package craterdog.notary;

import com.fasterxml.jackson.databind.JsonMappingException;
import com.fasterxml.jackson.databind.Module;
import craterdog.notary.mappers.NotaryModule;
import craterdog.primitives.Tag;
import craterdog.security.MessageCryptex;
import craterdog.security.RsaAesMessageCryptex;
import craterdog.smart.SmartObject;
import craterdog.utils.Base32Utils;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.LinkedHashMap;
import java.util.Map;
import org.joda.time.DateTime;
import org.slf4j.ext.XLogger;
import org.slf4j.ext.XLoggerFactory;

/* loaded from: input_file:craterdog/notary/V1NotarizationProvider.class */
public final class V1NotarizationProvider implements Notarization {
    private static final XLogger logger = XLoggerFactory.getXLogger(V1NotarizationProvider.class);
    private static final MessageCryptex cryptex = new RsaAesMessageCryptex();
    public final String hashingAlgorithm = cryptex.getHashAlgorithm();
    public final String signingAlgorithm = cryptex.getAsymmetricSignatureAlgorithm();
    public final int majorVersion = 1;
    public final int minorVersion = 0;

    @Override // craterdog.notary.Notarization
    public Watermark generateWatermark(int i) {
        logger.entry(new Object[]{Integer.valueOf(i)});
        Watermark watermark = new Watermark();
        watermark.hashingAlgorithm = this.hashingAlgorithm;
        watermark.signingAlgorithm = this.signingAlgorithm;
        watermark.majorVersion = 1;
        watermark.minorVersion = 0;
        watermark.creationTimestamp = DateTime.now();
        watermark.expirationTimestamp = watermark.creationTimestamp.plusSeconds(i);
        logger.exit(watermark);
        return watermark;
    }

    @Override // craterdog.notary.Notarization
    public void validateWatermark(Watermark watermark, Map<String, Object> map) {
        logger.entry(new Object[]{watermark, map});
        if (watermark == null) {
            logger.error("The watermark is missing...");
            map.put("watermark.is.missing", watermark);
        } else {
            if (watermark.hashingAlgorithm == null) {
                logger.error("The watermark hashing algorithm is missing...");
                map.put("watermark.hashing.algorithm.is.missing", watermark);
            }
            if (watermark.signingAlgorithm == null) {
                logger.error("The watermark signing algorithm is missing...");
                map.put("watermark.signing.algorithm.is.missing", watermark);
            }
            if (watermark.creationTimestamp == null) {
                logger.error("The watermark creation timestamp is missing...");
                map.put("watermark.creation.timestamp.is.missing", watermark);
            }
            if (watermark.expirationTimestamp == null) {
                logger.error("The watermark expiration timestamp is missing...");
                map.put("watermark.expiration.timestamp.is.missing", watermark);
            } else if (watermark.expirationTimestamp.isBeforeNow()) {
                logger.error("The watermark has expired...");
                map.put("watermark.has.expired", watermark);
            }
        }
        logger.exit(map);
    }

    @Override // craterdog.notary.Notarization
    public DocumentCitation generateDocumentCitation(URI uri, String str) {
        logger.entry(new Object[]{uri, str});
        DocumentCitation documentCitation = new DocumentCitation();
        documentCitation.documentLocation = uri;
        documentCitation.documentHash = hashDocument(str);
        logger.exit(documentCitation);
        return documentCitation;
    }

    @Override // craterdog.notary.Notarization
    public void validateDocumentCitation(DocumentCitation documentCitation, String str, Map<String, Object> map) {
        logger.entry(new Object[]{documentCitation, str, map});
        if (documentCitation == null) {
            logger.error("The document citation is missing...");
            map.put("citation.is.missing", documentCitation);
        } else {
            if (documentCitation.documentLocation == null) {
                logger.error("The document citation location is missing...");
                map.put("citation.location.is.missing", documentCitation);
            }
            if (documentCitation.documentHash == null || documentCitation.documentHash.isEmpty()) {
                logger.error("The document citation hash is missing...");
                map.put("citation.hash.is.missing", documentCitation);
            }
            if (!documentCitation.documentHash.equals(hashDocument(str))) {
                logger.error("The document citation hash does not match the document hash...");
                map.put("citation.hash.is.invalid", documentCitation);
                map.put("cited.document.does.not.match", str);
            }
        }
        logger.exit(map);
    }

    @Override // craterdog.notary.Notarization
    public NotaryKey generateNotaryKey(URI uri) {
        logger.entry(new Object[]{uri});
        NotaryKey generateNotaryKey = generateNotaryKey(uri, null, null);
        logger.exit(generateNotaryKey);
        return generateNotaryKey;
    }

    @Override // craterdog.notary.Notarization
    public NotaryKey generateNotaryKey(URI uri, Map<String, Object> map) {
        logger.entry(new Object[]{uri, map});
        NotaryKey generateNotaryKey = generateNotaryKey(uri, map, null);
        logger.exit(generateNotaryKey);
        return generateNotaryKey;
    }

    @Override // craterdog.notary.Notarization
    public NotaryKey generateNotaryKey(URI uri, NotaryKey notaryKey) {
        logger.entry(new Object[]{uri, notaryKey});
        NotaryKey generateNotaryKey = generateNotaryKey(uri, null, notaryKey);
        logger.exit(generateNotaryKey);
        return generateNotaryKey;
    }

    @Override // craterdog.notary.Notarization
    public NotaryKey generateNotaryKey(URI uri, Map<String, Object> map, NotaryKey notaryKey) {
        logger.entry(new Object[]{uri, map, notaryKey});
        logger.debug("Generating a new RSA key pair...");
        KeyPair generateKeyPair = cryptex.generateKeyPair();
        PrivateKey privateKey = generateKeyPair.getPrivate();
        PublicKey publicKey = generateKeyPair.getPublic();
        logger.debug("Creating the watermark...");
        Watermark generateWatermark = generateWatermark(Notarization.VALID_FOR_ONE_YEAR);
        logger.debug("Wrapping the verification key in a certificate...");
        NotaryCertificate generateNotaryCertificate = generateNotaryCertificate(uri, publicKey, privateKey, map, generateWatermark, notaryKey);
        logger.debug("Creating a document citation to the verification certificate...");
        DocumentCitation generateDocumentCitation = generateDocumentCitation(generateNotaryCertificate.attributes.myLocation, generateNotaryCertificate.toString());
        logger.debug("Assembling the notary key...");
        NotaryKey notaryKey2 = new NotaryKey();
        notaryKey2.watermark = generateWatermark;
        notaryKey2.signingKey = privateKey;
        notaryKey2.verificationCertificate = generateNotaryCertificate;
        notaryKey2.verificationCitation = generateDocumentCitation;
        logger.exit(notaryKey2);
        return notaryKey2;
    }

    @Override // craterdog.notary.Notarization
    public String serializeNotaryKey(NotaryKey notaryKey, char[] cArr) {
        logger.entry(new Object[]{notaryKey});
        logger.debug("Marshalling the notary key into a JSON string...");
        try {
            String writeValueAsString = SmartObject.createMapper(new Module[]{new NotaryModule(cArr)}).writeValueAsString(notaryKey);
            logger.exit(writeValueAsString);
            return writeValueAsString;
        } catch (Exception e) {
            throw ((RuntimeException) logger.throwing(new RuntimeException("An unexpected exception occurred while attempting to serialize a notary key.", e)));
        }
    }

    @Override // craterdog.notary.Notarization
    public NotaryKey deserializeNotaryKey(String str, char[] cArr) throws IOException {
        logger.entry(new Object[]{str});
        logger.debug("Unmarshalling the notary key from a JSON string...");
        try {
            NotaryKey notaryKey = (NotaryKey) SmartObject.createMapper(new Module[]{new NotaryModule(cArr)}).readValue(str, NotaryKey.class);
            logger.debug("Validating the notary key...");
            LinkedHashMap linkedHashMap = new LinkedHashMap();
            validateNotaryKey(notaryKey, linkedHashMap);
            throwExceptionOnErrors("invalid.serialized.notary.key", linkedHashMap);
            logger.exit(notaryKey);
            return notaryKey;
        } catch (Exception e) {
            throw ((RuntimeException) logger.throwing(new RuntimeException("An unexpected exception occurred while attempting to deserialize a notary key: " + str, e)));
        } catch (JsonMappingException e2) {
            LinkedHashMap linkedHashMap2 = new LinkedHashMap();
            linkedHashMap2.put("json.string", str);
            logger.error("The notary key password is invalid for the following notary key: {}", str);
            throw new ValidationException("invalid.notary.key.password", linkedHashMap2);
        }
    }

    @Override // craterdog.notary.Notarization
    public void validateNotaryCertificate(NotaryCertificate notaryCertificate, NotaryCertificate notaryCertificate2, Map<String, Object> map) {
        logger.entry(new Object[]{notaryCertificate, notaryCertificate2});
        int size = map.size();
        logger.debug("Validating the certificate attributes...");
        validateNotaryCertificate(notaryCertificate, map);
        logger.debug("Validating the certificate attributes...");
        validateNotaryCertificate(notaryCertificate2, map);
        if (map.size() == size) {
            logger.debug("Validating the certificate seal...");
            validateNotarySeal(notaryCertificate.certificationSeal, notaryCertificate2, map);
        }
        logger.exit();
    }

    @Override // craterdog.notary.Notarization
    public NotarySeal notarizeDocument(String str, String str2, NotaryKey notaryKey) {
        logger.entry(new Object[]{str, str2, notaryKey});
        logger.debug("Verifying that the notary key has not expired...");
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        validateWatermark(notaryKey.watermark, linkedHashMap);
        throwExceptionOnErrors("notary.key.has.expired", linkedHashMap);
        logger.debug("Creating the notary seal attributes...");
        SealAttributes sealAttributes = new SealAttributes();
        sealAttributes.documentType = str;
        sealAttributes.documentHash = hashDocument(str2);
        sealAttributes.verificationCitation = notaryKey.verificationCitation;
        sealAttributes.watermark = generateWatermark(Notarization.VALID_FOR_FOREVER);
        logger.debug("Signing the notary seal...");
        NotarySeal notarySeal = new NotarySeal();
        PrivateKey privateKey = notaryKey.signingKey;
        notarySeal.attributes = sealAttributes;
        notarySeal.selfSignature = generateDocumentSignature(sealAttributes.toString(), privateKey);
        logger.exit(notarySeal);
        return notarySeal;
    }

    @Override // craterdog.notary.Notarization
    public void validateDocument(String str, NotarySeal notarySeal, NotaryCertificate notaryCertificate, Map<String, Object> map) {
        logger.entry(new Object[]{str, notarySeal, notaryCertificate, map});
        int size = map.size();
        logger.debug("Validating the notary certificate...");
        validateNotaryCertificate(notaryCertificate, map);
        logger.debug("Validating the digital seal...");
        validateNotarySeal(notarySeal, notaryCertificate, map);
        if (str == null || str.isEmpty()) {
            logger.error("The document to be validated is missing...");
            map.put("document.is.missing", str);
        }
        if (size == map.size()) {
            logger.debug("Validating the hash of the document...");
            if (!notarySeal.attributes.documentHash.equals(hashDocument(str))) {
                logger.error("The document hash does not match the hash in the notary seal...");
                map.put("document.hash.is.invalid", str);
            }
        }
        logger.exit(map);
    }

    @Override // craterdog.notary.Notarization
    public void throwExceptionOnErrors(String str, Map<String, Object> map) throws ValidationException {
        logger.entry(new Object[]{str, map});
        if (map.isEmpty()) {
            logger.exit();
        } else {
            logger.error("A validation exception \"" + str + "\" was thrown with the following errors: {}", map);
            throw new ValidationException(str, map);
        }
    }

    private void validateNotaryKey(NotaryKey notaryKey, Map<String, Object> map) {
        int size = map.size();
        logger.debug("Validating the watermark for the notary key...");
        validateWatermark(notaryKey.watermark, map);
        logger.debug("Validating the signing key for the notary key...");
        validateSigningKey(notaryKey.signingKey, map);
        logger.debug("Validating the verification certificate for the notary key...");
        validateNotaryCertificate(notaryKey.verificationCertificate, map);
        if (size == map.size()) {
            logger.debug("Validating the certificate citation for the notary key...");
            validateDocumentCitation(notaryKey.verificationCitation, notaryKey.verificationCertificate.toString(), map);
        }
    }

    private void validateSigningKey(PrivateKey privateKey, Map<String, Object> map) {
        if (privateKey == null) {
            logger.error("The signing key is missing...");
            map.put("signing.key.is.missing", privateKey);
        }
    }

    private void validateNotarySeal(NotarySeal notarySeal, NotaryCertificate notaryCertificate, Map<String, Object> map) {
        if (notarySeal == null) {
            logger.error("The notary seal is missing...");
            map.put("seal.is.missing", notarySeal);
            return;
        }
        int size = map.size();
        String str = notarySeal.selfSignature;
        if (str == null) {
            logger.error("The notary seal self signature is missing...");
            map.put("seal.self.signature.is.missing", notarySeal);
        }
        SealAttributes sealAttributes = notarySeal.attributes;
        if (sealAttributes == null) {
            logger.error("The notary seal attributes are missing...");
            map.put("seal.attributes.are.missing", notarySeal);
        } else {
            String str2 = sealAttributes.documentType;
            if (str2 == null || str2.isEmpty()) {
                logger.error("The notary seal document type is missing...");
                map.put("seal.document.type.is.missing", notarySeal);
            }
            String str3 = sealAttributes.documentHash;
            if (str3 == null || str3.isEmpty()) {
                logger.error("The notary seal document hash is missing...");
                map.put("seal.document.hash.is.missing", notarySeal);
            }
            if (sealAttributes.watermark == null) {
                logger.error("The notary seal watermark is missing...");
                map.put("seal.watermark.is.missing", notarySeal);
            }
            if (sealAttributes.verificationCitation == null) {
                logger.error("The notary seal verification citation is missing...");
                map.put("seal.verification.citation.is.missing", notarySeal);
            }
        }
        if (map.size() == size) {
            validateDocumentSignature(notarySeal.attributes.toString(), str, notaryCertificate.attributes.verificationKey, map);
            validateDocumentCitation(notarySeal.attributes.verificationCitation, notaryCertificate.toString(), map);
        }
    }

    private NotaryCertificate generateNotaryCertificate(URI uri, PublicKey publicKey, PrivateKey privateKey, Map<String, Object> map, Watermark watermark, NotaryKey notaryKey) {
        CertificateAttributes certificateAttributes = new CertificateAttributes();
        try {
            certificateAttributes.myLocation = new URI(uri + "/certificate/" + new Tag());
            if (notaryKey != null) {
                certificateAttributes.identityLocation = notaryKey.verificationCertificate.attributes.identityLocation;
                certificateAttributes.sequenceNumber = notaryKey.verificationCertificate.attributes.sequenceNumber + 1;
            } else {
                certificateAttributes.identityLocation = new URI(uri + "/identity/" + new Tag());
                certificateAttributes.sequenceNumber = 1;
            }
            certificateAttributes.verificationKey = publicKey;
            if (map != null) {
                for (Map.Entry<String, Object> entry : map.entrySet()) {
                    certificateAttributes.put(entry.getKey(), entry.getValue());
                }
            }
            certificateAttributes.watermark = watermark;
            NotaryCertificate notaryCertificate = new NotaryCertificate();
            notaryCertificate.attributes = certificateAttributes;
            notaryCertificate.selfSignature = generateDocumentSignature(certificateAttributes.toString(), privateKey);
            if (notaryKey != null) {
                notaryCertificate.certificationSeal = notarizeDocument("Self Signature", notaryCertificate.selfSignature, notaryKey);
            }
            return notaryCertificate;
        } catch (URISyntaxException e) {
            throw ((RuntimeException) logger.throwing(new RuntimeException("An unexpected exception occurred while attempting to create location URIs from base URI: " + uri, e)));
        }
    }

    private void validateNotaryCertificate(NotaryCertificate notaryCertificate, Map<String, Object> map) {
        if (notaryCertificate == null) {
            logger.error("The notary certificate is missing...");
            map.put("certificate.is.missing", notaryCertificate);
            return;
        }
        int size = map.size();
        CertificateAttributes certificateAttributes = notaryCertificate.attributes;
        if (certificateAttributes == null) {
            logger.error("The notary certificate attributes are missing...");
            map.put("certificate.attributes.are.missing", notaryCertificate);
        } else {
            if (certificateAttributes.myLocation == null) {
                logger.error("The notary certificate location is missing...");
                map.put("certificate.location.is.missing", notaryCertificate);
            }
            if (certificateAttributes.identityLocation == null) {
                logger.error("The notary certificate identity location is missing...");
                map.put("certificate.identity.location.is.missing", notaryCertificate);
            }
            if (certificateAttributes.watermark == null) {
                logger.error("The notary certificate watermark is missing...");
                map.put("certificate.watermark.is.missing", notaryCertificate);
            }
            if (certificateAttributes.verificationKey == null) {
                logger.error("The notary certificate verification key is missing...");
                map.put("certificate.verification.key.is.missing", notaryCertificate);
            }
        }
        if (map.size() == size) {
            validateDocumentSignature(notaryCertificate.attributes.toString(), notaryCertificate.selfSignature, notaryCertificate.attributes.verificationKey, map);
        }
    }

    private String generateDocumentSignature(String str, PrivateKey privateKey) {
        try {
            return Base32Utils.encode(cryptex.signBytes(privateKey, str.getBytes("UTF-8")));
        } catch (Exception e) {
            throw ((RuntimeException) logger.throwing(new RuntimeException("An unexpected exception occurred while attempting to notarize the following document: " + str, e)));
        }
    }

    private void validateDocumentSignature(String str, String str2, PublicKey publicKey, Map<String, Object> map) {
        try {
            if (!cryptex.bytesAreValid(publicKey, str.getBytes("UTF-8"), Base32Utils.decode(str2))) {
                logger.error("The document signature is not valid...");
                map.put("document.is.not.valid", str);
                map.put("document.signature.is.not.valid", str2);
                map.put("document.verification.key.does.not.match", publicKey);
            }
        } catch (UnsupportedEncodingException e) {
            throw ((RuntimeException) logger.throwing(new RuntimeException("An unexpected exception occurred while attempting to validate the following document: " + str, e)));
        }
    }

    private String hashDocument(String str) {
        try {
            return Base32Utils.encode(MessageDigest.getInstance("SHA-256").digest(str.getBytes()));
        } catch (NoSuchAlgorithmException e) {
            throw ((RuntimeException) logger.throwing(new RuntimeException("An unexpected exception occurred while attempting to hash the following document: " + str, e)));
        }
    }
}
