package org.jivesoftware.smackx.ox.util;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.Date;
import java.util.Set;
import org.bouncycastle.bcpg.BCPGOutputStream;
import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
import org.bouncycastle.openpgp.PGPCompressedDataGenerator;
import org.bouncycastle.openpgp.PGPEncryptedDataGenerator;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPLiteralDataGenerator;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPUtil;
import org.bouncycastle.openpgp.WrappedGeneratorStream;
import org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator;
import org.bouncycastle.openpgp.operator.jcajce.JcePBEKeyEncryptionMethodGenerator;
import org.bouncycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder;
import org.bouncycastle.openpgp.operator.jcajce.OperatorHelper;
import org.bouncycastle.util.Strings;
import org.jivesoftware.smack.util.StringUtils;
import org.jivesoftware.smack.util.stringencoder.Base64;
import org.jivesoftware.smackx.ox.OpenPgpSecretKeyBackupPassphrase;
import org.jivesoftware.smackx.ox.crypto.OpenPgpProvider;
import org.jivesoftware.smackx.ox.element.SecretkeyElement;
import org.jivesoftware.smackx.ox.exception.InvalidBackupCodeException;
import org.jivesoftware.smackx.ox.exception.MissingOpenPgpKeyException;
import org.jxmpp.jid.BareJid;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.CompressionAlgorithm;
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
import org.pgpainless.key.OpenPgpV4Fingerprint;
import org.pgpainless.provider.ProviderFactory;
import org.pgpainless.util.Passphrase;

/* loaded from: classes2.dex */
public class SecretKeyBackupHelper {
    public static SecretkeyElement createSecretkeyElement(OpenPgpProvider openPgpProvider, BareJid bareJid, Set<OpenPgpV4Fingerprint> set, OpenPgpSecretKeyBackupPassphrase openPgpSecretKeyBackupPassphrase) throws PGPException, IOException, MissingOpenPgpKeyException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        for (OpenPgpV4Fingerprint openPgpV4Fingerprint : set) {
            PGPSecretKeyRing secretKeyRing = openPgpProvider.getStore().getSecretKeyRing(bareJid, openPgpV4Fingerprint);
            if (secretKeyRing == null) {
                throw new MissingOpenPgpKeyException(bareJid, openPgpV4Fingerprint);
            }
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            secretKeyRing.encode(byteArrayOutputStream2);
            byteArrayOutputStream.write(byteArrayOutputStream2.toByteArray());
        }
        return createSecretkeyElement(byteArrayOutputStream.toByteArray(), openPgpSecretKeyBackupPassphrase);
    }

    public static SecretkeyElement createSecretkeyElement(byte[] bArr, OpenPgpSecretKeyBackupPassphrase openPgpSecretKeyBackupPassphrase) throws PGPException, IOException {
        char[] cArr;
        char[] charArray = openPgpSecretKeyBackupPassphrase.toString().toCharArray();
        Object obj = new Object();
        SymmetricKeyAlgorithm symmetricKeyAlgorithm = SymmetricKeyAlgorithm.NULL;
        CompressionAlgorithm compressionAlgorithm = CompressionAlgorithm.UNCOMPRESSED;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        PGPCompressedDataGenerator pGPCompressedDataGenerator = new PGPCompressedDataGenerator(0);
        WrappedGeneratorStream open = pGPCompressedDataGenerator.open(byteArrayOutputStream);
        PGPLiteralDataGenerator pGPLiteralDataGenerator = new PGPLiteralDataGenerator();
        long length = bArr.length;
        Date date = new Date();
        if (pGPLiteralDataGenerator.pkOut != null) {
            throw new IllegalStateException("generator already in open state");
        }
        String str = Strings.LINE_SEPARATOR;
        byte[] uTF8ByteArray = Strings.toUTF8ByteArray("_CONSOLE".toCharArray());
        BCPGOutputStream bCPGOutputStream = new BCPGOutputStream(open, 11, length + 2 + uTF8ByteArray.length + 4, false);
        pGPLiteralDataGenerator.pkOut = bCPGOutputStream;
        PGPLiteralDataGenerator.writeHeader(bCPGOutputStream, uTF8ByteArray, date.getTime());
        WrappedGeneratorStream wrappedGeneratorStream = new WrappedGeneratorStream(pGPLiteralDataGenerator.pkOut, pGPLiteralDataGenerator);
        wrappedGeneratorStream.write(bArr);
        wrappedGeneratorStream.close();
        pGPCompressedDataGenerator.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
        JcePGPDataEncryptorBuilder jcePGPDataEncryptorBuilder = new JcePGPDataEncryptorBuilder(9);
        jcePGPDataEncryptorBuilder.withIntegrityPacket = true;
        jcePGPDataEncryptorBuilder.random = new SecureRandom();
        jcePGPDataEncryptorBuilder.helper = new OperatorHelper(new ProviderJcaJceHelper(ProviderFactory.getProvider()));
        PGPEncryptedDataGenerator pGPEncryptedDataGenerator = new PGPEncryptedDataGenerator(jcePGPDataEncryptorBuilder);
        synchronized (obj) {
            if (charArray == null) {
                cArr = null;
            } else {
                cArr = new char[charArray.length];
                System.arraycopy(charArray, 0, cArr, 0, charArray.length);
            }
        }
        JcePBEKeyEncryptionMethodGenerator jcePBEKeyEncryptionMethodGenerator = new JcePBEKeyEncryptionMethodGenerator(cArr);
        jcePBEKeyEncryptionMethodGenerator.helper = new OperatorHelper(new ProviderJcaJceHelper(ProviderFactory.getProvider()));
        pGPEncryptedDataGenerator.methods.add(jcePBEKeyEncryptionMethodGenerator);
        WrappedGeneratorStream open2 = pGPEncryptedDataGenerator.open(byteArrayOutputStream2, byteArray.length, null);
        open2.write(byteArray);
        open2.close();
        return new SecretkeyElement(Base64.encode(byteArrayOutputStream2.toByteArray()));
    }

    public static OpenPgpSecretKeyBackupPassphrase generateBackupPassword() {
        return new OpenPgpSecretKeyBackupPassphrase(StringUtils.secureOfflineAttackSafeRandomString());
    }

    public static PGPSecretKeyRing restoreSecretKeyBackup(SecretkeyElement secretkeyElement, OpenPgpSecretKeyBackupPassphrase openPgpSecretKeyBackupPassphrase) throws InvalidBackupCodeException, IOException, PGPException {
        try {
            return new PGPSecretKeyRing(PGPUtil.getDecoderStream(new ByteArrayInputStream(PGPainless.decryptWithPassword(Base64.decode(secretkeyElement.getB64Data()), new Passphrase(openPgpSecretKeyBackupPassphrase.toString().toCharArray())))), new BcKeyFingerprintCalculator());
        } catch (IOException | PGPException e) {
            throw new InvalidBackupCodeException("Could not decrypt secret key backup. Possibly wrong passphrase?", e);
        }
    }
}
