package com.cloudera.keytrustee.crypto;

import com.cloudera.keytrustee.KeyTrusteeConstants;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectStreamException;
import java.io.OutputStream;
import java.io.StringWriter;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Security;
import java.security.SignatureException;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.bcpg.BCPGOutputStream;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openpgp.PGPCompressedData;
import org.bouncycastle.openpgp.PGPCompressedDataGenerator;
import org.bouncycastle.openpgp.PGPEncryptedDataGenerator;
import org.bouncycastle.openpgp.PGPEncryptedDataList;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPKeyPair;
import org.bouncycastle.openpgp.PGPKeyRingGenerator;
import org.bouncycastle.openpgp.PGPLiteralData;
import org.bouncycastle.openpgp.PGPLiteralDataGenerator;
import org.bouncycastle.openpgp.PGPObjectFactory;
import org.bouncycastle.openpgp.PGPOnePassSignature;
import org.bouncycastle.openpgp.PGPOnePassSignatureList;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyEncryptedData;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.PGPSignatureGenerator;
import org.bouncycastle.openpgp.PGPSignatureList;
import org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator;
import org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
import org.bouncycastle.openpgp.PGPUtil;
import org.bouncycastle.openpgp.PGPV3SignatureGenerator;
import org.bouncycastle.openpgp.operator.KeyFingerPrintCalculator;
import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
import org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentVerifierBuilderProvider;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPKeyConverter;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPKeyPair;
import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyEncryptorBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyDataDecryptorFactoryBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator;
import org.json.JSONObject;

/* loaded from: input_file:com/cloudera/keytrustee/crypto/Crypto.class */
public class Crypto {
    private static Crypto m_instance;
    public static final String DEFAULT_PROVIDER = "BC";
    public static final KeyFingerPrintCalculator FP_CALC;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/cloudera/keytrustee/crypto/Crypto$OnePassSignatureInfo.class */
    public static class OnePassSignatureInfo {
        int signatureIndex;
        PGPOnePassSignature onePassSignature;
        PGPPublicKey signatureKey;

        public OnePassSignatureInfo(int i, PGPPublicKey pGPPublicKey, PGPOnePassSignature pGPOnePassSignature) {
            this.signatureKey = pGPPublicKey;
            this.signatureIndex = i;
            this.onePassSignature = pGPOnePassSignature;
        }
    }

    private Crypto() {
        Security.addProvider(new BouncyCastleProvider());
    }

    public String getDefaultProvider() {
        return DEFAULT_PROVIDER;
    }

    public static synchronized Crypto getInstance() {
        if (m_instance == null) {
            m_instance = new Crypto();
        }
        return m_instance;
    }

    private Object readResolve() throws ObjectStreamException {
        if ($assertionsDisabled || m_instance != null) {
            return m_instance;
        }
        throw new AssertionError();
    }

    private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
        objectInputStream.defaultReadObject();
        synchronized (Crypto.class) {
            if (m_instance == null) {
                m_instance = this;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static PBESecretKeyDecryptor decryptorBuilderFor(char[] cArr) throws PGPException {
        return new JcePBESecretKeyDecryptorBuilder().setProvider(DEFAULT_PROVIDER).build(cArr);
    }

    private PGPSecretKey createSecretKey(int i, int i2, char[] cArr, PGPSecretKey pGPSecretKey) throws Exception {
        KeyPairGenerator keyPairGenerator;
        PGPSecretKey pGPSecretKey2;
        if (i2 < 512) {
            throw new Exception("Keysize must be at least 512 bits long");
        }
        if (cArr == null) {
            cArr = KeyTrusteeConstants.defaultPassphrase();
        }
        SecureRandom secureRandom = new SecureRandom();
        switch (i) {
            case 1:
                keyPairGenerator = KeyPairGenerator.getInstance("RSA", DEFAULT_PROVIDER);
                keyPairGenerator.initialize(i2, secureRandom);
                break;
            case 16:
                keyPairGenerator = KeyPairGenerator.getInstance("ElGamal", DEFAULT_PROVIDER);
                keyPairGenerator.initialize(i2, secureRandom);
                break;
            case 17:
                keyPairGenerator = KeyPairGenerator.getInstance("DSA", DEFAULT_PROVIDER);
                keyPairGenerator.initialize(i2, secureRandom);
                break;
            default:
                throw new Exception("Unknown algorithm");
        }
        JcaPGPKeyPair jcaPGPKeyPair = new JcaPGPKeyPair(i, keyPairGenerator.generateKeyPair(), new Date());
        if (pGPSecretKey == null) {
            PGPDigestCalculator pGPDigestCalculator = new JcaPGPDigestCalculatorProviderBuilder().build().get(2);
            pGPSecretKey2 = new PGPSecretKey(25, jcaPGPKeyPair, "", pGPDigestCalculator, (PGPSignatureSubpacketVector) null, (PGPSignatureSubpacketVector) null, new JcaPGPContentSignerBuilder(jcaPGPKeyPair.getPublicKey().getAlgorithm(), 2), new JcePBESecretKeyEncryptorBuilder(3, pGPDigestCalculator).setProvider(DEFAULT_PROVIDER).build(cArr));
        } else {
            PGPPublicKey publicKey = pGPSecretKey.getPublicKey();
            PGPKeyPair pGPKeyPair = new PGPKeyPair(new JcaPGPKeyConverter().getPGPPublicKey(publicKey.getAlgorithm(), new JcaPGPKeyConverter().setProvider(DEFAULT_PROVIDER).getPublicKey(publicKey), publicKey.getCreationTime()), pGPSecretKey.extractPrivateKey(decryptorBuilderFor(cArr)));
            PGPDigestCalculator pGPDigestCalculator2 = new JcaPGPDigestCalculatorProviderBuilder().build().get(2);
            PGPKeyRingGenerator pGPKeyRingGenerator = new PGPKeyRingGenerator(24, pGPKeyPair, "", pGPDigestCalculator2, new PGPSignatureSubpacketGenerator().generate(), new PGPSignatureSubpacketGenerator().generate(), new JcaPGPContentSignerBuilder(pGPKeyPair.getPublicKey().getAlgorithm(), 8), new JcePBESecretKeyEncryptorBuilder(3, pGPDigestCalculator2).setProvider(DEFAULT_PROVIDER).build(cArr));
            pGPKeyRingGenerator.addSubKey(jcaPGPKeyPair);
            Iterator secretKeys = pGPKeyRingGenerator.generateSecretKeyRing().getSecretKeys();
            secretKeys.next();
            pGPSecretKey2 = (PGPSecretKey) secretKeys.next();
        }
        return pGPSecretKey2;
    }

    public PGPKeyRingHolder buildSecretKey(List<String> list, int i, int i2, char[] cArr, boolean z, boolean z2, Calendar calendar) throws Exception {
        PGPSecretKey createSecretKey = createSecretKey(1, i2, cArr, null);
        PGPSecretKey createSecretKey2 = createSecretKey(1, i2, cArr, createSecretKey);
        Vector<PGPSecretKey> vector = new Vector<>();
        vector.add(createSecretKey);
        vector.add(createSecretKey2);
        return buildSecretKeyReal(list, z, z2, vector, cArr, calendar);
    }

    private PGPKeyRingHolder buildSecretKeyReal(List<String> list, boolean z, boolean z2, Vector<PGPSecretKey> vector, char[] cArr, Calendar calendar) throws Exception {
        if (cArr == null || cArr.length == 0) {
            cArr = KeyTrusteeConstants.defaultPassphrase();
        }
        if (list.size() == 0) {
            throw new Exception("Key need user id");
        }
        String str = list.get(0);
        PGPSecretKey pGPSecretKey = vector.get(0);
        PGPPublicKey publicKey = pGPSecretKey.getPublicKey();
        PGPPublicKey pGPPublicKey = new JcaPGPKeyConverter().getPGPPublicKey(publicKey.getAlgorithm(), new JcaPGPKeyConverter().setProvider(DEFAULT_PROVIDER).getPublicKey(publicKey), publicKey.getCreationTime());
        PGPPrivateKey extractPrivateKey = pGPSecretKey.extractPrivateKey(decryptorBuilderFor(cArr));
        PGPKeyPair pGPKeyPair = new PGPKeyPair(signPublicKey(pGPPublicKey, new PGPKeyPair(pGPPublicKey, extractPrivateKey), 19), extractPrivateKey);
        PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator = new PGPSignatureSubpacketGenerator();
        PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator2 = new PGPSignatureSubpacketGenerator();
        pGPSignatureSubpacketGenerator.setKeyFlags(true, z2 ? 35 | 12 : 35);
        pGPSignatureSubpacketGenerator.setPreferredSymmetricAlgorithms(true, new int[]{9, 8, 7, 3});
        pGPSignatureSubpacketGenerator.setPreferredHashAlgorithms(true, new int[]{10, 9, 8, 11});
        pGPSignatureSubpacketGenerator.setPreferredCompressionAlgorithms(true, new int[]{1, 2});
        setExpirationDate(calendar, pGPSecretKey, pGPSignatureSubpacketGenerator);
        PGPDigestCalculator pGPDigestCalculator = new JcaPGPDigestCalculatorProviderBuilder().build().get(2);
        PGPKeyRingGenerator pGPKeyRingGenerator = new PGPKeyRingGenerator(19, pGPKeyPair, str, pGPDigestCalculator, pGPSignatureSubpacketGenerator.generate(), pGPSignatureSubpacketGenerator2.generate(), new JcaPGPContentSignerBuilder(pGPKeyPair.getPublicKey().getAlgorithm(), 10), new JcePBESecretKeyEncryptorBuilder(3, pGPDigestCalculator).setProvider(DEFAULT_PROVIDER).build(cArr));
        for (int i = 1; i < vector.size(); i++) {
            PGPSecretKey pGPSecretKey2 = vector.get(i);
            PGPKeyPair pGPKeyPair2 = new PGPKeyPair(pGPSecretKey2.getPublicKey(), pGPSecretKey2.extractPrivateKey(decryptorBuilderFor(cArr)));
            PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator3 = new PGPSignatureSubpacketGenerator();
            PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator4 = new PGPSignatureSubpacketGenerator();
            if (!z2) {
                throw new Exception("Sub key must support encryption");
            }
            pGPSignatureSubpacketGenerator3.setKeyFlags(true, 0 | 12);
            setExpirationDate(calendar, pGPSecretKey, pGPSignatureSubpacketGenerator3);
            pGPKeyRingGenerator.addSubKey(pGPKeyPair2, pGPSignatureSubpacketGenerator3.generate(), pGPSignatureSubpacketGenerator4.generate());
        }
        PGPSecretKeyRing generateSecretKeyRing = pGPKeyRingGenerator.generateSecretKeyRing();
        PGPPublicKeyRing generatePublicKeyRing = pGPKeyRingGenerator.generatePublicKeyRing();
        ArrayList arrayList = new ArrayList();
        arrayList.add(generateSecretKeyRing);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(generatePublicKeyRing);
        return new PGPKeyRingHolder(new PGPSecretKeyRingCollection(arrayList), new PGPPublicKeyRingCollection(arrayList2));
    }

    private static void setExpirationDate(Calendar calendar, PGPSecretKey pGPSecretKey, PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator) throws Exception {
        if (calendar != null) {
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            gregorianCalendar.setTime(KeyManager.getCreationDate(pGPSecretKey));
            long timeInMillis = (calendar.getTimeInMillis() - gregorianCalendar.getTimeInMillis()) / 1000;
            if (timeInMillis <= 0) {
                throw new Exception("Expiration date must come after creation date");
            }
            pGPSignatureSubpacketGenerator.setKeyExpirationTime(true, timeInMillis);
        }
    }

    public PGPPublicKey signPublicKey(PGPPublicKey pGPPublicKey, PGPKeyPair pGPKeyPair, int i) throws SignatureException, PGPException {
        PGPSignatureGenerator pGPSignatureGenerator = new PGPSignatureGenerator(new JcaPGPContentSignerBuilder(pGPKeyPair.getPublicKey().getAlgorithm(), 10).setProvider(DEFAULT_PROVIDER));
        pGPSignatureGenerator.init(i, pGPKeyPair.getPrivateKey());
        Iterator userIDs = pGPPublicKey.getUserIDs();
        while (userIDs.hasNext()) {
            String str = (String) userIDs.next();
            pGPPublicKey = PGPPublicKey.addCertification(pGPPublicKey, str, pGPSignatureGenerator.generateCertification(str, pGPPublicKey));
        }
        return pGPPublicKey;
    }

    public void decryptString(String str, PGPPublicKeyRing pGPPublicKeyRing, PGPSecretKeyRing pGPSecretKeyRing, char[] cArr, OutputStream outputStream) throws IOException, PGPException, SignatureException {
        decryptInputStream(new ByteArrayInputStream(str.getBytes()), pGPPublicKeyRing, pGPSecretKeyRing, cArr, outputStream);
    }

    private OnePassSignatureInfo getOnePassSignature(PGPOnePassSignatureList pGPOnePassSignatureList, PGPPublicKeyRing pGPPublicKeyRing) {
        PGPOnePassSignature pGPOnePassSignature = null;
        PGPPublicKey pGPPublicKey = null;
        int i = -1;
        int i2 = 0;
        while (true) {
            if (i2 >= pGPOnePassSignatureList.size()) {
                break;
            }
            pGPOnePassSignature = pGPOnePassSignatureList.get(i2);
            if (pGPPublicKeyRing != null) {
                pGPPublicKey = pGPPublicKeyRing.getPublicKey(pGPOnePassSignature.getKeyID());
                if (pGPPublicKey != null) {
                    i = i2;
                    break;
                }
            }
            pGPOnePassSignature = null;
            i2++;
        }
        return new OnePassSignatureInfo(i, pGPPublicKey, pGPOnePassSignature);
    }

    private PGPOnePassSignature updateSignature(PGPLiteralData pGPLiteralData, PGPOnePassSignature pGPOnePassSignature, OutputStream outputStream) throws IOException {
        byte[] bArr = new byte[65536];
        InputStream inputStream = pGPLiteralData.getInputStream();
        while (true) {
            try {
                int read = inputStream.read(bArr);
                if (read <= 0) {
                    return pGPOnePassSignature;
                }
                outputStream.write(bArr, 0, read);
                if (pGPOnePassSignature != null) {
                    pGPOnePassSignature.update(bArr, 0, read);
                }
            } finally {
                inputStream.close();
            }
        }
    }

    public void decryptInputStream(InputStream inputStream, PGPPublicKeyRing pGPPublicKeyRing, PGPSecretKeyRing pGPSecretKeyRing, char[] cArr, OutputStream outputStream) throws IOException, PGPException, SignatureException {
        PGPOnePassSignature updateSignature;
        if (cArr == null) {
            cArr = KeyTrusteeConstants.defaultPassphrase();
        }
        PGPObjectFactory pGPObjectFactory = new PGPObjectFactory(PGPUtil.getDecoderStream(inputStream), FP_CALC);
        Object nextObject = pGPObjectFactory.nextObject();
        PGPEncryptedDataList pGPEncryptedDataList = nextObject instanceof PGPEncryptedDataList ? (PGPEncryptedDataList) nextObject : (PGPEncryptedDataList) pGPObjectFactory.nextObject();
        if (pGPEncryptedDataList == null) {
            throw new PGPException("Encrypted content not found");
        }
        PGPPublicKeyEncryptedData pGPPublicKeyEncryptedData = null;
        PGPSecretKey pGPSecretKey = null;
        Iterator encryptedDataObjects = pGPEncryptedDataList.getEncryptedDataObjects();
        while (true) {
            if (!encryptedDataObjects.hasNext()) {
                break;
            }
            Object next = encryptedDataObjects.next();
            if (next instanceof PGPPublicKeyEncryptedData) {
                PGPPublicKeyEncryptedData pGPPublicKeyEncryptedData2 = (PGPPublicKeyEncryptedData) next;
                Iterator secretKeys = pGPSecretKeyRing.getSecretKeys();
                while (secretKeys.hasNext()) {
                    PGPSecretKey pGPSecretKey2 = (PGPSecretKey) secretKeys.next();
                    if (KeyManager.isValid(pGPSecretKey2) && pGPSecretKey2.getKeyID() == pGPPublicKeyEncryptedData2.getKeyID()) {
                        pGPSecretKey = pGPSecretKey2;
                    }
                }
                if (pGPSecretKey != null) {
                    pGPPublicKeyEncryptedData = pGPPublicKeyEncryptedData2;
                    break;
                }
            }
        }
        if (pGPSecretKey == null) {
            throw new PGPException("Secret key not found");
        }
        PGPPrivateKey extractPrivateKey = pGPSecretKey.extractPrivateKey(decryptorBuilderFor(cArr));
        if (extractPrivateKey == null) {
            throw new PGPException("Failed to extract private key");
        }
        InputStream dataStream = pGPPublicKeyEncryptedData.getDataStream(new JcePublicKeyDataDecryptorFactoryBuilder().setProvider(DEFAULT_PROVIDER).build(extractPrivateKey));
        PGPPublicKeyEncryptedData pGPPublicKeyEncryptedData3 = pGPPublicKeyEncryptedData;
        PGPObjectFactory pGPObjectFactory2 = new PGPObjectFactory(dataStream, FP_CALC);
        Object nextObject2 = pGPObjectFactory2.nextObject();
        PGPOnePassSignature pGPOnePassSignature = null;
        int i = -1;
        if (nextObject2 instanceof PGPCompressedData) {
            PGPObjectFactory pGPObjectFactory3 = new PGPObjectFactory(((PGPCompressedData) nextObject2).getDataStream(), FP_CALC);
            nextObject2 = pGPObjectFactory3.nextObject();
            pGPObjectFactory2 = pGPObjectFactory3;
        }
        if (nextObject2 instanceof PGPOnePassSignatureList) {
            OnePassSignatureInfo onePassSignature = getOnePassSignature((PGPOnePassSignatureList) nextObject2, pGPPublicKeyRing);
            pGPOnePassSignature = onePassSignature.onePassSignature;
            i = onePassSignature.signatureIndex;
            PGPPublicKey pGPPublicKey = onePassSignature.signatureKey;
            if (pGPPublicKey != null && !KeyManager.isValid(pGPPublicKey)) {
                throw new PGPException("Signature key is not valid.");
            }
            if (pGPOnePassSignature != null) {
                pGPOnePassSignature.init(new JcaPGPContentVerifierBuilderProvider().setProvider(DEFAULT_PROVIDER), pGPPublicKey);
            }
            nextObject2 = pGPObjectFactory2.nextObject();
        }
        if ((nextObject2 instanceof PGPLiteralData) && (updateSignature = updateSignature((PGPLiteralData) nextObject2, pGPOnePassSignature, outputStream)) != null && !updateSignature.verify(((PGPSignatureList) pGPObjectFactory2.nextObject()).get(i))) {
            throw new PGPException("Invalid signature");
        }
        if (pGPPublicKeyEncryptedData3.isIntegrityProtected() && !pGPPublicKeyEncryptedData3.verify()) {
            throw new PGPException("Integrity protection failure.");
        }
        outputStream.close();
    }

    public InputStream encryptString(String str, PGPPublicKeyRingCollection pGPPublicKeyRingCollection, PGPSecretKeyRing pGPSecretKeyRing, char[] cArr, Fingerprint... fingerprintArr) throws Exception {
        return encryptInputStream(new ByteArrayInputStream(str.getBytes()), pGPPublicKeyRingCollection, pGPSecretKeyRing, cArr, fingerprintArr);
    }

    public Map<String, Object> encryptPayload(Map<String, Object> map, PGPPublicKeyRingCollection pGPPublicKeyRingCollection, PGPSecretKeyRing pGPSecretKeyRing, Fingerprint... fingerprintArr) throws Exception {
        InputStream encryptString = encryptString(new JSONObject(map).toString(), pGPPublicKeyRingCollection, pGPSecretKeyRing, KeyTrusteeConstants.defaultPassphrase(), fingerprintArr);
        StringWriter stringWriter = new StringWriter();
        IOUtils.copy(encryptString, stringWriter, KeyTrusteeConstants.ENCODING);
        String stringWriter2 = stringWriter.toString();
        HashMap hashMap = new HashMap();
        hashMap.put("payload", stringWriter2);
        return hashMap;
    }

    public InputStream encryptInputStream(InputStream inputStream, PGPPublicKeyRingCollection pGPPublicKeyRingCollection, PGPSecretKeyRing pGPSecretKeyRing, char[] cArr, Fingerprint... fingerprintArr) throws Exception {
        ArmoredOutputStream armoredOutputStream;
        ArmoredOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ArmoredOutputStream armoredOutputStream2 = null;
        if (1 != 0) {
            armoredOutputStream2 = new ArmoredOutputStream(byteArrayOutputStream);
            armoredOutputStream2.setHeader("Version", KeyTrusteeConstants.getVersionedName());
            armoredOutputStream = armoredOutputStream2;
        } else {
            armoredOutputStream = byteArrayOutputStream;
        }
        if (cArr == null) {
            cArr = KeyTrusteeConstants.defaultPassphrase();
        }
        PGPSecretKey signingKey = KeyManager.getSigningKey(pGPSecretKeyRing);
        PGPPrivateKey extractPrivateKey = signingKey.extractPrivateKey(decryptorBuilderFor(cArr));
        PGPEncryptedDataGenerator pGPEncryptedDataGenerator = new PGPEncryptedDataGenerator(new JcePGPDataEncryptorBuilder(9).setSecureRandom(new SecureRandom()).setProvider(DEFAULT_PROVIDER).setWithIntegrityPacket(false));
        for (Fingerprint fingerprint : fingerprintArr) {
            PGPPublicKey key = KeyManager.getKey(pGPPublicKeyRingCollection, fingerprint);
            if (key != null) {
                pGPEncryptedDataGenerator.addMethod(new JcePublicKeyKeyEncryptionMethodGenerator(key).setProvider(DEFAULT_PROVIDER));
            }
        }
        OutputStream open = pGPEncryptedDataGenerator.open(armoredOutputStream, new byte[65536]);
        PGPSignatureGenerator pGPSignatureGenerator = null;
        PGPV3SignatureGenerator pGPV3SignatureGenerator = null;
        if (0 != 0) {
            pGPV3SignatureGenerator = new PGPV3SignatureGenerator(new JcaPGPContentSignerBuilder(signingKey.getPublicKey().getAlgorithm(), 10));
            pGPV3SignatureGenerator.init(0, extractPrivateKey);
        } else {
            pGPSignatureGenerator = new PGPSignatureGenerator(new JcaPGPContentSignerBuilder(signingKey.getPublicKey().getAlgorithm(), 10));
            pGPSignatureGenerator.init(0, extractPrivateKey);
            String mainUserId = KeyManager.getMainUserId(KeyManager.getMasterKey(pGPSecretKeyRing));
            PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator = new PGPSignatureSubpacketGenerator();
            pGPSignatureSubpacketGenerator.setSignerUserID(false, mainUserId);
            pGPSignatureGenerator.setHashedSubpackets(pGPSignatureSubpacketGenerator.generate());
        }
        PGPCompressedDataGenerator pGPCompressedDataGenerator = new PGPCompressedDataGenerator(2);
        BCPGOutputStream bCPGOutputStream = new BCPGOutputStream(pGPCompressedDataGenerator.open(open));
        if (0 != 0) {
            pGPV3SignatureGenerator.generateOnePassVersion(false).encode(bCPGOutputStream);
        } else {
            pGPSignatureGenerator.generateOnePassVersion(false).encode(bCPGOutputStream);
        }
        PGPLiteralDataGenerator pGPLiteralDataGenerator = new PGPLiteralDataGenerator();
        OutputStream open2 = pGPLiteralDataGenerator.open(bCPGOutputStream, 'b', "", new Date(), new byte[65536]);
        byte[] bArr = new byte[65536];
        while (true) {
            int read = inputStream.read(bArr);
            if (read <= 0) {
                break;
            }
            open2.write(bArr, 0, read);
            if (0 != 0) {
                pGPV3SignatureGenerator.update(bArr, 0, read);
            } else {
                pGPSignatureGenerator.update(bArr, 0, read);
            }
        }
        pGPLiteralDataGenerator.close();
        if (0 != 0) {
            pGPV3SignatureGenerator.generate().encode(open2);
        } else {
            pGPSignatureGenerator.generate().encode(open2);
        }
        if (pGPCompressedDataGenerator != null) {
            pGPCompressedDataGenerator.close();
        }
        open.close();
        if (1 != 0) {
            armoredOutputStream2.close();
        }
        return new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
    }

    public InputStream createSignature(InputStream inputStream, PGPSecretKeyRing pGPSecretKeyRing, char[] cArr) throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ArmoredOutputStream armoredOutputStream = new ArmoredOutputStream(byteArrayOutputStream);
        armoredOutputStream.setHeader("Version", KeyTrusteeConstants.getVersionedName());
        if (cArr == null) {
            cArr = KeyTrusteeConstants.defaultPassphrase();
        }
        PGPSecretKey masterKey = KeyManager.getMasterKey(pGPSecretKeyRing);
        PGPPrivateKey extractPrivateKey = masterKey.extractPrivateKey(decryptorBuilderFor(cArr));
        PGPSignatureGenerator pGPSignatureGenerator = new PGPSignatureGenerator(new JcaPGPContentSignerBuilder(masterKey.getPublicKey().getAlgorithm(), 10).setProvider(DEFAULT_PROVIDER));
        pGPSignatureGenerator.init(0, extractPrivateKey);
        while (true) {
            int read = inputStream.read();
            if (read < 0) {
                pGPSignatureGenerator.generate().encode(new BCPGOutputStream(armoredOutputStream));
                inputStream.close();
                armoredOutputStream.close();
                return new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
            }
            pGPSignatureGenerator.update((byte) read);
        }
    }

    public boolean verifySignature(String str, String str2, PGPPublicKeyRing pGPPublicKeyRing) throws Exception {
        return verifySignature(new ByteArrayInputStream(str.getBytes()), new ByteArrayInputStream(str2.getBytes()), pGPPublicKeyRing);
    }

    public boolean verifySignature(InputStream inputStream, InputStream inputStream2, PGPPublicKeyRing pGPPublicKeyRing) throws Exception {
        PGPSignature pGPSignature;
        boolean z = false;
        PGPObjectFactory pGPObjectFactory = new PGPObjectFactory(PGPUtil.getDecoderStream(inputStream2), FP_CALC);
        PGPOnePassSignature pGPOnePassSignature = null;
        int i = -1;
        Object nextObject = pGPObjectFactory.nextObject();
        if (nextObject instanceof PGPCompressedData) {
            PGPObjectFactory pGPObjectFactory2 = new PGPObjectFactory(((PGPCompressedData) nextObject).getDataStream(), FP_CALC);
            nextObject = pGPObjectFactory2.nextObject();
            pGPObjectFactory = pGPObjectFactory2;
        }
        if (nextObject instanceof PGPOnePassSignatureList) {
            OnePassSignatureInfo onePassSignature = getOnePassSignature((PGPOnePassSignatureList) nextObject, pGPPublicKeyRing);
            pGPOnePassSignature = onePassSignature.onePassSignature;
            i = onePassSignature.signatureIndex;
            PGPPublicKey pGPPublicKey = onePassSignature.signatureKey;
            if (pGPOnePassSignature != null) {
                pGPOnePassSignature.init(new JcaPGPContentVerifierBuilderProvider().setProvider(DEFAULT_PROVIDER), pGPPublicKey);
            }
            nextObject = pGPObjectFactory.nextObject();
        }
        if (nextObject instanceof PGPLiteralData) {
            pGPOnePassSignature = updateSignature((PGPLiteralData) nextObject, pGPOnePassSignature, new ByteArrayOutputStream());
            if (pGPOnePassSignature != null) {
                nextObject = (PGPSignatureList) pGPObjectFactory.nextObject();
            }
        }
        if (nextObject instanceof PGPSignatureList) {
            PGPSignatureList pGPSignatureList = (PGPSignatureList) nextObject;
            if (i != -1) {
                pGPSignature = pGPSignatureList.get(i);
                BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream);
                while (true) {
                    int read = bufferedInputStream.read();
                    if (read < 0) {
                        break;
                    }
                    pGPOnePassSignature.update((byte) read);
                }
                bufferedInputStream.close();
            } else {
                pGPSignature = pGPSignatureList.get(0);
            }
            BufferedInputStream bufferedInputStream2 = new BufferedInputStream(inputStream);
            PGPPublicKey publicKey = pGPPublicKeyRing.getPublicKey(pGPSignature.getKeyID());
            if (!KeyManager.isValid(publicKey)) {
                throw new PGPException("Signature key is not valid.");
            }
            pGPSignature.init(new JcaPGPContentVerifierBuilderProvider().setProvider(DEFAULT_PROVIDER), publicKey);
            while (true) {
                int read2 = bufferedInputStream2.read();
                if (read2 < 0) {
                    break;
                }
                pGPSignature.update((byte) read2);
            }
            bufferedInputStream2.close();
            z = pGPSignature.verify();
        }
        inputStream2.close();
        return z;
    }

    public boolean verifySelfSignature(PGPPublicKey pGPPublicKey) throws PGPException, SignatureException {
        boolean z = false;
        boolean z2 = true;
        Iterator signatures = pGPPublicKey.getSignatures();
        while (signatures.hasNext()) {
            PGPSignature pGPSignature = (PGPSignature) signatures.next();
            switch (pGPSignature.getSignatureType()) {
                case 19:
                    String str = (String) pGPPublicKey.getUserIDs().next();
                    pGPSignature.init(new JcaPGPContentVerifierBuilderProvider().setProvider(getDefaultProvider()), pGPPublicKey);
                    z2 = z2 && pGPSignature.verifyCertification(str, pGPPublicKey);
                    z = true;
                    break;
            }
        }
        return z2 && z;
    }

    public boolean verifyKeySignature(PGPPublicKey pGPPublicKey, PGPPublicKey pGPPublicKey2) throws PGPException, SignatureException {
        boolean z = false;
        boolean z2 = true;
        Iterator signatures = pGPPublicKey2.getSignatures();
        while (signatures.hasNext()) {
            PGPSignature pGPSignature = (PGPSignature) signatures.next();
            switch (pGPSignature.getSignatureType()) {
                case 16:
                    String str = (String) pGPPublicKey2.getUserIDs().next();
                    pGPSignature.init(new JcaPGPContentVerifierBuilderProvider().setProvider(getDefaultProvider()), pGPPublicKey);
                    z2 = z2 && pGPSignature.verifyCertification(str, pGPPublicKey2);
                    z = true;
                    break;
                case 48:
                    pGPSignature.init(new JcaPGPContentVerifierBuilderProvider().setProvider(getDefaultProvider()), pGPPublicKey);
                    z2 = z2 && pGPSignature.verifyCertification(pGPPublicKey, pGPPublicKey2);
                    z = true;
                    break;
            }
        }
        return z2 && z;
    }

    public String detachSign(String str, PGPSecretKeyRing pGPSecretKeyRing, char[] cArr) throws PGPException, SignatureException, IOException {
        PGPSignatureGenerator pGPSignatureGenerator = new PGPSignatureGenerator(new JcaPGPContentSignerBuilder(pGPSecretKeyRing.getSecretKey().getPublicKey().getAlgorithm(), 10).setProvider(DEFAULT_PROVIDER));
        if (cArr == null) {
            cArr = KeyTrusteeConstants.defaultPassphrase();
        }
        InputStream inputStream = IOUtils.toInputStream(str);
        pGPSignatureGenerator.init(0, pGPSecretKeyRing.getSecretKey().extractPrivateKey(decryptorBuilderFor(cArr)));
        while (true) {
            int read = inputStream.read();
            if (read < 0) {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                ArmoredOutputStream armoredOutputStream = new ArmoredOutputStream(byteArrayOutputStream);
                armoredOutputStream.setHeader("Version", KeyTrusteeConstants.getVersionedName());
                pGPSignatureGenerator.generate().encode(new BCPGOutputStream(armoredOutputStream));
                inputStream.close();
                armoredOutputStream.flush();
                armoredOutputStream.close();
                return new String(byteArrayOutputStream.toByteArray(), KeyTrusteeConstants.ENCODING);
            }
            pGPSignatureGenerator.update((byte) read);
        }
    }

    static {
        $assertionsDisabled = !Crypto.class.desiredAssertionStatus();
        m_instance = null;
        FP_CALC = new BcKeyFingerprintCalculator();
    }
}
