package name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation;

import java.io.IOException;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Objects;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.algorithms.PGPHashAlgorithms;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.callbacks.KeyringConfigCallbacks;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.KeyRingBuilder;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.internal.KeyRingSubKeyFixUtil;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.type.ECDHKeyType;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.type.ECDSAKeyType;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.type.KeyType;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.type.RSAKeyType;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.type.curve.EllipticCurve;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.type.length.RsaLength;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.keyrings.InMemoryKeyring;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.keyrings.KeyringConfig;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.keyrings.KeyringConfigs;
import name.neuhalfen.projects.crypto.internal.Preconditions;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPKeyPair;
import org.bouncycastle.openpgp.PGPKeyRingGenerator;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor;
import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPKeyPair;
import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyEncryptorBuilder;

/* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/keys/generation/KeyRingBuilderImpl.class */
public class KeyRingBuilderImpl implements KeyRingBuilder, SimpleKeyRingBuilder {
    private static final Charset UTF_8 = Charset.forName("UTF-8");
    private final List<KeySpec> keySpecs = new ArrayList();
    private String userId;
    private Passphrase passphrase;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/keys/generation/KeyRingBuilderImpl$WithPassphraseImpl.class */
    public class WithPassphraseImpl implements KeyRingBuilder.WithPassphrase {

        /* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/keys/generation/KeyRingBuilderImpl$WithPassphraseImpl$BuildImpl.class */
        private class BuildImpl implements KeyRingBuilder.Build {
            private BuildImpl() {
            }

            @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.KeyRingBuilder.Build
            public KeyringConfig build() throws NoSuchAlgorithmException, PGPException, NoSuchProviderException, InvalidAlgorithmParameterException, IOException {
                PGPDigestCalculator pGPDigestCalculator = new JcaPGPDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build().get(PGPHashAlgorithms.SHA1.getAlgorithmId());
                boolean z = !KeyRingBuilderImpl.this.passphrase.isEmpty();
                PBESecretKeyEncryptor build = z ? new JcePBESecretKeyEncryptorBuilder(9, pGPDigestCalculator).setProvider(BouncyCastleProvider.PROVIDER_NAME).build(KeyRingBuilderImpl.this.passphrase.getChars()) : null;
                KeySpec keySpec = (KeySpec) KeyRingBuilderImpl.this.keySpecs.get(0);
                KeyRingBuilderImpl.this.keySpecs.remove(0);
                PGPKeyPair generateKeyPair = generateKeyPair(keySpec);
                PGPKeyRingGenerator pGPKeyRingGenerator = new PGPKeyRingGenerator(19, generateKeyPair, KeyRingBuilderImpl.this.userId, pGPDigestCalculator, keySpec.getSubpackets(), null, new JcaPGPContentSignerBuilder(generateKeyPair.getPublicKey().getAlgorithm(), PGPHashAlgorithms.SHA_512.getAlgorithmId()).setProvider(BouncyCastleProvider.PROVIDER_NAME), build);
                for (KeySpec keySpec2 : KeyRingBuilderImpl.this.keySpecs) {
                    PGPKeyPair generateKeyPair2 = generateKeyPair(keySpec2);
                    if (keySpec2.isInheritedSubPackets()) {
                        pGPKeyRingGenerator.addSubKey(generateKeyPair2);
                    } else {
                        pGPKeyRingGenerator.addSubKey(generateKeyPair2, keySpec2.getSubpackets(), null);
                    }
                }
                PGPPublicKeyRing generatePublicKeyRing = pGPKeyRingGenerator.generatePublicKeyRing();
                PGPSecretKeyRing repairSubkeyPackets = KeyRingSubKeyFixUtil.repairSubkeyPackets(pGPKeyRingGenerator.generateSecretKeyRing(), z ? new JcePBESecretKeyDecryptorBuilder(new JcaPGPDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build()).build(KeyRingBuilderImpl.this.passphrase.getChars()) : null, build);
                InMemoryKeyring forGpgExportedKeys = KeyRingBuilderImpl.this.passphrase.isEmpty() ? KeyringConfigs.forGpgExportedKeys(KeyringConfigCallbacks.withUnprotectedKeys()) : KeyringConfigs.forGpgExportedKeys(KeyringConfigCallbacks.withPassword(KeyRingBuilderImpl.this.passphrase.getChars()));
                forGpgExportedKeys.addSecretKeyRing(repairSubkeyPackets);
                forGpgExportedKeys.addPublicKeyRing(generatePublicKeyRing);
                KeyRingBuilderImpl.this.passphrase.clear();
                return forGpgExportedKeys;
            }

            private PGPKeyPair generateKeyPair(KeySpec keySpec) throws NoSuchProviderException, NoSuchAlgorithmException, PGPException, InvalidAlgorithmParameterException {
                KeyType keyType = keySpec.getKeyType();
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(keyType.getName(), BouncyCastleProvider.PROVIDER_NAME);
                keyPairGenerator.initialize(keyType.getAlgorithmSpec());
                return new JcaPGPKeyPair(keyType.getAlgorithm().getAlgorithmId(), keyPairGenerator.generateKeyPair(), new Date());
            }
        }

        WithPassphraseImpl() {
        }

        @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.KeyRingBuilder.WithPassphrase
        public KeyRingBuilder.Build withPassphrase(Passphrase passphrase) {
            Objects.requireNonNull(passphrase, "passphrase must not be null");
            KeyRingBuilderImpl.this.passphrase = passphrase;
            return new BuildImpl();
        }

        @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.KeyRingBuilder.WithPassphrase
        public KeyRingBuilder.Build withoutPassphrase() {
            KeyRingBuilderImpl.this.passphrase = Passphrase.emptyPassphrase();
            return new BuildImpl();
        }
    }

    /* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/keys/generation/KeyRingBuilderImpl$WithPrimaryUserIdImpl.class */
    class WithPrimaryUserIdImpl implements KeyRingBuilder.WithPrimaryUserId {
        WithPrimaryUserIdImpl() {
        }

        @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.KeyRingBuilder.WithPrimaryUserId
        public KeyRingBuilder.WithPassphrase withPrimaryUserId(String str) {
            Objects.requireNonNull(str, "userId must not be null");
            KeyRingBuilderImpl.this.userId = str;
            return new WithPassphraseImpl();
        }

        @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.KeyRingBuilder.WithPrimaryUserId
        public KeyRingBuilder.WithPassphrase withPrimaryUserId(byte[] bArr) {
            Objects.requireNonNull(bArr, "userId must not be null");
            Preconditions.checkArgument(bArr.length > 0, "userId mus have length >0");
            return withPrimaryUserId(new String(bArr, KeyRingBuilderImpl.UTF_8));
        }
    }

    @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.SimpleKeyRingBuilder
    public KeyringConfig simpleRsaKeyRing(String str, RsaLength rsaLength) throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, IOException {
        Objects.requireNonNull(str, "userId must not be null");
        Objects.requireNonNull(rsaLength, "length must not be null");
        return withSubKey(KeySpec.getBuilder(RSAKeyType.withLength(rsaLength)).allowKeyToBeUsedTo(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS).withDefaultAlgorithms()).withSubKey(KeySpec.getBuilder(RSAKeyType.withLength(rsaLength)).allowKeyToBeUsedTo(KeyFlag.AUTHENTICATION).withDefaultAlgorithms()).withMasterKey(KeySpec.getBuilder(RSAKeyType.withLength(rsaLength)).allowKeyToBeUsedTo(KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA).withDefaultAlgorithms()).withPrimaryUserId(str).withoutPassphrase().build();
    }

    @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.SimpleKeyRingBuilder
    public KeyringConfig simpleEccKeyRing(String str) throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, IOException {
        Objects.requireNonNull(str, "userId must not be null");
        KeySpec withDefaultAlgorithms = KeySpec.getBuilder(ECDHKeyType.fromCurve(EllipticCurve.CURVE_NIST_P256)).allowKeyToBeUsedTo(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS).withDefaultAlgorithms();
        return withSubKey(withDefaultAlgorithms).withSubKey(KeySpec.getBuilder(ECDHKeyType.fromCurve(EllipticCurve.CURVE_NIST_P256)).allowKeyToBeUsedTo(KeyFlag.AUTHENTICATION).withDefaultAlgorithms()).withMasterKey(KeySpec.getBuilder(ECDSAKeyType.fromCurve(EllipticCurve.CURVE_NIST_P256)).allowKeyToBeUsedTo(KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA).withDefaultAlgorithms()).withPrimaryUserId(str).withoutPassphrase().build();
    }

    @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.KeyRingBuilder
    public KeyRingBuilder withSubKey(KeySpec keySpec) {
        Objects.requireNonNull(keySpec, "type must not be null");
        this.keySpecs.add(keySpec);
        return this;
    }

    @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.generation.KeyRingBuilder
    public KeyRingBuilder.WithPrimaryUserId withMasterKey(KeySpec keySpec) {
        Objects.requireNonNull(keySpec, "spec must not be null");
        Preconditions.checkArgument((keySpec.getSubpackets().getKeyFlags() & 1) != 0, "Certification Key MUST have KeyFlag CERTIFY_OTHER)");
        this.keySpecs.add(0, keySpec);
        return new WithPrimaryUserIdImpl();
    }
}
