package org.kohsuke.maven.pgp;

import java.io.File;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Iterator;
import org.apache.maven.artifact.Artifact;
import org.apache.maven.artifact.DefaultArtifact;
import org.apache.maven.artifact.handler.DefaultArtifactHandler;
import org.apache.maven.artifact.versioning.VersionRange;
import org.apache.maven.plugin.AbstractMojo;
import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.project.MavenProject;
import org.apache.maven.project.MavenProjectHelper;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.codehaus.plexus.PlexusContainer;
import org.codehaus.plexus.component.repository.exception.ComponentLookupException;
import org.codehaus.plexus.util.FileUtils;

/* loaded from: input_file:org/kohsuke/maven/pgp/PgpMojo.class */
public class PgpMojo extends AbstractMojo {
    public String secretkey;
    public String passphrase;
    private boolean skip;
    public MavenProject project;
    public MavenProjectHelper projectHelper;
    public PlexusContainer container;
    private File outputDirectory;

    public void execute() throws MojoExecutionException {
        if (this.skip) {
            return;
        }
        ArrayList arrayList = new ArrayList(this.project.getAttachedArtifacts());
        PGPSecretKey loadSecretKey = loadSecretKey();
        Signer signer = new Signer(loadSecretKey, loadPassPhrase(loadSecretKey).toCharArray());
        if (!"pom".equals(this.project.getPackaging())) {
            sign(signer, this.project.getArtifact());
        }
        File file = new File(this.project.getBuild().getDirectory(), this.project.getBuild().getFinalName() + ".pom");
        try {
            FileUtils.copyFile(this.project.getFile(), file);
            getLog().debug("Generating signature for " + file);
            DefaultArtifact defaultArtifact = new DefaultArtifact(this.project.getGroupId(), this.project.getArtifactId(), VersionRange.createFromVersion(this.project.getVersion()), (String) null, "pom", (String) null, new DefaultArtifactHandler("pom"));
            defaultArtifact.setFile(file);
            sign(signer, defaultArtifact);
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                sign(signer, (Artifact) it.next());
            }
        } catch (IOException e) {
            throw new MojoExecutionException("Error copying POM for signing.", e);
        }
    }

    public PGPSecretKey loadSecretKey() throws MojoExecutionException {
        if (this.secretkey == null) {
            this.secretkey = System.getenv("PGP_SECRETKEY");
        }
        if (this.secretkey == null) {
            throw new MojoExecutionException("No PGP secret key is configured. Either do so in POM, or via -Dpgp.secretkey, or the PGP_SECRETKEY environment variable");
        }
        int indexOf = this.secretkey.indexOf(58);
        if (indexOf < 0) {
            throw new MojoExecutionException("Invalid secret key string. It needs to start with a scheme like 'FOO:': " + this.secretkey);
        }
        String substring = this.secretkey.substring(0, indexOf);
        try {
            return ((SecretKeyLoader) this.container.lookup(SecretKeyLoader.class.getName(), substring)).load(this, this.secretkey.substring(indexOf + 1));
        } catch (ComponentLookupException e) {
            throw new MojoExecutionException("Invalid secret key scheme '" + substring + "'. If this is your custom scheme, perhaps you forgot to specify it in <dependency> to this plugin?", e);
        } catch (IOException e2) {
            throw new MojoExecutionException("Failed to load key from " + this.secretkey, e2);
        }
    }

    public String loadPassPhrase(PGPSecretKey pGPSecretKey) throws MojoExecutionException {
        if (this.passphrase == null) {
            this.passphrase = System.getenv("PGP_PASSPHRASE");
        }
        if (this.passphrase == null) {
            throw new MojoExecutionException("No PGP passphrase is configured. Either do so in POM, or via -Dpgp.passphrase, or the PGP_PASSPHRASE environment variable");
        }
        int indexOf = this.passphrase.indexOf(58);
        if (indexOf < 0) {
            throw new MojoExecutionException("Invalid passphrase string. It needs to start with a scheme like 'FOO:': " + this.passphrase);
        }
        String substring = this.passphrase.substring(0, indexOf);
        try {
            return ((PassphraseLoader) this.container.lookup(PassphraseLoader.class.getName(), substring)).load(this, pGPSecretKey, this.passphrase.substring(indexOf + 1));
        } catch (IOException e) {
            throw new MojoExecutionException("Failed to load passphrase from " + this.passphrase, e);
        } catch (ComponentLookupException e2) {
            throw new MojoExecutionException("Invalid pass phrase scheme '" + substring + "'. If this is your custom scheme, perhaps you forgot to specify it in <dependency> to this plugin?", e2);
        }
    }

    protected void sign(Signer signer, Artifact artifact) throws MojoExecutionException {
        File file = new File(this.outputDirectory, artifact.getFile().getName() + ".asc");
        try {
            signer.sign(artifact.getFile(), file);
            this.projectHelper.attachArtifact(this.project, artifact.getArtifactHandler().getExtension() + ".asc", artifact.getClassifier(), file);
        } catch (IOException e) {
            throw new MojoExecutionException("Failed to sign " + artifact.getFile(), e);
        } catch (GeneralSecurityException e2) {
            throw new MojoExecutionException("Failed to sign " + artifact.getFile(), e2);
        } catch (PGPException e3) {
            throw new MojoExecutionException("Failed to sign " + artifact.getFile(), e3);
        }
    }
}
