package org.pgpainless.key.generation;

import androidx.core.R$dimen;
import androidx.sqlite.db.SimpleSQLiteQuery;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Date;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import okhttp3.ConnectionPool;
import org.bouncycastle.bcpg.SignatureSubpacket;
import org.bouncycastle.bcpg.sig.KeyFlags;
import org.bouncycastle.jcajce.provider.symmetric.util.PBE;
import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.PGPSignatureGenerator;
import org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
import org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder;
import org.bouncycastle.openpgp.operator.bc.BcPGPKeyConverter;
import org.bouncycastle.openpgp.operator.bc.BcPGPKeyPair;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPKeyPair;
import org.pgpainless.algorithm.HashAlgorithm;
import org.pgpainless.algorithm.PublicKeyAlgorithm;
import org.pgpainless.algorithm.SignatureType;
import org.pgpainless.implementation.BcImplementationFactory;
import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
import org.pgpainless.key.generation.type.xdh.XDHSpec;
import org.pgpainless.policy.Policy;
import org.pgpainless.provider.BouncyCastleProviderFactory;
import org.pgpainless.provider.ProviderFactory;
import org.pgpainless.signature.subpackets.SelfSignatureSubpackets;
import org.pgpainless.util.Passphrase;
import org.pgpainless.util.SessionKey;

/* loaded from: classes.dex */
public class KeyRingBuilder {
    public Passphrase passphrase;
    public KeySpec primaryKeySpec;
    public final List<KeySpec> subkeySpecs;
    public final Map<String, SelfSignatureSubpackets.Callback> userIds;

    public KeyRingBuilder() {
        Charset.forName("UTF-8");
        this.subkeySpecs = new ArrayList();
        this.userIds = new LinkedHashMap();
        this.passphrase = new Passphrase(null);
    }

    public static SessionKey generateKeyPair(KeySpec keySpec) throws NoSuchAlgorithmException, PGPException, InvalidAlgorithmParameterException {
        ECNamedCurveGenParameterSpec eCNamedCurveGenParameterSpec;
        ConnectionPool connectionPool = (ConnectionPool) keySpec.keyType;
        String name = connectionPool.getName();
        if (ProviderFactory.FACTORY == null) {
            ProviderFactory.FACTORY = new BouncyCastleProviderFactory();
        }
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(name, ProviderFactory.FACTORY._getProvider());
        switch (connectionPool.$r8$classId) {
            case PBE.SM3 /* 14 */:
                eCNamedCurveGenParameterSpec = new ECNamedCurveGenParameterSpec(((EdDSACurve) connectionPool.delegate).name);
                break;
            default:
                eCNamedCurveGenParameterSpec = new ECNamedCurveGenParameterSpec(((XDHSpec) connectionPool.delegate).name);
                break;
        }
        keyPairGenerator.initialize(eCNamedCurveGenParameterSpec);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        BcImplementationFactory bcImplementationFactory = BcImplementationFactory.getInstance();
        PublicKeyAlgorithm algorithm = connectionPool.getAlgorithm();
        Date date = new Date();
        Objects.requireNonNull(bcImplementationFactory);
        int i = algorithm.algorithmId;
        BcPGPKeyConverter bcPGPKeyConverter = new BcPGPKeyConverter();
        JcaPGPKeyPair jcaPGPKeyPair = new JcaPGPKeyPair(i, generateKeyPair, date);
        return new BcPGPKeyPair(i, new SimpleSQLiteQuery(bcPGPKeyConverter.getPublicKey((PGPPublicKey) jcaPGPKeyPair.algorithm), bcPGPKeyConverter.getPrivateKey((PGPPrivateKey) jcaPGPKeyPair.key)), date);
    }

    public final PGPSignatureSubpacketVector addPrimaryKeyBindingSignatureIfNecessary(SessionKey sessionKey, SessionKey sessionKey2, PGPSignatureSubpacketVector pGPSignatureSubpacketVector) throws PGPException, IOException {
        SignatureSubpacket subpacket = pGPSignatureSubpacketVector.getSubpacket(27);
        int flags = subpacket == null ? 0 : ((KeyFlags) subpacket).getFlags();
        if (!((flags & 2) == 2)) {
            if (!((flags & 1) == 1)) {
                return pGPSignatureSubpacketVector;
            }
        }
        PGPSignatureGenerator pGPSignatureGenerator = new PGPSignatureGenerator(buildContentSigner(sessionKey2));
        SignatureType signatureType = SignatureType.PRIMARYKEY_BINDING;
        pGPSignatureGenerator.init(25, (PGPPrivateKey) sessionKey2.key);
        PGPSignature generateCertification = pGPSignatureGenerator.generateCertification((PGPPublicKey) sessionKey.algorithm, (PGPPublicKey) sessionKey2.algorithm);
        PGPSignatureSubpacketVector pGPSignatureSubpacketVector2 = new PGPSignatureSubpacketVector(pGPSignatureSubpacketVector);
        pGPSignatureSubpacketVector2.addEmbeddedSignature(false, generateCertification);
        return pGPSignatureSubpacketVector2.generate();
    }

    public final PGPContentSignerBuilder buildContentSigner(SessionKey sessionKey) {
        Objects.requireNonNull(R$dimen.getPolicy().signatureHashAlgorithmPolicy);
        HashAlgorithm hashAlgorithm = HashAlgorithm.SHA512;
        BcImplementationFactory bcImplementationFactory = BcImplementationFactory.getInstance();
        int i = ((PGPPublicKey) sessionKey.algorithm).publicPk.algorithm;
        Objects.requireNonNull(bcImplementationFactory);
        return new BcPGPContentSignerBuilder(i, 10);
    }

    public final void verifyKeySpecCompliesToPolicy(KeySpec keySpec, Policy policy) {
        int i;
        PublicKeyAlgorithm algorithm = ((ConnectionPool) keySpec.keyType).getAlgorithm();
        ConnectionPool connectionPool = (ConnectionPool) keySpec.keyType;
        switch (connectionPool.$r8$classId) {
            case PBE.SM3 /* 14 */:
                i = ((EdDSACurve) connectionPool.delegate).bitStrength;
                break;
            default:
                i = ((XDHSpec) connectionPool.delegate).bitStrength;
                break;
        }
        if (policy.publicKeyAlgorithmPolicy.isAcceptable(algorithm, i)) {
            return;
        }
        throw new IllegalArgumentException("Public key algorithm policy violation: " + algorithm + " with bit strength " + i + " is not acceptable.");
    }
}
