package org.jivesoftware.smackx.ox.crypto;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.Collection;
import java.util.Iterator;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
import org.bouncycastle.util.io.Streams;
import org.jivesoftware.smack.SmackException;
import org.jivesoftware.smack.XMPPConnection;
import org.jivesoftware.smack.XMPPException;
import org.jivesoftware.smack.util.Objects;
import org.jivesoftware.smack.util.stringencoder.Base64;
import org.jivesoftware.smackx.ox.OpenPgpContact;
import org.jivesoftware.smackx.ox.OpenPgpMessage;
import org.jivesoftware.smackx.ox.OpenPgpSelf;
import org.jivesoftware.smackx.ox.element.CryptElement;
import org.jivesoftware.smackx.ox.element.OpenPgpElement;
import org.jivesoftware.smackx.ox.element.SignElement;
import org.jivesoftware.smackx.ox.element.SigncryptElement;
import org.jivesoftware.smackx.ox.store.definition.OpenPgpStore;
import org.jivesoftware.smackx.pubsub.PubSubException;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.DocumentSignatureType;
import org.pgpainless.decryption_verification.ConsumerOptions;
import org.pgpainless.decryption_verification.DecryptionStream;
import org.pgpainless.decryption_verification.MissingPublicKeyCallback;
import org.pgpainless.decryption_verification.OpenPgpMetadata;
import org.pgpainless.encryption_signing.EncryptionOptions;
import org.pgpainless.encryption_signing.EncryptionStream;
import org.pgpainless.encryption_signing.ProducerOptions;
import org.pgpainless.encryption_signing.SigningOptions;

/* loaded from: input_file:org/jivesoftware/smackx/ox/crypto/PainlessOpenPgpProvider.class */
public class PainlessOpenPgpProvider implements OpenPgpProvider {
    private static final Logger LOGGER = Logger.getLogger(PainlessOpenPgpProvider.class.getName());
    private final OpenPgpStore store;

    public PainlessOpenPgpProvider(OpenPgpStore openPgpStore) {
        this.store = (OpenPgpStore) Objects.requireNonNull(openPgpStore);
    }

    @Override // org.jivesoftware.smackx.ox.crypto.OpenPgpProvider
    public OpenPgpStore getStore() {
        return this.store;
    }

    @Override // org.jivesoftware.smackx.ox.crypto.OpenPgpProvider
    public OpenPgpElementAndMetadata signAndEncrypt(SigncryptElement signcryptElement, OpenPgpSelf openPgpSelf, Collection<OpenPgpContact> collection) throws IOException, PGPException {
        InputStream inputStream = signcryptElement.toInputStream();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        EncryptionOptions encryptCommunications = EncryptionOptions.encryptCommunications();
        for (OpenPgpContact openPgpContact : collection) {
            PGPPublicKeyRingCollection trustedAnnouncedKeys = openPgpContact.getTrustedAnnouncedKeys();
            if (trustedAnnouncedKeys == null) {
                LOGGER.log(Level.WARNING, "There are no suitable keys for contact " + openPgpContact.getJid());
            }
            encryptCommunications.addRecipients(trustedAnnouncedKeys);
        }
        encryptCommunications.addRecipients(openPgpSelf.getTrustedAnnouncedKeys());
        SigningOptions signingOptions = new SigningOptions();
        signingOptions.addInlineSignature(getStore().getKeyRingProtector(), openPgpSelf.getSigningKeyRing(), DocumentSignatureType.BINARY_DOCUMENT);
        EncryptionStream withOptions = PGPainless.encryptAndOrSign().onOutputStream(byteArrayOutputStream).withOptions(ProducerOptions.signAndEncrypt(encryptCommunications, signingOptions).setAsciiArmor(false));
        Streams.pipeAll(inputStream, withOptions);
        inputStream.close();
        withOptions.flush();
        withOptions.close();
        byteArrayOutputStream.close();
        return new OpenPgpElementAndMetadata(new OpenPgpElement(Base64.encodeToString(byteArrayOutputStream.toByteArray())), withOptions.getResult());
    }

    @Override // org.jivesoftware.smackx.ox.crypto.OpenPgpProvider
    public OpenPgpElementAndMetadata sign(SignElement signElement, OpenPgpSelf openPgpSelf) throws IOException, PGPException {
        InputStream inputStream = signElement.toInputStream();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        EncryptionStream withOptions = PGPainless.encryptAndOrSign().onOutputStream(byteArrayOutputStream).withOptions(ProducerOptions.sign(new SigningOptions().addInlineSignature(getStore().getKeyRingProtector(), openPgpSelf.getSigningKeyRing(), "xmpp:" + openPgpSelf.getJid().toString(), DocumentSignatureType.BINARY_DOCUMENT)).setAsciiArmor(false));
        Streams.pipeAll(inputStream, withOptions);
        inputStream.close();
        withOptions.flush();
        withOptions.close();
        byteArrayOutputStream.close();
        return new OpenPgpElementAndMetadata(new OpenPgpElement(Base64.encodeToString(byteArrayOutputStream.toByteArray())), withOptions.getResult());
    }

    @Override // org.jivesoftware.smackx.ox.crypto.OpenPgpProvider
    public OpenPgpElementAndMetadata encrypt(CryptElement cryptElement, OpenPgpSelf openPgpSelf, Collection<OpenPgpContact> collection) throws IOException, PGPException {
        InputStream inputStream = cryptElement.toInputStream();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        EncryptionOptions encryptCommunications = EncryptionOptions.encryptCommunications();
        for (OpenPgpContact openPgpContact : collection) {
            PGPPublicKeyRingCollection trustedAnnouncedKeys = openPgpContact.getTrustedAnnouncedKeys();
            if (trustedAnnouncedKeys == null) {
                LOGGER.log(Level.WARNING, "There are no suitable keys for contact " + openPgpContact.getJid());
            }
            encryptCommunications.addRecipients(trustedAnnouncedKeys);
        }
        encryptCommunications.addRecipients(openPgpSelf.getTrustedAnnouncedKeys());
        EncryptionStream withOptions = PGPainless.encryptAndOrSign().onOutputStream(byteArrayOutputStream).withOptions(ProducerOptions.encrypt(encryptCommunications).setAsciiArmor(false));
        Streams.pipeAll(inputStream, withOptions);
        inputStream.close();
        withOptions.flush();
        withOptions.close();
        byteArrayOutputStream.close();
        return new OpenPgpElementAndMetadata(new OpenPgpElement(Base64.encodeToString(byteArrayOutputStream.toByteArray())), withOptions.getResult());
    }

    @Override // org.jivesoftware.smackx.ox.crypto.OpenPgpProvider
    public OpenPgpMessage decryptAndOrVerify(final XMPPConnection xMPPConnection, OpenPgpElement openPgpElement, OpenPgpSelf openPgpSelf, final OpenPgpContact openPgpContact) throws IOException, PGPException {
        OpenPgpMessage.State state;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        InputStream inputStream = openPgpElement.toInputStream();
        PGPPublicKeyRingCollection announcedPublicKeys = openPgpContact.getAnnouncedPublicKeys();
        if (announcedPublicKeys == null) {
            try {
                openPgpContact.updateKeys(xMPPConnection);
                announcedPublicKeys = openPgpContact.getAnnouncedPublicKeys();
            } catch (InterruptedException | PubSubException.NotALeafNodeException | PubSubException.NotAPubSubNodeException | SmackException.NotConnectedException | SmackException.NoResponseException | XMPPException.XMPPErrorException e) {
                throw new PGPException("Abort decryption due to lack of keys", e);
            }
        }
        DecryptionStream withOptions = PGPainless.decryptAndOrVerify().onInputStream(inputStream).withOptions(new ConsumerOptions().addDecryptionKeys(openPgpSelf.getSecretKeys(), getStore().getKeyRingProtector()).addVerificationCerts(announcedPublicKeys).setMissingCertificateCallback(new MissingPublicKeyCallback() { // from class: org.jivesoftware.smackx.ox.crypto.PainlessOpenPgpProvider.1
            public PGPPublicKeyRing onMissingPublicKeyEncountered(Long l) {
                try {
                    openPgpContact.updateKeys(xMPPConnection);
                    Iterator it = openPgpContact.getAnyPublicKeys().iterator();
                    while (it.hasNext()) {
                        PGPPublicKeyRing pGPPublicKeyRing = (PGPPublicKeyRing) it.next();
                        if (pGPPublicKeyRing.getPublicKey(l.longValue()) != null) {
                            return pGPPublicKeyRing;
                        }
                    }
                    return null;
                } catch (InterruptedException | PubSubException.NotALeafNodeException | PubSubException.NotAPubSubNodeException | SmackException.NotConnectedException | SmackException.NoResponseException | XMPPException.XMPPErrorException | IOException | PGPException e2) {
                    PainlessOpenPgpProvider.LOGGER.log(Level.WARNING, "Cannot fetch missing key " + l, e2);
                    return null;
                }
            }
        }));
        Streams.pipeAll(withOptions, byteArrayOutputStream);
        inputStream.close();
        withOptions.close();
        byteArrayOutputStream.close();
        OpenPgpMetadata result = withOptions.getResult();
        if (result.isSigned()) {
            state = result.isEncrypted() ? OpenPgpMessage.State.signcrypt : OpenPgpMessage.State.sign;
        } else {
            if (!result.isEncrypted()) {
                throw new PGPException("Received message appears to be neither encrypted, nor signed.");
            }
            state = OpenPgpMessage.State.crypt;
        }
        return new OpenPgpMessage(byteArrayOutputStream.toByteArray(), state, result);
    }
}
