package com.icodici.crypto;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import net.sergeych.boss.Boss;
import net.sergeych.tools.Binder;
import net.sergeych.tools.Do;

/* loaded from: input_file:com/icodici/crypto/Capsule.class */
public class Capsule {
    private boolean partiallySigned;
    private boolean decryptionFailed;
    private boolean signed;
    private Binder publicData;
    private Binder privateData;
    private Collection<AbstractKey> encryptingKeys;
    private HashMap<String, Binder> signers;

    /* loaded from: input_file:com/icodici/crypto/Capsule$BadSignatureException.class */
    public class BadSignatureException extends FormatException {
        public BadSignatureException() {
            super("bad coffer signature");
        }

        public BadSignatureException(String str) {
            super(str);
        }

        public BadSignatureException(String str, Throwable th) {
            super(str, th);
        }
    }

    /* loaded from: input_file:com/icodici/crypto/Capsule$DecryptionFailedException.class */
    public class DecryptionFailedException extends EncryptionError {
        public DecryptionFailedException(String str) {
            super(str);
        }

        public DecryptionFailedException(String str, Throwable th) {
            super(str, th);
        }
    }

    /* loaded from: input_file:com/icodici/crypto/Capsule$FormatException.class */
    public class FormatException extends EncryptionError {
        public FormatException() {
            super("bad coffer format");
        }

        public FormatException(String str) {
            super(str);
        }

        public FormatException(String str, Throwable th) {
            super(str, th);
        }

        Capsule getCoffer() {
            return Capsule.this;
        }
    }

    /* loaded from: input_file:com/icodici/crypto/Capsule$KeySource.class */
    public interface KeySource {
        Collection<AbstractKey> findKey(KeyInfo keyInfo);
    }

    public Capsule(final String str, byte[] bArr) throws EncryptionError, BadSignatureException {
        this.partiallySigned = false;
        this.signed = false;
        this.publicData = new Binder();
        this.privateData = new Binder();
        this.encryptingKeys = new ArrayList();
        this.signers = new HashMap<>();
        load(bArr, new KeySource() { // from class: com.icodici.crypto.Capsule.1
            @Override // com.icodici.crypto.Capsule.KeySource
            public Collection<AbstractKey> findKey(KeyInfo keyInfo) {
                ArrayList arrayList = new ArrayList();
                if (keyInfo.isPassword()) {
                    arrayList.add(keyInfo.derivePassword(str));
                }
                return arrayList;
            }
        }, true, false);
    }

    public boolean isPartiallySigned() {
        return this.partiallySigned;
    }

    public boolean decryptionFailed() {
        return this.decryptionFailed;
    }

    public void setPrivateData(Object... objArr) {
        setPrivateData(new Binder(objArr));
    }

    public boolean isSigned() {
        return this.signed;
    }

    public Collection<AbstractKey> getSigningKeys() {
        ArrayList arrayList = new ArrayList();
        Iterator<Binder> it = this.signers.values().iterator();
        while (it.hasNext()) {
            arrayList.add((AbstractKey) it.next().get("key"));
        }
        return arrayList;
    }

    public Map<String, Binder> getSigners() {
        return Collections.unmodifiableMap(this.signers);
    }

    public Capsule() {
        this.partiallySigned = false;
        this.signed = false;
        this.publicData = new Binder();
        this.privateData = new Binder();
        this.encryptingKeys = new ArrayList();
        this.signers = new HashMap<>();
    }

    public Capsule(byte[] bArr, KeySource keySource) throws BadSignatureException, IOException {
        this();
        load(bArr, keySource, false, false);
    }

    public Capsule(byte[] bArr, KeySource keySource, boolean z, boolean z2) throws BadSignatureException, IOException {
        this();
        load(bArr, keySource, z, z2);
    }

    public Capsule load(byte[] bArr, KeySource keySource, boolean z, boolean z2) throws BadSignatureException, EncryptionError {
        try {
            Binder binder = unpackPayload(bArr, z).getBinder("private");
            this.decryptionFailed = false;
            if (!binder.isEmpty()) {
                this.privateData = null;
                byte[] binary = binder.getBinary("data");
                Iterator it = binder.getBinders("keys").iterator();
                loop0: while (it.hasNext()) {
                    Binder binder2 = (Binder) it.next();
                    Iterator<AbstractKey> it2 = keySource.findKey(new KeyInfo(binder2.getBinary("keyInfo"))).iterator();
                    while (it2.hasNext()) {
                        try {
                            this.privateData = Boss.unpack(new SymmetricKey(it2.next().decrypt(binder2.getBinary("key"))).etaDecrypt(binary));
                            break loop0;
                        } catch (Exception e) {
                        }
                    }
                }
                if (this.privateData == null) {
                    if (!z2) {
                        throw new DecryptionFailedException("can't decrypt private data");
                    }
                    this.decryptionFailed = true;
                }
            }
            return this;
        } catch (BadSignatureException | DecryptionFailedException e2) {
            throw e2;
        } catch (IOException | IllegalArgumentException e3) {
            throw new FormatException("failed to read capsule", e3);
        }
    }

    private Binder unpackPayload(byte[] bArr, boolean z) throws EncryptionError {
        this.signed = false;
        Binder unpack = Boss.unpack(bArr);
        ArrayList binders = unpack.getBinders("signatures");
        byte[] binary = unpack.getBinary("content");
        Binder unpack2 = Boss.unpack(binary);
        if (!unpack2.get("type").equals("capsule")) {
            throw new FormatException("not capsule/unknown type");
        }
        checkSignatures(binary, binders, unpack2, z);
        this.publicData = unpack2.getBinder("public");
        return unpack2;
    }

    private void checkSignatures(byte[] bArr, Collection<Binder> collection, Binder binder, boolean z) throws EncryptionError {
        this.signed = false;
        this.partiallySigned = false;
        clearSigners();
        if (collection == null || collection.isEmpty()) {
            return;
        }
        Iterator it = binder.getBinders("signers").iterator();
        while (it.hasNext()) {
            Binder binder2 = (Binder) it.next();
            PublicKey publicKey = new PublicKey();
            publicKey.unpack(binder2.getBinary("key"));
            Binder binder3 = new Binder();
            binder3.put("key", publicKey);
            String stringOrThrow = binder2.getStringOrThrow("id");
            binder3.put("id", stringOrThrow);
            binder3.put("data", binder2.getBinder("data"));
            this.signers.put(stringOrThrow, binder3);
        }
        if (this.signers.size() != collection.size() && !z) {
            throw new BadSignatureException("signatures do not match signers");
        }
        for (Binder binder4 : collection) {
            if (!((AbstractKey) this.signers.get(binder4.getStringOrThrow("key")).get("key")).verify(bArr, binder4.getBinary("signature"), HashType.SHA512)) {
                throw new BadSignatureException("signature is broken at " + binder4.getStringOrThrow("key"));
            }
        }
        if (this.signers.isEmpty()) {
            this.partiallySigned = false;
            this.signed = false;
        } else {
            this.signed = this.signers.size() == collection.size();
            this.partiallySigned = !this.signed;
        }
    }

    public void setPublicData(Binder binder) {
        this.publicData = binder;
    }

    public Binder getPublicData() {
        return this.publicData;
    }

    public void setPrivateData(Binder binder) {
        this.privateData = binder;
    }

    public Binder getPrivateData() {
        return this.privateData;
    }

    public void clearSigners() {
        this.signers.clear();
    }

    public void addSigners(Collection<AbstractKey> collection) {
        Iterator<AbstractKey> it = collection.iterator();
        while (it.hasNext()) {
            addSigner(it.next(), null);
        }
    }

    public void addSigners(AbstractKey... abstractKeyArr) {
        addSigners(Do.collection(abstractKeyArr));
    }

    public String addSigner(AbstractKey abstractKey, Binder binder) {
        String valueOf = String.valueOf(this.signers.size());
        this.signers.put(valueOf, new Binder(new Object[]{"id", valueOf, "key", abstractKey, "data", binder}));
        return valueOf;
    }

    Binder getSigner(AbstractKey abstractKey) {
        for (Binder binder : this.signers.values()) {
            if (binder.get("key").equals(abstractKey)) {
                return binder;
            }
        }
        throw new IllegalArgumentException("key is not found");
    }

    String getSignerId(AbstractKey abstractKey) {
        return getSigner(abstractKey).getStringOrThrow("id");
    }

    AbstractKey getSignerKey(String str) {
        return (AbstractKey) this.signers.get(str).get("key");
    }

    public Binder getSignerData(AbstractKey abstractKey) {
        return getSigner(abstractKey).getBinder("data");
    }

    public Binder getSignerData(String str) {
        return this.signers.get(str).getBinder("data");
    }

    public void clearKeys() {
        this.encryptingKeys.clear();
    }

    public void addKeys(Collection<AbstractKey> collection) {
        this.encryptingKeys.addAll(collection);
    }

    public void addKeys(AbstractKey... abstractKeyArr) {
        addKeys(Do.collection(abstractKeyArr));
    }

    public byte[] pack() throws EncryptionError {
        Binder preparePayload = preparePayload();
        HashMap<String, AbstractKey> prepareSigners = prepareSigners(preparePayload);
        Binder binder = new Binder();
        byte[] pack = Boss.pack(preparePayload);
        binder.put("content", pack);
        if (!prepareSigners.isEmpty()) {
            ArrayList arrayList = (ArrayList) binder.set("signatures", new ArrayList());
            for (Map.Entry<String, AbstractKey> entry : prepareSigners.entrySet()) {
                arrayList.add(new Binder(new Object[]{"key", entry.getKey(), "signature", entry.getValue().sign(pack, HashType.SHA512)}));
            }
        }
        return Boss.pack(binder);
    }

    private HashMap<String, AbstractKey> prepareSigners(Binder binder) {
        HashMap<String, AbstractKey> hashMap = new HashMap<>();
        if (this.signers != null && !this.signers.isEmpty()) {
            ArrayList arrayList = (ArrayList) binder.set("signers", new ArrayList());
            for (Binder binder2 : this.signers.values()) {
                String stringOrThrow = binder2.getStringOrThrow("id");
                AbstractKey abstractKey = (AbstractKey) binder2.get("key");
                hashMap.put(stringOrThrow, abstractKey);
                arrayList.add(new Binder(new Object[]{"id", stringOrThrow, "key", abstractKey.getPublicKey().pack(), "data", binder2.getBinder("data")}));
            }
        }
        return hashMap;
    }

    private Binder preparePayload() throws EncryptionError {
        Binder binder = new Binder();
        if (hasPrivate()) {
            if (this.encryptingKeys == null || this.encryptingKeys.isEmpty()) {
                throw new IllegalStateException("missing encryption keys");
            }
            SymmetricKey symmetricKey = new SymmetricKey();
            byte[] pack = symmetricKey.pack();
            Binder binder2 = (Binder) binder.set("private", new Binder());
            ArrayList arrayList = (ArrayList) binder2.set("keys", new ArrayList());
            for (AbstractKey abstractKey : this.encryptingKeys) {
                if (abstractKey == null) {
                    throw new IllegalStateException("null is forbidden in encryption keys");
                }
                arrayList.add(new Binder(new Object[]{"keyInfo", abstractKey.packedInfo(), "key", abstractKey.encrypt(pack)}));
            }
            binder2.put("data", symmetricKey.etaEncrypt(Boss.dumpToArray(this.privateData, new Object[]{CTRTransformer.randomBytes(0, 117)})));
        }
        if (hasPublic()) {
            binder.put("public", this.publicData);
        }
        binder.put("type", "capsule");
        return binder;
    }

    private boolean hasPublic() {
        return (this.publicData == null || this.publicData.isEmpty()) ? false : true;
    }

    private boolean hasPrivate() {
        return (this.privateData == null || this.privateData.isEmpty()) ? false : true;
    }

    public void setPublicData(Object... objArr) {
        setPublicData(new Binder(objArr));
    }

    public boolean equals(Object obj) {
        if (!(obj instanceof Capsule)) {
            return false;
        }
        Capsule capsule = (Capsule) obj;
        if (this.publicData == null || this.publicData.equals(capsule.publicData)) {
            return this.privateData == null || this.privateData.equals(capsule.privateData);
        }
        return false;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder("Capsule(");
        if (hasPublic()) {
            sb.append("public:" + Arrays.toString(this.publicData.entrySet().toArray()));
        }
        if (hasPrivate()) {
            if (hasPublic()) {
                sb.append(",");
            }
            sb.append("private:" + Arrays.toString(this.privateData.entrySet().toArray()));
        }
        return sb.toString() + ")";
    }
}
