package org.drasyl.crypto;

import com.google.common.primitives.UnsignedBytes;
import com.goterl.lazysodium.LazySodiumJava;
import com.goterl.lazysodium.SodiumJava;
import com.goterl.lazysodium.exceptions.SodiumException;
import com.goterl.lazysodium.utils.SessionPair;
import java.security.SecureRandom;
import java.util.Objects;
import org.drasyl.identity.IdentityPublicKey;
import org.drasyl.identity.IdentitySecretKey;
import org.drasyl.identity.Key;
import org.drasyl.identity.KeyAgreementPublicKey;
import org.drasyl.identity.KeyAgreementSecretKey;
import org.drasyl.identity.KeyPair;
import org.drasyl.identity.PublicKey;
import org.drasyl.identity.SecretKey;
import org.drasyl.remote.protocol.Nonce;

/* loaded from: input_file:org/drasyl/crypto/Crypto.class */
public class Crypto {
    public static final Crypto INSTANCE = new Crypto(new LazySodiumJava(new SodiumJava()));
    public static final SecureRandom CSPRNG;
    public static final short PK_LONG_TIME_KEY_LENGTH = 32;
    public static final short SK_LONG_TIME_KEY_LENGTH = 64;
    public static final short PK_CURVE_25519_KEY_LENGTH = 32;
    public static final short SK_CURVE_25519_KEY_LENGTH = 32;
    private final LazySodiumJava sodium;

    Crypto(LazySodiumJava lazySodiumJava) {
        this.sodium = lazySodiumJava;
    }

    public static int compare(Key key, Key key2) {
        return Integer.signum(UnsignedBytes.lexicographicalComparator().compare(key.toByteArray(), key2.toByteArray()));
    }

    public static String randomString(int i) {
        return HexUtil.bytesToHex(randomBytes(i));
    }

    public static byte[] randomBytes(int i) {
        byte[] bArr = new byte[i];
        CSPRNG.nextBytes(bArr);
        return bArr;
    }

    public static int randomNumber(int i) {
        return CSPRNG.nextInt(i);
    }

    public LazySodiumJava getSodium() {
        return this.sodium;
    }

    public KeyPair<IdentityPublicKey, IdentitySecretKey> generateLongTimeKeyPair() throws CryptoException {
        byte[] randomBytes = randomBytes(32);
        byte[] randomBytes2 = randomBytes(64);
        if (this.sodium.cryptoSignKeypair(randomBytes, randomBytes2)) {
            return KeyPair.of(IdentityPublicKey.of(randomBytes), IdentitySecretKey.of(randomBytes2));
        }
        throw new CryptoException("Could not generate a signing keypair.");
    }

    public KeyPair<KeyAgreementPublicKey, KeyAgreementSecretKey> convertLongTimeKeyPairToKeyAgreementKeyPair(KeyPair<IdentityPublicKey, IdentitySecretKey> keyPair) throws CryptoException {
        byte[] bArr = new byte[32];
        byte[] bArr2 = new byte[32];
        boolean convertPublicKeyEd25519ToCurve25519 = this.sodium.convertPublicKeyEd25519ToCurve25519(bArr, keyPair.getPublicKey().toByteArray());
        boolean convertSecretKeyEd25519ToCurve25519 = this.sodium.convertSecretKeyEd25519ToCurve25519(bArr2, keyPair.getSecretKey().toByteArray());
        if (convertPublicKeyEd25519ToCurve25519 && convertSecretKeyEd25519ToCurve25519) {
            return KeyPair.of(KeyAgreementPublicKey.of(bArr), KeyAgreementSecretKey.of(bArr2));
        }
        throw new CryptoException("Could not convert this key pair.");
    }

    public KeyAgreementPublicKey convertIdentityKeyToKeyAgreementKey(IdentityPublicKey identityPublicKey) throws CryptoException {
        byte[] bArr = new byte[32];
        if (this.sodium.convertPublicKeyEd25519ToCurve25519(bArr, identityPublicKey.toByteArray())) {
            return KeyAgreementPublicKey.of(bArr);
        }
        throw new CryptoException("Could not convert this key.");
    }

    public KeyPair<KeyAgreementPublicKey, KeyAgreementSecretKey> generateEphemeralKeyPair() throws CryptoException {
        byte[] randomBytes = randomBytes(32);
        byte[] randomBytes2 = randomBytes(32);
        if (this.sodium.successful(this.sodium.getSodium().crypto_kx_keypair(randomBytes, randomBytes2))) {
            return KeyPair.of(KeyAgreementPublicKey.of(randomBytes), KeyAgreementSecretKey.of(randomBytes2));
        }
        throw new CryptoException("Unable to create a public and private key.");
    }

    public <P extends PublicKey, S extends SecretKey> SessionPair generateSessionKeyPair(KeyPair<P, S> keyPair, PublicKey publicKey) throws CryptoException {
        try {
            switch (compare(keyPair.getPublicKey(), publicKey)) {
                case -1:
                    return this.sodium.cryptoKxClientSessionKeys(keyPair.getPublicKey().toSodiumKey(), keyPair.getSecretKey().toSodiumKey(), publicKey.toSodiumKey());
                case 0:
                    throw new CryptoException("Attention, there is probably an implementation error. Sessions with yourself are not supported!");
                case 1:
                    return this.sodium.cryptoKxServerSessionKeys(keyPair.getPublicKey().toSodiumKey(), keyPair.getSecretKey().toSodiumKey(), publicKey.toSodiumKey());
                default:
                    throw new CryptoException("Unknown error during session generation.");
            }
        } catch (SodiumException e) {
            throw new CryptoException((Exception) e);
        }
    }

    public byte[] encrypt(byte[] bArr, byte[] bArr2, Nonce nonce, SessionPair sessionPair) throws CryptoException {
        Objects.requireNonNull(bArr);
        Objects.requireNonNull(bArr2);
        long length = bArr2.length;
        byte[] bArr3 = new byte[bArr.length + 16];
        if (this.sodium.cryptoAeadXChaCha20Poly1305IetfEncrypt(bArr3, (long[]) null, bArr, bArr.length, bArr2, length, (byte[]) null, nonce.toByteArray(), sessionPair.getTx())) {
            return bArr3;
        }
        throw new CryptoException("Could not encrypt the given message with the given parameters.");
    }

    public byte[] decrypt(byte[] bArr, byte[] bArr2, Nonce nonce, SessionPair sessionPair) throws CryptoException {
        Objects.requireNonNull(bArr);
        Objects.requireNonNull(bArr2);
        if (bArr.length < 16) {
            throw new CryptoException("Could not decrypt the given cipher text. Cipher text is smaller than 16 bytes");
        }
        long length = bArr2.length;
        byte[] bArr3 = new byte[bArr.length - 16];
        if (this.sodium.cryptoAeadXChaCha20Poly1305IetfDecrypt(bArr3, (long[]) null, (byte[]) null, bArr, bArr.length, bArr2, length, nonce.toByteArray(), sessionPair.getRx())) {
            return bArr3;
        }
        throw new CryptoException("Could not decrypt the given cipher text.");
    }

    public byte[] sign(byte[] bArr, IdentitySecretKey identitySecretKey) throws CryptoException {
        byte[] bArr2 = new byte[64];
        if (this.sodium.cryptoSignDetached(bArr2, bArr, bArr.length, identitySecretKey.toByteArray())) {
            return bArr2;
        }
        throw new CryptoException("Could not create a signature for your message in detached mode.");
    }

    public boolean verifySignature(byte[] bArr, byte[] bArr2, IdentityPublicKey identityPublicKey) {
        return this.sodium.cryptoSignVerifyDetached(bArr, bArr2, bArr2.length, identityPublicKey.toByteArray());
    }

    static {
        SecureRandom secureRandom;
        try {
            secureRandom = SecureRandom.getInstance("Windows-PRNG");
        } catch (Throwable th) {
            secureRandom = new SecureRandom();
        }
        CSPRNG = secureRandom;
    }
}
