package io.dimeformat.crypto;

import io.dimeformat.Item;
import io.dimeformat.Key;
import io.dimeformat.Signature;
import io.dimeformat.enums.Claim;
import io.dimeformat.enums.KeyCapability;
import io.dimeformat.exceptions.CryptographyException;
import java.util.HashMap;
import java.util.List;
import java.util.Set;

/* loaded from: input_file:io/dimeformat/crypto/Crypto.class */
public final class Crypto {
    private HashMap<String, ICryptoSuite> _suiteMap;
    private String _defaultSuiteName;

    public Crypto() {
        registerCryptoSuite(new NaClSuite("NaCl"));
        registerCryptoSuite(new LegacySuite("DSC"));
        registerCryptoSuite(new LegacySuite("STN"));
        this._defaultSuiteName = "NaCl";
    }

    public synchronized void setDefaultSuiteName(String str) {
        if (this._suiteMap == null) {
            throw new IllegalStateException("Unable to set default cryptographic suite name, no suites registered.");
        }
        if (!this._suiteMap.containsKey(str)) {
            throw new IllegalArgumentException("No cryptographic suite registered for name: " + str);
        }
        this._defaultSuiteName = str;
    }

    public synchronized String getDefaultSuiteName() {
        return this._defaultSuiteName;
    }

    public String generateKeyName(Key key) {
        if (key == null) {
            throw new IllegalArgumentException("Unable to generate key identifier, key must not be null.");
        }
        return getCryptoSuite(key.getCryptoSuiteName()).generateKeyName(key);
    }

    public Signature generateSignature(Item item, Key key) throws CryptographyException {
        if (item == null) {
            throw new IllegalArgumentException("Unable to generate signature, item to sign must not be null.");
        }
        if (key == null || key.getSecret() == null) {
            throw new IllegalArgumentException("Unable to generate signature, key or secret key must not be null.");
        }
        if (key.hasCapability(KeyCapability.SIGN)) {
            return new Signature(getCryptoSuite(key.getCryptoSuiteName()).generateSignature(item, key), item.isLegacy() ? null : generateKeyName(key));
        }
        throw new IllegalArgumentException("Unable to generate signature, provided key does not specify 'SIGN' capability.");
    }

    public boolean verifySignature(Item item, Signature signature, Key key) throws CryptographyException {
        if (item == null) {
            throw new IllegalArgumentException("Unable to verify signature, item to sign must not be null.");
        }
        if (signature == null) {
            throw new IllegalArgumentException("Unable to verify signature, item to sign must not be null.");
        }
        if (key == null || key.getPublic() == null) {
            throw new IllegalArgumentException("Unable to verify signature, key or public key must not be null.");
        }
        if (key.hasCapability(KeyCapability.SIGN)) {
            return getCryptoSuite(key.getCryptoSuiteName()).verifySignature(item, signature.getBytes(), key);
        }
        throw new IllegalArgumentException("Unable to verify signature, provided key does not specify 'SIGN' capability.");
    }

    public Key generateKey(List<KeyCapability> list) throws CryptographyException {
        return generateKey(list, getDefaultSuiteName());
    }

    public Key generateKey(List<KeyCapability> list, String str) throws CryptographyException {
        if (list == null || list.isEmpty()) {
            throw new CryptographyException("Key usage must not be null or empty.");
        }
        return getCryptoSuite(str).generateKey(list);
    }

    public Key generateSharedSecret(Key key, Key key2, List<KeyCapability> list) throws CryptographyException {
        if (!key.hasCapability(KeyCapability.EXCHANGE) || !key2.hasCapability(KeyCapability.EXCHANGE)) {
            throw new IllegalArgumentException("Provided keys do not specify EXCHANGE usage.");
        }
        if (key.getCryptoSuiteName().equals(key2.getCryptoSuiteName())) {
            return getCryptoSuite(key.getCryptoSuiteName()).generateSharedSecret(key, key2, list);
        }
        throw new IllegalArgumentException("Client key and server key are not generated using the same cryptographic suite");
    }

    public byte[] encrypt(byte[] bArr, Key key) throws CryptographyException {
        if (bArr == null || bArr.length == 0) {
            throw new IllegalArgumentException("Plain text to encrypt must not be null and not have a length of 0.");
        }
        if (key == null) {
            throw new IllegalArgumentException("Key must not be null.");
        }
        if (key.hasCapability(KeyCapability.ENCRYPT)) {
            return getCryptoSuite(key.getCryptoSuiteName()).encrypt(bArr, key);
        }
        throw new CryptographyException("Provided key does not specify ENCRYPT usage.");
    }

    public byte[] decrypt(byte[] bArr, Key key) throws CryptographyException {
        if (bArr == null || bArr.length == 0) {
            throw new IllegalArgumentException("Cipher text to decrypt must not be null and not have a length of 0.");
        }
        if (key == null) {
            throw new IllegalArgumentException("Key must not be null.");
        }
        if (key.hasCapability(KeyCapability.ENCRYPT)) {
            return getCryptoSuite(key.getCryptoSuiteName()).decrypt(bArr, key);
        }
        throw new CryptographyException("Provided key does not specify ENCRYPT usage.");
    }

    public String generateHash(byte[] bArr) throws CryptographyException {
        return generateHash(bArr, getDefaultSuiteName());
    }

    public String generateHash(byte[] bArr, String str) throws CryptographyException {
        return getCryptoSuite(str).generateHash(bArr);
    }

    public String encodeKeyBytes(byte[] bArr, Claim claim, String str) {
        return getCryptoSuite(str).encodeKeyBytes(bArr, claim);
    }

    public byte[] decodeKeyBytes(String str, Claim claim, String str2) {
        return getCryptoSuite(str2).decodeKeyBytes(str, claim);
    }

    public void registerCryptoSuite(ICryptoSuite iCryptoSuite) {
        if (iCryptoSuite == null) {
            throw new IllegalArgumentException("Instance of ICrypto implementation must not be null.");
        }
        if (this._suiteMap == null) {
            this._suiteMap = new HashMap<>();
        } else if (this._suiteMap.containsKey(iCryptoSuite.getName())) {
            throw new IllegalArgumentException("Cryptographic suite already exists with name: " + iCryptoSuite.getName());
        }
        this._suiteMap.put(iCryptoSuite.getName(), iCryptoSuite);
    }

    public boolean hasCryptoSuite(String str) {
        if (this._suiteMap == null) {
            return false;
        }
        return this._suiteMap.containsKey(str);
    }

    public Set<String> allCryptoSuites() {
        if (this._suiteMap == null) {
            return null;
        }
        return this._suiteMap.keySet();
    }

    private ICryptoSuite getCryptoSuite(String str) {
        if (this._suiteMap == null || this._suiteMap.isEmpty()) {
            throw new IllegalStateException("Unable to perform cryptographic operation, no suites registered.");
        }
        ICryptoSuite iCryptoSuite = this._suiteMap.get(str);
        if (iCryptoSuite == null) {
            throw new IllegalArgumentException("Unable to find cryptographic suite with name: " + str);
        }
        return iCryptoSuite;
    }
}
