package io.hotmoka.crypto.internal;

import io.hotmoka.crypto.api.BIP39Dictionary;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.OptionalInt;
import java.util.stream.Collectors;
import org.bouncycastle.crypto.CryptoServicesRegistrar;
import org.bouncycastle.crypto.digests.SHA512Digest;
import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:io/hotmoka/crypto/internal/SHA256DSA.class */
public class SHA256DSA extends AbstractSignatureAlgorithmImpl {
    private final Signature signature;
    private final KeyPairGenerator keyPairGenerator;
    private final KeyFactory keyFactory;

    public SHA256DSA() throws NoSuchAlgorithmException {
        try {
            ensureProvider();
            this.signature = Signature.getInstance("SHA256withDSA", "BC");
            this.keyPairGenerator = mkKeyPairGenerator(CryptoServicesRegistrar.getSecureRandom());
            this.keyFactory = KeyFactory.getInstance("DSA", "SUN");
        } catch (NoSuchProviderException e) {
            throw new NoSuchAlgorithmException(e);
        }
    }

    @Override // io.hotmoka.crypto.internal.AbstractSignatureAlgorithmImpl
    protected KeyPairGenerator mkKeyPairGenerator(SecureRandom secureRandom) throws NoSuchAlgorithmException, NoSuchProviderException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DSA", "BC");
        keyPairGenerator.initialize(2048, secureRandom);
        return keyPairGenerator;
    }

    @Override // io.hotmoka.crypto.internal.AbstractSignatureAlgorithmImpl
    public KeyPair getKeyPair(final byte[] bArr, final BIP39Dictionary bIP39Dictionary, final String str) {
        try {
            return mkKeyPairGenerator(new SecureRandom() { // from class: io.hotmoka.crypto.internal.SHA256DSA.1
                private static final long serialVersionUID = 1;
                private final byte[] seed = mergeEntropyWithPassword();

                @Override // java.security.SecureRandom, java.util.Random
                public void nextBytes(byte[] bArr2) {
                    System.arraycopy(this.seed, 0, bArr2, 0, bArr2.length);
                }

                private byte[] mergeEntropyWithPassword() {
                    String str2 = (String) new BIP39MnemonicImpl(bArr, bIP39Dictionary).stream().collect(Collectors.joining(" "));
                    String format = String.format("mnemonic%s", str);
                    PKCS5S2ParametersGenerator pKCS5S2ParametersGenerator = new PKCS5S2ParametersGenerator(new SHA512Digest());
                    pKCS5S2ParametersGenerator.init(str2.getBytes(StandardCharsets.UTF_8), format.getBytes(StandardCharsets.UTF_8), 2048);
                    return pKCS5S2ParametersGenerator.generateDerivedParameters(1792).getKey();
                }
            }).generateKeyPair();
        } catch (NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new RuntimeException("Unexpected exception", e);
        }
    }

    public KeyPair getKeyPair() {
        return this.keyPairGenerator.generateKeyPair();
    }

    @Override // io.hotmoka.crypto.internal.AbstractSignatureAlgorithmImpl
    protected byte[] sign(byte[] bArr, PrivateKey privateKey) throws InvalidKeyException, SignatureException {
        byte[] sign;
        synchronized (this.signature) {
            this.signature.initSign(privateKey);
            this.signature.update(bArr);
            sign = this.signature.sign();
        }
        return sign;
    }

    @Override // io.hotmoka.crypto.internal.AbstractSignatureAlgorithmImpl
    protected boolean verify(byte[] bArr, PublicKey publicKey, byte[] bArr2) throws InvalidKeyException, SignatureException {
        boolean verify;
        synchronized (this.signature) {
            this.signature.initVerify(publicKey);
            this.signature.update(bArr);
            verify = this.signature.verify(bArr2);
        }
        return verify;
    }

    public PublicKey publicKeyFromEncoding(byte[] bArr) throws InvalidKeySpecException {
        return this.keyFactory.generatePublic(new X509EncodedKeySpec(bArr));
    }

    public PrivateKey privateKeyFromEncoding(byte[] bArr) throws InvalidKeySpecException {
        return this.keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bArr));
    }

    @Override // io.hotmoka.crypto.internal.AbstractSignatureAlgorithmImpl
    public String getName() {
        return "sha256dsa";
    }

    public OptionalInt publicKeyLength() {
        return OptionalInt.empty();
    }

    public OptionalInt privateKeyLength() {
        return OptionalInt.empty();
    }

    public OptionalInt length() {
        return OptionalInt.empty();
    }

    private static void ensureProvider() {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
