package org.bouncycastle.openpgp.api;

import java.io.File;
import java.io.IOException;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.bcpg.S2K;
import org.bouncycastle.crypto.CryptoServicesRegistrar;
import org.bouncycastle.openpgp.PGPCompressedDataGenerator;
import org.bouncycastle.openpgp.PGPEncryptedDataGenerator;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPLiteralData;
import org.bouncycastle.openpgp.PGPLiteralDataGenerator;
import org.bouncycastle.openpgp.PGPPadding;
import org.bouncycastle.openpgp.PGPSignatureGenerator;
import org.bouncycastle.openpgp.api.OpenPGPCertificate;
import org.bouncycastle.openpgp.api.OpenPGPMessageOutputStream;
import org.bouncycastle.openpgp.api.exception.InvalidEncryptionKeyException;
import org.bouncycastle.openpgp.operator.PBEKeyEncryptionMethodGenerator;
import org.bouncycastle.openpgp.operator.PGPDataEncryptorBuilder;

/* loaded from: input_file:org/bouncycastle/openpgp/api/OpenPGPMessageGenerator.class */
public class OpenPGPMessageGenerator extends AbstractOpenPGPDocumentSignatureGenerator<OpenPGPMessageGenerator> {
    public static final int BUFFER_SIZE = 1024;
    private boolean isArmored;
    public boolean isAllowPadding;
    private final List<OpenPGPCertificate.OpenPGPComponentKey> encryptionKeys;
    private final List<char[]> messagePassphrases;
    private Date fileModificationDate;
    private String filename;
    private char format;
    private PGPEncryptedDataGenerator.SessionKeyExtractionCallback sessionKeyExtractionCallback;
    private ArmoredOutputStreamFactory armorStreamFactory;
    private SubkeySelector encryptionKeySelector;
    private OpenPGPEncryptionNegotiator passwordBasedEncryptionNegotiator;
    private OpenPGPEncryptionNegotiator publicKeyBasedEncryptionNegotiator;
    private final OpenPGPEncryptionNegotiator encryptionNegotiator;
    private CompressionNegotiator compressionNegotiator;

    /* loaded from: input_file:org/bouncycastle/openpgp/api/OpenPGPMessageGenerator$ArmoredOutputStreamFactory.class */
    public interface ArmoredOutputStreamFactory extends OpenPGPMessageOutputStream.OutputStreamFactory {
        @Override // org.bouncycastle.openpgp.api.OpenPGPMessageOutputStream.OutputStreamFactory
        ArmoredOutputStream get(OutputStream outputStream);
    }

    /* loaded from: input_file:org/bouncycastle/openpgp/api/OpenPGPMessageGenerator$CompressionNegotiator.class */
    public interface CompressionNegotiator {
        int negotiateCompression(OpenPGPMessageGenerator openPGPMessageGenerator, OpenPGPPolicy openPGPPolicy);
    }

    public OpenPGPMessageGenerator() {
        this(OpenPGPImplementation.getInstance());
    }

    public OpenPGPMessageGenerator(OpenPGPImplementation openPGPImplementation) {
        this(openPGPImplementation, openPGPImplementation.policy());
    }

    public OpenPGPMessageGenerator(OpenPGPImplementation openPGPImplementation, OpenPGPPolicy openPGPPolicy) {
        super(openPGPImplementation, openPGPPolicy);
        this.isArmored = true;
        this.isAllowPadding = true;
        this.encryptionKeys = new ArrayList();
        this.messagePassphrases = new ArrayList();
        this.fileModificationDate = null;
        this.filename = null;
        this.format = 'b';
        this.armorStreamFactory = new ArmoredOutputStreamFactory() { // from class: org.bouncycastle.openpgp.api.OpenPGPMessageGenerator.6
            @Override // org.bouncycastle.openpgp.api.OpenPGPMessageGenerator.ArmoredOutputStreamFactory, org.bouncycastle.openpgp.api.OpenPGPMessageOutputStream.OutputStreamFactory
            public ArmoredOutputStream get(OutputStream outputStream) {
                return ArmoredOutputStream.builder().clearHeaders().enableCRC(false).build(outputStream);
            }
        };
        this.encryptionKeySelector = new SubkeySelector() { // from class: org.bouncycastle.openpgp.api.OpenPGPMessageGenerator.7
            @Override // org.bouncycastle.openpgp.api.SubkeySelector
            public List<OpenPGPCertificate.OpenPGPComponentKey> select(OpenPGPCertificate openPGPCertificate, OpenPGPPolicy openPGPPolicy2) {
                ArrayList arrayList = new ArrayList();
                for (OpenPGPCertificate.OpenPGPComponentKey openPGPComponentKey : openPGPCertificate.getEncryptionKeys()) {
                    if (openPGPPolicy2.isAcceptablePublicKey(openPGPComponentKey.getPGPPublicKey())) {
                        arrayList.add(openPGPComponentKey);
                    }
                }
                return arrayList;
            }
        };
        this.passwordBasedEncryptionNegotiator = new OpenPGPEncryptionNegotiator() { // from class: org.bouncycastle.openpgp.api.OpenPGPMessageGenerator.8
            @Override // org.bouncycastle.openpgp.api.OpenPGPEncryptionNegotiator
            public MessageEncryptionMechanism negotiateEncryption(OpenPGPMessageGenerator openPGPMessageGenerator) {
                return MessageEncryptionMechanism.aead(9, 2);
            }
        };
        this.publicKeyBasedEncryptionNegotiator = new OpenPGPEncryptionNegotiator() { // from class: org.bouncycastle.openpgp.api.OpenPGPMessageGenerator.9
            @Override // org.bouncycastle.openpgp.api.OpenPGPEncryptionNegotiator
            public MessageEncryptionMechanism negotiateEncryption(OpenPGPMessageGenerator openPGPMessageGenerator) {
                ArrayList arrayList = new ArrayList();
                HashSet hashSet = new HashSet();
                Iterator it = OpenPGPMessageGenerator.this.encryptionKeys.iterator();
                while (it.hasNext()) {
                    OpenPGPCertificate certificate = ((OpenPGPCertificate.OpenPGPComponentKey) it.next()).getCertificate();
                    if (hashSet.add(certificate)) {
                        arrayList.add(certificate);
                    }
                }
                return OpenPGPEncryptionNegotiator.allRecipientsSupportSeipd2(arrayList) ? MessageEncryptionMechanism.aead(OpenPGPEncryptionNegotiator.negotiateAEADCiphersuite(arrayList, OpenPGPMessageGenerator.this.policy).getAlgorithms()[0]) : OpenPGPEncryptionNegotiator.allRecipientsSupportLibrePGPOED(arrayList) ? MessageEncryptionMechanism.librePgp(OpenPGPEncryptionNegotiator.bestOEDEncryptionModeByWeight(arrayList, OpenPGPMessageGenerator.this.policy)) : MessageEncryptionMechanism.integrityProtected(OpenPGPEncryptionNegotiator.bestSymmetricKeyAlgorithmByWeight(arrayList, OpenPGPMessageGenerator.this.policy));
            }
        };
        this.encryptionNegotiator = new OpenPGPEncryptionNegotiator() { // from class: org.bouncycastle.openpgp.api.OpenPGPMessageGenerator.10
            @Override // org.bouncycastle.openpgp.api.OpenPGPEncryptionNegotiator
            public MessageEncryptionMechanism negotiateEncryption(OpenPGPMessageGenerator openPGPMessageGenerator) {
                return (OpenPGPMessageGenerator.this.encryptionKeys.isEmpty() && OpenPGPMessageGenerator.this.messagePassphrases.isEmpty()) ? MessageEncryptionMechanism.unencrypted() : OpenPGPMessageGenerator.this.encryptionKeys.isEmpty() ? OpenPGPMessageGenerator.this.passwordBasedEncryptionNegotiator.negotiateEncryption(openPGPMessageGenerator) : OpenPGPMessageGenerator.this.publicKeyBasedEncryptionNegotiator.negotiateEncryption(openPGPMessageGenerator);
            }
        };
        this.compressionNegotiator = new CompressionNegotiator() { // from class: org.bouncycastle.openpgp.api.OpenPGPMessageGenerator.11
            @Override // org.bouncycastle.openpgp.api.OpenPGPMessageGenerator.CompressionNegotiator
            public int negotiateCompression(OpenPGPMessageGenerator openPGPMessageGenerator, OpenPGPPolicy openPGPPolicy2) {
                return 0;
            }
        };
    }

    public OpenPGPMessageGenerator addEncryptionCertificate(OpenPGPCertificate openPGPCertificate) throws InvalidEncryptionKeyException {
        return addEncryptionCertificate(openPGPCertificate, this.encryptionKeySelector);
    }

    public OpenPGPMessageGenerator addEncryptionCertificate(OpenPGPCertificate openPGPCertificate, SubkeySelector subkeySelector) throws InvalidEncryptionKeyException {
        List<OpenPGPCertificate.OpenPGPComponentKey> select = subkeySelector.select(openPGPCertificate, this.policy);
        if (select.isEmpty()) {
            throw new InvalidEncryptionKeyException(openPGPCertificate);
        }
        this.encryptionKeys.addAll(select);
        return this;
    }

    public OpenPGPMessageGenerator addEncryptionCertificate(OpenPGPCertificate.OpenPGPComponentKey openPGPComponentKey) throws InvalidEncryptionKeyException {
        if (!openPGPComponentKey.isEncryptionKey()) {
            throw new InvalidEncryptionKeyException(openPGPComponentKey);
        }
        this.encryptionKeys.add(openPGPComponentKey);
        return this;
    }

    public OpenPGPMessageGenerator addEncryptionPassphrase(char[] cArr) {
        this.messagePassphrases.add(cArr);
        return this;
    }

    public OpenPGPMessageGenerator setArmored(boolean z) {
        this.isArmored = z;
        return this;
    }

    public OpenPGPMessageGenerator setAllowPadding(boolean z) {
        this.isAllowPadding = z;
        return this;
    }

    public OpenPGPMessageGenerator setFileMetadata(File file) {
        this.filename = file.getName();
        this.fileModificationDate = new Date(file.lastModified());
        this.format = 'b';
        return this;
    }

    public OpenPGPMessageGenerator setSessionKeyExtractionCallback(PGPEncryptedDataGenerator.SessionKeyExtractionCallback sessionKeyExtractionCallback) {
        this.sessionKeyExtractionCallback = sessionKeyExtractionCallback;
        return this;
    }

    public OpenPGPMessageOutputStream open(OutputStream outputStream) throws PGPException, IOException {
        OpenPGPMessageOutputStream.Builder builder = OpenPGPMessageOutputStream.builder();
        applyOptionalAsciiArmor(builder);
        applyOptionalEncryption(builder, this.sessionKeyExtractionCallback);
        applySignatures(builder);
        applyOptionalCompression(builder);
        applyLiteralDataWrap(builder);
        return builder.build(outputStream);
    }

    private void applyOptionalAsciiArmor(OpenPGPMessageOutputStream.Builder builder) {
        if (this.isArmored) {
            builder.armor(this.armorStreamFactory);
        }
    }

    private void applyOptionalEncryption(OpenPGPMessageOutputStream.Builder builder, PGPEncryptedDataGenerator.SessionKeyExtractionCallback sessionKeyExtractionCallback) {
        PBEKeyEncryptionMethodGenerator pbeKeyEncryptionMethodGenerator;
        MessageEncryptionMechanism negotiateEncryption = this.encryptionNegotiator.negotiateEncryption(this);
        if (negotiateEncryption.isEncrypted()) {
            PGPDataEncryptorBuilder pgpDataEncryptorBuilder = this.implementation.pgpDataEncryptorBuilder(negotiateEncryption.getSymmetricKeyAlgorithm());
            switch (negotiateEncryption.getMode()) {
                case SEIPDv1:
                    pgpDataEncryptorBuilder.setWithIntegrityPacket(true);
                    break;
                case SEIPDv2:
                    pgpDataEncryptorBuilder.setWithAEAD(negotiateEncryption.getAeadAlgorithm(), 6);
                    pgpDataEncryptorBuilder.setUseV6AEAD();
                    break;
                case LIBREPGP_OED:
                    pgpDataEncryptorBuilder.setWithAEAD(negotiateEncryption.getAeadAlgorithm(), 6);
                    pgpDataEncryptorBuilder.setUseV5AEAD();
                    break;
            }
            final PGPEncryptedDataGenerator pGPEncryptedDataGenerator = new PGPEncryptedDataGenerator(pgpDataEncryptorBuilder);
            pGPEncryptedDataGenerator.setForceSessionKey(true);
            pGPEncryptedDataGenerator.setSessionKeyExtractionCallback(sessionKeyExtractionCallback);
            Iterator<OpenPGPCertificate.OpenPGPComponentKey> it = this.encryptionKeys.iterator();
            while (it.hasNext()) {
                pGPEncryptedDataGenerator.addMethod(this.implementation.publicKeyKeyEncryptionMethodGenerator(it.next().getPGPPublicKey()));
            }
            for (char[] cArr : this.messagePassphrases) {
                switch (negotiateEncryption.getMode()) {
                    case SEIPDv1:
                    case LIBREPGP_OED:
                        pbeKeyEncryptionMethodGenerator = this.implementation.pbeKeyEncryptionMethodGenerator(cArr);
                        break;
                    case SEIPDv2:
                        pbeKeyEncryptionMethodGenerator = this.implementation.pbeKeyEncryptionMethodGenerator(cArr, S2K.Argon2Params.memoryConstrainedParameters());
                        break;
                }
                PBEKeyEncryptionMethodGenerator pBEKeyEncryptionMethodGenerator = pbeKeyEncryptionMethodGenerator;
                pBEKeyEncryptionMethodGenerator.setSecureRandom(CryptoServicesRegistrar.getSecureRandom());
                pGPEncryptedDataGenerator.addMethod(pBEKeyEncryptionMethodGenerator);
            }
            builder.encrypt(new OpenPGPMessageOutputStream.OutputStreamFactory() { // from class: org.bouncycastle.openpgp.api.OpenPGPMessageGenerator.1
                @Override // org.bouncycastle.openpgp.api.OpenPGPMessageOutputStream.OutputStreamFactory
                public OutputStream get(OutputStream outputStream) throws PGPException, IOException {
                    try {
                        return pGPEncryptedDataGenerator.open(outputStream, new byte[OpenPGPMessageGenerator.BUFFER_SIZE]);
                    } catch (IOException e) {
                        throw new PGPException("Could not open encryptor OutputStream", e);
                    }
                }
            });
            if (negotiateEncryption.getMode() == EncryptedDataPacketType.SEIPDv2 && this.isAllowPadding) {
                builder.padding(new OpenPGPMessageOutputStream.OutputStreamFactory() { // from class: org.bouncycastle.openpgp.api.OpenPGPMessageGenerator.2
                    @Override // org.bouncycastle.openpgp.api.OpenPGPMessageOutputStream.OutputStreamFactory
                    public OutputStream get(OutputStream outputStream) {
                        return new OpenPGPMessageOutputStream.PaddingPacketAppenderOutputStream(outputStream, new OpenPGPMessageOutputStream.PaddingPacketFactory() { // from class: org.bouncycastle.openpgp.api.OpenPGPMessageGenerator.2.1
                            @Override // org.bouncycastle.openpgp.api.OpenPGPMessageOutputStream.PaddingPacketFactory
                            public PGPPadding providePaddingPacket() {
                                return new PGPPadding();
                            }
                        });
                    }
                });
            }
        }
    }

    private void applySignatures(OpenPGPMessageOutputStream.Builder builder) {
        builder.sign(new OpenPGPMessageOutputStream.OutputStreamFactory() { // from class: org.bouncycastle.openpgp.api.OpenPGPMessageGenerator.3
            @Override // org.bouncycastle.openpgp.api.OpenPGPMessageOutputStream.OutputStreamFactory
            public OutputStream get(OutputStream outputStream) throws PGPException, IOException {
                OpenPGPMessageGenerator.this.addSignToGenerator();
                Iterator<PGPSignatureGenerator> it = OpenPGPMessageGenerator.this.signatureGenerators.iterator();
                while (it.hasNext()) {
                    it.next().generateOnePassVersion(it.hasNext()).encode(outputStream);
                }
                return new OpenPGPMessageOutputStream.SignatureGeneratorOutputStream(outputStream, OpenPGPMessageGenerator.this.signatureGenerators);
            }
        });
    }

    private void applyOptionalCompression(OpenPGPMessageOutputStream.Builder builder) {
        int negotiateCompression = this.compressionNegotiator.negotiateCompression(this, this.policy);
        if (negotiateCompression == 0) {
            return;
        }
        final PGPCompressedDataGenerator pGPCompressedDataGenerator = new PGPCompressedDataGenerator(negotiateCompression);
        builder.compress(new OpenPGPMessageOutputStream.OutputStreamFactory() { // from class: org.bouncycastle.openpgp.api.OpenPGPMessageGenerator.4
            @Override // org.bouncycastle.openpgp.api.OpenPGPMessageOutputStream.OutputStreamFactory
            public OutputStream get(OutputStream outputStream) throws PGPException, IOException {
                try {
                    return pGPCompressedDataGenerator.open(outputStream, new byte[OpenPGPMessageGenerator.BUFFER_SIZE]);
                } catch (IOException e) {
                    throw new PGPException("Could not apply compression", e);
                }
            }
        });
    }

    private void applyLiteralDataWrap(OpenPGPMessageOutputStream.Builder builder) {
        final PGPLiteralDataGenerator pGPLiteralDataGenerator = new PGPLiteralDataGenerator();
        builder.literalData(new OpenPGPMessageOutputStream.OutputStreamFactory() { // from class: org.bouncycastle.openpgp.api.OpenPGPMessageGenerator.5
            @Override // org.bouncycastle.openpgp.api.OpenPGPMessageOutputStream.OutputStreamFactory
            public OutputStream get(OutputStream outputStream) throws PGPException, IOException {
                try {
                    return pGPLiteralDataGenerator.open(outputStream, OpenPGPMessageGenerator.this.format, OpenPGPMessageGenerator.this.filename != null ? OpenPGPMessageGenerator.this.filename : "", OpenPGPMessageGenerator.this.fileModificationDate != null ? OpenPGPMessageGenerator.this.fileModificationDate : PGPLiteralData.NOW, new byte[OpenPGPMessageGenerator.BUFFER_SIZE]);
                } catch (IOException e) {
                    throw new PGPException("Could not apply literal data wrapping", e);
                }
            }
        });
    }

    public OpenPGPMessageGenerator setPasswordBasedEncryptionNegotiator(OpenPGPEncryptionNegotiator openPGPEncryptionNegotiator) {
        if (openPGPEncryptionNegotiator == null) {
            throw new NullPointerException();
        }
        this.passwordBasedEncryptionNegotiator = openPGPEncryptionNegotiator;
        return this;
    }

    public OpenPGPMessageGenerator setPublicKeyBasedEncryptionNegotiator(OpenPGPEncryptionNegotiator openPGPEncryptionNegotiator) {
        if (openPGPEncryptionNegotiator == null) {
            throw new NullPointerException();
        }
        this.publicKeyBasedEncryptionNegotiator = openPGPEncryptionNegotiator;
        return this;
    }

    public OpenPGPMessageGenerator setEncryptionKeySelector(SubkeySelector subkeySelector) {
        if (subkeySelector == null) {
            throw new NullPointerException();
        }
        this.encryptionKeySelector = subkeySelector;
        return this;
    }

    public OpenPGPMessageGenerator setCompressionNegotiator(CompressionNegotiator compressionNegotiator) {
        if (compressionNegotiator == null) {
            throw new NullPointerException();
        }
        this.compressionNegotiator = compressionNegotiator;
        return this;
    }

    public OpenPGPMessageGenerator setArmorStreamFactory(ArmoredOutputStreamFactory armoredOutputStreamFactory) {
        if (armoredOutputStreamFactory == null) {
            throw new NullPointerException();
        }
        this.armorStreamFactory = armoredOutputStreamFactory;
        return this;
    }
}
