package org.tokenscript.attestation;

import java.io.IOException;
import java.io.InvalidObjectException;
import java.math.BigInteger;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.util.PublicKeyFactory;
import org.tokenscript.attestation.core.Attestable;
import org.tokenscript.attestation.core.AttestationCrypto;
import org.tokenscript.attestation.core.ExceptionUtil;
import org.tokenscript.attestation.core.SignatureUtility;

/* loaded from: input_file:org/tokenscript/attestation/AttestedObject.class */
public class AttestedObject<T extends Attestable> extends AttestedKeyObject {
    private static final Logger logger = LogManager.getLogger(AttestedObject.class);
    private final T attestableObject;
    private final SignedIdentifierAttestation att;
    private final ProofOfExponent pok;
    private final AsymmetricKeyParameter userPublicKey;
    private final byte[] encoding;

    public AttestedObject(T t, SignedIdentifierAttestation signedIdentifierAttestation, AsymmetricKeyParameter asymmetricKeyParameter, BigInteger bigInteger, BigInteger bigInteger2, AttestationCrypto attestationCrypto) {
        this(t, signedIdentifierAttestation, bigInteger, bigInteger2, new byte[0], attestationCrypto);
    }

    public AttestedObject(T t, SignedIdentifierAttestation signedIdentifierAttestation, BigInteger bigInteger, BigInteger bigInteger2, byte[] bArr, AttestationCrypto attestationCrypto) {
        this.attestableObject = t;
        this.att = signedIdentifierAttestation;
        try {
            this.userPublicKey = PublicKeyFactory.createKey(signedIdentifierAttestation.getUnsignedAttestation().getSubjectPublicKeyInfo());
            this.pok = makeProof(bigInteger, bigInteger2, bArr, attestationCrypto);
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(ASN1Sequence.getInstance(this.attestableObject.getDerEncoding()));
            aSN1EncodableVector.add(ASN1Sequence.getInstance(signedIdentifierAttestation.getDerEncoding()));
            aSN1EncodableVector.add(ASN1Sequence.getInstance(this.pok.getDerEncoding()));
            this.encoding = new DERSequence(aSN1EncodableVector).getEncoded();
            constructorCheck();
        } catch (IOException e) {
            throw ExceptionUtil.makeRuntimeException(logger, "Could not decode asn1", e);
        }
    }

    public AttestedObject(T t, SignedIdentifierAttestation signedIdentifierAttestation, ProofOfExponent proofOfExponent) {
        this.attestableObject = t;
        this.att = signedIdentifierAttestation;
        this.pok = proofOfExponent;
        try {
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(ASN1Sequence.getInstance(t.getDerEncoding()));
            aSN1EncodableVector.add(ASN1Sequence.getInstance(signedIdentifierAttestation.getDerEncoding()));
            aSN1EncodableVector.add(ASN1Sequence.getInstance(proofOfExponent.getDerEncoding()));
            this.encoding = new DERSequence(aSN1EncodableVector).getEncoded();
            this.userPublicKey = PublicKeyFactory.createKey(signedIdentifierAttestation.getUnsignedAttestation().getSubjectPublicKeyInfo());
            constructorCheck();
        } catch (IOException e) {
            throw ExceptionUtil.makeRuntimeException(logger, "Could not encode asn1", e);
        }
    }

    public AttestedObject(byte[] bArr, ObjectDecoder<T> objectDecoder, AsymmetricKeyParameter asymmetricKeyParameter) {
        this.encoding = bArr;
        try {
            ASN1InputStream aSN1InputStream = new ASN1InputStream(bArr);
            ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(aSN1InputStream.readObject());
            aSN1InputStream.close();
            this.attestableObject = objectDecoder.decode(aSN1Sequence.getObjectAt(0).toASN1Primitive().getEncoded());
            this.att = new SignedIdentifierAttestation(aSN1Sequence.getObjectAt(1).toASN1Primitive().getEncoded(), asymmetricKeyParameter);
            this.pok = new UsageProofOfExponent(aSN1Sequence.getObjectAt(2).toASN1Primitive().getEncoded());
            this.userPublicKey = PublicKeyFactory.createKey(this.att.getUnsignedAttestation().getSubjectPublicKeyInfo());
            constructorCheck();
        } catch (IOException e) {
            throw ExceptionUtil.makeRuntimeException(logger, "Could not decode asn1", e);
        }
    }

    private void constructorCheck() {
        if (!verify()) {
            throw ((IllegalArgumentException) ExceptionUtil.throwException(logger, new IllegalArgumentException("Could not verify object")));
        }
    }

    public T getAttestableObject() {
        return this.attestableObject;
    }

    public SignedIdentifierAttestation getAtt() {
        return this.att;
    }

    public ProofOfExponent getPok() {
        return this.pok;
    }

    @Override // org.tokenscript.attestation.AttestedKeyObject
    public AsymmetricKeyParameter getAttestedUserKey() {
        return this.userPublicKey;
    }

    @Override // org.tokenscript.attestation.core.Validateable
    public boolean checkValidity() {
        try {
            if (!new IdentifierAttestation(this.att.getUnsignedAttestation().getDerEncoding()).checkValidity()) {
                logger.error("The attestation is not a valid standard attestation");
                return false;
            }
            if (!getAttestableObject().checkValidity()) {
                logger.error("Object is not valid");
                return false;
            }
            if (getAtt().getUnsignedAttestation().getAddress().equals(SignatureUtility.addressFromKey(getAttestedUserKey()))) {
                return true;
            }
            logger.error("The attestation is not to the same Ethereum user who is sending this request");
            return false;
        } catch (InvalidObjectException e) {
            logger.error("The attestation is invalid");
            return false;
        } catch (IOException e2) {
            logger.error("The attestation could not be parsed as a standard attestation");
            return false;
        }
    }

    @Override // org.tokenscript.attestation.core.Verifiable
    public boolean verify() {
        if (!this.attestableObject.verify()) {
            logger.error("Could not verify attestable object");
            return false;
        }
        if (!this.att.verify()) {
            logger.error("Could not verify attestation");
            return false;
        }
        if (AttestationCrypto.verifyEqualityProof(this.att.getUnsignedAttestation().getCommitment(), this.attestableObject.getCommitment(), this.pok)) {
            return true;
        }
        logger.error("Could not verify the consistency between the commitment in the attestation and the attested object");
        return false;
    }

    private UsageProofOfExponent makeProof(BigInteger bigInteger, BigInteger bigInteger2, byte[] bArr, AttestationCrypto attestationCrypto) {
        UsageProofOfExponent computeEqualityProof = attestationCrypto.computeEqualityProof(this.att.getUnsignedAttestation().getCommitment(), this.attestableObject.getCommitment(), bigInteger, bigInteger2, bArr);
        if (AttestationCrypto.verifyEqualityProof(this.att.getUnsignedAttestation().getCommitment(), this.attestableObject.getCommitment(), computeEqualityProof)) {
            return computeEqualityProof;
        }
        throw ((RuntimeException) ExceptionUtil.throwException(logger, new RuntimeException("The redeem proof did not verify")));
    }

    @Override // org.tokenscript.attestation.core.ASNEncodable
    public byte[] getDerEncoding() {
        return this.encoding;
    }
}
