package snowblossom.lib;

import com.google.common.collect.ImmutableSet;
import com.google.protobuf.ByteString;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.util.ArrayList;
import java.util.Collection;
import java.util.TreeSet;
import snowblossom.proto.SigSpec;
import snowblossom.proto.WalletKeyPair;

/* loaded from: input_file:snowblossom/lib/SignatureUtil.class */
public class SignatureUtil {
    public static final int SIG_TYPE_ECDSA_COMPRESSED = 1;
    public static final int SIG_TYPE_ECDSA = 2;
    public static final int SIG_TYPE_DSA = 3;
    public static final int SIG_TYPE_RSA = 4;
    public static final int SIG_TYPE_DSTU4145 = 5;
    public static ImmutableSet<String> ALLOWED_ECDSA_CURVES = getAllowedECDSACurves();
    public static ImmutableSet<String> ALLOWED_DSTU4145_CURVES = getAllowedDSTU4145Curves();

    public static PublicKey decodePublicKey(SigSpec sigSpec) throws ValidationException {
        int signatureType = sigSpec.getSignatureType();
        ByteString publicKey = sigSpec.getPublicKey();
        if (signatureType == 1) {
            return KeyUtil.convertCompressedECDSA(publicKey);
        }
        String str = "";
        ArrayList<String> extractObjectIdentifiers = KeyUtil.extractObjectIdentifiers(publicKey);
        if (signatureType == 2) {
            str = "ECDSA";
            if (extractObjectIdentifiers.size() != 2) {
                throw new ValidationException("Unexpected number of OIDs in public key");
            }
            if (!ALLOWED_ECDSA_CURVES.contains(extractObjectIdentifiers.get(1))) {
                throw new ValidationException(String.format("OID %s not on allowed list for %s", extractObjectIdentifiers.get(1), str));
            }
        }
        if (signatureType == 3) {
            str = "DSA";
        }
        if (signatureType == 4) {
            str = "RSA";
        }
        if (signatureType == 5) {
            str = "DSTU4145";
            if (extractObjectIdentifiers.size() != 2) {
                throw new ValidationException("Unexpected number of OIDs in public key");
            }
            if (!ALLOWED_DSTU4145_CURVES.contains(extractObjectIdentifiers.get(1))) {
                throw new ValidationException(String.format("OID %s not on allowed list for %s", extractObjectIdentifiers.get(1), str));
            }
        }
        if (str == null) {
            throw new ValidationException(String.format("Unknown sig type %d", Integer.valueOf(signatureType)));
        }
        return KeyUtil.decodeKey(publicKey, str, signatureType);
    }

    public static boolean checkSignature(SigSpec sigSpec, ByteString byteString, ByteString byteString2) throws ValidationException {
        int signatureType = sigSpec.getSignatureType();
        PublicKey decodePublicKey = decodePublicKey(sigSpec);
        try {
            Signature signature = Signature.getInstance(getAlgo(signatureType), Globals.getCryptoProviderName());
            signature.initVerify(decodePublicKey);
            signature.update(byteString.toByteArray());
            return signature.verify(byteString2.toByteArray());
        } catch (Exception e) {
            throw new ValidationException(e);
        }
    }

    public static String getAlgo(int i) throws ValidationException {
        String str = i == 1 ? "ECDSA" : "";
        if (i == 2) {
            str = "ECDSA";
        }
        if (i == 3) {
            str = "DSA";
        }
        if (i == 4) {
            str = "RSA";
        }
        if (i == 5) {
            str = "DSTU4145";
        }
        if (str == null) {
            throw new ValidationException(String.format("Unknown sig type %d", Integer.valueOf(i)));
        }
        return str;
    }

    public static int estimateSignatureBytes(int i) throws ValidationException {
        if (i == 1) {
            return 71;
        }
        if (i == 2) {
            return 120;
        }
        if (i == 3) {
            return 100;
        }
        if (i == 4) {
            return 1024;
        }
        if (i == 5) {
            return 90;
        }
        throw new ValidationException(String.format("Unknown sig type %d", Integer.valueOf(i)));
    }

    public static ByteString sign(WalletKeyPair walletKeyPair, ByteString byteString) throws ValidationException {
        String algo = getAlgo(walletKeyPair.getSignatureType());
        PrivateKey decodePrivateKey = KeyUtil.decodePrivateKey(walletKeyPair.getPrivateKey(), algo);
        try {
            Signature signature = Signature.getInstance(algo, Globals.getCryptoProviderName());
            signature.initSign(decodePrivateKey);
            signature.update(byteString.toByteArray());
            return ByteString.copyFrom(signature.sign());
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        } catch (GeneralSecurityException e2) {
            throw new ValidationException(e2);
        }
    }

    public static ByteString sign(WalletKeyPair walletKeyPair, ChainHash chainHash) throws ValidationException {
        return sign(walletKeyPair, chainHash.getBytes());
    }

    private static ImmutableSet<String> getAllowedECDSACurves() {
        return ImmutableSet.of("1.3.132.0.10", "1.3.132.0.34", "1.3.132.0.35", "1.3.132.0.38", "1.3.132.0.39");
    }

    public static ImmutableSet<String> getAllowedDSTU4145Curves() {
        TreeSet treeSet = new TreeSet();
        for (int i = 0; i <= 9; i++) {
            treeSet.add("1.2.804.2.1.1.1.1.3.1.1.2." + i);
        }
        return ImmutableSet.copyOf((Collection) treeSet);
    }
}
