package io.mosip.vercred.vcverifier.publicKey;

import com.fasterxml.jackson.databind.ObjectMapper;
import io.ipfs.multibase.Base58;
import io.mosip.vercred.vcverifier.constants.CredentialVerifierConstants;
import io.mosip.vercred.vcverifier.exception.PublicKeyNotFoundException;
import io.mosip.vercred.vcverifier.exception.PublicKeyTypeNotSupportedException;
import io.mosip.vercred.vcverifier.utils.Base64Decoder;
import java.io.StringReader;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Map;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin.TuplesKt;
import kotlin.collections.ArraysKt;
import kotlin.collections.CollectionsKt;
import kotlin.collections.MapsKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import org.bouncycastle.jce.ECNamedCurveTable;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
import org.bouncycastle.jce.spec.ECNamedCurveSpec;
import org.bouncycastle.util.encoders.Hex;
import org.bouncycastle.util.io.pem.PemReader;
import org.jetbrains.annotations.NotNull;

/* compiled from: Utils.kt */
@Metadata(mv = {CredentialVerifierConstants.PSS_PARAM_TF, 9, 0}, k = 2, xi = 48, d1 = {"��<\n��\n\u0002\u0010$\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0012\n��\n\u0002\u0018\u0002\n\u0002\b\r\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n��\n\u0002\u0018\u0002\n��\u001a\u0010\u0010\u0006\u001a\u00020\u00072\u0006\u0010\b\u001a\u00020\tH\u0002\u001a\u001c\u0010\n\u001a\u00020\u000b2\u0012\u0010\f\u001a\u000e\u0012\u0004\u0012\u00020\u0002\u0012\u0004\u0012\u00020\u00020\u0001H\u0002\u001a\u000e\u0010\r\u001a\u00020\u000b2\u0006\u0010\u000e\u001a\u00020\u0002\u001a\u0016\u0010\u000f\u001a\u00020\u000b2\u0006\u0010\u000e\u001a\u00020\u00022\u0006\u0010\u0010\u001a\u00020\u0002\u001a\u0016\u0010\u0011\u001a\u00020\u000b2\u0006\u0010\u0012\u001a\u00020\u00022\u0006\u0010\u0010\u001a\u00020\u0002\u001a\u0016\u0010\u0013\u001a\u00020\u000b2\u0006\u0010\u0014\u001a\u00020\u00022\u0006\u0010\u0010\u001a\u00020\u0002\u001a\u0016\u0010\u0015\u001a\u00020\u000b2\u0006\u0010\u0014\u001a\u00020\u00022\u0006\u0010\u0010\u001a\u00020\u0002\u001a\u0010\u0010\u0016\u001a\u00020\t2\u0006\u0010\u0017\u001a\u00020\u0002H\u0002\u001a\u0018\u0010\u0018\u001a\u00020\u00192\u0006\u0010\u001a\u001a\u00020\u00192\u0006\u0010\u001b\u001a\u00020\u001cH\u0002\u001a\b\u0010\u001d\u001a\u00020\u001eH\u0002\"\u001a\u0010��\u001a\u000e\u0012\u0004\u0012\u00020\u0002\u0012\u0004\u0012\u00020\u00020\u0001X\u0082\u0004¢\u0006\u0002\n��\"\u000e\u0010\u0003\u001a\u00020\u0002X\u0082T¢\u0006\u0002\n��\"\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u000e¢\u0006\u0002\n��¨\u0006\u001f"}, d2 = {"PUBLIC_KEY_ALGORITHM", "", "", "SECP256K1_PRIME_MODULUS", "provider", "Lorg/bouncycastle/jce/provider/BouncyCastleProvider;", "decodeSecp256k1PublicKey", "Ljava/security/spec/ECPoint;", "keyBytes", "", "getECPublicKey", "Ljava/security/PublicKey;", "jwk", "getECPublicKeyFromHex", "hexKey", "getPublicKeyFromHex", "keyType", "getPublicKeyFromJWK", "jwkStr", "getPublicKeyObjectFromPemPublicKey", CredentialVerifierConstants.PUBLIC_KEY_PEM, "getPublicKeyObjectFromPublicKeyMultibase", "hexStringToByteArray", "hex", "recoverYCoordinate", "Ljava/math/BigInteger;", "x", "odd", "", "secp256k1Params", "Ljava/security/spec/ECParameterSpec;", "vcverifier_release"})
@SourceDebugExtension({"SMAP\nUtils.kt\nKotlin\n*S Kotlin\n*F\n+ 1 Utils.kt\nio/mosip/vercred/vcverifier/publicKey/UtilsKt\n+ 2 _Arrays.kt\nkotlin/collections/ArraysKt___ArraysKt\n+ 3 fake.kt\nkotlin/jvm/internal/FakeKt\n*L\n1#1,152:1\n3648#2,10:153\n1#3:163\n*S KotlinDebug\n*F\n+ 1 Utils.kt\nio/mosip/vercred/vcverifier/publicKey/UtilsKt\n*L\n121#1:153,10\n*E\n"})
/* loaded from: input_file:io/mosip/vercred/vcverifier/publicKey/UtilsKt.class */
public final class UtilsKt {

    @NotNull
    private static BouncyCastleProvider provider = new BouncyCastleProvider();

    @NotNull
    private static final Map<String, String> PUBLIC_KEY_ALGORITHM = MapsKt.mapOf(new Pair[]{TuplesKt.to(CredentialVerifierConstants.RSA_KEY_TYPE, CredentialVerifierConstants.RSA_ALGORITHM), TuplesKt.to(CredentialVerifierConstants.ED25519_KEY_TYPE_2018, CredentialVerifierConstants.ED25519_ALGORITHM), TuplesKt.to(CredentialVerifierConstants.ED25519_KEY_TYPE_2020, CredentialVerifierConstants.ED25519_ALGORITHM)});

    @NotNull
    private static final String SECP256K1_PRIME_MODULUS = "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F";

    @NotNull
    public static final PublicKey getPublicKeyObjectFromPemPublicKey(@NotNull String str, @NotNull String str2) {
        Intrinsics.checkNotNullParameter(str, CredentialVerifierConstants.PUBLIC_KEY_PEM);
        Intrinsics.checkNotNullParameter(str2, "keyType");
        try {
            PublicKey generatePublic = KeyFactory.getInstance(PUBLIC_KEY_ALGORITHM.get(str2), provider).generatePublic(new X509EncodedKeySpec(new PemReader(new StringReader(str)).readPemObject().getContent()));
            Intrinsics.checkNotNullExpressionValue(generatePublic, "generatePublic(...)");
            return generatePublic;
        } catch (Exception e) {
            throw new PublicKeyNotFoundException("Public key object is null");
        }
    }

    @NotNull
    public static final PublicKey getPublicKeyFromJWK(@NotNull String str, @NotNull String str2) {
        Intrinsics.checkNotNullParameter(str, "jwkStr");
        Intrinsics.checkNotNullParameter(str2, "keyType");
        Object readValue = new ObjectMapper().readValue(str, Map.class);
        Intrinsics.checkNotNull(readValue, "null cannot be cast to non-null type kotlin.collections.Map<kotlin.String, kotlin.String>");
        Map map = (Map) readValue;
        if (Intrinsics.areEqual(str2, CredentialVerifierConstants.ES256K_KEY_TYPE_2019)) {
            return getECPublicKey(map);
        }
        throw new PublicKeyTypeNotSupportedException("Unsupported key type: " + str2);
    }

    private static final PublicKey getECPublicKey(Map<String, String> map) {
        String str = map.get("crv");
        if (str == null) {
            throw new IllegalArgumentException("Missing 'crv' field for EC key");
        }
        Base64Decoder base64Decoder = new Base64Decoder();
        String str2 = map.get("x");
        Intrinsics.checkNotNull(str2);
        byte[] decodeFromBase64UrlFormatEncoded = base64Decoder.decodeFromBase64UrlFormatEncoded(str2);
        Base64Decoder base64Decoder2 = new Base64Decoder();
        String str3 = map.get("y");
        Intrinsics.checkNotNull(str3);
        ECPoint eCPoint = new ECPoint(new BigInteger(1, decodeFromBase64UrlFormatEncoded), new BigInteger(1, base64Decoder2.decodeFromBase64UrlFormatEncoded(str3)));
        if (!Intrinsics.areEqual(str, CredentialVerifierConstants.SECP256K1)) {
            throw new IllegalArgumentException("Unsupported EC curve: " + str);
        }
        ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(CredentialVerifierConstants.SECP256K1);
        PublicKey generatePublic = KeyFactory.getInstance(CredentialVerifierConstants.JWK_KEY_TYPE_EC, provider).generatePublic(new ECPublicKeySpec(eCPoint, new ECNamedCurveSpec(str, parameterSpec.getCurve(), parameterSpec.getG(), parameterSpec.getN())));
        Intrinsics.checkNotNullExpressionValue(generatePublic, "generatePublic(...)");
        return generatePublic;
    }

    @NotNull
    public static final PublicKey getPublicKeyObjectFromPublicKeyMultibase(@NotNull String str, @NotNull String str2) {
        Intrinsics.checkNotNullParameter(str, CredentialVerifierConstants.PUBLIC_KEY_PEM);
        Intrinsics.checkNotNullParameter(str2, "keyType");
        try {
            String substring = str.substring(1);
            Intrinsics.checkNotNullExpressionValue(substring, "substring(...)");
            byte[] decode = Base58.decode(substring);
            Intrinsics.checkNotNull(decode);
            byte[] copyOfRange = ArraysKt.copyOfRange(decode, 2, decode.length);
            byte[] decode2 = Hex.decode(CredentialVerifierConstants.DER_PUBLIC_KEY_PREFIX);
            Intrinsics.checkNotNullExpressionValue(decode2, "decode(...)");
            PublicKey generatePublic = KeyFactory.getInstance(PUBLIC_KEY_ALGORITHM.get(str2), provider).generatePublic(new X509EncodedKeySpec(ArraysKt.plus(decode2, copyOfRange)));
            Intrinsics.checkNotNullExpressionValue(generatePublic, "generatePublic(...)");
            return generatePublic;
        } catch (Exception e) {
            throw new PublicKeyNotFoundException("Public key object is null");
        }
    }

    @NotNull
    public static final PublicKey getPublicKeyFromHex(@NotNull String str, @NotNull String str2) {
        Intrinsics.checkNotNullParameter(str, "hexKey");
        Intrinsics.checkNotNullParameter(str2, "keyType");
        if (Intrinsics.areEqual(str2, CredentialVerifierConstants.ES256K_KEY_TYPE_2019)) {
            return getECPublicKeyFromHex(str);
        }
        throw new PublicKeyTypeNotSupportedException("Unsupported key type: " + str2);
    }

    @NotNull
    public static final PublicKey getECPublicKeyFromHex(@NotNull String str) {
        Intrinsics.checkNotNullParameter(str, "hexKey");
        PublicKey generatePublic = KeyFactory.getInstance(CredentialVerifierConstants.JWK_KEY_TYPE_EC, provider).generatePublic(new ECPublicKeySpec(decodeSecp256k1PublicKey(hexStringToByteArray(str)), secp256k1Params()));
        Intrinsics.checkNotNull(generatePublic, "null cannot be cast to non-null type java.security.interfaces.ECPublicKey");
        return (ECPublicKey) generatePublic;
    }

    private static final byte[] hexStringToByteArray(String str) {
        byte[] byteArray = new BigInteger(str, 16).toByteArray();
        Intrinsics.checkNotNullExpressionValue(byteArray, "toByteArray(...)");
        boolean z = false;
        ArrayList arrayList = new ArrayList();
        int length = byteArray.length;
        for (int i = 0; i < length; i++) {
            byte b = byteArray[i];
            if (z) {
                arrayList.add(Byte.valueOf(b));
            } else if (!(b == 0)) {
                arrayList.add(Byte.valueOf(b));
                z = true;
            }
        }
        return CollectionsKt.toByteArray(arrayList);
    }

    private static final ECPoint decodeSecp256k1PublicKey(byte[] bArr) {
        if (!(bArr.length == 33)) {
            throw new IllegalArgumentException("Invalid compressed public key length".toString());
        }
        BigInteger bigInteger = new BigInteger(1, ArraysKt.copyOfRange(bArr, 1, bArr.length));
        return new ECPoint(bigInteger, recoverYCoordinate(bigInteger, bArr[0] == 3));
    }

    private static final BigInteger recoverYCoordinate(BigInteger bigInteger, boolean z) {
        BigInteger bigInteger2 = new BigInteger(SECP256K1_PRIME_MODULUS, 16);
        BigInteger modPow = bigInteger.modPow(BigInteger.valueOf(3L), bigInteger2).add(BigInteger.valueOf(7L)).mod(bigInteger2).modPow(bigInteger2.add(BigInteger.ONE).divide(BigInteger.valueOf(4L)), bigInteger2);
        if (modPow.testBit(0) == z) {
            Intrinsics.checkNotNull(modPow);
            return modPow;
        }
        BigInteger subtract = bigInteger2.subtract(modPow);
        Intrinsics.checkNotNullExpressionValue(subtract, "subtract(...)");
        return subtract;
    }

    private static final ECParameterSpec secp256k1Params() {
        ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(CredentialVerifierConstants.SECP256K1);
        return new ECNamedCurveSpec(CredentialVerifierConstants.SECP256K1, parameterSpec.getCurve(), parameterSpec.getG(), parameterSpec.getN(), parameterSpec.getH());
    }
}
