package com.velocitypowered.proxy.crypto;

import com.google.common.base.Objects;
import com.velocitypowered.api.proxy.crypto.IdentifiedKey;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.nio.charset.StandardCharsets;
import java.security.PublicKey;
import java.time.Instant;
import java.util.Arrays;
import java.util.UUID;

/* loaded from: input_file:com/velocitypowered/proxy/crypto/IdentifiedKeyImpl.class */
public class IdentifiedKeyImpl implements IdentifiedKey {
    private final IdentifiedKey.Revision revision;
    private final PublicKey publicKey;
    private final byte[] signature;
    private final Instant expiryTemporal;
    private Boolean isSignatureValid;
    private UUID holder;

    public IdentifiedKeyImpl(IdentifiedKey.Revision revision, byte[] bArr, long j, byte[] bArr2) {
        this(revision, EncryptionUtils.parseRsaPublicKey(bArr), Instant.ofEpochMilli(j), bArr2);
    }

    public IdentifiedKeyImpl(IdentifiedKey.Revision revision, PublicKey publicKey, Instant instant, byte[] bArr) {
        this.revision = revision;
        this.publicKey = publicKey;
        this.expiryTemporal = instant;
        this.signature = bArr;
    }

    @Override // com.velocitypowered.api.proxy.crypto.IdentifiedKey
    public PublicKey getSignedPublicKey() {
        return this.publicKey;
    }

    @Override // com.velocitypowered.api.proxy.crypto.KeySigned
    public PublicKey getSigner() {
        return EncryptionUtils.getYggdrasilSessionKey();
    }

    @Override // com.velocitypowered.api.proxy.crypto.KeySigned
    public Instant getExpiryTemporal() {
        return this.expiryTemporal;
    }

    @Override // com.velocitypowered.api.proxy.crypto.KeySigned
    public byte[] getSignature() {
        return (byte[]) this.signature.clone();
    }

    @Override // com.velocitypowered.api.proxy.crypto.IdentifiedKey
    public UUID getSignatureHolder() {
        return this.holder;
    }

    @Override // com.velocitypowered.api.proxy.crypto.IdentifiedKey
    public IdentifiedKey.Revision getKeyRevision() {
        return this.revision;
    }

    public boolean internalAddHolder(UUID uuid) {
        if (uuid == null) {
            return false;
        }
        if (this.holder != null) {
            return this.holder.equals(uuid) && isSignatureValid();
        }
        Boolean validateData = validateData(uuid);
        if (validateData == null || !validateData.booleanValue()) {
            return false;
        }
        this.isSignatureValid = true;
        this.holder = uuid;
        return true;
    }

    @Override // com.velocitypowered.api.proxy.crypto.KeySigned
    public boolean isSignatureValid() {
        if (this.isSignatureValid == null) {
            this.isSignatureValid = validateData(this.holder);
        }
        return this.isSignatureValid != null && this.isSignatureValid.booleanValue();
    }

    /* JADX WARN: Type inference failed for: r3v1, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r3v3, types: [byte[], byte[][]] */
    private Boolean validateData(UUID uuid) {
        if (this.revision == IdentifiedKey.Revision.GENERIC_V1) {
            EncryptionUtils.pemEncodeRsaKey(this.publicKey);
            long epochMilli = this.expiryTemporal.toEpochMilli();
            return Boolean.valueOf(EncryptionUtils.verifySignature(EncryptionUtils.SHA1_WITH_RSA, EncryptionUtils.getYggdrasilSessionKey(), this.signature, new byte[]{(epochMilli + epochMilli).getBytes(StandardCharsets.US_ASCII)}));
        }
        if (uuid == null) {
            return null;
        }
        byte[] encoded = this.publicKey.getEncoded();
        byte[] bArr = new byte[encoded.length + 24];
        ByteBuffer order = ByteBuffer.wrap(bArr).order(ByteOrder.BIG_ENDIAN);
        order.putLong(uuid.getMostSignificantBits());
        order.putLong(uuid.getLeastSignificantBits());
        order.putLong(this.expiryTemporal.toEpochMilli());
        order.put(encoded);
        return Boolean.valueOf(EncryptionUtils.verifySignature(EncryptionUtils.SHA1_WITH_RSA, EncryptionUtils.getYggdrasilSessionKey(), this.signature, new byte[]{bArr}));
    }

    @Override // com.velocitypowered.api.proxy.crypto.IdentifiedKey
    public boolean verifyDataSignature(byte[] bArr, byte[]... bArr2) {
        try {
            return EncryptionUtils.verifySignature(EncryptionUtils.SHA256_WITH_RSA, this.publicKey, bArr, bArr2);
        } catch (IllegalArgumentException e) {
            return false;
        }
    }

    public String toString() {
        return "IdentifiedKeyImpl{revision=" + this.revision + ", publicKey=" + this.publicKey + ", signature=" + Arrays.toString(this.signature) + ", expiryTemporal=" + this.expiryTemporal + ", isSignatureValid=" + this.isSignatureValid + ", holder=" + this.holder + "}";
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (!(obj instanceof IdentifiedKey)) {
            return false;
        }
        IdentifiedKey identifiedKey = (IdentifiedKey) obj;
        return Objects.equal(getSignedPublicKey(), identifiedKey.getSignedPublicKey()) && Objects.equal(getExpiryTemporal(), identifiedKey.getExpiryTemporal()) && Arrays.equals(getSignature(), identifiedKey.getSignature()) && Objects.equal(getSigner(), identifiedKey.getSigner());
    }
}
