package DefaultCMM_Compile;

import BoundedInts_Compile.uint8;
import CMM_Compile.VerifiableInterface;
import UTF8.ValidUTF8Bytes;
import Wrappers_Compile.Option;
import Wrappers_Compile.Outcome;
import Wrappers_Compile.Result;
import Wrappers_Compile.__default;
import dafny.DafnyMap;
import dafny.DafnySequence;
import dafny.Helpers;
import dafny.Tuple2;
import dafny.TypeDescriptor;
import java.math.BigInteger;
import software.amazon.cryptography.materialproviders.internaldafny.types.AlgorithmSuiteId;
import software.amazon.cryptography.materialproviders.internaldafny.types.AlgorithmSuiteInfo;
import software.amazon.cryptography.materialproviders.internaldafny.types.DecryptMaterialsInput;
import software.amazon.cryptography.materialproviders.internaldafny.types.DecryptMaterialsOutput;
import software.amazon.cryptography.materialproviders.internaldafny.types.DecryptionMaterials;
import software.amazon.cryptography.materialproviders.internaldafny.types.EncryptionMaterials;
import software.amazon.cryptography.materialproviders.internaldafny.types.Error;
import software.amazon.cryptography.materialproviders.internaldafny.types.GetEncryptionMaterialsInput;
import software.amazon.cryptography.materialproviders.internaldafny.types.GetEncryptionMaterialsOutput;
import software.amazon.cryptography.materialproviders.internaldafny.types.ICryptographicMaterialsManager;
import software.amazon.cryptography.materialproviders.internaldafny.types.IKeyring;
import software.amazon.cryptography.materialproviders.internaldafny.types.InitializeDecryptionMaterialsInput;
import software.amazon.cryptography.materialproviders.internaldafny.types.InitializeEncryptionMaterialsInput;
import software.amazon.cryptography.materialproviders.internaldafny.types.OnDecryptInput;
import software.amazon.cryptography.materialproviders.internaldafny.types.OnDecryptOutput;
import software.amazon.cryptography.materialproviders.internaldafny.types.OnEncryptInput;
import software.amazon.cryptography.materialproviders.internaldafny.types.OnEncryptOutput;
import software.amazon.cryptography.materialproviders.internaldafny.types._Companion_ICryptographicMaterialsManager;
import software.amazon.cryptography.primitives.internaldafny.AtomicPrimitivesClient;
import software.amazon.cryptography.primitives.internaldafny.types.GenerateECDSASignatureKeyInput;
import software.amazon.cryptography.primitives.internaldafny.types.GenerateECDSASignatureKeyOutput;

/* loaded from: input_file:DefaultCMM_Compile/DefaultCMM.class */
public class DefaultCMM implements VerifiableInterface, ICryptographicMaterialsManager {
    public IKeyring _keyring = null;
    public AtomicPrimitivesClient _cryptoPrimitives = null;
    private static final TypeDescriptor<DefaultCMM> _TYPE = TypeDescriptor.referenceWithInitializer(DefaultCMM.class, () -> {
        return (DefaultCMM) null;
    });

    @Override // software.amazon.cryptography.materialproviders.internaldafny.types.ICryptographicMaterialsManager
    public Result<DecryptMaterialsOutput, Error> DecryptMaterials(DecryptMaterialsInput decryptMaterialsInput) {
        return _Companion_ICryptographicMaterialsManager.DecryptMaterials(this, decryptMaterialsInput);
    }

    @Override // software.amazon.cryptography.materialproviders.internaldafny.types.ICryptographicMaterialsManager
    public Result<GetEncryptionMaterialsOutput, Error> GetEncryptionMaterials(GetEncryptionMaterialsInput getEncryptionMaterialsInput) {
        return _Companion_ICryptographicMaterialsManager.GetEncryptionMaterials(this, getEncryptionMaterialsInput);
    }

    public void OfKeyring(IKeyring iKeyring, AtomicPrimitivesClient atomicPrimitivesClient) {
        this._keyring = iKeyring;
        this._cryptoPrimitives = atomicPrimitivesClient;
    }

    @Override // software.amazon.cryptography.materialproviders.internaldafny.types.ICryptographicMaterialsManager
    public Result<GetEncryptionMaterialsOutput, Error> GetEncryptionMaterials_k(GetEncryptionMaterialsInput getEncryptionMaterialsInput) {
        Option create_None;
        Option create_None2;
        Outcome.Default(Error._typeDescriptor());
        Outcome Need = __default.Need(Error._typeDescriptor(), !getEncryptionMaterialsInput.dtor_encryptionContext().contains(Materials_Compile.__default.EC__PUBLIC__KEY__FIELD()), Error.create_AwsCryptographicMaterialProvidersException(DafnySequence.asString("Reserved Field found in EncryptionContext keys.")));
        if (Need.IsFailure(Error._typeDescriptor())) {
            return Need.PropagateFailure(Error._typeDescriptor(), GetEncryptionMaterialsOutput._typeDescriptor());
        }
        AlgorithmSuiteId dtor_value = getEncryptionMaterialsInput.dtor_algorithmSuiteId().is_Some() ? getEncryptionMaterialsInput.dtor_algorithmSuiteId().dtor_value() : Defaults_Compile.__default.GetAlgorithmSuiteForCommitmentPolicy(getEncryptionMaterialsInput.dtor_commitmentPolicy());
        Outcome.Default(Error._typeDescriptor());
        Outcome<Error> ValidateCommitmentPolicyOnEncrypt = Commitment_Compile.__default.ValidateCommitmentPolicyOnEncrypt(dtor_value, getEncryptionMaterialsInput.dtor_commitmentPolicy());
        if (ValidateCommitmentPolicyOnEncrypt.IsFailure(Error._typeDescriptor())) {
            return ValidateCommitmentPolicyOnEncrypt.PropagateFailure(Error._typeDescriptor(), GetEncryptionMaterialsOutput._typeDescriptor());
        }
        AlgorithmSuiteInfo GetSuite = AlgorithmSuites_Compile.__default.GetSuite(dtor_value);
        Option.Default(DafnySequence._typeDescriptor(uint8._typeDescriptor()));
        Option.Default(DafnySequence._typeDescriptor(uint8._typeDescriptor()));
        if (GetSuite.dtor_signature().is_ECDSA()) {
            Result<GenerateECDSASignatureKeyOutput, software.amazon.cryptography.primitives.internaldafny.types.Error> GenerateECDSASignatureKey = cryptoPrimitives().GenerateECDSASignatureKey(GenerateECDSASignatureKeyInput.create(GetSuite.dtor_signature().dtor_ECDSA().dtor_curve()));
            Result.Default(GenerateECDSASignatureKeyOutput._typeDescriptor(), Error._typeDescriptor(), GenerateECDSASignatureKeyOutput.Default());
            Result<GenerateECDSASignatureKeyOutput, __NewR> MapFailure = GenerateECDSASignatureKey.MapFailure(GenerateECDSASignatureKeyOutput._typeDescriptor(), software.amazon.cryptography.primitives.internaldafny.types.Error._typeDescriptor(), Error._typeDescriptor(), error -> {
                return Error.create_AwsCryptographyPrimitives(error);
            });
            if (MapFailure.IsFailure(GenerateECDSASignatureKeyOutput._typeDescriptor(), Error._typeDescriptor())) {
                return MapFailure.PropagateFailure(GenerateECDSASignatureKeyOutput._typeDescriptor(), Error._typeDescriptor(), GetEncryptionMaterialsOutput._typeDescriptor());
            }
            GenerateECDSASignatureKeyOutput Extract = MapFailure.Extract(GenerateECDSASignatureKeyOutput._typeDescriptor(), Error._typeDescriptor());
            create_None = Option.create_Some(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Extract.dtor_signingKey());
            create_None2 = Option.create_Some(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Extract.dtor_verificationKey());
        } else {
            create_None = Option.create_None(DafnySequence._typeDescriptor(uint8._typeDescriptor()));
            create_None2 = Option.create_None(DafnySequence._typeDescriptor(uint8._typeDescriptor()));
        }
        Result<EncryptionMaterials, Error> InitializeEncryptionMaterials = Materials_Compile.__default.InitializeEncryptionMaterials(InitializeEncryptionMaterialsInput.create(dtor_value, getEncryptionMaterialsInput.dtor_encryptionContext(), getEncryptionMaterialsInput.dtor_requiredEncryptionContextKeys().UnwrapOr(DafnySequence._typeDescriptor(ValidUTF8Bytes._typeDescriptor()), DafnySequence.empty(ValidUTF8Bytes._typeDescriptor())), create_None, create_None2));
        if (InitializeEncryptionMaterials.IsFailure(EncryptionMaterials._typeDescriptor(), Error._typeDescriptor())) {
            return InitializeEncryptionMaterials.PropagateFailure(EncryptionMaterials._typeDescriptor(), Error._typeDescriptor(), GetEncryptionMaterialsOutput._typeDescriptor());
        }
        EncryptionMaterials Extract2 = InitializeEncryptionMaterials.Extract(EncryptionMaterials._typeDescriptor(), Error._typeDescriptor());
        Result<OnEncryptOutput, Error> OnEncrypt = keyring().OnEncrypt(OnEncryptInput.create(Extract2));
        if (OnEncrypt.IsFailure(OnEncryptOutput._typeDescriptor(), Error._typeDescriptor())) {
            return OnEncrypt.PropagateFailure(OnEncryptOutput._typeDescriptor(), Error._typeDescriptor(), GetEncryptionMaterialsOutput._typeDescriptor());
        }
        GetEncryptionMaterialsOutput create = GetEncryptionMaterialsOutput.create(OnEncrypt.Extract(OnEncryptOutput._typeDescriptor(), Error._typeDescriptor()).dtor_materials());
        Outcome.Default(Error._typeDescriptor());
        Outcome Need2 = __default.Need(Error._typeDescriptor(), Materials_Compile.__default.EncryptionMaterialsHasPlaintextDataKey(create.dtor_encryptionMaterials()), Error.create_AwsCryptographicMaterialProvidersException(DafnySequence.asString("Could not retrieve materials required for encryption")));
        if (Need2.IsFailure(Error._typeDescriptor())) {
            return Need2.PropagateFailure(Error._typeDescriptor(), GetEncryptionMaterialsOutput._typeDescriptor());
        }
        Outcome.Default(Error._typeDescriptor());
        Outcome Need3 = __default.Need(Error._typeDescriptor(), Materials_Compile.__default.ValidEncryptionMaterialsTransition(Extract2, create.dtor_encryptionMaterials()), Error.create_AwsCryptographicMaterialProvidersException(DafnySequence.asString("Keyring returned an invalid response")));
        return Need3.IsFailure(Error._typeDescriptor()) ? Need3.PropagateFailure(Error._typeDescriptor(), GetEncryptionMaterialsOutput._typeDescriptor()) : Result.create_Success(GetEncryptionMaterialsOutput._typeDescriptor(), Error._typeDescriptor(), create);
    }

    @Override // software.amazon.cryptography.materialproviders.internaldafny.types.ICryptographicMaterialsManager
    public Result<DecryptMaterialsOutput, Error> DecryptMaterials_k(DecryptMaterialsInput decryptMaterialsInput) {
        Outcome.Default(Error._typeDescriptor());
        Outcome<Error> ValidateCommitmentPolicyOnDecrypt = Commitment_Compile.__default.ValidateCommitmentPolicyOnDecrypt(decryptMaterialsInput.dtor_algorithmSuiteId(), decryptMaterialsInput.dtor_commitmentPolicy());
        if (ValidateCommitmentPolicyOnDecrypt.IsFailure(Error._typeDescriptor())) {
            return ValidateCommitmentPolicyOnDecrypt.PropagateFailure(Error._typeDescriptor(), DecryptMaterialsOutput._typeDescriptor());
        }
        DafnySequence empty = DafnySequence.empty(ValidUTF8Bytes._typeDescriptor());
        if (decryptMaterialsInput.dtor_reproducedEncryptionContext().is_Some()) {
            DafnySequence SetToSequence = SortedSets.__default.SetToSequence(ValidUTF8Bytes._typeDescriptor(), decryptMaterialsInput.dtor_reproducedEncryptionContext().dtor_value().keySet());
            BigInteger bigInteger = BigInteger.ZERO;
            BigInteger bigInteger2 = BigInteger.ZERO;
            while (true) {
                BigInteger bigInteger3 = bigInteger2;
                if (bigInteger3.compareTo(BigInteger.valueOf(SetToSequence.length())) >= 0) {
                    break;
                }
                DafnySequence dafnySequence = (DafnySequence) SetToSequence.select(Helpers.toInt(bigInteger3));
                if (decryptMaterialsInput.dtor_encryptionContext().contains(dafnySequence)) {
                    Outcome.Default(Error._typeDescriptor());
                    Outcome Need = __default.Need(Error._typeDescriptor(), ((DafnySequence) decryptMaterialsInput.dtor_reproducedEncryptionContext().dtor_value().get(dafnySequence)).equals((DafnySequence) decryptMaterialsInput.dtor_encryptionContext().get(dafnySequence)), Error.create_AwsCryptographicMaterialProvidersException(DafnySequence.asString("Encryption context does not match reproduced encryption context.")));
                    if (Need.IsFailure(Error._typeDescriptor())) {
                        return Need.PropagateFailure(Error._typeDescriptor(), DecryptMaterialsOutput._typeDescriptor());
                    }
                } else {
                    empty = DafnySequence.concatenate(empty, DafnySequence.of(ValidUTF8Bytes._typeDescriptor(), new DafnySequence[]{dafnySequence}));
                }
                bigInteger2 = bigInteger3.add(BigInteger.ONE);
            }
        }
        Result<DecryptionMaterials, Error> InitializeDecryptionMaterials = Materials_Compile.__default.InitializeDecryptionMaterials(InitializeDecryptionMaterialsInput.create(decryptMaterialsInput.dtor_algorithmSuiteId(), DafnyMap.merge(decryptMaterialsInput.dtor_encryptionContext(), decryptMaterialsInput.dtor_reproducedEncryptionContext().UnwrapOr(DafnyMap._typeDescriptor(ValidUTF8Bytes._typeDescriptor(), ValidUTF8Bytes._typeDescriptor()), DafnyMap.fromElements(new Tuple2[0]))), empty));
        if (InitializeDecryptionMaterials.IsFailure(DecryptionMaterials._typeDescriptor(), Error._typeDescriptor())) {
            return InitializeDecryptionMaterials.PropagateFailure(DecryptionMaterials._typeDescriptor(), Error._typeDescriptor(), DecryptMaterialsOutput._typeDescriptor());
        }
        DecryptionMaterials Extract = InitializeDecryptionMaterials.Extract(DecryptionMaterials._typeDescriptor(), Error._typeDescriptor());
        Result<OnDecryptOutput, Error> OnDecrypt = keyring().OnDecrypt(OnDecryptInput.create(Extract, decryptMaterialsInput.dtor_encryptedDataKeys()));
        if (OnDecrypt.IsFailure(OnDecryptOutput._typeDescriptor(), Error._typeDescriptor())) {
            return OnDecrypt.PropagateFailure(OnDecryptOutput._typeDescriptor(), Error._typeDescriptor(), DecryptMaterialsOutput._typeDescriptor());
        }
        OnDecryptOutput Extract2 = OnDecrypt.Extract(OnDecryptOutput._typeDescriptor(), Error._typeDescriptor());
        Outcome.Default(Error._typeDescriptor());
        Outcome Need2 = __default.Need(Error._typeDescriptor(), Materials_Compile.__default.DecryptionMaterialsTransitionIsValid(Extract, Extract2.dtor_materials()), Error.create_AwsCryptographicMaterialProvidersException(DafnySequence.asString("Keyring.OnDecrypt failed to decrypt the plaintext data key.")));
        return Need2.IsFailure(Error._typeDescriptor()) ? Need2.PropagateFailure(Error._typeDescriptor(), DecryptMaterialsOutput._typeDescriptor()) : Result.create_Success(DecryptMaterialsOutput._typeDescriptor(), Error._typeDescriptor(), DecryptMaterialsOutput.create(Extract2.dtor_materials()));
    }

    public IKeyring keyring() {
        return this._keyring;
    }

    public AtomicPrimitivesClient cryptoPrimitives() {
        return this._cryptoPrimitives;
    }

    public static TypeDescriptor<DefaultCMM> _typeDescriptor() {
        return _TYPE;
    }

    public String toString() {
        return "DefaultCMM.DefaultCMM";
    }
}
