package org.intellicastle.openpgp.api;

import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import org.intellicastle.bcpg.PublicKeyUtils;
import org.intellicastle.bcpg.PublicSubkeyPacket;
import org.intellicastle.bcpg.S2K;
import org.intellicastle.openpgp.PGPException;
import org.intellicastle.openpgp.PGPKeyPair;
import org.intellicastle.openpgp.PGPSecretKey;
import org.intellicastle.openpgp.PGPSecretKeyRing;
import org.intellicastle.openpgp.PGPSignature;
import org.intellicastle.openpgp.PGPSignatureSubpacketGenerator;
import org.intellicastle.openpgp.api.SignatureParameters;
import org.intellicastle.openpgp.api.Utils;
import org.intellicastle.openpgp.operator.KeyFingerPrintCalculator;
import org.intellicastle.openpgp.operator.PBESecretKeyEncryptor;
import org.intellicastle.openpgp.operator.PBESecretKeyEncryptorFactory;
import org.intellicastle.openpgp.operator.PGPDigestCalculatorProvider;
import org.intellicastle.openpgp.operator.PGPKeyPairGenerator;
import org.intellicastle.openpgp.operator.PGPKeyPairGeneratorProvider;
import org.intellicastle.util.Arrays;

/* loaded from: input_file:org/intellicastle/openpgp/api/OpenPGPKeyGenerator.class */
public class OpenPGPKeyGenerator extends AbstractOpenPGPKeySignatureGenerator {
    private static final long SECONDS_PER_MINUTE = 60;
    private static final long SECONDS_PER_HOUR = 3600;
    private static final long SECONDS_PER_DAY = 86400;
    private static final long SECONDS_PER_YEAR = 31536000;
    private final int keyVersion;
    private final OpenPGPImplementation implementationProvider;
    private final Configuration configuration;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/intellicastle/openpgp/api/OpenPGPKeyGenerator$Configuration.class */
    public static class Configuration {
        final Date keyCreationTime;
        final PGPKeyPairGeneratorProvider kpGenProvider;
        final PGPDigestCalculatorProvider digestCalculatorProvider;
        final PBESecretKeyEncryptorFactory keyEncryptorBuilderProvider;
        final KeyFingerPrintCalculator keyFingerprintCalculator;

        public Configuration(Date date, PGPKeyPairGeneratorProvider pGPKeyPairGeneratorProvider, PGPDigestCalculatorProvider pGPDigestCalculatorProvider, PBESecretKeyEncryptorFactory pBESecretKeyEncryptorFactory, KeyFingerPrintCalculator keyFingerPrintCalculator) {
            this.keyCreationTime = new Date((date.getTime() / 1000) * 1000);
            this.kpGenProvider = pGPKeyPairGeneratorProvider;
            this.digestCalculatorProvider = pGPDigestCalculatorProvider;
            this.keyEncryptorBuilderProvider = pBESecretKeyEncryptorFactory;
            this.keyFingerprintCalculator = keyFingerPrintCalculator;
        }
    }

    /* loaded from: input_file:org/intellicastle/openpgp/api/OpenPGPKeyGenerator$WithPrimaryKey.class */
    public class WithPrimaryKey {
        private final OpenPGPImplementation implementation;
        private final Configuration configuration;
        private PGPKeyPair primaryKey;
        private final List<PGPKeyPair> subkeys;

        private WithPrimaryKey(OpenPGPImplementation openPGPImplementation, Configuration configuration, PGPKeyPair pGPKeyPair) {
            this.subkeys = new ArrayList();
            this.implementation = openPGPImplementation;
            this.configuration = configuration;
            this.primaryKey = pGPKeyPair;
        }

        public WithPrimaryKey addUserId(String str) throws PGPException {
            return addUserId(str, null);
        }

        public WithPrimaryKey addUserId(String str, SignatureParameters.Callback callback) throws PGPException {
            if (str == null || str.trim().length() == 0) {
                throw new IllegalArgumentException("User-ID cannot be null or empty.");
            }
            SignatureParameters applySignatureParameters = Utils.applySignatureParameters(callback, SignatureParameters.certification(this.implementation.policy()));
            if (applySignatureParameters != null) {
                this.primaryKey = new PGPKeyPair(Utils.injectCertification(str, this.primaryKey.getPublicKey(), Utils.getPgpSignatureGenerator(this.implementation, this.primaryKey.getPublicKey(), this.primaryKey.getPrivateKey(), applySignatureParameters, this.configuration.keyCreationTime, null)), this.primaryKey.getPrivateKey());
            }
            return this;
        }

        public WithPrimaryKey addEncryptionSubkey() throws PGPException {
            return addEncryptionSubkey(KeyPairGeneratorCallback.encryptionKey());
        }

        public WithPrimaryKey addEncryptionSubkey(KeyPairGeneratorCallback keyPairGeneratorCallback) throws PGPException {
            return addEncryptionSubkey(keyPairGeneratorCallback, (SignatureParameters.Callback) null);
        }

        public WithPrimaryKey addEncryptionSubkey(KeyPairGeneratorCallback keyPairGeneratorCallback, SignatureParameters.Callback callback) throws PGPException {
            return addEncryptionSubkey(keyPairGeneratorCallback.generateFrom(this.configuration.kpGenProvider.get(OpenPGPKeyGenerator.this.keyVersion, this.configuration.keyCreationTime)).asSubkey(this.implementation.keyFingerPrintCalculator()), callback);
        }

        public WithPrimaryKey addEncryptionSubkey(PGPKeyPair pGPKeyPair, SignatureParameters.Callback callback) throws PGPException {
            if (!(pGPKeyPair.getPublicKey().getPublicKeyPacket() instanceof PublicSubkeyPacket)) {
                throw new IllegalArgumentException("Encryption subkey MUST NOT consist of a primary key packet.");
            }
            if (!pGPKeyPair.getPublicKey().isEncryptionKey()) {
                throw new PGPException("Encryption key MUST use encryption-capable algorithm.");
            }
            this.subkeys.add(updateSubkey(pGPKeyPair, callback, new Utils.HashedSubpacketsOperation() { // from class: org.intellicastle.openpgp.api.OpenPGPKeyGenerator.WithPrimaryKey.1
                @Override // org.intellicastle.openpgp.api.Utils.HashedSubpacketsOperation
                public void operate(PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator) throws PGPException {
                    OpenPGPKeyGenerator.this.encryptionSubkeySubpackets.apply(pGPSignatureSubpacketGenerator);
                }
            }));
            return this;
        }

        public WithPrimaryKey addSigningSubkey() throws PGPException {
            return addSigningSubkey(KeyPairGeneratorCallback.signingKey());
        }

        public WithPrimaryKey addSigningSubkey(KeyPairGeneratorCallback keyPairGeneratorCallback) throws PGPException {
            return addSigningSubkey(keyPairGeneratorCallback, (SignatureParameters.Callback) null, (SignatureParameters.Callback) null);
        }

        public WithPrimaryKey addSigningSubkey(KeyPairGeneratorCallback keyPairGeneratorCallback, SignatureParameters.Callback callback, SignatureParameters.Callback callback2) throws PGPException {
            return addSigningSubkey(keyPairGeneratorCallback.generateFrom(this.configuration.kpGenProvider.get(OpenPGPKeyGenerator.this.keyVersion, this.configuration.keyCreationTime)).asSubkey(this.configuration.keyFingerprintCalculator), callback, callback2);
        }

        public WithPrimaryKey addSigningSubkey(PGPKeyPair pGPKeyPair, SignatureParameters.Callback callback, SignatureParameters.Callback callback2) throws PGPException {
            if (!(pGPKeyPair.getPublicKey().getPublicKeyPacket() instanceof PublicSubkeyPacket)) {
                throw new IllegalArgumentException("Signing subkey MUST NOT consist of primary key packet.");
            }
            if (!PublicKeyUtils.isSigningAlgorithm(pGPKeyPair.getPublicKey().getAlgorithm())) {
                throw new PGPException("Signing key MUST use signing-capable algorithm.");
            }
            final PGPSignature backSignature = Utils.getBackSignature(pGPKeyPair, Utils.applySignatureParameters(callback2, SignatureParameters.primaryKeyBinding(this.implementation.policy())), this.primaryKey.getPublicKey(), this.implementation, this.configuration.keyCreationTime);
            this.subkeys.add(updateSubkey(pGPKeyPair, callback, new Utils.HashedSubpacketsOperation() { // from class: org.intellicastle.openpgp.api.OpenPGPKeyGenerator.WithPrimaryKey.2
                @Override // org.intellicastle.openpgp.api.Utils.HashedSubpacketsOperation
                public void operate(PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator) throws PGPException {
                    Utils.addEmbeddedSiganture(backSignature, OpenPGPKeyGenerator.this.signingSubkeySubpackets.apply(pGPSignatureSubpacketGenerator));
                }
            }));
            return this;
        }

        public OpenPGPKey build() throws PGPException {
            return build(null);
        }

        public OpenPGPKey build(char[] cArr) throws PGPException {
            PBESecretKeyEncryptor build = this.configuration.keyEncryptorBuilderProvider.build(cArr, this.primaryKey.getPublicKey().getPublicKeyPacket());
            PGPSecretKey pGPSecretKey = new PGPSecretKey(this.primaryKey.getPrivateKey(), this.primaryKey.getPublicKey(), this.configuration.digestCalculatorProvider.get(2), true, build);
            sanitizeKeyEncryptor(build);
            ArrayList arrayList = new ArrayList();
            arrayList.add(pGPSecretKey);
            for (PGPKeyPair pGPKeyPair : this.subkeys) {
                PBESecretKeyEncryptor build2 = this.configuration.keyEncryptorBuilderProvider.build(cArr, pGPKeyPair.getPublicKey().getPublicKeyPacket());
                PGPSecretKey pGPSecretKey2 = new PGPSecretKey(pGPKeyPair.getPrivateKey(), pGPKeyPair.getPublicKey(), this.configuration.digestCalculatorProvider.get(2), false, build2);
                sanitizeKeyEncryptor(build2);
                arrayList.add(pGPSecretKey2);
            }
            if (cArr != null) {
                Arrays.fill(cArr, (char) 0);
            }
            return new OpenPGPKey(new PGPSecretKeyRing(arrayList), this.implementation);
        }

        protected void sanitizeKeyEncryptor(PBESecretKeyEncryptor pBESecretKeyEncryptor) {
            if (pBESecretKeyEncryptor == null) {
                return;
            }
            S2K s2k = pBESecretKeyEncryptor.getS2K();
            if (s2k.getType() == 0 || s2k.getType() == 1) {
                throw new IllegalArgumentException("S2K specifiers SIMPLE and SALTED are not allowed for secret key encryption.");
            }
            if (s2k.getType() == 4 && pBESecretKeyEncryptor.getAeadAlgorithm() == 0) {
                throw new IllegalArgumentException("Argon2 MUST be used with AEAD.");
            }
        }

        private PGPKeyPair updateSubkey(PGPKeyPair pGPKeyPair, SignatureParameters.Callback callback, Utils.HashedSubpacketsOperation hashedSubpacketsOperation) throws PGPException {
            SignatureParameters applySignatureParameters = Utils.applySignatureParameters(callback, SignatureParameters.subkeyBinding(this.implementation.policy()).setSignatureCreationTime(this.configuration.keyCreationTime));
            if (applySignatureParameters != null) {
                pGPKeyPair = new PGPKeyPair(Utils.injectCertification(pGPKeyPair.getPublicKey(), Utils.getPgpSignatureGenerator(this.implementation, this.primaryKey.getPublicKey(), this.primaryKey.getPrivateKey(), applySignatureParameters, applySignatureParameters.getSignatureCreationTime(), hashedSubpacketsOperation), this.primaryKey.getPublicKey()), pGPKeyPair.getPrivateKey());
            }
            return pGPKeyPair;
        }
    }

    public OpenPGPKeyGenerator(OpenPGPImplementation openPGPImplementation, boolean z, Date date) throws PGPException {
        this(openPGPImplementation, 6, z, date);
    }

    public OpenPGPKeyGenerator(OpenPGPImplementation openPGPImplementation, int i, boolean z, Date date) throws PGPException {
        this(openPGPImplementation, i, openPGPImplementation.pgpKeyPairGeneratorProvider(), openPGPImplementation.pgpDigestCalculatorProvider(), openPGPImplementation.pbeSecretKeyEncryptorFactory(z), openPGPImplementation.keyFingerPrintCalculator(), date);
    }

    public OpenPGPKeyGenerator(OpenPGPImplementation openPGPImplementation, int i, PGPKeyPairGeneratorProvider pGPKeyPairGeneratorProvider, PGPDigestCalculatorProvider pGPDigestCalculatorProvider, PBESecretKeyEncryptorFactory pBESecretKeyEncryptorFactory, KeyFingerPrintCalculator keyFingerPrintCalculator, Date date) {
        if (i != 4 && i != 5 && i != 6) {
            throw new IllegalArgumentException("Generating keys of version " + i + " is not supported.");
        }
        this.implementationProvider = openPGPImplementation;
        this.keyVersion = i;
        this.configuration = new Configuration(date, pGPKeyPairGeneratorProvider, pGPDigestCalculatorProvider, pBESecretKeyEncryptorFactory, keyFingerPrintCalculator);
    }

    public WithPrimaryKey classicKey(String str) throws PGPException {
        WithPrimaryKey addEncryptionSubkey = withPrimaryKey().addSigningSubkey().addEncryptionSubkey();
        if (str != null) {
            addEncryptionSubkey.addUserId(str);
        }
        return addEncryptionSubkey;
    }

    public WithPrimaryKey ed25519x25519Key(String str) throws PGPException {
        WithPrimaryKey addEncryptionSubkey = withPrimaryKey(new KeyPairGeneratorCallback() { // from class: org.intellicastle.openpgp.api.OpenPGPKeyGenerator.3
            @Override // org.intellicastle.openpgp.api.KeyPairGeneratorCallback
            public PGPKeyPair generateFrom(PGPKeyPairGenerator pGPKeyPairGenerator) throws PGPException {
                return pGPKeyPairGenerator.generateEd25519KeyPair();
            }
        }).addSigningSubkey(new KeyPairGeneratorCallback() { // from class: org.intellicastle.openpgp.api.OpenPGPKeyGenerator.2
            @Override // org.intellicastle.openpgp.api.KeyPairGeneratorCallback
            public PGPKeyPair generateFrom(PGPKeyPairGenerator pGPKeyPairGenerator) throws PGPException {
                return pGPKeyPairGenerator.generateEd25519KeyPair();
            }
        }).addEncryptionSubkey(new KeyPairGeneratorCallback() { // from class: org.intellicastle.openpgp.api.OpenPGPKeyGenerator.1
            @Override // org.intellicastle.openpgp.api.KeyPairGeneratorCallback
            public PGPKeyPair generateFrom(PGPKeyPairGenerator pGPKeyPairGenerator) throws PGPException {
                return pGPKeyPairGenerator.generateX25519KeyPair();
            }
        });
        if (str != null) {
            addEncryptionSubkey.addUserId(str);
        }
        return addEncryptionSubkey;
    }

    public WithPrimaryKey ed448x448Key(String str) throws PGPException {
        WithPrimaryKey addEncryptionSubkey = withPrimaryKey(new KeyPairGeneratorCallback() { // from class: org.intellicastle.openpgp.api.OpenPGPKeyGenerator.6
            @Override // org.intellicastle.openpgp.api.KeyPairGeneratorCallback
            public PGPKeyPair generateFrom(PGPKeyPairGenerator pGPKeyPairGenerator) throws PGPException {
                return pGPKeyPairGenerator.generateEd448KeyPair();
            }
        }).addSigningSubkey(new KeyPairGeneratorCallback() { // from class: org.intellicastle.openpgp.api.OpenPGPKeyGenerator.5
            @Override // org.intellicastle.openpgp.api.KeyPairGeneratorCallback
            public PGPKeyPair generateFrom(PGPKeyPairGenerator pGPKeyPairGenerator) throws PGPException {
                return pGPKeyPairGenerator.generateEd448KeyPair();
            }
        }).addEncryptionSubkey(new KeyPairGeneratorCallback() { // from class: org.intellicastle.openpgp.api.OpenPGPKeyGenerator.4
            @Override // org.intellicastle.openpgp.api.KeyPairGeneratorCallback
            public PGPKeyPair generateFrom(PGPKeyPairGenerator pGPKeyPairGenerator) throws PGPException {
                return pGPKeyPairGenerator.generateX448KeyPair();
            }
        });
        if (str != null) {
            addEncryptionSubkey.addUserId(str);
        }
        return addEncryptionSubkey;
    }

    public WithPrimaryKey signOnlyKey() throws PGPException {
        return withPrimaryKey(KeyPairGeneratorCallback.primaryKey(), SignatureParameters.Callback.Util.modifyHashedSubpackets(new SignatureSubpacketsFunction() { // from class: org.intellicastle.openpgp.api.OpenPGPKeyGenerator.7
            @Override // org.intellicastle.openpgp.api.SignatureSubpacketsFunction
            public PGPSignatureSubpacketGenerator apply(PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator) {
                pGPSignatureSubpacketGenerator.removePacketsOfType(27);
                pGPSignatureSubpacketGenerator.setKeyFlags(true, 3);
                return pGPSignatureSubpacketGenerator;
            }
        }));
    }

    public WithPrimaryKey withPrimaryKey() throws PGPException {
        return withPrimaryKey(KeyPairGeneratorCallback.primaryKey());
    }

    public WithPrimaryKey withPrimaryKey(KeyPairGeneratorCallback keyPairGeneratorCallback) throws PGPException {
        return withPrimaryKey(keyPairGeneratorCallback, null);
    }

    public WithPrimaryKey withPrimaryKey(KeyPairGeneratorCallback keyPairGeneratorCallback, SignatureParameters.Callback callback) throws PGPException {
        PGPKeyPair generateFrom = keyPairGeneratorCallback.generateFrom(this.configuration.kpGenProvider.get(this.keyVersion, this.configuration.keyCreationTime));
        if (generateFrom.getPublicKey().getPublicKeyPacket() instanceof PublicSubkeyPacket) {
            throw new IllegalArgumentException("Primary key MUST NOT consist of subkey packet.");
        }
        if (!PublicKeyUtils.isSigningAlgorithm(generateFrom.getPublicKey().getAlgorithm())) {
            throw new PGPException("Primary key MUST use signing-capable algorithm.");
        }
        SignatureParameters applySignatureParameters = Utils.applySignatureParameters(callback, SignatureParameters.directKeySignature(this.implementationProvider.policy()));
        if (applySignatureParameters != null) {
            generateFrom = new PGPKeyPair(Utils.injectCertification(generateFrom.getPublicKey(), Utils.getPgpSignatureGenerator(this.implementationProvider, generateFrom.getPublicKey(), generateFrom.getPrivateKey(), applySignatureParameters, this.configuration.keyCreationTime, new Utils.HashedSubpacketsOperation() { // from class: org.intellicastle.openpgp.api.OpenPGPKeyGenerator.8
                @Override // org.intellicastle.openpgp.api.Utils.HashedSubpacketsOperation
                public void operate(PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator) throws PGPException {
                    PGPSignatureSubpacketGenerator apply = OpenPGPKeyGenerator.this.directKeySignatureSubpackets.apply(pGPSignatureSubpacketGenerator);
                    apply.setKeyFlags(true, 1);
                    apply.setKeyExpirationTime(false, 157680000L);
                }
            })), generateFrom.getPrivateKey());
        }
        return new WithPrimaryKey(this.implementationProvider, this.configuration, generateFrom);
    }
}
