package irita.sdk.key;

import com.codahale.xsalsa20poly1305.SimpleBox;
import irita.sdk.constant.Armored;
import irita.sdk.constant.Constant;
import irita.sdk.crypto.ArmoredInputStream;
import irita.sdk.crypto.ArmoredOutputStream;
import irita.sdk.crypto.BCryptImpl;
import irita.sdk.exception.IritaSDKException;
import irita.sdk.util.Bip44Utils;
import irita.sdk.util.HashUtils;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.Hashtable;
import org.apache.commons.lang3.ArrayUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Hex;
import org.mindrot.jbcrypt.BCrypt;

/* loaded from: input_file:irita/sdk/key/KeyManager.class */
public abstract class KeyManager implements Key, MultiKey {
    private String hrp;
    protected KeyDAO keyDAO;

    public KeyManager() {
        this.hrp = Constant.DEFAULT_HRP;
        this.keyDAO = new MemoryKeyDAO();
    }

    public KeyManager(KeyDAO keyDAO) {
        this.hrp = Constant.DEFAULT_HRP;
        if (keyDAO != null) {
            this.keyDAO = keyDAO;
        } else {
            this.keyDAO = new MemoryKeyDAO();
        }
    }

    public abstract AlgoEnum getAlgo();

    protected abstract KeyInfo toKeyInfo(BigInteger bigInteger);

    public KeyInfo getCurrentKeyInfo() {
        return this.keyDAO.read(Constant.DEFAULT_USER_NAME, null);
    }

    public KeyDAO getKeyDAO() {
        return this.keyDAO;
    }

    public String getHrp() {
        return this.hrp;
    }

    public void setHrp(String str) {
        this.hrp = str;
    }

    @Override // irita.sdk.key.Key
    public String add() throws Exception {
        return add(Constant.DEFAULT_USER_NAME, null);
    }

    @Override // irita.sdk.key.MultiKey
    public String add(String str, String str2) throws Exception {
        String generateMnemonic = Bip44Utils.generateMnemonic();
        recover(str, str2, generateMnemonic);
        return generateMnemonic;
    }

    @Override // irita.sdk.key.Key
    public void recover(String str) {
        recover(str, Constant.DEFAULT_INDEX.intValue());
    }

    @Override // irita.sdk.key.Key
    public void recover(String str, int i) {
        recover(Constant.DEFAULT_USER_NAME, null, str, i);
    }

    @Override // irita.sdk.key.MultiKey
    public void recover(String str, String str2, String str3) {
        recover(str, str2, str3, Constant.DEFAULT_INDEX.intValue());
    }

    @Override // irita.sdk.key.MultiKey
    public void recover(String str, String str2, InputStream inputStream) {
        recover(str, str2, toPrivKey(inputStream, str2));
    }

    @Override // irita.sdk.key.Key
    public void recover(InputStream inputStream, String str) {
        recover(Constant.DEFAULT_USER_NAME, str, inputStream);
    }

    @Override // irita.sdk.key.Key
    public void recoverFromCert(InputStream inputStream, String str) {
        try {
            recoverFromCert(Constant.DEFAULT_USER_NAME, str, inputStream);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableKeyException | CertificateException e) {
            e.printStackTrace();
        }
    }

    @Override // irita.sdk.key.MultiKey
    public void recoverFromCert(String str, String str2, InputStream inputStream) throws CertificateException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, IOException {
        recover(str, str2, caToPrivKey(inputStream, str2));
    }

    @Override // irita.sdk.key.Key
    public void recover(String str, String str2, String str3, int i) {
        recover(str, str2, toPrivKey(str3, i));
    }

    @Override // irita.sdk.key.Key
    public void recover(BigInteger bigInteger) {
        recover(Constant.DEFAULT_USER_NAME, (String) null, bigInteger);
    }

    @Override // irita.sdk.key.MultiKey
    public void recover(String str, String str2, BigInteger bigInteger) {
        if (!str.equals(Constant.DEFAULT_USER_NAME) && this.keyDAO.has(str)) {
            throw new IritaSDKException(String.format("name %s has existed", str));
        }
        this.keyDAO.write(str, str2, toKeyInfo(bigInteger));
    }

    public String export(String str, byte[] bArr) {
        byte[] addAll;
        byte[] prefixAmino = getPrefixAmino(getAlgo().getPrivKeyName());
        if (bArr.length == 33) {
            byte[] bArr2 = new byte[bArr.length - 1];
            System.arraycopy(bArr, 1, bArr2, 0, bArr2.length);
            addAll = ArrayUtils.addAll(prefixAmino, bArr2);
        } else {
            addAll = ArrayUtils.addAll(prefixAmino, bArr);
        }
        String gensalt = BCrypt.gensalt(12);
        byte[] seal = new SimpleBox(HashUtils.sha256(BCrypt.hashpw(str, gensalt).getBytes(StandardCharsets.UTF_8))).seal(addAll);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ArmoredOutputStream armoredOutputStream = new ArmoredOutputStream(byteArrayOutputStream);
        armoredOutputStream.setHeader("salt", Hex.toHexString(BCryptImpl.decode_base64(gensalt.substring(7, 29), 16)).toUpperCase());
        armoredOutputStream.setHeader("type", getAlgo().getName());
        armoredOutputStream.setHeader("kdf", "bcrypt");
        try {
            armoredOutputStream.write(seal);
            armoredOutputStream.close();
            return byteArrayOutputStream.toString().trim();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private BigInteger caToPrivKey(InputStream inputStream, String str) throws KeyStoreException, NoSuchProviderException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        Security.addProvider(new BouncyCastleProvider());
        KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");
        keyStore.load(inputStream, str.toCharArray());
        return keyStore.getKey("signKey", str.toCharArray()).getD();
    }

    private BigInteger toPrivKey(String str, int i) {
        return Bip44Utils.getDeterministicKey(str, Bip44Utils.getSeed(str), "m/44'/118'/0'/0/" + i).getPrivKey();
    }

    private BigInteger toPrivKey(InputStream inputStream, String str) {
        try {
            ArmoredInputStream armoredInputStream = new ArmoredInputStream(inputStream);
            String[] armorHeaders = armoredInputStream.getArmorHeaders();
            Hashtable hashtable = new Hashtable();
            for (String str2 : armorHeaders) {
                String[] split = str2.split(": ");
                hashtable.put(split[0], split[1]);
            }
            byte[] bArr = new byte[77];
            armoredInputStream.read(bArr);
            SimpleBox simpleBox = new SimpleBox(HashUtils.sha256(BCrypt.hashpw(str, Armored.PREFIX_SALT + BCryptImpl.encode_base64(Hex.decode((String) hashtable.get("salt")), 16)).getBytes(StandardCharsets.UTF_8)));
            if (!simpleBox.open(bArr).isPresent()) {
                throw new IritaSDKException("failed decrypt keystore with password");
            }
            byte[] bArr2 = (byte[]) simpleBox.open(bArr).get();
            return new BigInteger(1, Arrays.copyOfRange(bArr2, 5, bArr2.length));
        } catch (IOException e) {
            throw new IritaSDKException("recover failed", e);
        }
    }

    public byte[] getPrefixAmino(String str) {
        byte[] sha256 = HashUtils.sha256(str.getBytes(StandardCharsets.UTF_8));
        int i = 0;
        while (sha256[i] == 0) {
            i++;
        }
        int i2 = i + 3;
        while (sha256[i2] == 0) {
            i2++;
        }
        byte[] bArr = new byte[5];
        System.arraycopy(sha256, i2, bArr, 0, 4);
        bArr[4] = 32;
        return bArr;
    }
}
