package de.gematik.rbellogger.converter;

import de.gematik.rbellogger.data.RbelElement;
import de.gematik.rbellogger.data.facet.RbelJsonFacet;
import de.gematik.rbellogger.data.facet.RbelNoteFacet;
import de.gematik.rbellogger.key.RbelKey;
import de.gematik.rbellogger.key.RbelVauKey;
import de.gematik.rbellogger.util.email_crypto.elliptic_curve.ObjectIdentifier;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import javax.crypto.KeyAgreement;
import javax.crypto.spec.SecretKeySpec;
import lombok.Generated;
import org.apache.batik.constants.XMLConstants;
import org.bouncycastle.crypto.DataLengthException;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.generators.HKDFBytesGenerator;
import org.bouncycastle.crypto.params.HKDFParameters;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECNamedCurveSpec;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ConverterInfo(onlyActivateFor = {"epa-vau"})
/* loaded from: input_file:BOOT-INF/lib/tiger-rbel-3.4.7.jar:de/gematik/rbellogger/converter/RbelVauEpaKeyDeriver.class */
public class RbelVauEpaKeyDeriver implements RbelConverterPlugin {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) RbelVauEpaKeyDeriver.class);
    private static final String KEY_ID = "KeyID";
    private static final String AES_256_GCM_KEY = "AES-256-GCM-Key";
    private static final String AES_256_GCM_KEY_SERVER_TO_CLIENT = "AES-256-GCM-Key-Server-to-Client";
    private static final String AES_256_GCM_KEY_CLIENT_TO_SERVER = "AES-256-GCM-Key-Client-to-Server";

    @Override // de.gematik.rbellogger.converter.RbelConverterPlugin
    public void consumeElement(RbelElement rbelElement, RbelConverter rbelConverter) {
        Optional flatMap = Optional.ofNullable(rbelElement).filter(rbelElement2 -> {
            return rbelElement2.hasFacet(RbelJsonFacet.class);
        }).flatMap(rbelElement3 -> {
            return rbelElement3.getFirst("PublicKey");
        }).flatMap(this::publicKeyFromJsonKey);
        if (flatMap.isEmpty()) {
            return;
        }
        log.trace("Found otherside public key");
        for (RbelKey rbelKey : rbelConverter.getRbelKeyManager().getAllKeys()) {
            Optional<U> map = rbelKey.retrieveCorrespondingKeyPair().map((v0) -> {
                return v0.getPrivate();
            });
            Class<PrivateKey> cls = PrivateKey.class;
            Objects.requireNonNull(PrivateKey.class);
            Optional or = map.map((v1) -> {
                return r1.cast(v1);
            }).or(() -> {
                Optional of = Optional.of(rbelKey.getKey());
                Class<PrivateKey> cls2 = PrivateKey.class;
                Objects.requireNonNull(PrivateKey.class);
                Optional filter = of.filter((v1) -> {
                    return r1.isInstance(v1);
                });
                Class<PrivateKey> cls3 = PrivateKey.class;
                Objects.requireNonNull(PrivateKey.class);
                return filter.map((v1) -> {
                    return r1.cast(v1);
                });
            });
            if (or.isPresent()) {
                if (log.isDebugEnabled()) {
                    log.debug("Trying key derivation with {}...", rbelKey.getKeyName());
                }
                List<RbelKey> keyDerivation = keyDerivation((PublicKey) flatMap.get(), (PrivateKey) or.get(), rbelKey);
                if (!keyDerivation.isEmpty()) {
                    addVauKeyToKeyManager(rbelConverter, keyDerivation);
                    rbelElement.findMessage().addFacet(RbelNoteFacet.builder().style(RbelNoteFacet.NoteStyling.INFO).value("Added keys with name '" + rbelKey.getKeyName() + "'").build());
                }
            }
        }
    }

    private void addVauKeyToKeyManager(RbelConverter rbelConverter, List<RbelKey> list) {
        for (RbelKey rbelKey : list) {
            if (rbelConverter.getRbelKeyManager().findKeyByName(rbelKey.getKeyName()).isEmpty()) {
                if (log.isTraceEnabled()) {
                    log.trace("Adding key {} as VAU key", rbelKey.getKeyName());
                }
                rbelConverter.getRbelKeyManager().addKey(rbelKey);
            }
        }
    }

    private Optional<PublicKey> publicKeyFromJsonKey(RbelElement rbelElement) {
        try {
            return Optional.ofNullable(KeyFactory.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME).generatePublic(new X509EncodedKeySpec(extractBinaryDataFromElement(rbelElement))));
        } catch (Exception e) {
            log.debug("Exception while converting Public Key {}:", rbelElement.getRawStringContent(), e);
            return Optional.empty();
        }
    }

    private byte[] extractBinaryDataFromElement(RbelElement rbelElement) {
        return Base64.getDecoder().decode(rbelElement.getRawStringContent().replace(XMLConstants.XML_DOUBLE_QUOTE, ""));
    }

    private List<RbelKey> keyDerivation(PublicKey publicKey, PrivateKey privateKey, RbelKey rbelKey) {
        if ((publicKey instanceof ECPublicKey) && ObjectIdentifier.BRAINPOOLP256R1.equals(((ECNamedCurveSpec) ((ECPublicKey) publicKey).getParams()).getName())) {
            if (log.isTraceEnabled()) {
                log.trace("Performing ECKA with {} and {}", Base64.getEncoder().encodeToString(privateKey.getEncoded()), Base64.getEncoder().encodeToString(publicKey.getEncoded()));
            }
            try {
                byte[] ecka = ecka(privateKey, publicKey);
                if (log.isTraceEnabled()) {
                    log.trace("shared secret: " + Hex.toHexString(ecka));
                }
                byte[] hkdf = hkdf(ecka, KEY_ID, 256);
                if (log.isTraceEnabled()) {
                    log.trace("keyID: " + Hex.toHexString(hkdf));
                }
                return List.of(mapToRbelKey(AES_256_GCM_KEY_CLIENT_TO_SERVER, "_client", hkdf, ecka, rbelKey), mapToRbelKey(AES_256_GCM_KEY_SERVER_TO_CLIENT, "_server", hkdf, ecka, rbelKey), mapToRbelKey(AES_256_GCM_KEY, "_old", hkdf, ecka, rbelKey));
            } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException e) {
                return List.of();
            }
        }
        return List.of();
    }

    private RbelKey mapToRbelKey(String str, String str2, byte[] bArr, byte[] bArr2, RbelKey rbelKey) {
        byte[] hkdf = hkdf(bArr2, str, 256);
        if (log.isTraceEnabled()) {
            log.trace("symKey: {}", Hex.toHexString(hkdf));
        }
        return new RbelVauKey(new SecretKeySpec(hkdf, "AES"), Hex.toHexString(bArr) + str2, 0, rbelKey);
    }

    private byte[] ecka(PrivateKey privateKey, PublicKey publicKey) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
        KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH", BouncyCastleProvider.PROVIDER_NAME);
        keyAgreement.init(privateKey);
        keyAgreement.doPhase(publicKey, true);
        return keyAgreement.generateSecret();
    }

    private byte[] hkdf(byte[] bArr, String str, int i) throws IllegalArgumentException, DataLengthException {
        return hkdf(bArr, str.getBytes(StandardCharsets.UTF_8), i);
    }

    private byte[] hkdf(byte[] bArr, byte[] bArr2, int i) throws IllegalArgumentException, DataLengthException {
        HKDFBytesGenerator hKDFBytesGenerator = new HKDFBytesGenerator(new SHA256Digest());
        hKDFBytesGenerator.init(new HKDFParameters(bArr, null, bArr2));
        byte[] bArr3 = new byte[i / 8];
        hKDFBytesGenerator.generateBytes(bArr3, 0, i / 8);
        return bArr3;
    }
}
