package net.corda.node.services.keys;

import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.locks.ReentrantLock;
import javax.annotation.concurrent.ThreadSafe;
import kotlin.Metadata;
import kotlin.TypeCastException;
import kotlin.Unit;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Ref;
import net.corda.core.crypto.CryptoUtils;
import net.corda.core.crypto.DigitalSignature;
import net.corda.core.crypto.SignableData;
import net.corda.core.crypto.TransactionSignature;
import net.corda.core.crypto.internal.AliasPrivateKey;
import net.corda.core.identity.PartyAndCertificate;
import net.corda.core.internal.ThreadBox;
import net.corda.core.node.services.IdentityService;
import net.corda.core.serialization.SingletonSerializeAsToken;
import net.corda.node.services.config.NodeConfigurationImpl;
import net.corda.node.services.keys.KeyManagementServiceInternal;
import net.corda.nodeapi.internal.crypto.X509KeyStore;
import net.corda.nodeapi.internal.cryptoservice.CryptoService;
import net.corda.nodeapi.internal.cryptoservice.bouncycastle.BCCryptoService;
import org.bouncycastle.operator.ContentSigner;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* compiled from: E2ETestKeyManagementService.kt */
@ThreadSafe
@Metadata(mv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, NodeConfigurationImpl.Defaults.lazyBridgeStart, 11}, bv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, 0, 2}, k = NodeConfigurationImpl.Defaults.lazyBridgeStart, d1 = {"��n\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0010\"\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u001c\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0012\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0002\n\u0002\b\u0003\b\u0007\u0018��2\u00020\u00012\u00020\u0002:\u0001)B\u0019\u0012\u0006\u0010\u0003\u001a\u00020\u0004\u0012\n\b\u0002\u0010\u0005\u001a\u0004\u0018\u00010\u0006¢\u0006\u0002\u0010\u0007J\u001c\u0010\u0015\u001a\b\u0012\u0004\u0012\u00020\u00100\u00162\f\u0010\u0017\u001a\b\u0012\u0004\u0012\u00020\u00100\u0016H\u0016J\u0012\u0010\u0018\u001a\u00020\u00102\b\u0010\u0019\u001a\u0004\u0018\u00010\u001aH\u0016J\u0010\u0010\u001b\u001a\u00020\u001c2\u0006\u0010\u001d\u001a\u00020\u0010H\u0016J\u0010\u0010\u001e\u001a\u00020\f2\u0006\u0010\u001d\u001a\u00020\u0010H\u0002J\u0018\u0010\u001f\u001a\u00020 2\u0006\u0010!\u001a\u00020\"2\u0006\u0010\u001d\u001a\u00020\u0010H\u0016J\u0018\u0010\u001f\u001a\u00020#2\u0006\u0010$\u001a\u00020%2\u0006\u0010\u001d\u001a\u00020\u0010H\u0016J\u0016\u0010&\u001a\u00020'2\f\u0010(\u001a\b\u0012\u0004\u0012\u00020\f0\u000bH\u0016R\u0010\u0010\u0005\u001a\u0004\u0018\u00010\u0006X\u0082\u0004¢\u0006\u0002\n��R\u0014\u0010\u0003\u001a\u00020\u0004X\u0096\u0004¢\u0006\b\n��\u001a\u0004\b\b\u0010\tR\u0017\u0010\n\u001a\b\u0012\u0004\u0012\u00020\f0\u000b8F¢\u0006\u0006\u001a\u0004\b\r\u0010\u000eR\u001a\u0010\u000f\u001a\b\u0012\u0004\u0012\u00020\u00100\u000b8VX\u0096\u0004¢\u0006\u0006\u001a\u0004\b\u0011\u0010\u000eR\u0014\u0010\u0012\u001a\b\u0012\u0004\u0012\u00020\u00140\u0013X\u0082\u0004¢\u0006\u0002\n��¨\u0006*"}, d2 = {"Lnet/corda/node/services/keys/E2ETestKeyManagementService;", "Lnet/corda/core/serialization/SingletonSerializeAsToken;", "Lnet/corda/node/services/keys/KeyManagementServiceInternal;", "identityService", "Lnet/corda/core/node/services/IdentityService;", "cryptoService", "Lnet/corda/nodeapi/internal/cryptoservice/CryptoService;", "(Lnet/corda/core/node/services/IdentityService;Lnet/corda/nodeapi/internal/cryptoservice/CryptoService;)V", "getIdentityService", "()Lnet/corda/core/node/services/IdentityService;", "keyPairs", "", "Ljava/security/KeyPair;", "getKeyPairs", "()Ljava/util/Set;", "keys", "Ljava/security/PublicKey;", "getKeys", "mutex", "Lnet/corda/core/internal/ThreadBox;", "Lnet/corda/node/services/keys/E2ETestKeyManagementService$InnerState;", "filterMyKeys", "", "candidateKeys", "freshKeyInternal", "externalId", "Ljava/util/UUID;", "getSigner", "Lorg/bouncycastle/operator/ContentSigner;", "publicKey", "getSigningKeyPair", "sign", "Lnet/corda/core/crypto/DigitalSignature$WithKey;", "bytes", "", "Lnet/corda/core/crypto/TransactionSignature;", "signableData", "Lnet/corda/core/crypto/SignableData;", "start", "", "initialKeyPairs", "InnerState", "node"})
/* loaded from: input_file:net/corda/node/services/keys/E2ETestKeyManagementService.class */
public final class E2ETestKeyManagementService extends SingletonSerializeAsToken implements KeyManagementServiceInternal {
    private final ThreadBox<InnerState> mutex;

    @NotNull
    private final IdentityService identityService;
    private final CryptoService cryptoService;

    /* JADX INFO: Access modifiers changed from: private */
    /* compiled from: E2ETestKeyManagementService.kt */
    @Metadata(mv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, NodeConfigurationImpl.Defaults.lazyBridgeStart, 11}, bv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, 0, 2}, k = NodeConfigurationImpl.Defaults.lazyBridgeStart, d1 = {"��\u001c\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\b\u0002\u0018��2\u00020\u0001B\u0005¢\u0006\u0002\u0010\u0002R\u001d\u0010\u0003\u001a\u000e\u0012\u0004\u0012\u00020\u0005\u0012\u0004\u0012\u00020\u00060\u0004¢\u0006\b\n��\u001a\u0004\b\u0007\u0010\b¨\u0006\t"}, d2 = {"Lnet/corda/node/services/keys/E2ETestKeyManagementService$InnerState;", "", "()V", "keys", "Ljava/util/HashMap;", "Ljava/security/PublicKey;", "Ljava/security/PrivateKey;", "getKeys", "()Ljava/util/HashMap;", "node"})
    /* loaded from: input_file:net/corda/node/services/keys/E2ETestKeyManagementService$InnerState.class */
    public static final class InnerState {

        @NotNull
        private final HashMap<PublicKey, PrivateKey> keys = new HashMap<>();

        @NotNull
        public final HashMap<PublicKey, PrivateKey> getKeys() {
            return this.keys;
        }
    }

    @NotNull
    public Set<PublicKey> getKeys() {
        ThreadBox<InnerState> threadBox = this.mutex;
        ReentrantLock lock = threadBox.getLock();
        lock.lock();
        try {
            Set<PublicKey> keySet = ((InnerState) threadBox.getContent()).getKeys().keySet();
            Intrinsics.checkExpressionValueIsNotNull(keySet, "keys.keys");
            lock.unlock();
            Intrinsics.checkExpressionValueIsNotNull(keySet, "mutex.locked { keys.keys }");
            return keySet;
        } catch (Throwable th) {
            lock.unlock();
            throw th;
        }
    }

    @NotNull
    public final Set<KeyPair> getKeyPairs() {
        ThreadBox<InnerState> threadBox = this.mutex;
        ReentrantLock lock = threadBox.getLock();
        lock.lock();
        try {
            HashMap<PublicKey, PrivateKey> keys = ((InnerState) threadBox.getContent()).getKeys();
            ArrayList arrayList = new ArrayList(keys.size());
            for (Map.Entry<PublicKey, PrivateKey> entry : keys.entrySet()) {
                arrayList.add(new KeyPair(entry.getKey(), entry.getValue()));
            }
            Set<KeyPair> set = CollectionsKt.toSet(arrayList);
            lock.unlock();
            return set;
        } catch (Throwable th) {
            lock.unlock();
            throw th;
        }
    }

    @Override // net.corda.node.services.keys.KeyManagementServiceInternal
    public void start(@NotNull final Set<KeyPair> set) {
        Intrinsics.checkParameterIsNotNull(set, "initialKeyPairs");
        ThreadBox<InnerState> threadBox = this.mutex;
        ReentrantLock lock = threadBox.getLock();
        lock.lock();
        try {
            InnerState innerState = (InnerState) threadBox.getContent();
            for (KeyPair keyPair : set) {
                final Ref.ObjectRef objectRef = new Ref.ObjectRef();
                objectRef.element = keyPair.getPrivate();
                if ((((PrivateKey) objectRef.element) instanceof AliasPrivateKey) && (this.cryptoService instanceof BCCryptoService)) {
                    objectRef.element = (PrivateKey) this.cryptoService.getCertificateStore().query(new Function1<X509KeyStore, PrivateKey>() { // from class: net.corda.node.services.keys.E2ETestKeyManagementService$start$$inlined$locked$lambda$1
                        /* JADX INFO: Access modifiers changed from: package-private */
                        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                        {
                            super(1);
                        }

                        @NotNull
                        public final PrivateKey invoke(@NotNull X509KeyStore x509KeyStore) {
                            BCCryptoService bCCryptoService;
                            Intrinsics.checkParameterIsNotNull(x509KeyStore, "$receiver");
                            AliasPrivateKey aliasPrivateKey = (PrivateKey) objectRef.element;
                            if (aliasPrivateKey == null) {
                                throw new TypeCastException("null cannot be cast to non-null type net.corda.core.crypto.internal.AliasPrivateKey");
                            }
                            String alias = aliasPrivateKey.getAlias();
                            bCCryptoService = this.cryptoService;
                            return x509KeyStore.getPrivateKey(alias, bCCryptoService.getCertificateStore().getEntryPassword());
                        }
                    });
                }
                HashMap<PublicKey, PrivateKey> keys = innerState.getKeys();
                PublicKey publicKey = keyPair.getPublic();
                Intrinsics.checkExpressionValueIsNotNull(publicKey, "key.public");
                PrivateKey privateKey = (PrivateKey) objectRef.element;
                Intrinsics.checkExpressionValueIsNotNull(privateKey, "privateKey");
                keys.put(publicKey, privateKey);
            }
            Unit unit = Unit.INSTANCE;
            lock.unlock();
        } catch (Throwable th) {
            lock.unlock();
            throw th;
        }
    }

    @Override // net.corda.node.services.keys.KeyManagementServiceInternal
    @NotNull
    public PublicKey freshKeyInternal(@Nullable UUID uuid) {
        if (uuid != null) {
            throw new UnsupportedOperationException("This operation is only supported by persistent key management service variants.");
        }
        KeyPair generateKeyPair = CryptoUtils.generateKeyPair();
        ThreadBox<InnerState> threadBox = this.mutex;
        ReentrantLock lock = threadBox.getLock();
        lock.lock();
        try {
            HashMap<PublicKey, PrivateKey> keys = ((InnerState) threadBox.getContent()).getKeys();
            PublicKey publicKey = generateKeyPair.getPublic();
            Intrinsics.checkExpressionValueIsNotNull(publicKey, "keyPair.public");
            PrivateKey privateKey = generateKeyPair.getPrivate();
            Intrinsics.checkExpressionValueIsNotNull(privateKey, "keyPair.private");
            keys.put(publicKey, privateKey);
            Unit unit = Unit.INSTANCE;
            lock.unlock();
            PublicKey publicKey2 = generateKeyPair.getPublic();
            Intrinsics.checkExpressionValueIsNotNull(publicKey2, "keyPair.public");
            return publicKey2;
        } catch (Throwable th) {
            lock.unlock();
            throw th;
        }
    }

    @Override // net.corda.node.services.keys.KeyManagementServiceInternal
    @NotNull
    public ContentSigner getSigner(@NotNull PublicKey publicKey) {
        Intrinsics.checkParameterIsNotNull(publicKey, "publicKey");
        return KMSUtilsKt.getSigner(getSigningKeyPair(publicKey));
    }

    private final KeyPair getSigningKeyPair(PublicKey publicKey) {
        ThreadBox<InnerState> threadBox = this.mutex;
        ReentrantLock lock = threadBox.getLock();
        lock.lock();
        try {
            InnerState innerState = (InnerState) threadBox.getContent();
            for (Object obj : CryptoUtils.getKeys(publicKey)) {
                if (innerState.getKeys().containsKey((PublicKey) obj)) {
                    PublicKey publicKey2 = (PublicKey) obj;
                    PrivateKey privateKey = innerState.getKeys().get(publicKey2);
                    if (privateKey == null) {
                        Intrinsics.throwNpe();
                    }
                    KeyPair keyPair = new KeyPair(publicKey2, privateKey);
                    lock.unlock();
                    return keyPair;
                }
            }
            throw new NoSuchElementException("Collection contains no element matching the predicate.");
        } catch (Throwable th) {
            lock.unlock();
            throw th;
        }
    }

    @NotNull
    public Iterable<PublicKey> filterMyKeys(@NotNull Iterable<? extends PublicKey> iterable) {
        Intrinsics.checkParameterIsNotNull(iterable, "candidateKeys");
        ThreadBox<InnerState> threadBox = this.mutex;
        ReentrantLock lock = threadBox.getLock();
        lock.lock();
        try {
            InnerState innerState = (InnerState) threadBox.getContent();
            ArrayList arrayList = new ArrayList();
            for (PublicKey publicKey : iterable) {
                if (innerState.getKeys().containsKey(publicKey)) {
                    arrayList.add(publicKey);
                }
            }
            ArrayList arrayList2 = arrayList;
            lock.unlock();
            return arrayList2;
        } catch (Throwable th) {
            lock.unlock();
            throw th;
        }
    }

    @NotNull
    public DigitalSignature.WithKey sign(@NotNull byte[] bArr, @NotNull PublicKey publicKey) {
        Intrinsics.checkParameterIsNotNull(bArr, "bytes");
        Intrinsics.checkParameterIsNotNull(publicKey, "publicKey");
        return CryptoUtils.sign(getSigningKeyPair(publicKey), bArr);
    }

    @NotNull
    public TransactionSignature sign(@NotNull SignableData signableData, @NotNull PublicKey publicKey) {
        Intrinsics.checkParameterIsNotNull(signableData, "signableData");
        Intrinsics.checkParameterIsNotNull(publicKey, "publicKey");
        return CryptoUtils.sign(getSigningKeyPair(publicKey), signableData);
    }

    @Override // net.corda.node.services.keys.KeyManagementServiceInternal
    @NotNull
    public IdentityService getIdentityService() {
        return this.identityService;
    }

    public E2ETestKeyManagementService(@NotNull IdentityService identityService, @Nullable CryptoService cryptoService) {
        Intrinsics.checkParameterIsNotNull(identityService, "identityService");
        this.identityService = identityService;
        this.cryptoService = cryptoService;
        this.mutex = new ThreadBox<>(new InnerState(), (ReentrantLock) null, 2, (DefaultConstructorMarker) null);
    }

    public /* synthetic */ E2ETestKeyManagementService(IdentityService identityService, CryptoService cryptoService, int i, DefaultConstructorMarker defaultConstructorMarker) {
        this(identityService, (i & 2) != 0 ? (CryptoService) null : cryptoService);
    }

    @Override // net.corda.node.services.keys.KeyManagementServiceInternal
    @NotNull
    public PublicKey freshKey() {
        return KeyManagementServiceInternal.DefaultImpls.freshKey(this);
    }

    @Override // net.corda.node.services.keys.KeyManagementServiceInternal
    @NotNull
    public PublicKey freshKey(@NotNull UUID uuid) {
        Intrinsics.checkParameterIsNotNull(uuid, "externalId");
        return KeyManagementServiceInternal.DefaultImpls.freshKey(this, uuid);
    }

    @Override // net.corda.node.services.keys.KeyManagementServiceInternal
    @NotNull
    public PartyAndCertificate freshKeyAndCert(@NotNull PartyAndCertificate partyAndCertificate, boolean z) {
        Intrinsics.checkParameterIsNotNull(partyAndCertificate, "identity");
        return KeyManagementServiceInternal.DefaultImpls.freshKeyAndCert(this, partyAndCertificate, z);
    }

    @Override // net.corda.node.services.keys.KeyManagementServiceInternal
    @NotNull
    public PartyAndCertificate freshKeyAndCert(@NotNull PartyAndCertificate partyAndCertificate, boolean z, @NotNull UUID uuid) {
        Intrinsics.checkParameterIsNotNull(partyAndCertificate, "identity");
        Intrinsics.checkParameterIsNotNull(uuid, "externalId");
        return KeyManagementServiceInternal.DefaultImpls.freshKeyAndCert(this, partyAndCertificate, z, uuid);
    }
}
