package org.pgpainless.key.modification.secretkeyring;

import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.NoSuchElementException;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPKeyPair;
import org.bouncycastle.openpgp.PGPKeyRingGenerator;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.PGPSignatureGenerator;
import org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator;
import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor;
import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
import org.pgpainless.algorithm.HashAlgorithm;
import org.pgpainless.algorithm.SignatureType;
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
import org.pgpainless.implementation.ImplementationFactory;
import org.pgpainless.key.OpenPgpV4Fingerprint;
import org.pgpainless.key.generation.KeyRingBuilder;
import org.pgpainless.key.generation.KeySpec;
import org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface;
import org.pgpainless.key.protection.CachingSecretKeyRingProtector;
import org.pgpainless.key.protection.KeyRingProtectionSettings;
import org.pgpainless.key.protection.PasswordBasedSecretKeyRingProtector;
import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.key.protection.UnlockSecretKey;
import org.pgpainless.key.protection.UnprotectedKeysProtector;
import org.pgpainless.key.protection.passphrase_provider.SolitaryPassphraseProvider;
import org.pgpainless.key.util.KeyRingUtils;
import org.pgpainless.key.util.RevocationAttributes;
import org.pgpainless.signature.SignatureUtils;
import org.pgpainless.signature.subpackets.SignatureSubpacketGeneratorUtil;
import org.pgpainless.util.CollectionUtils;
import org.pgpainless.util.Passphrase;
import org.pgpainless.util.selection.userid.SelectUserId;

/* loaded from: input_file:org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.class */
public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
    private final HashAlgorithm defaultDigestHashAlgorithm = HashAlgorithm.SHA1;
    private PGPSecretKeyRing secretKeyRing;

    /* loaded from: input_file:org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor$WithKeyRingEncryptionSettingsImpl.class */
    private final class WithKeyRingEncryptionSettingsImpl implements SecretKeyRingEditorInterface.WithKeyRingEncryptionSettings {
        private final Long keyId;
        private final SecretKeyRingProtector oldProtector;

        private WithKeyRingEncryptionSettingsImpl(Long l, SecretKeyRingProtector secretKeyRingProtector) {
            this.keyId = l;
            this.oldProtector = secretKeyRingProtector;
        }

        @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface.WithKeyRingEncryptionSettings
        public SecretKeyRingEditorInterface.WithPassphrase withSecureDefaultSettings() {
            return withCustomSettings(KeyRingProtectionSettings.secureDefaultSettings());
        }

        @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface.WithKeyRingEncryptionSettings
        public SecretKeyRingEditorInterface.WithPassphrase withCustomSettings(KeyRingProtectionSettings keyRingProtectionSettings) {
            return new WithPassphraseImpl(this.keyId, this.oldProtector, keyRingProtectionSettings);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor$WithPassphraseImpl.class */
    public final class WithPassphraseImpl implements SecretKeyRingEditorInterface.WithPassphrase {
        private final SecretKeyRingProtector oldProtector;
        private final KeyRingProtectionSettings newProtectionSettings;
        private final Long keyId;

        private WithPassphraseImpl(Long l, SecretKeyRingProtector secretKeyRingProtector, KeyRingProtectionSettings keyRingProtectionSettings) {
            this.keyId = l;
            this.oldProtector = secretKeyRingProtector;
            this.newProtectionSettings = keyRingProtectionSettings;
        }

        @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface.WithPassphrase
        public SecretKeyRingEditorInterface toNewPassphrase(Passphrase passphrase) throws PGPException {
            SecretKeyRingEditor.this.secretKeyRing = SecretKeyRingEditor.this.changePassphrase(this.keyId, SecretKeyRingEditor.this.secretKeyRing, this.oldProtector, new PasswordBasedSecretKeyRingProtector(this.newProtectionSettings, new SolitaryPassphraseProvider(passphrase)));
            return SecretKeyRingEditor.this;
        }

        @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface.WithPassphrase
        public SecretKeyRingEditorInterface toNoPassphrase() throws PGPException {
            SecretKeyRingEditor.this.secretKeyRing = SecretKeyRingEditor.this.changePassphrase(this.keyId, SecretKeyRingEditor.this.secretKeyRing, this.oldProtector, new UnprotectedKeysProtector());
            return SecretKeyRingEditor.this;
        }
    }

    public SecretKeyRingEditor(PGPSecretKeyRing pGPSecretKeyRing) {
        if (pGPSecretKeyRing == null) {
            throw new NullPointerException("SecretKeyRing MUST NOT be null.");
        }
        this.secretKeyRing = pGPSecretKeyRing;
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface addUserId(String str, SecretKeyRingProtector secretKeyRingProtector) throws PGPException {
        String sanitizeUserId = sanitizeUserId(str);
        ArrayList arrayList = new ArrayList();
        Iterator<PGPSecretKey> secretKeys = this.secretKeyRing.getSecretKeys();
        PGPSecretKey next = secretKeys.next();
        arrayList.add(PGPSecretKey.replacePublicKey(next, addUserIdToPubKey(sanitizeUserId, UnlockSecretKey.unlockSecretKey(next, secretKeyRingProtector), next.getPublicKey())));
        while (secretKeys.hasNext()) {
            arrayList.add(secretKeys.next());
        }
        this.secretKeyRing = new PGPSecretKeyRing(arrayList);
        return this;
    }

    private static PGPPublicKey addUserIdToPubKey(String str, PGPPrivateKey pGPPrivateKey, PGPPublicKey pGPPublicKey) throws PGPException {
        if (pGPPrivateKey.getKeyID() != pGPPublicKey.getKeyID()) {
            throw new IllegalArgumentException("Key-ID mismatch!");
        }
        PGPSignatureGenerator signatureGeneratorFor = SignatureUtils.getSignatureGeneratorFor(pGPPublicKey);
        signatureGeneratorFor.init(SignatureType.POSITIVE_CERTIFICATION.getCode(), pGPPrivateKey);
        return PGPPublicKey.addCertification(pGPPublicKey, str, signatureGeneratorFor.generateCertification(str, pGPPublicKey));
    }

    private String sanitizeUserId(String str) {
        return str.trim();
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface deleteUserId(String str, SecretKeyRingProtector secretKeyRingProtector) {
        return deleteUserIds(SelectUserId.exactMatch(str), secretKeyRingProtector);
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface deleteUserIds(SelectUserId selectUserId, SecretKeyRingProtector secretKeyRingProtector) {
        ArrayList arrayList = new ArrayList();
        Iterator<PGPPublicKey> publicKeys = this.secretKeyRing.getPublicKeys();
        PGPPublicKey next = publicKeys.next();
        List<String> selectUserIds = selectUserId.selectUserIds(CollectionUtils.iteratorToList(next.getUserIDs()));
        if (selectUserIds.isEmpty()) {
            throw new NoSuchElementException("Key does not have a matching user-id attribute.");
        }
        Iterator<String> it = selectUserIds.iterator();
        while (it.hasNext()) {
            next = PGPPublicKey.removeCertification(next, it.next());
        }
        arrayList.add(next);
        while (publicKeys.hasNext()) {
            arrayList.add(publicKeys.next());
        }
        this.secretKeyRing = PGPSecretKeyRing.replacePublicKeys(this.secretKeyRing, new PGPPublicKeyRing(arrayList));
        return this;
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface addSubKey(@Nonnull KeySpec keySpec, @Nonnull Passphrase passphrase, SecretKeyRingProtector secretKeyRingProtector) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
        PGPSecretKey generateSubKey = generateSubKey(keySpec, passphrase);
        return addSubKey(generateSubKey, PasswordBasedSecretKeyRingProtector.forKey(generateSubKey, passphrase), secretKeyRingProtector);
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface addSubKey(PGPSecretKey pGPSecretKey, SecretKeyRingProtector secretKeyRingProtector, SecretKeyRingProtector secretKeyRingProtector2) throws PGPException {
        PGPPublicKey publicKey = this.secretKeyRing.getSecretKey().getPublicKey();
        PBESecretKeyDecryptor decryptor = secretKeyRingProtector2.getDecryptor(Long.valueOf(publicKey.getKeyID()));
        PBESecretKeyEncryptor encryptor = secretKeyRingProtector.getEncryptor(Long.valueOf(pGPSecretKey.getKeyID()));
        PGPDigestCalculator pGPDigestCalculator = ImplementationFactory.getInstance().getPGPDigestCalculator(this.defaultDigestHashAlgorithm);
        PGPContentSignerBuilder pGPContentSignerBuilder = ImplementationFactory.getInstance().getPGPContentSignerBuilder(publicKey.getAlgorithm(), HashAlgorithm.SHA256.getAlgorithmId());
        PGPKeyPair pGPKeyPair = new PGPKeyPair(pGPSecretKey.getPublicKey(), UnlockSecretKey.unlockSecretKey(pGPSecretKey, secretKeyRingProtector));
        PGPKeyRingGenerator pGPKeyRingGenerator = new PGPKeyRingGenerator(this.secretKeyRing, decryptor, pGPDigestCalculator, pGPContentSignerBuilder, encryptor);
        pGPKeyRingGenerator.addSubKey(pGPKeyPair);
        this.secretKeyRing = pGPKeyRingGenerator.generateSecretKeyRing();
        return this;
    }

    private PGPSecretKey generateSubKey(@Nonnull KeySpec keySpec, @Nonnull Passphrase passphrase) throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
        PGPDigestCalculator pGPDigestCalculator = ImplementationFactory.getInstance().getPGPDigestCalculator(this.defaultDigestHashAlgorithm);
        PBESecretKeyEncryptor pBESecretKeyEncryptor = passphrase.isEmpty() ? null : ImplementationFactory.getInstance().getPBESecretKeyEncryptor(SymmetricKeyAlgorithm.AES_256, passphrase);
        PGPKeyPair generateKeyPair = KeyRingBuilder.generateKeyPair(keySpec);
        return new PGPSecretKey(generateKeyPair.getPrivateKey(), generateKeyPair.getPublicKey(), pGPDigestCalculator, false, pBESecretKeyEncryptor);
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface deleteSubKey(OpenPgpV4Fingerprint openPgpV4Fingerprint, SecretKeyRingProtector secretKeyRingProtector) {
        return deleteSubKey(openPgpV4Fingerprint.getKeyId(), secretKeyRingProtector);
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface deleteSubKey(long j, SecretKeyRingProtector secretKeyRingProtector) {
        if (this.secretKeyRing.getSecretKey().getKeyID() == j) {
            throw new IllegalArgumentException("You cannot delete the primary key of this key ring.");
        }
        PGPSecretKey secretKey = this.secretKeyRing.getSecretKey(j);
        if (secretKey == null) {
            throw new NoSuchElementException("KeyRing does not contain a key with keyId " + Long.toHexString(j));
        }
        this.secretKeyRing = PGPSecretKeyRing.removeSecretKey(this.secretKeyRing, secretKey);
        return this;
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface revoke(SecretKeyRingProtector secretKeyRingProtector, RevocationAttributes revocationAttributes) throws PGPException {
        return revokeSubKey(this.secretKeyRing.getSecretKey().getKeyID(), secretKeyRingProtector, revocationAttributes);
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface revokeSubKey(OpenPgpV4Fingerprint openPgpV4Fingerprint, SecretKeyRingProtector secretKeyRingProtector, RevocationAttributes revocationAttributes) throws PGPException {
        return revokeSubKey(openPgpV4Fingerprint.getKeyId(), secretKeyRingProtector, revocationAttributes);
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface revokeSubKey(long j, SecretKeyRingProtector secretKeyRingProtector, RevocationAttributes revocationAttributes) throws PGPException {
        PGPPublicKey publicKey = this.secretKeyRing.getPublicKey(j);
        if (publicKey == null) {
            throw new NoSuchElementException("No subkey with id " + Long.toHexString(j) + " found.");
        }
        this.secretKeyRing = revokeSubKey(secretKeyRingProtector, publicKey, revocationAttributes);
        return this;
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface revokeUserId(String str, SecretKeyRingProtector secretKeyRingProtector, RevocationAttributes revocationAttributes) throws PGPException {
        Iterator<String> userIDs = this.secretKeyRing.getPublicKey().getUserIDs();
        boolean z = false;
        while (true) {
            if (!userIDs.hasNext()) {
                break;
            }
            if (str.equals(userIDs.next())) {
                z = true;
                break;
            }
        }
        if (z) {
            return doRevokeUserId(str, secretKeyRingProtector, revocationAttributes);
        }
        throw new NoSuchElementException("No user-id '" + str + "' found on the key.");
    }

    private SecretKeyRingEditorInterface doRevokeUserId(String str, SecretKeyRingProtector secretKeyRingProtector, RevocationAttributes revocationAttributes) throws PGPException {
        PGPSecretKey secretKey = this.secretKeyRing.getSecretKey();
        PGPPublicKey publicKey = secretKey.getPublicKey();
        PGPPrivateKey unlockSecretKey = UnlockSecretKey.unlockSecretKey(secretKey, secretKeyRingProtector);
        PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator = new PGPSignatureSubpacketGenerator();
        pGPSignatureSubpacketGenerator.setSignatureCreationTime(false, new Date());
        pGPSignatureSubpacketGenerator.setRevocable(false, false);
        pGPSignatureSubpacketGenerator.setIssuerFingerprint(false, secretKey);
        if (revocationAttributes != null) {
            RevocationAttributes.Reason reason = revocationAttributes.getReason();
            if (reason != RevocationAttributes.Reason.NO_REASON && reason != RevocationAttributes.Reason.USER_ID_NO_LONGER_VALID) {
                throw new IllegalArgumentException("Revocation reason must either be NO_REASON or USER_ID_NO_LONGER_VALID");
            }
            pGPSignatureSubpacketGenerator.setRevocationReason(false, revocationAttributes.getReason().code(), revocationAttributes.getDescription());
        }
        PGPSignatureGenerator signatureGeneratorFor = SignatureUtils.getSignatureGeneratorFor(secretKey);
        signatureGeneratorFor.setHashedSubpackets(pGPSignatureSubpacketGenerator.generate());
        signatureGeneratorFor.init(SignatureType.CERTIFICATION_REVOCATION.getCode(), unlockSecretKey);
        this.secretKeyRing = PGPSecretKeyRing.replacePublicKeys(this.secretKeyRing, PGPPublicKeyRing.insertPublicKey(KeyRingUtils.publicKeyRingFrom(this.secretKeyRing), PGPPublicKey.addCertification(publicKey, str, signatureGeneratorFor.generateCertification(str, publicKey))));
        return this;
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface setExpirationDate(Date date, SecretKeyRingProtector secretKeyRingProtector) throws PGPException {
        return setExpirationDate(new OpenPgpV4Fingerprint(this.secretKeyRing), date, secretKeyRingProtector);
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface setExpirationDate(OpenPgpV4Fingerprint openPgpV4Fingerprint, Date date, SecretKeyRingProtector secretKeyRingProtector) throws PGPException {
        ArrayList arrayList = new ArrayList();
        PGPSecretKey secretKey = this.secretKeyRing.getSecretKey();
        if (!secretKey.isMasterKey()) {
            throw new IllegalArgumentException("Key Ring does not appear to contain a primary secret key.");
        }
        boolean z = false;
        Iterator<PGPSecretKey> it = this.secretKeyRing.iterator();
        while (it.hasNext()) {
            PGPSecretKey next = it.next();
            if (next.getKeyID() != openPgpV4Fingerprint.getKeyId()) {
                arrayList.add(next);
            } else {
                z = true;
                arrayList.add(setExpirationDate(secretKey, next, date, secretKeyRingProtector));
            }
        }
        if (!z) {
            throw new IllegalArgumentException("Key Ring does not contain secret key with fingerprint " + ((Object) openPgpV4Fingerprint));
        }
        this.secretKeyRing = new PGPSecretKeyRing(arrayList);
        return this;
    }

    private PGPSecretKey setExpirationDate(PGPSecretKey pGPSecretKey, PGPSecretKey pGPSecretKey2, Date date, SecretKeyRingProtector secretKeyRingProtector) throws PGPException {
        if (date != null && date.before(pGPSecretKey2.getPublicKey().getCreationTime())) {
            throw new IllegalArgumentException("Expiration date cannot be before creation date.");
        }
        PGPPrivateKey unlockSecretKey = UnlockSecretKey.unlockSecretKey(pGPSecretKey, secretKeyRingProtector);
        PGPPublicKey publicKey = pGPSecretKey2.getPublicKey();
        PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator = new PGPSignatureSubpacketGenerator(getPreviousSignature(pGPSecretKey, publicKey).getHashedSubPackets());
        SignatureSubpacketGeneratorUtil.setSignatureCreationTimeInSubpacketGenerator(new Date(), pGPSignatureSubpacketGenerator);
        SignatureSubpacketGeneratorUtil.setExpirationDateInSubpacketGenerator(date, publicKey.getCreationTime(), pGPSignatureSubpacketGenerator);
        PGPSignatureGenerator signatureGeneratorFor = SignatureUtils.getSignatureGeneratorFor(pGPSecretKey);
        signatureGeneratorFor.setHashedSubpackets(pGPSignatureSubpacketGenerator.generate());
        if (pGPSecretKey.getKeyID() == pGPSecretKey2.getKeyID()) {
            signatureGeneratorFor.init(19, unlockSecretKey);
            Iterator<String> userIDs = pGPSecretKey2.getUserIDs();
            while (userIDs.hasNext()) {
                String next = userIDs.next();
                publicKey = PGPPublicKey.addCertification(publicKey, next, signatureGeneratorFor.generateCertification(next, publicKey));
            }
        } else {
            signatureGeneratorFor.init(24, unlockSecretKey);
            publicKey = PGPPublicKey.addCertification(publicKey, signatureGeneratorFor.generateCertification(pGPSecretKey.getPublicKey(), publicKey));
        }
        return PGPSecretKey.replacePublicKey(pGPSecretKey2, publicKey);
    }

    private PGPSignature getPreviousSignature(PGPSecretKey pGPSecretKey, PGPPublicKey pGPPublicKey) {
        PGPSignature pGPSignature = null;
        if (pGPSecretKey.getKeyID() == pGPPublicKey.getKeyID()) {
            Iterator<PGPSignature> signaturesForKeyID = pGPPublicKey.getSignaturesForKeyID(pGPSecretKey.getKeyID());
            while (signaturesForKeyID.hasNext()) {
                PGPSignature next = signaturesForKeyID.next();
                if (next.getSignatureType() == 19) {
                    pGPSignature = next;
                }
            }
            if (pGPSignature == null) {
                throw new IllegalStateException("Key " + ((Object) new OpenPgpV4Fingerprint(pGPPublicKey)) + " does not have a previous positive signature.");
            }
        } else {
            Iterator<PGPSignature> signaturesOfType = pGPPublicKey.getSignaturesOfType(SignatureType.SUBKEY_BINDING.getCode());
            while (signaturesOfType.hasNext()) {
                pGPSignature = signaturesOfType.next();
            }
        }
        if (pGPSignature == null) {
            throw new IllegalStateException("Key " + ((Object) new OpenPgpV4Fingerprint(pGPPublicKey)) + " does not have a previous subkey binding signature.");
        }
        return pGPSignature;
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public PGPSignature createRevocationCertificate(SecretKeyRingProtector secretKeyRingProtector, RevocationAttributes revocationAttributes) throws PGPException {
        return generateRevocation(secretKeyRingProtector, this.secretKeyRing.getPublicKey(), revocationAttributes);
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public PGPSignature createRevocationCertificate(long j, SecretKeyRingProtector secretKeyRingProtector, RevocationAttributes revocationAttributes) throws PGPException {
        return generateRevocation(secretKeyRingProtector, KeyRingUtils.requirePublicKeyFrom(this.secretKeyRing, j), revocationAttributes);
    }

    private PGPSecretKeyRing revokeSubKey(SecretKeyRingProtector secretKeyRingProtector, PGPPublicKey pGPPublicKey, RevocationAttributes revocationAttributes) throws PGPException {
        return PGPSecretKeyRing.replacePublicKeys(this.secretKeyRing, PGPPublicKeyRing.insertPublicKey(KeyRingUtils.publicKeyRingFrom(this.secretKeyRing), PGPPublicKey.addCertification(pGPPublicKey, generateRevocation(secretKeyRingProtector, pGPPublicKey, revocationAttributes))));
    }

    private PGPSignature generateRevocation(SecretKeyRingProtector secretKeyRingProtector, PGPPublicKey pGPPublicKey, RevocationAttributes revocationAttributes) throws PGPException {
        PGPSignature generateCertification;
        PGPSecretKey secretKey = this.secretKeyRing.getSecretKey();
        PGPSignatureGenerator signatureGeneratorFor = SignatureUtils.getSignatureGeneratorFor(secretKey);
        PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator = new PGPSignatureSubpacketGenerator();
        pGPSignatureSubpacketGenerator.setIssuerFingerprint(false, secretKey);
        if (revocationAttributes != null) {
            pGPSignatureSubpacketGenerator.setRevocationReason(false, revocationAttributes.getReason().code(), revocationAttributes.getDescription());
        }
        signatureGeneratorFor.setHashedSubpackets(pGPSignatureSubpacketGenerator.generate());
        PGPPrivateKey unlockSecretKey = UnlockSecretKey.unlockSecretKey(secretKey, secretKeyRingProtector);
        if (pGPPublicKey.isMasterKey()) {
            signatureGeneratorFor.init(SignatureType.KEY_REVOCATION.getCode(), unlockSecretKey);
            generateCertification = signatureGeneratorFor.generateCertification(pGPPublicKey);
        } else {
            signatureGeneratorFor.init(SignatureType.SUBKEY_REVOCATION.getCode(), unlockSecretKey);
            generateCertification = signatureGeneratorFor.generateCertification(secretKey.getPublicKey(), pGPPublicKey);
        }
        return generateCertification;
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface.WithKeyRingEncryptionSettings changePassphraseFromOldPassphrase(@Nullable Passphrase passphrase, @Nonnull KeyRingProtectionSettings keyRingProtectionSettings) {
        return new WithKeyRingEncryptionSettingsImpl(null, new PasswordBasedSecretKeyRingProtector(keyRingProtectionSettings, new SolitaryPassphraseProvider(passphrase)));
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public SecretKeyRingEditorInterface.WithKeyRingEncryptionSettings changeSubKeyPassphraseFromOldPassphrase(@Nonnull Long l, @Nullable Passphrase passphrase, @Nonnull KeyRingProtectionSettings keyRingProtectionSettings) {
        return new WithKeyRingEncryptionSettingsImpl(l, new CachingSecretKeyRingProtector(Collections.singletonMap(l, passphrase), keyRingProtectionSettings, null));
    }

    @Override // org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
    public PGPSecretKeyRing done() {
        return this.secretKeyRing;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public PGPSecretKeyRing changePassphrase(Long l, PGPSecretKeyRing pGPSecretKeyRing, SecretKeyRingProtector secretKeyRingProtector, SecretKeyRingProtector secretKeyRingProtector2) throws PGPException {
        if (l == null) {
            ArrayList arrayList = new ArrayList();
            Iterator<PGPSecretKey> secretKeys = pGPSecretKeyRing.getSecretKeys();
            while (secretKeys.hasNext()) {
                PGPSecretKey next = secretKeys.next();
                arrayList.add(lockPrivateKey(UnlockSecretKey.unlockSecretKey(next, secretKeyRingProtector), next.getPublicKey(), secretKeyRingProtector2));
            }
            return new PGPSecretKeyRing(arrayList);
        }
        ArrayList arrayList2 = new ArrayList();
        Iterator<PGPSecretKey> secretKeys2 = pGPSecretKeyRing.getSecretKeys();
        while (secretKeys2.hasNext()) {
            PGPSecretKey next2 = secretKeys2.next();
            if (next2.getPublicKey().getKeyID() == l.longValue()) {
                next2 = lockPrivateKey(UnlockSecretKey.unlockSecretKey(next2, secretKeyRingProtector), next2.getPublicKey(), secretKeyRingProtector2);
            }
            arrayList2.add(next2);
        }
        return new PGPSecretKeyRing(arrayList2);
    }

    private PGPSecretKey lockPrivateKey(PGPPrivateKey pGPPrivateKey, PGPPublicKey pGPPublicKey, SecretKeyRingProtector secretKeyRingProtector) throws PGPException {
        return new PGPSecretKey(pGPPrivateKey, pGPPublicKey, ImplementationFactory.getInstance().getPGPDigestCalculator(this.defaultDigestHashAlgorithm), pGPPublicKey.isMasterKey(), secretKeyRingProtector.getEncryptor(Long.valueOf(pGPPublicKey.getKeyID())));
    }
}
