package net.corda.testing.node.internal;

import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import kotlin.Metadata;
import kotlin.collections.SetsKt;
import kotlin.jvm.internal.Intrinsics;
import net.corda.core.crypto.CryptoUtils;
import net.corda.core.crypto.DigitalSignature;
import net.corda.core.crypto.SignableData;
import net.corda.core.crypto.TransactionSignature;
import net.corda.core.identity.PartyAndCertificate;
import net.corda.core.node.services.IdentityService;
import net.corda.core.node.services.KeyManagementService;
import net.corda.core.serialization.SingletonSerializeAsToken;
import net.corda.node.services.keys.KMSUtilsKt;
import org.bouncycastle.operator.ContentSigner;
import org.jetbrains.annotations.NotNull;

/* compiled from: MockKeyManagementService.kt */
@Metadata(mv = {1, 1, 11}, bv = {1, 0, 2}, k = 1, d1 = {"��~\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0011\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0010%\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\"\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0010\u001c\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0012\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\u0018��2\u00020\u00012\u00020\u0002B!\u0012\u0006\u0010\u0003\u001a\u00020\u0004\u0012\u0012\u0010\u0005\u001a\n\u0012\u0006\b\u0001\u0012\u00020\u00070\u0006\"\u00020\u0007¢\u0006\u0002\u0010\bJ\u001c\u0010\u0019\u001a\b\u0012\u0004\u0012\u00020\r0\u001a2\f\u0010\u001b\u001a\b\u0012\u0004\u0012\u00020\r0\u001aH\u0016J\b\u0010\u001c\u001a\u00020\rH\u0016J\u0010\u0010\u001c\u001a\u00020\r2\u0006\u0010\u001d\u001a\u00020\u0014H\u0016J\u0018\u0010\u001e\u001a\u00020\u001f2\u0006\u0010 \u001a\u00020\u001f2\u0006\u0010!\u001a\u00020\"H\u0016J \u0010\u001e\u001a\u00020\u001f2\u0006\u0010 \u001a\u00020\u001f2\u0006\u0010!\u001a\u00020\"2\u0006\u0010\u001d\u001a\u00020\u0014H\u0016J\u0010\u0010#\u001a\u00020$2\u0006\u0010%\u001a\u00020\rH\u0002J\u0010\u0010&\u001a\u00020\u00072\u0006\u0010%\u001a\u00020\rH\u0002J\u0018\u0010'\u001a\u00020(2\u0006\u0010%\u001a\u00020\r2\u0006\u0010\u001d\u001a\u00020\u0014H\u0002J\u0018\u0010)\u001a\u00020*2\u0006\u0010+\u001a\u00020,2\u0006\u0010%\u001a\u00020\rH\u0016J\u0018\u0010)\u001a\u00020-2\u0006\u0010.\u001a\u00020/2\u0006\u0010%\u001a\u00020\rH\u0016R\u0011\u0010\u0003\u001a\u00020\u0004¢\u0006\b\n��\u001a\u0004\b\t\u0010\nR\u001a\u0010\u000b\u001a\u000e\u0012\u0004\u0012\u00020\r\u0012\u0004\u0012\u00020\u000e0\fX\u0082\u0004¢\u0006\u0002\n��R\u001a\u0010\u000f\u001a\b\u0012\u0004\u0012\u00020\r0\u00108VX\u0096\u0004¢\u0006\u0006\u001a\u0004\b\u0011\u0010\u0012R#\u0010\u0013\u001a\u0014\u0012\u0004\u0012\u00020\u0014\u0012\n\u0012\b\u0012\u0004\u0012\u00020\r0\u00100\f¢\u0006\b\n��\u001a\u0004\b\u0015\u0010\u0016R\u0014\u0010\u0017\u001a\b\u0012\u0004\u0012\u00020\u00070\u0018X\u0082\u0004¢\u0006\u0002\n��¨\u00060"}, d2 = {"Lnet/corda/testing/node/internal/MockKeyManagementService;", "Lnet/corda/core/serialization/SingletonSerializeAsToken;", "Lnet/corda/core/node/services/KeyManagementService;", "identityService", "Lnet/corda/core/node/services/IdentityService;", "initialKeys", "", "Ljava/security/KeyPair;", "(Lnet/corda/core/node/services/IdentityService;[Ljava/security/KeyPair;)V", "getIdentityService", "()Lnet/corda/core/node/services/IdentityService;", "keyStore", "", "Ljava/security/PublicKey;", "Ljava/security/PrivateKey;", "keys", "", "getKeys", "()Ljava/util/Set;", "keysById", "Ljava/util/UUID;", "getKeysById", "()Ljava/util/Map;", "nextKeys", "Ljava/util/LinkedList;", "filterMyKeys", "", "candidateKeys", "freshKey", "externalId", "freshKeyAndCert", "Lnet/corda/core/identity/PartyAndCertificate;", "identity", "revocationEnabled", "", "getSigner", "Lorg/bouncycastle/operator/ContentSigner;", "publicKey", "getSigningKeyPair", "mapKeyToId", "", "sign", "Lnet/corda/core/crypto/DigitalSignature$WithKey;", "bytes", "", "Lnet/corda/core/crypto/TransactionSignature;", "signableData", "Lnet/corda/core/crypto/SignableData;", "node-driver"})
/* loaded from: input_file:net/corda/testing/node/internal/MockKeyManagementService.class */
public final class MockKeyManagementService extends SingletonSerializeAsToken implements KeyManagementService {
    private final Map<PublicKey, PrivateKey> keyStore;
    private final LinkedList<KeyPair> nextKeys;

    @NotNull
    private final Map<UUID, Set<PublicKey>> keysById;

    @NotNull
    private final IdentityService identityService;

    @NotNull
    public Set<PublicKey> getKeys() {
        return this.keyStore.keySet();
    }

    @NotNull
    public final Map<UUID, Set<PublicKey>> getKeysById() {
        return this.keysById;
    }

    @NotNull
    public PublicKey freshKey() {
        KeyPair poll = this.nextKeys.poll();
        if (poll == null) {
            poll = CryptoUtils.generateKeyPair();
        }
        KeyPair keyPair = poll;
        Map<PublicKey, PrivateKey> map = this.keyStore;
        PublicKey publicKey = keyPair.getPublic();
        Intrinsics.checkExpressionValueIsNotNull(publicKey, "k.public");
        PrivateKey privateKey = keyPair.getPrivate();
        Intrinsics.checkExpressionValueIsNotNull(privateKey, "k.private");
        map.put(publicKey, privateKey);
        PublicKey publicKey2 = keyPair.getPublic();
        Intrinsics.checkExpressionValueIsNotNull(publicKey2, "k.public");
        return publicKey2;
    }

    private final void mapKeyToId(PublicKey publicKey, UUID uuid) {
        Set<PublicKey> set;
        Map<UUID, Set<PublicKey>> map = this.keysById;
        Set<PublicKey> set2 = map.get(uuid);
        if (set2 == null) {
            Set<PublicKey> emptySet = SetsKt.emptySet();
            map.put(uuid, emptySet);
            set = emptySet;
        } else {
            set = set2;
        }
        this.keysById.put(uuid, SetsKt.plus(set, publicKey));
    }

    @NotNull
    public PublicKey freshKey(@NotNull UUID uuid) {
        Intrinsics.checkParameterIsNotNull(uuid, "externalId");
        PublicKey freshKey = freshKey();
        mapKeyToId(freshKey, uuid);
        return freshKey;
    }

    @NotNull
    public PartyAndCertificate freshKeyAndCert(@NotNull PartyAndCertificate partyAndCertificate, boolean z, @NotNull UUID uuid) {
        Intrinsics.checkParameterIsNotNull(partyAndCertificate, "identity");
        Intrinsics.checkParameterIsNotNull(uuid, "externalId");
        PartyAndCertificate freshKeyAndCert = freshKeyAndCert(partyAndCertificate, z);
        mapKeyToId(freshKeyAndCert.getOwningKey(), uuid);
        return freshKeyAndCert;
    }

    @NotNull
    public Iterable<PublicKey> filterMyKeys(@NotNull Iterable<? extends PublicKey> iterable) {
        Intrinsics.checkParameterIsNotNull(iterable, "candidateKeys");
        ArrayList arrayList = new ArrayList();
        for (PublicKey publicKey : iterable) {
            if (getKeys().contains(publicKey)) {
                arrayList.add(publicKey);
            }
        }
        return arrayList;
    }

    @NotNull
    public PartyAndCertificate freshKeyAndCert(@NotNull PartyAndCertificate partyAndCertificate, boolean z) {
        Intrinsics.checkParameterIsNotNull(partyAndCertificate, "identity");
        return KMSUtilsKt.freshCertificate(this.identityService, freshKey(), partyAndCertificate, getSigner(partyAndCertificate.getOwningKey()));
    }

    private final ContentSigner getSigner(PublicKey publicKey) {
        return KMSUtilsKt.getSigner(getSigningKeyPair(publicKey));
    }

    private final KeyPair getSigningKeyPair(PublicKey publicKey) {
        Object obj;
        Iterator it = CryptoUtils.getKeys(publicKey).iterator();
        while (true) {
            if (!it.hasNext()) {
                obj = null;
                break;
            }
            Object next = it.next();
            if (this.keyStore.containsKey((PublicKey) next)) {
                obj = next;
                break;
            }
        }
        PublicKey publicKey2 = (PublicKey) obj;
        if (publicKey2 == null) {
            throw new IllegalArgumentException("Public key not found: " + CryptoUtils.toStringShort(publicKey));
        }
        PrivateKey privateKey = this.keyStore.get(publicKey2);
        if (privateKey == null) {
            Intrinsics.throwNpe();
        }
        return new KeyPair(publicKey2, privateKey);
    }

    @NotNull
    public DigitalSignature.WithKey sign(@NotNull byte[] bArr, @NotNull PublicKey publicKey) {
        Intrinsics.checkParameterIsNotNull(bArr, "bytes");
        Intrinsics.checkParameterIsNotNull(publicKey, "publicKey");
        return CryptoUtils.sign(getSigningKeyPair(publicKey), bArr);
    }

    @NotNull
    public TransactionSignature sign(@NotNull SignableData signableData, @NotNull PublicKey publicKey) {
        Intrinsics.checkParameterIsNotNull(signableData, "signableData");
        Intrinsics.checkParameterIsNotNull(publicKey, "publicKey");
        return CryptoUtils.sign(getSigningKeyPair(publicKey), signableData);
    }

    @NotNull
    public final IdentityService getIdentityService() {
        return this.identityService;
    }

    public MockKeyManagementService(@NotNull IdentityService identityService, @NotNull KeyPair... keyPairArr) {
        Intrinsics.checkParameterIsNotNull(identityService, "identityService");
        Intrinsics.checkParameterIsNotNull(keyPairArr, "initialKeys");
        this.identityService = identityService;
        HashMap hashMap = new HashMap();
        for (KeyPair keyPair : keyPairArr) {
            hashMap.put(keyPair.getPublic(), keyPair.getPrivate());
        }
        this.keyStore = hashMap;
        this.nextKeys = new LinkedList<>();
        this.keysById = new ConcurrentHashMap();
    }
}
