package name.neuhalfen.projects.crypto.bouncycastle.openpgp;

import java.io.IOException;
import java.io.OutputStream;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.time.Instant;
import java.util.HashSet;
import java.util.Objects;
import java.util.Set;
import javax.annotation.Nullable;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.algorithms.DefaultPGPAlgorithmSuites;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.algorithms.PGPAlgorithmSuite;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.encrypting.PGPEncryptingStream;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.callbacks.ByEMailKeySelectionStrategy;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.callbacks.KeySelectionStrategy;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.callbacks.Rfc4880KeySelectionStrategy;
import name.neuhalfen.projects.crypto.bouncycastle.openpgp.keys.keyrings.KeyringConfig;
import name.neuhalfen.projects.crypto.internal.Preconditions;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/BuildEncryptionOutputStreamAPI.class */
public final class BuildEncryptionOutputStreamAPI {
    private static final Logger LOGGER = LoggerFactory.getLogger(BuildEncryptionOutputStreamAPI.class);
    private WithKeySelectionStrategy keySelectionStrategyBuilder;
    private KeySelectionStrategy keySelectionStrategy;
    private OutputStream sinkForEncryptedData;
    private KeyringConfig encryptionConfig;
    private PGPAlgorithmSuite algorithmSuite;

    @Nullable
    private String signWith;
    private Set<PGPPublicKey> recipients;
    private boolean armorOutput;

    /* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/BuildEncryptionOutputStreamAPI$Build.class */
    public interface Build {
        OutputStream andWriteTo(OutputStream outputStream) throws PGPException, SignatureException, NoSuchAlgorithmException, NoSuchProviderException, IOException;
    }

    /* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/BuildEncryptionOutputStreamAPI$WithAlgorithmSuite.class */
    public interface WithAlgorithmSuite {

        /* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/BuildEncryptionOutputStreamAPI$WithAlgorithmSuite$To.class */
        public interface To {

            /* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/BuildEncryptionOutputStreamAPI$WithAlgorithmSuite$To$SignWith.class */
            public interface SignWith {

                /* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/BuildEncryptionOutputStreamAPI$WithAlgorithmSuite$To$SignWith$Armor.class */
                public interface Armor {
                    Build binaryOutput();

                    Build armorAsciiOutput();
                }

                Armor andSignWith(String str) throws IOException, PGPException;

                Armor andDoNotSign();
            }

            SignWith toRecipient(String str) throws PGPException;

            SignWith toRecipients(String... strArr) throws PGPException;
        }

        To withDefaultAlgorithms();

        To withStrongAlgorithms();

        To withOxAlgorithms();

        To withAlgorithms(PGPAlgorithmSuite pGPAlgorithmSuite);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/BuildEncryptionOutputStreamAPI$WithAlgorithmSuiteImpl.class */
    public class WithAlgorithmSuiteImpl implements WithAlgorithmSuite {

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/BuildEncryptionOutputStreamAPI$WithAlgorithmSuiteImpl$ToImpl.class */
        public final class ToImpl implements WithAlgorithmSuite.To {

            /* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/BuildEncryptionOutputStreamAPI$WithAlgorithmSuiteImpl$ToImpl$SignWithImpl.class */
            final class SignWithImpl implements WithAlgorithmSuite.To.SignWith {

                /* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/BuildEncryptionOutputStreamAPI$WithAlgorithmSuiteImpl$ToImpl$SignWithImpl$ArmorImpl.class */
                public final class ArmorImpl implements WithAlgorithmSuite.To.SignWith.Armor {

                    /* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/BuildEncryptionOutputStreamAPI$WithAlgorithmSuiteImpl$ToImpl$SignWithImpl$ArmorImpl$Builder.class */
                    public final class Builder implements Build {
                        public Builder() {
                        }

                        @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.Build
                        public OutputStream andWriteTo(OutputStream outputStream) throws PGPException, SignatureException, NoSuchAlgorithmException, NoSuchProviderException, IOException {
                            BuildEncryptionOutputStreamAPI.this.sinkForEncryptedData = outputStream;
                            return PGPEncryptingStream.create(BuildEncryptionOutputStreamAPI.this.encryptionConfig, BuildEncryptionOutputStreamAPI.this.algorithmSuite, BuildEncryptionOutputStreamAPI.this.signWith, BuildEncryptionOutputStreamAPI.this.sinkForEncryptedData, BuildEncryptionOutputStreamAPI.this.getKeySelectionStrategy(), BuildEncryptionOutputStreamAPI.this.armorOutput, BuildEncryptionOutputStreamAPI.this.recipients);
                        }
                    }

                    public ArmorImpl() {
                    }

                    @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuite.To.SignWith.Armor
                    public Build binaryOutput() {
                        BuildEncryptionOutputStreamAPI.this.armorOutput = false;
                        BuildEncryptionOutputStreamAPI.LOGGER.trace("binary output");
                        return new Builder();
                    }

                    @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuite.To.SignWith.Armor
                    public Build armorAsciiOutput() {
                        BuildEncryptionOutputStreamAPI.this.armorOutput = true;
                        BuildEncryptionOutputStreamAPI.LOGGER.trace("ascii armor output");
                        return new Builder();
                    }
                }

                SignWithImpl() {
                }

                @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuite.To.SignWith
                public WithAlgorithmSuite.To.SignWith.Armor andSignWith(String str) throws IOException, PGPException {
                    Preconditions.checkState(BuildEncryptionOutputStreamAPI.this.encryptionConfig.getSecretKeyRings() != null, "encryptionConfig.getSecretKeyRings() must not be null");
                    PGPPublicKey selectPublicKey = BuildEncryptionOutputStreamAPI.this.getKeySelectionStrategy().selectPublicKey(KeySelectionStrategy.PURPOSE.FOR_SIGNING, str, BuildEncryptionOutputStreamAPI.this.encryptionConfig);
                    if (selectPublicKey == null) {
                        throw new PGPException("No (suitable) public key for signing with '" + str + "' found");
                    }
                    if (BuildEncryptionOutputStreamAPI.this.encryptionConfig.getSecretKeyRings().getSecretKey(selectPublicKey.getKeyID()) == null) {
                        throw new PGPException("No (suitable) secret key for signing with " + str + " found (public key exists!)");
                    }
                    BuildEncryptionOutputStreamAPI.this.signWith = str;
                    BuildEncryptionOutputStreamAPI.LOGGER.trace("sign with {}", BuildEncryptionOutputStreamAPI.this.signWith);
                    return new ArmorImpl();
                }

                @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuite.To.SignWith
                public WithAlgorithmSuite.To.SignWith.Armor andDoNotSign() {
                    BuildEncryptionOutputStreamAPI.this.signWith = null;
                    BuildEncryptionOutputStreamAPI.LOGGER.trace("do not sign ");
                    return new ArmorImpl();
                }
            }

            ToImpl() {
            }

            private PGPPublicKey extractValidKey(String str) throws PGPException {
                Objects.requireNonNull(str, "recipient must not be null");
                Preconditions.checkArgument(!str.isEmpty(), "recipient must not be empty");
                try {
                    PGPPublicKey selectPublicKey = BuildEncryptionOutputStreamAPI.this.getKeySelectionStrategy().selectPublicKey(KeySelectionStrategy.PURPOSE.FOR_ENCRYPTION, str, BuildEncryptionOutputStreamAPI.this.encryptionConfig);
                    if (selectPublicKey == null) {
                        throw new PGPException("No (suitable) public key for encryption to " + str + " found");
                    }
                    BuildEncryptionOutputStreamAPI.LOGGER.trace("encrypt to recipient {} using key 0x{}", str, Long.toHexString(selectPublicKey.getKeyID()));
                    return selectPublicKey;
                } catch (IOException e) {
                    throw new PGPException("Failed to load keys", e);
                }
            }

            @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuite.To
            public WithAlgorithmSuite.To.SignWith toRecipient(String str) throws PGPException {
                BuildEncryptionOutputStreamAPI.this.recipients = new HashSet();
                BuildEncryptionOutputStreamAPI.this.recipients.add(extractValidKey(str));
                return new SignWithImpl();
            }

            @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuite.To
            public WithAlgorithmSuite.To.SignWith toRecipients(String... strArr) throws PGPException {
                BuildEncryptionOutputStreamAPI.this.recipients = new HashSet();
                for (String str : strArr) {
                    BuildEncryptionOutputStreamAPI.this.recipients.add(extractValidKey(str));
                }
                return new SignWithImpl();
            }
        }

        private WithAlgorithmSuiteImpl() {
        }

        @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuite
        public WithAlgorithmSuite.To withDefaultAlgorithms() {
            BuildEncryptionOutputStreamAPI.this.algorithmSuite = DefaultPGPAlgorithmSuites.defaultSuiteForGnuPG();
            BuildEncryptionOutputStreamAPI.LOGGER.trace("use algorithms {}", BuildEncryptionOutputStreamAPI.this.algorithmSuite.toString());
            return new ToImpl();
        }

        @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuite
        public WithAlgorithmSuite.To withStrongAlgorithms() {
            BuildEncryptionOutputStreamAPI.this.algorithmSuite = DefaultPGPAlgorithmSuites.strongSuite();
            BuildEncryptionOutputStreamAPI.LOGGER.trace("use algorithms {}", BuildEncryptionOutputStreamAPI.this.algorithmSuite.toString());
            return new ToImpl();
        }

        @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuite
        public WithAlgorithmSuite.To withOxAlgorithms() {
            BuildEncryptionOutputStreamAPI.this.algorithmSuite = DefaultPGPAlgorithmSuites.oxSuite();
            BuildEncryptionOutputStreamAPI.LOGGER.trace("use algorithms {}", BuildEncryptionOutputStreamAPI.this.toString());
            return new ToImpl();
        }

        @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuite
        public WithAlgorithmSuite.To withAlgorithms(PGPAlgorithmSuite pGPAlgorithmSuite) {
            Objects.requireNonNull(pGPAlgorithmSuite, "algorithmSuite must not be null");
            BuildEncryptionOutputStreamAPI.this.algorithmSuite = pGPAlgorithmSuite;
            BuildEncryptionOutputStreamAPI.LOGGER.trace("use algorithms {}", BuildEncryptionOutputStreamAPI.this.algorithmSuite.toString());
            return new ToImpl();
        }
    }

    /* loaded from: input_file:name/neuhalfen/projects/crypto/bouncycastle/openpgp/BuildEncryptionOutputStreamAPI$WithKeySelectionStrategy.class */
    public final class WithKeySelectionStrategy extends WithAlgorithmSuiteImpl {
        private static final boolean SELECT_UID_BY_E_MAIL_ONLY_DEFAULT = true;

        @Nullable
        private Instant dateOfTimestampVerification;

        @Nullable
        private Boolean selectUidByEMailOnly;

        @Nullable
        private KeySelectionStrategy keySelectionStrategy;

        private WithKeySelectionStrategy() {
            super();
            BuildEncryptionOutputStreamAPI.this.keySelectionStrategyBuilder = this;
        }

        public WithKeySelectionStrategy selectUidByAnyUidPart() {
            Preconditions.checkState(this.keySelectionStrategy == null, "selectUidByAnyUidPart/setReferenceDateForKeyValidityTo cannot be used together with 'withKeySelectionStrategy' ");
            this.selectUidByEMailOnly = false;
            return this;
        }

        public WithAlgorithmSuite setReferenceDateForKeyValidityTo(Instant instant) {
            Preconditions.checkState(this.keySelectionStrategy == null, "selectUidByAnyUidPart/setReferenceDateForKeyValidityTo cannot be used together with 'withKeySelectionStrategy' ");
            Objects.requireNonNull(instant, "dateOfTimestampVerification must not be null");
            this.dateOfTimestampVerification = instant;
            BuildEncryptionOutputStreamAPI.LOGGER.trace("WithKeySelectionStrategy: setReferenceDateForKeyValidityTo {}", instant);
            return this;
        }

        public WithAlgorithmSuite withKeySelectionStrategy(KeySelectionStrategy keySelectionStrategy) {
            Objects.requireNonNull(keySelectionStrategy, "strategy must not be null");
            Preconditions.checkState(this.selectUidByEMailOnly == null && this.dateOfTimestampVerification == null, "selectUidByAnyUidPart/setReferenceDateForKeyValidityTo cannot be used together with 'withKeySelectionStrategy' ");
            this.keySelectionStrategy = keySelectionStrategy;
            BuildEncryptionOutputStreamAPI.LOGGER.trace("WithKeySelectionStrategy: override strategy to {}", keySelectionStrategy.getClass().toGenericString());
            return this;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public KeySelectionStrategy buildKeySelectionStrategy() {
            if (this.keySelectionStrategy != null) {
                return this.keySelectionStrategy;
            }
            if (this.selectUidByEMailOnly == null) {
                this.selectUidByEMailOnly = true;
            }
            if (this.dateOfTimestampVerification == null) {
                this.dateOfTimestampVerification = Instant.now();
            }
            return this.selectUidByEMailOnly.booleanValue() ? new ByEMailKeySelectionStrategy(this.dateOfTimestampVerification) : new Rfc4880KeySelectionStrategy(this.dateOfTimestampVerification);
        }

        @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuiteImpl, name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuite
        public /* bridge */ /* synthetic */ WithAlgorithmSuite.To withAlgorithms(PGPAlgorithmSuite pGPAlgorithmSuite) {
            return super.withAlgorithms(pGPAlgorithmSuite);
        }

        @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuiteImpl, name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuite
        public /* bridge */ /* synthetic */ WithAlgorithmSuite.To withOxAlgorithms() {
            return super.withOxAlgorithms();
        }

        @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuiteImpl, name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuite
        public /* bridge */ /* synthetic */ WithAlgorithmSuite.To withStrongAlgorithms() {
            return super.withStrongAlgorithms();
        }

        @Override // name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuiteImpl, name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildEncryptionOutputStreamAPI.WithAlgorithmSuite
        public /* bridge */ /* synthetic */ WithAlgorithmSuite.To withDefaultAlgorithms() {
            return super.withDefaultAlgorithms();
        }
    }

    public WithKeySelectionStrategy withConfig(KeyringConfig keyringConfig) throws IOException, PGPException {
        Objects.requireNonNull(keyringConfig, "encryptionConfig must not be null");
        Objects.requireNonNull(keyringConfig.getKeyFingerPrintCalculator(), "encryptionConfig.getKeyFingerPrintCalculator() must not be null");
        Objects.requireNonNull(keyringConfig.getPublicKeyRings(), "encryptionConfig.getPublicKeyRings() must not be null");
        this.encryptionConfig = keyringConfig;
        return new WithKeySelectionStrategy();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public KeySelectionStrategy getKeySelectionStrategy() {
        if (this.keySelectionStrategy == null) {
            this.keySelectionStrategy = this.keySelectionStrategyBuilder.buildKeySelectionStrategy();
        }
        return this.keySelectionStrategy;
    }
}
