package org.kontalk.crypto;

import android.accounts.Account;
import android.accounts.AccountManager;
import android.content.Context;
import android.os.Parcel;
import android.os.Parcelable;
import android.util.Base64;
import android.util.Base64InputStream;
import android.util.Base64OutputStream;
import android.util.Log;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import org.kontalk.Kontalk;
import org.kontalk.authenticator.Authenticator;
import org.kontalk.crypto.PGP;
import org.spongycastle.openpgp.PGPException;
import org.spongycastle.openpgp.PGPKeyPair;
import org.spongycastle.openpgp.PGPPrivateKey;
import org.spongycastle.openpgp.PGPPublicKey;
import org.spongycastle.openpgp.PGPPublicKeyRing;
import org.spongycastle.openpgp.PGPSecretKey;
import org.spongycastle.openpgp.PGPSecretKeyRing;
import org.spongycastle.openpgp.operator.KeyFingerPrintCalculator;
import org.spongycastle.openpgp.operator.PBESecretKeyDecryptor;
import org.spongycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBuilder;
import org.spongycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
import org.spongycastle.operator.OperatorCreationException;

/* loaded from: classes.dex */
public class PersonalKey implements Parcelable {
    public static final int MIN_PASSPHRASE_LENGTH = 4;
    private final X509Certificate mBridgeCert;
    private final PGP.PGPDecryptedKeyPairRing mPair;
    private static final String TAG = Kontalk.TAG;
    private static final KeyFingerPrintCalculator sFingerprintCalculator = PGP.sFingerprintCalculator;
    public static final Parcelable.Creator<PersonalKey> CREATOR = new Parcelable.Creator<PersonalKey>() { // from class: org.kontalk.crypto.PersonalKey.1
        @Override // android.os.Parcelable.Creator
        public PersonalKey createFromParcel(Parcel parcel) {
            try {
                return new PersonalKey(parcel);
            } catch (Exception e) {
                Log.w(PersonalKey.TAG, "error creating from parcel", e);
                return null;
            }
        }

        @Override // android.os.Parcelable.Creator
        public PersonalKey[] newArray(int i) {
            return new PersonalKey[i];
        }
    };

    private PersonalKey(Parcel parcel) throws PGPException, IOException {
        this.mPair = PGP.fromParcel(parcel);
        this.mBridgeCert = null;
    }

    private PersonalKey(PGP.PGPDecryptedKeyPairRing pGPDecryptedKeyPairRing, X509Certificate x509Certificate) {
        this.mPair = pGPDecryptedKeyPairRing;
        this.mBridgeCert = x509Certificate;
    }

    private PersonalKey(PGPKeyPair pGPKeyPair, PGPKeyPair pGPKeyPair2, PGPKeyPair pGPKeyPair3, X509Certificate x509Certificate) {
        this(new PGP.PGPDecryptedKeyPairRing(pGPKeyPair, pGPKeyPair2, pGPKeyPair3), x509Certificate);
    }

    public static PersonalKey create() throws IOException {
        try {
            return new PersonalKey(PGP.create(), (X509Certificate) null);
        } catch (Exception e) {
            IOException iOException = new IOException("unable to generate keypair");
            iOException.initCause(e);
            throw iOException;
        }
    }

    public static PersonalKey fromBase64(String str) {
        Base64InputStream base64InputStream;
        ObjectInputStream objectInputStream;
        ObjectInputStream objectInputStream2 = null;
        try {
            try {
                base64InputStream = new Base64InputStream(new ByteArrayInputStream(str.getBytes()), 2);
                objectInputStream = new ObjectInputStream(base64InputStream);
            } catch (Exception e) {
                e = e;
            }
        } catch (Throwable th) {
            th = th;
        }
        try {
            PGP.PGPDecryptedKeyPairRing unserialize = PGP.unserialize(objectInputStream);
            base64InputStream.close();
            PersonalKey personalKey = new PersonalKey(unserialize, (X509Certificate) null);
            if (objectInputStream != null) {
                try {
                    objectInputStream.close();
                } catch (IOException e2) {
                }
            }
            return personalKey;
        } catch (Exception e3) {
            e = e3;
            objectInputStream2 = objectInputStream;
            throw new RuntimeException(e);
        } catch (Throwable th2) {
            th = th2;
            objectInputStream2 = objectInputStream;
            if (objectInputStream2 != null) {
                try {
                    objectInputStream2.close();
                } catch (IOException e4) {
                }
            }
            throw th;
        }
    }

    public static PersonalKey load(InputStream inputStream, InputStream inputStream2, String str, InputStream inputStream3) throws PGPException, IOException, CertificateException, NoSuchProviderException {
        return load(new PGPSecretKeyRing(inputStream, sFingerprintCalculator), new PGPPublicKeyRing(inputStream2, sFingerprintCalculator), str, inputStream3 != null ? X509Bridge.load(inputStream3) : null);
    }

    public static PersonalKey load(PGPSecretKeyRing pGPSecretKeyRing, PGPPublicKeyRing pGPPublicKeyRing, String str, X509Certificate x509Certificate) throws PGPException, IOException, CertificateException, NoSuchProviderException {
        PBESecretKeyDecryptor build = new JcePBESecretKeyDecryptorBuilder(new JcaPGPDigestCalculatorProviderBuilder().build()).setProvider("SC").build(str.toCharArray());
        PGPPublicKey pGPPublicKey = null;
        PGPPrivateKey pGPPrivateKey = null;
        PGPPublicKey pGPPublicKey2 = null;
        PGPPrivateKey pGPPrivateKey2 = null;
        PGPPublicKey pGPPublicKey3 = null;
        PGPPrivateKey pGPPrivateKey3 = null;
        Iterator<PGPPublicKey> publicKeys = pGPPublicKeyRing.getPublicKeys();
        while (publicKeys.hasNext()) {
            PGPPublicKey next = publicKeys.next();
            int keyFlags = PGP.getKeyFlags(next);
            if (next.isMasterKey()) {
                if ((keyFlags & 32) == 32) {
                    pGPPublicKey = next;
                } else {
                    pGPPublicKey2 = next;
                    pGPPublicKey = next;
                }
            } else if ((keyFlags & 2) == 2) {
                pGPPublicKey2 = next;
            } else {
                pGPPublicKey3 = next;
            }
        }
        Iterator<PGPSecretKey> secretKeys = pGPSecretKeyRing.getSecretKeys();
        while (secretKeys.hasNext()) {
            PGPSecretKey next2 = secretKeys.next();
            int keyFlags2 = PGP.getKeyFlags(next2.getPublicKey());
            if (next2.isMasterKey()) {
                if ((keyFlags2 & 32) == 32) {
                    pGPPrivateKey = next2.extractPrivateKey(build);
                } else {
                    pGPPrivateKey2 = next2.extractPrivateKey(build);
                    pGPPrivateKey = pGPPrivateKey2;
                }
            } else if ((keyFlags2 & 2) == 2) {
                pGPPrivateKey2 = next2.extractPrivateKey(build);
            } else {
                pGPPrivateKey3 = next2.extractPrivateKey(build);
            }
        }
        if (pGPPrivateKey3 == null || pGPPublicKey3 == null || pGPPrivateKey2 == null || pGPPublicKey2 == null) {
            throw new PGPException("invalid key data");
        }
        return new PersonalKey(new PGPKeyPair(pGPPublicKey, pGPPrivateKey), new PGPKeyPair(pGPPublicKey2, pGPPrivateKey2), new PGPKeyPair(pGPPublicKey3, pGPPrivateKey3), x509Certificate);
    }

    public static PersonalKey load(byte[] bArr, byte[] bArr2, String str, X509Certificate x509Certificate) throws PGPException, IOException, CertificateException, NoSuchProviderException {
        return load(new PGPSecretKeyRing(bArr, sFingerprintCalculator), new PGPPublicKeyRing(bArr2, sFingerprintCalculator), str, x509Certificate);
    }

    public static PersonalKey load(byte[] bArr, byte[] bArr2, String str, byte[] bArr3) throws PGPException, IOException, CertificateException, NoSuchProviderException {
        return load(new PGPSecretKeyRing(bArr, sFingerprintCalculator), new PGPPublicKeyRing(bArr2, sFingerprintCalculator), str, bArr3 != null ? X509Bridge.load(bArr3) : null);
    }

    public static PGP.PGPKeyPairRing test(InputStream inputStream, InputStream inputStream2, String str, InputStream inputStream3) throws PGPException, IOException, CertificateException, NoSuchProviderException {
        return test(new PGPSecretKeyRing(inputStream, sFingerprintCalculator), new PGPPublicKeyRing(inputStream2, sFingerprintCalculator), str, inputStream3 != null ? X509Bridge.load(inputStream3) : null);
    }

    private static PGP.PGPKeyPairRing test(PGPSecretKeyRing pGPSecretKeyRing, PGPPublicKeyRing pGPPublicKeyRing, String str, X509Certificate x509Certificate) throws PGPException, IOException, CertificateException, NoSuchProviderException {
        load(pGPSecretKeyRing, pGPPublicKeyRing, str, x509Certificate);
        return new PGP.PGPKeyPairRing(pGPPublicKeyRing, pGPSecretKeyRing);
    }

    public static PGP.PGPKeyPairRing test(byte[] bArr, byte[] bArr2, String str, byte[] bArr3) throws PGPException, IOException, CertificateException, NoSuchProviderException {
        return test(new PGPSecretKeyRing(bArr, sFingerprintCalculator), new PGPPublicKeyRing(bArr2, sFingerprintCalculator), str, bArr3 != null ? X509Bridge.load(bArr3) : null);
    }

    public PersonalKey copy(X509Certificate x509Certificate) {
        return new PersonalKey(this.mPair, x509Certificate);
    }

    @Override // android.os.Parcelable
    public int describeContents() {
        return 0;
    }

    public PGPKeyPair getAuthKeyPair() {
        return this.mPair.authKey;
    }

    public X509Certificate getBridgeCertificate() {
        return this.mBridgeCert;
    }

    public PrivateKey getBridgePrivateKey() throws PGPException {
        return PGP.convertPrivateKey(this.mPair.authKey.getPrivateKey());
    }

    public byte[] getEncodedPublicKeyRing() throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        this.mPair.authKey.getPublicKey().encode(byteArrayOutputStream);
        this.mPair.signKey.getPublicKey().encode(byteArrayOutputStream);
        this.mPair.encryptKey.getPublicKey().encode(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    public PGPKeyPair getEncryptKeyPair() {
        return this.mPair.encryptKey;
    }

    public String getFingerprint() {
        return PGP.getFingerprint(this.mPair.authKey.getPublicKey());
    }

    public PGPPublicKeyRing getPublicKeyRing() throws IOException {
        return new PGPPublicKeyRing(getEncodedPublicKeyRing(), sFingerprintCalculator);
    }

    public PGPKeyPair getSignKeyPair() {
        return this.mPair.signKey;
    }

    public String getUserId(String str) {
        return PGP.getUserId(this.mPair.authKey.getPublicKey(), str);
    }

    public PGPPublicKey revoke(boolean z) throws PGPException, IOException, SignatureException {
        PGPPublicKey revokeKey = PGP.revokeKey(this.mPair.authKey);
        if (z) {
            this.mPair.authKey = new PGPKeyPair(revokeKey, this.mPair.authKey.getPrivateKey());
        }
        return revokeKey;
    }

    public PGP.PGPKeyPairRing store(String str, String str2, String str3, String str4) throws PGPException, IOException {
        StringBuilder sb = new StringBuilder(str);
        if (str3 != null) {
            sb.append(" (").append(str3).append(')');
        }
        sb.append(" <");
        if (str2 != null) {
            sb.append(str2);
        }
        sb.append('>');
        return PGP.store(this.mPair, sb.toString(), str4);
    }

    public PGP.PGPKeyPairRing storeNetwork(String str, String str2, String str3, String str4) throws PGPException, IOException {
        return store(str3, str + '@' + str2, null, str4);
    }

    public String toBase64() {
        ByteArrayOutputStream byteArrayOutputStream;
        ObjectOutputStream objectOutputStream;
        ObjectOutputStream objectOutputStream2 = null;
        try {
            try {
                byteArrayOutputStream = new ByteArrayOutputStream();
                objectOutputStream = new ObjectOutputStream(new Base64OutputStream(byteArrayOutputStream, 2));
            } catch (Throwable th) {
                th = th;
            }
        } catch (Exception e) {
            e = e;
        }
        try {
            PGP.serialize(this.mPair, objectOutputStream);
            objectOutputStream.close();
            String byteArrayOutputStream2 = byteArrayOutputStream.toString();
            if (objectOutputStream != null) {
                try {
                    objectOutputStream.close();
                } catch (IOException e2) {
                }
            }
            return byteArrayOutputStream2;
        } catch (Exception e3) {
            e = e3;
            throw new RuntimeException(e);
        } catch (Throwable th2) {
            th = th2;
            objectOutputStream2 = objectOutputStream;
            if (objectOutputStream2 != null) {
                try {
                    objectOutputStream2.close();
                } catch (IOException e4) {
                }
            }
            throw th;
        }
    }

    public PGPPublicKeyRing update(byte[] bArr) throws IOException {
        PGPPublicKeyRing pGPPublicKeyRing = new PGPPublicKeyRing(bArr, sFingerprintCalculator);
        this.mPair.authKey = new PGPKeyPair(pGPPublicKeyRing.getPublicKey(), this.mPair.authKey.getPrivateKey());
        return pGPPublicKeyRing;
    }

    public void updateAccountManager(Context context) throws IOException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException, CertificateException, NoSuchProviderException, PGPException, OperatorCreationException {
        AccountManager accountManager = (AccountManager) context.getSystemService("account");
        Account defaultAccount = Authenticator.getDefaultAccount(accountManager);
        if (defaultAccount != null) {
            PGPPublicKeyRing publicKeyRing = getPublicKeyRing();
            byte[] encoded = X509Bridge.createCertificate(publicKeyRing, this.mPair.authKey.getPrivateKey()).getEncoded();
            accountManager.setUserData(defaultAccount, Authenticator.DATA_PUBLICKEY, Base64.encodeToString(publicKeyRing.getEncoded(), 2));
            accountManager.setUserData(defaultAccount, Authenticator.DATA_BRIDGECERT, Base64.encodeToString(encoded, 2));
        }
    }

    @Override // android.os.Parcelable
    public void writeToParcel(Parcel parcel, int i) {
        try {
            PGP.toParcel(this.mPair, parcel);
        } catch (Exception e) {
            throw new RuntimeException("error writing key to parcel", e);
        }
    }
}
