extensionValue);
    }

    public static String securityLevelToString(int i) {
        switch (i) {
            case 0:
                return "Software";
            case 1:
                return "TEE";
            default:
                return "Unkown";
        }
    }

    public byte[] getAttestationChallenge() {
        return this.attestationChallenge;
    }

    public int getAttestationSecurityLevel() {
        return this.attestationSecurityLevel;
    }

    public int getAttestationVersion() {
        return this.attestationVersion;
    }

    public int getKeymasterSecurityLevel() {
        return this.keymasterSecurityLevel;
    }

    public int getKeymasterVersion() {
        return this.keymasterVersion;
    }

    public AuthorizationList getSoftwareEnforced() {
        return this.softwareEnforced;
    }

    public AuthorizationList getTeeEnforced() {
        return this.teeEnforced;
    }

    public byte[] getUniqueId() {
        return this.uniqueId;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("Attest version: " + this.attestationVersion);
        sb.append("\nAttest security: " + securityLevelToString(this.attestationSecurityLevel));
        sb.append("\nKM version: " + this.keymasterVersion);
        sb.append("\nKM security: " + securityLevelToString(this.keymasterSecurityLevel));
        sb.append("\nChallenge");
        String str = new String(this.attestationChallenge);
        if (CharMatcher.ascii().matchesAllOf(str)) {
            sb.append(": [" + str + "]");
        } else {
            sb.append(" (base64): [" + BaseEncoding.base64().encode(this.attestationChallenge) + "]");
        }
        if (this.uniqueId != null) {
            sb.append("\nUnique ID (base64): [" + BaseEncoding.base64().encode(this.uniqueId) + "]");
        }
        sb.append("\n-- SW enforced --");
        sb.append(this.softwareEnforced);
        sb.append("\n-- TEE enforced --");
        sb.append(this.teeEnforced);
        return sb.toString();
    }
}
