package ch.admin.bj.swiyu.didtoolbox;

import ch.admin.bj.swiyu.didtoolbox.DidLogMetaPeeker;
import ch.admin.eid.didresolver.Did;
import ch.admin.eid.didresolver.DidResolveException;
import ch.admin.eid.didtoolbox.DidDoc;
import ch.admin.eid.didtoolbox.Jwk;
import ch.admin.eid.didtoolbox.VerificationMethod;
import com.google.gson.JsonArray;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import com.google.gson.JsonPrimitive;
import com.nimbusds.jose.jwk.JWKParameterNames;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import java.time.temporal.ChronoUnit;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import lombok.Generated;

/* loaded from: input_file:ch/admin/bj/swiyu/didtoolbox/TdwUpdater.class */
public class TdwUpdater {
    private static String SCID_PLACEHOLDER = "{SCID}";
    private Map<String, String> assertionMethodKeys;
    private Map<String, String> authenticationKeys;
    private VerificationMethodKeyProvider verificationMethodKeyProvider;
    private Set<File> updateKeys;

    @Generated
    /* loaded from: input_file:ch/admin/bj/swiyu/didtoolbox/TdwUpdater$TdwUpdaterBuilder.class */
    public static class TdwUpdaterBuilder {

        @Generated
        private Map<String, String> assertionMethodKeys;

        @Generated
        private Map<String, String> authenticationKeys;

        @Generated
        private boolean verificationMethodKeyProvider$set;

        @Generated
        private VerificationMethodKeyProvider verificationMethodKeyProvider$value;

        @Generated
        private Set<File> updateKeys;

        @Generated
        TdwUpdaterBuilder() {
        }

        @Generated
        public TdwUpdaterBuilder assertionMethodKeys(Map<String, String> map) {
            this.assertionMethodKeys = map;
            return this;
        }

        @Generated
        public TdwUpdaterBuilder authenticationKeys(Map<String, String> map) {
            this.authenticationKeys = map;
            return this;
        }

        @Generated
        public TdwUpdaterBuilder verificationMethodKeyProvider(VerificationMethodKeyProvider verificationMethodKeyProvider) {
            this.verificationMethodKeyProvider$value = verificationMethodKeyProvider;
            this.verificationMethodKeyProvider$set = true;
            return this;
        }

        @Generated
        public TdwUpdaterBuilder updateKeys(Set<File> set) {
            this.updateKeys = set;
            return this;
        }

        @Generated
        public TdwUpdater build() {
            VerificationMethodKeyProvider verificationMethodKeyProvider = this.verificationMethodKeyProvider$value;
            if (!this.verificationMethodKeyProvider$set) {
                verificationMethodKeyProvider = TdwUpdater.$default$verificationMethodKeyProvider();
            }
            return new TdwUpdater(this.assertionMethodKeys, this.authenticationKeys, verificationMethodKeyProvider, this.updateKeys);
        }

        @Generated
        public String toString() {
            return "TdwUpdater.TdwUpdaterBuilder(assertionMethodKeys=" + String.valueOf(this.assertionMethodKeys) + ", authenticationKeys=" + String.valueOf(this.authenticationKeys) + ", verificationMethodKeyProvider$value=" + String.valueOf(this.verificationMethodKeyProvider$value) + ", updateKeys=" + String.valueOf(this.updateKeys) + ")";
        }
    }

    private static JsonObject verificationMethodAsJsonObject(VerificationMethod verificationMethod) {
        Jwk publicKeyJwk = verificationMethod.getPublicKeyJwk();
        JsonObject jsonObject = new JsonObject();
        jsonObject.addProperty(JWKParameterNames.KEY_TYPE, publicKeyJwk.getKty());
        jsonObject.addProperty("crv", publicKeyJwk.getCrv());
        jsonObject.addProperty("kid", publicKeyJwk.getKid());
        jsonObject.addProperty("x", publicKeyJwk.getX());
        jsonObject.addProperty(JWKParameterNames.ELLIPTIC_CURVE_Y_COORDINATE, publicKeyJwk.getY());
        JsonObject jsonObject2 = new JsonObject();
        jsonObject2.addProperty("id", verificationMethod.getId());
        jsonObject2.addProperty("controller", verificationMethod.getController());
        jsonObject2.addProperty("type", "JsonWebKey2020");
        jsonObject2.add("publicKeyJwk", jsonObject);
        return jsonObject2;
    }

    private static JsonObject buildVerificationMethodWithPublicKeyJwk(String str, String str2, String str3) throws TdwUpdaterException {
        JsonObject jsonObject = new JsonObject();
        jsonObject.addProperty("id", str + "#" + str2);
        jsonObject.addProperty("controller", str);
        jsonObject.addProperty("type", "JsonWebKey2020");
        jsonObject.add("publicKeyJwk", JsonParser.parseString(str3).getAsJsonObject());
        return jsonObject;
    }

    public String update(String str) throws TdwUpdaterException {
        return update(str, ZonedDateTime.now());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String update(File file) throws TdwUpdaterException, IOException {
        return update(Files.readString(file.toPath()), ZonedDateTime.now());
    }

    String update(String str, ZonedDateTime zonedDateTime) throws TdwUpdaterException {
        Did did = null;
        try {
            try {
                DidLogMetaPeeker.DidLogMeta peek = DidLogMetaPeeker.peek(str);
                String str2 = peek.didDocId;
                did = new Did(str2);
                DidDoc resolve = did.resolve(str);
                if (did != null) {
                    did.close();
                }
                if (peek.params.deactivated != null && peek.params.deactivated.booleanValue()) {
                    throw new TdwUpdaterException("DID already deactivated");
                }
                if (!this.verificationMethodKeyProvider.isKeyMultibaseInSet(peek.params.updateKeys)) {
                    throw new TdwUpdaterException("Update key mismatch");
                }
                ZonedDateTime parse = ZonedDateTime.parse(peek.dateTime);
                if (zonedDateTime.isBefore(parse) || zonedDateTime.isEqual(parse)) {
                    throw new TdwUpdaterException("The versionTime of the last entry MUST be earlier than the current time");
                }
                JsonObject jsonObject = new JsonObject();
                JsonArray jsonArray = new JsonArray();
                Iterator<String> it = resolve.getContext().iterator();
                while (it.hasNext()) {
                    jsonArray.add(it.next());
                }
                jsonObject.add("@context", jsonArray);
                jsonObject.addProperty("id", str2);
                if ((this.authenticationKeys == null || this.authenticationKeys.isEmpty()) && (this.assertionMethodKeys == null || this.assertionMethodKeys.isEmpty())) {
                    throw new TdwUpdaterException("No update will take place as no verification material is supplied whatsoever");
                }
                JsonArray jsonArray2 = new JsonArray();
                if (this.authenticationKeys != null && !this.authenticationKeys.isEmpty()) {
                    JsonArray jsonArray3 = new JsonArray();
                    for (Map.Entry<String, String> entry : this.authenticationKeys.entrySet()) {
                        jsonArray3.add(str2 + "#" + entry.getKey());
                        jsonArray2.add(buildVerificationMethodWithPublicKeyJwk(str2, entry.getKey(), entry.getValue()));
                    }
                    jsonObject.add("authentication", jsonArray3);
                }
                if (this.assertionMethodKeys != null && !this.assertionMethodKeys.isEmpty()) {
                    JsonArray jsonArray4 = new JsonArray();
                    for (Map.Entry<String, String> entry2 : this.assertionMethodKeys.entrySet()) {
                        jsonArray4.add(str2 + "#" + entry2.getKey());
                        jsonArray2.add(buildVerificationMethodWithPublicKeyJwk(str2, entry2.getKey(), entry2.getValue()));
                    }
                    jsonObject.add("assertionMethod", jsonArray4);
                }
                jsonObject.add("verificationMethod", jsonArray2);
                JsonArray jsonArray5 = new JsonArray();
                jsonArray5.add(peek.lastVersionId);
                jsonArray5.add(DateTimeFormatter.ISO_INSTANT.format(zonedDateTime.truncatedTo(ChronoUnit.SECONDS)));
                if (this.updateKeys != null) {
                    JsonArray jsonArray6 = new JsonArray();
                    if (!peek.params.updateKeys.containsAll(Set.of(this.updateKeys.stream().map(file -> {
                        try {
                            return PemUtils.parsePEMFilePublicKeyEd25519Multibase(file);
                        } catch (Exception e) {
                            return null;
                        }
                    }).toArray(i -> {
                        return new String[i];
                    })))) {
                        Iterator<File> it2 = this.updateKeys.iterator();
                        while (it2.hasNext()) {
                            try {
                                String parsePEMFilePublicKeyEd25519Multibase = PemUtils.parsePEMFilePublicKeyEd25519Multibase(it2.next());
                                if (!jsonArray6.contains(new JsonPrimitive(parsePEMFilePublicKeyEd25519Multibase))) {
                                    jsonArray6.add(parsePEMFilePublicKeyEd25519Multibase);
                                }
                            } catch (Exception e) {
                                throw new TdwUpdaterException(e);
                            }
                        }
                    }
                    JsonObject jsonObject2 = new JsonObject();
                    if (!jsonArray6.isEmpty()) {
                        jsonObject2.add("updateKeys", jsonArray6);
                    }
                    jsonArray5.add(jsonObject2);
                } else {
                    jsonArray5.add(new JsonObject());
                }
                JsonObject jsonObject3 = new JsonObject();
                jsonObject3.add("value", jsonObject);
                jsonArray5.add(jsonObject3);
                try {
                    String buildSCID = JCSHasher.buildSCID(jsonArray5.toString());
                    JsonArray jsonArray7 = new JsonArray();
                    String str3 = (peek.lastVersionNumber + 1) + "-" + buildSCID;
                    jsonArray7.add(str3);
                    jsonArray7.add(jsonArray5.get(1));
                    jsonArray7.add(jsonArray5.get(2));
                    jsonArray7.add(jsonArray5.get(3));
                    JsonArray jsonArray8 = new JsonArray();
                    try {
                        JsonObject buildDataIntegrityProof = JCSHasher.buildDataIntegrityProof(jsonObject, false, this.verificationMethodKeyProvider, str3, "authentication", zonedDateTime);
                        buildDataIntegrityProof.addProperty("verificationMethod", "did:key:" + this.verificationMethodKeyProvider.getVerificationKeyMultibase() + "#" + this.verificationMethodKeyProvider.getVerificationKeyMultibase());
                        jsonArray8.add(buildDataIntegrityProof);
                        jsonArray7.add(jsonArray8);
                        Did did2 = new Did(peek.didDocId);
                        try {
                            try {
                                did2.resolve(str.trim() + System.lineSeparator() + jsonArray7);
                                did2.close();
                                return jsonArray7.toString();
                            } catch (DidResolveException e2) {
                                throw new RuntimeException("Updating the DID log resulted in unresolvable/unverifiable DID log", e2);
                            }
                        } catch (Throwable th) {
                            did2.close();
                            throw th;
                        }
                    } catch (IOException e3) {
                        throw new TdwUpdaterException("Fail to build DID doc data integrity proof", e3);
                    }
                } catch (IOException e4) {
                    throw new TdwUpdaterException(e4);
                }
            } catch (DidLogMetaPeekerException | DidResolveException e5) {
                throw new TdwUpdaterException("Unresolvable/unverifiable DID log detected", e5);
            }
        } catch (Throwable th2) {
            if (did != null) {
                did.close();
            }
            throw th2;
        }
    }

    @Generated
    private static VerificationMethodKeyProvider $default$verificationMethodKeyProvider() {
        return new Ed25519VerificationMethodKeyProviderImpl();
    }

    @Generated
    TdwUpdater(Map<String, String> map, Map<String, String> map2, VerificationMethodKeyProvider verificationMethodKeyProvider, Set<File> set) {
        this.assertionMethodKeys = map;
        this.authenticationKeys = map2;
        this.verificationMethodKeyProvider = verificationMethodKeyProvider;
        this.updateKeys = set;
    }

    @Generated
    public static TdwUpdaterBuilder builder() {
        return new TdwUpdaterBuilder();
    }

    @Generated
    private Map<String, String> getAssertionMethodKeys() {
        return this.assertionMethodKeys;
    }

    @Generated
    private Map<String, String> getAuthenticationKeys() {
        return this.authenticationKeys;
    }

    @Generated
    private VerificationMethodKeyProvider getVerificationMethodKeyProvider() {
        return this.verificationMethodKeyProvider;
    }

    @Generated
    private Set<File> getUpdateKeys() {
        return this.updateKeys;
    }
}
