package net.corda.cipher.suite.internal.schemes;

import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Collection;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import kotlin.Lazy;
import kotlin.LazyKt;
import kotlin.LazyThreadSafetyMode;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.collections.CollectionsKt;
import kotlin.collections.MapsKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import kotlin.ranges.RangesKt;
import net.corda.v5.cipher.suite.KeyEncodingService;
import net.corda.v5.cipher.suite.SchemeTemplates;
import net.corda.v5.crypto.internal.SignatureScheme;
import net.i2p.crypto.eddsa.EdDSAEngine;
import net.i2p.crypto.eddsa.EdDSASecurityProvider;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.jcajce.provider.asymmetric.ec.AlgorithmParametersSpi;
import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
import org.jetbrains.annotations.NotNull;

/* compiled from: ProviderMap.kt */
@Metadata(mv = {1, 4, 1}, bv = {1, 0, 3}, k = 1, d1 = {"��h\n\u0002\u0018\u0002\n\u0002\u0010��\n��\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0014\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\b\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010$\n\u0002\u0010\u000e\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0012\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\u0018��2\u00020\u0001:\u0001@B\u0013\u0012\f\u0010\u0002\u001a\b\u0012\u0004\u0012\u00020\u00040\u0003¢\u0006\u0002\u0010\u0005J\u0018\u00109\u001a\u00020:2\u0006\u0010;\u001a\u00020\u00072\u0006\u0010<\u001a\u00020=H\u0002J\u0018\u0010>\u001a\u00020?2\u0006\u0010;\u001a\u00020\u00072\u0006\u0010<\u001a\u00020=H\u0002R\u0017\u0010\u0006\u001a\u00020\u0007¢\u0006\u000e\n��\u0012\u0004\b\b\u0010\t\u001a\u0004\b\n\u0010\u000bR\u0017\u0010\f\u001a\u00020\u0007¢\u0006\u000e\n��\u0012\u0004\b\r\u0010\t\u001a\u0004\b\u000e\u0010\u000bR\u0017\u0010\u000f\u001a\u00020\u0007¢\u0006\u000e\n��\u0012\u0004\b\u0010\u0010\t\u001a\u0004\b\u0011\u0010\u000bR\u0017\u0010\u0012\u001a\u00020\u0007¢\u0006\u000e\n��\u0012\u0004\b\u0013\u0010\t\u001a\u0004\b\u0014\u0010\u000bR\u0017\u0010\u0015\u001a\u00020\u0007¢\u0006\u000e\n��\u0012\u0004\b\u0016\u0010\t\u001a\u0004\b\u0017\u0010\u000bR\u0017\u0010\u0018\u001a\u00020\u0007¢\u0006\u000e\n��\u0012\u0004\b\u0019\u0010\t\u001a\u0004\b\u001a\u0010\u000bR\u0011\u0010\u001b\u001a\u00020\u001c¢\u0006\b\n��\u001a\u0004\b\u001d\u0010\u001eR\u0011\u0010\u001f\u001a\u00020 ¢\u0006\b\n��\u001a\u0004\b!\u0010\"R\u0011\u0010#\u001a\u00020$¢\u0006\b\n��\u001a\u0004\b%\u0010&R\u001b\u0010'\u001a\u00020\u00048BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b*\u0010+\u001a\u0004\b(\u0010)R\u0014\u0010\u0002\u001a\b\u0012\u0004\u0012\u00020\u00040\u0003X\u0082\u0004¢\u0006\u0002\n��R\u0011\u0010,\u001a\u00020-¢\u0006\b\n��\u001a\u0004\b.\u0010/R\u001d\u00100\u001a\u000e\u0012\u0004\u0012\u000202\u0012\u0004\u0012\u00020 01¢\u0006\b\n��\u001a\u0004\b3\u00104R\u0011\u00105\u001a\u000206¢\u0006\b\n��\u001a\u0004\b7\u00108¨\u0006A"}, d2 = {"Lnet/corda/cipher/suite/internal/schemes/ProviderMap;", "", "keyEncoderProvider", "Lkotlin/Function0;", "Lnet/corda/v5/cipher/suite/KeyEncodingService;", "(Lkotlin/jvm/functions/Function0;)V", "COMPOSITE_KEY", "Lnet/corda/v5/crypto/internal/SignatureScheme;", "getCOMPOSITE_KEY$annotations", "()V", "getCOMPOSITE_KEY", "()Lnet/corda/v5/crypto/internal/SignatureScheme;", "ECDSA_SECP256K1_SHA256", "getECDSA_SECP256K1_SHA256$annotations", "getECDSA_SECP256K1_SHA256", "ECDSA_SECP256R1_SHA256", "getECDSA_SECP256R1_SHA256$annotations", "getECDSA_SECP256R1_SHA256", "EDDSA_ED25519_SHA512", "getEDDSA_ED25519_SHA512$annotations", "getEDDSA_ED25519_SHA512", "RSA_SHA256", "getRSA_SHA256$annotations", "getRSA_SHA256", "SPHINCS256_SHA256", "getSPHINCS256_SHA256$annotations", "getSPHINCS256_SHA256", "bouncyCastlePQCProvider", "Lorg/bouncycastle/pqc/jcajce/provider/BouncyCastlePQCProvider;", "getBouncyCastlePQCProvider", "()Lorg/bouncycastle/pqc/jcajce/provider/BouncyCastlePQCProvider;", "cordaBouncyCastleProvider", "Ljava/security/Provider;", "getCordaBouncyCastleProvider", "()Ljava/security/Provider;", "cordaSecurityProvider", "Lnet/corda/cipher/suite/internal/schemes/CordaSecurityProvider;", "getCordaSecurityProvider", "()Lnet/corda/cipher/suite/internal/schemes/CordaSecurityProvider;", "keyEncoder", "getKeyEncoder", "()Lnet/corda/v5/cipher/suite/KeyEncodingService;", "keyEncoder$delegate", "Lkotlin/Lazy;", "keyFactories", "Lnet/corda/cipher/suite/internal/schemes/KeyFactoryProvider;", "getKeyFactories", "()Lnet/corda/cipher/suite/internal/schemes/KeyFactoryProvider;", "providers", "", "", "getProviders", "()Ljava/util/Map;", "secureRandom", "Ljava/security/SecureRandom;", "getSecureRandom", "()Ljava/security/SecureRandom;", "decodePrivateKey", "Ljava/security/PrivateKey;", "signatureScheme", "encodedKey", "", "decodePublicKey", "Ljava/security/PublicKey;", "SecurityProviderWrapper", "crypto-impl"})
/* loaded from: input_file:net/corda/cipher/suite/internal/schemes/ProviderMap.class */
public final class ProviderMap {
    private final Lazy keyEncoder$delegate;

    @NotNull
    private final CordaSecurityProvider cordaSecurityProvider;

    @NotNull
    private final Provider cordaBouncyCastleProvider;

    @NotNull
    private final BouncyCastlePQCProvider bouncyCastlePQCProvider;

    @NotNull
    private final Map<String, Provider> providers;

    @NotNull
    private final SecureRandom secureRandom;

    @NotNull
    private final KeyFactoryProvider keyFactories;

    @NotNull
    private final SignatureScheme RSA_SHA256;

    @NotNull
    private final SignatureScheme ECDSA_SECP256K1_SHA256;

    @NotNull
    private final SignatureScheme ECDSA_SECP256R1_SHA256;

    @NotNull
    private final SignatureScheme EDDSA_ED25519_SHA512;

    @NotNull
    private final SignatureScheme SPHINCS256_SHA256;

    @NotNull
    private final SignatureScheme COMPOSITE_KEY;
    private final Function0<KeyEncodingService> keyEncoderProvider;

    /* compiled from: ProviderMap.kt */
    @Metadata(mv = {1, 4, 1}, bv = {1, 0, 3}, k = 1, d1 = {"��\f\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\b\u0002\u0018��2\u00020\u0001B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0001¢\u0006\u0002\u0010\u0003¨\u0006\u0004"}, d2 = {"Lnet/corda/cipher/suite/internal/schemes/ProviderMap$SecurityProviderWrapper;", "Ljava/security/Provider;", "source", "(Ljava/security/Provider;)V", "crypto-impl"})
    /* loaded from: input_file:net/corda/cipher/suite/internal/schemes/ProviderMap$SecurityProviderWrapper.class */
    private static final class SecurityProviderWrapper extends Provider {
        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        public SecurityProviderWrapper(@NotNull Provider provider) {
            super(provider.getName(), provider.getVersionStr(), provider.getInfo());
            Intrinsics.checkNotNullParameter(provider, "source");
            putAll(provider);
        }

        public /* bridge */ Collection getValues() {
            return super.values();
        }

        @Override // java.security.Provider, java.util.Hashtable, java.util.Map
        public final /* bridge */ Collection<Object> values() {
            return getValues();
        }

        public /* bridge */ Set getEntries() {
            return super.entrySet();
        }

        @Override // java.security.Provider, java.util.Hashtable, java.util.Map
        public final /* bridge */ Set<Map.Entry<Object, Object>> entrySet() {
            return getEntries();
        }

        public /* bridge */ Set getKeys() {
            return super.keySet();
        }

        @Override // java.security.Provider, java.util.Hashtable, java.util.Map
        public final /* bridge */ Set<Object> keySet() {
            return getKeys();
        }

        public /* bridge */ int getSize() {
            return super.size();
        }

        @Override // java.util.Hashtable, java.util.Dictionary, java.util.Map
        public final /* bridge */ int size() {
            return getSize();
        }
    }

    private final KeyEncodingService getKeyEncoder() {
        return (KeyEncodingService) this.keyEncoder$delegate.getValue();
    }

    @NotNull
    public final CordaSecurityProvider getCordaSecurityProvider() {
        return this.cordaSecurityProvider;
    }

    @NotNull
    public final Provider getCordaBouncyCastleProvider() {
        return this.cordaBouncyCastleProvider;
    }

    @NotNull
    public final BouncyCastlePQCProvider getBouncyCastlePQCProvider() {
        return this.bouncyCastlePQCProvider;
    }

    @NotNull
    public final Map<String, Provider> getProviders() {
        return this.providers;
    }

    @NotNull
    public final SecureRandom getSecureRandom() {
        return this.secureRandom;
    }

    @NotNull
    public final KeyFactoryProvider getKeyFactories() {
        return this.keyFactories;
    }

    public static /* synthetic */ void getRSA_SHA256$annotations() {
    }

    @NotNull
    public final SignatureScheme getRSA_SHA256() {
        return this.RSA_SHA256;
    }

    public static /* synthetic */ void getECDSA_SECP256K1_SHA256$annotations() {
    }

    @NotNull
    public final SignatureScheme getECDSA_SECP256K1_SHA256() {
        return this.ECDSA_SECP256K1_SHA256;
    }

    public static /* synthetic */ void getECDSA_SECP256R1_SHA256$annotations() {
    }

    @NotNull
    public final SignatureScheme getECDSA_SECP256R1_SHA256() {
        return this.ECDSA_SECP256R1_SHA256;
    }

    public static /* synthetic */ void getEDDSA_ED25519_SHA512$annotations() {
    }

    @NotNull
    public final SignatureScheme getEDDSA_ED25519_SHA512() {
        return this.EDDSA_ED25519_SHA512;
    }

    public static /* synthetic */ void getSPHINCS256_SHA256$annotations() {
    }

    @NotNull
    public final SignatureScheme getSPHINCS256_SHA256() {
        return this.SPHINCS256_SHA256;
    }

    public static /* synthetic */ void getCOMPOSITE_KEY$annotations() {
    }

    @NotNull
    public final SignatureScheme getCOMPOSITE_KEY() {
        return this.COMPOSITE_KEY;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final PublicKey decodePublicKey(SignatureScheme signatureScheme, byte[] bArr) {
        try {
            KeyFactory keyFactory = this.keyFactories.get(signatureScheme);
            KeyEncodingService keyEncoder = getKeyEncoder();
            PublicKey generatePublic = keyFactory.generatePublic(new X509EncodedKeySpec(bArr));
            Intrinsics.checkNotNullExpressionValue(generatePublic, "keyFactory.generatePubli…codedKeySpec(encodedKey))");
            return keyEncoder.toSupportedPublicKey(generatePublic);
        } catch (InvalidKeySpecException e) {
            throw new InvalidKeySpecException("This public key cannot be decoded, please ensure it is X509 encoded and that it corresponds to the input scheme's code name.", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final PrivateKey decodePrivateKey(SignatureScheme signatureScheme, byte[] bArr) {
        try {
            KeyFactory keyFactory = this.keyFactories.get(signatureScheme);
            KeyEncodingService keyEncoder = getKeyEncoder();
            PrivateKey generatePrivate = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bArr));
            Intrinsics.checkNotNullExpressionValue(generatePrivate, "keyFactory.generatePriva…codedKeySpec(encodedKey))");
            return keyEncoder.toSupportedPrivateKey(generatePrivate);
        } catch (InvalidKeySpecException e) {
            throw new InvalidKeySpecException("This private key cannot be decoded, please ensure it is PKCS8 encoded and that it corresponds to the input scheme's code name.", e);
        }
    }

    public ProviderMap(@NotNull Function0<? extends KeyEncodingService> function0) {
        Intrinsics.checkNotNullParameter(function0, "keyEncoderProvider");
        this.keyEncoderProvider = function0;
        this.keyEncoder$delegate = LazyKt.lazy(LazyThreadSafetyMode.PUBLICATION, new Function0<KeyEncodingService>() { // from class: net.corda.cipher.suite.internal.schemes.ProviderMap$keyEncoder$2
            @NotNull
            public final KeyEncodingService invoke() {
                Function0 function02;
                function02 = ProviderMap.this.keyEncoderProvider;
                return (KeyEncodingService) function02.invoke();
            }

            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super(0);
            }
        });
        this.cordaSecurityProvider = new CordaSecurityProvider(this.keyEncoderProvider);
        Provider bouncyCastleProvider = new BouncyCastleProvider();
        bouncyCastleProvider.addKeyInfoConverter(SchemeTemplates.id-Curve25519ph, new AsymmetricKeyInfoConverter() { // from class: net.corda.cipher.suite.internal.schemes.ProviderMap$$special$$inlined$apply$lambda$1
            @NotNull
            public PublicKey generatePublic(@NotNull SubjectPublicKeyInfo subjectPublicKeyInfo) {
                PublicKey decodePublicKey;
                Intrinsics.checkNotNullParameter(subjectPublicKeyInfo, "keyInfo");
                ProviderMap providerMap = ProviderMap.this;
                SignatureScheme eddsa_ed25519_sha512 = ProviderMap.this.getEDDSA_ED25519_SHA512();
                byte[] encoded = subjectPublicKeyInfo.getEncoded();
                Intrinsics.checkNotNullExpressionValue(encoded, "keyInfo.encoded");
                decodePublicKey = providerMap.decodePublicKey(eddsa_ed25519_sha512, encoded);
                return decodePublicKey;
            }

            @NotNull
            public PrivateKey generatePrivate(@NotNull PrivateKeyInfo privateKeyInfo) {
                PrivateKey decodePrivateKey;
                Intrinsics.checkNotNullParameter(privateKeyInfo, "keyInfo");
                ProviderMap providerMap = ProviderMap.this;
                SignatureScheme eddsa_ed25519_sha512 = ProviderMap.this.getEDDSA_ED25519_SHA512();
                byte[] encoded = privateKeyInfo.getEncoded();
                Intrinsics.checkNotNullExpressionValue(encoded, "keyInfo.encoded");
                decodePrivateKey = providerMap.decodePrivateKey(eddsa_ed25519_sha512, encoded);
                return decodePrivateKey;
            }
        });
        Unit unit = Unit.INSTANCE;
        SecurityProviderWrapper securityProviderWrapper = new SecurityProviderWrapper(bouncyCastleProvider);
        securityProviderWrapper.putAll((Map) new EdDSASecurityProvider());
        securityProviderWrapper.put("AlgorithmParameters.SHA256WITHECDSA", AlgorithmParametersSpi.class.getName());
        securityProviderWrapper.put("Signature.NONEwithEdDSA", EdDSAEngine.class.getName());
        securityProviderWrapper.put("Signature.Ed25519", EdDSAEngine.class.getName());
        Unit unit2 = Unit.INSTANCE;
        this.cordaBouncyCastleProvider = securityProviderWrapper;
        BouncyCastlePQCProvider bouncyCastlePQCProvider = new BouncyCastlePQCProvider();
        if (!Intrinsics.areEqual(bouncyCastlePQCProvider.getName(), "BCPQC")) {
            throw new IllegalArgumentException("Invalid PQCProvider name".toString());
        }
        Unit unit3 = Unit.INSTANCE;
        this.bouncyCastlePQCProvider = bouncyCastlePQCProvider;
        List listOf = CollectionsKt.listOf(new Provider[]{this.cordaBouncyCastleProvider, this.cordaSecurityProvider, (Provider) this.bouncyCastlePQCProvider});
        LinkedHashMap linkedHashMap = new LinkedHashMap(RangesKt.coerceAtLeast(MapsKt.mapCapacity(CollectionsKt.collectionSizeOrDefault(listOf, 10)), 16));
        for (Object obj : listOf) {
            linkedHashMap.put(((Provider) obj).getName(), obj);
        }
        this.providers = linkedHashMap;
        SecureRandom secureRandom = SecureRandom.getInstance(CordaSecureRandomService.algorithm, this.cordaSecurityProvider);
        Intrinsics.checkNotNullExpressionValue(secureRandom, "SecureRandom.getInstance…m, cordaSecurityProvider)");
        this.secureRandom = secureRandom;
        this.keyFactories = new KeyFactoryProvider(this.providers);
        SignatureScheme signatureScheme = SchemeTemplates.RSA_SHA256_TEMPLATE;
        String name = this.cordaBouncyCastleProvider.getName();
        Intrinsics.checkNotNullExpressionValue(name, "cordaBouncyCastleProvider.name");
        this.RSA_SHA256 = SignatureScheme.copy$default(signatureScheme, (String) null, (AlgorithmIdentifier) null, (List) null, name, (String) null, (String) null, (String) null, (AlgorithmParameterSpec) null, (Integer) null, (String) null, 1015, (Object) null);
        SignatureScheme signatureScheme2 = SchemeTemplates.ECDSA_SECP256K1_SHA256_TEMPLATE;
        String name2 = this.cordaBouncyCastleProvider.getName();
        Intrinsics.checkNotNullExpressionValue(name2, "cordaBouncyCastleProvider.name");
        this.ECDSA_SECP256K1_SHA256 = SignatureScheme.copy$default(signatureScheme2, (String) null, (AlgorithmIdentifier) null, (List) null, name2, (String) null, (String) null, (String) null, (AlgorithmParameterSpec) null, (Integer) null, (String) null, 1015, (Object) null);
        SignatureScheme signatureScheme3 = SchemeTemplates.ECDSA_SECP256R1_SHA256_TEMPLATE;
        String name3 = this.cordaBouncyCastleProvider.getName();
        Intrinsics.checkNotNullExpressionValue(name3, "cordaBouncyCastleProvider.name");
        this.ECDSA_SECP256R1_SHA256 = SignatureScheme.copy$default(signatureScheme3, (String) null, (AlgorithmIdentifier) null, (List) null, name3, (String) null, (String) null, (String) null, (AlgorithmParameterSpec) null, (Integer) null, (String) null, 1015, (Object) null);
        SignatureScheme signatureScheme4 = SchemeTemplates.EDDSA_ED25519_SHA512_TEMPLATE;
        String name4 = this.cordaBouncyCastleProvider.getName();
        Intrinsics.checkNotNullExpressionValue(name4, "cordaBouncyCastleProvider.name");
        this.EDDSA_ED25519_SHA512 = SignatureScheme.copy$default(signatureScheme4, (String) null, (AlgorithmIdentifier) null, (List) null, name4, (String) null, (String) null, (String) null, (AlgorithmParameterSpec) null, (Integer) null, (String) null, 1015, (Object) null);
        SignatureScheme signatureScheme5 = SchemeTemplates.SPHINCS256_SHA256_TEMPLATE;
        String name5 = this.bouncyCastlePQCProvider.getName();
        Intrinsics.checkNotNullExpressionValue(name5, "bouncyCastlePQCProvider.name");
        this.SPHINCS256_SHA256 = SignatureScheme.copy$default(signatureScheme5, (String) null, (AlgorithmIdentifier) null, (List) null, name5, (String) null, (String) null, (String) null, (AlgorithmParameterSpec) null, (Integer) null, (String) null, 1015, (Object) null);
        SignatureScheme signatureScheme6 = SchemeTemplates.COMPOSITE_KEY_TEMPLATE;
        String name6 = this.cordaSecurityProvider.getName();
        Intrinsics.checkNotNullExpressionValue(name6, "cordaSecurityProvider.name");
        this.COMPOSITE_KEY = SignatureScheme.copy$default(signatureScheme6, (String) null, (AlgorithmIdentifier) null, (List) null, name6, (String) null, (String) null, (String) null, (AlgorithmParameterSpec) null, (Integer) null, (String) null, 1015, (Object) null);
    }
}
