package RawECDHKeyring_Compile;

import BoundedInts_Compile.uint8;
import EcdhEdkWrapping_Compile.EcdhGenerateAndWrapKeyMaterial;
import EcdhEdkWrapping_Compile.EcdhWrapInfo;
import EcdhEdkWrapping_Compile.EcdhWrapKeyMaterial;
import EdkWrapping_Compile.WrapEdkMaterialOutput;
import Keyring_Compile.VerifiableInterface;
import Materials_Compile.SealedDecryptionMaterials;
import UTF8.ValidUTF8Bytes;
import Wrappers_Compile.Option;
import Wrappers_Compile.Outcome;
import Wrappers_Compile.Result;
import dafny.DafnySequence;
import dafny.TypeDescriptor;
import java.math.BigInteger;
import software.amazon.cryptography.materialproviders.internaldafny.types.DecryptionMaterials;
import software.amazon.cryptography.materialproviders.internaldafny.types.EncryptedDataKey;
import software.amazon.cryptography.materialproviders.internaldafny.types.EncryptionMaterials;
import software.amazon.cryptography.materialproviders.internaldafny.types.Error;
import software.amazon.cryptography.materialproviders.internaldafny.types.IKeyring;
import software.amazon.cryptography.materialproviders.internaldafny.types.OnDecryptInput;
import software.amazon.cryptography.materialproviders.internaldafny.types.OnDecryptOutput;
import software.amazon.cryptography.materialproviders.internaldafny.types.OnEncryptInput;
import software.amazon.cryptography.materialproviders.internaldafny.types.OnEncryptOutput;
import software.amazon.cryptography.materialproviders.internaldafny.types.RawEcdhStaticConfigurations;
import software.amazon.cryptography.materialproviders.internaldafny.types._Companion_IKeyring;
import software.amazon.cryptography.primitives.internaldafny.AtomicPrimitivesClient;
import software.amazon.cryptography.primitives.internaldafny.types.ECCPrivateKey;
import software.amazon.cryptography.primitives.internaldafny.types.ECCPublicKey;
import software.amazon.cryptography.primitives.internaldafny.types.ECDHCurveSpec;
import software.amazon.cryptography.primitives.internaldafny.types.GenerateECCKeyPairOutput;

/* loaded from: input_file:RawECDHKeyring_Compile/RawEcdhKeyring.class */
public class RawEcdhKeyring implements VerifiableInterface, IKeyring {
    public AtomicPrimitivesClient _cryptoPrimitives = null;
    public RawEcdhStaticConfigurations _keyAgreementScheme = RawEcdhStaticConfigurations.Default();
    public ECDHCurveSpec _curveSpec = ECDHCurveSpec.Default();
    public ECCPublicKey _recipientPublicKey = ECCPublicKey.Default();
    public DafnySequence<? extends Byte> _compressedRecipientPublicKey = DafnySequence.empty(uint8._typeDescriptor());
    public ECCPublicKey _senderPublicKey = ECCPublicKey.Default();
    public ECCPrivateKey _senderPrivateKey = ECCPrivateKey.Default();
    public DafnySequence<? extends Byte> _compressedSenderPublicKey = DafnySequence.empty(uint8._typeDescriptor());
    private static final TypeDescriptor<RawEcdhKeyring> _TYPE = TypeDescriptor.referenceWithInitializer(RawEcdhKeyring.class, () -> {
        return (RawEcdhKeyring) null;
    });

    @Override // software.amazon.cryptography.materialproviders.internaldafny.types.IKeyring
    public Result<OnDecryptOutput, Error> OnDecrypt(OnDecryptInput onDecryptInput) {
        return _Companion_IKeyring.OnDecrypt(this, onDecryptInput);
    }

    @Override // software.amazon.cryptography.materialproviders.internaldafny.types.IKeyring
    public Result<OnEncryptOutput, Error> OnEncrypt(OnEncryptInput onEncryptInput) {
        return _Companion_IKeyring.OnEncrypt(this, onEncryptInput);
    }

    public void __ctor(RawEcdhStaticConfigurations rawEcdhStaticConfigurations, ECDHCurveSpec eCDHCurveSpec, Option<DafnySequence<? extends Byte>> option, Option<DafnySequence<? extends Byte>> option2, DafnySequence<? extends Byte> dafnySequence, Option<DafnySequence<? extends Byte>> option3, DafnySequence<? extends Byte> dafnySequence2, AtomicPrimitivesClient atomicPrimitivesClient) {
        this._keyAgreementScheme = rawEcdhStaticConfigurations;
        this._curveSpec = eCDHCurveSpec;
        this._cryptoPrimitives = atomicPrimitivesClient;
        this._recipientPublicKey = ECCPublicKey.create(dafnySequence);
        this._compressedRecipientPublicKey = dafnySequence2;
        if (option2.is_Some() && option.is_Some() && option3.is_Some()) {
            this._senderPublicKey = ECCPublicKey.create(option2.dtor_value());
            this._senderPrivateKey = ECCPrivateKey.create(option.dtor_value());
            this._compressedSenderPublicKey = option3.dtor_value();
        } else {
            this._senderPublicKey = ECCPublicKey.create(DafnySequence.empty(uint8._typeDescriptor()));
            this._senderPrivateKey = ECCPrivateKey.create(DafnySequence.empty(uint8._typeDescriptor()));
            this._compressedSenderPublicKey = DafnySequence.empty(uint8._typeDescriptor());
        }
    }

    @Override // software.amazon.cryptography.materialproviders.internaldafny.types.IKeyring
    public Result<OnEncryptOutput, Error> OnEncrypt_k(OnEncryptInput onEncryptInput) {
        ECCPrivateKey senderPrivateKey;
        DafnySequence<? extends Byte> compressedSenderPublicKey;
        Result<OnEncryptOutput, Error> result = (Result) null;
        if (keyAgreementScheme().is_PublicKeyDiscovery()) {
            return Result.create_Failure(OnEncryptOutput._typeDescriptor(), Error._typeDescriptor(), Error.create_AwsCryptographicMaterialProvidersException(DafnySequence.asString("PublicKeyDiscovery Key Agreement Scheme is forbidden on encrypt.")));
        }
        ECCPrivateKey.Default();
        ECCPublicKey.Default();
        DafnySequence.empty(uint8._typeDescriptor());
        if (keyAgreementScheme().is_EphemeralPrivateKeyToStaticPublicKey()) {
            Result.Default(GenerateECCKeyPairOutput._typeDescriptor(), Error._typeDescriptor(), GenerateECCKeyPairOutput.Default());
            Result<GenerateECCKeyPairOutput, Error> GenerateEphemeralEccKeyPair = __default.GenerateEphemeralEccKeyPair(curveSpec(), cryptoPrimitives());
            if (GenerateEphemeralEccKeyPair.IsFailure(GenerateECCKeyPairOutput._typeDescriptor(), Error._typeDescriptor())) {
                return GenerateEphemeralEccKeyPair.PropagateFailure(GenerateECCKeyPairOutput._typeDescriptor(), Error._typeDescriptor(), OnEncryptOutput._typeDescriptor());
            }
            GenerateECCKeyPairOutput Extract = GenerateEphemeralEccKeyPair.Extract(GenerateECCKeyPairOutput._typeDescriptor(), Error._typeDescriptor());
            senderPrivateKey = Extract.dtor_privateKey();
            ECCPublicKey dtor_publicKey = Extract.dtor_publicKey();
            Result.Default(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor(), DafnySequence.empty(uint8._typeDescriptor()));
            Result<DafnySequence<? extends Byte>, Error> CompressPublicKey = __default.CompressPublicKey(ECCPublicKey.create(dtor_publicKey.dtor_der()), curveSpec(), cryptoPrimitives());
            if (CompressPublicKey.IsFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor())) {
                return CompressPublicKey.PropagateFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor(), OnEncryptOutput._typeDescriptor());
            }
            compressedSenderPublicKey = CompressPublicKey.Extract(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor());
        } else {
            senderPrivateKey = senderPrivateKey();
            senderPublicKey();
            compressedSenderPublicKey = compressedSenderPublicKey();
        }
        EncryptionMaterials dtor_materials = onEncryptInput.dtor_materials();
        onEncryptInput.dtor_materials().dtor_algorithmSuite();
        Result.Default(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor(), DafnySequence.empty(uint8._typeDescriptor()));
        Result<DafnySequence<? extends Byte>, Error> LocalDeriveSharedSecret = __default.LocalDeriveSharedSecret(senderPrivateKey, recipientPublicKey(), curveSpec(), cryptoPrimitives());
        if (LocalDeriveSharedSecret.IsFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor())) {
            return LocalDeriveSharedSecret.PropagateFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor(), OnEncryptOutput._typeDescriptor());
        }
        DafnySequence<? extends Byte> Extract2 = LocalDeriveSharedSecret.Extract(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor());
        Result.Default(ValidUTF8Bytes._typeDescriptor(), Error._typeDescriptor(), ValidUTF8Bytes.defaultValue());
        Result<DafnySequence<? extends Byte>, __NewR> MapFailure = UTF8.__default.Encode(__default.CurveSpecTypeToString(curveSpec())).MapFailure(ValidUTF8Bytes._typeDescriptor(), DafnySequence._typeDescriptor(TypeDescriptor.CHAR), Error._typeDescriptor(), __default::E);
        if (MapFailure.IsFailure(ValidUTF8Bytes._typeDescriptor(), Error._typeDescriptor())) {
            return MapFailure.PropagateFailure(ValidUTF8Bytes._typeDescriptor(), Error._typeDescriptor(), OnEncryptOutput._typeDescriptor());
        }
        DafnySequence<? extends Byte> Extract3 = MapFailure.Extract(ValidUTF8Bytes._typeDescriptor(), Error._typeDescriptor());
        Result.Default(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor(), DafnySequence.empty(uint8._typeDescriptor()));
        Result<DafnySequence<? extends Byte>, Error> EncryptionContextToAAD = CanonicalEncryptionContext_Compile.__default.EncryptionContextToAAD(onEncryptInput.dtor_materials().dtor_encryptionContext());
        if (EncryptionContextToAAD.IsFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor())) {
            return EncryptionContextToAAD.PropagateFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor(), OnEncryptOutput._typeDescriptor());
        }
        DafnySequence<? extends Byte> SerializeFixedInfo = EcdhEdkWrapping_Compile.__default.SerializeFixedInfo(Constants_Compile.__default.ECDH__KDF__UTF8(), Extract3, compressedSenderPublicKey, compressedRecipientPublicKey(), EncryptionContextToAAD.Extract(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor()), __default.RAW__ECDH__KEYRING__VERSION());
        EcdhGenerateAndWrapKeyMaterial ecdhGenerateAndWrapKeyMaterial = new EcdhGenerateAndWrapKeyMaterial();
        ecdhGenerateAndWrapKeyMaterial.__ctor(Extract2, SerializeFixedInfo, cryptoPrimitives());
        EcdhWrapKeyMaterial ecdhWrapKeyMaterial = new EcdhWrapKeyMaterial();
        ecdhWrapKeyMaterial.__ctor(Extract2, SerializeFixedInfo, cryptoPrimitives());
        Result.Default(WrapEdkMaterialOutput._typeDescriptor(EcdhWrapInfo._typeDescriptor()), Error._typeDescriptor(), WrapEdkMaterialOutput.Default(EcdhWrapInfo._typeDescriptor(), EcdhWrapInfo.Default()));
        Result WrapEdkMaterial = EdkWrapping_Compile.__default.WrapEdkMaterial(EcdhWrapInfo._typeDescriptor(), dtor_materials, ecdhWrapKeyMaterial, ecdhGenerateAndWrapKeyMaterial);
        if (WrapEdkMaterial.IsFailure(WrapEdkMaterialOutput._typeDescriptor(EcdhWrapInfo._typeDescriptor()), Error._typeDescriptor())) {
            return WrapEdkMaterial.PropagateFailure(WrapEdkMaterialOutput._typeDescriptor(EcdhWrapInfo._typeDescriptor()), Error._typeDescriptor(), OnEncryptOutput._typeDescriptor());
        }
        WrapEdkMaterialOutput wrapEdkMaterialOutput = (WrapEdkMaterialOutput) WrapEdkMaterial.Extract(WrapEdkMaterialOutput._typeDescriptor(EcdhWrapInfo._typeDescriptor()), Error._typeDescriptor());
        Option create_Some = wrapEdkMaterialOutput.dtor_symmetricSigningKey().is_Some() ? Option.create_Some(DafnySequence._typeDescriptor(DafnySequence._typeDescriptor(uint8._typeDescriptor())), DafnySequence.of(DafnySequence._typeDescriptor(uint8._typeDescriptor()), new DafnySequence[]{wrapEdkMaterialOutput.dtor_symmetricSigningKey().dtor_value()})) : Option.create_None(DafnySequence._typeDescriptor(DafnySequence._typeDescriptor(uint8._typeDescriptor())));
        Outcome.Default(Error._typeDescriptor());
        Outcome Need = Wrappers_Compile.__default.Need(Error._typeDescriptor(), __default.ValidCompressedPublicKeyLength(compressedSenderPublicKey) && __default.ValidCompressedPublicKeyLength(compressedRecipientPublicKey()), __default.E(DafnySequence.asString("Invalid compressed public key length.")));
        if (Need.IsFailure(Error._typeDescriptor())) {
            return Need.PropagateFailure(Error._typeDescriptor(), OnEncryptOutput._typeDescriptor());
        }
        EncryptedDataKey create = EncryptedDataKey.create(Constants_Compile.__default.RAW__ECDH__PROVIDER__ID(), __default.SerializeProviderInfo(compressedSenderPublicKey, compressedRecipientPublicKey()), wrapEdkMaterialOutput.dtor_wrappedMaterial());
        if (wrapEdkMaterialOutput.is_GenerateAndWrapEdkMaterialOutput()) {
            Result<EncryptionMaterials, Error> EncryptionMaterialAddDataKey = Materials_Compile.__default.EncryptionMaterialAddDataKey(dtor_materials, wrapEdkMaterialOutput.dtor_plaintextDataKey(), DafnySequence.of(EncryptedDataKey._typeDescriptor(), new EncryptedDataKey[]{create}), create_Some);
            return EncryptionMaterialAddDataKey.IsFailure(EncryptionMaterials._typeDescriptor(), Error._typeDescriptor()) ? EncryptionMaterialAddDataKey.PropagateFailure(EncryptionMaterials._typeDescriptor(), Error._typeDescriptor(), OnEncryptOutput._typeDescriptor()) : Result.create_Success(OnEncryptOutput._typeDescriptor(), Error._typeDescriptor(), OnEncryptOutput.create(EncryptionMaterialAddDataKey.Extract(EncryptionMaterials._typeDescriptor(), Error._typeDescriptor())));
        }
        if (!wrapEdkMaterialOutput.is_WrapOnlyEdkMaterialOutput()) {
            return result;
        }
        Result<EncryptionMaterials, Error> EncryptionMaterialAddEncryptedDataKeys = Materials_Compile.__default.EncryptionMaterialAddEncryptedDataKeys(dtor_materials, DafnySequence.of(EncryptedDataKey._typeDescriptor(), new EncryptedDataKey[]{create}), create_Some);
        return EncryptionMaterialAddEncryptedDataKeys.IsFailure(EncryptionMaterials._typeDescriptor(), Error._typeDescriptor()) ? EncryptionMaterialAddEncryptedDataKeys.PropagateFailure(EncryptionMaterials._typeDescriptor(), Error._typeDescriptor(), OnEncryptOutput._typeDescriptor()) : Result.create_Success(OnEncryptOutput._typeDescriptor(), Error._typeDescriptor(), OnEncryptOutput.create(EncryptionMaterialAddEncryptedDataKeys.Extract(EncryptionMaterials._typeDescriptor(), Error._typeDescriptor())));
    }

    @Override // software.amazon.cryptography.materialproviders.internaldafny.types.IKeyring
    public Result<OnDecryptOutput, Error> OnDecrypt_k(OnDecryptInput onDecryptInput) {
        if (keyAgreementScheme().is_EphemeralPrivateKeyToStaticPublicKey()) {
            return Result.create_Failure(OnDecryptOutput._typeDescriptor(), Error._typeDescriptor(), Error.create_AwsCryptographicMaterialProvidersException(DafnySequence.asString("EphemeralPrivateKeyToStaticPublicKey Key Agreement Scheme is forbidden on decrypt.")));
        }
        DecryptionMaterials dtor_materials = onDecryptInput.dtor_materials();
        onDecryptInput.dtor_materials().dtor_algorithmSuite();
        Outcome.Default(Error._typeDescriptor());
        Outcome Need = Wrappers_Compile.__default.Need(Error._typeDescriptor(), Materials_Compile.__default.DecryptionMaterialsWithoutPlaintextDataKey(dtor_materials), __default.E(DafnySequence.asString("Keyring received decryption materials that already contain a plaintext data key.")));
        if (Need.IsFailure(Error._typeDescriptor())) {
            return Need.PropagateFailure(Error._typeDescriptor(), OnDecryptOutput._typeDescriptor());
        }
        Option<DafnySequence<? extends Byte>> create_None = compressedSenderPublicKey().equals(DafnySequence.empty(uint8._typeDescriptor())) ? Option.create_None(DafnySequence._typeDescriptor(uint8._typeDescriptor())) : Option.create_Some(DafnySequence._typeDescriptor(uint8._typeDescriptor()), compressedSenderPublicKey());
        OnDecryptEcdhDataKeyFilter onDecryptEcdhDataKeyFilter = new OnDecryptEcdhDataKeyFilter();
        onDecryptEcdhDataKeyFilter.__ctor(keyAgreementScheme(), compressedRecipientPublicKey(), create_None);
        Result.Default(DafnySequence._typeDescriptor(EncryptedDataKey._typeDescriptor()), Error._typeDescriptor(), DafnySequence.empty(EncryptedDataKey._typeDescriptor()));
        Result FilterWithResult = Actions_Compile.__default.FilterWithResult(EncryptedDataKey._typeDescriptor(), Error._typeDescriptor(), onDecryptEcdhDataKeyFilter, onDecryptInput.dtor_encryptedDataKeys());
        if (FilterWithResult.IsFailure(DafnySequence._typeDescriptor(EncryptedDataKey._typeDescriptor()), Error._typeDescriptor())) {
            return FilterWithResult.PropagateFailure(DafnySequence._typeDescriptor(EncryptedDataKey._typeDescriptor()), Error._typeDescriptor(), OnDecryptOutput._typeDescriptor());
        }
        DafnySequence dafnySequence = (DafnySequence) FilterWithResult.Extract(DafnySequence._typeDescriptor(EncryptedDataKey._typeDescriptor()), Error._typeDescriptor());
        if (BigInteger.valueOf(dafnySequence.length()).signum() == 0) {
            Result.Default(DafnySequence._typeDescriptor(TypeDescriptor.CHAR), Error._typeDescriptor(), DafnySequence.empty(TypeDescriptor.CHAR));
            Result<DafnySequence<? extends Character>, Error> IncorrectDataKeys = ErrorMessages_Compile.__default.IncorrectDataKeys(onDecryptInput.dtor_encryptedDataKeys(), onDecryptInput.dtor_materials().dtor_algorithmSuite(), DafnySequence.asString(""));
            if (IncorrectDataKeys.IsFailure(DafnySequence._typeDescriptor(TypeDescriptor.CHAR), Error._typeDescriptor())) {
                return IncorrectDataKeys.PropagateFailure(DafnySequence._typeDescriptor(TypeDescriptor.CHAR), Error._typeDescriptor(), OnDecryptOutput._typeDescriptor());
            }
            return Result.create_Failure(OnDecryptOutput._typeDescriptor(), Error._typeDescriptor(), __default.E(IncorrectDataKeys.Extract(DafnySequence._typeDescriptor(TypeDescriptor.CHAR), Error._typeDescriptor())));
        }
        DecryptSingleEncryptedDataKey decryptSingleEncryptedDataKey = new DecryptSingleEncryptedDataKey();
        decryptSingleEncryptedDataKey.__ctor(dtor_materials, cryptoPrimitives(), compressedSenderPublicKey(), compressedRecipientPublicKey(), keyAgreementScheme(), curveSpec());
        Result ReduceToSuccess = Actions_Compile.__default.ReduceToSuccess(EncryptedDataKey._typeDescriptor(), SealedDecryptionMaterials._typeDescriptor(), Error._typeDescriptor(), decryptSingleEncryptedDataKey, dafnySequence);
        Result MapFailure = ReduceToSuccess.MapFailure(SealedDecryptionMaterials._typeDescriptor(), DafnySequence._typeDescriptor(Error._typeDescriptor()), Error._typeDescriptor(), dafnySequence2 -> {
            return Error.create_CollectionOfErrors(dafnySequence2, DafnySequence.asString("No Configured Key was able to decrypt the Data Key. The list of encountered Exceptions is available via `list`."));
        });
        if (MapFailure.IsFailure(SealedDecryptionMaterials._typeDescriptor(), Error._typeDescriptor())) {
            return MapFailure.PropagateFailure(SealedDecryptionMaterials._typeDescriptor(), Error._typeDescriptor(), OnDecryptOutput._typeDescriptor());
        }
        return Result.create_Success(OnDecryptOutput._typeDescriptor(), Error._typeDescriptor(), OnDecryptOutput.create((DecryptionMaterials) MapFailure.Extract(SealedDecryptionMaterials._typeDescriptor(), Error._typeDescriptor())));
    }

    public AtomicPrimitivesClient cryptoPrimitives() {
        return this._cryptoPrimitives;
    }

    public RawEcdhStaticConfigurations keyAgreementScheme() {
        return this._keyAgreementScheme;
    }

    public ECDHCurveSpec curveSpec() {
        return this._curveSpec;
    }

    public ECCPublicKey recipientPublicKey() {
        return this._recipientPublicKey;
    }

    public DafnySequence<? extends Byte> compressedRecipientPublicKey() {
        return this._compressedRecipientPublicKey;
    }

    public ECCPublicKey senderPublicKey() {
        return this._senderPublicKey;
    }

    public ECCPrivateKey senderPrivateKey() {
        return this._senderPrivateKey;
    }

    public DafnySequence<? extends Byte> compressedSenderPublicKey() {
        return this._compressedSenderPublicKey;
    }

    public static TypeDescriptor<RawEcdhKeyring> _typeDescriptor() {
        return _TYPE;
    }

    public String toString() {
        return "RawECDHKeyring.RawEcdhKeyring";
    }
}
