package de.sep.sesam.server.utils.encrypt;

import de.sep.sesam.common.ini.SesamIni;
import de.sep.sesam.rest.exceptions.OperationNotPossibleException;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.security.SecureRandom;
import java.util.Date;
import java.util.Iterator;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.openpgp.PGPEncryptedDataGenerator;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPLiteralDataGenerator;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
import org.bouncycastle.openpgp.PGPUtil;
import org.bouncycastle.openpgp.operator.bc.BcPGPDataEncryptorBuilder;
import org.bouncycastle.openpgp.operator.bc.BcPublicKeyKeyEncryptionMethodGenerator;
import org.bouncycastle.openpgp.operator.jcajce.JcaKeyFingerprintCalculator;

/* loaded from: input_file:de/sep/sesam/server/utils/encrypt/EncryptUtils.class */
public class EncryptUtils {
    static final /* synthetic */ boolean $assertionsDisabled;

    public static boolean encryptAndWriteFile(File file, String str) throws OperationNotPossibleException {
        try {
            Files.write(Path.of(file.getAbsolutePath(), new String[0]), encrypt(str.getBytes(StandardCharsets.UTF_8)), new OpenOption[0]);
            return true;
        } catch (IOException | PGPException e) {
            throw new OperationNotPossibleException(OperationNotPossibleException.ONPMessage.NOT_WRITEABLE, file.getName(), e.getMessage());
        }
    }

    public static boolean encryptAndWriteFile(File file, byte[] bArr) throws OperationNotPossibleException {
        try {
            Files.write(Path.of(file.getAbsolutePath(), new String[0]), encrypt(bArr), new OpenOption[0]);
            return true;
        } catch (IOException | PGPException e) {
            throw new OperationNotPossibleException(OperationNotPossibleException.ONPMessage.NOT_WRITEABLE, file.getName(), e.getMessage());
        }
    }

    private static byte[] encrypt(byte[] bArr) throws IOException, PGPException, OperationNotPossibleException {
        PGPEncryptedDataGenerator pGPEncryptedDataGenerator = new PGPEncryptedDataGenerator(new BcPGPDataEncryptorBuilder(1).setWithIntegrityPacket(true).setSecureRandom(new SecureRandom()));
        File resolveKeyFile = resolveKeyFile();
        if (!$assertionsDisabled && resolveKeyFile == null) {
            throw new AssertionError();
        }
        PGPPublicKey readPublicKey = resolveKeyFile.canRead() ? readPublicKey(resolveKeyFile) : null;
        if (readPublicKey == null) {
            throw new OperationNotPossibleException(OperationNotPossibleException.ONPMessage.NOT_READABLE, resolveKeyFile.getName(), "Not found or permission denied");
        }
        pGPEncryptedDataGenerator.addMethod(new BcPublicKeyKeyEncryptionMethodGenerator(readPublicKey));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        OutputStream open = pGPEncryptedDataGenerator.open(byteArrayOutputStream, new byte[4096]);
        OutputStream open2 = new PGPLiteralDataGenerator().open(open, 'b', "_CONSOLE", bArr.length, new Date());
        open2.write(bArr);
        open2.close();
        open.close();
        return byteArrayOutputStream.toByteArray();
    }

    private static File resolveKeyFile() {
        return StringUtils.isNotBlank(System.getProperty("sesam.unittest.encryptAndWriteFile")) ? new File(System.getProperty("sesam.unittest.encryptAndWriteFile")) : new File(SesamIni.getInstance().get("PATHES", "gv_ro"), File.separator + "skel" + File.separator + "sep-gpg.key");
    }

    private static PGPPublicKey readPublicKey(File file) {
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                Iterator<PGPPublicKeyRing> keyRings = new PGPPublicKeyRingCollection(PGPUtil.getDecoderStream(fileInputStream), new JcaKeyFingerprintCalculator()).getKeyRings();
                while (keyRings.hasNext()) {
                    Iterator<PGPPublicKey> publicKeys = keyRings.next().getPublicKeys();
                    while (publicKeys.hasNext()) {
                        PGPPublicKey next = publicKeys.next();
                        if (next.isEncryptionKey()) {
                            fileInputStream.close();
                            return next;
                        }
                    }
                }
                fileInputStream.close();
                return null;
            } catch (PGPException e) {
                fileInputStream.close();
                return null;
            } catch (Throwable th) {
                try {
                    fileInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } catch (IOException e2) {
            return null;
        }
    }

    static {
        $assertionsDisabled = !EncryptUtils.class.desiredAssertionStatus();
    }
}
