package org.craftercms.commons.crypto;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.file.Path;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Security;
import java.security.interfaces.RSAPrivateCrtKey;
import java.util.Date;
import java.util.Iterator;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.bcpg.RSASecretBCPGKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openpgp.PGPCompressedData;
import org.bouncycastle.openpgp.PGPCompressedDataGenerator;
import org.bouncycastle.openpgp.PGPEncryptedDataGenerator;
import org.bouncycastle.openpgp.PGPEncryptedDataList;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPKeyPair;
import org.bouncycastle.openpgp.PGPLiteralData;
import org.bouncycastle.openpgp.PGPObjectFactory;
import org.bouncycastle.openpgp.PGPOnePassSignatureList;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyEncryptedData;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
import org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
import org.bouncycastle.openpgp.PGPUtil;
import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
import org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPKeyConverter;
import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyEncryptorBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyDataDecryptorFactoryBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator;

/* loaded from: input_file:WEB-INF/lib/crafter-commons-utilities-3.1.30E.jar:org/craftercms/commons/crypto/PGPUtils.class */
public abstract class PGPUtils {
    public static final String ALGORITHM = "RSA";
    public static final String PROVIDER = "BC";

    public static void createKeyPair(int i, String str, char[] cArr, OutputStream outputStream, OutputStream outputStream2) throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", PROVIDER);
        keyPairGenerator.initialize(i, SecureRandom.getInstanceStrong());
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        PGPPublicKey pGPPublicKey = new JcaPGPKeyConverter().getPGPPublicKey(1, generateKeyPair.getPublic(), new Date());
        RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) generateKeyPair.getPrivate();
        PGPKeyPair pGPKeyPair = new PGPKeyPair(pGPPublicKey, new PGPPrivateKey(pGPPublicKey.getKeyID(), pGPPublicKey.getPublicKeyPacket(), new RSASecretBCPGKey(rSAPrivateCrtKey.getPrivateExponent(), rSAPrivateCrtKey.getPrimeP(), rSAPrivateCrtKey.getPrimeQ())));
        PGPDigestCalculator pGPDigestCalculator = new JcaPGPDigestCalculatorProviderBuilder().build().get(2);
        PGPSecretKey pGPSecretKey = new PGPSecretKey(16, pGPKeyPair, str, pGPDigestCalculator, (PGPSignatureSubpacketVector) null, (PGPSignatureSubpacketVector) null, new JcaPGPContentSignerBuilder(pGPKeyPair.getPublicKey().getAlgorithm(), 2), new JcePBESecretKeyEncryptorBuilder(3, pGPDigestCalculator).setProvider(PROVIDER).build(cArr));
        ArmoredOutputStream armoredOutputStream = new ArmoredOutputStream(outputStream);
        Throwable th = null;
        try {
            ArmoredOutputStream armoredOutputStream2 = new ArmoredOutputStream(outputStream2);
            Throwable th2 = null;
            try {
                pGPSecretKey.encode(armoredOutputStream);
                pGPSecretKey.getPublicKey().encode(armoredOutputStream2);
                if (armoredOutputStream2 != null) {
                    if (0 != 0) {
                        try {
                            armoredOutputStream2.close();
                        } catch (Throwable th3) {
                            th2.addSuppressed(th3);
                        }
                    } else {
                        armoredOutputStream2.close();
                    }
                }
                if (armoredOutputStream != null) {
                    if (0 == 0) {
                        armoredOutputStream.close();
                        return;
                    }
                    try {
                        armoredOutputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                }
            } catch (Throwable th5) {
                if (armoredOutputStream2 != null) {
                    if (0 != 0) {
                        try {
                            armoredOutputStream2.close();
                        } catch (Throwable th6) {
                            th2.addSuppressed(th6);
                        }
                    } else {
                        armoredOutputStream2.close();
                    }
                }
                throw th5;
            }
        } catch (Throwable th7) {
            if (armoredOutputStream != null) {
                if (0 != 0) {
                    try {
                        armoredOutputStream.close();
                    } catch (Throwable th8) {
                        th.addSuppressed(th8);
                    }
                } else {
                    armoredOutputStream.close();
                }
            }
            throw th7;
        }
    }

    public static PGPPublicKey getPublicKey(InputStream inputStream) throws Exception {
        PGPPublicKey pGPPublicKey = null;
        Iterator keyRings = new PGPPublicKeyRingCollection(PGPUtil.getDecoderStream(inputStream), new BcKeyFingerprintCalculator()).getKeyRings();
        while (pGPPublicKey == null && keyRings.hasNext()) {
            Iterator publicKeys = ((PGPPublicKeyRing) keyRings.next()).getPublicKeys();
            while (pGPPublicKey == null && publicKeys.hasNext()) {
                PGPPublicKey pGPPublicKey2 = (PGPPublicKey) publicKeys.next();
                if (pGPPublicKey2.isEncryptionKey()) {
                    pGPPublicKey = pGPPublicKey2;
                }
            }
        }
        return pGPPublicKey;
    }

    public static void encrypt(Path path, InputStream inputStream, OutputStream outputStream) throws Exception {
        PGPPublicKey publicKey = getPublicKey(inputStream);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Throwable th = null;
        try {
            ArmoredOutputStream armoredOutputStream = new ArmoredOutputStream(outputStream);
            Throwable th2 = null;
            try {
                try {
                    PGPCompressedDataGenerator pGPCompressedDataGenerator = new PGPCompressedDataGenerator(1);
                    PGPUtil.writeFileToLiteralData(pGPCompressedDataGenerator.open(byteArrayOutputStream), 'b', path.toFile());
                    pGPCompressedDataGenerator.close();
                    PGPEncryptedDataGenerator pGPEncryptedDataGenerator = new PGPEncryptedDataGenerator(new JcePGPDataEncryptorBuilder(3).setWithIntegrityPacket(true).setSecureRandom(new SecureRandom()).setProvider(PROVIDER));
                    pGPEncryptedDataGenerator.addMethod(new JcePublicKeyKeyEncryptionMethodGenerator(publicKey).setProvider(PROVIDER).setSecureRandom(new SecureRandom()));
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    OutputStream open = pGPEncryptedDataGenerator.open(armoredOutputStream, byteArray.length);
                    open.write(byteArray);
                    open.close();
                    if (armoredOutputStream != null) {
                        if (0 != 0) {
                            try {
                                armoredOutputStream.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            armoredOutputStream.close();
                        }
                    }
                    if (byteArrayOutputStream != null) {
                        if (0 == 0) {
                            byteArrayOutputStream.close();
                            return;
                        }
                        try {
                            byteArrayOutputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    }
                } catch (Throwable th5) {
                    th2 = th5;
                    throw th5;
                }
            } catch (Throwable th6) {
                if (armoredOutputStream != null) {
                    if (th2 != null) {
                        try {
                            armoredOutputStream.close();
                        } catch (Throwable th7) {
                            th2.addSuppressed(th7);
                        }
                    } else {
                        armoredOutputStream.close();
                    }
                }
                throw th6;
            }
        } catch (Throwable th8) {
            if (byteArrayOutputStream != null) {
                if (0 != 0) {
                    try {
                        byteArrayOutputStream.close();
                    } catch (Throwable th9) {
                        th.addSuppressed(th9);
                    }
                } else {
                    byteArrayOutputStream.close();
                }
            }
            throw th8;
        }
    }

    public static void decrypt(InputStream inputStream, OutputStream outputStream, InputStream inputStream2, char[] cArr) throws Exception {
        BcKeyFingerprintCalculator bcKeyFingerprintCalculator = new BcKeyFingerprintCalculator();
        PGPObjectFactory pGPObjectFactory = new PGPObjectFactory(PGPUtil.getDecoderStream(inputStream), bcKeyFingerprintCalculator);
        Object nextObject = pGPObjectFactory.nextObject();
        Iterator encryptedDataObjects = (nextObject instanceof PGPEncryptedDataList ? (PGPEncryptedDataList) nextObject : (PGPEncryptedDataList) pGPObjectFactory.nextObject()).getEncryptedDataObjects();
        PGPPrivateKey pGPPrivateKey = null;
        PGPPublicKeyEncryptedData pGPPublicKeyEncryptedData = null;
        while (pGPPrivateKey == null && encryptedDataObjects.hasNext()) {
            pGPPublicKeyEncryptedData = (PGPPublicKeyEncryptedData) encryptedDataObjects.next();
            pGPPrivateKey = findSecretKey(inputStream2, pGPPublicKeyEncryptedData.getKeyID(), cArr);
        }
        if (pGPPrivateKey == null) {
            throw new IllegalArgumentException("Secret key for message not found.");
        }
        decryptData(pGPPrivateKey, pGPPublicKeyEncryptedData, bcKeyFingerprintCalculator, outputStream);
    }

    protected static PGPPrivateKey findSecretKey(InputStream inputStream, long j, char[] cArr) throws Exception {
        PGPSecretKey secretKey = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(inputStream), new BcKeyFingerprintCalculator()).getSecretKey(j);
        if (secretKey == null) {
            return null;
        }
        return secretKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder(new JcaPGPDigestCalculatorProviderBuilder().setProvider(PROVIDER).build()).setProvider(PROVIDER).build(cArr));
    }

    protected static void decryptData(PGPPrivateKey pGPPrivateKey, PGPPublicKeyEncryptedData pGPPublicKeyEncryptedData, BcKeyFingerprintCalculator bcKeyFingerprintCalculator, OutputStream outputStream) throws PGPException, IOException {
        Object nextObject = new PGPObjectFactory(pGPPublicKeyEncryptedData.getDataStream(new JcePublicKeyDataDecryptorFactoryBuilder().setProvider(PROVIDER).setContentProvider(PROVIDER).build(pGPPrivateKey)), bcKeyFingerprintCalculator).nextObject();
        if (nextObject instanceof PGPCompressedData) {
            nextObject = new PGPObjectFactory(((PGPCompressedData) nextObject).getDataStream(), bcKeyFingerprintCalculator).nextObject();
        }
        if (!(nextObject instanceof PGPLiteralData)) {
            if (!(nextObject instanceof PGPOnePassSignatureList)) {
                throw new PGPException("Message is not a simple encrypted file - type unknown.");
            }
            throw new PGPException("Encrypted message contains a signed message - not literal data.");
        }
        InputStream inputStream = ((PGPLiteralData) nextObject).getInputStream();
        Throwable th = null;
        try {
            try {
                IOUtils.copy(inputStream, outputStream);
                if (inputStream != null) {
                    if (0 != 0) {
                        try {
                            inputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        inputStream.close();
                    }
                }
                if (pGPPublicKeyEncryptedData.isIntegrityProtected() && !pGPPublicKeyEncryptedData.verify()) {
                    throw new PGPException("Message failed integrity check");
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (inputStream != null) {
                if (th != null) {
                    try {
                        inputStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    inputStream.close();
                }
            }
            throw th4;
        }
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
