package Signature;

import Digest_Compile.ExternDigest;
import Random_Compile.ExternRandom;
import Wrappers_Compile.Result;
import dafny.Array;
import dafny.DafnySequence;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import software.amazon.cryptography.primitives.ToDafny;
import software.amazon.cryptography.primitives.internaldafny.types.ECDSASignatureAlgorithm;
import software.amazon.cryptography.primitives.internaldafny.types.Error;
import software.amazon.cryptography.primitives.model.AwsCryptographicPrimitivesError;
import software.amazon.cryptography.primitives.model.OpaqueError;

/* loaded from: input_file:Signature/ECDSA.class */
public class ECDSA {
    static final String ELLIPTIC_CURVE_ALGORITHM = "EC";
    static final String SEC_PRIME_FIELD_PREFIX = "secp";
    static final String SEC_P256 = "256r1";
    static final String SEC_P384 = "384r1";
    static final BigInteger TWO = BigInteger.valueOf(2);
    static final BigInteger THREE = BigInteger.valueOf(3);
    static final BigInteger FOUR = BigInteger.valueOf(4);

    public static Result<SignatureKeyPair, Error> ExternKeyGen(ECDSASignatureAlgorithm eCDSASignatureAlgorithm) {
        Result<SignatureAlgorithm, Error> signatureAlgorithm = SignatureAlgorithm.signatureAlgorithm(eCDSASignatureAlgorithm);
        if (signatureAlgorithm.is_Failure()) {
            return Result.create_Failure(signatureAlgorithm.dtor_error());
        }
        ECGenParameterSpec eCGenParameterSpec = new ECGenParameterSpec(signatureAlgorithm.dtor_value().curve);
        SecureRandom secureRandom = ExternRandom.getSecureRandom();
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ELLIPTIC_CURVE_ALGORITHM);
            keyPairGenerator.initialize(eCGenParameterSpec, secureRandom);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            return Result.create_Success(SignatureKeyPair.create(DafnySequence.fromBytes(PublicKeyUtils.encodeAndCompressPublicKey(generateKeyPair.getPublic(), eCDSASignatureAlgorithm)), DafnySequence.fromBytes(PrivateKeyUtils.encodePrivateKey((ECPrivateKey) generateKeyPair.getPrivate()))));
        } catch (GeneralSecurityException e) {
            return Result.create_Failure(ToDafny.Error(OpaqueError.builder().obj(e).message(e.getMessage()).cause(e).build()));
        }
    }

    public static Result<DafnySequence<? extends Byte>, Error> Sign(ECDSASignatureAlgorithm eCDSASignatureAlgorithm, DafnySequence<? extends Byte> dafnySequence, DafnySequence<? extends Byte> dafnySequence2) {
        Result<SignatureAlgorithm, Error> signatureAlgorithm = SignatureAlgorithm.signatureAlgorithm(eCDSASignatureAlgorithm);
        if (signatureAlgorithm.is_Failure()) {
            return Result.create_Failure(signatureAlgorithm.dtor_error());
        }
        SignatureAlgorithm dtor_value = signatureAlgorithm.dtor_value();
        try {
            Signature signature = Signature.getInstance(dtor_value.rawSignatureAlgorithm);
            Result<ECPrivateKey, Error> decodePrivateKey = PrivateKeyUtils.decodePrivateKey(dtor_value, dafnySequence);
            if (decodePrivateKey.is_Failure()) {
                return Result.create_Failure(decodePrivateKey.dtor_error());
            }
            ECPrivateKey dtor_value2 = decodePrivateKey.dtor_value();
            Result<byte[], Error> internalDigest = ExternDigest.__default.internalDigest(dtor_value.messageDigestAlgorithm, dafnySequence2);
            if (internalDigest.is_Failure()) {
                return Result.create_Failure(internalDigest.dtor_error());
            }
            byte[] dtor_value3 = internalDigest.dtor_value();
            try {
                signature.initSign(dtor_value2, ExternRandom.getSecureRandom());
                try {
                    return Result.create_Success(DafnySequence.fromBytes(SignUtils.generateEcdsaFixedLengthSignature(dtor_value3, signature, dtor_value2, dtor_value.expectedSignatureLength)));
                } catch (SignatureException e) {
                    return Result.create_Failure(ToDafny.Error(OpaqueError.builder().obj(e).message(e.getMessage()).cause(e).build()));
                }
            } catch (InvalidKeyException e2) {
                return Result.create_Failure(ToDafny.Error(AwsCryptographicPrimitivesError.builder().message(String.format("Signature Cipher does not support provided key.Signature %sKey %s", signature, dtor_value2)).cause(e2).build()));
            }
        } catch (NoSuchAlgorithmException e3) {
            return Result.create_Failure(ToDafny.Error(AwsCryptographicPrimitivesError.builder().message(String.format("Requested Signature Algorithm is not supported. Requested %s.", dtor_value.rawSignatureAlgorithm)).cause(e3).build()));
        }
    }

    public static Result<Boolean, Error> Verify(ECDSASignatureAlgorithm eCDSASignatureAlgorithm, DafnySequence<? extends Byte> dafnySequence, DafnySequence<? extends Byte> dafnySequence2, DafnySequence<? extends Byte> dafnySequence3) {
        Result<SignatureAlgorithm, Error> signatureAlgorithm = SignatureAlgorithm.signatureAlgorithm(eCDSASignatureAlgorithm);
        if (signatureAlgorithm.is_Failure()) {
            return Result.create_Failure(signatureAlgorithm.dtor_error());
        }
        SignatureAlgorithm dtor_value = signatureAlgorithm.dtor_value();
        Result<ECPublicKey, Error> decodePublicKey = PublicKeyUtils.decodePublicKey(dtor_value, dafnySequence);
        if (decodePublicKey.is_Failure()) {
            return Result.create_Failure(decodePublicKey.dtor_error());
        }
        ECPublicKey dtor_value2 = decodePublicKey.dtor_value();
        try {
            Signature signature = Signature.getInstance(dtor_value.rawSignatureAlgorithm);
            try {
                signature.initVerify(dtor_value2);
                Result<byte[], Error> internalDigest = ExternDigest.__default.internalDigest(dtor_value.messageDigestAlgorithm, dafnySequence2);
                if (internalDigest.is_Failure()) {
                    return Result.create_Failure(internalDigest.dtor_error());
                }
                try {
                    signature.update(internalDigest.dtor_value());
                    try {
                        return Result.create_Success(Boolean.valueOf(signature.verify((byte[]) Array.unwrap(dafnySequence3.toArray()))));
                    } catch (SignatureException e) {
                        return Result.create_Failure(ToDafny.Error(AwsCryptographicPrimitivesError.builder().message(String.format("Signature Cipher does not support provided key.Signature %sKey %s", signature, dtor_value2)).cause(e).build()));
                    }
                } catch (SignatureException e2) {
                    throw new RuntimeException(e2);
                }
            } catch (InvalidKeyException e3) {
                return Result.create_Failure(ToDafny.Error(AwsCryptographicPrimitivesError.builder().message(String.format("Signature does not support provided key.Signature %sKey %s", signature, dtor_value2)).cause(e3).build()));
            }
        } catch (NoSuchAlgorithmException e4) {
            return Result.create_Failure(ToDafny.Error(AwsCryptographicPrimitivesError.builder().message(String.format("Requested Signature Algorithm is not supported. Requested %s.", dtor_value.rawSignatureAlgorithm)).cause(e4).build()));
        }
    }
}
