package net.corda.node.services.keys;

import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.NoSuchElementException;
import java.util.Set;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.Lob;
import javax.persistence.Table;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.functions.Function2;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.sequences.SequencesKt;
import net.corda.core.crypto.Crypto;
import net.corda.core.crypto.CryptoUtils;
import net.corda.core.crypto.DigitalSignature;
import net.corda.core.crypto.SignableData;
import net.corda.core.crypto.TransactionSignature;
import net.corda.core.identity.PartyAndCertificate;
import net.corda.core.node.services.IdentityService;
import net.corda.core.node.services.KeyManagementService;
import net.corda.core.serialization.SingletonSerializeAsToken;
import net.corda.node.services.keys.PersistentKeyManagementService;
import net.corda.node.utilities.AppendOnlyPersistentMap;
import net.corda.node.utilities.AppendOnlyPersistentMapBase;
import org.bouncycastle.operator.ContentSigner;
import org.jetbrains.annotations.NotNull;

/* compiled from: PersistentKeyManagementService.kt */
@Metadata(mv = {1, 1, 8}, bv = {1, 0, 2}, k = 1, d1 = {"��r\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\"\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0010\u000e\n\u0002\b\u0003\n\u0002\u0010\u001c\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0012\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\u0018�� *2\u00020\u00012\u00020\u0002:\u0002*+B\u001b\u0012\u0006\u0010\u0003\u001a\u00020\u0004\u0012\f\u0010\u0005\u001a\b\u0012\u0004\u0012\u00020\u00070\u0006¢\u0006\u0002\u0010\bJ\u001c\u0010\u0016\u001a\b\u0012\u0004\u0012\u00020\f0\u00172\f\u0010\u0018\u001a\b\u0012\u0004\u0012\u00020\f0\u0017H\u0016J\b\u0010\u0019\u001a\u00020\fH\u0016J\u0018\u0010\u001a\u001a\u00020\u001b2\u0006\u0010\u001c\u001a\u00020\u001b2\u0006\u0010\u001d\u001a\u00020\u001eH\u0016J\u0010\u0010\u001f\u001a\u00020 2\u0006\u0010!\u001a\u00020\fH\u0002J\u0010\u0010\"\u001a\u00020\u00072\u0006\u0010!\u001a\u00020\fH\u0002J\u0018\u0010#\u001a\u00020$2\u0006\u0010%\u001a\u00020&2\u0006\u0010!\u001a\u00020\fH\u0016J\u0018\u0010#\u001a\u00020'2\u0006\u0010(\u001a\u00020)2\u0006\u0010!\u001a\u00020\fH\u0016R\u0011\u0010\u0003\u001a\u00020\u0004¢\u0006\b\n��\u001a\u0004\b\t\u0010\nR\u001a\u0010\u000b\u001a\b\u0012\u0004\u0012\u00020\f0\u00068VX\u0096\u0004¢\u0006\u0006\u001a\u0004\b\r\u0010\u000eR)\u0010\u000f\u001a\u001a\u0012\u0004\u0012\u00020\f\u0012\u0004\u0012\u00020\u0011\u0012\u0004\u0012\u00020\u0012\u0012\u0004\u0012\u00020\u00130\u0010¢\u0006\b\n��\u001a\u0004\b\u0014\u0010\u0015¨\u0006,"}, d2 = {"Lnet/corda/node/services/keys/PersistentKeyManagementService;", "Lnet/corda/core/serialization/SingletonSerializeAsToken;", "Lnet/corda/core/node/services/KeyManagementService;", "identityService", "Lnet/corda/core/node/services/IdentityService;", "initialKeys", "", "Ljava/security/KeyPair;", "(Lnet/corda/core/node/services/IdentityService;Ljava/util/Set;)V", "getIdentityService", "()Lnet/corda/core/node/services/IdentityService;", "keys", "Ljava/security/PublicKey;", "getKeys", "()Ljava/util/Set;", "keysMap", "Lnet/corda/node/utilities/AppendOnlyPersistentMap;", "Ljava/security/PrivateKey;", "Lnet/corda/node/services/keys/PersistentKeyManagementService$PersistentKey;", "", "getKeysMap", "()Lnet/corda/node/utilities/AppendOnlyPersistentMap;", "filterMyKeys", "", "candidateKeys", "freshKey", "freshKeyAndCert", "Lnet/corda/core/identity/PartyAndCertificate;", "identity", "revocationEnabled", "", "getSigner", "Lorg/bouncycastle/operator/ContentSigner;", "publicKey", "getSigningKeyPair", "sign", "Lnet/corda/core/crypto/DigitalSignature$WithKey;", "bytes", "", "Lnet/corda/core/crypto/TransactionSignature;", "signableData", "Lnet/corda/core/crypto/SignableData;", "Companion", "PersistentKey", "node"})
/* loaded from: input_file:net/corda/node/services/keys/PersistentKeyManagementService.class */
public final class PersistentKeyManagementService extends SingletonSerializeAsToken implements KeyManagementService {

    @NotNull
    private final AppendOnlyPersistentMap<PublicKey, PrivateKey, PersistentKey, String> keysMap;

    @NotNull
    private final IdentityService identityService;
    public static final Companion Companion = new Companion(null);

    /* compiled from: PersistentKeyManagementService.kt */
    @Metadata(mv = {1, 1, 8}, bv = {1, 0, 2}, k = 1, d1 = {"��\"\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0010\u000e\n��\b\u0082\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u001e\u0010\u0003\u001a\u001a\u0012\u0004\u0012\u00020\u0005\u0012\u0004\u0012\u00020\u0006\u0012\u0004\u0012\u00020\u0007\u0012\u0004\u0012\u00020\b0\u0004¨\u0006\t"}, d2 = {"Lnet/corda/node/services/keys/PersistentKeyManagementService$Companion;", "", "()V", "createKeyMap", "Lnet/corda/node/utilities/AppendOnlyPersistentMap;", "Ljava/security/PublicKey;", "Ljava/security/PrivateKey;", "Lnet/corda/node/services/keys/PersistentKeyManagementService$PersistentKey;", "", "node"})
    /* loaded from: input_file:net/corda/node/services/keys/PersistentKeyManagementService$Companion.class */
    private static final class Companion {
        @NotNull
        public final AppendOnlyPersistentMap<PublicKey, PrivateKey, PersistentKey, String> createKeyMap() {
            return new AppendOnlyPersistentMap<>(new Function1<PublicKey, String>() { // from class: net.corda.node.services.keys.PersistentKeyManagementService$Companion$createKeyMap$1
                @NotNull
                public final String invoke(@NotNull PublicKey publicKey) {
                    Intrinsics.checkParameterIsNotNull(publicKey, "it");
                    return CryptoUtils.toStringShort(publicKey);
                }
            }, new Function1<PersistentKey, Pair<? extends PublicKey, ? extends PrivateKey>>() { // from class: net.corda.node.services.keys.PersistentKeyManagementService$Companion$createKeyMap$2
                @NotNull
                public final Pair<PublicKey, PrivateKey> invoke(@NotNull PersistentKeyManagementService.PersistentKey persistentKey) {
                    Intrinsics.checkParameterIsNotNull(persistentKey, "it");
                    return new Pair<>(Crypto.decodePublicKey(persistentKey.getPublicKey()), Crypto.decodePrivateKey(persistentKey.getPrivateKey()));
                }
            }, new Function2<PublicKey, PrivateKey, PersistentKey>() { // from class: net.corda.node.services.keys.PersistentKeyManagementService$Companion$createKeyMap$3
                @NotNull
                public final PersistentKeyManagementService.PersistentKey invoke(@NotNull PublicKey publicKey, @NotNull PrivateKey privateKey) {
                    Intrinsics.checkParameterIsNotNull(publicKey, "key");
                    Intrinsics.checkParameterIsNotNull(privateKey, "value");
                    return new PersistentKeyManagementService.PersistentKey(publicKey, privateKey);
                }
            }, PersistentKey.class, 0L, 16, null);
        }

        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* compiled from: PersistentKeyManagementService.kt */
    @Table(name = "node_our_key_pairs")
    @Entity
    @Metadata(mv = {1, 1, 8}, bv = {1, 0, 2}, k = 1, d1 = {"��$\n\u0002\u0018\u0002\n\u0002\u0010��\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\u0010\u0012\n\u0002\b\f\b\u0007\u0018��2\u00020\u0001B\u0017\b\u0016\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005¢\u0006\u0002\u0010\u0006B!\u0012\u0006\u0010\u0007\u001a\u00020\b\u0012\b\b\u0002\u0010\u0002\u001a\u00020\t\u0012\b\b\u0002\u0010\u0004\u001a\u00020\t¢\u0006\u0002\u0010\nR\u001e\u0010\u0004\u001a\u00020\t8\u0006@\u0006X\u0087\u000e¢\u0006\u000e\n��\u001a\u0004\b\u000b\u0010\f\"\u0004\b\r\u0010\u000eR\u001e\u0010\u0002\u001a\u00020\t8\u0006@\u0006X\u0087\u000e¢\u0006\u000e\n��\u001a\u0004\b\u000f\u0010\f\"\u0004\b\u0010\u0010\u000eR\u001e\u0010\u0007\u001a\u00020\b8\u0006@\u0006X\u0087\u000e¢\u0006\u000e\n��\u001a\u0004\b\u0011\u0010\u0012\"\u0004\b\u0013\u0010\u0014¨\u0006\u0015"}, d2 = {"Lnet/corda/node/services/keys/PersistentKeyManagementService$PersistentKey;", "", "publicKey", "Ljava/security/PublicKey;", "privateKey", "Ljava/security/PrivateKey;", "(Ljava/security/PublicKey;Ljava/security/PrivateKey;)V", "publicKeyHash", "", "", "(Ljava/lang/String;[B[B)V", "getPrivateKey", "()[B", "setPrivateKey", "([B)V", "getPublicKey", "setPublicKey", "getPublicKeyHash", "()Ljava/lang/String;", "setPublicKeyHash", "(Ljava/lang/String;)V", "node"})
    /* loaded from: input_file:net/corda/node/services/keys/PersistentKeyManagementService$PersistentKey.class */
    public static final class PersistentKey {

        @Id
        @Column(name = "public_key_hash", length = 130)
        @NotNull
        private String publicKeyHash;

        @Lob
        @Column(name = "public_key")
        @NotNull
        private byte[] publicKey;

        @Lob
        @Column(name = "private_key")
        @NotNull
        private byte[] privateKey;

        @NotNull
        public final String getPublicKeyHash() {
            return this.publicKeyHash;
        }

        public final void setPublicKeyHash(@NotNull String str) {
            Intrinsics.checkParameterIsNotNull(str, "<set-?>");
            this.publicKeyHash = str;
        }

        @NotNull
        public final byte[] getPublicKey() {
            return this.publicKey;
        }

        public final void setPublicKey(@NotNull byte[] bArr) {
            Intrinsics.checkParameterIsNotNull(bArr, "<set-?>");
            this.publicKey = bArr;
        }

        @NotNull
        public final byte[] getPrivateKey() {
            return this.privateKey;
        }

        public final void setPrivateKey(@NotNull byte[] bArr) {
            Intrinsics.checkParameterIsNotNull(bArr, "<set-?>");
            this.privateKey = bArr;
        }

        public PersistentKey(@NotNull String str, @NotNull byte[] bArr, @NotNull byte[] bArr2) {
            Intrinsics.checkParameterIsNotNull(str, "publicKeyHash");
            Intrinsics.checkParameterIsNotNull(bArr, "publicKey");
            Intrinsics.checkParameterIsNotNull(bArr2, "privateKey");
            this.publicKeyHash = str;
            this.publicKey = bArr;
            this.privateKey = bArr2;
        }

        public /* synthetic */ PersistentKey(String str, byte[] bArr, byte[] bArr2, int i, DefaultConstructorMarker defaultConstructorMarker) {
            this(str, (i & 2) != 0 ? new byte[0] : bArr, (i & 4) != 0 ? new byte[0] : bArr2);
        }

        /* JADX WARN: Illegal instructions before constructor call */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public PersistentKey(@org.jetbrains.annotations.NotNull java.security.PublicKey r8, @org.jetbrains.annotations.NotNull java.security.PrivateKey r9) {
            /*
                r7 = this;
                r0 = r8
                java.lang.String r1 = "publicKey"
                kotlin.jvm.internal.Intrinsics.checkParameterIsNotNull(r0, r1)
                r0 = r9
                java.lang.String r1 = "privateKey"
                kotlin.jvm.internal.Intrinsics.checkParameterIsNotNull(r0, r1)
                r0 = r7
                r1 = r8
                java.lang.String r1 = net.corda.core.crypto.CryptoUtils.toStringShort(r1)
                r2 = r8
                byte[] r2 = r2.getEncoded()
                r3 = r2
                java.lang.String r4 = "publicKey.encoded"
                kotlin.jvm.internal.Intrinsics.checkExpressionValueIsNotNull(r3, r4)
                r3 = r9
                byte[] r3 = r3.getEncoded()
                r4 = r3
                java.lang.String r5 = "privateKey.encoded"
                kotlin.jvm.internal.Intrinsics.checkExpressionValueIsNotNull(r4, r5)
                r0.<init>(r1, r2, r3)
                return
            */
            throw new UnsupportedOperationException("Method not decompiled: net.corda.node.services.keys.PersistentKeyManagementService.PersistentKey.<init>(java.security.PublicKey, java.security.PrivateKey):void");
        }

        public PersistentKey() {
        }
    }

    @NotNull
    public final AppendOnlyPersistentMap<PublicKey, PrivateKey, PersistentKey, String> getKeysMap() {
        return this.keysMap;
    }

    @NotNull
    public Set<PublicKey> getKeys() {
        return SequencesKt.toSet(SequencesKt.map(this.keysMap.allPersisted(), new Function1<Pair<? extends PublicKey, ? extends PrivateKey>, PublicKey>() { // from class: net.corda.node.services.keys.PersistentKeyManagementService$keys$1
            @NotNull
            public final PublicKey invoke(@NotNull Pair<? extends PublicKey, ? extends PrivateKey> pair) {
                Intrinsics.checkParameterIsNotNull(pair, "it");
                return (PublicKey) pair.getFirst();
            }
        }));
    }

    @NotNull
    public Iterable<PublicKey> filterMyKeys(@NotNull Iterable<? extends PublicKey> iterable) {
        Intrinsics.checkParameterIsNotNull(iterable, "candidateKeys");
        ArrayList arrayList = new ArrayList();
        for (PublicKey publicKey : iterable) {
            if (this.keysMap.get(publicKey) != null) {
                arrayList.add(publicKey);
            }
        }
        return arrayList;
    }

    @NotNull
    public PublicKey freshKey() {
        KeyPair generateKeyPair = CryptoUtils.generateKeyPair();
        AppendOnlyPersistentMap<PublicKey, PrivateKey, PersistentKey, String> appendOnlyPersistentMap = this.keysMap;
        PublicKey publicKey = generateKeyPair.getPublic();
        Intrinsics.checkExpressionValueIsNotNull(publicKey, "keyPair.public");
        PrivateKey privateKey = generateKeyPair.getPrivate();
        Intrinsics.checkExpressionValueIsNotNull(privateKey, "keyPair.private");
        appendOnlyPersistentMap.set(publicKey, privateKey);
        PublicKey publicKey2 = generateKeyPair.getPublic();
        Intrinsics.checkExpressionValueIsNotNull(publicKey2, "keyPair.public");
        return publicKey2;
    }

    @NotNull
    public PartyAndCertificate freshKeyAndCert(@NotNull PartyAndCertificate partyAndCertificate, boolean z) {
        Intrinsics.checkParameterIsNotNull(partyAndCertificate, "identity");
        return KMSUtilsKt.freshCertificate(this.identityService, freshKey(), partyAndCertificate, getSigner(partyAndCertificate.getOwningKey()), z);
    }

    private final ContentSigner getSigner(PublicKey publicKey) {
        return KMSUtilsKt.getSigner(getSigningKeyPair(publicKey));
    }

    private final KeyPair getSigningKeyPair(PublicKey publicKey) {
        for (Object obj : CryptoUtils.getKeys(publicKey)) {
            if (this.keysMap.get((PublicKey) obj) != null) {
                PublicKey publicKey2 = (PublicKey) obj;
                PrivateKey privateKey = this.keysMap.get(publicKey2);
                if (privateKey == null) {
                    Intrinsics.throwNpe();
                }
                return new KeyPair(publicKey2, privateKey);
            }
        }
        throw new NoSuchElementException("Collection contains no element matching the predicate.");
    }

    @NotNull
    public DigitalSignature.WithKey sign(@NotNull byte[] bArr, @NotNull PublicKey publicKey) {
        Intrinsics.checkParameterIsNotNull(bArr, "bytes");
        Intrinsics.checkParameterIsNotNull(publicKey, "publicKey");
        return CryptoUtils.sign(getSigningKeyPair(publicKey), bArr);
    }

    @NotNull
    public TransactionSignature sign(@NotNull SignableData signableData, @NotNull PublicKey publicKey) {
        Intrinsics.checkParameterIsNotNull(signableData, "signableData");
        Intrinsics.checkParameterIsNotNull(publicKey, "publicKey");
        return CryptoUtils.sign(getSigningKeyPair(publicKey), signableData);
    }

    @NotNull
    public final IdentityService getIdentityService() {
        return this.identityService;
    }

    public PersistentKeyManagementService(@NotNull IdentityService identityService, @NotNull Set<KeyPair> set) {
        Intrinsics.checkParameterIsNotNull(identityService, "identityService");
        Intrinsics.checkParameterIsNotNull(set, "initialKeys");
        this.identityService = identityService;
        this.keysMap = Companion.createKeyMap();
        for (KeyPair keyPair : set) {
            AppendOnlyPersistentMap<PublicKey, PrivateKey, PersistentKey, String> appendOnlyPersistentMap = this.keysMap;
            PublicKey publicKey = keyPair.getPublic();
            Intrinsics.checkExpressionValueIsNotNull(publicKey, "it.public");
            PrivateKey privateKey = keyPair.getPrivate();
            Intrinsics.checkExpressionValueIsNotNull(privateKey, "it.private");
            AppendOnlyPersistentMapBase.addWithDuplicatesAllowed$default(appendOnlyPersistentMap, publicKey, privateKey, false, 4, null);
        }
    }
}
