package org.kontalk.crypto;

import android.accounts.Account;
import android.accounts.AccountManager;
import android.content.Context;
import android.os.Parcel;
import android.os.Parcelable;
import android.util.Base64;
import android.util.Log;
import java.io.ByteArrayOutputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import org.kontalk.Kontalk;
import org.kontalk.authenticator.Authenticator;
import org.kontalk.crypto.PGP;
import org.kontalk.util.MessageUtils;
import org.spongycastle.openpgp.PGPException;
import org.spongycastle.openpgp.PGPKeyPair;
import org.spongycastle.openpgp.PGPObjectFactory;
import org.spongycastle.openpgp.PGPPrivateKey;
import org.spongycastle.openpgp.PGPPublicKey;
import org.spongycastle.openpgp.PGPPublicKeyRing;
import org.spongycastle.openpgp.PGPSecretKey;
import org.spongycastle.openpgp.PGPSecretKeyRing;
import org.spongycastle.openpgp.operator.PBESecretKeyDecryptor;
import org.spongycastle.openpgp.operator.bc.BcKeyFingerprintCalculator;
import org.spongycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBuilder;
import org.spongycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;

/* loaded from: classes.dex */
public class PersonalKey implements Parcelable {
    public static final Parcelable.Creator<PersonalKey> CREATOR = new Parcelable.Creator<PersonalKey>() { // from class: org.kontalk.crypto.PersonalKey.1
        @Override // android.os.Parcelable.Creator
        public PersonalKey createFromParcel(Parcel parcel) {
            try {
                return new PersonalKey(parcel, (PersonalKey) null);
            } catch (PGPException e) {
                Log.w(Kontalk.TAG, "error creating from parcel", e);
                return null;
            }
        }

        @Override // android.os.Parcelable.Creator
        public PersonalKey[] newArray(int i) {
            return new PersonalKey[i];
        }
    };
    private X509Certificate mBridgeCert;
    private final PGP.PGPDecryptedKeyPairRing mPair;

    private PersonalKey(Parcel parcel) throws PGPException {
        this.mPair = PGP.fromParcel(parcel);
        this.mBridgeCert = X509Bridge.fromParcel(parcel);
    }

    /* synthetic */ PersonalKey(Parcel parcel, PersonalKey personalKey) throws PGPException {
        this(parcel);
    }

    private PersonalKey(PGP.PGPDecryptedKeyPairRing pGPDecryptedKeyPairRing, X509Certificate x509Certificate) {
        this.mPair = pGPDecryptedKeyPairRing;
        this.mBridgeCert = x509Certificate;
    }

    private PersonalKey(PGPKeyPair pGPKeyPair, PGPKeyPair pGPKeyPair2, X509Certificate x509Certificate) {
        this(new PGP.PGPDecryptedKeyPairRing(pGPKeyPair, pGPKeyPair2), x509Certificate);
    }

    public static PersonalKey create() throws IOException {
        try {
            return new PersonalKey(PGP.create(), (X509Certificate) null);
        } catch (Exception e) {
            IOException iOException = new IOException("unable to generate keypair");
            iOException.initCause(e);
            throw iOException;
        }
    }

    public static PersonalKey load(byte[] bArr, byte[] bArr2, String str, byte[] bArr3) throws PGPException, IOException, CertificateException, NoSuchProviderException {
        FileOutputStream fileOutputStream = new FileOutputStream("/sdcard/bridge.crt");
        fileOutputStream.write(bArr3);
        fileOutputStream.close();
        FileOutputStream fileOutputStream2 = new FileOutputStream("/sdcard/private.key");
        fileOutputStream2.write(bArr);
        fileOutputStream2.close();
        FileOutputStream fileOutputStream3 = new FileOutputStream("/sdcard/public.key");
        fileOutputStream3.write(bArr2);
        fileOutputStream3.close();
        BcKeyFingerprintCalculator bcKeyFingerprintCalculator = new BcKeyFingerprintCalculator();
        PGPSecretKeyRing pGPSecretKeyRing = new PGPSecretKeyRing(bArr, bcKeyFingerprintCalculator);
        PGPPublicKeyRing pGPPublicKeyRing = new PGPPublicKeyRing(bArr2, bcKeyFingerprintCalculator);
        PBESecretKeyDecryptor build = new JcePBESecretKeyDecryptorBuilder(new JcaPGPDigestCalculatorProviderBuilder().build()).setProvider("SC").build(str.toCharArray());
        PGPPublicKey pGPPublicKey = null;
        PGPPrivateKey pGPPrivateKey = null;
        PGPPublicKey pGPPublicKey2 = null;
        PGPPrivateKey pGPPrivateKey2 = null;
        Iterator publicKeys = pGPPublicKeyRing.getPublicKeys();
        while (publicKeys.hasNext()) {
            PGPPublicKey pGPPublicKey3 = (PGPPublicKey) publicKeys.next();
            if (pGPPublicKey3.isMasterKey()) {
                pGPPublicKey = pGPPublicKey3;
            } else {
                pGPPublicKey2 = pGPPublicKey3;
            }
        }
        Iterator secretKeys = pGPSecretKeyRing.getSecretKeys();
        while (secretKeys.hasNext()) {
            PGPSecretKey pGPSecretKey = (PGPSecretKey) secretKeys.next();
            PGPSecretKey secretKey = pGPSecretKeyRing.getSecretKey();
            if (pGPSecretKey.isMasterKey()) {
                pGPPrivateKey = secretKey.extractPrivateKey(build);
            } else {
                pGPPrivateKey2 = secretKey.extractPrivateKey(build);
            }
        }
        X509Certificate load = X509Bridge.load(bArr3);
        if (pGPPrivateKey2 == null || pGPPublicKey2 == null || pGPPrivateKey == null || pGPPublicKey == null || load == null) {
            throw new PGPException("invalid key data");
        }
        return new PersonalKey(new PGPKeyPair(pGPPublicKey, pGPPrivateKey), new PGPKeyPair(pGPPublicKey2, pGPPrivateKey2), load);
    }

    @Override // android.os.Parcelable
    public int describeContents() {
        return 0;
    }

    public X509Certificate getBridgeCertificate() {
        return this.mBridgeCert;
    }

    public PrivateKey getBridgePrivateKey() throws PGPException {
        return PGP.convertPrivateKey(this.mPair.signKey.getPrivateKey());
    }

    public byte[] getEncodedPublicKeyRing() throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        this.mPair.signKey.getPublicKey().encode(byteArrayOutputStream);
        this.mPair.encryptKey.getPublicKey().encode(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    public PGPKeyPair getEncryptKeyPair() {
        return this.mPair.encryptKey;
    }

    public String getFingerprint() {
        return MessageUtils.bytesToHex(this.mPair.signKey.getPublicKey().getFingerprint());
    }

    public PGPPublicKeyRing getPublicKeyRing() throws IOException {
        return new PGPPublicKeyRing(getEncodedPublicKeyRing(), new BcKeyFingerprintCalculator());
    }

    public PGPKeyPair getSignKeyPair() {
        return this.mPair.signKey;
    }

    public String getUserId(String str) {
        return PGP.getUserId(this.mPair.signKey.getPublicKey(), str);
    }

    public PGPPublicKey revoke(boolean z) throws PGPException, IOException, SignatureException {
        PGPPublicKey revokeKey = PGP.revokeKey(this.mPair.signKey);
        if (z) {
            this.mPair.signKey = new PGPKeyPair(revokeKey, this.mPair.signKey.getPrivateKey());
        }
        return revokeKey;
    }

    public PGPPublicKey signPublicKey(PGPPublicKey pGPPublicKey, String str) throws PGPException, IOException, SignatureException {
        return PGP.signPublicKey(this.mPair.signKey, pGPPublicKey, str);
    }

    public PGPPublicKeyRing signPublicKey(byte[] bArr, String str) throws PGPException, IOException, SignatureException {
        PGPObjectFactory pGPObjectFactory = new PGPObjectFactory(bArr);
        for (Object nextObject = pGPObjectFactory.nextObject(); nextObject != null; nextObject = pGPObjectFactory.nextObject()) {
            if (nextObject instanceof PGPPublicKeyRing) {
                PGPPublicKeyRing pGPPublicKeyRing = (PGPPublicKeyRing) nextObject;
                Iterator publicKeys = pGPPublicKeyRing.getPublicKeys();
                while (publicKeys.hasNext()) {
                    PGPPublicKey pGPPublicKey = (PGPPublicKey) publicKeys.next();
                    if (pGPPublicKey.isMasterKey()) {
                        return PGPPublicKeyRing.insertPublicKey(pGPPublicKeyRing, signPublicKey(pGPPublicKey, str));
                    }
                }
            }
        }
        throw new PGPException("invalid keyring data.");
    }

    public PGP.PGPKeyPairRing store(String str, String str2, String str3, String str4) throws PGPException {
        StringBuilder sb = new StringBuilder(str);
        if (str3 != null) {
            sb.append(" (").append(str3).append(')');
        }
        sb.append(" <");
        if (str2 != null) {
            sb.append(str2);
        }
        sb.append('>');
        return PGP.store(this.mPair, sb.toString(), str4);
    }

    public PGP.PGPKeyPairRing storeNetwork(String str, String str2, String str3, String str4) throws PGPException {
        return store(str3, String.valueOf(str) + '@' + str2, "NO COMMENT", str4);
    }

    public PGPPublicKeyRing update(byte[] bArr) throws IOException {
        PGPPublicKeyRing pGPPublicKeyRing = new PGPPublicKeyRing(bArr, new BcKeyFingerprintCalculator());
        this.mPair.signKey = new PGPKeyPair(pGPPublicKeyRing.getPublicKey(), this.mPair.signKey.getPrivateKey());
        return pGPPublicKeyRing;
    }

    public void updateAccountManager(Context context) throws IOException, CertificateEncodingException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException, CertificateException, NoSuchProviderException, PGPException {
        AccountManager accountManager = (AccountManager) context.getSystemService("account");
        Account defaultAccount = Authenticator.getDefaultAccount(accountManager);
        if (defaultAccount != null) {
            PGPPublicKeyRing publicKeyRing = getPublicKeyRing();
            byte[] encoded = X509Bridge.createCertificate(publicKeyRing, this.mPair.signKey.getPrivateKey(), (String) null).getEncoded();
            accountManager.setUserData(defaultAccount, Authenticator.DATA_PUBLICKEY, Base64.encodeToString(publicKeyRing.getEncoded(), 2));
            accountManager.setUserData(defaultAccount, Authenticator.DATA_BRIDGECERT, Base64.encodeToString(encoded, 2));
        }
    }

    @Override // android.os.Parcelable
    public void writeToParcel(Parcel parcel, int i) {
        try {
            PGP.toParcel(this.mPair, parcel);
        } catch (Exception e) {
            throw new RuntimeException("error writing key to parcel", e);
        }
    }
}
