package freenet.keys;

import freenet.client.FECCodec;
import freenet.crypt.DSAGroup;
import freenet.crypt.DSAPrivateKey;
import freenet.crypt.DSAPublicKey;
import freenet.crypt.Global;
import freenet.crypt.PCFBMode;
import freenet.crypt.RandomSource;
import freenet.crypt.SHA256;
import freenet.crypt.UnsupportedCipherException;
import freenet.crypt.Util;
import freenet.crypt.ciphers.Rijndael;
import freenet.keys.Key;
import freenet.node.updater.NodeUpdateManager;
import freenet.support.Logger;
import freenet.support.api.Bucket;
import freenet.support.compress.InvalidCompressionCodecException;
import java.io.IOException;
import java.math.BigInteger;
import java.net.MalformedURLException;
import java.security.MessageDigest;
import java.util.Arrays;
import java.util.Random;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
import org.bouncycastle.crypto.signers.DSASigner;
import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
import org.spaceroots.mantissa.random.MersenneTwister;

/* loaded from: input_file:freenet/keys/InsertableClientSSK.class */
public class InsertableClientSSK extends ClientSSK {
    private static final long serialVersionUID = 1;
    public final DSAPrivateKey privKey;
    private static boolean logMINOR;

    public InsertableClientSSK(String str, byte[] bArr, DSAPublicKey dSAPublicKey, DSAPrivateKey dSAPrivateKey, byte[] bArr2, byte b) throws MalformedURLException {
        super(str, bArr, getExtraBytes(b), dSAPublicKey, bArr2);
        if (dSAPublicKey == null) {
            throw new NullPointerException();
        }
        this.privKey = dSAPrivateKey;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public InsertableClientSSK() {
        this.privKey = null;
    }

    public static InsertableClientSSK create(FreenetURI freenetURI) throws MalformedURLException {
        if (freenetURI.getKeyType().equalsIgnoreCase("KSK")) {
            return ClientKSK.create(freenetURI);
        }
        if (freenetURI.getRoutingKey() == null) {
            throw new MalformedURLException("Insertable SSK URIs must have a private key!: " + freenetURI);
        }
        if (freenetURI.getCryptoKey() == null) {
            throw new MalformedURLException("Insertable SSK URIs must have a private key!: " + freenetURI);
        }
        byte[] extra = freenetURI.getExtra();
        if (!freenetURI.getKeyType().equals("SSK")) {
            throw new MalformedURLException("Not a valid SSK insert URI type: " + freenetURI.getKeyType());
        }
        if (extra == null) {
            throw new MalformedURLException("Inserting pre-1010 keys not supported");
        }
        if (extra.length < 5) {
            throw new MalformedURLException("SSK private key ,extra too short");
        }
        if (extra[1] != 1) {
            throw new MalformedURLException("SSK not a private key");
        }
        byte b = extra[2];
        if (b != 2) {
            throw new MalformedURLException("Unrecognized crypto type in SSK private key");
        }
        if (freenetURI.getDocName() == null) {
            throw new MalformedURLException("SSK URIs must have a document name (to avoid ambiguity)");
        }
        DSAGroup dSAGroup = Global.DSAgroupBigA;
        try {
            DSAPrivateKey dSAPrivateKey = new DSAPrivateKey(new BigInteger(1, freenetURI.getRoutingKey()), dSAGroup);
            DSAPublicKey dSAPublicKey = new DSAPublicKey(dSAGroup, dSAPrivateKey);
            return new InsertableClientSSK(freenetURI.getDocName(), dSAPublicKey.asBytesHash(), dSAPublicKey, dSAPrivateKey, freenetURI.getCryptoKey(), b);
        } catch (IllegalArgumentException e) {
            Logger.error((Class<?>) InsertableClientSSK.class, "Caught " + e, (Throwable) e);
            throw new MalformedURLException("SSK private key (routing key) is invalid: " + e);
        }
    }

    public ClientSSKBlock encode(Bucket bucket, boolean z, boolean z2, short s, long j, RandomSource randomSource, String str) throws SSKEncodeException, IOException, InvalidCompressionCodecException {
        byte[] bArr;
        try {
            Key.Compressed compress = Key.compress(bucket, z2, s, j, NodeUpdateManager.MAX_REVOCATION_KEY_LENGTH, 1024, true, str);
            byte[] bArr2 = compress.compressedData;
            short s2 = compress.compressionAlgorithm;
            MessageDigest messageDigest = SHA256.getMessageDigest();
            if (bArr2.length != 1024) {
                if (bArr2.length != 0) {
                    messageDigest.update(bArr2);
                }
                MersenneTwister mersenneTwister = new freenet.support.math.MersenneTwister(messageDigest.digest());
                bArr = Arrays.copyOf(bArr2, 1024);
                if (bArr2.length > bArr.length) {
                    throw new RuntimeException("compressedData.length = " + bArr2.length + " but data.length=" + bArr.length);
                }
                Util.randomBytes((Random) mersenneTwister, bArr, bArr2.length, 1024 - bArr2.length);
            } else {
                bArr = bArr2;
            }
            byte[] digest = messageDigest.digest(bArr);
            try {
                Rijndael rijndael = new Rijndael(FECCodec.MAX_TOTAL_BLOCKS_PER_SEGMENT, FECCodec.MAX_TOTAL_BLOCKS_PER_SEGMENT);
                rijndael.initialize(digest);
                PCFBMode create = PCFBMode.create(rijndael, digest);
                create.blockEncipher(bArr, 0, bArr.length);
                byte[] digest2 = messageDigest.digest(bArr);
                byte[] bArr3 = new byte[136];
                int i = 0 + 1;
                bArr3[0] = 0;
                int i2 = i + 1;
                bArr3[i] = 1;
                int i3 = i2 + 1;
                bArr3[i2] = 0;
                int i4 = i3 + 1;
                bArr3[i3] = 2;
                System.arraycopy(this.ehDocname, 0, bArr3, i4, this.ehDocname.length);
                int length = i4 + this.ehDocname.length;
                byte[] copyOf = Arrays.copyOf(digest, 36);
                int length2 = digest.length;
                short length3 = (short) bArr2.length;
                if (z) {
                    length3 = (short) (length3 | 32768);
                }
                int i5 = length2 + 1;
                copyOf[length2] = (byte) (length3 >> 8);
                int i6 = i5 + 1;
                copyOf[i5] = (byte) length3;
                int i7 = i6 + 1;
                copyOf[i6] = (byte) (s2 >> 8);
                int i8 = i7 + 1;
                copyOf[i7] = (byte) s2;
                if (copyOf.length != i8) {
                    throw new IllegalStateException("Have more bytes to generate encoding SSK");
                }
                rijndael.initialize(this.cryptoKey);
                create.reset(this.ehDocname);
                create.blockEncipher(copyOf, 0, copyOf.length);
                System.arraycopy(copyOf, 0, bArr3, length, copyOf.length);
                int length4 = length + copyOf.length;
                messageDigest.update(bArr3, 0, length4);
                messageDigest.update(digest2);
                byte[] digest3 = messageDigest.digest();
                DSASigner dSASigner = new DSASigner(new HMacDSAKCalculator(new SHA256Digest()));
                dSASigner.init(true, new DSAPrivateKeyParameters(this.privKey.getX(), Global.getDSAgroupBigAParameters()));
                BigInteger[] generateSignature = dSASigner.generateSignature(Global.truncateHash(digest3));
                byte[] truncate = truncate(generateSignature[0].toByteArray(), 32);
                byte[] truncate2 = truncate(generateSignature[1].toByteArray(), 32);
                System.arraycopy(truncate, 0, bArr3, length4, truncate.length);
                int length5 = length4 + truncate.length;
                System.arraycopy(truncate2, 0, bArr3, length5, truncate2.length);
                if (length5 + truncate2.length != 136) {
                    throw new IllegalStateException("Too long");
                }
                try {
                    return new ClientSSKBlock(bArr, bArr3, this, !logMINOR);
                } catch (SSKVerifyException e) {
                    throw ((AssertionError) new AssertionError("Impossible encoding error").initCause(e));
                }
            } catch (UnsupportedCipherException e2) {
                throw new Error("256/256 Rijndael not supported!");
            }
        } catch (KeyEncodeException e3) {
            throw new SSKEncodeException(e3.getMessage(), e3);
        }
    }

    private byte[] truncate(byte[] bArr, int i) {
        if (bArr.length == i) {
            return bArr;
        }
        if (bArr.length < i) {
            byte[] bArr2 = new byte[i];
            System.arraycopy(bArr, 0, bArr2, i - bArr.length, bArr.length);
            return bArr2;
        }
        for (int i2 = 0; i2 < bArr.length - i; i2++) {
            if (bArr[i2] != 0) {
                throw new IllegalStateException("Cannot truncate");
            }
        }
        return Arrays.copyOfRange(bArr, bArr.length - i, bArr.length);
    }

    public static InsertableClientSSK createRandom(RandomSource randomSource, String str) {
        byte[] bArr = new byte[32];
        randomSource.nextBytes(bArr);
        DSAGroup dSAGroup = Global.DSAgroupBigA;
        DSAPrivateKey dSAPrivateKey = new DSAPrivateKey(dSAGroup, randomSource);
        DSAPublicKey dSAPublicKey = new DSAPublicKey(dSAGroup, dSAPrivateKey);
        try {
            return new InsertableClientSSK(str, SHA256.digest(dSAPublicKey.asBytes()), dSAPublicKey, dSAPrivateKey, bArr, (byte) 2);
        } catch (MalformedURLException e) {
            throw new Error(e);
        }
    }

    public FreenetURI getInsertURI() {
        return new FreenetURI("SSK", this.docName, this.privKey.getX().toByteArray(), this.cryptoKey, getInsertExtraBytes());
    }

    private byte[] getInsertExtraBytes() {
        byte[] extraBytes = getExtraBytes();
        extraBytes[1] = 1;
        return extraBytes;
    }

    public DSAGroup getCryptoGroup() {
        return Global.DSAgroupBigA;
    }

    static {
        Logger.registerClass(InsertableClientSSK.class);
    }
}
