package org.apache.camel.converter.crypto;

import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.Security;
import java.security.SignatureException;
import java.util.Date;
import org.apache.camel.Exchange;
import org.apache.camel.spi.DataFormat;
import org.apache.camel.util.ExchangeHelper;
import org.apache.camel.util.IOHelper;
import org.apache.camel.util.ObjectHelper;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openpgp.PGPCompressedData;
import org.bouncycastle.openpgp.PGPCompressedDataGenerator;
import org.bouncycastle.openpgp.PGPEncryptedDataGenerator;
import org.bouncycastle.openpgp.PGPEncryptedDataList;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPLiteralData;
import org.bouncycastle.openpgp.PGPLiteralDataGenerator;
import org.bouncycastle.openpgp.PGPObjectFactory;
import org.bouncycastle.openpgp.PGPOnePassSignature;
import org.bouncycastle.openpgp.PGPOnePassSignatureList;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyEncryptedData;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSignatureGenerator;
import org.bouncycastle.openpgp.PGPSignatureList;
import org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator;
import org.bouncycastle.openpgp.PGPUtil;
import org.bouncycastle.util.io.Streams;

/* loaded from: input_file:org/apache/camel/converter/crypto/PGPDataFormat.class */
public class PGPDataFormat implements DataFormat {
    public static final String KEY_FILE_NAME = "CamelPGPDataFormatKeyFileName";
    public static final String KEY_USERID = "CamelPGPDataFormatKeyUserid";
    public static final String KEY_PASSWORD = "CamelPGPDataFormatKeyPassword";
    public static final String SIGNATURE_KEY_FILE_NAME = "CamelPGPDataFormatSignatureKeyFileName";
    public static final String SIGNATURE_KEY_USERID = "CamelPGPDataFormatSignatureKeyUserid";
    public static final String SIGNATURE_KEY_PASSWORD = "CamelPGPDataFormatSignatureKeyPassword";
    private static final int BUFFER_SIZE = 16384;
    private String keyUserid;
    private String password;
    private String keyFileName;
    private String signatureKeyUserid;
    private String signaturePassword;
    private String signatureKeyFileName;
    private boolean armored;
    private boolean integrity = true;

    public PGPDataFormat() {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }

    protected String findKeyFileName(Exchange exchange) {
        return (String) exchange.getIn().getHeader(KEY_FILE_NAME, this.keyFileName, String.class);
    }

    protected String findKeyUserid(Exchange exchange) {
        return (String) exchange.getIn().getHeader(KEY_USERID, this.keyUserid, String.class);
    }

    protected String findKeyPassword(Exchange exchange) {
        return (String) exchange.getIn().getHeader(KEY_PASSWORD, this.password, String.class);
    }

    protected String findSignatureKeyFileName(Exchange exchange) {
        return (String) exchange.getIn().getHeader(SIGNATURE_KEY_FILE_NAME, this.signatureKeyFileName, String.class);
    }

    protected String findSignatureKeyUserid(Exchange exchange) {
        return (String) exchange.getIn().getHeader(SIGNATURE_KEY_USERID, this.signatureKeyUserid, String.class);
    }

    protected String findSignatureKeyPassword(Exchange exchange) {
        return (String) exchange.getIn().getHeader(SIGNATURE_KEY_PASSWORD, this.signaturePassword, String.class);
    }

    public void marshal(Exchange exchange, Object obj, OutputStream outputStream) throws Exception {
        PGPPublicKey findPublicKey = PGPDataFormatUtil.findPublicKey(exchange.getContext(), findKeyFileName(exchange), findKeyUserid(exchange), true);
        if (findPublicKey == null) {
            throw new IllegalArgumentException("Public key is null, cannot proceed");
        }
        InputStream inputStream = (InputStream) ExchangeHelper.convertToMandatoryType(exchange, InputStream.class, obj);
        if (this.armored) {
            outputStream = new ArmoredOutputStream(outputStream);
        }
        PGPEncryptedDataGenerator pGPEncryptedDataGenerator = new PGPEncryptedDataGenerator(3, this.integrity, new SecureRandom(), "BC");
        pGPEncryptedDataGenerator.addMethod(findPublicKey);
        OutputStream open = pGPEncryptedDataGenerator.open(outputStream, new byte[BUFFER_SIZE]);
        BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new PGPCompressedDataGenerator(1).open(open));
        PGPSignatureGenerator createSignatureGenerator = createSignatureGenerator(exchange, bufferedOutputStream);
        PGPLiteralDataGenerator pGPLiteralDataGenerator = new PGPLiteralDataGenerator();
        String str = (String) exchange.getIn().getHeader("CamelFileName", String.class);
        if (ObjectHelper.isEmpty(str)) {
            str = "_CONSOLE";
        }
        OutputStream open2 = pGPLiteralDataGenerator.open(bufferedOutputStream, 'b', str, new Date(), new byte[BUFFER_SIZE]);
        try {
            byte[] bArr = new byte[BUFFER_SIZE];
            while (true) {
                int read = inputStream.read(bArr);
                if (read == -1) {
                    break;
                }
                open2.write(bArr, 0, read);
                if (createSignatureGenerator != null) {
                    createSignatureGenerator.update(bArr, 0, read);
                }
                open2.flush();
            }
            IOHelper.close(open2);
            if (createSignatureGenerator != null) {
                createSignatureGenerator.generate().encode(bufferedOutputStream);
            }
            IOHelper.close(new Closeable[]{bufferedOutputStream, open, outputStream, inputStream});
        } catch (Throwable th) {
            IOHelper.close(open2);
            if (createSignatureGenerator != null) {
                createSignatureGenerator.generate().encode(bufferedOutputStream);
            }
            IOHelper.close(new Closeable[]{bufferedOutputStream, open, outputStream, inputStream});
            throw th;
        }
    }

    protected PGPSignatureGenerator createSignatureGenerator(Exchange exchange, OutputStream outputStream) throws IOException, PGPException, NoSuchProviderException, NoSuchAlgorithmException {
        String findSignatureKeyFileName = findSignatureKeyFileName(exchange);
        String findSignatureKeyUserid = findSignatureKeyUserid(exchange);
        String findSignatureKeyPassword = findSignatureKeyPassword(exchange);
        if (findSignatureKeyFileName == null || findSignatureKeyUserid == null || findSignatureKeyPassword == null) {
            return null;
        }
        PGPSecretKey findSecretKey = PGPDataFormatUtil.findSecretKey(exchange.getContext(), findSignatureKeyFileName, findSignatureKeyPassword);
        if (findSecretKey == null) {
            throw new IllegalArgumentException("Signature secret key is null, cannot proceed");
        }
        PGPPrivateKey extractPrivateKey = findSecretKey.extractPrivateKey(findSignatureKeyPassword.toCharArray(), "BC");
        if (extractPrivateKey == null) {
            throw new IllegalArgumentException("Signature private key is null, cannot proceed");
        }
        PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator = new PGPSignatureSubpacketGenerator();
        pGPSignatureSubpacketGenerator.setSignerUserID(false, findSignatureKeyUserid);
        PGPSignatureGenerator pGPSignatureGenerator = new PGPSignatureGenerator(findSecretKey.getPublicKey().getAlgorithm(), 2, "BC");
        pGPSignatureGenerator.initSign(0, extractPrivateKey);
        pGPSignatureGenerator.setHashedSubpackets(pGPSignatureSubpacketGenerator.generate());
        pGPSignatureGenerator.generateOnePassVersion(false).encode(outputStream);
        return pGPSignatureGenerator;
    }

    public Object unmarshal(Exchange exchange, InputStream inputStream) throws Exception {
        PGPOnePassSignature pGPOnePassSignature;
        if (inputStream == null) {
            return null;
        }
        PGPPrivateKey findPrivateKey = PGPDataFormatUtil.findPrivateKey(exchange.getContext(), findKeyFileName(exchange), inputStream, findKeyPassword(exchange));
        if (findPrivateKey == null) {
            throw new IllegalArgumentException("Private key is null, cannot proceed");
        }
        try {
            InputStream decoderStream = PGPUtil.getDecoderStream(new ByteArrayInputStream(IOUtils.toByteArray(inputStream)));
            IOUtils.closeQuietly(inputStream);
            PGPObjectFactory pGPObjectFactory = new PGPObjectFactory(decoderStream);
            Object nextObject = pGPObjectFactory.nextObject();
            PGPEncryptedDataList pGPEncryptedDataList = nextObject instanceof PGPEncryptedDataList ? (PGPEncryptedDataList) nextObject : (PGPEncryptedDataList) pGPObjectFactory.nextObject();
            IOHelper.close(decoderStream);
            InputStream dataStream = ((PGPPublicKeyEncryptedData) pGPEncryptedDataList.get(0)).getDataStream(findPrivateKey, "BC");
            PGPObjectFactory pGPObjectFactory2 = new PGPObjectFactory(((PGPCompressedData) new PGPObjectFactory(dataStream).nextObject()).getDataStream());
            Object nextObject2 = pGPObjectFactory2.nextObject();
            if (nextObject2 instanceof PGPOnePassSignatureList) {
                pGPOnePassSignature = getSignature(exchange, (PGPOnePassSignatureList) nextObject2);
                nextObject2 = pGPObjectFactory2.nextObject();
            } else {
                pGPOnePassSignature = null;
            }
            InputStream inputStream2 = ((PGPLiteralData) nextObject2).getInputStream();
            try {
                byte[] readAll = Streams.readAll(inputStream2);
                IOHelper.close(new Closeable[]{inputStream2, dataStream, decoderStream});
                if (pGPOnePassSignature != null) {
                    pGPOnePassSignature.update(readAll);
                    if (!pGPOnePassSignature.verify(((PGPSignatureList) pGPObjectFactory2.nextObject()).get(0))) {
                        throw new SignatureException("Cannot verify PGP signature");
                    }
                }
                return readAll;
            } catch (Throwable th) {
                IOHelper.close(new Closeable[]{inputStream2, dataStream, decoderStream});
                throw th;
            }
        } catch (Throwable th2) {
            IOUtils.closeQuietly(inputStream);
            throw th2;
        }
    }

    protected PGPOnePassSignature getSignature(Exchange exchange, PGPOnePassSignatureList pGPOnePassSignatureList) throws IOException, PGPException, NoSuchProviderException {
        PGPPublicKey findPublicKey = PGPDataFormatUtil.findPublicKey(exchange.getContext(), findSignatureKeyFileName(exchange), findSignatureKeyUserid(exchange), false);
        if (findPublicKey == null) {
            throw new IllegalArgumentException("Signature public key is null, cannot proceed");
        }
        PGPOnePassSignature pGPOnePassSignature = pGPOnePassSignatureList.get(0);
        pGPOnePassSignature.initVerify(findPublicKey, "BC");
        return pGPOnePassSignature;
    }

    public void setArmored(boolean z) {
        this.armored = z;
    }

    public boolean getArmored() {
        return this.armored;
    }

    public void setIntegrity(boolean z) {
        this.integrity = z;
    }

    public boolean getIntegrity() {
        return this.integrity;
    }

    public void setKeyUserid(String str) {
        this.keyUserid = str;
    }

    public String getKeyUserid() {
        return this.keyUserid;
    }

    public void setKeyFileName(String str) {
        this.keyFileName = str;
    }

    public String getKeyFileName() {
        return this.keyFileName;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setSignatureKeyUserid(String str) {
        this.signatureKeyUserid = str;
    }

    public String getSignatureKeyUserid() {
        return this.signatureKeyUserid;
    }

    public void setSignatureKeyFileName(String str) {
        this.signatureKeyFileName = str;
    }

    public String getSignatureKeyFileName() {
        return this.signatureKeyFileName;
    }

    public void setSignaturePassword(String str) {
        this.signaturePassword = str;
    }

    public String getSignaturePassword() {
        return this.signaturePassword;
    }
}
