package de.governikus.autent.eudiwallet.mdl.verifier;

import com.authlete.cbor.CBORByteArray;
import de.governikus.autent.eudiwallet.ecdh.KeyService;
import de.governikus.autent.eudiwallet.mdl.MdocHelper;
import de.governikus.autent.eudiwallet.mdl.SessionTranscript;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.util.Arrays;
import java.util.Base64;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/eudi-wallet-mdl-utils-0.1.0.jar:de/governikus/autent/eudiwallet/mdl/verifier/MacValidator.class */
public class MacValidator {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) MacValidator.class);
    private String sessionTranscript;
    private byte[] deviceNameSpaceBytes;
    private ECPublicKey issuerPublicKey;
    private ECPrivateKey verifierPrivateKey;
    private byte[] externalMac;

    public boolean isExternalMacValid() {
        if (this.sessionTranscript == null || this.deviceNameSpaceBytes == null || this.issuerPublicKey == null || this.verifierPrivateKey == null || this.externalMac == null) {
            log.debug("mac validator has not been fully initialized. mac validation can not be executed.");
            return false;
        }
        boolean equals = Arrays.equals(this.externalMac, MdocHelper.computeMac(KeyService.deriveKeyFrom(this.verifierPrivateKey, this.issuerPublicKey), new CBORByteArray(this.deviceNameSpaceBytes), this.sessionTranscript));
        if (!equals) {
            log.warn("mac validation failed");
        }
        return equals;
    }

    public void setSessionTranscript(String str, String str2, String str3, String str4) {
        this.sessionTranscript = SessionTranscript.builder().clientId(str).responseUri(str2).nonce(str3).mdocGeneratedNonce(str4).build().generateSessionTranscript().encodeToBase64Url();
        log.debug("generated sessionTranscript for validation in base64_url: {}", this.sessionTranscript);
        log.debug("generated sessionTranscript for validation in hex: {}", Hex.toHexString(Base64.getUrlDecoder().decode(this.sessionTranscript)));
    }

    public void setSessionTranscript(String str) {
        this.sessionTranscript = str;
    }

    public void setDeviceNameSpaceBytes(byte[] bArr) {
        this.deviceNameSpaceBytes = bArr;
    }

    public void setIssuerPublicKey(ECPublicKey eCPublicKey) {
        this.issuerPublicKey = eCPublicKey;
    }

    public void setVerifierPrivateKey(ECPrivateKey eCPrivateKey) {
        this.verifierPrivateKey = eCPrivateKey;
    }

    public void setExternalMac(byte[] bArr) {
        this.externalMac = bArr;
    }
}
