package io.iohk.scalanet.crypto;

import io.iohk.scalanet.crypto.CryptoUtils;
import io.iohk.scalanet.peergroup.dynamictls.DynamicTLSExtension;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import org.bouncycastle.asn1.sec.SECNamedCurves;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
import org.bouncycastle.crypto.util.PrivateKeyInfoFactory;
import org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory;
import org.bouncycastle.jce.interfaces.ECPublicKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECParameterSpec;
import org.bouncycastle.jce.spec.ECPublicKeySpec;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import scala.collection.immutable.List;
import scala.runtime.BoxesRunTime;
import scala.util.Try;
import scala.util.Try$;
import scodec.bits.BitVector;
import scodec.bits.BitVector$;

/* compiled from: CryptoUtils.scala */
/* loaded from: input_file:io/iohk/scalanet/crypto/CryptoUtils$.class */
public final class CryptoUtils$ {
    public static final CryptoUtils$ MODULE$ = new CryptoUtils$();
    private static final String curveName = "secp256k1";
    private static final String usedKeyScheme = "EC";
    private static final BouncyCastleProvider PROVIDER = new BouncyCastleProvider();
    private static final X9ECParameters curveParams = SECNamedCurves.getByName(MODULE$.curveName());
    private static final ECDomainParameters curve = new ECDomainParameters(MODULE$.curveParams().getCurve(), MODULE$.curveParams().getG(), MODULE$.curveParams().getN(), MODULE$.curveParams().getH());

    private String curveName() {
        return curveName;
    }

    private String usedKeyScheme() {
        return usedKeyScheme;
    }

    private BouncyCastleProvider PROVIDER() {
        return PROVIDER;
    }

    private X9ECParameters curveParams() {
        return curveParams;
    }

    private ECDomainParameters curve() {
        return curve;
    }

    private Signature getEcdsaSignature() {
        return Signature.getInstance(CryptoUtils$SHA256withECDSA$.MODULE$.name(), (Provider) PROVIDER());
    }

    private KeyFactory getEcKeyFactory() {
        return KeyFactory.getInstance(usedKeyScheme(), (Provider) PROVIDER());
    }

    public AsymmetricCipherKeyPair generateKeyPair(SecureRandom secureRandom) {
        ECKeyPairGenerator eCKeyPairGenerator = new ECKeyPairGenerator();
        eCKeyPairGenerator.init(new ECKeyGenerationParameters(curve(), secureRandom));
        return eCKeyPairGenerator.generateKeyPair();
    }

    public KeyPair genEcKeyPair(SecureRandom secureRandom, String str) {
        ECGenParameterSpec eCGenParameterSpec = new ECGenParameterSpec(str);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", (Provider) PROVIDER());
        keyPairGenerator.initialize(eCGenParameterSpec, secureRandom);
        return keyPairGenerator.generateKeyPair();
    }

    public KeyPair genTlsSupportedKeyPair(SecureRandom secureRandom, CryptoUtils.SupportedCurves supportedCurves) {
        return genEcKeyPair(secureRandom, supportedCurves.name());
    }

    public byte[] signEcdsa(byte[] bArr, PrivateKey privateKey, SecureRandom secureRandom) {
        Signature ecdsaSignature = getEcdsaSignature();
        ecdsaSignature.initSign(privateKey, secureRandom);
        ecdsaSignature.update(bArr);
        return ecdsaSignature.sign();
    }

    public boolean verifyEcdsa(byte[] bArr, byte[] bArr2, PublicKey publicKey) {
        return BoxesRunTime.unboxToBoolean(Try$.MODULE$.apply(() -> {
            Signature ecdsaSignature = MODULE$.getEcdsaSignature();
            ecdsaSignature.initVerify(publicKey);
            ecdsaSignature.update(bArr);
            return ecdsaSignature.verify(bArr2);
        }).fold(th -> {
            return BoxesRunTime.boxToBoolean($anonfun$verifyEcdsa$2(th));
        }, obj -> {
            return BoxesRunTime.boxToBoolean($anonfun$verifyEcdsa$3(BoxesRunTime.unboxToBoolean(obj)));
        }));
    }

    public KeyPair convertBcToJceKeyPair(AsymmetricCipherKeyPair asymmetricCipherKeyPair) {
        PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(PrivateKeyInfoFactory.createPrivateKeyInfo(asymmetricCipherKeyPair.getPrivate()).getEncoded());
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(asymmetricCipherKeyPair.getPublic()).getEncoded());
        KeyFactory ecKeyFactory = getEcKeyFactory();
        return new KeyPair(ecKeyFactory.generatePublic(x509EncodedKeySpec), ecKeyFactory.generatePrivate(pKCS8EncodedKeySpec));
    }

    public Try<PublicKey> getSecp256k1KeyFromBytes(byte[] bArr) {
        return Try$.MODULE$.apply(() -> {
            return MODULE$.getEcKeyFactory().generatePublic(new ECPublicKeySpec(MODULE$.curve().getCurve().decodePoint(bArr), new ECParameterSpec(MODULE$.curveParams().getCurve(), MODULE$.curveParams().getG(), MODULE$.curveParams().getN())));
        });
    }

    public Try<PublicKey> getBouncyCastlePubKey(byte[] bArr, String str) {
        return Try$.MODULE$.apply(() -> {
            return KeyFactory.getInstance(str, (Provider) MODULE$.PROVIDER()).generatePublic(new X509EncodedKeySpec(bArr));
        });
    }

    public Try<BitVector> getEcPublicKey(PublicKey publicKey) {
        return Try$.MODULE$.apply(() -> {
            return BitVector$.MODULE$.apply(((ECPublicKey) publicKey).getQ().getEncoded(false));
        });
    }

    public X509Certificate buildCertificateWithExtensions(KeyPair keyPair, SecureRandom secureRandom, List<DynamicTLSExtension.Extension> list, Date date, Date date2, CryptoUtils.SignatureScheme signatureScheme) {
        BigInteger bigInteger = new BigInteger(64, secureRandom);
        X500Name x500Name = new X500Name(new StringBuilder(3).append("CN=").append("scalanet-tls").toString());
        X509v3CertificateBuilder x509v3CertificateBuilder = new X509v3CertificateBuilder(x500Name, bigInteger, date, date2, x500Name, SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()));
        list.foreach(extension -> {
            return x509v3CertificateBuilder.addExtension(extension.oid(), extension.isCritical(), extension.value());
        });
        return new JcaX509CertificateConverter().setProvider(PROVIDER()).getCertificate(x509v3CertificateBuilder.build(new JcaContentSignerBuilder(signatureScheme.name()).build(keyPair.getPrivate())));
    }

    public static final /* synthetic */ boolean $anonfun$verifyEcdsa$2(Throwable th) {
        return false;
    }

    public static final /* synthetic */ boolean $anonfun$verifyEcdsa$3(boolean z) {
        return z;
    }

    private CryptoUtils$() {
    }
}
