package org.mule.module.pgp;

import cryptix.jce.provider.CryptixCrypto;
import cryptix.message.Message;
import cryptix.message.MessageException;
import cryptix.message.SignedMessage;
import cryptix.openpgp.provider.CryptixOpenPGP;
import cryptix.pki.KeyBundle;
import java.security.Security;
import org.mule.api.lifecycle.InitialisationException;
import org.mule.api.security.Authentication;
import org.mule.api.security.SecurityException;
import org.mule.api.security.UnauthorisedException;
import org.mule.config.i18n.CoreMessages;
import org.mule.module.pgp.i18n.PGPMessages;
import org.mule.security.AbstractSecurityProvider;

/* loaded from: input_file:org/mule/module/pgp/PGPSecurityProvider.class */
public class PGPSecurityProvider extends AbstractSecurityProvider {
    private PGPKeyRing keyManager;

    public PGPSecurityProvider() {
        super("pgp");
    }

    public Authentication authenticate(Authentication authentication) throws SecurityException {
        PGPAuthentication pGPAuthentication = (PGPAuthentication) authentication;
        String str = (String) pGPAuthentication.getPrincipal();
        if (str == null) {
            throw new UnauthorisedException(CoreMessages.objectIsNull("UserId"));
        }
        KeyBundle keyBundle = this.keyManager.getKeyBundle(str);
        if (keyBundle == null) {
            throw new UnauthorisedException(PGPMessages.noPublicKeyForUser(str));
        }
        SignedMessage signedMessage = (Message) pGPAuthentication.getCredentials();
        if (signedMessage instanceof SignedMessage) {
            try {
                if (!signedMessage.verify(keyBundle)) {
                    throw new UnauthorisedException(PGPMessages.invalidSignature());
                }
            } catch (MessageException e) {
                throw new UnauthorisedException(PGPMessages.errorVerifySignature(), e);
            }
        }
        pGPAuthentication.setAuthenticated(true);
        pGPAuthentication.setDetails(keyBundle);
        return pGPAuthentication;
    }

    public boolean supports(Class cls) {
        return PGPAuthentication.class.isAssignableFrom(cls);
    }

    protected void doInitialise() throws InitialisationException {
        try {
            Security.addProvider(new CryptixCrypto());
            Security.addProvider(new CryptixOpenPGP());
            setSecurityContextFactory(new PGPSecurityContextFactory());
        } catch (Exception e) {
            throw new InitialisationException(CoreMessages.failedToCreate("PGPProvider"), e, this);
        }
    }

    public PGPKeyRing getKeyManager() {
        return this.keyManager;
    }

    public void setKeyManager(PGPKeyRing pGPKeyRing) {
        this.keyManager = pGPKeyRing;
    }
}
