package org.bouncycastle2.openpgp;

import android.support.v4.internal.view.SupportMenu;
import android.support.v4.view.MotionEventCompat;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.spec.DSAPrivateKeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import org.bouncycastle2.bcpg.BCPGInputStream;
import org.bouncycastle2.bcpg.BCPGObject;
import org.bouncycastle2.bcpg.BCPGOutputStream;
import org.bouncycastle2.bcpg.ContainedPacket;
import org.bouncycastle2.bcpg.DSAPublicBCPGKey;
import org.bouncycastle2.bcpg.DSASecretBCPGKey;
import org.bouncycastle2.bcpg.ElGamalPublicBCPGKey;
import org.bouncycastle2.bcpg.ElGamalSecretBCPGKey;
import org.bouncycastle2.bcpg.PublicKeyPacket;
import org.bouncycastle2.bcpg.RSAPublicBCPGKey;
import org.bouncycastle2.bcpg.RSASecretBCPGKey;
import org.bouncycastle2.bcpg.S2K;
import org.bouncycastle2.bcpg.SecretKeyPacket;
import org.bouncycastle2.bcpg.SecretSubkeyPacket;
import org.bouncycastle2.bcpg.UserAttributePacket;
import org.bouncycastle2.bcpg.UserIDPacket;
import org.bouncycastle2.jce.interfaces.ElGamalPrivateKey;
import org.bouncycastle2.jce.spec.ElGamalParameterSpec;
import org.bouncycastle2.jce.spec.ElGamalPrivateKeySpec;

/* loaded from: classes.dex */
public class PGPSecretKey {
    final PGPPublicKey pub;
    final SecretKeyPacket secret;

    public PGPSecretKey(int i, int i2, PublicKey publicKey, PrivateKey privateKey, Date date, String str, int i3, char[] cArr, PGPSignatureSubpacketVector pGPSignatureSubpacketVector, PGPSignatureSubpacketVector pGPSignatureSubpacketVector2, SecureRandom secureRandom, String str2) throws PGPException, NoSuchProviderException {
        this(i, new PGPKeyPair(i2, publicKey, privateKey, date), str, i3, cArr, pGPSignatureSubpacketVector, pGPSignatureSubpacketVector2, secureRandom, str2);
    }

    public PGPSecretKey(int i, int i2, PublicKey publicKey, PrivateKey privateKey, Date date, String str, int i3, char[] cArr, boolean z, PGPSignatureSubpacketVector pGPSignatureSubpacketVector, PGPSignatureSubpacketVector pGPSignatureSubpacketVector2, SecureRandom secureRandom, String str2) throws PGPException, NoSuchProviderException {
        this(i, new PGPKeyPair(i2, publicKey, privateKey, date), str, i3, cArr, z, pGPSignatureSubpacketVector, pGPSignatureSubpacketVector2, secureRandom, str2);
    }

    public PGPSecretKey(int i, PGPKeyPair pGPKeyPair, String str, int i2, char[] cArr, PGPSignatureSubpacketVector pGPSignatureSubpacketVector, PGPSignatureSubpacketVector pGPSignatureSubpacketVector2, SecureRandom secureRandom, String str2) throws PGPException, NoSuchProviderException {
        this(i, pGPKeyPair, str, i2, cArr, false, pGPSignatureSubpacketVector, pGPSignatureSubpacketVector2, secureRandom, str2);
    }

    public PGPSecretKey(int i, PGPKeyPair pGPKeyPair, String str, int i2, char[] cArr, boolean z, PGPSignatureSubpacketVector pGPSignatureSubpacketVector, PGPSignatureSubpacketVector pGPSignatureSubpacketVector2, SecureRandom secureRandom, String str2) throws PGPException, NoSuchProviderException {
        this(i, pGPKeyPair, str, i2, cArr, z, pGPSignatureSubpacketVector, pGPSignatureSubpacketVector2, secureRandom, PGPUtil.getProvider(str2));
    }

    public PGPSecretKey(int i, PGPKeyPair pGPKeyPair, String str, int i2, char[] cArr, boolean z, PGPSignatureSubpacketVector pGPSignatureSubpacketVector, PGPSignatureSubpacketVector pGPSignatureSubpacketVector2, SecureRandom secureRandom, Provider provider) throws PGPException {
        this(pGPKeyPair.getPrivateKey(), certifiedPublicKey(i, pGPKeyPair, str, pGPSignatureSubpacketVector, pGPSignatureSubpacketVector2, provider), i2, cArr, z, secureRandom, true, provider);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PGPSecretKey(SecretKeyPacket secretKeyPacket, PGPPublicKey pGPPublicKey) {
        this.secret = secretKeyPacket;
        this.pub = pGPPublicKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PGPSecretKey(PGPPrivateKey pGPPrivateKey, PGPPublicKey pGPPublicKey, int i, char[] cArr, boolean z, SecureRandom secureRandom, Provider provider) throws PGPException {
        this(pGPPrivateKey, pGPPublicKey, i, cArr, z, secureRandom, false, provider);
    }

    PGPSecretKey(PGPPrivateKey pGPPrivateKey, PGPPublicKey pGPPublicKey, int i, char[] cArr, boolean z, SecureRandom secureRandom, boolean z2, Provider provider) throws PGPException {
        BCPGObject elGamalSecretBCPGKey;
        this.pub = pGPPublicKey;
        switch (pGPPublicKey.getAlgorithm()) {
            case 1:
            case 2:
            case 3:
                RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) pGPPrivateKey.getKey();
                elGamalSecretBCPGKey = new RSASecretBCPGKey(rSAPrivateCrtKey.getPrivateExponent(), rSAPrivateCrtKey.getPrimeP(), rSAPrivateCrtKey.getPrimeQ());
                break;
            case 16:
            case 20:
                elGamalSecretBCPGKey = new ElGamalSecretBCPGKey(((ElGamalPrivateKey) pGPPrivateKey.getKey()).getX());
                break;
            case 17:
                elGamalSecretBCPGKey = new DSASecretBCPGKey(((DSAPrivateKey) pGPPrivateKey.getKey()).getX());
                break;
            default:
                throw new PGPException("unknown key class");
        }
        String symmetricCipherName = PGPUtil.getSymmetricCipherName(i);
        Cipher cipher = null;
        if (symmetricCipherName != null) {
            try {
                cipher = Cipher.getInstance(String.valueOf(symmetricCipherName) + "/CFB/NoPadding", provider);
            } catch (Exception e) {
                throw new PGPException("Exception creating cipher", e);
            }
        }
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            BCPGOutputStream bCPGOutputStream = new BCPGOutputStream(byteArrayOutputStream);
            bCPGOutputStream.writeObject(elGamalSecretBCPGKey);
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            bCPGOutputStream.write(checksum(z, byteArray, byteArray.length));
            if (cipher == null) {
                if (z2) {
                    this.secret = new SecretKeyPacket(this.pub.publicPk, i, null, null, byteArrayOutputStream.toByteArray());
                    return;
                } else {
                    this.secret = new SecretSubkeyPacket(this.pub.publicPk, i, null, null, byteArrayOutputStream.toByteArray());
                    return;
                }
            }
            byte[] bArr = new byte[8];
            secureRandom.nextBytes(bArr);
            S2K s2k = new S2K(2, bArr, 96);
            cipher.init(1, PGPUtil.makeKeyFromPassPhrase(i, s2k, cArr, provider), secureRandom);
            byte[] iv = cipher.getIV();
            byte[] doFinal = cipher.doFinal(byteArrayOutputStream.toByteArray());
            int i2 = z ? SecretKeyPacket.USAGE_SHA1 : 255;
            if (z2) {
                this.secret = new SecretKeyPacket(this.pub.publicPk, i, i2, s2k, iv, doFinal);
            } else {
                this.secret = new SecretSubkeyPacket(this.pub.publicPk, i, i2, s2k, iv, doFinal);
            }
        } catch (PGPException e2) {
            throw e2;
        } catch (Exception e3) {
            throw new PGPException("Exception encrypting key", e3);
        }
    }

    private static PGPPublicKey certifiedPublicKey(int i, PGPKeyPair pGPKeyPair, String str, PGPSignatureSubpacketVector pGPSignatureSubpacketVector, PGPSignatureSubpacketVector pGPSignatureSubpacketVector2, Provider provider) throws PGPException {
        try {
            PGPSignatureGenerator pGPSignatureGenerator = new PGPSignatureGenerator(pGPKeyPair.getPublicKey().getAlgorithm(), 2, provider);
            pGPSignatureGenerator.initSign(i, pGPKeyPair.getPrivateKey());
            pGPSignatureGenerator.setHashedSubpackets(pGPSignatureSubpacketVector);
            pGPSignatureGenerator.setUnhashedSubpackets(pGPSignatureSubpacketVector2);
            try {
                return PGPPublicKey.addCertification(pGPKeyPair.getPublicKey(), str, pGPSignatureGenerator.generateCertification(str, pGPKeyPair.getPublicKey()));
            } catch (Exception e) {
                throw new PGPException("exception doing certification: " + e, e);
            }
        } catch (Exception e2) {
            throw new PGPException("creating signature generator: " + e2, e2);
        }
    }

    private static byte[] checksum(boolean z, byte[] bArr, int i) throws PGPException {
        if (z) {
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
                messageDigest.update(bArr, 0, i);
                return messageDigest.digest();
            } catch (NoSuchAlgorithmException e) {
                throw new PGPException("Can't find SHA-1", e);
            }
        }
        int i2 = 0;
        for (int i3 = 0; i3 != i; i3++) {
            i2 += bArr[i3] & 255;
        }
        return new byte[]{(byte) (i2 >> 8), (byte) i2};
    }

    public static PGPSecretKey copyWithNewPassword(PGPSecretKey pGPSecretKey, char[] cArr, char[] cArr2, int i, SecureRandom secureRandom, String str) throws PGPException, NoSuchProviderException {
        return copyWithNewPassword(pGPSecretKey, cArr, cArr2, i, secureRandom, PGPUtil.getProvider(str));
    }

    public static PGPSecretKey copyWithNewPassword(PGPSecretKey pGPSecretKey, char[] cArr, char[] cArr2, int i, SecureRandom secureRandom, Provider provider) throws PGPException {
        byte[] doFinal;
        byte[] extractKeyData = pGPSecretKey.extractKeyData(cArr, provider);
        int s2KUsage = pGPSecretKey.secret.getS2KUsage();
        byte[] bArr = (byte[]) null;
        S2K s2k = null;
        if (i == 0) {
            s2KUsage = 0;
            if (pGPSecretKey.secret.getS2KUsage() == 254) {
                doFinal = new byte[extractKeyData.length - 18];
                System.arraycopy(extractKeyData, 0, doFinal, 0, doFinal.length - 2);
                byte[] checksum = checksum(false, doFinal, doFinal.length - 2);
                doFinal[doFinal.length - 2] = checksum[0];
                doFinal[doFinal.length - 1] = checksum[1];
            } else {
                doFinal = extractKeyData;
            }
        } else {
            try {
                Cipher cipher = Cipher.getInstance(String.valueOf(PGPUtil.getSymmetricCipherName(i)) + "/CFB/NoPadding", provider);
                byte[] bArr2 = new byte[8];
                secureRandom.nextBytes(bArr2);
                s2k = new S2K(2, bArr2, 96);
                try {
                    cipher.init(1, PGPUtil.makeKeyFromPassPhrase(i, s2k, cArr2, provider), secureRandom);
                    bArr = cipher.getIV();
                    doFinal = cipher.doFinal(extractKeyData);
                } catch (PGPException e) {
                    throw e;
                } catch (Exception e2) {
                    throw new PGPException("Exception encrypting key", e2);
                }
            } catch (Exception e3) {
                throw new PGPException("Exception creating cipher", e3);
            }
        }
        return new PGPSecretKey(pGPSecretKey.secret instanceof SecretSubkeyPacket ? new SecretSubkeyPacket(pGPSecretKey.secret.getPublicKeyPacket(), i, s2KUsage, s2k, bArr, doFinal) : new SecretKeyPacket(pGPSecretKey.secret.getPublicKeyPacket(), i, s2KUsage, s2k, bArr, doFinal), pGPSecretKey.pub);
    }

    private byte[] extractKeyData(char[] cArr, Provider provider) throws PGPException {
        String symmetricCipherName = PGPUtil.getSymmetricCipherName(this.secret.getEncAlgorithm());
        Cipher cipher = null;
        if (symmetricCipherName != null) {
            try {
                cipher = Cipher.getInstance(String.valueOf(symmetricCipherName) + "/CFB/NoPadding", provider);
            } catch (Exception e) {
                throw new PGPException("Exception creating cipher", e);
            }
        }
        byte[] secretKeyData = this.secret.getSecretKeyData();
        try {
            if (cipher == null) {
                return secretKeyData;
            }
            try {
                if (this.secret.getPublicKeyPacket().getVersion() == 4) {
                    cipher.init(2, PGPUtil.makeKeyFromPassPhrase(this.secret.getEncAlgorithm(), this.secret.getS2K(), cArr, provider), new IvParameterSpec(this.secret.getIV()));
                    byte[] doFinal = cipher.doFinal(secretKeyData, 0, secretKeyData.length);
                    boolean z = this.secret.getS2KUsage() == 254;
                    byte[] checksum = checksum(z, doFinal, z ? doFinal.length - 20 : doFinal.length - 2);
                    for (int i = 0; i != checksum.length; i++) {
                        if (checksum[i] != doFinal[(doFinal.length - checksum.length) + i]) {
                            throw new PGPException("checksum mismatch at " + i + " of " + checksum.length);
                        }
                    }
                    return doFinal;
                }
                SecretKey makeKeyFromPassPhrase = PGPUtil.makeKeyFromPassPhrase(this.secret.getEncAlgorithm(), this.secret.getS2K(), cArr, provider);
                byte[] bArr = new byte[secretKeyData.length];
                byte[] bArr2 = new byte[this.secret.getIV().length];
                System.arraycopy(this.secret.getIV(), 0, bArr2, 0, bArr2.length);
                int i2 = 0;
                for (int i3 = 0; i3 != 4; i3++) {
                    cipher.init(2, makeKeyFromPassPhrase, new IvParameterSpec(bArr2));
                    int i4 = (((secretKeyData[i2] << 8) | (secretKeyData[i2 + 1] & 255)) + 7) / 8;
                    bArr[i2] = secretKeyData[i2];
                    bArr[i2 + 1] = secretKeyData[i2 + 1];
                    cipher.doFinal(secretKeyData, i2 + 2, i4, bArr, i2 + 2);
                    i2 += i4 + 2;
                    if (i3 != 3) {
                        System.arraycopy(secretKeyData, i2 - bArr2.length, bArr2, 0, bArr2.length);
                    }
                }
                int i5 = ((secretKeyData[i2] << 8) & MotionEventCompat.ACTION_POINTER_INDEX_MASK) | (secretKeyData[i2 + 1] & 255);
                int i6 = 0;
                for (int i7 = 0; i7 < bArr.length - 2; i7++) {
                    i6 += bArr[i7] & 255;
                }
                int i8 = i6 & SupportMenu.USER_MASK;
                if (i8 != i5) {
                    throw new PGPException("checksum mismatch: passphrase wrong, expected " + Integer.toHexString(i5) + " found " + Integer.toHexString(i8));
                }
                return bArr;
            } catch (PGPException e2) {
                throw e2;
            } catch (Exception e3) {
                throw new PGPException("Exception decrypting key", e3);
            }
        } catch (PGPException e4) {
            throw e4;
        } catch (Exception e5) {
            throw new PGPException("Exception constructing key", e5);
        }
    }

    public static PGPSecretKey replacePublicKey(PGPSecretKey pGPSecretKey, PGPPublicKey pGPPublicKey) {
        if (pGPPublicKey.getKeyID() != pGPSecretKey.getKeyID()) {
            throw new IllegalArgumentException("keyIDs do not match");
        }
        return new PGPSecretKey(pGPSecretKey.secret, pGPPublicKey);
    }

    public void encode(OutputStream outputStream) throws IOException {
        BCPGOutputStream bCPGOutputStream = outputStream instanceof BCPGOutputStream ? (BCPGOutputStream) outputStream : new BCPGOutputStream(outputStream);
        bCPGOutputStream.writePacket(this.secret);
        if (this.pub.trustPk != null) {
            bCPGOutputStream.writePacket(this.pub.trustPk);
        }
        if (this.pub.subSigs != null) {
            for (int i = 0; i != this.pub.subSigs.size(); i++) {
                ((PGPSignature) this.pub.subSigs.get(i)).encode(bCPGOutputStream);
            }
            return;
        }
        for (int i2 = 0; i2 != this.pub.keySigs.size(); i2++) {
            ((PGPSignature) this.pub.keySigs.get(i2)).encode(bCPGOutputStream);
        }
        for (int i3 = 0; i3 != this.pub.ids.size(); i3++) {
            if (this.pub.ids.get(i3) instanceof String) {
                bCPGOutputStream.writePacket(new UserIDPacket((String) this.pub.ids.get(i3)));
            } else {
                bCPGOutputStream.writePacket(new UserAttributePacket(((PGPUserAttributeSubpacketVector) this.pub.ids.get(i3)).toSubpacketArray()));
            }
            if (this.pub.idTrusts.get(i3) != null) {
                bCPGOutputStream.writePacket((ContainedPacket) this.pub.idTrusts.get(i3));
            }
            ArrayList arrayList = (ArrayList) this.pub.idSigs.get(i3);
            for (int i4 = 0; i4 != arrayList.size(); i4++) {
                ((PGPSignature) arrayList.get(i4)).encode(bCPGOutputStream);
            }
        }
    }

    public PGPPrivateKey extractPrivateKey(char[] cArr, String str) throws PGPException, NoSuchProviderException {
        return extractPrivateKey(cArr, PGPUtil.getProvider(str));
    }

    public PGPPrivateKey extractPrivateKey(char[] cArr, Provider provider) throws PGPException {
        byte[] secretKeyData = this.secret.getSecretKeyData();
        if (secretKeyData == null || secretKeyData.length < 1) {
            return null;
        }
        PublicKeyPacket publicKeyPacket = this.secret.getPublicKeyPacket();
        try {
            BCPGInputStream bCPGInputStream = new BCPGInputStream(new ByteArrayInputStream(extractKeyData(cArr, provider)));
            switch (publicKeyPacket.getAlgorithm()) {
                case 1:
                case 2:
                case 3:
                    RSAPublicBCPGKey rSAPublicBCPGKey = (RSAPublicBCPGKey) publicKeyPacket.getKey();
                    RSASecretBCPGKey rSASecretBCPGKey = new RSASecretBCPGKey(bCPGInputStream);
                    return new PGPPrivateKey(KeyFactory.getInstance("RSA", provider).generatePrivate(new RSAPrivateCrtKeySpec(rSASecretBCPGKey.getModulus(), rSAPublicBCPGKey.getPublicExponent(), rSASecretBCPGKey.getPrivateExponent(), rSASecretBCPGKey.getPrimeP(), rSASecretBCPGKey.getPrimeQ(), rSASecretBCPGKey.getPrimeExponentP(), rSASecretBCPGKey.getPrimeExponentQ(), rSASecretBCPGKey.getCrtCoefficient())), getKeyID());
                case 16:
                case 20:
                    ElGamalPublicBCPGKey elGamalPublicBCPGKey = (ElGamalPublicBCPGKey) publicKeyPacket.getKey();
                    return new PGPPrivateKey(KeyFactory.getInstance("ElGamal", provider).generatePrivate(new ElGamalPrivateKeySpec(new ElGamalSecretBCPGKey(bCPGInputStream).getX(), new ElGamalParameterSpec(elGamalPublicBCPGKey.getP(), elGamalPublicBCPGKey.getG()))), getKeyID());
                case 17:
                    DSAPublicBCPGKey dSAPublicBCPGKey = (DSAPublicBCPGKey) publicKeyPacket.getKey();
                    return new PGPPrivateKey(KeyFactory.getInstance("DSA", provider).generatePrivate(new DSAPrivateKeySpec(new DSASecretBCPGKey(bCPGInputStream).getX(), dSAPublicBCPGKey.getP(), dSAPublicBCPGKey.getQ(), dSAPublicBCPGKey.getG())), getKeyID());
                default:
                    throw new PGPException("unknown public key algorithm encountered");
            }
        } catch (PGPException e) {
            throw e;
        } catch (Exception e2) {
            throw new PGPException("Exception constructing key", e2);
        }
    }

    public byte[] getEncoded() throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        encode(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    public int getKeyEncryptionAlgorithm() {
        return this.secret.getEncAlgorithm();
    }

    public long getKeyID() {
        return this.pub.getKeyID();
    }

    public PGPPublicKey getPublicKey() {
        return this.pub;
    }

    public Iterator getUserAttributes() {
        return this.pub.getUserAttributes();
    }

    public Iterator getUserIDs() {
        return this.pub.getUserIDs();
    }

    public boolean isMasterKey() {
        return this.pub.isMasterKey();
    }

    public boolean isSigningKey() {
        int algorithm = this.pub.getAlgorithm();
        return algorithm == 1 || algorithm == 3 || algorithm == 17 || algorithm == 19 || algorithm == 20;
    }
}
