package com.webank.weid.service.impl;

import com.webank.weid.constant.ErrorCode;
import com.webank.weid.constant.WeIdConstant;
import com.webank.weid.exception.WeIdBaseException;
import com.webank.weid.protocol.base.EvidenceInfo;
import com.webank.weid.protocol.base.WeIdDocument;
import com.webank.weid.protocol.base.WeIdPrivateKey;
import com.webank.weid.protocol.inf.Hashable;
import com.webank.weid.protocol.response.ResponseData;
import com.webank.weid.rpc.EvidenceService;
import com.webank.weid.rpc.WeIdService;
import com.webank.weid.service.BaseService;
import com.webank.weid.service.impl.engine.EngineFactory;
import com.webank.weid.service.impl.engine.EvidenceServiceEngine;
import com.webank.weid.util.DataToolUtils;
import com.webank.weid.util.WeIdUtils;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.regex.Pattern;
import org.apache.commons.lang3.StringUtils;
import org.bcos.web3j.abi.datatypes.Address;
import org.bcos.web3j.crypto.ECKeyPair;
import org.bcos.web3j.crypto.Keys;
import org.bcos.web3j.crypto.Sign;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/webank/weid/service/impl/EvidenceServiceImpl.class */
public class EvidenceServiceImpl extends BaseService implements EvidenceService {
    private static final Logger logger = LoggerFactory.getLogger(EvidenceServiceImpl.class);
    private WeIdService weIdService = new WeIdServiceImpl();
    private EvidenceServiceEngine evidenceServiceEngine = EngineFactory.createEvidenceServiceEngine();

    @Override // com.webank.weid.rpc.EvidenceService
    public ResponseData<String> createEvidence(Hashable hashable, WeIdPrivateKey weIdPrivateKey) {
        ResponseData<String> hashValue = getHashValue(hashable);
        return StringUtils.isEmpty(hashValue.getResult()) ? new ResponseData<>("", hashValue.getErrorCode(), hashValue.getErrorMessage()) : !WeIdUtils.isPrivateKeyValid(weIdPrivateKey) ? new ResponseData<>("", ErrorCode.CREDENTIAL_PRIVATE_KEY_NOT_EXISTS) : hashToNewEvidence(hashValue.getResult(), weIdPrivateKey.getPrivateKey(), null);
    }

    @Override // com.webank.weid.rpc.EvidenceService
    public ResponseData<String> createEvidence(Hashable hashable, List<String> list, WeIdPrivateKey weIdPrivateKey) {
        if (list == null || list.size() == 0) {
            return createEvidence(hashable, weIdPrivateKey);
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (!WeIdUtils.isWeIdValid(it.next())) {
                return new ResponseData<>("", ErrorCode.WEID_INVALID);
            }
        }
        ResponseData<String> hashValue = getHashValue(hashable);
        if (StringUtils.isEmpty(hashValue.getResult())) {
            return new ResponseData<>("", hashValue.getErrorCode(), hashValue.getErrorMessage());
        }
        if (!WeIdUtils.isPrivateKeyValid(weIdPrivateKey)) {
            return new ResponseData<>("", ErrorCode.CREDENTIAL_PRIVATE_KEY_NOT_EXISTS);
        }
        LinkedHashSet linkedHashSet = new LinkedHashSet(list);
        list.clear();
        list.addAll(linkedHashSet);
        return StringUtils.isEmpty(getSignerFromPrivKey(list, weIdPrivateKey.getPrivateKey())) ? new ResponseData<>("", ErrorCode.CREDENTIAL_PRIVATE_KEY_NOT_EXISTS) : hashToNewEvidence(hashValue.getResult(), weIdPrivateKey.getPrivateKey(), list);
    }

    private String getSignerFromPrivKey(List<String> list, String str) {
        String convertAddressToWeId = WeIdUtils.convertAddressToWeId(new Address(Keys.getAddress(ECKeyPair.create(new BigInteger(str)))).toString());
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (it.next().equalsIgnoreCase(convertAddressToWeId)) {
                return convertAddressToWeId;
            }
        }
        return "";
    }

    @Override // com.webank.weid.rpc.EvidenceService
    public ResponseData<Boolean> addSignature(Hashable hashable, String str, WeIdPrivateKey weIdPrivateKey) {
        ResponseData<String> hashValue = getHashValue(hashable);
        if (StringUtils.isEmpty(hashValue.getResult())) {
            return new ResponseData<>(false, hashValue.getErrorCode(), hashValue.getErrorMessage());
        }
        if (!WeIdUtils.isPrivateKeyValid(weIdPrivateKey)) {
            return new ResponseData<>(false, ErrorCode.CREDENTIAL_PRIVATE_KEY_NOT_EXISTS);
        }
        if (StringUtils.isEmpty(str) || !WeIdUtils.isValidAddress(str)) {
            logger.error("Evidence argument illegal input: address. ");
            return new ResponseData<>(null, ErrorCode.ILLEGAL_INPUT);
        }
        EvidenceInfo result = getEvidence(str).getResult();
        if (result == null || StringUtils.isEmpty(result.getCredentialHash()) || !result.getCredentialHash().equalsIgnoreCase(hashValue.getResult())) {
            return new ResponseData<>(false, ErrorCode.ILLEGAL_INPUT);
        }
        List<String> signers = result.getSigners();
        String privateKey = weIdPrivateKey.getPrivateKey();
        if (!signers.contains(WeIdUtils.convertAddressToWeId(Keys.getAddress(ECKeyPair.create(new BigInteger(privateKey)))))) {
            return new ResponseData<>(false, ErrorCode.ILLEGAL_INPUT);
        }
        try {
            return this.evidenceServiceEngine.addSignature(DataToolUtils.signMessage(hashValue.getResult(), privateKey), privateKey, str);
        } catch (Exception e) {
            logger.error("create evidence failed due to system error. ", e);
            return new ResponseData<>(false, ErrorCode.CREDENTIAL_EVIDENCE_BASE_ERROR);
        }
    }

    @Override // com.webank.weid.rpc.EvidenceService
    public ResponseData<Boolean> setHashValue(String str, String str2, WeIdPrivateKey weIdPrivateKey) {
        if (!verifyHashValueFormat(str)) {
            return new ResponseData<>(false, ErrorCode.ILLEGAL_INPUT);
        }
        if (!WeIdUtils.isPrivateKeyValid(weIdPrivateKey)) {
            return new ResponseData<>(false, ErrorCode.CREDENTIAL_PRIVATE_KEY_NOT_EXISTS);
        }
        if (StringUtils.isEmpty(str2) || !WeIdUtils.isValidAddress(str2)) {
            logger.error("Evidence argument illegal input: address. ");
            return new ResponseData<>(null, ErrorCode.ILLEGAL_INPUT);
        }
        if (!StringUtils.isEmpty(getEvidence(str2).getResult().getCredentialHash())) {
            logger.error("On Chain hash value is not empty, canceling.");
            return new ResponseData<>(false, ErrorCode.ILLEGAL_INPUT);
        }
        String replaceAll = str.replaceAll(WeIdConstant.HEX_PREFIX, "");
        ArrayList arrayList = new ArrayList();
        arrayList.add(replaceAll.substring(0, WeIdConstant.BYTES32_FIXED_LENGTH.intValue()));
        arrayList.add(replaceAll.substring(WeIdConstant.BYTES32_FIXED_LENGTH.intValue(), WeIdConstant.BYTES32_FIXED_LENGTH.intValue() * 2));
        String privateKey = weIdPrivateKey.getPrivateKey();
        try {
            ResponseData<Boolean> hashValue = this.evidenceServiceEngine.setHashValue(arrayList, privateKey, str2);
            if (!hashValue.getResult().booleanValue()) {
                return hashValue;
            }
            if (!getEvidence(str2).getResult().getCredentialHash().equalsIgnoreCase(str)) {
                logger.error("Failed to update hash on chain for unknown reasons.");
                return new ResponseData<>(false, ErrorCode.CREDENTIAL_EVIDENCE_BASE_ERROR);
            }
            try {
                return this.evidenceServiceEngine.addSignature(DataToolUtils.signMessage(str, privateKey), privateKey, str2);
            } catch (Exception e) {
                logger.error("create evidence failed due to system error. ", e);
                return new ResponseData<>(false, ErrorCode.CREDENTIAL_EVIDENCE_BASE_ERROR);
            }
        } catch (Exception e2) {
            logger.error("create evidence failed due to system error. ", e2);
            return new ResponseData<>(false, ErrorCode.CREDENTIAL_EVIDENCE_BASE_ERROR);
        }
    }

    private ResponseData<String> getHashValue(Hashable hashable) {
        if (hashable == null) {
            return new ResponseData<>(WeIdConstant.HEX_PREFIX, ErrorCode.SUCCESS);
        }
        try {
            String hash = hashable.getHash();
            return StringUtils.isEmpty(hash) ? new ResponseData<>("", ErrorCode.ILLEGAL_INPUT) : new ResponseData<>(hash, ErrorCode.SUCCESS);
        } catch (Exception e) {
            logger.error("Input Object type unsupported: " + hashable.getClass().getName());
            return new ResponseData<>("", ErrorCode.ILLEGAL_INPUT);
        }
    }

    private ResponseData<String> hashToNewEvidence(String str, String str2, List<String> list) {
        Sign.SignatureData signatureData;
        try {
            String replaceAll = str.replaceAll(WeIdConstant.HEX_PREFIX, "");
            ArrayList arrayList = new ArrayList();
            if (StringUtils.isEmpty(replaceAll)) {
                arrayList.add("");
                arrayList.add("");
                signatureData = new Sign.SignatureData((byte) 0, new byte[32], new byte[32]);
            } else {
                arrayList.add(replaceAll.substring(0, WeIdConstant.BYTES32_FIXED_LENGTH.intValue()));
                arrayList.add(replaceAll.substring(WeIdConstant.BYTES32_FIXED_LENGTH.intValue(), WeIdConstant.BYTES32_FIXED_LENGTH.intValue() * 2));
                signatureData = DataToolUtils.signMessage(str, str2);
            }
            ArrayList arrayList2 = new ArrayList();
            arrayList2.add("");
            return this.evidenceServiceEngine.createEvidence(signatureData, arrayList, arrayList2, str2, list);
        } catch (Exception e) {
            logger.error("create evidence failed due to system error. ", e);
            return new ResponseData<>("", ErrorCode.CREDENTIAL_EVIDENCE_BASE_ERROR);
        }
    }

    @Override // com.webank.weid.rpc.EvidenceService
    public ResponseData<EvidenceInfo> getEvidence(String str) {
        if (StringUtils.isEmpty(str) || !WeIdUtils.isValidAddress(str)) {
            logger.error("Evidence argument illegal input: address. ");
            return new ResponseData<>(null, ErrorCode.ILLEGAL_INPUT);
        }
        try {
            ResponseData<EvidenceInfo> info = this.evidenceServiceEngine.getInfo(str);
            if (info.getResult().getCredentialHash().equalsIgnoreCase(WeIdConstant.HEX_PREFIX)) {
                info.getResult().setCredentialHash("");
            }
            return info;
        } catch (Exception e) {
            logger.error("get evidence failed.", e);
            return new ResponseData<>(null, ErrorCode.CREDENTIAL_EVIDENCE_BASE_ERROR);
        }
    }

    private ResponseData<Boolean> verify(String str, String str2) {
        if (!verifyHashValueFormat(str)) {
            return new ResponseData<>(false, ErrorCode.ILLEGAL_INPUT);
        }
        ResponseData<EvidenceInfo> verifyAndGetEvidenceFromChain = verifyAndGetEvidenceFromChain(str2);
        return verifyAndGetEvidenceFromChain.getResult() == null ? new ResponseData<>(false, verifyAndGetEvidenceFromChain.getErrorCode(), verifyAndGetEvidenceFromChain.getErrorMessage()) : verifyHashToEvidenceSignature(str, verifyAndGetEvidenceFromChain.getResult());
    }

    @Override // com.webank.weid.rpc.EvidenceService
    public ResponseData<Boolean> verify(Hashable hashable, String str) {
        ResponseData<String> hashValue = getHashValue(hashable);
        return StringUtils.isEmpty(hashValue.getResult()) ? new ResponseData<>(false, hashValue.getErrorCode(), hashValue.getErrorMessage()) : verify(hashValue.getResult(), str);
    }

    private ResponseData<EvidenceInfo> verifyAndGetEvidenceFromChain(String str) {
        if (WeIdUtils.isValidAddress(str)) {
            ResponseData<EvidenceInfo> evidence = getEvidence(str);
            return evidence.getResult() == null ? new ResponseData<>(null, ErrorCode.getTypeByErrorCode(evidence.getErrorCode().intValue())) : new ResponseData<>(evidence.getResult(), ErrorCode.SUCCESS);
        }
        logger.error("Verify EvidenceInfo input illegal: evidenceInfo address");
        return new ResponseData<>(null, ErrorCode.ILLEGAL_INPUT);
    }

    private ResponseData<Boolean> verifyHashToEvidenceSignature(String str, EvidenceInfo evidenceInfo) {
        if (!StringUtils.equalsIgnoreCase(str, evidenceInfo.getCredentialHash())) {
            logger.error("credential hash mismatches. Off-chain: {}, on-chain: {}", str, evidenceInfo.getCredentialHash());
            return new ResponseData<>(false, ErrorCode.CREDENTIAL_EVIDENCE_HASH_MISMATCH);
        }
        for (int i = 0; i < evidenceInfo.getSignatures().size(); i++) {
            try {
                String str2 = evidenceInfo.getSignatures().get(i);
                boolean z = false;
                int i2 = 0;
                while (true) {
                    if (i2 >= evidenceInfo.getSigners().size()) {
                        break;
                    }
                    String str3 = evidenceInfo.getSigners().get(i2);
                    if (WeIdUtils.isEmptyAddress(new Address(WeIdUtils.convertWeIdToAddress(str3)))) {
                        break;
                    }
                    if (verifySignatureToSigner(str, WeIdUtils.convertAddressToWeId(str3), DataToolUtils.simpleSignatureDeserialization(DataToolUtils.base64Decode(str2.getBytes(StandardCharsets.UTF_8)))).getResult().booleanValue()) {
                        z = true;
                        break;
                    }
                    i2++;
                }
                if (!z) {
                    logger.error("Signature: " + str2 + ", signer mismatch.");
                    return new ResponseData<>(false, ErrorCode.CREDENTIAL_ISSUER_MISMATCH);
                }
            } catch (WeIdBaseException e) {
                logger.error("Generic error occurred during verify evidenceInfo: ", e);
                return new ResponseData<>(false, ErrorCode.CREDENTIAL_EVIDENCE_SIGNATURE_BROKEN);
            } catch (Exception e2) {
                logger.error("Generic error occurred during verify evidenceInfo: ", e2);
                return new ResponseData<>(false, ErrorCode.CREDENTIAL_EVIDENCE_BASE_ERROR);
            }
        }
        return new ResponseData<>(true, ErrorCode.SUCCESS);
    }

    private ResponseData<Boolean> verifySignatureToSigner(String str, String str2, Sign.SignatureData signatureData) {
        try {
            ResponseData<WeIdDocument> weIdDocument = this.weIdService.getWeIdDocument(str2);
            if (weIdDocument.getErrorCode().intValue() != ErrorCode.SUCCESS.getCode()) {
                logger.error("Error occurred when fetching WeIdentity DID document for: {}, msg: {}", str2, weIdDocument.getErrorMessage());
                return new ResponseData<>(false, ErrorCode.CREDENTIAL_WEID_DOCUMENT_ILLEGAL);
            }
            ErrorCode verifySignatureFromWeId = DataToolUtils.verifySignatureFromWeId(str, signatureData, weIdDocument.getResult());
            return verifySignatureFromWeId.getCode() != ErrorCode.SUCCESS.getCode() ? new ResponseData<>(false, verifySignatureFromWeId) : new ResponseData<>(true, ErrorCode.SUCCESS);
        } catch (Exception e) {
            logger.error("error occurred during verifying signatures from chain: ", e);
            return new ResponseData<>(false, ErrorCode.CREDENTIAL_EVIDENCE_BASE_ERROR);
        }
    }

    private boolean verifyHashValueFormat(String str) {
        return !StringUtils.isEmpty(str) && Pattern.compile(WeIdConstant.HASH_VALUE_PATTERN).matcher(str).matches();
    }
}
