package org.multipaz.sdjwt.presentation;

import java.util.List;
import kotlin.Metadata;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt;
import kotlinx.datetime.Instant;
import kotlinx.serialization.json.JsonElement;
import org.multipaz.crypto.Crypto;
import org.multipaz.crypto.EcPublicKey;
import org.multipaz.crypto.EcSignature;
import org.multipaz.sdjwt.SdJwtVerifiableCredential;
import org.multipaz.sdjwt.util.JsonWebKey;
import org.multipaz.sdjwt.vc.JwtBody;
import org.multipaz.util.Base64UtilKt;
import org.multipaz.util.Logger;

/* compiled from: SdJwtVerifiablePresentation.kt */
@Metadata(d1 = {"\u0000@\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u000b\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0004\b\u0007\u0018\u0000 \u001e2\u00020\u0001:\u0002\u001e\u001fB'\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0005\u0012\u0006\u0010\u0007\u001a\u00020\u0005¢\u0006\u0004\b\b\u0010\tJ\u000e\u0010\u0010\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u0005J\u0010\u0010\u0013\u001a\u00020\u00142\u0006\u0010\u0012\u001a\u00020\u0015H\u0002JB\u0010\u0016\u001a\u00020\u00172\u0012\u0010\u0018\u001a\u000e\u0012\u0004\u0012\u00020\u0005\u0012\u0004\u0012\u00020\u00170\u00192\u0012\u0010\u001a\u001a\u000e\u0012\u0004\u0012\u00020\u0005\u0012\u0004\u0012\u00020\u00170\u00192\u0012\u0010\u001b\u001a\u000e\u0012\u0004\u0012\u00020\u001c\u0012\u0004\u0012\u00020\u00170\u0019J\b\u0010\u001d\u001a\u00020\u0005H\u0016R\u0011\u0010\u0002\u001a\u00020\u0003¢\u0006\b\n\u0000\u001a\u0004\b\n\u0010\u000bR\u0011\u0010\u0004\u001a\u00020\u0005¢\u0006\b\n\u0000\u001a\u0004\b\f\u0010\rR\u0011\u0010\u0006\u001a\u00020\u0005¢\u0006\b\n\u0000\u001a\u0004\b\u000e\u0010\rR\u0011\u0010\u0007\u001a\u00020\u0005¢\u0006\b\n\u0000\u001a\u0004\b\u000f\u0010\r¨\u0006 "}, d2 = {"Lorg/multipaz/sdjwt/presentation/SdJwtVerifiablePresentation;", "", "sdJwtVc", "Lorg/multipaz/sdjwt/SdJwtVerifiableCredential;", "keyBindingHeader", "", "keyBindingBody", "keyBindingSignature", "<init>", "(Lorg/multipaz/sdjwt/SdJwtVerifiableCredential;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V", "getSdJwtVc", "()Lorg/multipaz/sdjwt/SdJwtVerifiableCredential;", "getKeyBindingHeader", "()Ljava/lang/String;", "getKeyBindingBody", "getKeyBindingSignature", "getAttributeValue", "Lkotlinx/serialization/json/JsonElement;", "key", "verifyHolderSignature", "Lorg/multipaz/sdjwt/presentation/KeyBindingBody;", "Lorg/multipaz/crypto/EcPublicKey;", "verifyKeyBinding", "", "checkNonce", "Lkotlin/Function1;", "checkAudience", "checkCreationTime", "Lkotlinx/datetime/Instant;", "toString", "Companion", "MalformedSdJwtPresentationError", "multipaz_release"}, k = 1, mv = {2, 1, 0}, xi = 48)
/* loaded from: classes5.dex */
public final class SdJwtVerifiablePresentation {
    private final String keyBindingBody;
    private final String keyBindingHeader;
    private final String keyBindingSignature;
    private final SdJwtVerifiableCredential sdJwtVc;

    /* renamed from: Companion, reason: from kotlin metadata */
    public static final Companion INSTANCE = new Companion(null);
    public static final int $stable = 8;

    /* compiled from: SdJwtVerifiablePresentation.kt */
    @Metadata(d1 = {"\u0000\u0018\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0000\b\u0086\u0003\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b\u0002\u0010\u0003J\u000e\u0010\u0004\u001a\u00020\u00052\u0006\u0010\u0006\u001a\u00020\u0007¨\u0006\b"}, d2 = {"Lorg/multipaz/sdjwt/presentation/SdJwtVerifiablePresentation$Companion;", "", "<init>", "()V", "fromString", "Lorg/multipaz/sdjwt/presentation/SdJwtVerifiablePresentation;", "input", "", "multipaz_release"}, k = 1, mv = {2, 1, 0}, xi = 48)
    /* loaded from: classes5.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        public final SdJwtVerifiablePresentation fromString(String input) {
            Intrinsics.checkNotNullParameter(input, "input");
            int lastIndexOf$default = StringsKt.lastIndexOf$default((CharSequence) input, '~', 0, false, 6, (Object) null);
            if (lastIndexOf$default == -1) {
                throw new MalformedSdJwtPresentationError("couldn't find ~ in SD-JWT " + input);
            }
            int i = lastIndexOf$default + 1;
            String substring = input.substring(0, i);
            Intrinsics.checkNotNullExpressionValue(substring, "substring(...)");
            String substring2 = input.substring(i);
            Intrinsics.checkNotNullExpressionValue(substring2, "substring(...)");
            SdJwtVerifiableCredential fromString = SdJwtVerifiableCredential.INSTANCE.fromString(substring);
            List split$default = StringsKt.split$default((CharSequence) substring2, new String[]{"."}, false, 0, 6, (Object) null);
            if (split$default.size() == 3) {
                return new SdJwtVerifiablePresentation(fromString, (String) split$default.get(0), (String) split$default.get(1), (String) split$default.get(2));
            }
            throw new MalformedSdJwtPresentationError("key binding JWT didn't consist of three parts: " + substring2);
        }
    }

    /* compiled from: SdJwtVerifiablePresentation.kt */
    @Metadata(d1 = {"\u0000\u0016\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0003\b\u0007\u0018\u00002\u00060\u0001j\u0002`\u0002B\u000f\u0012\u0006\u0010\u0003\u001a\u00020\u0004¢\u0006\u0004\b\u0005\u0010\u0006¨\u0006\u0007"}, d2 = {"Lorg/multipaz/sdjwt/presentation/SdJwtVerifiablePresentation$MalformedSdJwtPresentationError;", "Ljava/lang/Exception;", "Lkotlin/Exception;", "message", "", "<init>", "(Ljava/lang/String;)V", "multipaz_release"}, k = 1, mv = {2, 1, 0}, xi = 48)
    /* loaded from: classes5.dex */
    public static final class MalformedSdJwtPresentationError extends Exception {
        public static final int $stable = 0;

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        public MalformedSdJwtPresentationError(String message) {
            super(message);
            Intrinsics.checkNotNullParameter(message, "message");
        }
    }

    public SdJwtVerifiablePresentation(SdJwtVerifiableCredential sdJwtVc, String keyBindingHeader, String keyBindingBody, String keyBindingSignature) {
        Intrinsics.checkNotNullParameter(sdJwtVc, "sdJwtVc");
        Intrinsics.checkNotNullParameter(keyBindingHeader, "keyBindingHeader");
        Intrinsics.checkNotNullParameter(keyBindingBody, "keyBindingBody");
        Intrinsics.checkNotNullParameter(keyBindingSignature, "keyBindingSignature");
        this.sdJwtVc = sdJwtVc;
        this.keyBindingHeader = keyBindingHeader;
        this.keyBindingBody = keyBindingBody;
        this.keyBindingSignature = keyBindingSignature;
    }

    private final KeyBindingBody verifyHolderSignature(EcPublicKey key) {
        KeyBindingHeader fromString = KeyBindingHeader.INSTANCE.fromString(this.keyBindingHeader);
        KeyBindingBody fromString2 = KeyBindingBody.INSTANCE.fromString(this.keyBindingBody);
        if (!Intrinsics.areEqual(Base64UtilKt.toBase64Url(Crypto.INSTANCE.digest(this.sdJwtVc.getSdHashAlg(), StringsKt.encodeToByteArray(this.sdJwtVc.toString()))), fromString2.getSdHash())) {
            throw new IllegalStateException("hash in key binding JWT didn't match SD-JWT");
        }
        Crypto.INSTANCE.checkSignature(key, StringsKt.encodeToByteArray(this.keyBindingHeader + "." + this.keyBindingBody), fromString.getAlgorithm(), EcSignature.INSTANCE.fromCoseEncoded(Base64UtilKt.fromBase64Url(this.keyBindingSignature)));
        return fromString2;
    }

    public final JsonElement getAttributeValue(String key) {
        Intrinsics.checkNotNullParameter(key, "key");
        return this.sdJwtVc.getAttributeValue(key);
    }

    public final String getKeyBindingBody() {
        return this.keyBindingBody;
    }

    public final String getKeyBindingHeader() {
        return this.keyBindingHeader;
    }

    public final String getKeyBindingSignature() {
        return this.keyBindingSignature;
    }

    public final SdJwtVerifiableCredential getSdJwtVc() {
        return this.sdJwtVc;
    }

    public String toString() {
        return this.sdJwtVc + this.keyBindingHeader + "." + this.keyBindingBody + "." + this.keyBindingSignature;
    }

    public final boolean verifyKeyBinding(Function1<? super String, Boolean> checkNonce, Function1<? super String, Boolean> checkAudience, Function1<? super Instant, Boolean> checkCreationTime) {
        EcPublicKey pubKey;
        Intrinsics.checkNotNullParameter(checkNonce, "checkNonce");
        Intrinsics.checkNotNullParameter(checkAudience, "checkAudience");
        Intrinsics.checkNotNullParameter(checkCreationTime, "checkCreationTime");
        JwtBody fromString = JwtBody.INSTANCE.fromString(this.sdJwtVc.getBody());
        if (fromString.getPublicKey() == null) {
            Logger.INSTANCE.i("SdJwtVerifiablePresentation", "verifyKeyBinding found a body with no public key. Assuming a non-keybound credential.");
            return false;
        }
        JsonWebKey publicKey = fromString.getPublicKey();
        if (publicKey == null || (pubKey = publicKey.getPubKey()) == null) {
            throw new MalformedSdJwtPresentationError("couldn't parse public holder key from JWT: " + this.sdJwtVc.getBody());
        }
        KeyBindingBody verifyHolderSignature = verifyHolderSignature(pubKey);
        if (!checkNonce.invoke(verifyHolderSignature.getNonce()).booleanValue()) {
            throw new IllegalStateException("nonce didn't verify in key binding JWT: " + verifyHolderSignature);
        }
        if (!checkAudience.invoke(verifyHolderSignature.getAudience()).booleanValue()) {
            throw new IllegalStateException("audience didn't verify in key binding JWT: " + verifyHolderSignature);
        }
        if (checkCreationTime.invoke(verifyHolderSignature.getCreationTime()).booleanValue()) {
            return true;
        }
        throw new IllegalStateException("creation time didn't verify in key binding JWT: " + verifyHolderSignature);
    }
}
