package org.drasyl.crypto;

import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.SignatureException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.EllipticCurve;
import java.security.spec.PKCS8EncodedKeySpec;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.ec.CustomNamedCurves;
import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
import org.bouncycastle.jce.ECPointUtil;
import org.bouncycastle.jce.interfaces.ECPrivateKey;
import org.bouncycastle.jce.interfaces.ECPublicKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECNamedCurveSpec;
import org.bouncycastle.jce.spec.ECParameterSpec;
import org.bouncycastle.jce.spec.ECPrivateKeySpec;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/drasyl/crypto/Crypto.class */
public class Crypto {
    public static final SecureRandom SRND = new SecureRandom();
    private static final Logger LOG = LoggerFactory.getLogger(Crypto.class);
    private static final String PROVIDER = "BC";
    private static final String ECDSA = "ECDSA";
    private static final String SHA256_WITH_ECDSA = "SHA256withECDSA";
    private static final String CURVE_NAME = "curve25519";

    Crypto() {
    }

    public static KeyPair generateKeys() {
        try {
            X9ECParameters byName = CustomNamedCurves.getByName(CURVE_NAME);
            AlgorithmParameterSpec eCParameterSpec = new ECParameterSpec(byName.getCurve(), byName.getG(), byName.getN(), byName.getH(), byName.getSeed());
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ECDSA, PROVIDER);
            keyPairGenerator.initialize(eCParameterSpec, SRND);
            return keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new InternalError("Cannot Generate Keys");
        }
    }

    public static KeyPair makeKeyPair(byte[] bArr, byte[] bArr2) throws CryptoException {
        return new KeyPair(getPublicKeyFromBytes(bArr2), getPrivateKeyFromBytes(bArr));
    }

    public static PublicKey getPublicKeyFromBytes(byte[] bArr) throws CryptoException {
        if (bArr.length <= 33) {
            return parseCompressedPublicKey(bArr);
        }
        try {
            return KeyFactory.getInstance(ECDSA, PROVIDER).generatePublic(getKeySpec(bArr));
        } catch (Exception e) {
            throw new CryptoException("Could not parse Key: " + HexUtil.toString(bArr), e);
        }
    }

    public static PrivateKey getPrivateKeyFromBytes(byte[] bArr) throws CryptoException {
        if (bArr.length <= 33) {
            return parseCompressedPrivateKey(bArr);
        }
        try {
            return KeyFactory.getInstance(ECDSA, PROVIDER).generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (Exception e) {
            throw new CryptoException("Could not parse Key: " + HexUtil.toString(bArr), e);
        }
    }

    public static ECPublicKey parseCompressedPublicKey(byte[] bArr) throws CryptoException {
        try {
            X9ECParameters byName = CustomNamedCurves.getByName(CURVE_NAME);
            KeyFactory keyFactory = KeyFactory.getInstance(ECDSA, PROVIDER);
            EllipticCurve convertCurve = EC5Util.convertCurve(byName.getCurve(), byName.getSeed());
            return keyFactory.generatePublic(new ECPublicKeySpec(ECPointUtil.decodePoint(convertCurve, bArr), EC5Util.convertToSpec(byName)));
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    private static ECPublicKeySpec getKeySpec(byte[] bArr) {
        X9ECParameters byName = CustomNamedCurves.getByName(CURVE_NAME);
        ECParameterSpec eCParameterSpec = new ECParameterSpec(byName.getCurve(), byName.getG(), byName.getN(), byName.getH(), byName.getSeed());
        ECNamedCurveSpec eCNamedCurveSpec = new ECNamedCurveSpec(CURVE_NAME, eCParameterSpec.getCurve(), eCParameterSpec.getG(), eCParameterSpec.getN(), eCParameterSpec.getH(), eCParameterSpec.getSeed());
        java.security.spec.ECParameterSpec eCParameterSpec2 = new java.security.spec.ECParameterSpec(eCNamedCurveSpec.getCurve(), eCNamedCurveSpec.getGenerator(), eCNamedCurveSpec.getOrder(), eCNamedCurveSpec.getCofactor());
        return new ECPublicKeySpec(ECPointUtil.decodePoint(eCParameterSpec2.getCurve(), bArr), eCParameterSpec2);
    }

    public static ECPrivateKey parseCompressedPrivateKey(byte[] bArr) throws CryptoException {
        X9ECParameters byName = CustomNamedCurves.getByName(CURVE_NAME);
        try {
            return KeyFactory.getInstance(ECDSA, PROVIDER).generatePrivate(new ECPrivateKeySpec(new BigInteger(bArr), new ECParameterSpec(byName.getCurve(), byName.getG(), byName.getN(), byName.getH(), byName.getSeed())));
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    public static byte[] compressedKey(PublicKey publicKey) throws CryptoException {
        if (publicKey instanceof ECPublicKey) {
            return ((ECPublicKey) publicKey).getQ().getEncoded(true);
        }
        throw new CryptoException(new IllegalArgumentException("Can only compress ECPublicKey"));
    }

    public static byte[] compressedKey(PrivateKey privateKey) throws CryptoException {
        if (privateKey instanceof ECPrivateKey) {
            return ((ECPrivateKey) privateKey).getD().toByteArray();
        }
        throw new CryptoException(new IllegalArgumentException("Can only compress ECPrivateKey"));
    }

    public static void sign(PrivateKey privateKey, Signable signable) throws CryptoException {
        signable.setSignature(new Signature(signMessage(privateKey, signable.getSignableBytes())));
    }

    public static byte[] signMessage(PrivateKey privateKey, byte[] bArr) throws CryptoException {
        try {
            java.security.Signature signature = java.security.Signature.getInstance(SHA256_WITH_ECDSA, PROVIDER);
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException e) {
            throw new CryptoException(e);
        }
    }

    public static boolean verifySignature(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        try {
            return verifySignature(getPublicKeyFromBytes(bArr), bArr2, bArr3);
        } catch (CryptoException e) {
            LOG.error("", e);
            return false;
        }
    }

    public static boolean verifySignature(PublicKey publicKey, byte[] bArr, byte[] bArr2) {
        try {
            java.security.Signature signature = java.security.Signature.getInstance(SHA256_WITH_ECDSA, PROVIDER);
            signature.initVerify(publicKey);
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (Exception e) {
            LOG.error("", e);
            return false;
        }
    }

    public static boolean verifySignature(PublicKey publicKey, Signable signable) {
        if (signable == null || signable.getSignature() == null) {
            return false;
        }
        return verifySignature(publicKey, signable.getSignableBytes(), signable.getSignature().getBytes());
    }

    public static String randomString(int i) {
        byte[] bArr = new byte[i];
        SRND.nextBytes(bArr);
        return HexUtil.bytesToHex(bArr);
    }

    public static int randomNumber(int i) {
        return SRND.nextInt(i);
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
