package convex.cli.key;

import convex.cli.CLIError;
import convex.core.crypto.AKeyPair;
import convex.core.crypto.BIP39;
import convex.core.data.Blob;
import convex.core.data.Blobs;
import convex.core.data.Hash;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.Arrays;
import picocli.CommandLine;

@CommandLine.Command(name = "generate", aliases = {"gen"}, mixinStandardHelpOptions = true, description = {"Generate private key pair(s) in the currently configured keystore."})
/* loaded from: input_file:convex/cli/key/KeyGenerate.class */
public class KeyGenerate extends AKeyCommand {

    @CommandLine.Option(names = {"--count"}, defaultValue = "1", description = {"Number of keys to generate. Default: ${DEFAULT-VALUE}"})
    private int count;

    @CommandLine.Option(names = {"--words"}, defaultValue = "12", description = {"Number of words in BIP39 mnemonic. Default: ${DEFAULT-VALUE}"})
    private int words;

    @CommandLine.Option(names = {"--type"}, defaultValue = "bip39", description = {"Type of key generation. Supports random, bip39, entropy"})
    private String type;

    @CommandLine.Option(names = {"--passphrase"}, description = {"BIP39 passphrase. If not provided, will be requested from user (or assumed blank in non-interactive mode)."})
    private String passphrase;

    @CommandLine.Option(names = {"-p", "--keypass"}, defaultValue = "${env:CONVEX_KEY_PASSWORD}", scope = CommandLine.ScopeType.INHERIT, description = {"Key pair password for generated key. Can specify with CONVEX_KEY_PASSWORD."})
    protected char[] keyPassword;

    private AKeyPair generateKeyPair() {
        int read;
        if ("bip39".equals(this.type)) {
            if (this.words < 12) {
                paranoia("Can't use less than 12 BIP39 words in strict security mode");
            }
            String createSecureMnemonic = BIP39.createSecureMnemonic(this.words);
            inform("BIP39 mnemonic generated with " + this.words + " words:");
            inform(createSecureMnemonic);
            if (this.passphrase == null) {
                if (isInteractive()) {
                    this.passphrase = new String(readPassword("Enter BIP39 passphrase: "));
                } else {
                    paranoia("Passphrase must be explicity provided");
                    this.passphrase = "";
                }
            }
            if (this.passphrase.isBlank()) {
                paranoia("Cannot use an empty BIP39 passphrase for key generation with strict security");
            }
            return BIP39.seedToKeyPair(BIP39.getSeed(createSecureMnemonic, this.passphrase));
        }
        if ("random".equals(this.type)) {
            return AKeyPair.generate();
        }
        if (!"entropy".equals(this.type)) {
            throw new CLIError(64, "Unsupprted key generation type: " + this.type);
        }
        if (!isInteractive()) {
            throw new CLIError(64, "Entropy based genration requires interactive mode");
        }
        inform("Press some random keys to generate entropy. Press ENTER to finish.");
        Hash contentHash = Blob.createRandom(new SecureRandom(), 64L).getContentHash();
        do {
            try {
                read = System.console().reader().read();
                contentHash = contentHash.append(Blobs.forLong(read).append(Blobs.forLong(System.currentTimeMillis()))).getContentHash();
                informWarning(contentHash.getContentHash().toHexString());
                if (read == 13) {
                    break;
                }
            } catch (IOException e) {
                throw new CLIError(74, "Unable to collect entropy");
            }
        } while (read != 10);
        return AKeyPair.create(contentHash.toFlatBlob());
    }

    @Override // convex.cli.ACommand
    public void execute() {
        if (this.count <= 0) {
            informWarning("No keys generated. Perhaps you want a positive --count ?");
            return;
        }
        for (int i = 0; i < this.count; i++) {
            AKeyPair generateKeyPair = generateKeyPair();
            String hexString = generateKeyPair.getAccountKey().toHexString();
            this.storeMixin.ensureKeyStore();
            inform("Generated key pair with public key: 0x" + generateKeyPair.getAccountKey().toChecksumHex());
            if (this.keyPassword == null) {
                this.keyPassword = readPassword("Enter password for generated key: ");
            }
            this.storeMixin.addKeyPairToStore(generateKeyPair, this.keyPassword);
            println(hexString);
            Arrays.fill(this.keyPassword, 'p');
        }
        this.storeMixin.saveKeyStore();
        informSuccess(this.count + " key(s) generated and saved in store " + String.valueOf(this.storeMixin.getStorePath()));
    }
}
