package net.corda.node.services.api;

import java.security.InvalidAlgorithmParameterException;
import java.security.PublicKey;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.List;
import java.util.NoSuchElementException;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.Intrinsics;
import kotlin.ranges.RangesKt;
import kotlin.text.StringsKt;
import net.corda.core.contracts.PartyAndReference;
import net.corda.core.identity.AbstractParty;
import net.corda.core.identity.AnonymousParty;
import net.corda.core.identity.CordaX500Name;
import net.corda.core.identity.Party;
import net.corda.core.identity.PartyAndCertificate;
import net.corda.core.internal.CertRole;
import net.corda.core.node.services.IdentityService;
import net.corda.core.utilities.KotlinUtilsKt;
import net.corda.node.services.config.NodeConfigurationImpl;
import net.corda.nodeapi.internal.crypto.X509Utilities;
import net.corda.nodeapi.internal.crypto.X509UtilitiesKt;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.slf4j.Logger;

/* compiled from: IdentityServiceInternal.kt */
@Metadata(mv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, NodeConfigurationImpl.Defaults.lazyBridgeStart, 11}, bv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, 0, 2}, k = NodeConfigurationImpl.Defaults.lazyBridgeStart, d1 = {"��6\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000b\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\bf\u0018�� \u00122\u00020\u0001:\u0001\u0012J\u001a\u0010\u0002\u001a\u00020\u00032\u0006\u0010\u0004\u001a\u00020\u00052\b\b\u0002\u0010\u0006\u001a\u00020\u0007H\u0016J\u001c\u0010\b\u001a\u0004\u0018\u00010\u00052\u0006\u0010\u0004\u001a\u00020\u00052\b\b\u0002\u0010\u0006\u001a\u00020\u0007H&J$\u0010\t\u001a\u0004\u0018\u00010\u00052\u0006\u0010\n\u001a\u00020\u000b2\u0006\u0010\u0004\u001a\u00020\u00052\b\b\u0002\u0010\u0006\u001a\u00020\u0007H\u0016J\u001a\u0010\t\u001a\u0004\u0018\u00010\u00052\u0006\u0010\u0004\u001a\u00020\u00052\u0006\u0010\u0006\u001a\u00020\u0007H&J \u0010\f\u001a\u00020\u00072\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u000f\u001a\u00020\u00072\u0006\u0010\u0010\u001a\u00020\u0011H\u0016¨\u0006\u0013"}, d2 = {"Lnet/corda/node/services/api/IdentityServiceInternal;", "Lnet/corda/core/node/services/IdentityService;", "justVerifyAndRegisterIdentity", "", "identity", "Lnet/corda/core/identity/PartyAndCertificate;", "isNewRandomIdentity", "", "registerIdentity", "verifyAndRegisterIdentity", "trustAnchor", "Ljava/security/cert/TrustAnchor;", "x500Matches", "query", "", "exactMatch", "x500name", "Lnet/corda/core/identity/CordaX500Name;", "Companion", "node"})
/* loaded from: input_file:net/corda/node/services/api/IdentityServiceInternal.class */
public interface IdentityServiceInternal extends IdentityService {

    @Deprecated
    public static final Companion Companion = Companion.$$INSTANCE;

    /* compiled from: IdentityServiceInternal.kt */
    @Metadata(mv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, NodeConfigurationImpl.Defaults.lazyBridgeStart, 11}, bv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, 0, 2}, k = NodeConfigurationImpl.Defaults.lazyBridgeStart, d1 = {"��\u0014\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\b\u0082\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002R\u0011\u0010\u0003\u001a\u00020\u0004¢\u0006\b\n��\u001a\u0004\b\u0005\u0010\u0006¨\u0006\u0007"}, d2 = {"Lnet/corda/node/services/api/IdentityServiceInternal$Companion;", "", "()V", "log", "Lorg/slf4j/Logger;", "getLog", "()Lorg/slf4j/Logger;", "node"})
    /* loaded from: input_file:net/corda/node/services/api/IdentityServiceInternal$Companion.class */
    private static final class Companion {

        @NotNull
        private static final Logger log;
        static final /* synthetic */ Companion $$INSTANCE;

        @NotNull
        public final Logger getLog() {
            return log;
        }

        private Companion() {
        }

        static {
            Companion companion = new Companion();
            $$INSTANCE = companion;
            log = KotlinUtilsKt.contextLogger(companion);
        }
    }

    /* compiled from: IdentityServiceInternal.kt */
    @Metadata(mv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, NodeConfigurationImpl.Defaults.lazyBridgeStart, 11}, bv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, 0, 2}, k = 3)
    /* loaded from: input_file:net/corda/node/services/api/IdentityServiceInternal$DefaultImpls.class */
    public static final class DefaultImpls {
        public static void justVerifyAndRegisterIdentity(IdentityServiceInternal identityServiceInternal, @NotNull PartyAndCertificate partyAndCertificate, boolean z) {
            Intrinsics.checkParameterIsNotNull(partyAndCertificate, "identity");
            identityServiceInternal.verifyAndRegisterIdentity(partyAndCertificate, z);
        }

        public static /* bridge */ /* synthetic */ void justVerifyAndRegisterIdentity$default(IdentityServiceInternal identityServiceInternal, PartyAndCertificate partyAndCertificate, boolean z, int i, Object obj) {
            if (obj != null) {
                throw new UnsupportedOperationException("Super calls with default arguments not supported in this target, function: justVerifyAndRegisterIdentity");
            }
            if ((i & 2) != 0) {
                z = false;
            }
            identityServiceInternal.justVerifyAndRegisterIdentity(partyAndCertificate, z);
        }

        public static boolean x500Matches(IdentityServiceInternal identityServiceInternal, @NotNull String str, boolean z, @NotNull CordaX500Name cordaX500Name) {
            Intrinsics.checkParameterIsNotNull(str, "query");
            Intrinsics.checkParameterIsNotNull(cordaX500Name, "x500name");
            List<String> listOfNotNull = CollectionsKt.listOfNotNull(new String[]{cordaX500Name.getCommonName(), cordaX500Name.getOrganisationUnit(), cordaX500Name.getOrganisation(), cordaX500Name.getLocality(), cordaX500Name.getState(), cordaX500Name.getCountry()});
            if ((listOfNotNull instanceof Collection) && listOfNotNull.isEmpty()) {
                return false;
            }
            for (String str2 : listOfNotNull) {
                if ((z && Intrinsics.areEqual(str2, str)) || (!z && StringsKt.contains(str2, str, true))) {
                    return true;
                }
            }
            return false;
        }

        @Nullable
        public static PartyAndCertificate verifyAndRegisterIdentity(IdentityServiceInternal identityServiceInternal, @NotNull TrustAnchor trustAnchor, @NotNull PartyAndCertificate partyAndCertificate, boolean z) throws CertificateExpiredException, CertificateNotYetValidException, InvalidAlgorithmParameterException {
            Intrinsics.checkParameterIsNotNull(trustAnchor, "trustAnchor");
            Intrinsics.checkParameterIsNotNull(partyAndCertificate, "identity");
            List x509Certificates = X509UtilitiesKt.getX509Certificates(partyAndCertificate.getCertPath());
            try {
                partyAndCertificate.verify(trustAnchor);
                Object obj = null;
                boolean z2 = false;
                for (Object obj2 : x509Certificates) {
                    CertRole extract = CertRole.Companion.extract((X509Certificate) obj2);
                    if (extract != null ? extract.isWellKnown() : false) {
                        if (z2) {
                            throw new IllegalArgumentException("Collection contains more than one matching element.");
                        }
                        obj = obj2;
                        z2 = true;
                    }
                }
                if (!z2) {
                    throw new NoSuchElementException("Collection contains no element matching the predicate.");
                }
                X509Certificate x509Certificate = (X509Certificate) obj;
                if ((!Intrinsics.areEqual(x509Certificate, partyAndCertificate.getCertificate())) && !z) {
                    verifyAndRegisterIdentity$default(identityServiceInternal, trustAnchor, new PartyAndCertificate(X509Utilities.INSTANCE.buildCertPath(CollectionsKt.slice(x509Certificates, RangesKt.until(x509Certificates.lastIndexOf(x509Certificate), x509Certificates.size())))), false, 4, null);
                }
                return identityServiceInternal.registerIdentity(partyAndCertificate, z);
            } catch (CertPathValidatorException e) {
                Logger log = IdentityServiceInternal.Companion.getLog();
                StringBuilder append = new StringBuilder().append("Certificate validation failed for ").append(partyAndCertificate.getName()).append(" against trusted root ");
                X509Certificate trustedCert = trustAnchor.getTrustedCert();
                Intrinsics.checkExpressionValueIsNotNull(trustedCert, "trustAnchor.trustedCert");
                log.warn(append.append(trustedCert.getSubjectX500Principal()).append('.').toString());
                IdentityServiceInternal.Companion.getLog().warn("Certificate path :");
                int i = 0;
                for (Object obj3 : CollectionsKt.reversed(x509Certificates)) {
                    int i2 = i;
                    i++;
                    IdentityServiceInternal.Companion.getLog().warn(CollectionsKt.joinToString$default(RangesKt.until(0, i2), "", (CharSequence) null, (CharSequence) null, 0, (CharSequence) null, new Function1<Integer, String>() { // from class: net.corda.node.services.api.IdentityServiceInternal$verifyAndRegisterIdentity$1$space$1
                        public /* bridge */ /* synthetic */ Object invoke(Object obj4) {
                            return invoke(((Number) obj4).intValue());
                        }

                        @NotNull
                        public final String invoke(int i3) {
                            return "   ";
                        }
                    }, 30, (Object) null) + ((X509Certificate) obj3).getSubjectX500Principal());
                }
                throw e;
            }
        }

        @Nullable
        public static /* bridge */ /* synthetic */ PartyAndCertificate verifyAndRegisterIdentity$default(IdentityServiceInternal identityServiceInternal, TrustAnchor trustAnchor, PartyAndCertificate partyAndCertificate, boolean z, int i, Object obj) throws CertificateExpiredException, CertificateNotYetValidException, InvalidAlgorithmParameterException {
            if (obj != null) {
                throw new UnsupportedOperationException("Super calls with default arguments not supported in this target, function: verifyAndRegisterIdentity");
            }
            if ((i & 4) != 0) {
                z = false;
            }
            return identityServiceInternal.verifyAndRegisterIdentity(trustAnchor, partyAndCertificate, z);
        }

        @Nullable
        public static /* bridge */ /* synthetic */ PartyAndCertificate registerIdentity$default(IdentityServiceInternal identityServiceInternal, PartyAndCertificate partyAndCertificate, boolean z, int i, Object obj) {
            if (obj != null) {
                throw new UnsupportedOperationException("Super calls with default arguments not supported in this target, function: registerIdentity");
            }
            if ((i & 2) != 0) {
                z = false;
            }
            return identityServiceInternal.registerIdentity(partyAndCertificate, z);
        }

        public static void assertOwnership(IdentityServiceInternal identityServiceInternal, @NotNull Party party, @NotNull AnonymousParty anonymousParty) {
            Intrinsics.checkParameterIsNotNull(party, "party");
            Intrinsics.checkParameterIsNotNull(anonymousParty, "anonymousParty");
            IdentityService.DefaultImpls.assertOwnership(identityServiceInternal, party, anonymousParty);
        }

        @Nullable
        public static Party partyFromKey(IdentityServiceInternal identityServiceInternal, @NotNull PublicKey publicKey) {
            Intrinsics.checkParameterIsNotNull(publicKey, "key");
            return IdentityService.DefaultImpls.partyFromKey(identityServiceInternal, publicKey);
        }

        @NotNull
        public static Party requireWellKnownPartyFromAnonymous(IdentityServiceInternal identityServiceInternal, @NotNull AbstractParty abstractParty) {
            Intrinsics.checkParameterIsNotNull(abstractParty, "party");
            return IdentityService.DefaultImpls.requireWellKnownPartyFromAnonymous(identityServiceInternal, abstractParty);
        }

        @Nullable
        public static Party wellKnownPartyFromAnonymous(IdentityServiceInternal identityServiceInternal, @NotNull PartyAndReference partyAndReference) {
            Intrinsics.checkParameterIsNotNull(partyAndReference, "partyRef");
            return IdentityService.DefaultImpls.wellKnownPartyFromAnonymous(identityServiceInternal, partyAndReference);
        }

        @Nullable
        public static Party wellKnownPartyFromAnonymous(IdentityServiceInternal identityServiceInternal, @NotNull AbstractParty abstractParty) {
            Intrinsics.checkParameterIsNotNull(abstractParty, "party");
            return IdentityService.DefaultImpls.wellKnownPartyFromAnonymous(identityServiceInternal, abstractParty);
        }
    }

    void justVerifyAndRegisterIdentity(@NotNull PartyAndCertificate partyAndCertificate, boolean z);

    @Nullable
    PartyAndCertificate verifyAndRegisterIdentity(@NotNull PartyAndCertificate partyAndCertificate, boolean z) throws CertificateExpiredException, CertificateNotYetValidException, InvalidAlgorithmParameterException;

    boolean x500Matches(@NotNull String str, boolean z, @NotNull CordaX500Name cordaX500Name);

    @Nullable
    PartyAndCertificate verifyAndRegisterIdentity(@NotNull TrustAnchor trustAnchor, @NotNull PartyAndCertificate partyAndCertificate, boolean z) throws CertificateExpiredException, CertificateNotYetValidException, InvalidAlgorithmParameterException;

    @Nullable
    PartyAndCertificate registerIdentity(@NotNull PartyAndCertificate partyAndCertificate, boolean z);
}
