package org.redline_rpm;

import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.Iterator;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
import org.bouncycastle.openpgp.PGPUtil;
import org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyDecryptorBuilder;
import org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider;
import org.redline_rpm.ChannelWrapper;
import org.redline_rpm.header.AbstractHeader;
import org.redline_rpm.header.Signature;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/redline-1.2.1.jar:org/redline_rpm/SignatureGenerator.class
 */
/* loaded from: input_file:WEB-INF/lib/whitesource-fs-agent-18.5.1.jar:org/redline_rpm/SignatureGenerator.class */
public class SignatureGenerator {
    protected static final int SIGNATURE_SIZE = 287;
    protected final boolean enabled;
    protected AbstractHeader.Entry<byte[]> headerOnlyRSAEntry;
    protected AbstractHeader.Entry<byte[]> headerAndPayloadPGPEntry;
    protected final PGPPrivateKey privateKey;
    protected ChannelWrapper.Key<byte[]> headerOnlyKey = null;
    protected ChannelWrapper.Key<byte[]> headerAndPayloadKey = null;

    public SignatureGenerator(PGPPrivateKey pGPPrivateKey) {
        this.privateKey = pGPPrivateKey;
        this.enabled = pGPPrivateKey != null;
    }

    public SignatureGenerator(File file, String str, String str2) {
        if (file != null) {
            this.privateKey = extractPrivateKey(findMatchingSecretKey(readKeyRings(file), str), str2);
            this.enabled = true;
        } else {
            this.privateKey = null;
            this.enabled = false;
        }
    }

    public void prepare(Signature signature) {
        if (this.enabled) {
            this.headerOnlyRSAEntry = signature.addEntry(Signature.SignatureTag.RSAHEADER, SIGNATURE_SIZE);
            this.headerAndPayloadPGPEntry = signature.addEntry(Signature.SignatureTag.LEGACY_PGP, SIGNATURE_SIZE);
        }
    }

    public void startBeforeHeader(WritableChannelWrapper writableChannelWrapper) {
        if (this.enabled) {
            this.headerOnlyKey = writableChannelWrapper.start(this.privateKey, getAlgorithm());
            this.headerAndPayloadKey = writableChannelWrapper.start(this.privateKey, getAlgorithm());
        }
    }

    public void finishAfterHeader(WritableChannelWrapper writableChannelWrapper) {
        finishEntry(writableChannelWrapper, this.headerOnlyRSAEntry, this.headerOnlyKey);
    }

    public void finishAfterPayload(WritableChannelWrapper writableChannelWrapper) {
        finishEntry(writableChannelWrapper, this.headerAndPayloadPGPEntry, this.headerAndPayloadKey);
    }

    protected PGPSecretKeyRingCollection readKeyRings(File file) {
        try {
            InputStream decoderStream = PGPUtil.getDecoderStream(new BufferedInputStream(new FileInputStream(file)));
            try {
                PGPSecretKeyRingCollection pGPSecretKeyRingCollection = new PGPSecretKeyRingCollection(decoderStream);
                decoderStream.close();
                return pGPSecretKeyRingCollection;
            } catch (Throwable th) {
                decoderStream.close();
                throw th;
            }
        } catch (IOException e) {
            throw new IllegalArgumentException("Could not read key ring file: " + file, e);
        } catch (PGPException e2) {
            throw new IllegalArgumentException("Could not extract key rings from: " + file, e2);
        }
    }

    protected PGPSecretKey findMatchingSecretKey(PGPSecretKeyRingCollection pGPSecretKeyRingCollection, String str) {
        String lowerCase = str != null ? str.toLowerCase() : null;
        Iterator keyRings = pGPSecretKeyRingCollection.getKeyRings();
        while (keyRings.hasNext()) {
            Iterator secretKeys = ((PGPSecretKeyRing) keyRings.next()).getSecretKeys();
            while (secretKeys.hasNext()) {
                PGPSecretKey pGPSecretKey = (PGPSecretKey) secretKeys.next();
                if (pGPSecretKey.isSigningKey() && isMatchingKeyId(pGPSecretKey, lowerCase)) {
                    return pGPSecretKey;
                }
            }
        }
        throw new IllegalArgumentException("Can't find signing key in key rings.");
    }

    protected boolean isMatchingKeyId(PGPSecretKey pGPSecretKey, String str) {
        if (str == null) {
            return true;
        }
        return Long.toHexString(pGPSecretKey.getKeyID()).endsWith(str);
    }

    protected PGPPrivateKey extractPrivateKey(PGPSecretKey pGPSecretKey, String str) {
        try {
            return pGPSecretKey.extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(str.toCharArray()));
        } catch (Exception e) {
            throw new IllegalArgumentException("Could not extract private key from key ring", e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected void finishEntry(WritableChannelWrapper writableChannelWrapper, AbstractHeader.Entry<byte[]> entry, ChannelWrapper.Key<byte[]> key) {
        if (this.enabled) {
            checkKey(key);
            checkEntry(entry);
            entry.setValues(writableChannelWrapper.finish(key));
        }
    }

    protected void checkEntry(AbstractHeader.Entry<byte[]> entry) {
        if (entry == null) {
            throw new IllegalStateException("Entry not initialized. Please call prepare() first");
        }
    }

    protected void checkKey(ChannelWrapper.Key<byte[]> key) {
        if (key == null) {
            throw new IllegalStateException("Key is not initialized. Please call startBeforeHeader() first.");
        }
    }

    public boolean isEnabled() {
        return this.enabled;
    }

    protected int getAlgorithm() {
        if (this.privateKey != null) {
            return this.privateKey.getPublicKeyPacket().getAlgorithm();
        }
        return 0;
    }
}
