package io.v.v23.security;

import com.google.common.collect.ImmutableList;
import io.v.v23.context.VContext;
import io.v.v23.security.access.Permissions;
import io.v.v23.security.access.PermissionsAuthorizer;
import io.v.v23.verror.VException;
import io.v.v23.vom.VomUtil;
import java.lang.reflect.Type;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.ECPublicKey;
import java.util.Arrays;
import org.joda.time.DateTime;

/* loaded from: input_file:io/v/v23/security/VSecurity.class */
public class VSecurity {

    /* loaded from: input_file:io/v/v23/security/VSecurity$AuthorizerTypes.class */
    private enum AuthorizerTypes {
        ALLOW_EVERYONE_AUTHORIZER,
        ENDPOINT_AUTHORIZER,
        DEFAULT_AUTHORIZER,
        PUBLIC_KEY_AUTHORIZER
    }

    private static native String[] nativeGetRemoteBlessingNames(VContext vContext, Call call) throws VException;

    private static native String[] nativeGetLocalBlessingNames(VContext vContext, Call call) throws VException;

    private static native String[] nativeGetBlessingNames(VPrincipal vPrincipal, Blessings blessings) throws VException;

    private static native String[] nativeGetSigningBlessingNames(VContext vContext, VPrincipal vPrincipal, Blessings blessings) throws VException;

    private static native void nativeAddToRoots(VPrincipal vPrincipal, Blessings blessings) throws VException;

    public static VSigner newSigner(PrivateKey privateKey, ECPublicKey eCPublicKey) {
        return new ECDSASigner(privateKey, eCPublicKey);
    }

    public static VSigner newInMemorySigner() throws VException {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
            keyPairGenerator.initialize(256);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            return new ECDSASigner(generateKeyPair.getPrivate(), (ECPublicKey) generateKeyPair.getPublic());
        } catch (NoSuchAlgorithmException e) {
            throw new VException("Couldn't mint private key: " + e.getMessage());
        }
    }

    public static VPrincipal newPrincipal() throws VException {
        return VPrincipalImpl.create();
    }

    public static VPrincipal newPrincipal(VSigner vSigner) throws VException {
        return VPrincipalImpl.create(vSigner);
    }

    public static VPrincipal newPrincipal(VSigner vSigner, BlessingStore blessingStore, BlessingRoots blessingRoots) throws VException {
        return VPrincipalImpl.create(vSigner, blessingStore, blessingRoots);
    }

    public static VPrincipal newPersistentPrincipal(String str, String str2) throws VException {
        return VPrincipalImpl.createPersistent(str, str2);
    }

    public static VPrincipal newPersistentPrincipal(VSigner vSigner, String str) throws VException {
        return VPrincipalImpl.createPersistent(vSigner, str);
    }

    public static Blessings unionOfBlessings(Blessings... blessingsArr) throws VException {
        return Blessings.createUnion(blessingsArr);
    }

    public static String[] getRemoteBlessingNames(VContext vContext, Call call) {
        try {
            return nativeGetRemoteBlessingNames(vContext, call);
        } catch (VException e) {
            throw new RuntimeException("Couldn't get blessings for call", e);
        }
    }

    public static String[] getLocalBlessingNames(VContext vContext, Call call) {
        try {
            return nativeGetLocalBlessingNames(vContext, call);
        } catch (VException e) {
            throw new RuntimeException("Couldn't get blessings for call", e);
        }
    }

    public static String[] getBlessingNames(VPrincipal vPrincipal, Blessings blessings) {
        try {
            return nativeGetBlessingNames(vPrincipal, blessings);
        } catch (VException e) {
            throw new RuntimeException("Couldn't get blessing names", e);
        }
    }

    public static String[] getSigningBlessingNames(VContext vContext, VPrincipal vPrincipal, Blessings blessings) {
        try {
            return nativeGetSigningBlessingNames(vContext, vPrincipal, blessings);
        } catch (VException e) {
            throw new RuntimeException("Couldn't get signing blessing names", e);
        }
    }

    public static Caveat newCaveat(CaveatDescriptor caveatDescriptor, Object obj) throws VException {
        return new Caveat(caveatDescriptor.getId(), VomUtil.encode(obj, caveatDescriptor.getParamType().getTypeObject()));
    }

    public static Caveat newExpiryCaveat(DateTime dateTime) throws VException {
        return newCaveat(Constants.EXPIRY_CAVEAT, dateTime);
    }

    public static Caveat newMethodCaveat(String str, String... strArr) throws VException {
        return newCaveat(Constants.METHOD_CAVEAT, ImmutableList.builder().add(str).add(strArr).build());
    }

    public static Caveat newUnconstrainedUseCaveat() throws VException {
        return newCaveat(Constants.CONST_CAVEAT, true);
    }

    public static Call newCall(CallParams callParams) {
        return new CallParamsImpl(callParams);
    }

    public static Authorizer newPermissionsAuthorizer(Permissions permissions, Type type) throws VException {
        return PermissionsAuthorizer.create(permissions, type);
    }

    private static native Authorizer nativeCreateAuthorizer(int i, ECPublicKey eCPublicKey);

    public static Authorizer newAllowEveryoneAuthorizer() {
        return nativeCreateAuthorizer(AuthorizerTypes.ALLOW_EVERYONE_AUTHORIZER.ordinal(), null);
    }

    public static Authorizer newEndpointAuthorizer() {
        return nativeCreateAuthorizer(AuthorizerTypes.ENDPOINT_AUTHORIZER.ordinal(), null);
    }

    public static Authorizer newDefaultAuthorizer() {
        return nativeCreateAuthorizer(AuthorizerTypes.DEFAULT_AUTHORIZER.ordinal(), null);
    }

    public static Authorizer newPublicKeyAuthorizer(ECPublicKey eCPublicKey) {
        return nativeCreateAuthorizer(AuthorizerTypes.PUBLIC_KEY_AUTHORIZER.ordinal(), eCPublicKey);
    }

    public static void verifySignature(VSignature vSignature, ECPublicKey eCPublicKey, byte[] bArr) throws VException {
        String value = vSignature.getHash().getValue();
        String javaSigningAlgorithm = CryptoUtil.javaSigningAlgorithm(value);
        try {
            bArr = CryptoUtil.messageDigest(value, bArr, vSignature.getPurpose(), eCPublicKey);
            byte[] javaSignature = CryptoUtil.javaSignature(vSignature);
            Signature signature = Signature.getInstance(javaSigningAlgorithm);
            signature.initVerify(eCPublicKey);
            signature.update(bArr);
            if (signature.verify(javaSignature)) {
            } else {
                throw new VException("Signature doesn't verify.");
            }
        } catch (InvalidKeyException e) {
            throw new VException("Invalid private key: " + e.getMessage());
        } catch (NoSuchAlgorithmException e2) {
            throw new VException("Verifying algorithm " + javaSigningAlgorithm + " not supported by the runtime: " + e2.getMessage());
        } catch (SignatureException e3) {
            throw new VException("Invalid signing data [ " + Arrays.toString(bArr) + " ]: " + e3.getMessage());
        }
    }

    public static void addToRoots(VPrincipal vPrincipal, Blessings blessings) throws VException {
        nativeAddToRoots(vPrincipal, blessings);
    }

    private VSecurity() {
    }
}
