package org.pgpainless.key.generation;

import androidx.paging.DataSource;
import androidx.work.impl.model.WorkSpecDao_Impl;
import j$.util.DesugarCollections;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import kotlin.ResultKt;
import kotlin.collections.CollectionsKt;
import kotlin.collections.CollectionsKt__CollectionsKt;
import kotlin.jvm.internal.Intrinsics;
import okhttp3.ConnectionPool;
import okhttp3.Headers;
import okhttp3.Request;
import openpgp.LongExtensionsKt;
import org.bouncycastle.bcpg.PublicKeyPacket;
import org.bouncycastle.bcpg.PublicSubkeyPacket;
import org.bouncycastle.bcpg.SignatureSubpacket;
import org.bouncycastle.bcpg.sig.EmbeddedSignature;
import org.bouncycastle.bcpg.sig.KeyFlags;
import org.bouncycastle.crypto.macs.KGMac;
import org.bouncycastle.math.ec.WNafUtil;
import org.bouncycastle.math.raw.Mod;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPadding;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.PGPSignatureGenerator;
import org.bouncycastle.util.Pack;
import org.bouncycastle.util.Strings;
import org.pgpainless.algorithm.PublicKeyAlgorithm;
import org.pgpainless.implementation.BcImplementationFactory;
import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.policy.Policy;
import org.pgpainless.util.Passphrase;
import rs.ltt.jmap.client.JmapClient;

/* loaded from: classes.dex */
public final class KeyRingBuilder {
    public KeySpec primaryKeySpec;
    public final ArrayList subKeySpecs = new ArrayList();
    public final LinkedHashMap userIds = new LinkedHashMap();
    public Passphrase passphrase = new Passphrase(null);
    public final Date expirationDate = new Date(System.currentTimeMillis() + 157680000000L);

    public static ConnectionPool addPrimaryKeyBindingSignatureIfNecessary(WNafUtil.AnonymousClass3 anonymousClass3, WNafUtil.AnonymousClass3 anonymousClass32, ConnectionPool connectionPool) {
        SignatureSubpacket subpacket = connectionPool.getSubpacket(27);
        int flags = subpacket == null ? 0 : ((KeyFlags) subpacket).getFlags();
        if ((flags & 2) != 2 && (flags & 1) != 1) {
            return connectionPool;
        }
        PGPSignatureGenerator pGPSignatureGenerator = new PGPSignatureGenerator(buildContentSigner(anonymousClass32), 4);
        pGPSignatureGenerator.init(25, (PGPPrivateKey) anonymousClass32.val$pointMap);
        PGPPublicKey pGPPublicKey = (PGPPublicKey) anonymousClass3.val$fromWNaf;
        PGPPublicKey pGPPublicKey2 = (PGPPublicKey) anonymousClass32.val$fromWNaf;
        pGPSignatureGenerator.updateWithPublicKey(pGPPublicKey);
        pGPSignatureGenerator.updateWithPublicKey(pGPPublicKey2);
        PGPSignature generate = pGPSignatureGenerator.generate();
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(Arrays.asList((SignatureSubpacket[]) connectionPool.delegate));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        generate.encode(byteArrayOutputStream);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byte[] bArr = new byte[byteArray.length - 1 > 256 ? byteArray.length - 3 : byteArray.length - 2];
        System.arraycopy(byteArray, byteArray.length - bArr.length, bArr, 0, bArr.length);
        arrayList.add(new EmbeddedSignature(false, false, bArr));
        return new ConnectionPool(13, (SignatureSubpacket[]) arrayList.toArray(new SignatureSubpacket[0]));
    }

    public static DataSource.Params buildContentSigner(WNafUtil.AnonymousClass3 anonymousClass3) {
        PGPPadding pGPPadding = Policy.Companion;
        Policy policy = Policy.INSTANCE;
        if (policy == null) {
            synchronized (pGPPadding) {
                policy = Policy.INSTANCE;
                if (policy == null) {
                    policy = new Policy();
                    Policy.INSTANCE = policy;
                }
            }
        }
        policy.certificationSignatureHashAlgorithmPolicy.getClass();
        BcImplementationFactory bcImplementationFactory = BcImplementationFactory.instance;
        int i = ((PGPPublicKey) anonymousClass3.val$fromWNaf).publicPk.algorithm;
        bcImplementationFactory.getClass();
        DataSource.Params params = new DataSource.Params(3);
        params.type = new PGPPadding((byte) 0, 17);
        params.key = new Object();
        params.pageSize = i;
        params.initialLoadSize = 10;
        return params;
    }

    public static void verifyKeySpecCompliesToPolicy(KeySpec keySpec, Policy policy) {
        KeyType keyType = keySpec.keyType;
        PublicKeyAlgorithm mo92getAlgorithm = keyType.mo92getAlgorithm();
        int bitStrength = keyType.getBitStrength();
        if (policy.publicKeyAlgorithmPolicy.isAcceptable(mo92getAlgorithm, bitStrength)) {
            return;
        }
        throw new IllegalArgumentException(("Public key algorithm policy violation: " + mo92getAlgorithm + " with bit strength " + bitStrength + " is not acceptable.").toString());
    }

    public final KeyRingBuilder addSubkey(Request request) {
        KeySpec build = request.build();
        PGPPadding pGPPadding = Policy.Companion;
        Policy policy = Policy.INSTANCE;
        if (policy == null) {
            synchronized (pGPPadding) {
                policy = Policy.INSTANCE;
                if (policy == null) {
                    policy = new Policy();
                    Policy.INSTANCE = policy;
                }
            }
        }
        verifyKeySpecCompliesToPolicy(build, policy);
        this.subKeySpecs.add(build);
        return this;
    }

    /* JADX WARN: Type inference failed for: r0v19, types: [openpgp.LongExtensionsKt, org.bouncycastle.bcpg.BCPGKey] */
    public final PGPSecretKeyRing build() {
        Request.Builder builder;
        JmapClient.AnonymousClass2 anonymousClass2;
        Request.Builder builder2;
        KGMac kGMac;
        int i = 0;
        int i2 = 1;
        BcImplementationFactory bcImplementationFactory = BcImplementationFactory.instance;
        PGPPadding pGPPadding = bcImplementationFactory.pgpDigestCalculatorProvider;
        KGMac kGMac2 = PGPPadding.get(2);
        PGPPadding pGPPadding2 = Policy.Companion;
        Policy policy = Policy.INSTANCE;
        if (policy == null) {
            synchronized (pGPPadding2) {
                policy = Policy.INSTANCE;
                if (policy == null) {
                    policy = new Policy();
                    Policy.INSTANCE = policy;
                }
            }
        }
        policy.symmetricKeyEncryptionAlgorithmPolicy.getClass();
        if (!this.passphrase.isValid()) {
            throw new IllegalStateException("Passphrase was cleared.");
        }
        if (this.passphrase.isEmpty()) {
            builder = null;
        } else {
            Passphrase passphrase = this.passphrase;
            Intrinsics.checkNotNullParameter(passphrase, "passphrase");
            char[] chars = passphrase.getChars();
            SecureRandom secureRandom = new SecureRandom();
            Request.Builder builder3 = new Request.Builder(5, false);
            builder3.url = chars;
            builder3.body = secureRandom;
            builder3.method = kGMac2;
            builder = builder3;
        }
        if (!this.passphrase.isValid()) {
            throw new IllegalStateException("Passphrase was cleared.");
        }
        if (this.passphrase.isEmpty()) {
            anonymousClass2 = null;
        } else {
            Passphrase passphrase2 = this.passphrase;
            Intrinsics.checkNotNullParameter(passphrase2, "passphrase");
            char[] chars2 = passphrase2.getChars();
            JmapClient.AnonymousClass2 anonymousClass22 = new JmapClient.AnonymousClass2(10, false);
            anonymousClass22.val$request = chars2;
            anonymousClass22.this$0 = bcImplementationFactory.pgpDigestCalculatorProvider;
            anonymousClass2 = anonymousClass22;
        }
        this.passphrase.clear();
        KeySpec keySpec = this.primaryKeySpec;
        if (keySpec == null) {
            throw new IllegalArgumentException("Primary Key spec required.");
        }
        WNafUtil.AnonymousClass3 generateKeyPair$default = PGPPadding.generateKeyPair$default(keySpec);
        DataSource.Params buildContentSigner = buildContentSigner(generateKeyPair$default);
        PGPSignatureGenerator pGPSignatureGenerator = new PGPSignatureGenerator(buildContentSigner, 4);
        KeySpec keySpec2 = this.primaryKeySpec;
        Intrinsics.checkNotNull(keySpec2);
        WorkSpecDao_Impl workSpecDao_Impl = keySpec2.subpacketGenerator;
        PGPPublicKey pGPPublicKey = (PGPPublicKey) generateKeyPair$default.val$fromWNaf;
        Intrinsics.checkNotNullExpressionValue(pGPPublicKey, "certKey.publicKey");
        workSpecDao_Impl.setIssuerFingerprintAndKeyId(pGPPublicKey);
        Date date = this.expirationDate;
        if (date != null) {
            PGPPublicKey pGPPublicKey2 = (PGPPublicKey) generateKeyPair$default.val$fromWNaf;
            Intrinsics.checkNotNullExpressionValue(pGPPublicKey2, "certKey.publicKey");
            Date time = pGPPublicKey2.publicPk.getTime();
            if (time.compareTo(date) > 0) {
                throw new IllegalArgumentException("Timestamp MUST be before the later timestamp.");
            }
            long asSeconds = ResultKt.getAsSeconds(date) - ResultKt.getAsSeconds(time);
            if (asSeconds > 4294967295L) {
                throw new IllegalArgumentException(("Integer overflow. Seconds from creation to expiration (" + asSeconds + ") cannot be larger than 4294967295.").toString());
            }
            if (asSeconds < 0) {
                throw new IllegalArgumentException("Seconds from creation to expiration cannot be less than 0.");
            }
            workSpecDao_Impl.__preparedStmtOfMarkWorkSpecScheduled = new SignatureSubpacket(9, true, false, Pack.intToBigEndian((int) asSeconds));
        }
        if (!this.userIds.isEmpty()) {
            workSpecDao_Impl.__preparedStmtOfResetScheduledState = new SignatureSubpacket(25, true, false, new byte[]{1});
        }
        Headers.Builder builder4 = new Headers.Builder(1);
        LongExtensionsKt.applyTo(workSpecDao_Impl, builder4);
        ConnectionPool generate = builder4.generate();
        if (this.userIds.isEmpty()) {
            kGMac = kGMac2;
            builder2 = new Request.Builder(generateKeyPair$default, kGMac, generate, buildContentSigner, builder);
        } else {
            Request.Builder builder5 = builder;
            builder2 = new Request.Builder(generateKeyPair$default, (String) CollectionsKt.first(this.userIds.keySet()), kGMac2, generate, buildContentSigner, builder5);
            kGMac = kGMac2;
            builder = builder5;
        }
        Iterator it = this.subKeySpecs.iterator();
        while (it.hasNext()) {
            KeySpec keySpec3 = (KeySpec) it.next();
            WNafUtil.AnonymousClass3 generateKeyPair$default2 = PGPPadding.generateKeyPair$default(keySpec3);
            WorkSpecDao_Impl subpackets = keySpec3.subpacketGenerator;
            Intrinsics.checkNotNullParameter(subpackets, "subpackets");
            Headers.Builder builder6 = new Headers.Builder(i2);
            LongExtensionsKt.applyTo(subpackets, builder6);
            try {
                ConnectionPool addPrimaryKeyBindingSignatureIfNecessary = addPrimaryKeyBindingSignatureIfNecessary(generateKeyPair$default, generateKeyPair$default2, builder6.generate());
                Request.Builder.sanitizeKeyPair(generateKeyPair$default2);
                WNafUtil.AnonymousClass3 anonymousClass3 = (WNafUtil.AnonymousClass3) builder2.body;
                Request.Builder.sanitizeKeyPair(generateKeyPair$default2);
                try {
                    PGPSignatureGenerator pGPSignatureGenerator2 = new PGPSignatureGenerator((DataSource.Params) builder2.tags, (PGPPublicKey) anonymousClass3.val$fromWNaf);
                    pGPSignatureGenerator2.init(24, (PGPPrivateKey) anonymousClass3.val$pointMap);
                    pGPSignatureGenerator2.setHashedSubpackets(addPrimaryKeyBindingSignatureIfNecessary);
                    pGPSignatureGenerator2.unhashed = new SignatureSubpacket[i];
                    ArrayList arrayList = new ArrayList();
                    PGPPublicKey pGPPublicKey3 = (PGPPublicKey) anonymousClass3.val$fromWNaf;
                    PGPPublicKey pGPPublicKey4 = (PGPPublicKey) generateKeyPair$default2.val$fromWNaf;
                    pGPSignatureGenerator2.updateWithPublicKey(pGPPublicKey3);
                    pGPSignatureGenerator2.updateWithPublicKey(pGPPublicKey4);
                    arrayList.add(pGPSignatureGenerator2.generate());
                    PGPPublicKey pGPPublicKey5 = new PGPPublicKey((PGPPublicKey) generateKeyPair$default2.val$fromWNaf, arrayList);
                    PublicKeyPacket publicKeyPacket = pGPPublicKey5.publicPk;
                    pGPPublicKey5.publicPk = new PublicSubkeyPacket(publicKeyPacket.version, publicKeyPacket.algorithm, publicKeyPacket.getTime(), pGPPublicKey5.publicPk.key);
                    ((ArrayList) builder2.url).add(new PGPSecretKey((PGPPrivateKey) generateKeyPair$default2.val$pointMap, pGPPublicKey5, (KGMac) builder2.headers, false, (Request.Builder) builder2.method));
                    i = 0;
                    i2 = 1;
                } catch (PGPException e) {
                    throw e;
                } catch (Exception e2) {
                    throw new PGPException("exception adding subkey: ", e2);
                }
            } catch (IOException e3) {
                throw new PGPException("Exception while adding primary key binding signature to signing subkey.", e3);
            }
        }
        PGPSecretKeyRing pGPSecretKeyRing = new PGPSecretKeyRing((ArrayList) builder2.url);
        Iterator it2 = DesugarCollections.unmodifiableList(pGPSecretKeyRing.keys).iterator();
        PGPPublicKey pGPPublicKey6 = ((PGPSecretKey) it2.next()).pub;
        PGPSecretKey pGPSecretKey = (PGPSecretKey) pGPSecretKeyRing.keys.get(0);
        Intrinsics.checkNotNullExpressionValue(pGPSecretKey, "secretKeyRing.secretKey");
        PGPPrivateKey unlockSecretKey = Mod.unlockSecretKey(pGPSecretKey, anonymousClass2);
        Iterator it3 = this.userIds.entrySet().iterator();
        if (it3.hasNext()) {
            it3.next();
        }
        while (it3.hasNext()) {
            Map.Entry entry = (Map.Entry) it3.next();
            String str = (String) entry.getKey();
            if (entry.getValue() != null) {
                throw new ClassCastException();
            }
            workSpecDao_Impl.__preparedStmtOfResetScheduledState = null;
            pGPSignatureGenerator.init(19, unlockSecretKey);
            Headers.Builder builder7 = new Headers.Builder(1);
            LongExtensionsKt.applyTo(workSpecDao_Impl, builder7);
            pGPSignatureGenerator.setHashedSubpackets(builder7.generate());
            pGPSignatureGenerator.updateWithPublicKey(pGPPublicKey6);
            pGPSignatureGenerator.updateWithIdData(Strings.toUTF8ByteArray(str));
            pGPPublicKey6 = PGPPublicKey.addCertification(pGPPublicKey6, str, pGPSignatureGenerator.generate());
        }
        ArrayList mutableListOf = CollectionsKt__CollectionsKt.mutableListOf(new PGPSecretKey(unlockSecretKey, pGPPublicKey6, kGMac, true, builder));
        while (it2.hasNext()) {
            Object next = it2.next();
            Intrinsics.checkNotNullExpressionValue(next, "secretKeys.next()");
            mutableListOf.add(next);
        }
        return new PGPSecretKeyRing(mutableListOf);
    }
}
