package com.appiancorp.common.crypto;

import com.appiancorp.common.encoding.Base64Codec;
import com.appiancorp.common.encoding.Base64Standard;
import com.appiancorp.common.encoding.Base64UrlSafe;
import com.appiancorp.core.crypto.Cryptographer;
import com.google.common.base.Charsets;
import com.google.common.base.Strings;
import com.google.common.io.ByteStreams;
import java.io.ByteArrayOutputStream;
import java.io.FilterInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import org.apache.commons.codec.binary.Base64InputStream;
import org.apache.commons.codec.binary.Base64OutputStream;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.openpgp.PGPEncryptedData;
import org.bouncycastle.openpgp.PGPEncryptedDataGenerator;
import org.bouncycastle.openpgp.PGPEncryptedDataList;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPBEEncryptedData;
import org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory;
import org.bouncycastle.openpgp.operator.PBEDataDecryptorFactory;

/* loaded from: input_file:com/appiancorp/common/crypto/PGPCryptographer.class */
class PGPCryptographer implements Cryptographer {
    public static final int ENCRYPTED_OUTPUT_BYTE_BUFFER_LENGTH = 1000;
    protected final PGPDataEncryptorFactory encryptorFactory;
    protected final PBEDataDecryptorFactory decryptorFactory;
    private static final Base64Codec urlSafeCodec = new Base64UrlSafe();
    private static final Base64Codec standardCodec = new Base64Standard();
    public static final byte[] EMPTY_BYTE_ARRAY = new byte[0];

    /* loaded from: input_file:com/appiancorp/common/crypto/PGPCryptographer$EncryptedOutputStream.class */
    private static class EncryptedOutputStream extends OutputStream {
        private final OutputStream encryptingOutputStream;
        private final Base64OutputStream encodingOutputStream;

        public EncryptedOutputStream(OutputStream outputStream, Base64OutputStream base64OutputStream) {
            this.encryptingOutputStream = outputStream;
            this.encodingOutputStream = base64OutputStream;
        }

        @Override // java.io.OutputStream
        public void write(int i) throws IOException {
            this.encryptingOutputStream.write(i);
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr) throws IOException {
            this.encryptingOutputStream.write(bArr);
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr, int i, int i2) throws IOException {
            this.encryptingOutputStream.write(bArr, i, i2);
        }

        @Override // java.io.OutputStream, java.io.Flushable
        public void flush() throws IOException {
            this.encryptingOutputStream.flush();
        }

        @Override // java.io.OutputStream, java.io.Closeable, java.lang.AutoCloseable
        public void close() throws IOException {
            try {
                this.encryptingOutputStream.close();
            } finally {
                this.encodingOutputStream.close();
            }
        }
    }

    /* loaded from: input_file:com/appiancorp/common/crypto/PGPCryptographer$ValidatingInputStream.class */
    public static class ValidatingInputStream extends FilterInputStream {
        private final PGPEncryptedData pgpEncryptedData;
        private boolean isClosed;

        public ValidatingInputStream(InputStream inputStream, PGPEncryptedData pGPEncryptedData) {
            super(inputStream);
            this.pgpEncryptedData = pGPEncryptedData;
        }

        @Override // java.io.FilterInputStream, java.io.InputStream, java.io.Closeable, java.lang.AutoCloseable
        public void close() throws IOException {
            if (this.isClosed) {
                return;
            }
            super.close();
            this.isClosed = true;
            try {
                if (!this.pgpEncryptedData.verify()) {
                    throw new IOException("Failed to verify encrypted data");
                }
            } catch (PGPException e) {
                throw new IOException((Throwable) e);
            }
        }
    }

    public PGPCryptographer(PGPDataEncryptorFactory pGPDataEncryptorFactory, PBEDataDecryptorFactory pBEDataDecryptorFactory) {
        this.encryptorFactory = pGPDataEncryptorFactory;
        this.decryptorFactory = pBEDataDecryptorFactory;
    }

    public String encrypt(String str) throws Exception {
        return encrypt(str, true);
    }

    public byte[] encrypt(byte[] bArr) throws Exception {
        return encrypt(bArr, true);
    }

    public String decrypt(String str) throws Exception {
        return decrypt(str, true);
    }

    public byte[] decrypt(byte[] bArr) throws Exception {
        return decrypt(bArr, true);
    }

    public OutputStream encryptOutputStream(OutputStream outputStream) throws Exception {
        PGPEncryptedDataGenerator generator = this.encryptorFactory.getGenerator();
        Base64OutputStream base64OutputStream = new Base64OutputStream(outputStream, true, -1, EMPTY_BYTE_ARRAY);
        return new EncryptedOutputStream(generator.open(base64OutputStream, new byte[1000]), base64OutputStream);
    }

    public InputStream decryptInputStream(InputStream inputStream) throws Exception {
        PGPPBEEncryptedData pGPPBEEncryptedData = ((PGPEncryptedDataList) new JcaPGPObjectFactory(new Base64InputStream(inputStream, false, -1, EMPTY_BYTE_ARRAY)).nextObject()).get(0);
        if (pGPPBEEncryptedData.isIntegrityProtected()) {
            return new ValidatingInputStream(pGPPBEEncryptedData.getDataStream(this.decryptorFactory), pGPPBEEncryptedData);
        }
        throw new InvalidCipherTextException("Request rejected: ciphertext is corrupted, missing, or invalid");
    }

    public String encrypt(String str, boolean z) throws Exception {
        if (Strings.isNullOrEmpty(str)) {
            return null;
        }
        PGPEncryptedDataGenerator generator = this.encryptorFactory.getGenerator();
        byte[] bytes = str.getBytes(Charsets.UTF_8);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            OutputStream open = generator.open(byteArrayOutputStream, bytes.length);
            Throwable th = null;
            try {
                try {
                    open.write(bytes);
                    if (open != null) {
                        if (0 != 0) {
                            try {
                                open.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            open.close();
                        }
                    }
                    return getCodec(z).encode(byteArrayOutputStream.toByteArray());
                } finally {
                }
            } finally {
            }
        } finally {
            byteArrayOutputStream.close();
        }
    }

    public byte[] encrypt(byte[] bArr, boolean z) throws Exception {
        if (bArr == null || bArr.length == 0) {
            return null;
        }
        PGPEncryptedDataGenerator generator = this.encryptorFactory.getGenerator();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            OutputStream open = generator.open(byteArrayOutputStream, bArr.length);
            Throwable th = null;
            try {
                open.write(bArr);
                if (open != null) {
                    if (0 != 0) {
                        try {
                            open.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        open.close();
                    }
                }
                return getCodec(z).encodeByteArray(byteArrayOutputStream.toByteArray());
            } finally {
            }
        } finally {
            byteArrayOutputStream.close();
        }
    }

    public String decrypt(String str, boolean z) throws Exception {
        if (Strings.isNullOrEmpty(str)) {
            return null;
        }
        PGPPBEEncryptedData pGPPBEEncryptedData = ((PGPEncryptedDataList) new JcaPGPObjectFactory(getCodec(z).decode(str)).nextObject()).get(0);
        InputStream dataStream = pGPPBEEncryptedData.getDataStream(this.decryptorFactory);
        Throwable th = null;
        try {
            try {
                byte[] byteArray = ByteStreams.toByteArray(dataStream);
                if (dataStream != null) {
                    if (0 != 0) {
                        try {
                            dataStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        dataStream.close();
                    }
                }
                if (pGPPBEEncryptedData.isIntegrityProtected() && pGPPBEEncryptedData.verify()) {
                    return new String(byteArray, Charsets.UTF_8);
                }
                throw new InvalidCipherTextException("Request rejected: ciphertext is corrupted, missing, or invalid");
            } finally {
            }
        } catch (Throwable th3) {
            if (dataStream != null) {
                if (th != null) {
                    try {
                        dataStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    dataStream.close();
                }
            }
            throw th3;
        }
    }

    public byte[] decrypt(byte[] bArr, boolean z) throws Exception {
        if (bArr == null || bArr.length == 0) {
            return null;
        }
        PGPPBEEncryptedData pGPPBEEncryptedData = ((PGPEncryptedDataList) new JcaPGPObjectFactory(getCodec(z).decodeByteArray(bArr)).nextObject()).get(0);
        InputStream dataStream = pGPPBEEncryptedData.getDataStream(this.decryptorFactory);
        Throwable th = null;
        try {
            try {
                byte[] byteArray = ByteStreams.toByteArray(dataStream);
                if (dataStream != null) {
                    if (0 != 0) {
                        try {
                            dataStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        dataStream.close();
                    }
                }
                if (pGPPBEEncryptedData.isIntegrityProtected() && pGPPBEEncryptedData.verify()) {
                    return byteArray;
                }
                throw new InvalidCipherTextException("Request rejected: ciphertext is corrupted, missing, or invalid");
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (dataStream != null) {
                if (th != null) {
                    try {
                        dataStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    dataStream.close();
                }
            }
            throw th4;
        }
    }

    private Base64Codec getCodec(boolean z) {
        return z ? urlSafeCodec : standardCodec;
    }
}
