package net.corda.testing.node;

import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertPath;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.Set;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin.jvm.internal.Intrinsics;
import net.corda.core.crypto.CryptoUtils;
import net.corda.core.crypto.DigitalSignature;
import net.corda.core.identity.PartyAndCertificate;
import net.corda.core.node.services.IdentityService;
import net.corda.core.node.services.KeyManagementService;
import net.corda.core.serialization.SingletonSerializeAsToken;
import net.corda.node.services.keys.KMSUtilsKt;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.operator.ContentSigner;
import org.jetbrains.annotations.NotNull;

/* compiled from: MockServices.kt */
@Metadata(mv = {1, 1, 6}, bv = {1, 0, 1}, k = 1, d1 = {"��l\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0011\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0010%\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\"\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000b\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0012\n��\u0018��2\u00020\u00012\u00020\u0002B!\u0012\u0006\u0010\u0003\u001a\u00020\u0004\u0012\u0012\u0010\u0005\u001a\n\u0012\u0006\b\u0001\u0012\u00020\u00070\u0006\"\u00020\u0007¢\u0006\u0002\u0010\bJ\b\u0010\u0017\u001a\u00020\rH\u0016J$\u0010\u0018\u001a\u000e\u0012\u0004\u0012\u00020\u001a\u0012\u0004\u0012\u00020\u001b0\u00192\u0006\u0010\u001c\u001a\u00020\u001d2\u0006\u0010\u001e\u001a\u00020\u001fH\u0016J\u0010\u0010 \u001a\u00020!2\u0006\u0010\"\u001a\u00020\rH\u0002J\u0010\u0010#\u001a\u00020\u00072\u0006\u0010\"\u001a\u00020\rH\u0002J\u0018\u0010$\u001a\u00020%2\u0006\u0010&\u001a\u00020'2\u0006\u0010\"\u001a\u00020\rH\u0016R\u0011\u0010\u0003\u001a\u00020\u0004¢\u0006\b\n��\u001a\u0004\b\t\u0010\nR\u001a\u0010\u000b\u001a\u000e\u0012\u0004\u0012\u00020\r\u0012\u0004\u0012\u00020\u000e0\fX\u0082\u0004¢\u0006\u0002\n��R\u001a\u0010\u000f\u001a\b\u0012\u0004\u0012\u00020\r0\u00108VX\u0096\u0004¢\u0006\u0006\u001a\u0004\b\u0011\u0010\u0012R\u0017\u0010\u0013\u001a\b\u0012\u0004\u0012\u00020\u00070\u0014¢\u0006\b\n��\u001a\u0004\b\u0015\u0010\u0016¨\u0006("}, d2 = {"Lnet/corda/testing/node/MockKeyManagementService;", "Lnet/corda/core/serialization/SingletonSerializeAsToken;", "Lnet/corda/core/node/services/KeyManagementService;", "identityService", "Lnet/corda/core/node/services/IdentityService;", "initialKeys", "", "Ljava/security/KeyPair;", "(Lnet/corda/core/node/services/IdentityService;[Ljava/security/KeyPair;)V", "getIdentityService", "()Lnet/corda/core/node/services/IdentityService;", "keyStore", "", "Ljava/security/PublicKey;", "Ljava/security/PrivateKey;", "keys", "", "getKeys", "()Ljava/util/Set;", "nextKeys", "Ljava/util/LinkedList;", "getNextKeys", "()Ljava/util/LinkedList;", "freshKey", "freshKeyAndCert", "Lkotlin/Pair;", "Lorg/bouncycastle/cert/X509CertificateHolder;", "Ljava/security/cert/CertPath;", "identity", "Lnet/corda/core/identity/PartyAndCertificate;", "revocationEnabled", "", "getSigner", "Lorg/bouncycastle/operator/ContentSigner;", "publicKey", "getSigningKeyPair", "sign", "Lnet/corda/core/crypto/DigitalSignature$WithKey;", "bytes", "", "test-utils_main"})
/* loaded from: input_file:net/corda/testing/node/MockKeyManagementService.class */
public final class MockKeyManagementService extends SingletonSerializeAsToken implements KeyManagementService {
    private final Map<PublicKey, PrivateKey> keyStore;

    @NotNull
    private final LinkedList<KeyPair> nextKeys;

    @NotNull
    private final IdentityService identityService;

    @NotNull
    public Set<PublicKey> getKeys() {
        return this.keyStore.keySet();
    }

    @NotNull
    public final LinkedList<KeyPair> getNextKeys() {
        return this.nextKeys;
    }

    @NotNull
    public PublicKey freshKey() {
        KeyPair poll = this.nextKeys.poll();
        if (poll == null) {
            poll = CryptoUtils.generateKeyPair();
        }
        KeyPair keyPair = poll;
        Map<PublicKey, PrivateKey> map = this.keyStore;
        PublicKey publicKey = keyPair.getPublic();
        Intrinsics.checkExpressionValueIsNotNull(publicKey, "k.public");
        PrivateKey privateKey = keyPair.getPrivate();
        Intrinsics.checkExpressionValueIsNotNull(privateKey, "k.private");
        map.put(publicKey, privateKey);
        PublicKey publicKey2 = keyPair.getPublic();
        Intrinsics.checkExpressionValueIsNotNull(publicKey2, "k.public");
        return publicKey2;
    }

    @NotNull
    public Pair<X509CertificateHolder, CertPath> freshKeyAndCert(@NotNull PartyAndCertificate partyAndCertificate, boolean z) {
        Intrinsics.checkParameterIsNotNull(partyAndCertificate, "identity");
        return KMSUtilsKt.freshCertificate(this.identityService, freshKey(), partyAndCertificate, getSigner(partyAndCertificate.getOwningKey()), z);
    }

    private final ContentSigner getSigner(PublicKey publicKey) {
        return KMSUtilsKt.getSigner(getSigningKeyPair(publicKey));
    }

    private final KeyPair getSigningKeyPair(PublicKey publicKey) {
        for (Object obj : CryptoUtils.getKeys(publicKey)) {
            if (this.keyStore.containsKey((PublicKey) obj)) {
                PublicKey publicKey2 = (PublicKey) obj;
                PrivateKey privateKey = this.keyStore.get(publicKey2);
                if (privateKey == null) {
                    Intrinsics.throwNpe();
                }
                return new KeyPair(publicKey2, privateKey);
            }
        }
        throw new NoSuchElementException("Collection contains no element matching the predicate.");
    }

    @NotNull
    public DigitalSignature.WithKey sign(@NotNull byte[] bArr, @NotNull PublicKey publicKey) {
        Intrinsics.checkParameterIsNotNull(bArr, "bytes");
        Intrinsics.checkParameterIsNotNull(publicKey, "publicKey");
        return CryptoUtils.sign(getSigningKeyPair(publicKey), bArr);
    }

    @NotNull
    public final IdentityService getIdentityService() {
        return this.identityService;
    }

    public MockKeyManagementService(@NotNull IdentityService identityService, @NotNull KeyPair... keyPairArr) {
        Intrinsics.checkParameterIsNotNull(identityService, "identityService");
        Intrinsics.checkParameterIsNotNull(keyPairArr, "initialKeys");
        this.identityService = identityService;
        HashMap hashMap = new HashMap();
        for (KeyPair keyPair : keyPairArr) {
            hashMap.put(keyPair.getPublic(), keyPair.getPrivate());
        }
        this.keyStore = hashMap;
        this.nextKeys = new LinkedList<>();
    }
}
