package sop.cli.picocli.commands;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import picocli.CommandLine;
import sop.DecryptionResult;
import sop.SessionKey;
import sop.Verification;
import sop.cli.picocli.SopCLI;
import sop.exception.SOPGPException;
import sop.operation.Decrypt;

@CommandLine.Command(name = "decrypt", resourceBundle = "msg_decrypt", exitCodeOnInvalidInput = SOPGPException.UnsupportedOption.EXIT_CODE)
/* loaded from: input_file:sop/cli/picocli/commands/DecryptCmd.class */
public class DecryptCmd extends AbstractSopCmd {
    private static final String OPT_SESSION_KEY_OUT = "--session-key-out";
    private static final String OPT_WITH_SESSION_KEY = "--with-session-key";
    private static final String OPT_WITH_PASSWORD = "--with-password";
    private static final String OPT_WITH_KEY_PASSWORD = "--with-key-password";
    private static final String OPT_VERIFICATIONS_OUT = "--verifications-out";
    private static final String OPT_VERIFY_WITH = "--verify-with";
    private static final String OPT_NOT_BEFORE = "--verify-not-before";
    private static final String OPT_NOT_AFTER = "--verify-not-after";

    @CommandLine.Option(names = {OPT_SESSION_KEY_OUT}, paramLabel = "SESSIONKEY")
    String sessionKeyOut;

    @CommandLine.Option(names = {OPT_VERIFICATIONS_OUT, "--verify-out"}, paramLabel = "VERIFICATIONS")
    String verifyOut;

    @CommandLine.Option(names = {OPT_WITH_SESSION_KEY}, paramLabel = "SESSIONKEY")
    List<String> withSessionKey = new ArrayList();

    @CommandLine.Option(names = {OPT_WITH_PASSWORD}, paramLabel = "PASSWORD")
    List<String> withPassword = new ArrayList();

    @CommandLine.Option(names = {OPT_VERIFY_WITH}, paramLabel = "CERT")
    List<String> certs = new ArrayList();

    @CommandLine.Option(names = {OPT_NOT_BEFORE}, paramLabel = "DATE")
    String notBefore = "-";

    @CommandLine.Option(names = {OPT_NOT_AFTER}, paramLabel = "DATE")
    String notAfter = "now";

    @CommandLine.Parameters(index = "0..*", paramLabel = "KEY")
    List<String> keys = new ArrayList();

    @CommandLine.Option(names = {OPT_WITH_KEY_PASSWORD}, paramLabel = "PASSWORD")
    List<String> withKeyPassword = new ArrayList();

    @Override // java.lang.Runnable
    public void run() {
        Decrypt decrypt = (Decrypt) throwIfUnsupportedSubcommand(SopCLI.getSop().decrypt(), "decrypt");
        throwIfOutputExists(this.verifyOut);
        throwIfOutputExists(this.sessionKeyOut);
        setNotAfter(this.notAfter, decrypt);
        setNotBefore(this.notBefore, decrypt);
        setWithPasswords(this.withPassword, decrypt);
        setWithSessionKeys(this.withSessionKey, decrypt);
        setWithKeyPassword(this.withKeyPassword, decrypt);
        setVerifyWith(this.certs, decrypt);
        setDecryptWith(this.keys, decrypt);
        if (this.verifyOut != null && this.certs.isEmpty()) {
            throw new SOPGPException.IncompleteVerification(getMsg("sop.error.usage.option_requires_other_option", OPT_VERIFICATIONS_OUT, OPT_VERIFY_WITH));
        }
        try {
            DecryptionResult writeTo = decrypt.ciphertext(System.in).writeTo(System.out);
            writeSessionKeyOut(writeTo);
            writeVerifyOut(writeTo);
        } catch (IOException e) {
            throw new RuntimeException(e);
        } catch (SOPGPException.BadData e2) {
            throw new SOPGPException.BadData(getMsg("sop.error.input.stdin_not_a_message"), e2);
        } catch (SOPGPException.CannotDecrypt e3) {
            throw new SOPGPException.CannotDecrypt(getMsg("sop.error.runtime.cannot_decrypt_message"), e3);
        }
    }

    private void writeVerifyOut(DecryptionResult decryptionResult) throws IOException {
        if (this.verifyOut != null) {
            if (decryptionResult.getVerifications().isEmpty()) {
                throw new SOPGPException.NoSignature(getMsg("sop.error.runtime.no_verifiable_signature_found"));
            }
            OutputStream output = getOutput(this.verifyOut);
            try {
                PrintWriter printWriter = new PrintWriter(output);
                Iterator<Verification> it = decryptionResult.getVerifications().iterator();
                while (it.hasNext()) {
                    printWriter.println(it.next().toString());
                }
                printWriter.flush();
                if (output != null) {
                    output.close();
                }
            } catch (Throwable th) {
                if (output != null) {
                    try {
                        output.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
    }

    private void writeSessionKeyOut(DecryptionResult decryptionResult) throws IOException {
        if (this.sessionKeyOut == null) {
            return;
        }
        OutputStream output = getOutput(this.sessionKeyOut);
        try {
            if (!decryptionResult.getSessionKey().isPresent()) {
                throw new SOPGPException.UnsupportedOption(String.format(getMsg("sop.error.runtime.no_session_key_extracted"), OPT_SESSION_KEY_OUT));
            }
            SessionKey sessionKey = decryptionResult.getSessionKey().get();
            PrintWriter printWriter = new PrintWriter(output);
            printWriter.println(sessionKey.toString());
            printWriter.flush();
            if (output != null) {
                output.close();
            }
        } catch (Throwable th) {
            if (output != null) {
                try {
                    output.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private void setDecryptWith(List<String> list, Decrypt decrypt) {
        for (String str : list) {
            try {
                InputStream input = getInput(str);
                try {
                    decrypt.withKey(input);
                    if (input != null) {
                        input.close();
                    }
                } finally {
                }
            } catch (IOException e) {
                throw new RuntimeException(e);
            } catch (SOPGPException.BadData e2) {
                throw new SOPGPException.BadData(getMsg("sop.error.input.not_a_private_key", str), e2);
            } catch (SOPGPException.KeyIsProtected e3) {
                throw new SOPGPException.KeyIsProtected(getMsg("sop.error.runtime.cannot_unlock_key", str), e3);
            }
        }
    }

    private void setVerifyWith(List<String> list, Decrypt decrypt) {
        for (String str : list) {
            try {
                InputStream input = getInput(str);
                try {
                    decrypt.verifyWithCert(input);
                    if (input != null) {
                        input.close();
                    }
                } finally {
                }
            } catch (IOException e) {
                throw new RuntimeException(e);
            } catch (SOPGPException.BadData e2) {
                throw new SOPGPException.BadData(getMsg("sop.error.input.not_a_certificate", str), e2);
            }
        }
    }

    private void setWithSessionKeys(List<String> list, Decrypt decrypt) {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            try {
                try {
                    try {
                        decrypt.withSessionKey(SessionKey.fromString(stringFromInputStream(getInput(it.next()))));
                    } catch (SOPGPException.UnsupportedOption e) {
                        throw new SOPGPException.UnsupportedOption(getMsg("sop.error.feature_support.option_not_supported", OPT_WITH_SESSION_KEY), e);
                    }
                } catch (IllegalArgumentException e2) {
                    throw new IllegalArgumentException(getMsg("sop.error.input.malformed_session_key"), e2);
                }
            } catch (IOException e3) {
                throw new RuntimeException(e3);
            }
        }
    }

    private void setWithPasswords(List<String> list, Decrypt decrypt) {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            try {
                decrypt.withPassword(stringFromInputStream(getInput(it.next())));
            } catch (IOException e) {
                throw new RuntimeException(e);
            } catch (SOPGPException.UnsupportedOption e2) {
                throw new SOPGPException.UnsupportedOption(getMsg("sop.error.feature_support.option_not_supported", OPT_WITH_PASSWORD), e2);
            }
        }
    }

    private void setWithKeyPassword(List<String> list, Decrypt decrypt) {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            try {
                decrypt.withKeyPassword(stringFromInputStream(getInput(it.next())));
            } catch (IOException e) {
                throw new RuntimeException(e);
            } catch (SOPGPException.UnsupportedOption e2) {
                throw new SOPGPException.UnsupportedOption(getMsg("sop.error.feature_support.option_not_supported", OPT_WITH_KEY_PASSWORD), e2);
            }
        }
    }

    private void setNotAfter(String str, Decrypt decrypt) {
        try {
            decrypt.verifyNotAfter(parseNotAfter(str));
        } catch (SOPGPException.UnsupportedOption e) {
            throw new SOPGPException.UnsupportedOption(getMsg("sop.error.feature_support.option_not_supported", OPT_NOT_AFTER), e);
        }
    }

    private void setNotBefore(String str, Decrypt decrypt) {
        try {
            decrypt.verifyNotBefore(parseNotBefore(str));
        } catch (SOPGPException.UnsupportedOption e) {
            throw new SOPGPException.UnsupportedOption(getMsg("sop.error.feature_support.option_not_supported", OPT_NOT_BEFORE), e);
        }
    }
}
