package io.dimeformat;

import io.dimeformat.enums.Claim;
import io.dimeformat.enums.KeyCapability;
import io.dimeformat.exceptions.CryptographyException;
import io.dimeformat.exceptions.InvalidFormatException;
import java.time.Instant;
import java.util.List;
import java.util.UUID;
import java.util.stream.Collectors;

/* loaded from: input_file:io/dimeformat/Key.class */
public class Key extends Item {
    public static final String HEADER = "KEY";
    private static final List<Claim> allowedClaims = List.of((Object[]) new Claim[]{Claim.AMB, Claim.AUD, Claim.CTX, Claim.EXP, Claim.IAT, Claim.ISS, Claim.ISU, Claim.KID, Claim.MTD, Claim.SUB, Claim.SYS, Claim.UID});
    private static final int CRYPTO_SUITE_INDEX = 0;
    private static final int ENCODED_KEY_INDEX = 1;
    private static final int LEGACY_KEY_HEADER_SIZE = 6;
    private String _suiteName;
    private List<KeyCapability> _capabilities;
    private byte[] _secretBytes;
    private byte[] _publicBytes;

    @Override // io.dimeformat.Item
    public String getHeader() {
        return HEADER;
    }

    public String getCryptoSuiteName() {
        if (this._suiteName == null && getKeyBytes(Claim.KEY) == null) {
            getKeyBytes(Claim.PUB);
        }
        return this._suiteName;
    }

    public String getSecret() {
        return (String) getClaim(Claim.KEY);
    }

    public String getPublic() {
        return (String) getClaim(Claim.PUB);
    }

    public byte[] getKeyBytes(Claim claim) {
        try {
            if (claim == Claim.KEY) {
                if (this._secretBytes == null) {
                    decodeKey((String) getClaim(Claim.KEY), Claim.KEY);
                }
                return this._secretBytes;
            }
            if (claim != Claim.PUB) {
                throw new IllegalArgumentException("Invalid claim for key provided: " + claim);
            }
            if (this._publicBytes == null) {
                decodeKey((String) getClaim(Claim.PUB), Claim.PUB);
            }
            return this._publicBytes;
        } catch (CryptographyException e) {
            return null;
        }
    }

    public List<KeyCapability> getCapability() {
        if (this._capabilities == null) {
            List list = (List) getClaim(Claim.CAP);
            if (list != null) {
                this._capabilities = (List) list.stream().map(str -> {
                    return KeyCapability.valueOf(str.toUpperCase());
                }).collect(Collectors.toList());
            } else {
                getKeyBytes(Claim.PUB);
                getKeyBytes(Claim.KEY);
            }
        }
        return this._capabilities;
    }

    public boolean hasCapability(KeyCapability keyCapability) {
        if (keyCapability == null) {
            return false;
        }
        return getCapability().contains(keyCapability);
    }

    public static Key generateKey(KeyCapability keyCapability) {
        return generateKey(List.of(keyCapability), -1L, null, null, Dime.crypto.getDefaultSuiteName());
    }

    public static Key generateKey(List<KeyCapability> list) {
        return generateKey(list, -1L, null, null, Dime.crypto.getDefaultSuiteName());
    }

    public static Key generateKey(List<KeyCapability> list, String str) {
        return generateKey(list, -1L, null, str, Dime.crypto.getDefaultSuiteName());
    }

    public static Key generateKey(List<KeyCapability> list, long j, UUID uuid, String str) {
        return generateKey(list, j, uuid, str, Dime.crypto.getDefaultSuiteName());
    }

    public static Key generateKey(List<KeyCapability> list, long j, UUID uuid, String str, String str2) {
        if (str != null && str.length() > 84) {
            throw new IllegalArgumentException("Context must not be longer than 84.");
        }
        try {
            byte[][] generateKey = Dime.crypto.generateKey(list, str2);
            Key key = new Key(UUID.randomUUID(), list, generateKey[0], generateKey.length == 2 ? generateKey[1] : null, str2);
            if (j != -1) {
                key.setClaimValue(Claim.EXP, ((Instant) key.getClaim(Claim.IAT)).plusSeconds(j));
            }
            key.setClaimValue(Claim.ISS, uuid);
            key.setClaimValue(Claim.CTX, str);
            return key;
        } catch (CryptographyException e) {
            throw new RuntimeException("Unexpected exception thrown when generating key: " + e);
        }
    }

    public Key publicCopy() {
        Key key = new Key(getCapability(), null, getPublic(), getCryptoSuiteName());
        key.setClaimValue(Claim.UID, getClaim(Claim.UID));
        key.setClaimValue(Claim.IAT, getClaim(Claim.IAT));
        key.setClaimValue(Claim.EXP, getClaim(Claim.EXP));
        key.setClaimValue(Claim.ISS, getClaim(Claim.ISS));
        key.setClaimValue(Claim.CTX, getClaim(Claim.CTX));
        key.setClaimValue(Claim.CAP, getCapability().stream().map(keyCapability -> {
            return keyCapability.name().toLowerCase();
        }).collect(Collectors.toList()));
        return key;
    }

    public Key generateSharedSecret(Key key, List<KeyCapability> list) throws CryptographyException {
        return new Key(UUID.randomUUID(), list, Dime.crypto.generateSharedSecret(this, key, list), null, getCryptoSuiteName());
    }

    @Override // io.dimeformat.Item
    public void convertToLegacy() {
        if (isLegacy()) {
            return;
        }
        convertKeyToLegacy(this, getCapability().get(0), Claim.KEY);
        convertKeyToLegacy(this, getCapability().get(0), Claim.PUB);
        super.convertToLegacy();
    }

    @Override // io.dimeformat.Item
    public boolean isLegacy() {
        getKeyBytes(Claim.PUB);
        getKeyBytes(Claim.KEY);
        return super.isLegacy();
    }

    Key() {
    }

    Key(UUID uuid, List<KeyCapability> list, byte[] bArr, byte[] bArr2, String str) {
        setClaimValue(Claim.UID, uuid);
        setClaimValue(Claim.IAT, Utility.createTimestamp());
        this._suiteName = str != null ? str : Dime.crypto.getDefaultSuiteName();
        this._capabilities = list;
        setClaimValue(Claim.CAP, list.stream().map(keyCapability -> {
            return keyCapability.name().toLowerCase();
        }).collect(Collectors.toList()));
        if (bArr != null) {
            setClaimValue(Claim.KEY, packageKey(str, Dime.crypto.encodeKey(bArr, this._suiteName)));
        }
        if (bArr2 != null) {
            setClaimValue(Claim.PUB, packageKey(str, Dime.crypto.encodeKey(bArr2, this._suiteName)));
        }
    }

    Key(List<KeyCapability> list, String str, String str2, String str3) {
        this._suiteName = str3;
        this._capabilities = list;
        if (str != null) {
            setClaimValue(Claim.KEY, str);
        }
        if (str2 != null) {
            setClaimValue(Claim.PUB, str2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Key(List<KeyCapability> list, String str, Claim claim) throws CryptographyException {
        this._capabilities = list;
        setClaimValue(claim, str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void convertKeyToLegacy(Item item, KeyCapability keyCapability, Claim claim) {
        String str = (String) item.getClaim(claim);
        if (str == null) {
            return;
        }
        byte[] bArr = {1, 0, 0, 0, 0, 0};
        String[] split = str.split("\\.");
        if (split.length == 1) {
            return;
        }
        byte[] combine = Utility.combine(bArr, Dime.crypto.decodeKey(split[1], split[0]));
        combine[1] = keyCapability == KeyCapability.ENCRYPT ? (byte) 16 : keyCapability == KeyCapability.EXCHANGE ? (byte) 64 : Byte.MIN_VALUE;
        combine[2] = keyCapability == KeyCapability.EXCHANGE ? (byte) 2 : (byte) 1;
        if (claim == Claim.PUB) {
            combine[3] = 1;
        } else if (keyCapability == KeyCapability.ENCRYPT) {
            combine[3] = 2;
        }
        item.setClaimValue(claim, Base58.encode(combine));
    }

    @Override // io.dimeformat.Item
    protected boolean allowedToSetClaimDirectly(Claim claim) {
        return allowedClaims.contains(claim);
    }

    @Override // io.dimeformat.Item
    protected void customDecoding(List<String> list) throws InvalidFormatException {
        if (list.size() > 3) {
            throw new InvalidFormatException("More components in item than expected, got " + list.size() + ", expected maximum 3");
        }
        this.isSigned = list.size() > 2;
    }

    private static KeyCapability getCapabilityFromLegacy(byte[] bArr) {
        switch (bArr[1]) {
            case Byte.MIN_VALUE:
                return KeyCapability.keyCapabilityFromLegacy("identity");
            case -32:
                return KeyCapability.keyCapabilityFromLegacy("authenticate");
            case 16:
                return KeyCapability.keyCapabilityFromLegacy("encryption");
            case 64:
                return KeyCapability.keyCapabilityFromLegacy("exchange");
            default:
                return null;
        }
    }

    private static String packageKey(String str, String str2) {
        return str + "." + str2;
    }

    private void decodeKey(String str, Claim claim) throws CryptographyException {
        String str2;
        byte[] subArray;
        if (str == null || str.isEmpty()) {
            return;
        }
        String[] split = str.split("\\.");
        boolean z = false;
        if (split.length == 2) {
            str2 = split[0].toUpperCase();
        } else {
            str2 = "STN";
            z = true;
            markAsLegacy();
        }
        if (this._suiteName == null) {
            this._suiteName = str2;
        } else if (!this._suiteName.equals(str2)) {
            throw new CryptographyException("Public and secret keys generated using different cryptographic suites: " + this._suiteName + " and " + str2 + ".");
        }
        if (z) {
            byte[] decodeKey = Dime.crypto.decodeKey(str, str2);
            subArray = Utility.subArray(decodeKey, LEGACY_KEY_HEADER_SIZE);
            KeyCapability capabilityFromLegacy = getCapabilityFromLegacy(decodeKey);
            if (capabilityFromLegacy == null) {
                throw new IllegalStateException("Invalid key capability encountered.");
            }
            this._capabilities = List.of(capabilityFromLegacy);
        } else {
            subArray = Dime.crypto.decodeKey(split[1], str2);
        }
        if (claim == Claim.KEY) {
            this._secretBytes = subArray;
        } else {
            if (claim != Claim.PUB) {
                throw new IllegalArgumentException("Invalid claim provided for key: " + claim);
            }
            this._publicBytes = subArray;
        }
        if (z) {
            markAsLegacy();
        }
    }
}
