package org.pgpainless.decryption_verification;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.Iterator;
import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.bcpg.BCPGOutputStream;
import org.bouncycastle.openpgp.PGPCompressedDataGenerator;
import org.bouncycastle.openpgp.PGPEncryptedDataGenerator;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPLiteralDataGenerator;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSignatureGenerator;
import org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator;
import org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder;
import org.bouncycastle.openpgp.operator.bc.BcPGPDataEncryptorBuilder;
import org.bouncycastle.openpgp.operator.bc.BcPublicKeyKeyEncryptionMethodGenerator;
import org.bouncycastle.util.io.Streams;
import org.junit.jupiter.api.AfterAll;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.HashAlgorithm;
import org.pgpainless.key.protection.UnlockSecretKey;
import org.pgpainless.policy.Policy;
import org.pgpainless.util.Passphrase;

/* loaded from: input_file:org/pgpainless/decryption_verification/WrongSignerUserIdTest.class */
public class WrongSignerUserIdTest {
    private static final String KEY = "-----BEGIN PGP PRIVATE KEY BLOCK-----\n   Comment: Alice's OpenPGP Transferable Secret Key\n   Comment: https://www.ietf.org/id/draft-bre-openpgp-samples-01.html\n\n   lFgEXEcE6RYJKwYBBAHaRw8BAQdArjWwk3FAqyiFbFBKT4TzXcVBqPTB3gmzlC/U\n   b7O1u10AAP9XBeW6lzGOLx7zHH9AsUDUTb2pggYGMzd0P3ulJ2AfvQ4RtCZBbGlj\n   ZSBMb3ZlbGFjZSA8YWxpY2VAb3BlbnBncC5leGFtcGxlPoiQBBMWCAA4AhsDBQsJ\n   CAcCBhUKCQgLAgQWAgMBAh4BAheAFiEE64W7X6M6deFelE5j8jFVDE9H444FAl2l\n   nzoACgkQ8jFVDE9H447pKwD6A5xwUqIDprBzrHfahrImaYEZzncqb25vkLV2arYf\n   a78A/R3AwtLQvjxwLDuzk4dUtUwvUYibL2sAHwj2kGaHnfICnF0EXEcE6RIKKwYB\n   BAGXVQEFAQEHQEL/BiGtq0k84Km1wqQw2DIikVYrQrMttN8d7BPfnr4iAwEIBwAA\n   /3/xFPG6U17rhTuq+07gmEvaFYKfxRB6sgAYiW6TMTpQEK6IeAQYFggAIBYhBOuF\n   u1+jOnXhXpROY/IxVQxPR+OOBQJcRwTpAhsMAAoJEPIxVQxPR+OOWdABAMUdSzpM\n   hzGs1O0RkWNQWbUzQ8nUOeD9wNbjE3zR+yfRAQDbYqvtWQKN4AQLTxVJN5X5AWyb\n   Pnn+We1aTBhaGa86AQ==\n   =n8OM\n   -----END PGP PRIVATE KEY BLOCK-----";
    private static final String USER_ID = "Alice Lovelace <alice@openpgp.example>";

    @Test
    public void verificationSucceedsWithDisabledCheck() throws PGPException, IOException {
        executeTest(false, true);
    }

    @Test
    public void verificationFailsWithEnabledCheck() throws PGPException, IOException {
        executeTest(true, false);
    }

    @AfterAll
    public static void resetDefault() {
        PGPainless.getPolicy().setSignerUserIdValidationLevel(Policy.SignerUserIdValidationLevel.DISABLED);
    }

    public void executeTest(boolean z, boolean z2) throws IOException, PGPException {
        PGPainless.getPolicy().setSignerUserIdValidationLevel(z ? Policy.SignerUserIdValidationLevel.STRICT : Policy.SignerUserIdValidationLevel.DISABLED);
        PGPSecretKeyRing secretKeyRing = PGPainless.readKeyRing().secretKeyRing(KEY);
        Assertions.assertEquals(USER_ID, secretKeyRing.getPublicKey().getUserIDs().next());
        verifyTestMessage(generateTestMessage(secretKeyRing), secretKeyRing, z2);
    }

    private void verifyTestMessage(String str, PGPSecretKeyRing pGPSecretKeyRing, boolean z) throws IOException, PGPException {
        DecryptionStream withOptions = PGPainless.decryptAndOrVerify().onInputStream(new ByteArrayInputStream(str.getBytes(StandardCharsets.UTF_8))).withOptions(new ConsumerOptions().addDecryptionKey(pGPSecretKeyRing).addVerificationCert(PGPainless.extractCertificate(pGPSecretKeyRing)));
        Streams.pipeAll(withOptions, new ByteArrayOutputStream());
        withOptions.close();
        MessageMetadata metadata = withOptions.getMetadata();
        if (z) {
            Assertions.assertTrue(metadata.isVerifiedSigned());
        } else {
            Assertions.assertFalse(metadata.isVerifiedSigned());
        }
    }

    private String generateTestMessage(PGPSecretKeyRing pGPSecretKeyRing) throws PGPException, IOException {
        Assertions.assertEquals(USER_ID, PGPainless.extractCertificate(pGPSecretKeyRing).getPublicKey().getUserIDs().next());
        Iterator secretKeys = pGPSecretKeyRing.getSecretKeys();
        PGPSecretKey pGPSecretKey = (PGPSecretKey) secretKeys.next();
        PGPSecretKey pGPSecretKey2 = (PGPSecretKey) secretKeys.next();
        PGPPrivateKey unlockSecretKey = UnlockSecretKey.unlockSecretKey(pGPSecretKey, Passphrase.emptyPassphrase());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ArmoredOutputStream armoredOutputStream = new ArmoredOutputStream(byteArrayOutputStream);
        BcPGPDataEncryptorBuilder bcPGPDataEncryptorBuilder = new BcPGPDataEncryptorBuilder(9);
        bcPGPDataEncryptorBuilder.setWithIntegrityPacket(true);
        PGPEncryptedDataGenerator pGPEncryptedDataGenerator = new PGPEncryptedDataGenerator(bcPGPDataEncryptorBuilder);
        pGPEncryptedDataGenerator.addMethod(new BcPublicKeyKeyEncryptionMethodGenerator(pGPSecretKey2.getPublicKey()));
        OutputStream open = pGPEncryptedDataGenerator.open(armoredOutputStream, new byte[4096]);
        PGPCompressedDataGenerator pGPCompressedDataGenerator = new PGPCompressedDataGenerator(2);
        BCPGOutputStream bCPGOutputStream = new BCPGOutputStream(pGPCompressedDataGenerator.open(open));
        PGPSignatureGenerator pGPSignatureGenerator = new PGPSignatureGenerator(new BcPGPContentSignerBuilder(pGPSecretKey.getPublicKey().getAlgorithm(), HashAlgorithm.SHA512.getAlgorithmId()));
        pGPSignatureGenerator.init(0, unlockSecretKey);
        PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator = new PGPSignatureSubpacketGenerator();
        pGPSignatureSubpacketGenerator.addSignerUserID(false, "Albert Lovelace <albert@openpgp.example>");
        pGPSignatureGenerator.setHashedSubpackets(pGPSignatureSubpacketGenerator.generate());
        pGPSignatureGenerator.generateOnePassVersion(false).encode(bCPGOutputStream);
        OutputStream open2 = new PGPLiteralDataGenerator().open(bCPGOutputStream, 'b', "_CONSOLE", new Date(), new byte[4096]);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(OpenPgpMessageInputStreamTest.PLAINTEXT.getBytes(StandardCharsets.UTF_8));
        while (true) {
            int read = byteArrayInputStream.read();
            if (read < 0) {
                open2.close();
                pGPSignatureGenerator.generate().encode(bCPGOutputStream);
                pGPCompressedDataGenerator.close();
                open.close();
                armoredOutputStream.close();
                return byteArrayOutputStream.toString();
            }
            open2.write(read);
            pGPSignatureGenerator.update((byte) read);
        }
    }
}
