package net.quedex.api.pgp;

import com.google.common.base.Preconditions;
import com.google.common.io.ByteStreams;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.util.Iterator;
import org.bouncycastle.openpgp.PGPCompressedData;
import org.bouncycastle.openpgp.PGPDataValidationException;
import org.bouncycastle.openpgp.PGPEncryptedDataList;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPLiteralData;
import org.bouncycastle.openpgp.PGPOnePassSignature;
import org.bouncycastle.openpgp.PGPOnePassSignatureList;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKeyEncryptedData;
import org.bouncycastle.openpgp.PGPSignatureList;
import org.bouncycastle.openpgp.PGPUtil;
import org.bouncycastle.openpgp.bc.BcPGPObjectFactory;
import org.bouncycastle.openpgp.operator.bc.BcPGPContentVerifierBuilderProvider;
import org.bouncycastle.openpgp.operator.bc.BcPublicKeyDataDecryptorFactory;

/* loaded from: input_file:net/quedex/api/pgp/BcDecryptor.class */
public class BcDecryptor {
    private static final long HIDDEN_RECIPIENT_KEY_ID = 0;
    private final BcPublicKey publicKey;
    private final BcPrivateKey ourKey;

    public BcDecryptor(BcPublicKey bcPublicKey, BcPrivateKey bcPrivateKey) {
        this.publicKey = (BcPublicKey) Preconditions.checkNotNull(bcPublicKey);
        this.ourKey = (BcPrivateKey) Preconditions.checkNotNull(bcPrivateKey);
    }

    public String decrypt(String str) throws PGPDecryptionException, PGPKeyNotFoundException, PGPUnknownRecipientException, PGPInvalidSignatureException {
        try {
            BcPGPObjectFactory bcPGPObjectFactory = new BcPGPObjectFactory(PGPUtil.getDecoderStream(new ByteArrayInputStream(str.getBytes(StandardCharsets.UTF_8))));
            Object nextObject = bcPGPObjectFactory.nextObject();
            PGPPublicKeyEncryptedData pGPPublicKeyEncryptedData = null;
            InputStream inputStream = null;
            Iterator encryptedDataObjects = (nextObject instanceof PGPEncryptedDataList ? (PGPEncryptedDataList) nextObject : (PGPEncryptedDataList) bcPGPObjectFactory.nextObject()).getEncryptedDataObjects();
            while (encryptedDataObjects.hasNext()) {
                pGPPublicKeyEncryptedData = (PGPPublicKeyEncryptedData) encryptedDataObjects.next();
                if (pGPPublicKeyEncryptedData.getKeyID() == HIDDEN_RECIPIENT_KEY_ID) {
                    Iterator<PGPPrivateKey> it = this.ourKey.getPrivateKeys().iterator();
                    while (it.hasNext()) {
                        try {
                            inputStream = pGPPublicKeyEncryptedData.getDataStream(new BcPublicKeyDataDecryptorFactory(it.next()));
                            break;
                        } catch (Exception e) {
                        }
                    }
                } else {
                    try {
                        inputStream = pGPPublicKeyEncryptedData.getDataStream(new BcPublicKeyDataDecryptorFactory(this.ourKey.getPrivateKeyWithId(pGPPublicKeyEncryptedData.getKeyID())));
                    } catch (PGPKeyNotFoundException e2) {
                    }
                }
                if (inputStream != null) {
                    break;
                }
            }
            if (inputStream == null) {
                throw new PGPUnknownRecipientException("Message is encrypted for unknown recipient");
            }
            BcPGPObjectFactory bcPGPObjectFactory2 = new BcPGPObjectFactory(((PGPCompressedData) new BcPGPObjectFactory(inputStream).nextObject()).getDataStream());
            Object nextObject2 = bcPGPObjectFactory2.nextObject();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            PGPOnePassSignature pGPOnePassSignature = ((PGPOnePassSignatureList) nextObject2).get(0);
            Object nextObject3 = bcPGPObjectFactory2.nextObject();
            if (!(nextObject3 instanceof PGPLiteralData)) {
                throw new PGPDataValidationException("Expected literal data packet");
            }
            ByteStreams.copy(((PGPLiteralData) nextObject3).getInputStream(), byteArrayOutputStream);
            PGPSignatureList pGPSignatureList = (PGPSignatureList) bcPGPObjectFactory2.nextObject();
            pGPOnePassSignature.init(new BcPGPContentVerifierBuilderProvider(), this.publicKey.getSigningKey());
            pGPOnePassSignature.update(byteArrayOutputStream.toByteArray());
            if (!pGPOnePassSignature.verify(pGPSignatureList.get(0))) {
                throw new PGPInvalidSignatureException("The signature is not valid");
            }
            checkIntegrity(pGPPublicKeyEncryptedData);
            return new String(byteArrayOutputStream.toByteArray(), StandardCharsets.UTF_8);
        } catch (PGPException | IOException | RuntimeException e3) {
            throw new PGPDecryptionException("Error Decrypting message", e3);
        }
    }

    private static void checkIntegrity(PGPPublicKeyEncryptedData pGPPublicKeyEncryptedData) throws PGPException, IOException, PGPDecryptionException {
        if (!pGPPublicKeyEncryptedData.isIntegrityProtected()) {
            throw new PGPDecryptionException("Message not integrity protected");
        }
        if (!pGPPublicKeyEncryptedData.verify()) {
            throw new PGPDecryptionException("Message failed integrity check");
        }
    }
}
