package org.pgpainless.signature;

import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPKeyRing;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.PGPSignatureList;
import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.algorithm.SignatureType;
import org.pgpainless.implementation.ImplementationFactory;
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;

/* loaded from: input_file:org/pgpainless/signature/SelectSignatureFromKey.class */
public abstract class SelectSignatureFromKey {
    private static final Logger LOGGER = Logger.getLogger(SelectSignatureFromKey.class.getName());

    public abstract boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey, PGPKeyRing pGPKeyRing);

    public List<PGPSignature> select(List<PGPSignature> list, PGPPublicKey pGPPublicKey, PGPKeyRing pGPKeyRing) {
        ArrayList arrayList = new ArrayList();
        for (PGPSignature pGPSignature : list) {
            if (accept(pGPSignature, pGPPublicKey, pGPKeyRing)) {
                arrayList.add(pGPSignature);
            }
        }
        return arrayList;
    }

    public static SelectSignatureFromKey isValidAt(final Date date) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.1
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey, PGPKeyRing pGPKeyRing) {
                Date signatureExpirationDate = SignatureUtils.getSignatureExpirationDate(pGPSignature);
                return !pGPSignature.getCreationTime().after(date) && (signatureExpirationDate == null || signatureExpirationDate.after(date));
            }
        };
    }

    public static SelectSignatureFromKey isValidSubkeyBindingSignature(final PGPPublicKey pGPPublicKey, final PGPPublicKey pGPPublicKey2) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.2
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey3, PGPKeyRing pGPKeyRing) {
                if (!isOfType(SignatureType.SUBKEY_BINDING).accept(pGPSignature, pGPPublicKey3, pGPKeyRing) || pGPSignature.getKeyID() != pGPPublicKey.getKeyID()) {
                    return false;
                }
                if (!isSigNotExpired().accept(pGPSignature, pGPPublicKey2, pGPKeyRing)) {
                    SelectSignatureFromKey.LOGGER.log(Level.INFO, "Subkey binding signature expired.");
                    return false;
                }
                try {
                    pGPSignature.init(ImplementationFactory.getInstance().getPGPContentVerifierBuilderProvider(), pGPPublicKey);
                    if (!pGPSignature.verifyCertification(pGPPublicKey, pGPPublicKey2)) {
                        return false;
                    }
                    List<KeyFlag> fromBitmask = KeyFlag.fromBitmask(pGPSignature.getHashedSubPackets().getKeyFlags());
                    if (!(fromBitmask.contains(KeyFlag.SIGN_DATA) || fromBitmask.contains(KeyFlag.CERTIFY_OTHER)) || hasValidPrimaryKeyBindingSignatureSubpacket(pGPPublicKey2, pGPPublicKey).accept(pGPSignature, pGPPublicKey2, pGPKeyRing)) {
                        return true;
                    }
                    SelectSignatureFromKey.LOGGER.log(Level.INFO, "Subkey binding signature on signing key does not carry valid primary key binding signature.");
                    return false;
                } catch (PGPException e) {
                    SelectSignatureFromKey.LOGGER.log(Level.INFO, "Verification of subkey binding signature failed.", e);
                    return false;
                }
            }
        };
    }

    public static SelectSignatureFromKey isValidPrimaryKeyBindingSignature(final PGPPublicKey pGPPublicKey, final PGPPublicKey pGPPublicKey2) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.3
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey3, PGPKeyRing pGPKeyRing) {
                if (!isVersion4Signature().accept(pGPSignature, pGPPublicKey3, pGPKeyRing) || !isOfType(SignatureType.PRIMARYKEY_BINDING).accept(pGPSignature, pGPPublicKey3, pGPKeyRing) || pGPSignature.getKeyID() != pGPPublicKey.getKeyID()) {
                    return false;
                }
                if (!isSigNotExpired().accept(pGPSignature, pGPPublicKey2, pGPKeyRing)) {
                    SelectSignatureFromKey.LOGGER.log(Level.INFO, "Primary key binding signature expired.");
                    return false;
                }
                try {
                    pGPSignature.init(ImplementationFactory.getInstance().getPGPContentVerifierBuilderProvider(), pGPPublicKey);
                    return pGPSignature.verifyCertification(pGPPublicKey2, pGPPublicKey);
                } catch (PGPException e) {
                    return false;
                }
            }
        };
    }

    public static SelectSignatureFromKey hasValidPrimaryKeyBindingSignatureSubpacket(final PGPPublicKey pGPPublicKey, final PGPPublicKey pGPPublicKey2) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.4
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey3, PGPKeyRing pGPKeyRing) {
                try {
                    PGPSignatureList embeddedSignature = SignatureSubpacketsUtil.getEmbeddedSignature(pGPSignature);
                    if (embeddedSignature != null) {
                        Iterator it = embeddedSignature.iterator();
                        while (it.hasNext()) {
                            if (isValidPrimaryKeyBindingSignature(pGPPublicKey, pGPPublicKey2).accept((PGPSignature) it.next(), pGPPublicKey, pGPKeyRing)) {
                                return true;
                            }
                        }
                    }
                    return false;
                } catch (PGPException e) {
                    SelectSignatureFromKey.LOGGER.log(Level.WARNING, "Cannot parse embedded signatures:", e);
                    return false;
                }
            }
        };
    }

    public static SelectSignatureFromKey isValidDirectKeySignature(final PGPPublicKey pGPPublicKey, final PGPPublicKey pGPPublicKey2) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.5
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey3, PGPKeyRing pGPKeyRing) {
                if (!isVersion4Signature().accept(pGPSignature, pGPPublicKey3, pGPKeyRing) || !isOfType(SignatureType.DIRECT_KEY).accept(pGPSignature, pGPPublicKey3, pGPKeyRing)) {
                    return false;
                }
                try {
                    pGPSignature.init(ImplementationFactory.getInstance().getPGPContentVerifierBuilderProvider(), pGPPublicKey);
                    return pGPSignature.verifyCertification(pGPPublicKey2);
                } catch (PGPException e) {
                    return false;
                }
            }
        };
    }

    public static SelectSignatureFromKey isValidKeyRevocationSignature(PGPPublicKey pGPPublicKey) {
        return and(isVersion4Signature(), isOfType(SignatureType.KEY_REVOCATION), isCreatedBy(pGPPublicKey), isWellFormed(), doesNotPredateKeyCreationDate(pGPPublicKey), isVerifyingSignatureOnKey(pGPPublicKey, pGPPublicKey));
    }

    public static SelectSignatureFromKey isValidSubkeyRevocationSignature() {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.6
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey, PGPKeyRing pGPKeyRing) {
                return isValidSubkeyRevocationSignature(pGPPublicKey, pGPKeyRing.getPublicKey()).accept(pGPSignature, pGPPublicKey, pGPKeyRing);
            }
        };
    }

    public static SelectSignatureFromKey isValidSubkeyRevocationSignature(PGPPublicKey pGPPublicKey, PGPPublicKey pGPPublicKey2) {
        return and(isVersion4Signature(), isOfType(SignatureType.SUBKEY_REVOCATION), isCreatedBy(pGPPublicKey2), isVerifyingSignatureOnKeys(pGPPublicKey2, pGPPublicKey, pGPPublicKey2));
    }

    public static SelectSignatureFromKey isValidCertificationRevocationSignature(PGPPublicKey pGPPublicKey, String str) {
        return and(isVersion4Signature(), isCreatedBy(pGPPublicKey), isOfType(SignatureType.CERTIFICATION_REVOCATION), isValidSignatureOnUserId(str, pGPPublicKey));
    }

    public static SelectSignatureFromKey isValidSignatureOnUserId(final String str, final PGPPublicKey pGPPublicKey) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.7
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey2, PGPKeyRing pGPKeyRing) {
                try {
                    pGPSignature.init(ImplementationFactory.getInstance().getPGPContentVerifierBuilderProvider(), pGPPublicKey);
                    return pGPSignature.verifyCertification(str, pGPPublicKey2);
                } catch (PGPException e) {
                    SelectSignatureFromKey.LOGGER.log(Level.INFO, "Verification of signature on userID " + str + " failed.", e);
                    return false;
                }
            }
        };
    }

    public static SelectSignatureFromKey isVerifyingSignatureOnKey(final PGPPublicKey pGPPublicKey, final PGPPublicKey pGPPublicKey2) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.8
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey3, PGPKeyRing pGPKeyRing) {
                try {
                    pGPSignature.init(ImplementationFactory.getInstance().getPGPContentVerifierBuilderProvider(), pGPPublicKey2);
                    return pGPSignature.verifyCertification(pGPPublicKey);
                } catch (PGPException e) {
                    SelectSignatureFromKey.LOGGER.log(Level.INFO, "Signature verification failed.", e);
                    return false;
                }
            }
        };
    }

    public static SelectSignatureFromKey isVerifyingSignatureOnKeys(final PGPPublicKey pGPPublicKey, final PGPPublicKey pGPPublicKey2, final PGPPublicKey pGPPublicKey3) {
        if (pGPPublicKey3.getKeyID() == pGPPublicKey.getKeyID() || pGPPublicKey3.getKeyID() == pGPPublicKey2.getKeyID()) {
            return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.9
                @Override // org.pgpainless.signature.SelectSignatureFromKey
                public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey4, PGPKeyRing pGPKeyRing) {
                    try {
                        pGPSignature.init(ImplementationFactory.getInstance().getPGPContentVerifierBuilderProvider(), pGPPublicKey3);
                        return pGPSignature.verifyCertification(pGPPublicKey, pGPPublicKey2);
                    } catch (PGPException e) {
                        SelectSignatureFromKey.LOGGER.log(Level.INFO, "Verification of " + SignatureType.valueOf(pGPSignature.getSignatureType()) + " signature failed.", e);
                        return false;
                    }
                }
            };
        }
        throw new IllegalArgumentException("Signing key MUST be either the primary or subkey.");
    }

    public static SelectSignatureFromKey isCertification() {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.10
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey, PGPKeyRing pGPKeyRing) {
                return pGPSignature.isCertification();
            }
        };
    }

    public static SelectSignatureFromKey isWellFormed() {
        return and(hasCreationTimeSubpacket(), doesNotPredateKeyCreationDate());
    }

    public static SelectSignatureFromKey isVersion4Signature() {
        return isVersion(4);
    }

    public static SelectSignatureFromKey hasCreationTimeSubpacket() {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.11
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey, PGPKeyRing pGPKeyRing) {
                return pGPSignature.getHashedSubPackets().getSignatureCreationTime() != null;
            }
        };
    }

    public static SelectSignatureFromKey isCreatedBy(PGPPublicKey pGPPublicKey) {
        return isCreatedBy(pGPPublicKey.getKeyID());
    }

    public static SelectSignatureFromKey isCreatedBy(final long j) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.12
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey, PGPKeyRing pGPKeyRing) {
                return pGPSignature.getKeyID() == j;
            }
        };
    }

    public static SelectSignatureFromKey isSigNotExpired() {
        return isSigNotExpired(new Date());
    }

    public static SelectSignatureFromKey isSigNotExpired(final Date date) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.13
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey, PGPKeyRing pGPKeyRing) {
                return !SignatureUtils.isSignatureExpired(pGPSignature, date);
            }
        };
    }

    public static SelectSignatureFromKey doesNotPredateKeyCreationDate() {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.14
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey, PGPKeyRing pGPKeyRing) {
                PGPPublicKey publicKey = pGPKeyRing.getPublicKey(pGPSignature.getKeyID());
                if (publicKey == null) {
                    return false;
                }
                return doesNotPredateKeyCreationDate(publicKey).accept(pGPSignature, pGPPublicKey, pGPKeyRing);
            }
        };
    }

    public static SelectSignatureFromKey doesNotPredateKeyCreationDate(final PGPPublicKey pGPPublicKey) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.15
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey2, PGPKeyRing pGPKeyRing) {
                return !pGPSignature.getCreationTime().before(pGPPublicKey.getCreationTime());
            }
        };
    }

    public static SelectSignatureFromKey isVersion(final int i) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.16
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey, PGPKeyRing pGPKeyRing) {
                return pGPSignature.getVersion() == i;
            }
        };
    }

    public static SelectSignatureFromKey isOfType(final SignatureType signatureType) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.17
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey, PGPKeyRing pGPKeyRing) {
                return pGPSignature.getSignatureType() == SignatureType.this.getCode();
            }
        };
    }

    public static SelectSignatureFromKey and(final SelectSignatureFromKey... selectSignatureFromKeyArr) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.18
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey, PGPKeyRing pGPKeyRing) {
                for (SelectSignatureFromKey selectSignatureFromKey : selectSignatureFromKeyArr) {
                    if (!selectSignatureFromKey.accept(pGPSignature, pGPPublicKey, pGPKeyRing)) {
                        return false;
                    }
                }
                return true;
            }
        };
    }

    public static SelectSignatureFromKey or(final SelectSignatureFromKey... selectSignatureFromKeyArr) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.19
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey, PGPKeyRing pGPKeyRing) {
                boolean z = false;
                for (SelectSignatureFromKey selectSignatureFromKey : selectSignatureFromKeyArr) {
                    z |= selectSignatureFromKey.accept(pGPSignature, pGPPublicKey, pGPKeyRing);
                }
                return z;
            }
        };
    }

    public static SelectSignatureFromKey not(SelectSignatureFromKey selectSignatureFromKey) {
        return new SelectSignatureFromKey() { // from class: org.pgpainless.signature.SelectSignatureFromKey.20
            @Override // org.pgpainless.signature.SelectSignatureFromKey
            public boolean accept(PGPSignature pGPSignature, PGPPublicKey pGPPublicKey, PGPKeyRing pGPKeyRing) {
                return !SelectSignatureFromKey.this.accept(pGPSignature, pGPPublicKey, pGPKeyRing);
            }
        };
    }
}
