package org.mule.module.pgp;

import cryptix.jce.provider.CryptixCrypto;
import cryptix.message.EncryptedMessage;
import cryptix.message.EncryptedMessageBuilder;
import cryptix.message.LiteralMessageBuilder;
import cryptix.message.Message;
import cryptix.message.MessageFactory;
import cryptix.message.SignedMessageBuilder;
import cryptix.openpgp.PGPArmouredMessage;
import cryptix.openpgp.PGPSignedMessage;
import cryptix.openpgp.packet.PGPSignaturePacket;
import cryptix.openpgp.provider.CryptixOpenPGP;
import cryptix.openpgp.provider.PGPDetachedSignatureMessageImpl;
import cryptix.pki.KeyBundle;
import java.io.ByteArrayInputStream;
import java.security.Security;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.mule.RequestContext;
import org.mule.api.lifecycle.InitialisationException;
import org.mule.api.security.CredentialsAccessor;
import org.mule.api.security.CryptoFailureException;
import org.mule.config.i18n.CoreMessages;
import org.mule.security.AbstractNamedEncryptionStrategy;

/* loaded from: input_file:org/mule/module/pgp/KeyBasedEncryptionStrategy.class */
public class KeyBasedEncryptionStrategy extends AbstractNamedEncryptionStrategy {
    protected static final Log logger = LogFactory.getLog(KeyBasedEncryptionStrategy.class);
    private PGPKeyRing keyManager;
    private CredentialsAccessor credentialsAccessor;

    public byte[] encrypt(byte[] bArr, Object obj) throws CryptoFailureException {
        PGPCryptInfo pGPCryptInfo;
        KeyBundle keyBundle;
        try {
            if (obj == null) {
                keyBundle = this.keyManager.getKeyBundle((String) this.credentialsAccessor.getCredentials(RequestContext.getEvent()));
                pGPCryptInfo = new PGPCryptInfo(keyBundle, false);
            } else {
                pGPCryptInfo = (PGPCryptInfo) obj;
                keyBundle = pGPCryptInfo.getKeyBundle();
            }
            LiteralMessageBuilder literalMessageBuilder = LiteralMessageBuilder.getInstance("OpenPGP");
            literalMessageBuilder.init(bArr);
            Message build = literalMessageBuilder.build();
            if (pGPCryptInfo.isSignRequested()) {
                SignedMessageBuilder signedMessageBuilder = SignedMessageBuilder.getInstance("OpenPGP");
                signedMessageBuilder.init(build);
                signedMessageBuilder.addSigner(this.keyManager.getSecretKeyBundle(), this.keyManager.getSecretPassphrase().toCharArray());
                build = signedMessageBuilder.build();
            }
            EncryptedMessageBuilder encryptedMessageBuilder = EncryptedMessageBuilder.getInstance("OpenPGP");
            encryptedMessageBuilder.init(build);
            encryptedMessageBuilder.addRecipient(keyBundle);
            return new PGPArmouredMessage(encryptedMessageBuilder.build()).getEncoded();
        } catch (Exception e) {
            throw new CryptoFailureException(this, e);
        }
    }

    public byte[] decrypt(byte[] bArr, Object obj) throws CryptoFailureException {
        try {
            EncryptedMessage encryptedMessage = (Message) MessageFactory.getInstance("OpenPGP").generateMessages(new ByteArrayInputStream(bArr)).iterator().next();
            if (!(encryptedMessage instanceof EncryptedMessage)) {
                return bArr;
            }
            Message decrypt = encryptedMessage.decrypt(this.keyManager.getSecretKeyBundle(), this.keyManager.getSecretPassphrase().toCharArray());
            applyStrongEncryptionWorkaround(decrypt);
            return new PGPArmouredMessage(decrypt).getEncoded();
        } catch (Exception e) {
            throw new CryptoFailureException(this, e);
        }
    }

    private void applyStrongEncryptionWorkaround(Message message) throws Exception {
        if (message instanceof PGPSignedMessage) {
            PGPDetachedSignatureMessageImpl detachedSignature = ((PGPSignedMessage) message).getDetachedSignature();
            if (detachedSignature instanceof PGPDetachedSignatureMessageImpl) {
                PGPSignaturePacket packet = detachedSignature.getPacket();
                if (packet.getVersion() == 4) {
                    packet.parseSignatureSubPackets();
                }
            }
        }
    }

    public void initialise() throws InitialisationException {
        try {
            Security.addProvider(new CryptixCrypto());
            Security.addProvider(new CryptixOpenPGP());
        } catch (Exception e) {
            throw new InitialisationException(CoreMessages.failedToCreate("KeyBasedEncryptionStrategy"), e, this);
        }
    }

    public PGPKeyRing getKeyManager() {
        return this.keyManager;
    }

    public void setKeyManager(PGPKeyRing pGPKeyRing) {
        this.keyManager = pGPKeyRing;
    }

    public CredentialsAccessor getCredentialsAccessor() {
        return this.credentialsAccessor;
    }

    public void setCredentialsAccessor(CredentialsAccessor credentialsAccessor) {
        this.credentialsAccessor = credentialsAccessor;
    }
}
