package com.tokera.ate.security;

import com.google.common.base.Charsets;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import com.tokera.ate.common.ImmutalizableArrayList;
import com.tokera.ate.common.LoggerHook;
import com.tokera.ate.dao.enumerations.KeyType;
import com.tokera.ate.dao.msg.MessageKeyType;
import com.tokera.ate.dao.msg.MessagePrivateKey;
import com.tokera.ate.dao.msg.MessagePublicKey;
import com.tokera.ate.dto.msg.MessageKeyPartDto;
import com.tokera.ate.dto.msg.MessagePrivateKeyDto;
import com.tokera.ate.dto.msg.MessagePublicKeyDto;
import com.tokera.ate.enumerations.LinuxCmds;
import com.tokera.ate.io.api.IAteIO;
import com.tokera.ate.io.api.IPartitionKey;
import com.tokera.ate.qualifiers.BackendStorageSystem;
import com.tokera.ate.scopes.Startup;
import com.tokera.ate.security.core.PredictablyRandomFactory;
import com.tokera.ate.security.core.SecureRandomFactory;
import com.tokera.ate.security.core.newhope_predictable.NHKeyPairGeneratorPredictable;
import com.tokera.ate.security.core.ntru_predictable.EncryptionKeyPairGenerator;
import com.tokera.ate.security.core.ntru_predictable.SigningKeyPairGenerator;
import com.tokera.ate.security.core.qtesla_predictable.Parameter;
import com.tokera.ate.security.core.qtesla_predictable.Polynomial;
import com.tokera.ate.security.core.qtesla_predictable.QTESLAKeyPairGeneratorPredictable;
import com.tokera.ate.security.core.rainbow_predictable.RainbowKeyPairGeneratorPredictable;
import com.tokera.ate.security.core.rainbow_predictable.RainbowKeySerializer;
import com.tokera.ate.security.core.xmss_predictable.XMSSMTKeyGenerationParametersPredictable;
import com.tokera.ate.security.core.xmss_predictable.XMSSMTKeyPairGeneratorPredictable;
import com.tokera.ate.security.core.xmss_predictable.XMSSMTParametersPredictable;
import com.tokera.ate.security.core.xmss_predictable.XmssKeySerializer;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.lang.annotation.Annotation;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.Security;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import java.util.concurrent.ConcurrentLinkedQueue;
import java.util.stream.Collectors;
import javax.annotation.PostConstruct;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.inject.spi.CDI;
import javax.enterprise.util.AnnotationLiteral;
import javax.inject.Inject;
import javax.xml.bind.DatatypeConverter;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.time.StopWatch;
import org.apache.kafka.common.utils.Utils;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.KeyGenerationParameters;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.digests.SHA512Digest;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.pqc.crypto.ExchangePair;
import org.bouncycastle.pqc.crypto.newhope.NHAgreement;
import org.bouncycastle.pqc.crypto.newhope.NHExchangePairGenerator;
import org.bouncycastle.pqc.crypto.newhope.NHKeyPairGenerator;
import org.bouncycastle.pqc.crypto.newhope.NHPrivateKeyParameters;
import org.bouncycastle.pqc.crypto.newhope.NHPublicKeyParameters;
import org.bouncycastle.pqc.crypto.ntru.NTRUEncryptionKeyGenerationParameters;
import org.bouncycastle.pqc.crypto.ntru.NTRUEncryptionPrivateKeyParameters;
import org.bouncycastle.pqc.crypto.ntru.NTRUEncryptionPublicKeyParameters;
import org.bouncycastle.pqc.crypto.ntru.NTRUEngine;
import org.bouncycastle.pqc.crypto.ntru.NTRUSigner;
import org.bouncycastle.pqc.crypto.ntru.NTRUSigningKeyGenerationParameters;
import org.bouncycastle.pqc.crypto.ntru.NTRUSigningPrivateKeyParameters;
import org.bouncycastle.pqc.crypto.ntru.NTRUSigningPublicKeyParameters;
import org.bouncycastle.pqc.crypto.qtesla.QTESLAKeyGenerationParameters;
import org.bouncycastle.pqc.crypto.qtesla.QTESLAKeyPairGenerator;
import org.bouncycastle.pqc.crypto.qtesla.QTESLAPrivateKeyParameters;
import org.bouncycastle.pqc.crypto.qtesla.QTESLAPublicKeyParameters;
import org.bouncycastle.pqc.crypto.qtesla.QTESLASigner;
import org.bouncycastle.pqc.crypto.rainbow.RainbowKeyGenerationParameters;
import org.bouncycastle.pqc.crypto.rainbow.RainbowKeyPairGenerator;
import org.bouncycastle.pqc.crypto.rainbow.RainbowParameters;
import org.bouncycastle.pqc.crypto.rainbow.RainbowPrivateKeyParameters;
import org.bouncycastle.pqc.crypto.rainbow.RainbowPublicKeyParameters;
import org.bouncycastle.pqc.crypto.rainbow.RainbowSigner;
import org.bouncycastle.pqc.crypto.xmss.XMSSMTKeyGenerationParameters;
import org.bouncycastle.pqc.crypto.xmss.XMSSMTKeyPairGenerator;
import org.bouncycastle.pqc.crypto.xmss.XMSSMTParameters;
import org.bouncycastle.pqc.crypto.xmss.XMSSMTPrivateKeyParameters;
import org.bouncycastle.pqc.crypto.xmss.XMSSMTPublicKeyParameters;
import org.bouncycastle.pqc.crypto.xmss.XMSSMTSigner;

@ApplicationScoped
@Startup
/* loaded from: input_file:com/tokera/ate/security/Encryptor.class */
public class Encryptor implements Runnable {

    @Inject
    private LoggerHook LOG;
    private static Encryptor g_Instance;
    private static MessageDigest g_sha256digest;
    private static MessageDigest g_md5digest;
    private MessageDigest sha256digest;
    private MessageDigest md5digest;
    public static final int GCM_NONCE_LENGTH = 12;
    public static final int AES_KEY_SIZE = 128;
    public static final int AES_KEY_SIZE_BYTES = 16;
    public static final int GCM_TAG_LENGTH = 16;
    private MessagePrivateKeyDto trustOfPublicRead;
    private MessagePrivateKeyDto trustOfPublicWrite;
    private final SecureRandom srandom = new SecureRandom();
    private final ArrayList<Thread> threads = new ArrayList<>();
    private final int ntruSignParams128thresholdPrivate = 999;
    private final int ntruSignParams128thresholdPublic = 380;
    private final int ntruSignParams256thresholdPrivate = 2096;
    private final int ntruSignParams256thresholdPublic = 813;
    private final int ntruEncryptParams256thresholdPrivate = 930;
    private final int ntruEncryptParams256thresholdPublic = 813;
    private int c_KeyPreGenThreads = 6;
    private int c_KeyPreGenDelay = 60;
    private int c_KeyPreGen64 = 80;
    private int c_KeyPreGen128 = 80;
    private int c_KeyPreGen256 = 20;
    private int c_AesPreGen128 = 800;
    private int c_AesPreGen256 = 200;
    private int c_AesPreGen512 = 100;
    private final ConcurrentLinkedQueue<MessagePrivateKeyDto> genSign64Queue = new ConcurrentLinkedQueue<>();
    private final ConcurrentLinkedQueue<MessagePrivateKeyDto> genSign128Queue = new ConcurrentLinkedQueue<>();
    private final ConcurrentLinkedQueue<MessagePrivateKeyDto> genSign256Queue = new ConcurrentLinkedQueue<>();
    private final ConcurrentLinkedQueue<MessagePrivateKeyDto> genEncrypt128Queue = new ConcurrentLinkedQueue<>();
    private final ConcurrentLinkedQueue<MessagePrivateKeyDto> genEncrypt256Queue = new ConcurrentLinkedQueue<>();
    private final ConcurrentLinkedQueue<String> genAes128Queue = new ConcurrentLinkedQueue<>();
    private final ConcurrentLinkedQueue<String> genAes256Queue = new ConcurrentLinkedQueue<>();
    private final ConcurrentLinkedQueue<String> genAes512Queue = new ConcurrentLinkedQueue<>();
    private final ConcurrentLinkedQueue<String> genSaltQueue = new ConcurrentLinkedQueue<>();
    private Iterable<KeyType> defaultSigningTypes = Lists.newArrayList(new KeyType[]{KeyType.qtesla, KeyType.rainbow});
    private Iterable<KeyType> defaultEncryptTypes = Lists.newArrayList(new KeyType[]{KeyType.ntru, KeyType.newhope});
    private int defaultAesStrength = 256;
    private int defaultSigningStrength = 256;
    private int defaultEncryptionStrength = 256;
    private Set<Integer> validEncryptSizes = new HashSet(Lists.newArrayList(new Integer[]{32, 64, Integer.valueOf(AES_KEY_SIZE), 256, Integer.valueOf(Parameter.N_I)}));

    /* loaded from: input_file:com/tokera/ate/security/Encryptor$KeyPairBytes.class */
    public class KeyPairBytes {
        public final byte[] privateKey;
        public final byte[] publicKey;

        public KeyPairBytes(byte[] bArr, byte[] bArr2) {
            this.privateKey = bArr;
            this.publicKey = bArr2;
        }
    }

    public void setDefaultSigningTypes(Iterable<KeyType> iterable) {
        this.defaultSigningTypes = iterable;
    }

    public void setDefaultEncryptTypes(Iterable<KeyType> iterable) {
        this.defaultEncryptTypes = iterable;
    }

    public void setDefaultAesStrength(int i) {
        this.defaultAesStrength = i;
    }

    public void setDefaultSigningStrength(int i) {
        this.defaultSigningStrength = i;
    }

    public void setDefaultEncryptionStrength(int i) {
        this.defaultEncryptionStrength = i;
    }

    public Set<Integer> getValidEncryptSizes() {
        return this.validEncryptSizes;
    }

    public void setValidEncryptSizes(Set<Integer> set) {
        this.validEncryptSizes = set;
    }

    private NTRUSigningKeyGenerationParameters buildNtruSignParams64() {
        return new NTRUSigningKeyGenerationParameters(157, 256, 29, 1, 1, 0.38d, 200.0d, 80.0d, false, false, 0, new SHA256Digest());
    }

    private NTRUSigningKeyGenerationParameters buildNtruSignParams128() {
        return new NTRUSigningKeyGenerationParameters(439, 2048, 146, 1, 1, 0.165d, 490.0d, 280.0d, false, true, 0, new SHA256Digest());
    }

    private NTRUSigningKeyGenerationParameters buildNtruSignParams256() {
        return new NTRUSigningKeyGenerationParameters(743, 2048, 248, 1, 1, 0.127d, 560.0d, 360.0d, true, false, 0, new SHA512Digest());
    }

    private NTRUEncryptionKeyGenerationParameters buildNtruEncryptParams128() {
        return new NTRUEncryptionKeyGenerationParameters(439, 2048, 146, 130, AES_KEY_SIZE, 9, 32, 9, true, new byte[]{0, 7, 101}, true, false, new SHA256Digest());
    }

    private NTRUEncryptionKeyGenerationParameters buildNtruEncryptParams256() {
        return new NTRUEncryptionKeyGenerationParameters(743, 2048, 248, 220, 256, 10, 27, 14, true, new byte[]{0, 7, 105}, false, false, new SHA512Digest());
    }

    @PostConstruct
    public void init() {
        g_Instance = this;
        try {
            this.sha256digest = MessageDigest.getInstance("SHA-256");
            this.md5digest = MessageDigest.getInstance("MD5");
            Security.addProvider(new BouncyCastleProvider());
            for (int i = 0; i < this.c_KeyPreGenThreads; i++) {
                Thread thread = new Thread(this);
                thread.setPriority(1);
                thread.setDaemon(true);
                thread.start();
                this.threads.add(thread);
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public void setKeyPreGenThreads(int i) {
        this.c_KeyPreGenThreads = i;
    }

    public void setKeyPreGenDelay(int i) {
        this.c_KeyPreGenDelay = i;
    }

    public void setKeyPreGen64(int i) {
        this.c_KeyPreGen64 = i;
    }

    public void setKeyPreGen128(int i) {
        this.c_KeyPreGen128 = i;
    }

    public void setKeyPreGen256(int i) {
        this.c_KeyPreGen256 = i;
    }

    public void setAesPreGen128(int i) {
        this.c_AesPreGen128 = i;
    }

    public void setAesPreGen256(int i) {
        this.c_AesPreGen256 = i;
    }

    public void setAesPreGen512(int i) {
        this.c_AesPreGen512 = i;
    }

    @Override // java.lang.Runnable
    public void run() {
        Long l = 500L;
        Long l2 = 2000L;
        synchronized (this) {
            try {
                wait(l2.longValue());
            } catch (InterruptedException e) {
                this.LOG.warn(e);
            }
        }
        StopWatch stopWatch = new StopWatch();
        stopWatch.start();
        while (true) {
            try {
                long time = (stopWatch.getTime() / 1000) - this.c_KeyPreGenDelay;
                if (time > 0) {
                    runGenerateKeys(2 + (time / 8));
                }
                synchronized (this) {
                    wait(4000L);
                }
                l = 500L;
            } catch (Throwable th) {
                try {
                    Thread.sleep(l.longValue());
                    l = Long.valueOf(l.longValue() * 2);
                    if (l.longValue() > 4000) {
                        l = 4000L;
                    }
                } catch (InterruptedException e2) {
                    this.LOG.warn(e2);
                    return;
                }
            }
        }
    }

    private static Cipher getAesCipher() {
        try {
            return Cipher.getInstance("AES");
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new RuntimeException(e);
        }
    }

    private static Cipher getAesCipherCbc() {
        try {
            return Cipher.getInstance("AES/CBC/PKCS5PADDING");
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new RuntimeException(e);
        }
    }

    private static Cipher getAesCipherGcm() {
        try {
            return Cipher.getInstance("AES/GCM/NoPadding", "SunJCE");
        } catch (NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException e) {
            throw new RuntimeException(e);
        }
    }

    private void runGenerateKeys(long j) {
        boolean z;
        int size = this.genSign64Queue.size();
        int size2 = this.genSign128Queue.size();
        int size3 = this.genSign256Queue.size();
        int size4 = this.genEncrypt128Queue.size();
        int size5 = this.genEncrypt256Queue.size();
        int size6 = this.genAes128Queue.size();
        int size7 = this.genAes256Queue.size();
        int size8 = this.genAes512Queue.size();
        int size9 = this.genSaltQueue.size();
        do {
            z = false;
            if (size < this.c_KeyPreGen64 && size < j) {
                this.genSign64Queue.add(genSignKeyNow(64, this.defaultSigningTypes));
                size++;
                z = true;
            }
            if (size2 < this.c_KeyPreGen128 && size2 < j) {
                this.genSign128Queue.add(genSignKeyNow(AES_KEY_SIZE, this.defaultSigningTypes));
                size2++;
                z = true;
            }
            if (size3 < this.c_KeyPreGen256 && size3 < j) {
                this.genSign256Queue.add(genSignKeyNow(256, this.defaultSigningTypes));
                size3++;
                z = true;
            }
            if (size4 < this.c_KeyPreGen128 && size4 < j) {
                this.genEncrypt128Queue.add(genEncryptKeyNow(AES_KEY_SIZE, this.defaultEncryptTypes));
                size4++;
                z = true;
            }
            if (size5 < this.c_KeyPreGen256 && size5 < j) {
                this.genEncrypt256Queue.add(genEncryptKeyNow(256, this.defaultEncryptTypes));
                size5++;
                z = true;
            }
            if (size9 < this.c_AesPreGen128 && size9 < j) {
                this.genSaltQueue.add(new BigInteger(320, this.srandom).toString(16).toUpperCase());
                size9++;
                z = true;
            }
            if (size6 < this.c_AesPreGen128 && size6 < j) {
                this.genAes128Queue.add(generateSecret64Now(AES_KEY_SIZE));
                size6++;
                z = true;
            }
            if (size7 < this.c_AesPreGen256 && size7 < j) {
                this.genAes256Queue.add(generateSecret64Now(256));
                size7++;
                z = true;
            }
            if (size8 < this.c_AesPreGen512 && size8 < j) {
                this.genAes512Queue.add(generateSecret64Now(Parameter.N_I));
                size8++;
                z = true;
            }
        } while (z);
    }

    public void touch() {
    }

    public void moreKeys() {
        synchronized (this) {
            notify();
        }
    }

    public static Encryptor getInstance() {
        return g_Instance;
    }

    public String encryptCbc(String str, String str2, String str3) {
        if (str2 == null) {
            str2 = LinuxCmds.Void;
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            byte[] copyOfRange = Arrays.copyOfRange(messageDigest.digest(str2.getBytes(StandardCharsets.UTF_8)), 0, 16);
            byte[] copyOfRange2 = Arrays.copyOfRange(messageDigest.digest(str.getBytes(StandardCharsets.UTF_8)), 0, 16);
            IvParameterSpec ivParameterSpec = new IvParameterSpec(copyOfRange);
            SecretKeySpec secretKeySpec = new SecretKeySpec(copyOfRange2, "AES");
            Cipher aesCipherCbc = getAesCipherCbc();
            aesCipherCbc.init(1, secretKeySpec, ivParameterSpec);
            return Base64.encodeBase64URLSafeString(aesCipherCbc.doFinal(str3.getBytes()));
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException e) {
            throw new RuntimeException(e);
        }
    }

    public String decryptCbc(String str, String str2, String str3) {
        if (str2 == null) {
            str2 = LinuxCmds.Void;
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            byte[] copyOfRange = Arrays.copyOfRange(messageDigest.digest(str2.getBytes(StandardCharsets.UTF_8)), 0, 16);
            byte[] copyOfRange2 = Arrays.copyOfRange(messageDigest.digest(str.getBytes(StandardCharsets.UTF_8)), 0, 16);
            IvParameterSpec ivParameterSpec = new IvParameterSpec(copyOfRange);
            SecretKeySpec secretKeySpec = new SecretKeySpec(copyOfRange2, "AES");
            Cipher aesCipherCbc = getAesCipherCbc();
            aesCipherCbc.init(2, secretKeySpec, ivParameterSpec);
            return new String(aesCipherCbc.doFinal(Base64.decodeBase64(str3)));
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException e) {
            throw new RuntimeException(e);
        }
    }

    public String encryptGcm(byte[] bArr, String str, String str2) {
        return cipherGcm(bArr, str, str2, 1);
    }

    public String decryptGcm(byte[] bArr, String str, String str2) {
        return cipherGcm(bArr, str, str2, 2);
    }

    private String cipherGcm(byte[] bArr, String str, String str2, int i) {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, 0, bArr.length, "AES");
            Cipher aesCipherGcm = getAesCipherGcm();
            if (str != null) {
                byte[] digest = MessageDigest.getInstance("SHA-256").digest(str.getBytes());
                if (digest.length > 12) {
                    digest = Arrays.copyOf(digest, 12);
                }
                aesCipherGcm.init(i, secretKeySpec, new GCMParameterSpec(AES_KEY_SIZE, digest));
            } else {
                aesCipherGcm.init(i, secretKeySpec);
            }
            return Base64.encodeBase64URLSafeString(aesCipherGcm.doFinal(str2.getBytes()));
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException e) {
            throw new RuntimeException(e);
        }
    }

    public byte[] encryptAes(byte[] bArr, byte[] bArr2) {
        return cipherAes(bArr, ByteBuffer.wrap(bArr2), 1);
    }

    public byte[] encryptAes(byte[] bArr, ByteBuffer byteBuffer) {
        return cipherAes(bArr, byteBuffer, 1);
    }

    public byte[] decryptAes(byte[] bArr, byte[] bArr2) {
        return cipherAes(bArr, ByteBuffer.wrap(bArr2), 2);
    }

    public byte[] decryptAes(byte[] bArr, ByteBuffer byteBuffer) {
        return cipherAes(bArr, byteBuffer, 2);
    }

    private byte[] cipherAes(byte[] bArr, ByteBuffer byteBuffer, int i) {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, 0, bArr.length, "AES");
            Cipher aesCipher = getAesCipher();
            aesCipher.init(i, secretKeySpec);
            byte[] bArr2 = new byte[aesCipher.getOutputSize(byteBuffer.remaining())];
            int doFinal = aesCipher.doFinal(byteBuffer, ByteBuffer.wrap(bArr2));
            if (doFinal <= 0) {
                return bArr2;
            }
            if (doFinal != bArr2.length) {
                byte[] bArr3 = new byte[doFinal];
                System.arraycopy(bArr2, 0, bArr3, 0, doFinal);
                bArr2 = bArr3;
            }
            return bArr2;
        } catch (InvalidKeyException | BadPaddingException | IllegalBlockSizeException | ShortBufferException e) {
            throw new RuntimeException(e);
        }
    }

    public MessagePrivateKeyDto genSignKey() {
        return genSignKey(this.defaultSigningStrength);
    }

    public MessagePrivateKeyDto genSignKey(int i) {
        return genSignKeyWithAlias(i, null);
    }

    public MessagePrivateKeyDto genSignKeyWithAlias(String str) {
        return genSignKeyWithAlias(this.defaultSigningStrength, null);
    }

    public MessagePrivateKeyDto genSignKeyWithAlias(int i, String str) {
        MessagePrivateKeyDto poll;
        MessagePrivateKeyDto poll2;
        if (i == 64 && (poll2 = this.genSign64Queue.poll()) != null) {
            if (str != null) {
                poll2.setAlias(str);
            }
            return poll2;
        }
        if (i == 128) {
            MessagePrivateKeyDto poll3 = this.genSign128Queue.poll();
            moreKeys();
            if (poll3 != null) {
                if (str != null) {
                    poll3.setAlias(str);
                }
                return poll3;
            }
        }
        if (i != 256 || (poll = this.genSign256Queue.poll()) == null) {
            return genSignKeyNowWithAlias(i, this.defaultSigningTypes, str);
        }
        if (str != null) {
            poll.setAlias(str);
        }
        return poll;
    }

    public MessagePrivateKeyDto genSignKeyNow(int i) {
        return genSignKeyNowWithAlias(i, this.defaultSigningTypes, null);
    }

    public MessagePrivateKeyDto genSignKeyNowWithAlias(int i, String str) {
        return genSignKeyNowWithAlias(i, this.defaultSigningTypes, str);
    }

    public MessagePrivateKeyDto genSignKeyNow(int i, Iterable<KeyType> iterable) {
        return genSignKeyNowWithAlias(i, iterable, null);
    }

    public MessagePrivateKeyDto genSignKeyNowWithAlias(int i, Iterable<KeyType> iterable, String str) {
        KeyPairBytes genSignKeyRainbowNow;
        LinkedList linkedList = new LinkedList();
        LinkedList linkedList2 = new LinkedList();
        for (KeyType keyType : iterable) {
            switch (keyType) {
                case qtesla:
                    genSignKeyRainbowNow = genSignKeyQTeslaNow(i);
                    break;
                case xmssmt:
                    genSignKeyRainbowNow = genSignKeyXmssMtNow(i);
                    break;
                case rainbow:
                    genSignKeyRainbowNow = genSignKeyRainbowNow(i);
                    break;
                case ntru_sign:
                    throw new RuntimeException("NTRU for signing is not considered secure anymore.");
                default:
                    throw new RuntimeException("The key type [" + keyType + "] is not supported as an asymmetric encryption key.");
            }
            KeyPairBytes keyPairBytes = genSignKeyRainbowNow;
            linkedList.add(new MessageKeyPartDto(keyType, i, keyPairBytes.publicKey));
            linkedList2.add(new MessageKeyPartDto(keyType, i, keyPairBytes.privateKey));
        }
        MessagePrivateKeyDto messagePrivateKeyDto = new MessagePrivateKeyDto(linkedList, linkedList2);
        if (str != null) {
            messagePrivateKeyDto.setAlias(str);
        }
        return messagePrivateKeyDto;
    }

    public MessagePrivateKeyDto genSignKeyFromSeed(int i, String str) {
        return genSignKeyFromSeedWithAlias(i, this.defaultSigningTypes, str, null);
    }

    public MessagePrivateKeyDto genSignKeyFromSeedWithAlias(int i, String str, String str2) {
        return genSignKeyFromSeedWithAlias(i, this.defaultSigningTypes, str, str2);
    }

    public MessagePrivateKeyDto genSignKeyFromSeed(int i, Iterable<KeyType> iterable, String str) {
        return genSignKeyFromSeedWithAlias(i, iterable, str, null);
    }

    public MessagePrivateKeyDto genSignKeyFromSeedWithAlias(int i, Iterable<KeyType> iterable, String str, String str2) {
        KeyPairBytes genSignKeyRainbowFromSeed;
        PredictablyRandomFactory predictablyRandomFactory = new PredictablyRandomFactory(str);
        LinkedList linkedList = new LinkedList();
        LinkedList linkedList2 = new LinkedList();
        for (KeyType keyType : iterable) {
            switch (keyType) {
                case qtesla:
                    genSignKeyRainbowFromSeed = genSignKeyQTeslaFromSeed(i, predictablyRandomFactory);
                    break;
                case xmssmt:
                    genSignKeyRainbowFromSeed = genSignKeyXmssMtFromSeed(i, predictablyRandomFactory);
                    break;
                case rainbow:
                    genSignKeyRainbowFromSeed = genSignKeyRainbowFromSeed(i, predictablyRandomFactory);
                    break;
                case ntru_sign:
                    throw new RuntimeException("NTRU for signing is not considered secure anymore.");
                default:
                    throw new RuntimeException("The key type [" + keyType + "] is not supported as an asymmetric encryption key.");
            }
            KeyPairBytes keyPairBytes = genSignKeyRainbowFromSeed;
            linkedList.add(new MessageKeyPartDto(keyType, i, keyPairBytes.publicKey));
            linkedList2.add(new MessageKeyPartDto(keyType, i, keyPairBytes.privateKey));
        }
        MessagePrivateKeyDto messagePrivateKeyDto = new MessagePrivateKeyDto(linkedList, linkedList2);
        if (str2 != null) {
            messagePrivateKeyDto.setAlias(str2);
        }
        return messagePrivateKeyDto;
    }

    @Deprecated
    public KeyPairBytes genSignKeyNtruNow(int i) {
        for (int i2 = 0; i2 < 8; i2++) {
            SigningKeyPairGenerator signingKeyPairGenerator = new SigningKeyPairGenerator();
            switch (i) {
                case Polynomial.MESSAGE /* 64 */:
                    signingKeyPairGenerator.init(buildNtruSignParams64());
                    break;
                case AES_KEY_SIZE /* 128 */:
                    signingKeyPairGenerator.init(buildNtruSignParams128());
                    break;
                case 256:
                    signingKeyPairGenerator.init(buildNtruSignParams256());
                    break;
                default:
                    throw new RuntimeException("Unknown NTRU key size(" + i + ")");
            }
            AsymmetricCipherKeyPair generateKeyPair = signingKeyPairGenerator.generateKeyPair(new SecureRandomFactory());
            if (testSignNtru(generateKeyPair)) {
                return extractKey(generateKeyPair);
            }
        }
        throw new RuntimeException("Failed to generate signing key");
    }

    @Deprecated
    public KeyPairBytes genSignKeyNtruFromSeed(int i, String str) {
        SigningKeyPairGenerator signingKeyPairGenerator = new SigningKeyPairGenerator();
        switch (i) {
            case Polynomial.MESSAGE /* 64 */:
                signingKeyPairGenerator.init(buildNtruSignParams64());
                break;
            case AES_KEY_SIZE /* 128 */:
                signingKeyPairGenerator.init(buildNtruSignParams128());
                break;
            case 256:
                signingKeyPairGenerator.init(buildNtruSignParams256());
                break;
            default:
                throw new RuntimeException("Unknown NTRU key size(" + i + ")");
        }
        AsymmetricCipherKeyPair generateKeyPair = signingKeyPairGenerator.generateKeyPair(new PredictablyRandomFactory(str));
        if (testSignNtru(generateKeyPair)) {
            return extractKey(generateKeyPair);
        }
        throw new RuntimeException("Failed to generate signing key from seed");
    }

    @Deprecated
    private boolean testSignNtru(AsymmetricCipherKeyPair asymmetricCipherKeyPair) {
        try {
            return verifyNtru(asymmetricCipherKeyPair.getPublic().getEncoded(), "thecatranupthewall".getBytes(), signNtru(asymmetricCipherKeyPair.getPrivate().getEncoded(), "thecatranupthewall".getBytes()));
        } catch (Throwable th) {
            return false;
        }
    }

    public MessagePrivateKeyDto genEncryptKey() {
        return genEncryptKey(this.defaultEncryptionStrength);
    }

    public MessagePrivateKeyDto genEncryptKey(int i) {
        MessagePrivateKeyDto poll;
        if (i == 128) {
            MessagePrivateKeyDto poll2 = this.genEncrypt128Queue.poll();
            moreKeys();
            if (poll2 != null) {
                return poll2;
            }
        }
        return (i != 256 || (poll = this.genEncrypt256Queue.poll()) == null) ? genEncryptKeyNow(i, this.defaultEncryptTypes) : poll;
    }

    public MessagePrivateKeyDto genEncryptKeyWithAlias(int i, String str) {
        MessagePrivateKeyDto genEncryptKey = genEncryptKey(i);
        if (str == null) {
            return genEncryptKey;
        }
        genEncryptKey.setAlias(str);
        return genEncryptKey;
    }

    public MessagePrivateKeyDto genEncryptKeyNow(int i) {
        return genEncryptKeyNowWithAlias(i, this.defaultEncryptTypes, null);
    }

    public MessagePrivateKeyDto genEncryptKeyNowWithAlias(int i, String str) {
        return genEncryptKeyNowWithAlias(i, this.defaultEncryptTypes, str);
    }

    public MessagePrivateKeyDto genEncryptKeyNow(int i, Iterable<KeyType> iterable) {
        return genEncryptKeyNowWithAlias(i, iterable, null);
    }

    public MessagePrivateKeyDto genEncryptKeyNowWithAlias(int i, Iterable<KeyType> iterable, String str) {
        KeyPairBytes genEncryptKeyNewHopeNow;
        if (Iterables.size(iterable) <= 0) {
            throw new RuntimeException("Generated encryption key must have at least one key type.");
        }
        LinkedList linkedList = new LinkedList();
        LinkedList linkedList2 = new LinkedList();
        for (KeyType keyType : iterable) {
            switch (AnonymousClass2.$SwitchMap$com$tokera$ate$dao$enumerations$KeyType[keyType.ordinal()]) {
                case 5:
                    genEncryptKeyNewHopeNow = genEncryptKeyNtruNow(i);
                    break;
                case MessageKeyType.xmssmt /* 6 */:
                    genEncryptKeyNewHopeNow = genEncryptKeyNewHopeNow(i);
                    break;
                default:
                    throw new RuntimeException("The key type [" + keyType + "] is not supported as an asymmetric encryption key.");
            }
            KeyPairBytes keyPairBytes = genEncryptKeyNewHopeNow;
            linkedList.add(new MessageKeyPartDto(keyType, i, keyPairBytes.publicKey));
            linkedList2.add(new MessageKeyPartDto(keyType, i, keyPairBytes.privateKey));
        }
        MessagePrivateKeyDto messagePrivateKeyDto = new MessagePrivateKeyDto(linkedList, linkedList2);
        if (str != null) {
            messagePrivateKeyDto.setAlias(str);
        }
        return messagePrivateKeyDto;
    }

    public MessagePrivateKeyDto genEncryptKeyFromSeed(int i, String str) {
        return genEncryptKeyFromSeedWithAlias(i, this.defaultEncryptTypes, str, null);
    }

    public MessagePrivateKeyDto genEncryptKeyFromSeedWithAlias(int i, String str, String str2) {
        return genEncryptKeyFromSeedWithAlias(i, this.defaultEncryptTypes, str, str2);
    }

    public MessagePrivateKeyDto genEncryptKeyFromSeed(int i, Iterable<KeyType> iterable, String str) {
        return genEncryptKeyFromSeedWithAlias(i, iterable, str, null);
    }

    public MessagePrivateKeyDto genEncryptKeyFromSeedWithAlias(int i, Iterable<KeyType> iterable, String str, String str2) {
        KeyPairBytes genEncryptKeyNewHopeFromSeed;
        PredictablyRandomFactory predictablyRandomFactory = new PredictablyRandomFactory(str);
        if (Iterables.size(iterable) <= 0) {
            throw new RuntimeException("Generated encryption key must have at least one key type.");
        }
        LinkedList linkedList = new LinkedList();
        LinkedList linkedList2 = new LinkedList();
        for (KeyType keyType : iterable) {
            switch (AnonymousClass2.$SwitchMap$com$tokera$ate$dao$enumerations$KeyType[keyType.ordinal()]) {
                case 5:
                    genEncryptKeyNewHopeFromSeed = genEncryptKeyNtruFromSeed(i, predictablyRandomFactory);
                    break;
                case MessageKeyType.xmssmt /* 6 */:
                    genEncryptKeyNewHopeFromSeed = genEncryptKeyNewHopeFromSeed(i, predictablyRandomFactory);
                    break;
                default:
                    throw new RuntimeException("The key type [" + keyType + "] is not supported as an asymmetric encryption key.");
            }
            KeyPairBytes keyPairBytes = genEncryptKeyNewHopeFromSeed;
            linkedList.add(new MessageKeyPartDto(keyType, i, keyPairBytes.publicKey));
            linkedList2.add(new MessageKeyPartDto(keyType, i, keyPairBytes.privateKey));
        }
        MessagePrivateKeyDto messagePrivateKeyDto = new MessagePrivateKeyDto(linkedList, linkedList2);
        if (str2 != null) {
            messagePrivateKeyDto.setAlias(str2);
        }
        return messagePrivateKeyDto;
    }

    public KeyPairBytes genEncryptKeyNtruNow(int i) {
        for (int i2 = 0; i2 < 8; i2++) {
            EncryptionKeyPairGenerator encryptionKeyPairGenerator = new EncryptionKeyPairGenerator();
            switch (i) {
                case AES_KEY_SIZE /* 128 */:
                    encryptionKeyPairGenerator.init(buildNtruEncryptParams128());
                    break;
                case 256:
                case Parameter.N_I /* 512 */:
                    encryptionKeyPairGenerator.init(buildNtruEncryptParams256());
                    break;
                default:
                    throw new RuntimeException("Unknown NTRU key size(" + i + ")");
            }
            AsymmetricCipherKeyPair generateKeyPair = encryptionKeyPairGenerator.generateKeyPair(new SecureRandomFactory());
            if (testNtruKey(generateKeyPair)) {
                return extractKey(generateKeyPair);
            }
        }
        throw new RuntimeException("Failed to generate encryption key");
    }

    public KeyPairBytes genEncryptKeyNtruFromSeed(int i, String str) {
        return genEncryptKeyNtruFromSeed(i, new PredictablyRandomFactory(str));
    }

    public KeyPairBytes genEncryptKeyNtruFromSeed(int i, PredictablyRandomFactory predictablyRandomFactory) {
        EncryptionKeyPairGenerator encryptionKeyPairGenerator = new EncryptionKeyPairGenerator();
        switch (i) {
            case AES_KEY_SIZE /* 128 */:
                encryptionKeyPairGenerator.init(buildNtruEncryptParams128());
                break;
            case 256:
            case Parameter.N_I /* 512 */:
                encryptionKeyPairGenerator.init(buildNtruEncryptParams256());
                break;
            default:
                throw new RuntimeException("Unknown NTRU key size(" + i + ")");
        }
        AsymmetricCipherKeyPair generateKeyPair = encryptionKeyPairGenerator.generateKeyPair(predictablyRandomFactory);
        if (testNtruKey(generateKeyPair)) {
            return extractKey(generateKeyPair);
        }
        throw new RuntimeException("Failed to generate encryption key from seed");
    }

    private boolean testNtruKey(AsymmetricCipherKeyPair asymmetricCipherKeyPair) {
        NTRUEncryptionPrivateKeyParameters nTRUEncryptionPrivateKeyParameters = asymmetricCipherKeyPair.getPrivate();
        NTRUEncryptionPublicKeyParameters nTRUEncryptionPublicKeyParameters = asymmetricCipherKeyPair.getPublic();
        for (int i = 0; i < 10; i++) {
            byte[] decodeBase64 = Base64.decodeBase64(generateSecret64());
            try {
                if (Arrays.equals(decodeBase64, decryptNtruWithPrivate(nTRUEncryptionPrivateKeyParameters.getEncoded(), encryptNtruWithPublic(nTRUEncryptionPublicKeyParameters.getEncoded(), decodeBase64)))) {
                    return true;
                }
            } catch (Throwable th) {
                return false;
            }
        }
        return false;
    }

    public KeyPairBytes genEncryptKeyNewHopeFromSeed(int i, String str) {
        return genEncryptKeyNewHopeFromSeed(i, new PredictablyRandomFactory(str));
    }

    public KeyPairBytes genEncryptKeyNewHopeFromSeed(int i, PredictablyRandomFactory predictablyRandomFactory) {
        NHKeyPairGeneratorPredictable nHKeyPairGeneratorPredictable = new NHKeyPairGeneratorPredictable();
        nHKeyPairGeneratorPredictable.init(predictablyRandomFactory);
        return extractKey(nHKeyPairGeneratorPredictable.generateKeyPair());
    }

    public KeyPairBytes genEncryptKeyNewHopeNow(int i) {
        KeyGenerationParameters keyGenerationParameters = new KeyGenerationParameters(new SecureRandom(), i);
        NHKeyPairGenerator nHKeyPairGenerator = new NHKeyPairGenerator();
        nHKeyPairGenerator.init(keyGenerationParameters);
        return extractKey(nHKeyPairGenerator.generateKeyPair());
    }

    public byte[] encryptNewHopeWithPublic(byte[] bArr, byte[] bArr2) {
        ExchangePair generateExchange = new NHExchangePairGenerator(new SecureRandom()).generateExchange(new NHPublicKeyParameters(bArr));
        byte[] sharedValue = generateExchange.getSharedValue();
        byte[] pubData = generateExchange.getPublicKey().getPubData();
        byte[] encryptAes = encryptAes(sharedValue, bArr2);
        ByteBuffer allocate = ByteBuffer.allocate(4 + pubData.length + encryptAes.length);
        allocate.putInt(pubData.length);
        allocate.put(pubData);
        allocate.put(encryptAes);
        return allocate.array();
    }

    public byte[] decryptNewHopeWithPrivate(byte[] bArr, byte[] bArr2) {
        short[] sArr = new short[bArr.length / 2];
        ByteBuffer wrap = ByteBuffer.wrap(bArr);
        for (int i = 0; i < sArr.length; i++) {
            sArr[i] = wrap.getShort();
        }
        ByteBuffer wrap2 = ByteBuffer.wrap(bArr2);
        int i2 = wrap2.getInt();
        byte[] bArr3 = new byte[i2];
        byte[] bArr4 = new byte[bArr2.length - (4 + i2)];
        wrap2.get(bArr3);
        wrap2.get(bArr4);
        NHAgreement nHAgreement = new NHAgreement();
        nHAgreement.init(new NHPrivateKeyParameters(sArr));
        return decryptAes(nHAgreement.calculateAgreement(new NHPublicKeyParameters(bArr3)), bArr4);
    }

    public byte[] encryptNtruWithPublic(byte[] bArr, byte[] bArr2) {
        try {
            NTRUEncryptionPublicKeyParameters nTRUEncryptionPublicKeyParameters = new NTRUEncryptionPublicKeyParameters(bArr, (bArr.length >= 813 ? buildNtruEncryptParams256() : buildNtruEncryptParams128()).getEncryptionParameters());
            NTRUEngine nTRUEngine = new NTRUEngine();
            nTRUEngine.init(true, nTRUEncryptionPublicKeyParameters);
            return nTRUEngine.processBlock(bArr2, 0, bArr2.length);
        } catch (InvalidCipherTextException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    public byte[] decryptNtruWithPrivate(byte[] bArr, byte[] bArr2) throws IOException, InvalidCipherTextException {
        NTRUEncryptionPrivateKeyParameters nTRUEncryptionPrivateKeyParameters = new NTRUEncryptionPrivateKeyParameters(bArr, (bArr.length >= 930 ? buildNtruEncryptParams256() : buildNtruEncryptParams128()).getEncryptionParameters());
        NTRUEngine nTRUEngine = new NTRUEngine();
        nTRUEngine.init(false, nTRUEncryptionPrivateKeyParameters);
        return nTRUEngine.processBlock(bArr2, 0, bArr2.length);
    }

    public byte[] encrypt(MessagePublicKeyDto messagePublicKeyDto, byte[] bArr) {
        if (!this.validEncryptSizes.contains(Integer.valueOf(bArr.length * 8))) {
            StringBuilder sb = new StringBuilder();
            for (Integer num : (List) this.validEncryptSizes.stream().sorted().collect(Collectors.toList())) {
                if (sb.length() <= 0) {
                    sb.append(num);
                } else {
                    sb.append(", ");
                    sb.append(num);
                }
            }
            throw new RuntimeException("Data to be encrypted is not a valid size (" + sb.toString() + " bits) - consider wrapping an AES symmetric key instead of directly encrypting the data.");
        }
        byte[] bArr2 = bArr;
        ImmutalizableArrayList<MessageKeyPartDto> publicParts = messagePublicKeyDto.getPublicParts();
        if (publicParts == null || publicParts.size() <= 0) {
            throw new RuntimeException("Failed to encrypt the data has the public key is empty.");
        }
        for (MessageKeyPartDto messageKeyPartDto : publicParts) {
            switch (AnonymousClass2.$SwitchMap$com$tokera$ate$dao$enumerations$KeyType[messageKeyPartDto.getType().ordinal()]) {
                case 5:
                    bArr2 = encryptNtruWithPublic(messageKeyPartDto.getKeyBytes(), bArr2);
                    break;
                case MessageKeyType.xmssmt /* 6 */:
                    bArr2 = encryptNewHopeWithPublic(messageKeyPartDto.getKeyBytes(), bArr2);
                    break;
                default:
                    throw new RuntimeException("Unknown encryption crypto algorithm: " + messageKeyPartDto.getType());
            }
        }
        return bArr2;
    }

    public byte[] decrypt(MessagePrivateKeyDto messagePrivateKeyDto, byte[] bArr) throws IOException, InvalidCipherTextException {
        byte[] bArr2 = bArr;
        ImmutalizableArrayList<MessageKeyPartDto> privateParts = messagePrivateKeyDto.getPrivateParts();
        if (privateParts == null || privateParts.size() <= 0) {
            throw new RuntimeException("Failed to decrypt the data has the public key is empty.");
        }
        for (MessageKeyPartDto messageKeyPartDto : Lists.reverse(privateParts)) {
            switch (AnonymousClass2.$SwitchMap$com$tokera$ate$dao$enumerations$KeyType[messageKeyPartDto.getType().ordinal()]) {
                case 5:
                    bArr2 = decryptNtruWithPrivate(messageKeyPartDto.getKeyBytes(), bArr2);
                    break;
                case MessageKeyType.xmssmt /* 6 */:
                    bArr2 = decryptNewHopeWithPrivate(messageKeyPartDto.getKeyBytes(), bArr2);
                    break;
                default:
                    throw new RuntimeException("Unknown encryption crypto algorithm: " + messageKeyPartDto.getType());
            }
        }
        return bArr2;
    }

    public KeyPairBytes genSignKeyQTeslaFromSeed(int i, String str) {
        return genSignKeyQTeslaFromSeed(i, new PredictablyRandomFactory(str));
    }

    public KeyPairBytes genSignKeyQTeslaFromSeed(int i, PredictablyRandomFactory predictablyRandomFactory) {
        QTESLAKeyGenerationParameters qTESLAKeyGenerationParameters;
        SecureRandom secureRandom = new SecureRandom();
        switch (i) {
            case Polynomial.MESSAGE /* 64 */:
            case AES_KEY_SIZE /* 128 */:
                qTESLAKeyGenerationParameters = new QTESLAKeyGenerationParameters(0, secureRandom);
                break;
            case 256:
                qTESLAKeyGenerationParameters = new QTESLAKeyGenerationParameters(2, secureRandom);
                break;
            case Parameter.N_I /* 512 */:
                qTESLAKeyGenerationParameters = new QTESLAKeyGenerationParameters(4, secureRandom);
                break;
            default:
                throw new RuntimeException("Unknown GMSS key size(" + i + ")");
        }
        QTESLAKeyPairGeneratorPredictable qTESLAKeyPairGeneratorPredictable = new QTESLAKeyPairGeneratorPredictable();
        qTESLAKeyPairGeneratorPredictable.init(qTESLAKeyGenerationParameters, predictablyRandomFactory);
        return extractKey(qTESLAKeyPairGeneratorPredictable.generateKeyPair());
    }

    public KeyPairBytes genSignKeyQTeslaNow(int i) {
        QTESLAKeyGenerationParameters qTESLAKeyGenerationParameters;
        SecureRandom secureRandom = new SecureRandom();
        switch (i) {
            case Polynomial.MESSAGE /* 64 */:
            case AES_KEY_SIZE /* 128 */:
                qTESLAKeyGenerationParameters = new QTESLAKeyGenerationParameters(0, secureRandom);
                break;
            case 256:
                qTESLAKeyGenerationParameters = new QTESLAKeyGenerationParameters(2, secureRandom);
                break;
            case Parameter.N_I /* 512 */:
                qTESLAKeyGenerationParameters = new QTESLAKeyGenerationParameters(4, secureRandom);
                break;
            default:
                throw new RuntimeException("Unknown GMSS key size(" + i + ")");
        }
        QTESLAKeyPairGenerator qTESLAKeyPairGenerator = new QTESLAKeyPairGenerator();
        qTESLAKeyPairGenerator.init(qTESLAKeyGenerationParameters);
        return extractKey(qTESLAKeyPairGenerator.generateKeyPair());
    }

    public byte[] signQTesla(byte[] bArr, byte[] bArr2) {
        int i = 0;
        if (bArr.length > 2000) {
            i = 2;
        }
        if (bArr.length > 8000) {
            i = 4;
        }
        QTESLAPrivateKeyParameters qTESLAPrivateKeyParameters = new QTESLAPrivateKeyParameters(i, bArr);
        QTESLASigner qTESLASigner = new QTESLASigner();
        qTESLASigner.init(true, qTESLAPrivateKeyParameters);
        return qTESLASigner.generateSignature(bArr2);
    }

    public boolean verifyQTesla(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        int i = 0;
        if (bArr.length > 2500) {
            i = 2;
        }
        if (bArr.length > 20000) {
            i = 4;
        }
        QTESLAPublicKeyParameters qTESLAPublicKeyParameters = new QTESLAPublicKeyParameters(i, bArr);
        QTESLASigner qTESLASigner = new QTESLASigner();
        qTESLASigner.init(false, qTESLAPublicKeyParameters);
        return qTESLASigner.verifySignature(bArr2, bArr3);
    }

    public KeyPairBytes genSignKeyRainbowFromSeed(int i, PredictablyRandomFactory predictablyRandomFactory) {
        RainbowKeyGenerationParameters rainbowKeyGenerationParameters;
        SecureRandom secureRandom = new SecureRandom();
        switch (i) {
            case Polynomial.MESSAGE /* 64 */:
            case AES_KEY_SIZE /* 128 */:
                rainbowKeyGenerationParameters = new RainbowKeyGenerationParameters(secureRandom, new RainbowParameters());
                break;
            case 256:
                rainbowKeyGenerationParameters = new RainbowKeyGenerationParameters(secureRandom, new RainbowParameters());
                break;
            case Parameter.N_I /* 512 */:
                rainbowKeyGenerationParameters = new RainbowKeyGenerationParameters(secureRandom, new RainbowParameters());
                break;
            default:
                throw new RuntimeException("Unknown RAINBOW key size(" + i + ")");
        }
        RainbowKeyPairGeneratorPredictable rainbowKeyPairGeneratorPredictable = new RainbowKeyPairGeneratorPredictable(predictablyRandomFactory);
        rainbowKeyPairGeneratorPredictable.init(rainbowKeyGenerationParameters);
        return extractKey(rainbowKeyPairGeneratorPredictable.generateKeyPair());
    }

    public KeyPairBytes genSignKeyRainbowNow(int i) {
        RainbowKeyGenerationParameters rainbowKeyGenerationParameters;
        SecureRandom secureRandom = new SecureRandom();
        switch (i) {
            case Polynomial.MESSAGE /* 64 */:
            case AES_KEY_SIZE /* 128 */:
                rainbowKeyGenerationParameters = new RainbowKeyGenerationParameters(secureRandom, new RainbowParameters());
                break;
            case 256:
                rainbowKeyGenerationParameters = new RainbowKeyGenerationParameters(secureRandom, new RainbowParameters());
                break;
            case Parameter.N_I /* 512 */:
                rainbowKeyGenerationParameters = new RainbowKeyGenerationParameters(secureRandom, new RainbowParameters());
                break;
            default:
                throw new RuntimeException("Unknown RAINBOW key size(" + i + ")");
        }
        RainbowKeyPairGenerator rainbowKeyPairGenerator = new RainbowKeyPairGenerator();
        rainbowKeyPairGenerator.init(rainbowKeyGenerationParameters);
        return extractKey(rainbowKeyPairGenerator.generateKeyPair());
    }

    public byte[] signRainbow(byte[] bArr, byte[] bArr2) {
        RainbowPrivateKeyParameters deserializePrivate = RainbowKeySerializer.deserializePrivate(bArr);
        RainbowSigner rainbowSigner = new RainbowSigner();
        rainbowSigner.init(true, deserializePrivate);
        return rainbowSigner.generateSignature(bArr2);
    }

    public boolean verifyRainbow(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        RainbowPublicKeyParameters deserializePublic = RainbowKeySerializer.deserializePublic(bArr);
        RainbowSigner rainbowSigner = new RainbowSigner();
        rainbowSigner.init(false, deserializePublic);
        return rainbowSigner.verifySignature(bArr2, bArr3);
    }

    public KeyPairBytes genSignKeyXmssMtFromSeed(int i, String str) {
        return genSignKeyXmssMtFromSeed(i, new PredictablyRandomFactory(str));
    }

    public KeyPairBytes genSignKeyXmssMtFromSeed(int i, PredictablyRandomFactory predictablyRandomFactory) {
        XMSSMTParametersPredictable xMSSMTParametersPredictable = new XMSSMTParametersPredictable(20, 10, new SHA512Digest());
        XMSSMTKeyPairGeneratorPredictable xMSSMTKeyPairGeneratorPredictable = new XMSSMTKeyPairGeneratorPredictable();
        xMSSMTKeyPairGeneratorPredictable.init(new XMSSMTKeyGenerationParametersPredictable(xMSSMTParametersPredictable, new SecureRandom()), predictablyRandomFactory);
        return extractKey(xMSSMTKeyPairGeneratorPredictable.generateKeyPair());
    }

    public KeyPairBytes genSignKeyXmssMtNow(int i) {
        SecureRandom secureRandom = new SecureRandom();
        XMSSMTParameters xMSSMTParameters = new XMSSMTParameters(20, 10, new SHA512Digest());
        XMSSMTKeyPairGenerator xMSSMTKeyPairGenerator = new XMSSMTKeyPairGenerator();
        xMSSMTKeyPairGenerator.init(new XMSSMTKeyGenerationParameters(xMSSMTParameters, secureRandom));
        return extractKey(xMSSMTKeyPairGenerator.generateKeyPair());
    }

    public byte[] signXmssMt(byte[] bArr, byte[] bArr2) {
        XMSSMTPrivateKeyParameters deserializePrivate = XmssKeySerializer.deserializePrivate(bArr, Utils.murmur2(bArr2));
        XMSSMTSigner xMSSMTSigner = new XMSSMTSigner();
        xMSSMTSigner.init(true, deserializePrivate);
        return xMSSMTSigner.generateSignature(bArr2);
    }

    public boolean verifyXmssMt(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        XMSSMTPublicKeyParameters deserializePublic = XmssKeySerializer.deserializePublic(bArr);
        XMSSMTSigner xMSSMTSigner = new XMSSMTSigner();
        xMSSMTSigner.init(false, deserializePublic);
        return xMSSMTSigner.verifySignature(bArr2, bArr3);
    }

    @Deprecated
    public byte[] signNtru(byte[] bArr, byte[] bArr2) {
        try {
            NTRUSigningKeyGenerationParameters buildNtruSignParams256 = bArr.length >= 2096 ? buildNtruSignParams256() : bArr.length >= 999 ? buildNtruSignParams128() : buildNtruSignParams64();
            NTRUSigningPrivateKeyParameters nTRUSigningPrivateKeyParameters = new NTRUSigningPrivateKeyParameters(bArr, buildNtruSignParams256);
            NTRUSigner nTRUSigner = new NTRUSigner(buildNtruSignParams256.getSigningParameters());
            nTRUSigner.init(true, nTRUSigningPrivateKeyParameters);
            nTRUSigner.update(bArr2, 0, bArr2.length);
            return nTRUSigner.generateSignature();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    @Deprecated
    public boolean verifyNtru(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        NTRUSigningKeyGenerationParameters buildNtruSignParams256 = bArr.length >= 813 ? buildNtruSignParams256() : bArr.length >= 380 ? buildNtruSignParams128() : buildNtruSignParams64();
        NTRUSigningPublicKeyParameters nTRUSigningPublicKeyParameters = new NTRUSigningPublicKeyParameters(bArr, buildNtruSignParams256.getSigningParameters());
        NTRUSigner nTRUSigner = new NTRUSigner(buildNtruSignParams256.getSigningParameters());
        nTRUSigner.init(false, nTRUSigningPublicKeyParameters);
        nTRUSigner.update(bArr2, 0, bArr2.length);
        return nTRUSigner.verifySignature(bArr3);
    }

    public byte[] sign(MessagePrivateKeyDto messagePrivateKeyDto, byte[] bArr) {
        ArrayList<byte[]> arrayList = new ArrayList();
        Iterator<MessageKeyPartDto> it = messagePrivateKeyDto.getPrivateParts().iterator();
        while (it.hasNext()) {
            MessageKeyPartDto next = it.next();
            switch (next.getType()) {
                case qtesla:
                    arrayList.add(signQTesla(next.getKeyBytes(), bArr));
                    break;
                case xmssmt:
                    arrayList.add(signXmssMt(next.getKeyBytes(), bArr));
                    break;
                case rainbow:
                    arrayList.add(signRainbow(next.getKeyBytes(), bArr));
                    break;
                case ntru_sign:
                    arrayList.add(signNtru(next.getKeyBytes(), bArr));
                    break;
                default:
                    throw new RuntimeException("Unknown signing crypto algorithm: " + next.getType());
            }
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
        try {
            for (byte[] bArr2 : arrayList) {
                dataOutputStream.writeInt(bArr2.length);
                dataOutputStream.write(bArr2);
            }
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public boolean verify(MessagePublicKeyDto messagePublicKeyDto, byte[] bArr, byte[] bArr2) {
        ByteBuffer wrap = ByteBuffer.wrap(bArr2);
        ImmutalizableArrayList<MessageKeyPartDto> publicParts = messagePublicKeyDto.getPublicParts();
        if (publicParts == null || publicParts.size() <= 0) {
            return false;
        }
        for (MessageKeyPartDto messageKeyPartDto : publicParts) {
            int i = wrap.getInt();
            if (i <= 0 || i > wrap.remaining()) {
                return false;
            }
            byte[] bArr3 = new byte[i];
            wrap.get(bArr3);
            switch (messageKeyPartDto.getType()) {
                case qtesla:
                    if (!verifyQTesla(messageKeyPartDto.getKeyBytes(), bArr, bArr3)) {
                        return false;
                    }
                    break;
                case xmssmt:
                    if (!verifyXmssMt(messageKeyPartDto.getKeyBytes(), bArr, bArr3)) {
                        return false;
                    }
                    break;
                case rainbow:
                    if (!verifyRainbow(messageKeyPartDto.getKeyBytes(), bArr, bArr3)) {
                        return false;
                    }
                    break;
                case ntru_sign:
                    if (!verifyNtru(messageKeyPartDto.getKeyBytes(), bArr, bArr3)) {
                        return false;
                    }
                    break;
                default:
                    throw new RuntimeException("Unknown signing crypto algorithm: " + messageKeyPartDto.getType());
            }
        }
        return wrap.remaining() <= 0;
    }

    public byte[] hashSha(String str) {
        return hashSha((String) null, str);
    }

    public byte[] hashSha(String str, String str2) {
        return str != null ? hashSha(str.getBytes(Charsets.US_ASCII), str2.getBytes(Charsets.US_ASCII)) : hashSha(str2.getBytes(Charsets.US_ASCII));
    }

    public byte[] hashSha(byte[] bArr) {
        return hashSha((byte[]) null, bArr);
    }

    public byte[] hashSha(byte[] bArr, byte[] bArr2) {
        try {
            MessageDigest messageDigest = (MessageDigest) this.sha256digest.clone();
            if (bArr != null) {
                messageDigest.update(bArr);
            }
            return messageDigest.digest(bArr2);
        } catch (CloneNotSupportedException e) {
            throw new RuntimeException(e);
        }
    }

    public byte[] hashMd5(byte[] bArr) {
        return hashMd5(null, bArr);
    }

    public byte[] hashMd5(byte[] bArr, byte[] bArr2) {
        try {
            MessageDigest messageDigest = (MessageDigest) this.md5digest.clone();
            if (bArr != null) {
                messageDigest.update(bArr);
            }
            return messageDigest.digest(bArr2);
        } catch (CloneNotSupportedException e) {
            throw new RuntimeException(e);
        }
    }

    public static byte[] hashShaStatic(byte[] bArr, byte[] bArr2) {
        try {
            MessageDigest messageDigest = (MessageDigest) g_sha256digest.clone();
            if (bArr != null) {
                messageDigest.update(bArr);
            }
            return messageDigest.digest(bArr2);
        } catch (CloneNotSupportedException e) {
            throw new RuntimeException(e);
        }
    }

    public String hashShaAndEncode(String str) {
        return hashShaAndEncode(str.getBytes(Charsets.US_ASCII));
    }

    public String hashShaAndEncode(byte[] bArr, byte[] bArr2) {
        return Base64.encodeBase64URLSafeString(hashSha(bArr, bArr2));
    }

    public String hashShaAndEncode(byte[] bArr) {
        return Base64.encodeBase64URLSafeString(hashSha(bArr));
    }

    public String hashMd5AndEncode(byte[] bArr, byte[] bArr2) {
        return Base64.encodeBase64URLSafeString(hashMd5(bArr, bArr2));
    }

    public String hashMd5AndEncode(byte[] bArr) {
        return Base64.encodeBase64URLSafeString(hashMd5(bArr));
    }

    public byte[] extractKey(CipherParameters cipherParameters) {
        if (cipherParameters instanceof NTRUEncryptionPublicKeyParameters) {
            return ((NTRUEncryptionPublicKeyParameters) cipherParameters).getEncoded();
        }
        if (cipherParameters instanceof NTRUEncryptionPrivateKeyParameters) {
            return ((NTRUEncryptionPrivateKeyParameters) cipherParameters).getEncoded();
        }
        if (cipherParameters instanceof NTRUSigningPublicKeyParameters) {
            return ((NTRUSigningPublicKeyParameters) cipherParameters).getEncoded();
        }
        if (cipherParameters instanceof NTRUSigningPrivateKeyParameters) {
            try {
                return ((NTRUSigningPrivateKeyParameters) cipherParameters).getEncoded();
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        }
        if (cipherParameters instanceof NHPublicKeyParameters) {
            return ((NHPublicKeyParameters) cipherParameters).getPubData();
        }
        if (cipherParameters instanceof NHPrivateKeyParameters) {
            short[] secData = ((NHPrivateKeyParameters) cipherParameters).getSecData();
            byte[] bArr = new byte[secData.length * 2];
            ByteBuffer wrap = ByteBuffer.wrap(bArr);
            for (short s : secData) {
                wrap.putShort(s);
            }
            return bArr;
        }
        if (cipherParameters instanceof QTESLAPublicKeyParameters) {
            return ((QTESLAPublicKeyParameters) cipherParameters).getPublicData();
        }
        if (cipherParameters instanceof QTESLAPrivateKeyParameters) {
            return ((QTESLAPrivateKeyParameters) cipherParameters).getSecret();
        }
        if (cipherParameters instanceof XMSSMTPublicKeyParameters) {
            return XmssKeySerializer.serialize((XMSSMTPublicKeyParameters) cipherParameters);
        }
        if (cipherParameters instanceof XMSSMTPrivateKeyParameters) {
            return XmssKeySerializer.serialize((XMSSMTPrivateKeyParameters) cipherParameters);
        }
        if (cipherParameters instanceof RainbowPublicKeyParameters) {
            return RainbowKeySerializer.serialize((RainbowPublicKeyParameters) cipherParameters);
        }
        if (cipherParameters instanceof RainbowPrivateKeyParameters) {
            return RainbowKeySerializer.serialize((RainbowPrivateKeyParameters) cipherParameters);
        }
        throw new RuntimeException("Unable to extract the key as it is an unknown type");
    }

    public String extractKeyHash(CipherParameters cipherParameters) {
        if (cipherParameters instanceof NTRUEncryptionPublicKeyParameters) {
            return hashShaAndEncode(((NTRUEncryptionPublicKeyParameters) cipherParameters).getEncoded());
        }
        if (cipherParameters instanceof NTRUEncryptionPrivateKeyParameters) {
            return hashShaAndEncode(((NTRUEncryptionPrivateKeyParameters) cipherParameters).getEncoded());
        }
        if (cipherParameters instanceof NTRUSigningPublicKeyParameters) {
            return hashShaAndEncode(((NTRUSigningPublicKeyParameters) cipherParameters).getEncoded());
        }
        if (cipherParameters instanceof NTRUSigningPrivateKeyParameters) {
            try {
                return hashShaAndEncode(hashShaAndEncode(((NTRUSigningPrivateKeyParameters) cipherParameters).getEncoded()));
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        }
        if (cipherParameters instanceof NHPublicKeyParameters) {
            return hashShaAndEncode(((NHPublicKeyParameters) cipherParameters).getPubData());
        }
        if (cipherParameters instanceof NHPrivateKeyParameters) {
            short[] secData = ((NHPrivateKeyParameters) cipherParameters).getSecData();
            byte[] bArr = new byte[secData.length * 2];
            ByteBuffer wrap = ByteBuffer.wrap(bArr);
            for (short s : secData) {
                wrap.putShort(s);
            }
            return hashShaAndEncode(bArr);
        }
        if (cipherParameters instanceof QTESLAPublicKeyParameters) {
            return hashShaAndEncode(((QTESLAPublicKeyParameters) cipherParameters).getPublicData());
        }
        if (cipherParameters instanceof XMSSMTPublicKeyParameters) {
            return hashShaAndEncode(XmssKeySerializer.serialize((XMSSMTPublicKeyParameters) cipherParameters));
        }
        if (cipherParameters instanceof XMSSMTPrivateKeyParameters) {
            return hashShaAndEncode(XmssKeySerializer.serialize((XMSSMTPrivateKeyParameters) cipherParameters));
        }
        if (cipherParameters instanceof RainbowPublicKeyParameters) {
            return hashShaAndEncode(RainbowKeySerializer.serialize((RainbowPublicKeyParameters) cipherParameters));
        }
        if (cipherParameters instanceof RainbowPrivateKeyParameters) {
            return hashShaAndEncode(RainbowKeySerializer.serialize((RainbowPrivateKeyParameters) cipherParameters));
        }
        throw new RuntimeException("Unable to extract the key as it is an unknown type");
    }

    public KeyPairBytes extractKey(AsymmetricCipherKeyPair asymmetricCipherKeyPair) {
        return new KeyPairBytes(extractKey((CipherParameters) asymmetricCipherKeyPair.getPrivate()), extractKey((CipherParameters) asymmetricCipherKeyPair.getPublic()));
    }

    public MessagePrivateKeyDto getTrustOfPublicRead() {
        MessagePrivateKeyDto messagePrivateKeyDto = this.trustOfPublicRead;
        if (messagePrivateKeyDto == null) {
            messagePrivateKeyDto = genEncryptKeyFromSeed(AES_KEY_SIZE, this.defaultEncryptTypes, "public");
            messagePrivateKeyDto.setAlias("public");
            messagePrivateKeyDto.getPrivateParts().immutalize();
            messagePrivateKeyDto.getPublicParts().immutalize();
            this.trustOfPublicRead = messagePrivateKeyDto;
        }
        return messagePrivateKeyDto;
    }

    public MessagePrivateKeyDto getTrustOfPublicWrite() {
        MessagePrivateKeyDto messagePrivateKeyDto = this.trustOfPublicWrite;
        if (messagePrivateKeyDto == null) {
            messagePrivateKeyDto = genSignKeyFromSeed(64, this.defaultSigningTypes, "public");
            messagePrivateKeyDto.setAlias("public");
            this.trustOfPublicWrite = messagePrivateKeyDto;
        }
        return messagePrivateKeyDto;
    }

    public String generateSalt() {
        String poll = this.genSaltQueue.poll();
        moreKeys();
        return poll != null ? poll : new BigInteger(320, new SecureRandom()).toString(16).toUpperCase();
    }

    public String generateSecret16(int i) {
        SecureRandom secureRandom = new SecureRandom();
        byte[] bArr = new byte[i / 8];
        for (int i2 = 0; i2 < bArr.length; i2++) {
            bArr[i2] = (byte) secureRandom.nextInt();
        }
        StringBuilder sb = new StringBuilder(bArr.length * 2);
        for (byte b : bArr) {
            sb.append(String.format("%02X", Byte.valueOf(b)));
        }
        return sb.toString();
    }

    public String generateSecret64() {
        return generateSecret64(this.defaultAesStrength);
    }

    public String generateSecret64(int i) {
        if (i == 128) {
            String poll = this.genAes128Queue.poll();
            moreKeys();
            if (poll != null) {
                return poll;
            }
        } else if (i == 256) {
            String poll2 = this.genAes256Queue.poll();
            moreKeys();
            if (poll2 != null) {
                return poll2;
            }
        } else if (i == 512) {
            String poll3 = this.genAes512Queue.poll();
            moreKeys();
            if (poll3 != null) {
                return poll3;
            }
        }
        return generateSecret64Now(i);
    }

    public String generateSecret64Now(int i) {
        SecureRandom secureRandom = new SecureRandom();
        byte[] bArr = new byte[i / 8];
        for (int i2 = 0; i2 < bArr.length; i2++) {
            bArr[i2] = (byte) secureRandom.nextInt();
        }
        return Base64.encodeBase64URLSafeString(bArr);
    }

    public String encryptString(String str, String str2, String str3) {
        try {
            byte[] parseHexBinary = DatatypeConverter.parseHexBinary(str);
            byte[] parseHexBinary2 = DatatypeConverter.parseHexBinary(str2);
            byte[] bytes = str3.getBytes("UTF-8");
            SecretKeySpec secretKeySpec = new SecretKeySpec(parseHexBinary, "AES");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(parseHexBinary2);
            Cipher aesCipherCbc = getAesCipherCbc();
            aesCipherCbc.init(1, secretKeySpec, ivParameterSpec);
            byte[] bArr = new byte[aesCipherCbc.getOutputSize(bytes.length)];
            int update = aesCipherCbc.update(bytes, 0, bytes.length, bArr, 0);
            int doFinal = update + aesCipherCbc.doFinal(bArr, update);
            return Base64.encodeBase64URLSafeString(bArr);
        } catch (UnsupportedEncodingException | InvalidAlgorithmParameterException | InvalidKeyException | BadPaddingException | IllegalBlockSizeException | ShortBufferException e) {
            throw new RuntimeException("Problem encrypting encryption data:'" + str3 + "', using key:'" + str + "' and nounce:'" + str2 + "'", e);
        }
    }

    public String decryptString(String str, String str2, String str3) {
        try {
            byte[] parseHexBinary = DatatypeConverter.parseHexBinary(str);
            byte[] parseHexBinary2 = DatatypeConverter.parseHexBinary(str2);
            byte[] decodeBase64 = Base64.decodeBase64(str3);
            int length = decodeBase64.length;
            SecretKeySpec secretKeySpec = new SecretKeySpec(parseHexBinary, "AES");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(parseHexBinary2);
            Cipher aesCipherCbc = getAesCipherCbc();
            aesCipherCbc.init(2, secretKeySpec, ivParameterSpec);
            byte[] bArr = new byte[aesCipherCbc.getOutputSize(length)];
            int update = aesCipherCbc.update(decodeBase64, 0, length, bArr, 0);
            int doFinal = update + aesCipherCbc.doFinal(bArr, update);
            return new String(bArr, "UTF-8");
        } catch (UnsupportedEncodingException | InvalidAlgorithmParameterException | InvalidKeyException | BadPaddingException | IllegalBlockSizeException | ShortBufferException e) {
            throw new RuntimeException("Problem decrypting encryption data:'" + str3 + "', using key:'" + str + "' and nounce:'" + str2 + "'", e);
        }
    }

    public String getPublicKeyHash(MessagePublicKey messagePublicKey) {
        String hash = messagePublicKey.hash();
        if (hash == null) {
            throw new RuntimeException("Public key does not have a hash attached.");
        }
        return hash;
    }

    public String getPublicKeyHash(MessagePublicKeyDto messagePublicKeyDto) {
        String publicKeyHash = messagePublicKeyDto.getPublicKeyHash();
        if (publicKeyHash == null) {
            throw new RuntimeException("Public key has no hash attached.");
        }
        return publicKeyHash;
    }

    public String getPublicKeyHash(MessagePrivateKey messagePrivateKey) {
        MessagePublicKey publicKey = messagePrivateKey.publicKey();
        if (publicKey == null) {
            throw new RuntimeException("Pirvate key does not no public key attached.");
        }
        return getPublicKeyHash(publicKey);
    }

    public String getAlias(MessagePrivateKey messagePrivateKey) {
        MessagePublicKey publicKey = messagePrivateKey.publicKey();
        if (publicKey == null) {
            throw new RuntimeException("Private key does not no public key attached.");
        }
        return getAlias(publicKey);
    }

    public String getAlias(MessagePublicKey messagePublicKey) {
        String alias = messagePublicKey.alias();
        return alias == null ? getPublicKeyHash(messagePublicKey) : alias;
    }

    public String getAlias(IPartitionKey iPartitionKey, MessagePublicKeyDto messagePublicKeyDto) {
        MessagePublicKeyDto publicKeyOrNull;
        String publicKeyHash = messagePublicKeyDto.getPublicKeyHash();
        String alias = messagePublicKeyDto.getAlias();
        if (alias == null && publicKeyHash != null && (publicKeyOrNull = ((IAteIO) CDI.current().select(IAteIO.class, new Annotation[]{new AnnotationLiteral<BackendStorageSystem>() { // from class: com.tokera.ate.security.Encryptor.1
        }}).get()).publicKeyOrNull(iPartitionKey, publicKeyHash)) != null) {
            alias = publicKeyOrNull.getAlias();
        }
        if (alias == null) {
            alias = messagePublicKeyDto.getPublicKeyHash();
        }
        if (alias == null) {
            throw new RuntimeException("Private key has no alias.");
        }
        return alias;
    }

    public MessagePublicKey getPublicKey(MessagePrivateKey messagePrivateKey) {
        MessagePublicKey publicKey = messagePrivateKey.publicKey();
        if (publicKey == null) {
            throw new RuntimeException("Private key does not no public key attached.");
        }
        return publicKey;
    }

    public MessagePublicKeyDto getPublicKey(MessagePrivateKeyDto messagePrivateKeyDto) {
        return new MessagePublicKeyDto(messagePrivateKeyDto);
    }

    public MessagePublicKeyDto createPublicKeyWithAlias(MessagePublicKeyDto messagePublicKeyDto, String str) {
        MessagePublicKeyDto messagePublicKeyDto2 = new MessagePublicKeyDto(messagePublicKeyDto);
        messagePublicKeyDto2.setAlias(str);
        return messagePublicKeyDto2;
    }

    public MessagePrivateKeyDto createPrivateKeyWithAlias(MessagePrivateKeyDto messagePrivateKeyDto, String str) {
        MessagePrivateKeyDto messagePrivateKeyDto2 = new MessagePrivateKeyDto(messagePrivateKeyDto);
        messagePrivateKeyDto2.setAlias(str);
        return messagePrivateKeyDto2;
    }

    public String serializePublicKey64(MessagePublicKeyDto messagePublicKeyDto) {
        return Base64.encodeBase64URLSafeString(serializePublicKey(messagePublicKeyDto));
    }

    public String serializePrivateKey64(MessagePrivateKeyDto messagePrivateKeyDto) {
        return Base64.encodeBase64URLSafeString(serializePrivateKey(messagePrivateKeyDto));
    }

    public MessagePublicKeyDto deserializePublicKey64(String str) {
        return deserializePublicKey64WithAlias(str, null);
    }

    public MessagePublicKeyDto deserializePrivateKey64(String str) {
        return deserializePrivateKey64WithAlias(str, null);
    }

    public MessagePublicKeyDto deserializePublicKey64WithAlias(String str, String str2) {
        return deserializePublicKeyWithAlias(Base64.decodeBase64(str), str2);
    }

    public MessagePublicKeyDto deserializePrivateKey64WithAlias(String str, String str2) {
        return deserializePrivateKeyWithAlias(Base64.decodeBase64(str), str2);
    }

    public byte[] serializePublicKey(MessagePublicKeyDto messagePublicKeyDto) {
        ByteBuffer duplicate = messagePublicKeyDto.createFlatBuffer().getByteBuffer().duplicate();
        byte[] bArr = new byte[duplicate.remaining()];
        duplicate.get(bArr);
        return bArr;
    }

    public byte[] serializePrivateKey(MessagePrivateKeyDto messagePrivateKeyDto) {
        ByteBuffer duplicate = messagePrivateKeyDto.createPrivateKeyFlatBuffer().getByteBuffer().duplicate();
        byte[] bArr = new byte[duplicate.remaining()];
        duplicate.get(bArr);
        return bArr;
    }

    public MessagePublicKeyDto deserializePublicKey(byte[] bArr) {
        return deserializePublicKeyWithAlias(bArr, null);
    }

    public MessagePublicKeyDto deserializePublicKeyWithAlias(byte[] bArr, String str) {
        MessagePublicKeyDto messagePublicKeyDto = new MessagePublicKeyDto(MessagePublicKey.getRootAsMessagePublicKey(ByteBuffer.wrap(bArr)));
        if (str != null) {
            messagePublicKeyDto.setAlias(str);
        }
        return messagePublicKeyDto;
    }

    public MessagePrivateKeyDto deserializePrivateKey(byte[] bArr) {
        return deserializePrivateKeyWithAlias(bArr, null);
    }

    public MessagePrivateKeyDto deserializePrivateKeyWithAlias(byte[] bArr, String str) {
        MessagePrivateKeyDto messagePrivateKeyDto = new MessagePrivateKeyDto(MessagePrivateKey.getRootAsMessagePrivateKey(ByteBuffer.wrap(bArr)));
        if (str != null) {
            messagePrivateKeyDto.setAlias(str);
        }
        return messagePrivateKeyDto;
    }

    static {
        try {
            g_sha256digest = MessageDigest.getInstance("SHA-256");
            g_md5digest = MessageDigest.getInstance("MD5");
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
