package StructuredEncryptionCrypt_Compile;

import BoundedInts_Compile.uint8;
import DafnyLibraries.MutableMap;
import StructuredEncryptionHeader_Compile.PartialHeader;
import StructuredEncryptionUtil_Compile.StructuredDataTerminalType;
import Wrappers_Compile.Option;
import Wrappers_Compile.Outcome;
import Wrappers_Compile.Result;
import dafny.DafnyMap;
import dafny.DafnySequence;
import dafny.Function0;
import dafny.Function2;
import dafny.Helpers;
import java.math.BigInteger;
import java.util.HashMap;
import java.util.Objects;
import software.amazon.cryptography.dbencryptionsdk.structuredencryption.internaldafny.types.Error;
import software.amazon.cryptography.dbencryptionsdk.structuredencryption.internaldafny.types.StructuredData;
import software.amazon.cryptography.dbencryptionsdk.structuredencryption.internaldafny.types.StructuredDataTerminal;
import software.amazon.cryptography.materialproviders.internaldafny.types.AlgorithmSuiteInfo;
import software.amazon.cryptography.primitives.internaldafny.AtomicPrimitivesClient;
import software.amazon.cryptography.primitives.internaldafny.types.AESDecryptInput;
import software.amazon.cryptography.primitives.internaldafny.types.AESEncryptInput;
import software.amazon.cryptography.primitives.internaldafny.types.AESEncryptOutput;
import software.amazon.cryptography.primitives.internaldafny.types.HkdfInput;
import software.amazon.cryptography.primitives.internaldafny.types.OpaqueError;

/* loaded from: input_file:StructuredEncryptionCrypt_Compile/__default.class */
public class __default {
    public static Result<DafnySequence<? extends Byte>, Error> FieldKey(DafnySequence<? extends Byte> dafnySequence, int i) {
        return AesKdfCtr.__default.AesKdfCtrStream(FieldKeyNonce(i * 3), dafnySequence, StructuredEncryptionUtil_Compile.__default.KeySize().add(StructuredEncryptionUtil_Compile.__default.NonceSize()).intValue()).MapFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), OpaqueError._typeDescriptor(), Error._typeDescriptor(), error -> {
            return Error.create_AwsCryptographyPrimitives(error);
        });
    }

    public static DafnySequence<? extends Byte> FieldKeyNonce(int i) {
        return DafnySequence.concatenate(DafnySequence.concatenate(UTF8.__default.EncodeAscii(DafnySequence.asString("AwsDbeField")), DafnySequence.of(new byte[]{StructuredEncryptionUtil_Compile.__default.KeySize().add(StructuredEncryptionUtil_Compile.__default.NonceSize()).byteValue()})), StandardLibrary_mUInt_Compile.__default.UInt32ToSeq(i));
    }

    public static Result<DafnySequence<? extends Byte>, Error> GetCommitKey(AtomicPrimitivesClient atomicPrimitivesClient, AlgorithmSuiteInfo algorithmSuiteInfo, DafnySequence<? extends Byte> dafnySequence, DafnySequence<? extends Byte> dafnySequence2) {
        return atomicPrimitivesClient.Hkdf(HkdfInput.create(algorithmSuiteInfo.dtor_commitment().dtor_HKDF().dtor_hmac(), Option.create_None(), dafnySequence, DafnySequence.concatenate(LABEL__COMMITMENT__KEY(), dafnySequence2), algorithmSuiteInfo.dtor_commitment().dtor_HKDF().dtor_outputKeyLength())).MapFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), software.amazon.cryptography.primitives.internaldafny.types.Error._typeDescriptor(), Error._typeDescriptor(), error -> {
            return Error.create_AwsCryptographyPrimitives(error);
        });
    }

    public static Result<DafnyMap<? extends DafnySequence<? extends Byte>, ? extends StructuredData>, Error> Encrypt(AtomicPrimitivesClient atomicPrimitivesClient, AlgorithmSuiteInfo algorithmSuiteInfo, DafnySequence<? extends Byte> dafnySequence, PartialHeader partialHeader, DafnySequence<? extends DafnySequence<? extends Byte>> dafnySequence2, DafnyMap<? extends DafnySequence<? extends Byte>, ? extends StructuredData> dafnyMap) {
        Result.Default(DafnyMap.empty());
        return Crypt(EncryptionSelector.create_DoEncrypt(), atomicPrimitivesClient, algorithmSuiteInfo, dafnySequence, partialHeader, dafnySequence2, dafnyMap);
    }

    public static Result<DafnyMap<? extends DafnySequence<? extends Byte>, ? extends StructuredData>, Error> Decrypt(AtomicPrimitivesClient atomicPrimitivesClient, AlgorithmSuiteInfo algorithmSuiteInfo, DafnySequence<? extends Byte> dafnySequence, PartialHeader partialHeader, DafnySequence<? extends DafnySequence<? extends Byte>> dafnySequence2, DafnyMap<? extends DafnySequence<? extends Byte>, ? extends StructuredData> dafnyMap) {
        Result.Default(DafnyMap.empty());
        return Crypt(EncryptionSelector.create_DoDecrypt(), atomicPrimitivesClient, algorithmSuiteInfo, dafnySequence, partialHeader, dafnySequence2, dafnyMap);
    }

    public static Result<DafnyMap<? extends DafnySequence<? extends Byte>, ? extends StructuredData>, Error> Crypt(EncryptionSelector encryptionSelector, AtomicPrimitivesClient atomicPrimitivesClient, AlgorithmSuiteInfo algorithmSuiteInfo, DafnySequence<? extends Byte> dafnySequence, PartialHeader partialHeader, DafnySequence<? extends DafnySequence<? extends Byte>> dafnySequence2, DafnyMap<? extends DafnySequence<? extends Byte>, ? extends StructuredData> dafnyMap) {
        Result.Default(DafnyMap.empty());
        Result Hkdf = atomicPrimitivesClient.Hkdf(HkdfInput.create(algorithmSuiteInfo.dtor_kdf().dtor_HKDF().dtor_hmac(), Option.create_None(), dafnySequence, DafnySequence.concatenate(LABEL__ENCRYPTION__KEY(), partialHeader.dtor_msgID()), algorithmSuiteInfo.dtor_kdf().dtor_HKDF().dtor_outputKeyLength()));
        Result.Default(DafnySequence.empty(uint8._typeDescriptor()));
        Result MapFailure = Hkdf.MapFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), software.amazon.cryptography.primitives.internaldafny.types.Error._typeDescriptor(), Error._typeDescriptor(), error -> {
            return Error.create_AwsCryptographyPrimitives(error);
        });
        return MapFailure.IsFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor()) ? MapFailure.PropagateFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor(), DafnyMap._typeDescriptor(DafnySequence._typeDescriptor(uint8._typeDescriptor()), StructuredDataTerminalType._typeDescriptor())) : CryptList(encryptionSelector, atomicPrimitivesClient, algorithmSuiteInfo, (DafnySequence) MapFailure.Extract(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor()), dafnySequence2, dafnyMap);
    }

    public static Result<DafnyMap<? extends DafnySequence<? extends Byte>, ? extends StructuredData>, Error> CryptList(EncryptionSelector encryptionSelector, AtomicPrimitivesClient atomicPrimitivesClient, AlgorithmSuiteInfo algorithmSuiteInfo, DafnySequence<? extends Byte> dafnySequence, DafnySequence<? extends DafnySequence<? extends Byte>> dafnySequence2, DafnyMap<? extends DafnySequence<? extends Byte>, ? extends StructuredData> dafnyMap) {
        Object Extract;
        Result.Default(DafnyMap.empty());
        MutableMap mutableMap = new MutableMap(DafnySequence._typeDescriptor(uint8._typeDescriptor()), StructuredDataTerminalType._typeDescriptor());
        BigInteger valueOf = BigInteger.valueOf(dafnySequence2.length());
        BigInteger bigInteger = BigInteger.ZERO;
        while (true) {
            BigInteger bigInteger2 = bigInteger;
            if (bigInteger2.compareTo(valueOf) >= 0) {
                DafnyMap content = mutableMap.content();
                Function2 function2 = (dafnyMap2, mutableMap2) -> {
                    Function0 function0 = () -> {
                        HashMap hashMap = new HashMap();
                        for (DafnySequence dafnySequence3 : dafnyMap2.keySet().Elements()) {
                            if (dafnyMap2.contains(dafnySequence3)) {
                                hashMap.put(dafnySequence3, mutableMap2.Select(dafnySequence3));
                            }
                        }
                        return new DafnyMap(hashMap);
                    };
                    return (DafnyMap) function0.apply();
                };
                return Result.create_Success((DafnyMap) function2.apply(content, mutableMap));
            }
            DafnySequence dafnySequence3 = (DafnySequence) dafnySequence2.select(Helpers.toInt(bigInteger2));
            if (Objects.equals(encryptionSelector, EncryptionSelector.create_DoEncrypt())) {
                Result<StructuredData, Error> EncryptTerminal = EncryptTerminal(atomicPrimitivesClient, algorithmSuiteInfo, dafnySequence, bigInteger2.intValue(), dafnySequence3, ((StructuredData) dafnyMap.get(dafnySequence3)).dtor_content().dtor_Terminal());
                if (EncryptTerminal.IsFailure(StructuredData._typeDescriptor(), Error._typeDescriptor())) {
                    return EncryptTerminal.PropagateFailure(StructuredData._typeDescriptor(), Error._typeDescriptor(), DafnyMap._typeDescriptor(DafnySequence._typeDescriptor(uint8._typeDescriptor()), StructuredDataTerminalType._typeDescriptor()));
                }
                Extract = EncryptTerminal.Extract(StructuredData._typeDescriptor(), Error._typeDescriptor());
            } else {
                Result<StructuredData, Error> DecryptTerminal = DecryptTerminal(atomicPrimitivesClient, algorithmSuiteInfo, dafnySequence, bigInteger2.intValue(), dafnySequence3, ((StructuredData) dafnyMap.get(dafnySequence3)).dtor_content().dtor_Terminal());
                if (DecryptTerminal.IsFailure(StructuredData._typeDescriptor(), Error._typeDescriptor())) {
                    return DecryptTerminal.PropagateFailure(StructuredData._typeDescriptor(), Error._typeDescriptor(), DafnyMap._typeDescriptor(DafnySequence._typeDescriptor(uint8._typeDescriptor()), StructuredDataTerminalType._typeDescriptor()));
                }
                Extract = DecryptTerminal.Extract(StructuredData._typeDescriptor(), Error._typeDescriptor());
            }
            mutableMap.Put(dafnySequence3, (StructuredData) Extract);
            bigInteger = bigInteger2.add(BigInteger.ONE);
        }
    }

    public static Result<StructuredData, Error> EncryptTerminal(AtomicPrimitivesClient atomicPrimitivesClient, AlgorithmSuiteInfo algorithmSuiteInfo, DafnySequence<? extends Byte> dafnySequence, int i, DafnySequence<? extends Byte> dafnySequence2, StructuredDataTerminal structuredDataTerminal) {
        Result.Default(DafnySequence.empty(uint8._typeDescriptor()));
        Result<DafnySequence<? extends Byte>, Error> FieldKey = FieldKey(dafnySequence, i);
        if (FieldKey.IsFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor())) {
            return FieldKey.PropagateFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor(), StructuredData._typeDescriptor());
        }
        DafnySequence dafnySequence3 = (DafnySequence) FieldKey.Extract(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor());
        Result AESEncrypt = atomicPrimitivesClient.AESEncrypt(AESEncryptInput.create(algorithmSuiteInfo.dtor_encrypt().dtor_AES__GCM(), dafnySequence3.drop(StructuredEncryptionUtil_Compile.__default.KeySize()), dafnySequence3.subsequence(Helpers.toInt(BigInteger.ZERO), Helpers.toInt(StructuredEncryptionUtil_Compile.__default.KeySize())), structuredDataTerminal.dtor_value(), dafnySequence2));
        Result.Default(AESEncryptOutput.Default());
        Result MapFailure = AESEncrypt.MapFailure(AESEncryptOutput._typeDescriptor(), software.amazon.cryptography.primitives.internaldafny.types.Error._typeDescriptor(), Error._typeDescriptor(), error -> {
            return Error.create_AwsCryptographyPrimitives(error);
        });
        if (MapFailure.IsFailure(AESEncryptOutput._typeDescriptor(), Error._typeDescriptor())) {
            return MapFailure.PropagateFailure(AESEncryptOutput._typeDescriptor(), Error._typeDescriptor(), StructuredData._typeDescriptor());
        }
        AESEncryptOutput aESEncryptOutput = (AESEncryptOutput) MapFailure.Extract(AESEncryptOutput._typeDescriptor(), Error._typeDescriptor());
        Outcome.Default();
        Outcome Need = Wrappers_Compile.__default.Need(Error._typeDescriptor(), Objects.equals(BigInteger.valueOf(aESEncryptOutput.dtor_authTag().length()), StructuredEncryptionUtil_Compile.__default.AuthTagSize()), StructuredEncryptionUtil_Compile.__default.E(DafnySequence.asString("Auth Tag Wrong Size.")));
        return Need.IsFailure(Error._typeDescriptor()) ? Need.PropagateFailure(Error._typeDescriptor(), StructuredData._typeDescriptor()) : Result.create_Success(StructuredEncryptionUtil_Compile.__default.ValueToData(DafnySequence.concatenate(DafnySequence.concatenate(structuredDataTerminal.dtor_typeId(), aESEncryptOutput.dtor_cipherText()), aESEncryptOutput.dtor_authTag()), StructuredEncryptionUtil_Compile.__default.BYTES__TYPE__ID()));
    }

    public static Result<StructuredData, Error> DecryptTerminal(AtomicPrimitivesClient atomicPrimitivesClient, AlgorithmSuiteInfo algorithmSuiteInfo, DafnySequence<? extends Byte> dafnySequence, int i, DafnySequence<? extends Byte> dafnySequence2, StructuredDataTerminal structuredDataTerminal) {
        Result.Default(DafnySequence.empty(uint8._typeDescriptor()));
        Result<DafnySequence<? extends Byte>, Error> FieldKey = FieldKey(dafnySequence, i);
        if (FieldKey.IsFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor())) {
            return FieldKey.PropagateFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor(), StructuredData._typeDescriptor());
        }
        DafnySequence dafnySequence3 = (DafnySequence) FieldKey.Extract(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor());
        DafnySequence subsequence = dafnySequence3.subsequence(Helpers.toInt(BigInteger.ZERO), Helpers.toInt(StructuredEncryptionUtil_Compile.__default.KeySize()));
        DafnySequence drop = dafnySequence3.drop(StructuredEncryptionUtil_Compile.__default.KeySize());
        DafnySequence<? extends Byte> dtor_value = structuredDataTerminal.dtor_value();
        Outcome.Default();
        Outcome Need = Wrappers_Compile.__default.Need(Error._typeDescriptor(), StructuredEncryptionUtil_Compile.__default.AuthTagSize().add(BigInteger.valueOf(2L)).compareTo(BigInteger.valueOf((long) dtor_value.length())) <= 0, StructuredEncryptionUtil_Compile.__default.E(DafnySequence.asString("cipherTxt too short.")));
        if (Need.IsFailure(Error._typeDescriptor())) {
            return Need.PropagateFailure(Error._typeDescriptor(), StructuredData._typeDescriptor());
        }
        Result AESDecrypt = atomicPrimitivesClient.AESDecrypt(AESDecryptInput.create(algorithmSuiteInfo.dtor_encrypt().dtor_AES__GCM(), subsequence, dtor_value.subsequence(Helpers.toInt(StructuredEncryptionUtil_Compile.__default.TYPEID__LEN()), Helpers.toInt(BigInteger.valueOf(dtor_value.length()).subtract(StructuredEncryptionUtil_Compile.__default.AuthTagSize()))), dtor_value.drop(BigInteger.valueOf(dtor_value.length()).subtract(StructuredEncryptionUtil_Compile.__default.AuthTagSize())), drop, dafnySequence2));
        Result.Default(DafnySequence.empty(uint8._typeDescriptor()));
        Result MapFailure = AESDecrypt.MapFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), software.amazon.cryptography.primitives.internaldafny.types.Error._typeDescriptor(), Error._typeDescriptor(), error -> {
            return Error.create_AwsCryptographyPrimitives(error);
        });
        return MapFailure.IsFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor()) ? MapFailure.PropagateFailure(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor(), StructuredData._typeDescriptor()) : Result.create_Success(StructuredEncryptionUtil_Compile.__default.ValueToData((DafnySequence) MapFailure.Extract(DafnySequence._typeDescriptor(uint8._typeDescriptor()), Error._typeDescriptor()), dtor_value.take(StructuredEncryptionUtil_Compile.__default.TYPEID__LEN())));
    }

    public static DafnySequence<? extends Byte> LABEL__COMMITMENT__KEY() {
        return UTF8.__default.EncodeAscii(DafnySequence.asString("AWS_DBE_COMMIT_KEY"));
    }

    public static DafnySequence<? extends Byte> LABEL__ENCRYPTION__KEY() {
        return UTF8.__default.EncodeAscii(DafnySequence.asString("AWS_DBE_DERIVE_KEY"));
    }

    public String toString() {
        return "StructuredEncryptionCrypt._default";
    }
}
