package org.tokenscript.attestation.cheque;

import java.io.IOException;
import java.math.BigInteger;
import java.time.Clock;
import java.util.Date;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1GeneralizedTime;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory;
import org.tokenscript.attestation.IdentifierAttestation;
import org.tokenscript.attestation.Timestamp;
import org.tokenscript.attestation.core.Attestable;
import org.tokenscript.attestation.core.AttestationCrypto;
import org.tokenscript.attestation.core.ExceptionUtil;
import org.tokenscript.attestation.core.SignatureUtility;

/* loaded from: input_file:org/tokenscript/attestation/cheque/Cheque.class */
public class Cheque implements Attestable {
    private static final Logger logger = LogManager.getLogger(Cheque.class);
    private final byte[] commitment;
    private final long amount;
    private final long notValidBefore;
    private final long notValidAfter;
    private final AsymmetricKeyParameter publicKey;
    private final byte[] signature;
    private final byte[] encoded;

    public Cheque(String str, IdentifierAttestation.AttestationType attestationType, long j, long j2, AsymmetricCipherKeyPair asymmetricCipherKeyPair, BigInteger bigInteger) {
        this.commitment = AttestationCrypto.makeCommitment(str, attestationType, bigInteger);
        this.publicKey = asymmetricCipherKeyPair.getPublic();
        this.amount = j;
        long millis = Clock.systemUTC().millis();
        this.notValidBefore = millis - (millis % 1000);
        this.notValidAfter = this.notValidBefore + j2;
        ASN1Sequence makeCheque = makeCheque(this.commitment, j, this.notValidBefore, this.notValidAfter);
        try {
            this.signature = SignatureUtility.signWithEthereum(makeCheque.getEncoded(), asymmetricCipherKeyPair.getPrivate());
            this.encoded = encodeSignedCheque(makeCheque, this.signature, this.publicKey);
            if (!verify()) {
                throw ((IllegalArgumentException) ExceptionUtil.throwException(logger, new IllegalArgumentException("Could not verify object")));
            }
        } catch (IOException e) {
            throw ExceptionUtil.makeRuntimeException(logger, "Could not encode asn1", e);
        }
    }

    public Cheque(byte[] bArr, long j, long j2, long j3, byte[] bArr2, AsymmetricKeyParameter asymmetricKeyParameter) {
        this.commitment = bArr;
        this.publicKey = asymmetricKeyParameter;
        this.amount = j;
        if (j2 % 1000 != 0 || j3 % 1000 != 0) {
            throw ((IllegalArgumentException) ExceptionUtil.throwException(logger, new IllegalArgumentException("Can only support time granularity to the second")));
        }
        this.notValidBefore = j2;
        this.notValidAfter = j3;
        this.signature = bArr2;
        try {
            this.encoded = encodeSignedCheque(makeCheque(this.commitment, j, j2, j3), this.signature, this.publicKey);
            if (!verify()) {
                throw ((IllegalArgumentException) ExceptionUtil.throwException(logger, new IllegalArgumentException("Signature is invalid")));
            }
        } catch (IOException e) {
            throw ExceptionUtil.makeRuntimeException(logger, "Could not encode asn1", e);
        }
    }

    private ASN1Sequence makeCheque(byte[] bArr, long j, long j2, long j3) {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ASN1Integer(j));
        aSN1EncodableVector.add(new DERSequence(new ASN1Encodable[]{new ASN1GeneralizedTime(new Date(j2)), new ASN1GeneralizedTime(new Date(j3))}));
        aSN1EncodableVector.add(new DEROctetString(bArr));
        return new DERSequence(aSN1EncodableVector);
    }

    private byte[] encodeSignedCheque(ASN1Sequence aSN1Sequence, byte[] bArr, AsymmetricKeyParameter asymmetricKeyParameter) throws IOException {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(aSN1Sequence);
        aSN1EncodableVector.add(SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(asymmetricKeyParameter).getPublicKeyData());
        aSN1EncodableVector.add(new DERBitString(bArr));
        return new DERSequence(aSN1EncodableVector).getEncoded();
    }

    @Override // org.tokenscript.attestation.core.Validateable
    public boolean checkValidity() {
        Timestamp timestamp = new Timestamp(getNotValidBefore());
        timestamp.setValidity(getNotValidAfter() - getNotValidBefore());
        if (timestamp.validateAgainstExpiration(getNotValidAfter())) {
            return true;
        }
        logger.error("Cheque not valid at this time");
        return false;
    }

    @Override // org.tokenscript.attestation.core.Verifiable
    public boolean verify() {
        try {
            if (SignatureUtility.verifyEthereumSignature(makeCheque(this.commitment, this.amount, getNotValidBefore(), this.notValidAfter).getEncoded(), this.signature, this.publicKey)) {
                return true;
            }
            logger.error("Could not verify signature");
            return false;
        } catch (IOException e) {
            logger.error("Could not decode signature");
            return false;
        }
    }

    @Override // org.tokenscript.attestation.core.ASNEncodable
    public byte[] getDerEncoding() {
        return this.encoded;
    }

    @Override // org.tokenscript.attestation.core.Attestable
    public byte[] getCommitment() {
        return this.commitment;
    }

    public long getAmount() {
        return this.amount;
    }

    public long getNotValidBefore() {
        return this.notValidBefore;
    }

    public long getNotValidAfter() {
        return this.notValidAfter;
    }

    public byte[] getSignature() {
        return this.signature;
    }

    public AsymmetricKeyParameter getPublicKey() {
        return this.publicKey;
    }
}
