package dev.sigstore;

import com.google.api.client.util.Preconditions;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.hash.Hashing;
import com.google.common.io.Files;
import dev.sigstore.VerificationOptions;
import dev.sigstore.bundle.Bundle;
import dev.sigstore.dsse.InTotoPayload;
import dev.sigstore.encryption.certificates.Certificates;
import dev.sigstore.encryption.signers.Verifiers;
import dev.sigstore.fulcio.client.FulcioVerificationException;
import dev.sigstore.fulcio.client.FulcioVerifier;
import dev.sigstore.rekor.client.HashedRekordRequest;
import dev.sigstore.rekor.client.RekorEntry;
import dev.sigstore.rekor.client.RekorTypeException;
import dev.sigstore.rekor.client.RekorTypes;
import dev.sigstore.rekor.client.RekorVerificationException;
import dev.sigstore.rekor.client.RekorVerifier;
import dev.sigstore.rekor.dsse.v0_0_1.Dsse;
import dev.sigstore.rekor.dsse.v0_0_1.PayloadHash;
import dev.sigstore.trustroot.SigstoreTrustedRoot;
import dev.sigstore.tuf.SigstoreTufClient;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Path;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.cert.CertPath;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.sql.Date;
import java.util.Arrays;
import java.util.Base64;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import org.bouncycastle.util.encoders.DecoderException;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:dev/sigstore/KeylessVerifier.class */
public class KeylessVerifier {
    private final FulcioVerifier fulcioVerifier;
    private final RekorVerifier rekorVerifier;

    /* loaded from: input_file:dev/sigstore/KeylessVerifier$Builder.class */
    public static class Builder {
        private TrustedRootProvider trustedRootProvider;

        public KeylessVerifier build() throws InvalidAlgorithmParameterException, CertificateException, InvalidKeySpecException, NoSuchAlgorithmException, IOException, InvalidKeyException {
            Preconditions.checkNotNull(this.trustedRootProvider);
            SigstoreTrustedRoot sigstoreTrustedRoot = this.trustedRootProvider.get();
            return new KeylessVerifier(FulcioVerifier.newFulcioVerifier(sigstoreTrustedRoot), RekorVerifier.newRekorVerifier(sigstoreTrustedRoot));
        }

        public Builder sigstorePublicDefaults() {
            this.trustedRootProvider = TrustedRootProvider.from(SigstoreTufClient.builder().usePublicGoodInstance());
            return this;
        }

        public Builder sigstoreStagingDefaults() {
            this.trustedRootProvider = TrustedRootProvider.from(SigstoreTufClient.builder().useStagingInstance());
            return this;
        }

        public Builder trustedRootProvider(TrustedRootProvider trustedRootProvider) {
            this.trustedRootProvider = trustedRootProvider;
            return this;
        }
    }

    private KeylessVerifier(FulcioVerifier fulcioVerifier, RekorVerifier rekorVerifier) {
        this.fulcioVerifier = fulcioVerifier;
        this.rekorVerifier = rekorVerifier;
    }

    public static Builder builder() {
        return new Builder();
    }

    public void verify(Path path, Bundle bundle, VerificationOptions verificationOptions) throws KeylessVerificationException {
        try {
            verify(Files.asByteSource(path.toFile()).hash(Hashing.sha256()).asBytes(), bundle, verificationOptions);
        } catch (IOException e) {
            throw new KeylessVerificationException("Could not hash provided artifact path: " + path);
        }
    }

    public void verify(byte[] bArr, Bundle bundle, VerificationOptions verificationOptions) throws KeylessVerificationException {
        if (bundle.getDsseEnvelope().isEmpty() && bundle.getMessageSignature().isEmpty()) {
            throw new IllegalStateException("Bundle must contain a message signature or DSSE envelope to verify");
        }
        if (bundle.mo90getEntries().isEmpty()) {
            throw new KeylessVerificationException("Cannot verify bundle without tlog entry");
        }
        if (bundle.mo90getEntries().size() > 1) {
            throw new KeylessVerificationException("Bundle verification expects 1 entry, but found " + bundle.mo90getEntries().size());
        }
        if (!bundle.mo89getTimestamps().isEmpty()) {
            throw new KeylessVerificationException("Cannot verify bundles with timestamp verification material");
        }
        CertPath certPath = bundle.getCertPath();
        X509Certificate leaf = Certificates.getLeaf(certPath);
        try {
            this.fulcioVerifier.verifySigningCertificate(certPath);
            checkCertificateMatchers(leaf, verificationOptions.mo83getCertificateMatchers());
            RekorEntry rekorEntry = bundle.mo90getEntries().get(0);
            try {
                this.rekorVerifier.verifyEntry(rekorEntry);
                try {
                    leaf.checkValidity(Date.from(rekorEntry.getIntegratedTimeInstant()));
                    if (bundle.getMessageSignature().isPresent()) {
                        checkMessageSignature(bundle.getMessageSignature().get(), rekorEntry, bArr, leaf);
                    } else {
                        checkDsseEnvelope(rekorEntry, bundle.getDsseEnvelope().get(), bArr, leaf);
                    }
                } catch (CertificateExpiredException e) {
                    throw new KeylessVerificationException("Signing time was after certificate expiry", e);
                } catch (CertificateNotYetValidException e2) {
                    throw new KeylessVerificationException("Signing time was before certificate validity", e2);
                }
            } catch (RekorVerificationException e3) {
                throw new KeylessVerificationException("Rekor entry signature was not valid", e3);
            }
        } catch (FulcioVerificationException | IOException e4) {
            throw new KeylessVerificationException("Fulcio certificate was not valid: " + e4.getMessage(), e4);
        }
    }

    @VisibleForTesting
    void checkCertificateMatchers(X509Certificate x509Certificate, List<VerificationOptions.CertificateMatcher> list) throws KeylessVerificationException {
        try {
            if (list.size() <= 0 || !list.stream().noneMatch(certificateMatcher -> {
                return certificateMatcher.test(x509Certificate);
            })) {
            } else {
                throw new KeylessVerificationException("No provided certificate identities matched values in certificate: " + ((String) list.stream().map((v0) -> {
                    return v0.toString();
                }).collect(Collectors.joining(",", "[", "]"))));
            }
        } catch (VerificationOptions.UncheckedCertificateException e) {
            throw new KeylessVerificationException("Could not verify certificate identities: " + e.getMessage());
        }
    }

    private void checkMessageSignature(Bundle.MessageSignature messageSignature, RekorEntry rekorEntry, byte[] bArr, X509Certificate x509Certificate) throws KeylessVerificationException {
        if (messageSignature.getMessageDigest().isPresent()) {
            byte[] digest = messageSignature.getMessageDigest().get().getDigest();
            if (!Arrays.equals(bArr, digest)) {
                throw new KeylessVerificationException("Provided artifact digest does not match digest used for verification\nprovided(hex) : " + Hex.toHexString(bArr) + "\nverification(hex) : " + Hex.toHexString(digest));
            }
        }
        byte[] signature = messageSignature.getSignature();
        try {
            if (!Verifiers.newVerifier(x509Certificate.getPublicKey()).verifyDigest(bArr, signature)) {
                throw new KeylessVerificationException("Artifact signature was not valid");
            }
            try {
                RekorTypes.getHashedRekord(rekorEntry);
                if (Objects.equals(Base64.getEncoder().encodeToString(HashedRekordRequest.newHashedRekordRequest(bArr, Certificates.toPemBytes(x509Certificate), signature).toJsonPayload().getBytes(StandardCharsets.UTF_8)), rekorEntry.getBody())) {
                } else {
                    throw new KeylessVerificationException("Provided verification materials are inconsistent with log entry");
                }
            } catch (RekorTypeException e) {
                throw new KeylessVerificationException("Unexpected rekor type", e);
            } catch (IOException e2) {
                throw new RuntimeException("Unexpected IOException on valid leafCert", e2);
            }
        } catch (InvalidKeyException | NoSuchAlgorithmException e3) {
            throw new RuntimeException(e3);
        } catch (SignatureException e4) {
            throw new KeylessVerificationException("Signature could not be processed: " + e4.getMessage(), e4);
        }
    }

    private void checkDsseEnvelope(RekorEntry rekorEntry, Bundle.DsseEnvelope dsseEnvelope, byte[] bArr, X509Certificate x509Certificate) throws KeylessVerificationException {
        if (!Objects.equals(InTotoPayload.PAYLOAD_TYPE, dsseEnvelope.getPayloadType())) {
            throw new KeylessVerificationException("DSSE envelope must have payload type application/vnd.in-toto+json, but found '" + dsseEnvelope.getPayloadType() + "'");
        }
        InTotoPayload from = InTotoPayload.from(dsseEnvelope);
        if (from.mo94getSubject().stream().noneMatch(subject -> {
            if (!subject.mo95getDigest().containsKey("sha256")) {
                return false;
            }
            try {
                return Arrays.equals(bArr, Hex.decode(subject.mo95getDigest().get("sha256")));
            } catch (DecoderException e) {
                return false;
            }
        })) {
            throw new KeylessVerificationException("Provided artifact digest does not match any subject sha256 digests in DSSE payload\nprovided(hex) : " + Hex.toHexString(bArr) + "\nverification  : " + ((String) from.mo94getSubject().stream().map(subject2 -> {
                return subject2.mo95getDigest().getOrDefault("sha256", "no-sha256-hash");
            }).collect(Collectors.joining(",", "[", "]"))));
        }
        if (dsseEnvelope.mo91getSignatures().size() != 1) {
            throw new KeylessVerificationException("DSSE envelope must have exactly 1 signature, but found: " + dsseEnvelope.mo91getSignatures().size());
        }
        try {
            if (!Verifiers.newVerifier(x509Certificate.getPublicKey()).verify(dsseEnvelope.getPAE(), dsseEnvelope.getSignature())) {
                throw new KeylessVerificationException("DSSE signature was not valid");
            }
            try {
                Dsse dsse = RekorTypes.getDsse(rekorEntry);
                PayloadHash.Algorithm algorithm = dsse.getPayloadHash().getAlgorithm();
                if (algorithm != PayloadHash.Algorithm.SHA_256) {
                    throw new KeylessVerificationException("Cannot process DSSE entry with hashing algorithm " + algorithm.toString());
                }
                try {
                    if (!Arrays.equals(Hashing.sha256().hashBytes(dsseEnvelope.getPayload()).asBytes(), Hex.decode(dsse.getPayloadHash().getValue()))) {
                        throw new KeylessVerificationException("Digest of DSSE payload in bundle does not match DSSE payload digest in log entry");
                    }
                    if (dsse.getSignatures().size() != 1) {
                        throw new KeylessVerificationException("DSSE log entry must have exactly 1 signature, but found: " + dsse.getSignatures().size());
                    }
                    if (!Base64.getEncoder().encodeToString(dsseEnvelope.getSignature()).equals(dsse.getSignatures().get(0).getSignature())) {
                        throw new KeylessVerificationException("Provided DSSE signature materials are inconsistent with DSSE log entry");
                    }
                } catch (DecoderException e) {
                    throw new KeylessVerificationException("Could not decode hex sha256 artifact hash in hashrekord", e);
                }
            } catch (RekorTypeException e2) {
                throw new KeylessVerificationException("Unexpected rekor type", e2);
            }
        } catch (InvalidKeyException | NoSuchAlgorithmException e3) {
            throw new RuntimeException(e3);
        } catch (SignatureException e4) {
            throw new KeylessVerificationException("Signature could not be processed", e4);
        }
    }
}
