package net.minestom.server.crypto;

import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.function.Consumer;
import net.minestom.server.MinecraftServer;
import net.minestom.server.entity.Player;
import net.minestom.server.network.NetworkBuffer;
import net.minestom.server.utils.crypto.KeyUtils;
import org.jetbrains.annotations.Nullable;

@FunctionalInterface
/* loaded from: input_file:net/minestom/server/crypto/SignatureValidator.class */
public interface SignatureValidator {
    public static final SignatureValidator PASS = (bArr, bArr2) -> {
        return true;
    };
    public static final SignatureValidator FAIL = (bArr, bArr2) -> {
        return false;
    };
    public static final SignatureValidator YGGDRASIL = createYggdrasilValidator();

    boolean validate(byte[] bArr, byte[] bArr2);

    default boolean validate(Consumer<NetworkBuffer> consumer, byte[] bArr) {
        return validate(NetworkBuffer.makeArray(consumer), bArr);
    }

    static SignatureValidator from(PublicKey publicKey, KeyUtils.SignatureAlgorithm signatureAlgorithm) {
        return (bArr, bArr2) -> {
            try {
                Signature signature = Signature.getInstance(signatureAlgorithm.name());
                signature.initVerify(publicKey);
                signature.update(bArr);
                return signature.verify(bArr2);
            } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e) {
                return false;
            }
        };
    }

    @Nullable
    static SignatureValidator from(Player player) {
        if (player.getPlayerConnection().playerPublicKey() == null) {
            return null;
        }
        return from(player.getPlayerConnection().playerPublicKey().publicKey(), KeyUtils.SignatureAlgorithm.SHA256withRSA);
    }

    private static SignatureValidator createYggdrasilValidator() {
        try {
            InputStream resourceAsStream = SignatureValidator.class.getResourceAsStream("/yggdrasil_session_pubkey.der");
            try {
                if (resourceAsStream != null) {
                    SignatureValidator from = from(KeyUtils.publicRSAKeyFrom(resourceAsStream.readAllBytes()), KeyUtils.SignatureAlgorithm.SHA1withRSA);
                    if (resourceAsStream != null) {
                        resourceAsStream.close();
                    }
                    return from;
                }
                MinecraftServer.LOGGER.error("Couldn't find Yggdrasil public key, falling back to prohibiting validator!");
                SignatureValidator signatureValidator = FAIL;
                if (resourceAsStream != null) {
                    resourceAsStream.close();
                }
                return signatureValidator;
            } finally {
            }
        } catch (Exception e) {
            MinecraftServer.LOGGER.error("Exception while reading Yggdrasil public key, falling back to prohibiting validator!", (Throwable) e);
            return FAIL;
        }
    }
}
