package snowblossom.lib.tls;

import com.google.protobuf.ByteString;
import com.google.protobuf.InvalidProtocolBufferException;
import snowblossom.lib.DigestUtil;
import snowblossom.lib.NetworkParams;
import snowblossom.lib.SignatureUtil;
import snowblossom.lib.ValidationException;
import snowblossom.proto.AddressSpec;
import snowblossom.proto.SignedMessage;
import snowblossom.proto.SignedMessagePayload;
import snowblossom.proto.WalletKeyPair;

/* loaded from: input_file:snowblossom/lib/tls/MsgSigUtil.class */
public class MsgSigUtil {
    public static SignedMessagePayload validateSignedMessage(SignedMessage signedMessage, NetworkParams networkParams) throws ValidationException {
        try {
            SignedMessagePayload parseFrom = SignedMessagePayload.parseFrom(signedMessage.getPayload());
            ByteString signature = signedMessage.getSignature();
            AddressSpec claim = parseFrom.getClaim();
            if (claim.getRequiredSigners() != 1 || claim.getSigSpecsCount() != 1) {
                throw new ValidationException("Multisig not supported");
            }
            if (!SignatureUtil.checkSignature(claim.getSigSpecs(0), ByteString.copyFrom(DigestUtil.getMD().digest(signedMessage.getPayload().toByteArray())), signature)) {
                throw new ValidationException("Signature match failure");
            }
            if (parseFrom.getTimestamp() > networkParams.getMaxClockSkewMs() + System.currentTimeMillis()) {
                throw new ValidationException("Signed message too far into future");
            }
            return parseFrom;
        } catch (InvalidProtocolBufferException e) {
            throw new ValidationException(e);
        }
    }

    public static SignedMessage signMessage(AddressSpec addressSpec, WalletKeyPair walletKeyPair, SignedMessagePayload signedMessagePayload) throws ValidationException {
        if (addressSpec.getRequiredSigners() != 1 || addressSpec.getSigSpecsCount() != 1) {
            throw new ValidationException("Multisig not supported");
        }
        SignedMessagePayload.Builder newBuilder = SignedMessagePayload.newBuilder();
        newBuilder.mergeFrom(signedMessagePayload);
        newBuilder.setTimestamp(System.currentTimeMillis());
        newBuilder.setClaim(addressSpec);
        ByteString byteString = newBuilder.build().toByteString();
        SignedMessage.Builder newBuilder2 = SignedMessage.newBuilder();
        newBuilder2.setPayload(byteString);
        newBuilder2.setSignature(SignatureUtil.sign(walletKeyPair, ByteString.copyFrom(DigestUtil.getMD().digest(byteString.toByteArray()))));
        return newBuilder2.build();
    }
}
