package org.hyperledger.besu.crypto;

import com.google.common.base.Preconditions;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.Security;
import java.security.spec.ECGenParameterSpec;
import java.util.Arrays;
import java.util.Optional;
import java.util.function.UnaryOperator;
import org.apache.tuweni.bytes.Bytes;
import org.apache.tuweni.bytes.Bytes32;
import org.apache.tuweni.units.bigints.UInt256;
import org.bouncycastle.asn1.sec.SECNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.asn1.x9.X9IntegerConverter;
import org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.signers.DSAKCalculator;
import org.bouncycastle.crypto.signers.ECDSASigner;
import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyPairGeneratorSpi;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.math.ec.ECAlgorithms;
import org.bouncycastle.math.ec.ECPoint;

/* loaded from: input_file:org/hyperledger/besu/crypto/AbstractSECP256.class */
public abstract class AbstractSECP256 implements SignatureAlgorithm {
    public static final String PROVIDER = "BC";
    protected final ECDomainParameters curve;
    protected final BigInteger halfCurveOrder;
    protected final KeyPairGenerator keyPairGenerator;
    protected final BigInteger curveOrder;
    final BigInteger prime;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractSECP256(String str, BigInteger bigInteger) {
        this.prime = bigInteger;
        Security.addProvider(new BouncyCastleProvider());
        X9ECParameters byName = SECNamedCurves.getByName(str);
        this.curve = new ECDomainParameters(byName.getCurve(), byName.getG(), byName.getN(), byName.getH());
        this.curveOrder = this.curve.getN();
        this.halfCurveOrder = this.curveOrder.shiftRight(1);
        try {
            this.keyPairGenerator = new KeyPairGeneratorSpi.ECDSA();
            try {
                this.keyPairGenerator.initialize(new ECGenParameterSpec(str), SecureRandomProvider.createSecureRandom());
            } catch (InvalidAlgorithmParameterException e) {
                throw new RuntimeException(e);
            }
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public SECPSignature normaliseSignature(BigInteger bigInteger, BigInteger bigInteger2, SECPPublicKey sECPPublicKey, Bytes32 bytes32) {
        BigInteger bigInteger3 = bigInteger2;
        if (bigInteger3.compareTo(this.halfCurveOrder) > 0) {
            bigInteger3 = this.curve.getN().subtract(bigInteger3);
        }
        int i = -1;
        BigInteger unsignedBigInteger = sECPPublicKey.getEncodedBytes().toUnsignedBigInteger();
        int i2 = 0;
        while (true) {
            if (i2 < 4) {
                BigInteger recoverFromSignature = recoverFromSignature(i2, bigInteger, bigInteger3, bytes32);
                if (recoverFromSignature != null && recoverFromSignature.equals(unsignedBigInteger)) {
                    i = i2;
                    break;
                }
                i2++;
            } else {
                break;
            }
        }
        if (i == -1) {
            throw new RuntimeException("Could not construct a recoverable key. This should never happen.");
        }
        return new SECPSignature(bigInteger, bigInteger3, (byte) i);
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public Bytes32 calculateECDHKeyAgreement(SECPPrivateKey sECPPrivateKey, SECPPublicKey sECPPublicKey) {
        Preconditions.checkArgument(sECPPrivateKey != null, "missing private key");
        Preconditions.checkArgument(sECPPublicKey != null, "missing remote public key");
        ECPrivateKeyParameters eCPrivateKeyParameters = new ECPrivateKeyParameters(sECPPrivateKey.getD(), this.curve);
        ECPublicKeyParameters eCPublicKeyParameters = new ECPublicKeyParameters(sECPPublicKey.asEcPoint(this.curve), this.curve);
        ECDHBasicAgreement eCDHBasicAgreement = new ECDHBasicAgreement();
        eCDHBasicAgreement.init(eCPrivateKeyParameters);
        return UInt256.valueOf(eCDHBasicAgreement.calculateAgreement(eCPublicKeyParameters));
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public SECPPrivateKey createPrivateKey(BigInteger bigInteger) {
        return SECPPrivateKey.create(bigInteger, SignatureAlgorithm.ALGORITHM);
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public SECPPrivateKey createPrivateKey(Bytes32 bytes32) {
        return SECPPrivateKey.create(bytes32, SignatureAlgorithm.ALGORITHM);
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public SECPPublicKey createPublicKey(SECPPrivateKey sECPPrivateKey) {
        return SECPPublicKey.create(sECPPrivateKey, this.curve, SignatureAlgorithm.ALGORITHM);
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public SECPPublicKey createPublicKey(BigInteger bigInteger) {
        return SECPPublicKey.create(bigInteger, SignatureAlgorithm.ALGORITHM);
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public SECPPublicKey createPublicKey(Bytes bytes) {
        return SECPPublicKey.create(bytes, SignatureAlgorithm.ALGORITHM);
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public ECPoint publicKeyAsEcPoint(SECPPublicKey sECPPublicKey) {
        return sECPPublicKey.asEcPoint(this.curve);
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public boolean isValidPublicKey(SECPPublicKey sECPPublicKey) {
        try {
            publicKeyAsEcPoint(sECPPublicKey);
            return true;
        } catch (IllegalArgumentException e) {
            return false;
        }
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public KeyPair createKeyPair(SECPPrivateKey sECPPrivateKey) {
        return KeyPair.create(sECPPrivateKey, this.curve, SignatureAlgorithm.ALGORITHM);
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public KeyPair generateKeyPair() {
        return KeyPair.generate(this.keyPairGenerator, SignatureAlgorithm.ALGORITHM);
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public SECPSignature createSignature(BigInteger bigInteger, BigInteger bigInteger2, byte b) {
        return SECPSignature.create(bigInteger, bigInteger2, b, this.curveOrder);
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public SECPSignature decodeSignature(Bytes bytes) {
        return SECPSignature.decode(bytes, this.curveOrder);
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public BigInteger getHalfCurveOrder() {
        return this.halfCurveOrder;
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public String getProvider() {
        return "BC";
    }

    public abstract DSAKCalculator getKCalculator();

    protected ECPoint decompressKey(BigInteger bigInteger, boolean z) {
        X9IntegerConverter x9IntegerConverter = new X9IntegerConverter();
        byte[] integerToBytes = x9IntegerConverter.integerToBytes(bigInteger, 1 + x9IntegerConverter.getByteLength(this.curve.getCurve()));
        integerToBytes[0] = (byte) (z ? 3 : 2);
        return this.curve.getCurve().decodePoint(integerToBytes);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public BigInteger recoverFromSignature(int i, BigInteger bigInteger, BigInteger bigInteger2, Bytes32 bytes32) {
        if (!$assertionsDisabled && i < 0) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && bigInteger.signum() < 0) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && bigInteger2.signum() < 0) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && bytes32 == null) {
            throw new AssertionError();
        }
        BigInteger n = this.curve.getN();
        BigInteger add = bigInteger.add(BigInteger.valueOf(i / 2).multiply(n));
        if (add.compareTo(this.prime) >= 0) {
            return null;
        }
        ECPoint decompressKey = decompressKey(add, (i & 1) == 1);
        if (!decompressKey.multiply(n).isInfinity()) {
            return null;
        }
        BigInteger mod = BigInteger.ZERO.subtract(bytes32.toUnsignedBigInteger()).mod(n);
        BigInteger modInverse = bigInteger.modInverse(n);
        ECPoint sumOfTwoMultiplies = ECAlgorithms.sumOfTwoMultiplies(this.curve.getG(), modInverse.multiply(mod).mod(n), decompressKey, modInverse.multiply(bigInteger2).mod(n));
        if (sumOfTwoMultiplies.isInfinity()) {
            return null;
        }
        byte[] encoded = sumOfTwoMultiplies.getEncoded(false);
        return new BigInteger(1, Arrays.copyOfRange(encoded, 1, encoded.length));
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public SECPSignature sign(Bytes32 bytes32, KeyPair keyPair) {
        ECDSASigner eCDSASigner = new ECDSASigner(getKCalculator());
        eCDSASigner.init(true, new ECPrivateKeyParameters(keyPair.getPrivateKey().getEncodedBytes().toUnsignedBigInteger(), this.curve));
        BigInteger[] generateSignature = eCDSASigner.generateSignature(bytes32.toArrayUnsafe());
        return normaliseSignature(generateSignature[0], generateSignature[1], keyPair.getPublicKey(), bytes32);
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public boolean verify(Bytes bytes, SECPSignature sECPSignature, SECPPublicKey sECPPublicKey) {
        ECDSASigner eCDSASigner = new ECDSASigner();
        eCDSASigner.init(false, new ECPublicKeyParameters(this.curve.getCurve().decodePoint(Bytes.wrap(Bytes.of(4), sECPPublicKey.getEncodedBytes()).toArrayUnsafe()), this.curve));
        try {
            return eCDSASigner.verifySignature(bytes.toArrayUnsafe(), sECPSignature.getR(), sECPSignature.getS());
        } catch (NullPointerException e) {
            return false;
        }
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public boolean verify(Bytes bytes, SECPSignature sECPSignature, SECPPublicKey sECPPublicKey, UnaryOperator<Bytes> unaryOperator) {
        Preconditions.checkArgument(unaryOperator != null, "preprocessor must not be null");
        return verify((Bytes) unaryOperator.apply(bytes), sECPSignature, sECPPublicKey);
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public Optional<SECPPublicKey> recoverPublicKeyFromSignature(Bytes32 bytes32, SECPSignature sECPSignature) {
        return Optional.of(SECPPublicKey.create(recoverFromSignature(sECPSignature.getRecId(), sECPSignature.getR(), sECPSignature.getS(), bytes32), SignatureAlgorithm.ALGORITHM));
    }

    @Override // org.hyperledger.besu.crypto.SignatureAlgorithm
    public Bytes compressPublicKey(SECPPublicKey sECPPublicKey) {
        return Bytes.wrap(publicKeyAsEcPoint(sECPPublicKey).getEncoded(true));
    }

    static {
        $assertionsDisabled = !AbstractSECP256.class.desiredAssertionStatus();
    }
}
