package net.openhft.chronicle.salt;

import net.openhft.chronicle.bytes.Bytes;
import net.openhft.chronicle.bytes.BytesStore;
import net.openhft.chronicle.bytes.VanillaBytes;
import net.openhft.chronicle.core.annotation.NotNull;
import net.openhft.chronicle.core.annotation.Nullable;
import net.openhft.chronicle.salt.Sodium;

/* loaded from: input_file:net/openhft/chronicle/salt/Signature.class */
public enum Signature {
    ;

    /* loaded from: input_file:net/openhft/chronicle/salt/Signature$KeyPair.class */
    public static class KeyPair {
        public final SecretKey secretKey = new SecretKey();
        public final PublicKey publicKey = new PublicKey();

        private KeyPair() {
            Sodium.SODIUM.crypto_sign_keypair(this.publicKey.address(), this.secretKey.address());
        }

        private KeyPair(BytesStore bytesStore) {
            Sodium.SODIUM.crypto_sign_seed_keypair(this.publicKey.address(), this.secretKey.address(), Sodium.Util.setSize(bytesStore, 32L).addressForWrite(0L));
        }

        public static KeyPair generate() {
            return new KeyPair();
        }

        public static KeyPair deterministic(long j) {
            VanillaBytes<Void> allocateDirect = Bytes.allocateDirect(32L);
            allocateDirect.writeLong(0L, j);
            return deterministic(allocateDirect);
        }

        public static KeyPair deterministic(BytesStore bytesStore) {
            return new KeyPair(bytesStore);
        }

        public void wipe() {
            this.secretKey.wipe();
        }
    }

    /* loaded from: input_file:net/openhft/chronicle/salt/Signature$MultiPart.class */
    public static class MultiPart {
        public final BytesStore state = Bytes.allocateDirect(256);

        public MultiPart() {
            ((Bytes) this.state).readLimit(256L);
            Sodium.SODIUM.crypto_sign_init(this.state.addressForRead(0L));
        }

        void reset() {
            Sodium.SODIUM.crypto_sign_init(this.state.addressForRead(0L));
        }

        public void add(BytesStore bytesStore) {
            Sodium.checkValid(Sodium.SODIUM.crypto_sign_update(this.state.addressForRead(0L), bytesStore.addressForRead(bytesStore.readPosition()), bytesStore.readRemaining()), "Failed to add to multi-part message");
        }

        public BytesStore sign(SecretKey secretKey) {
            return sign(secretKey.store);
        }

        public BytesStore sign(BytesStore bytesStore) {
            BytesStore size = Sodium.Util.setSize(null, 64L);
            Sodium.checkValid(Sodium.SODIUM.crypto_sign_final_create(this.state.addressForRead(0L), size.addressForWrite(0L), 0L, bytesStore.addressForRead(bytesStore.readPosition())), "Multi-part signature failed");
            return size;
        }

        public void verify(BytesStore bytesStore, PublicKey publicKey) {
            verify(bytesStore, publicKey.store);
        }

        public void verify(BytesStore bytesStore, BytesStore bytesStore2) {
            Sodium.checkValid(Sodium.SODIUM.crypto_sign_final_verify(this.state.addressForRead(0L), bytesStore.addressForRead(bytesStore.readPosition()), bytesStore2.addressForRead(bytesStore2.readPosition())), "Multi-part signature verification failed");
        }
    }

    /* loaded from: input_file:net/openhft/chronicle/salt/Signature$PublicKey.class */
    public static class PublicKey {
        public final BytesStore store;

        private PublicKey() {
            this.store = Bytes.allocateDirect(32L);
            ((Bytes) this.store).readLimit(32L);
        }

        public long address() {
            return this.store.addressForRead(0L);
        }
    }

    /* loaded from: input_file:net/openhft/chronicle/salt/Signature$SecretKey.class */
    public static class SecretKey {
        public final BytesStore store;

        private SecretKey() {
            this.store = Bytes.allocateDirect(64L);
            ((Bytes) this.store).readLimit(64L);
        }

        public long address() {
            return this.store.addressForRead(0L);
        }

        public void wipe() {
            Sodium.SODIUM.sodium_memzero(address(), 64L);
        }

        BytesStore extractSeed() {
            return extractSeed(null);
        }

        BytesStore extractSeed(BytesStore bytesStore) {
            BytesStore size = Sodium.Util.setSize(bytesStore, 32L);
            Sodium.checkValid(Sodium.SODIUM.crypto_sign_ed25519_sk_to_seed(size.addressForWrite(0L), this.store.addressForRead(0L)), "Failed to extract seed from signer's secret key");
            return size;
        }

        BytesStore extractPublicKey() {
            return extractPublicKey(null);
        }

        BytesStore extractPublicKey(BytesStore bytesStore) {
            BytesStore size = Sodium.Util.setSize(bytesStore, 32L);
            Sodium.checkValid(Sodium.SODIUM.crypto_sign_ed25519_sk_to_pk(size.addressForWrite(0L), this.store.addressForRead(0L)), "Failed to extract public key from signer's secret key");
            return size;
        }
    }

    public static BytesStore sign(BytesStore bytesStore, SecretKey secretKey) {
        return sign((BytesStore) null, bytesStore, secretKey);
    }

    public static BytesStore sign(BytesStore bytesStore, BytesStore bytesStore2, SecretKey secretKey) {
        return sign(bytesStore, bytesStore2, secretKey.store);
    }

    public static BytesStore sign(BytesStore bytesStore, BytesStore bytesStore2, BytesStore bytesStore3) {
        if (bytesStore3 == null) {
            throw new RuntimeException("Sign failed. Secret key not available.");
        }
        long readRemaining = bytesStore2.readRemaining();
        BytesStore size = Sodium.Util.setSize(bytesStore, readRemaining + 64);
        Sodium.checkValid(Sodium.SODIUM.crypto_sign(size.addressForWrite(0L), 0L, bytesStore2.addressForRead(bytesStore2.readPosition()), readRemaining, bytesStore3.addressForRead(bytesStore3.readPosition())), "Signing failed");
        return size;
    }

    @NotNull
    public static BytesStore verify(@NotNull BytesStore bytesStore, PublicKey publicKey) {
        return verify((BytesStore) null, bytesStore, publicKey);
    }

    public static BytesStore verify(@Nullable BytesStore bytesStore, @NotNull BytesStore bytesStore2, PublicKey publicKey) {
        return verify(bytesStore, bytesStore2, publicKey.store);
    }

    public static BytesStore verify(@Nullable BytesStore bytesStore, @NotNull BytesStore bytesStore2, BytesStore bytesStore3) {
        if (bytesStore3 == null) {
            throw new RuntimeException("Decryption failed. Public key not available.");
        }
        long readRemaining = bytesStore2.readRemaining();
        BytesStore size = Sodium.Util.setSize(bytesStore, readRemaining - 64);
        Sodium.checkValid(Sodium.SODIUM.crypto_sign_open(size.addressForWrite(0L), 0L, bytesStore2.addressForRead(bytesStore2.readPosition()), readRemaining, bytesStore3.addressForRead(bytesStore3.readPosition())), "Signature verification failed");
        return size;
    }
}
