package net.bither.bitherj.crypto;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.Serializable;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.util.Arrays;
import javax.annotation.Nullable;
import net.bither.bitherj.utils.Sha256Hash;
import net.bither.bitherj.utils.Utils;
import org.apache.http.HttpStatus;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.ASN1Integer;
import org.spongycastle.asn1.ASN1OctetString;
import org.spongycastle.asn1.DERBitString;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.asn1.DERSequenceGenerator;
import org.spongycastle.asn1.DERTaggedObject;
import org.spongycastle.asn1.DLSequence;
import org.spongycastle.asn1.sec.SECNamedCurves;
import org.spongycastle.asn1.x9.X9ECParameters;
import org.spongycastle.asn1.x9.X9IntegerConverter;
import org.spongycastle.crypto.AsymmetricCipherKeyPair;
import org.spongycastle.crypto.digests.SHA256Digest;
import org.spongycastle.crypto.ec.CustomNamedCurves;
import org.spongycastle.crypto.generators.ECKeyPairGenerator;
import org.spongycastle.crypto.params.ECDomainParameters;
import org.spongycastle.crypto.params.ECKeyGenerationParameters;
import org.spongycastle.crypto.params.ECPrivateKeyParameters;
import org.spongycastle.crypto.params.ECPublicKeyParameters;
import org.spongycastle.crypto.params.KeyParameter;
import org.spongycastle.crypto.signers.ECDSASigner;
import org.spongycastle.crypto.signers.HMacDSAKCalculator;
import org.spongycastle.math.ec.ECAlgorithms;
import org.spongycastle.math.ec.ECPoint;
import org.spongycastle.math.ec.FixedPointUtil;
import org.spongycastle.math.ec.custom.sec.SecP256K1Curve;
import org.spongycastle.util.encoders.Base64;

/* loaded from: input_file:net/bither/bitherj/crypto/ECKey.class */
public class ECKey implements Serializable {
    public static final ECDomainParameters CURVE;
    public static final BigInteger HALF_CURVE_ORDER;
    private static final long serialVersionUID = -728224901792295832L;
    protected BigInteger priv;
    protected byte[] pub;
    private boolean isFromXRandom;
    protected long creationTimeSeconds;
    protected transient KeyCrypter keyCrypter;
    protected EncryptedPrivateKey encryptedPrivateKey;
    private transient byte[] pubKeyHash;

    @VisibleForTesting
    public static boolean FAKE_SIGNATURES;
    private static final Logger log = LoggerFactory.getLogger((Class<?>) ECKey.class);
    public static final X9ECParameters CURVE_PARAMS = CustomNamedCurves.getByName("secp256k1");

    /* loaded from: input_file:net/bither/bitherj/crypto/ECKey$ECDSASignature.class */
    public static class ECDSASignature {
        public BigInteger r;
        public BigInteger s;

        public ECDSASignature(BigInteger bigInteger, BigInteger bigInteger2) {
            this.r = bigInteger;
            this.s = bigInteger2;
        }

        public void ensureCanonical() {
            if (this.s.compareTo(ECKey.HALF_CURVE_ORDER) > 0) {
                this.s = ECKey.CURVE.getN().subtract(this.s);
            }
        }

        public byte[] encodeToDER() {
            try {
                return derByteStream().toByteArray();
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        }

        public static ECDSASignature decodeFromDER(byte[] bArr) {
            try {
                ASN1InputStream aSN1InputStream = new ASN1InputStream(bArr);
                DLSequence dLSequence = (DLSequence) aSN1InputStream.readObject();
                try {
                    ASN1Integer aSN1Integer = (ASN1Integer) dLSequence.getObjectAt(0);
                    ASN1Integer aSN1Integer2 = (ASN1Integer) dLSequence.getObjectAt(1);
                    aSN1InputStream.close();
                    return new ECDSASignature(aSN1Integer.getPositiveValue(), aSN1Integer2.getPositiveValue());
                } catch (ClassCastException e) {
                    throw new IllegalArgumentException(e);
                }
            } catch (IOException e2) {
                throw new RuntimeException(e2);
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public ByteArrayOutputStream derByteStream() throws IOException {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(72);
            DERSequenceGenerator dERSequenceGenerator = new DERSequenceGenerator(byteArrayOutputStream);
            dERSequenceGenerator.addObject(new ASN1Integer(this.r));
            dERSequenceGenerator.addObject(new ASN1Integer(this.s));
            dERSequenceGenerator.close();
            return byteArrayOutputStream;
        }
    }

    public static ECKey generateECKey(SecureRandom secureRandom) {
        ECKeyPairGenerator eCKeyPairGenerator = new ECKeyPairGenerator();
        eCKeyPairGenerator.init(new ECKeyGenerationParameters(CURVE, secureRandom));
        AsymmetricCipherKeyPair generateKeyPair = eCKeyPairGenerator.generateKeyPair();
        ECKey eCKey = new ECKey(((ECPrivateKeyParameters) generateKeyPair.getPrivate()).getD(), ((ECPublicKeyParameters) generateKeyPair.getPublic()).getQ().getEncoded(true));
        eCKey.setCreationTimeSeconds(Utils.currentTimeSeconds());
        return eCKey;
    }

    public static final ECPoint compressPoint(ECPoint eCPoint) {
        return CURVE.getCurve().decodePoint(eCPoint.getEncoded(true));
    }

    public static final ECPoint checkPoint(byte[] bArr) {
        return CURVE.getCurve().decodePoint(bArr);
    }

    public ECKey(BigInteger bigInteger) {
        this(bigInteger, (byte[]) null);
    }

    public ECKey(@Nullable byte[] bArr, @Nullable byte[] bArr2) {
        this(bArr == null ? null : new BigInteger(1, bArr), bArr2);
    }

    public ECKey(@Nullable EncryptedPrivateKey encryptedPrivateKey, @Nullable byte[] bArr, KeyCrypter keyCrypter) {
        this((byte[]) null, bArr);
        this.keyCrypter = (KeyCrypter) Preconditions.checkNotNull(keyCrypter);
        this.encryptedPrivateKey = encryptedPrivateKey;
    }

    public ECKey(@Nullable BigInteger bigInteger, @Nullable byte[] bArr, boolean z) {
        this.isFromXRandom = false;
        if (bigInteger == null && bArr == null) {
            throw new IllegalArgumentException("ECKey requires at least private or public key");
        }
        this.priv = bigInteger;
        this.pub = null;
        if (bArr == null) {
            this.pub = publicKeyFromPrivate(bigInteger, z);
        } else {
            this.pub = bArr;
        }
    }

    private ECKey(@Nullable BigInteger bigInteger, @Nullable byte[] bArr) {
        this(bigInteger, bArr, true);
    }

    public boolean isPubKeyOnly() {
        return this.priv == null;
    }

    public boolean hasPrivKey() {
        return this.priv != null;
    }

    public byte[] toASN1() {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(HttpStatus.SC_BAD_REQUEST);
            DERSequenceGenerator dERSequenceGenerator = new DERSequenceGenerator(byteArrayOutputStream);
            dERSequenceGenerator.addObject(new ASN1Integer(1L));
            dERSequenceGenerator.addObject(new DEROctetString(this.priv.toByteArray()));
            dERSequenceGenerator.addObject(new DERTaggedObject(0, SECNamedCurves.getByName("secp256k1").toASN1Primitive()));
            dERSequenceGenerator.addObject(new DERTaggedObject(1, new DERBitString(getPubKey())));
            dERSequenceGenerator.close();
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public static byte[] publicKeyFromPrivate(BigInteger bigInteger, boolean z) {
        ECPoint multiply = CURVE.getG().multiply(bigInteger);
        if (z) {
            multiply = compressPoint(multiply);
        }
        return multiply.getEncoded();
    }

    public byte[] getPubKeyHash() {
        if (this.pubKeyHash == null) {
            this.pubKeyHash = Utils.sha256hash160(this.pub);
        }
        return this.pubKeyHash;
    }

    public byte[] getPubKey() {
        return this.pub;
    }

    public ECPoint getPubKeyPoint() {
        return CURVE.getCurve().decodePoint(this.pub);
    }

    public boolean isCompressed() {
        return this.pub.length == 33;
    }

    public boolean isFromXRandom() {
        return this.isFromXRandom;
    }

    public void setFromXRandom(boolean z) {
        this.isFromXRandom = z;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("pub:").append(Utils.bytesToHexString(this.pub));
        if (this.creationTimeSeconds != 0) {
            sb.append(" timestamp:").append(this.creationTimeSeconds);
        }
        if (isEncrypted()) {
            sb.append(" encrypted");
        }
        return sb.toString();
    }

    public String toStringWithPrivate() {
        StringBuilder sb = new StringBuilder();
        sb.append(toString());
        if (this.priv != null) {
            sb.append(" priv:").append(Utils.bytesToHexString(this.priv.toByteArray()));
        }
        return sb.toString();
    }

    public String toAddress() {
        return Utils.toAddress(Utils.sha256hash160(this.pub));
    }

    public void clearPrivateKey() {
        this.priv = BigInteger.ZERO;
        if (this.encryptedPrivateKey != null) {
            this.encryptedPrivateKey.clear();
        }
    }

    public ECDSASignature sign(byte[] bArr) throws KeyCrypterException {
        return sign(bArr, null);
    }

    public ECDSASignature sign(byte[] bArr, @Nullable KeyParameter keyParameter) throws KeyCrypterException {
        BigInteger bigInteger;
        if (FAKE_SIGNATURES) {
            return TransactionSignature.dummy();
        }
        if (isEncrypted()) {
            if (keyParameter == null) {
                throw new KeyCrypterException("This ECKey is encrypted but no decryption key has been supplied.");
            }
            if (this.keyCrypter == null) {
                throw new KeyCrypterException("There is no KeyCrypter to decrypt the private key for signing.");
            }
            bigInteger = new BigInteger(1, this.keyCrypter.decrypt(this.encryptedPrivateKey, keyParameter));
            if (!Arrays.equals(this.pub, publicKeyFromPrivate(bigInteger, isCompressed()))) {
                throw new KeyCrypterException("Could not decrypt bytes");
            }
        } else {
            if (this.priv == null) {
                throw new KeyCrypterException("This ECKey does not have the private key necessary for signing.");
            }
            bigInteger = this.priv;
        }
        ECDSASigner eCDSASigner = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
        eCDSASigner.init(true, new ECPrivateKeyParameters(bigInteger, CURVE));
        BigInteger[] generateSignature = eCDSASigner.generateSignature(bArr);
        ECDSASignature eCDSASignature = new ECDSASignature(generateSignature[0], generateSignature[1]);
        eCDSASignature.ensureCanonical();
        return eCDSASignature;
    }

    public static boolean verify(byte[] bArr, ECDSASignature eCDSASignature, byte[] bArr2) {
        if (FAKE_SIGNATURES) {
            return true;
        }
        if (NativeSecp256k1.enabled) {
            return NativeSecp256k1.verify(bArr, eCDSASignature.encodeToDER(), bArr2);
        }
        ECDSASigner eCDSASigner = new ECDSASigner();
        eCDSASigner.init(false, new ECPublicKeyParameters(CURVE.getCurve().decodePoint(bArr2), CURVE));
        try {
            return eCDSASigner.verifySignature(bArr, eCDSASignature.r, eCDSASignature.s);
        } catch (NullPointerException e) {
            log.error("Caught NPE inside bouncy castle");
            e.printStackTrace();
            return false;
        }
    }

    public static boolean verify(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return NativeSecp256k1.enabled ? NativeSecp256k1.verify(bArr, bArr2, bArr3) : verify(bArr, ECDSASignature.decodeFromDER(bArr2), bArr3);
    }

    public boolean verify(byte[] bArr, byte[] bArr2) {
        return verify(bArr, bArr2, getPubKey());
    }

    public boolean verify(Sha256Hash sha256Hash, ECDSASignature eCDSASignature) {
        return verify(sha256Hash.getBytes(), eCDSASignature, getPubKey());
    }

    public boolean isPubKeyCanonical() {
        return isPubKeyCanonical(this.pub);
    }

    public static boolean isPubKeyCanonical(byte[] bArr) {
        if (bArr.length < 33) {
            return false;
        }
        return bArr[0] == 4 ? bArr.length == 65 : (bArr[0] == 2 || bArr[0] == 3) && bArr.length == 33;
    }

    private static BigInteger extractPrivateKeyFromASN1(byte[] bArr) {
        try {
            ASN1InputStream aSN1InputStream = new ASN1InputStream(bArr);
            DLSequence dLSequence = (DLSequence) aSN1InputStream.readObject();
            Preconditions.checkArgument(dLSequence.size() == 4, "Input does not appear to be an ASN.1 OpenSSL EC private key");
            Preconditions.checkArgument(((ASN1Integer) dLSequence.getObjectAt(0)).getValue().equals(BigInteger.ONE), "Input is of wrong version");
            byte[] octets = ((ASN1OctetString) dLSequence.getObjectAt(1)).getOctets();
            aSN1InputStream.close();
            return new BigInteger(1, octets);
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public String signMessage(String str) throws KeyCrypterException {
        return signMessage(str, null);
    }

    public String signMessage(String str, @Nullable KeyParameter keyParameter) throws KeyCrypterException {
        return new String(Base64.encode(signHash(Utils.doubleDigest(Utils.formatMessageForSigning(str)), keyParameter)), Charset.forName("UTF-8"));
    }

    public byte[] signHash(byte[] bArr, @Nullable KeyParameter keyParameter) throws KeyCrypterException {
        ECDSASignature sign = sign(bArr, keyParameter);
        int i = -1;
        int i2 = 0;
        while (true) {
            if (i2 < 4) {
                ECKey recoverFromSignature = recoverFromSignature(i2, sign, bArr, isCompressed());
                if (recoverFromSignature != null && Arrays.equals(recoverFromSignature.pub, this.pub)) {
                    i = i2;
                    break;
                }
                i2++;
            } else {
                break;
            }
        }
        if (i == -1) {
            throw new RuntimeException("Could not construct a recoverable key. This should never happen.");
        }
        byte[] bArr2 = new byte[65];
        bArr2[0] = (byte) (i + 27 + (isCompressed() ? 4 : 0));
        System.arraycopy(Utils.bigIntegerToBytes(sign.r, 32), 0, bArr2, 1, 32);
        System.arraycopy(Utils.bigIntegerToBytes(sign.s, 32), 0, bArr2, 33, 32);
        return bArr2;
    }

    public static ECKey signedMessageToKey(String str, String str2) throws SignatureException {
        try {
            return signedMessageToKey(Utils.formatMessageForSigning(str), Base64.decode(str2));
        } catch (RuntimeException e) {
            throw new SignatureException("Could not decode base64", e);
        }
    }

    public static ECKey signedMessageToKey(byte[] bArr, byte[] bArr2) throws SignatureException {
        if (bArr2.length < 65) {
            throw new SignatureException("Signature truncated, expected 65 bytes and got " + bArr2.length);
        }
        int i = bArr2[0] & 255;
        if (i < 27 || i > 34) {
            throw new SignatureException("Header byte out of range: " + i);
        }
        ECDSASignature eCDSASignature = new ECDSASignature(new BigInteger(1, Arrays.copyOfRange(bArr2, 1, 33)), new BigInteger(1, Arrays.copyOfRange(bArr2, 33, 65)));
        byte[] doubleDigest = Utils.doubleDigest(bArr);
        boolean z = false;
        if (i >= 31) {
            z = true;
            i -= 4;
        }
        ECKey recoverFromSignature = recoverFromSignature(i - 27, eCDSASignature, doubleDigest, z);
        if (recoverFromSignature == null) {
            throw new SignatureException("Could not recover public key from signature");
        }
        return recoverFromSignature;
    }

    public void verifyMessage(String str, String str2) throws SignatureException {
        if (!Arrays.equals(signedMessageToKey(str, str2).getPubKey(), this.pub)) {
            throw new SignatureException("Signature did not match for message");
        }
    }

    @Nullable
    public static ECKey recoverFromSignature(int i, ECDSASignature eCDSASignature, byte[] bArr, boolean z) {
        ECPoint recoverECPointFromSignature = recoverECPointFromSignature(i, eCDSASignature, bArr);
        if (recoverECPointFromSignature != null) {
            return new ECKey((BigInteger) null, recoverECPointFromSignature.getEncoded(z));
        }
        return null;
    }

    public static ECPoint recoverECPointFromSignature(int i, ECDSASignature eCDSASignature, byte[] bArr) {
        Preconditions.checkArgument(i >= 0, "recId must be positive");
        Preconditions.checkArgument(eCDSASignature.r.signum() >= 0, "r must be positive");
        Preconditions.checkArgument(eCDSASignature.s.signum() >= 0, "s must be positive");
        Preconditions.checkNotNull(bArr);
        BigInteger n = CURVE.getN();
        BigInteger add = eCDSASignature.r.add(BigInteger.valueOf(i / 2).multiply(n));
        if (add.compareTo(SecP256K1Curve.q) >= 0) {
            return null;
        }
        ECPoint decompressKey = decompressKey(add, (i & 1) == 1);
        if (!decompressKey.multiply(n).isInfinity()) {
            return null;
        }
        BigInteger mod = BigInteger.ZERO.subtract(new BigInteger(1, bArr)).mod(n);
        BigInteger modInverse = eCDSASignature.r.modInverse(n);
        return ECAlgorithms.sumOfTwoMultiplies(CURVE.getG(), modInverse.multiply(mod).mod(n), decompressKey, modInverse.multiply(eCDSASignature.s).mod(n));
    }

    private static ECPoint decompressKey(BigInteger bigInteger, boolean z) {
        X9IntegerConverter x9IntegerConverter = new X9IntegerConverter();
        byte[] integerToBytes = x9IntegerConverter.integerToBytes(bigInteger, 1 + x9IntegerConverter.getByteLength(CURVE.getCurve()));
        integerToBytes[0] = (byte) (z ? 3 : 2);
        return CURVE.getCurve().decodePoint(integerToBytes);
    }

    @Nullable
    public byte[] getPrivKeyBytes() {
        return Utils.bigIntegerToBytes(this.priv, 32);
    }

    public void setCreationTimeSeconds(long j) {
        if (j < 0) {
            throw new IllegalArgumentException("Cannot set creation time to negative value: " + j);
        }
        this.creationTimeSeconds = j;
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || !(obj instanceof ECKey)) {
            return false;
        }
        return Arrays.equals(this.pub, ((ECKey) obj).pub);
    }

    public int hashCode() {
        return (this.pub[0] & 255) | ((this.pub[1] & 255) << 8) | ((this.pub[2] & 255) << 16) | ((this.pub[3] & 255) << 24);
    }

    public ECKey encrypt(KeyCrypter keyCrypter, KeyParameter keyParameter) throws KeyCrypterException {
        Preconditions.checkNotNull(keyCrypter);
        byte[] privKeyBytes = getPrivKeyBytes();
        Preconditions.checkState(privKeyBytes != null, "Private key is not available");
        ECKey eCKey = new ECKey(keyCrypter.encrypt(privKeyBytes, keyParameter), getPubKey(), keyCrypter);
        eCKey.setFromXRandom(this.isFromXRandom);
        return eCKey;
    }

    public ECKey decrypt(KeyCrypter keyCrypter, KeyParameter keyParameter) throws KeyCrypterException {
        Preconditions.checkNotNull(keyCrypter);
        if (this.keyCrypter != null && !this.keyCrypter.equals(keyCrypter)) {
            throw new KeyCrypterException("The keyCrypter being used to decrypt the key is different to the one that was used to encrypt it");
        }
        ECKey eCKey = new ECKey(new BigInteger(1, keyCrypter.decrypt(this.encryptedPrivateKey, keyParameter)), (byte[]) null, isCompressed());
        if (Arrays.equals(eCKey.getPubKey(), getPubKey())) {
            return eCKey;
        }
        throw new KeyCrypterException("Provided AES key is wrong");
    }

    public static boolean encryptionIsReversible(ECKey eCKey, ECKey eCKey2, KeyCrypter keyCrypter, KeyParameter keyParameter) {
        String str = "The check that encryption could be reversed failed for key " + eCKey.toString() + ". ";
        try {
            ECKey decrypt = eCKey2.decrypt(keyCrypter, keyParameter);
            if (decrypt == null) {
                log.error(str + "The test decrypted key was missing.");
                return false;
            }
            byte[] privKeyBytes = eCKey.getPrivKeyBytes();
            if (privKeyBytes != null) {
                if (decrypt.getPrivKeyBytes() == null) {
                    log.error(str + "The test decrypted key was missing.");
                    return false;
                }
                if (privKeyBytes.length != decrypt.getPrivKeyBytes().length) {
                    log.error(str + "The test decrypted private key was a different length to the original.");
                    return false;
                }
                for (int i = 0; i < privKeyBytes.length; i++) {
                    if (privKeyBytes[i] != decrypt.getPrivKeyBytes()[i]) {
                        log.error(str + "Byte " + i + " of the private key did not match the original.");
                        return false;
                    }
                }
            }
            return true;
        } catch (KeyCrypterException e) {
            log.error(e.getMessage());
            return false;
        }
    }

    public boolean isEncrypted() {
        return (this.keyCrypter == null || this.encryptedPrivateKey == null || this.encryptedPrivateKey.getEncryptedBytes() == null || this.encryptedPrivateKey.getEncryptedBytes().length <= 0) ? false : true;
    }

    @Nullable
    public EncryptedPrivateKey getEncryptedPrivateKey() {
        if (this.encryptedPrivateKey == null) {
            return null;
        }
        return this.encryptedPrivateKey.m670clone();
    }

    public KeyCrypter getKeyCrypter() {
        return this.keyCrypter;
    }

    static {
        FixedPointUtil.precompute(CURVE_PARAMS.getG(), 12);
        CURVE = new ECDomainParameters(CURVE_PARAMS.getCurve(), CURVE_PARAMS.getG(), CURVE_PARAMS.getN(), CURVE_PARAMS.getH());
        HALF_CURVE_ORDER = CURVE_PARAMS.getN().shiftRight(1);
        FAKE_SIGNATURES = false;
    }
}
