package org.eclipse.californium.scandium.auth;

import java.security.GeneralSecurityException;
import java.security.Principal;
import org.eclipse.californium.elements.auth.PreSharedKeyIdentity;
import org.eclipse.californium.elements.auth.RawPublicKeyIdentity;
import org.eclipse.californium.elements.auth.X509CertPath;
import org.eclipse.californium.elements.util.Asn1DerDecoder;
import org.eclipse.californium.elements.util.Bytes;
import org.eclipse.californium.elements.util.DatagramReader;
import org.eclipse.californium.elements.util.DatagramWriter;
import org.eclipse.californium.elements.util.StandardCharsets;

/* loaded from: classes15.dex */
public final class PrincipalSerializer {
    private static final int PSK_HOSTNAME_LENGTH_BITS = 16;
    private static final int PSK_IDENTITY_LENGTH_BITS = 16;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.eclipse.californium.scandium.auth.PrincipalSerializer$1, reason: invalid class name */
    /* loaded from: classes15.dex */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$eclipse$californium$scandium$auth$PrincipalSerializer$ClientAuthenticationType = new int[ClientAuthenticationType.values().length];

        static {
            try {
                $SwitchMap$org$eclipse$californium$scandium$auth$PrincipalSerializer$ClientAuthenticationType[ClientAuthenticationType.CERT.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$org$eclipse$californium$scandium$auth$PrincipalSerializer$ClientAuthenticationType[ClientAuthenticationType.PSK.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$org$eclipse$californium$scandium$auth$PrincipalSerializer$ClientAuthenticationType[ClientAuthenticationType.RPK.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes15.dex */
    public enum ClientAuthenticationType {
        ANONYMOUS((byte) 0),
        CERT((byte) 1),
        PSK((byte) 2),
        RPK((byte) -1);

        private byte code;

        ClientAuthenticationType(byte b) {
            this.code = b;
        }

        static ClientAuthenticationType fromCode(byte b) {
            for (ClientAuthenticationType clientAuthenticationType : values()) {
                if (clientAuthenticationType.code == b) {
                    return clientAuthenticationType;
                }
            }
            throw new IllegalArgumentException("unknown ClientAuthenticationType: " + ((int) b));
        }
    }

    private PrincipalSerializer() {
    }

    public static Principal deserialize(DatagramReader datagramReader) throws GeneralSecurityException {
        if (datagramReader == null) {
            throw new NullPointerException("reader must not be null");
        }
        int i = AnonymousClass1.$SwitchMap$org$eclipse$californium$scandium$auth$PrincipalSerializer$ClientAuthenticationType[ClientAuthenticationType.fromCode((byte) datagramReader.read(8)).ordinal()];
        if (i == 1) {
            return deserializeCertChain(datagramReader);
        }
        if (i == 2) {
            return deserializeIdentity(datagramReader);
        }
        if (i != 3) {
            return null;
        }
        return deserializeSubjectInfo(datagramReader);
    }

    private static X509CertPath deserializeCertChain(DatagramReader datagramReader) {
        return X509CertPath.fromBytes(Asn1DerDecoder.readSequenceEntity(datagramReader));
    }

    private static PreSharedKeyIdentity deserializeIdentity(DatagramReader datagramReader) {
        if (datagramReader.readNextByte() != 1) {
            return new PreSharedKeyIdentity(new String(readBytesWithLength(16, datagramReader), StandardCharsets.UTF_8));
        }
        byte[] readBytesWithLength = readBytesWithLength(16, datagramReader);
        return new PreSharedKeyIdentity(readBytesWithLength.length == 0 ? null : new String(readBytesWithLength, StandardCharsets.UTF_8), new String(readBytesWithLength(16, datagramReader), StandardCharsets.UTF_8));
    }

    private static RawPublicKeyIdentity deserializeSubjectInfo(DatagramReader datagramReader) throws GeneralSecurityException {
        return new RawPublicKeyIdentity(Asn1DerDecoder.readSequenceEntity(datagramReader));
    }

    private static byte[] readBytesWithLength(int i, DatagramReader datagramReader) {
        int read = datagramReader.read(i);
        int bitsLeft = datagramReader.bitsLeft() / 8;
        if (bitsLeft >= read) {
            return datagramReader.readBytes(read);
        }
        throw new IllegalArgumentException(read + " exceeds available " + bitsLeft + " bytes!");
    }

    public static void serialize(Principal principal, DatagramWriter datagramWriter) {
        if (datagramWriter == null) {
            throw new NullPointerException("Writer must not be null");
        }
        if (principal == null) {
            datagramWriter.writeByte(ClientAuthenticationType.ANONYMOUS.code);
            return;
        }
        if (principal instanceof PreSharedKeyIdentity) {
            serializeIdentity((PreSharedKeyIdentity) principal, datagramWriter);
            return;
        }
        if (principal instanceof RawPublicKeyIdentity) {
            serializeSubjectInfo((RawPublicKeyIdentity) principal, datagramWriter);
        } else {
            if (principal instanceof X509CertPath) {
                serializeCertChain((X509CertPath) principal, datagramWriter);
                return;
            }
            throw new IllegalArgumentException("unsupported principal type: " + principal.getClass().getName());
        }
    }

    private static void serializeCertChain(X509CertPath x509CertPath, DatagramWriter datagramWriter) {
        datagramWriter.writeByte(ClientAuthenticationType.CERT.code);
        datagramWriter.writeBytes(x509CertPath.toByteArray());
    }

    private static void serializeIdentity(PreSharedKeyIdentity preSharedKeyIdentity, DatagramWriter datagramWriter) {
        datagramWriter.writeByte(ClientAuthenticationType.PSK.code);
        if (!preSharedKeyIdentity.isScopedIdentity()) {
            datagramWriter.writeByte((byte) 0);
            writeBytesWithLength(16, preSharedKeyIdentity.getIdentity().getBytes(StandardCharsets.UTF_8), datagramWriter);
        } else {
            datagramWriter.writeByte((byte) 1);
            writeBytesWithLength(16, preSharedKeyIdentity.getVirtualHost() == null ? Bytes.EMPTY : preSharedKeyIdentity.getVirtualHost().getBytes(StandardCharsets.UTF_8), datagramWriter);
            writeBytesWithLength(16, preSharedKeyIdentity.getIdentity().getBytes(StandardCharsets.UTF_8), datagramWriter);
        }
    }

    private static void serializeSubjectInfo(RawPublicKeyIdentity rawPublicKeyIdentity, DatagramWriter datagramWriter) {
        datagramWriter.writeByte(ClientAuthenticationType.RPK.code);
        datagramWriter.writeBytes(rawPublicKeyIdentity.getSubjectInfo());
    }

    private static void writeBytesWithLength(int i, byte[] bArr, DatagramWriter datagramWriter) {
        datagramWriter.write(bArr.length, i);
        datagramWriter.writeBytes(bArr);
    }
}
