package org.pgpainless.sop;

import java.io.IOException;
import java.io.OutputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;
import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.key.generation.KeyRingBuilder;
import org.pgpainless.key.generation.KeySpec;
import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
import org.pgpainless.key.generation.type.rsa.RsaLength;
import org.pgpainless.key.generation.type.xdh.XDHSpec;
import org.pgpainless.util.ArmorUtils;
import org.pgpainless.util.Passphrase;
import sop.Profile;
import sop.Ready;
import sop.exception.SOPGPException;
import sop.operation.GenerateKey;

/* loaded from: input_file:org/pgpainless/sop/GenerateKeyImpl.class */
public class GenerateKeyImpl implements GenerateKey {
    public static final Profile CURVE25519_PROFILE = new Profile("draft-koch-eddsa-for-openpgp-00", "Generate EdDSA / ECDH keys using Curve25519");
    public static final Profile RSA4096_PROFILE = new Profile("rfc4880", "Generate 4096-bit RSA keys");
    public static final List<Profile> SUPPORTED_PROFILES = Arrays.asList(CURVE25519_PROFILE, RSA4096_PROFILE);
    private boolean armor = true;
    private boolean signingOnly = false;
    private final Set<String> userIds = new LinkedHashSet();
    private Passphrase passphrase = Passphrase.emptyPassphrase();
    private String profile = CURVE25519_PROFILE.getName();

    public GenerateKey noArmor() {
        this.armor = false;
        return this;
    }

    public GenerateKey userId(String str) {
        this.userIds.add(str);
        return this;
    }

    public GenerateKey withKeyPassword(String str) {
        this.passphrase = Passphrase.fromPassword(str);
        return this;
    }

    public GenerateKey profile(String str) {
        Iterator<Profile> it = SUPPORTED_PROFILES.iterator();
        while (it.hasNext()) {
            if (it.next().getName().equals(str)) {
                this.profile = str;
                return this;
            }
        }
        throw new SOPGPException.UnsupportedProfile("generate-key", str);
    }

    public GenerateKey signingOnly() {
        this.signingOnly = true;
        return this;
    }

    public Ready generate() throws SOPGPException.MissingArg, SOPGPException.UnsupportedAsymmetricAlgo {
        try {
            final PGPSecretKeyRing generateKeyWithProfile = generateKeyWithProfile(this.profile, this.userIds, this.passphrase, this.signingOnly);
            return new Ready() { // from class: org.pgpainless.sop.GenerateKeyImpl.1
                public void writeTo(OutputStream outputStream) throws IOException {
                    if (!GenerateKeyImpl.this.armor) {
                        generateKeyWithProfile.encode(outputStream);
                        return;
                    }
                    ArmoredOutputStream asciiArmoredStream = ArmorUtils.toAsciiArmoredStream(generateKeyWithProfile, outputStream);
                    generateKeyWithProfile.encode(asciiArmoredStream);
                    asciiArmoredStream.close();
                }
            };
        } catch (PGPException e) {
            throw new RuntimeException((Throwable) e);
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException e2) {
            throw new SOPGPException.UnsupportedAsymmetricAlgo("Unsupported asymmetric algorithm.", e2);
        }
    }

    private PGPSecretKeyRing generateKeyWithProfile(String str, Set<String> set, Passphrase passphrase, boolean z) throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
        KeyRingBuilder addSubkey;
        if (str.equals(CURVE25519_PROFILE.getName())) {
            addSubkey = (KeyRingBuilder) PGPainless.buildKeyRing().setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER, new KeyFlag[0])).addSubkey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.SIGN_DATA, new KeyFlag[0]));
            if (!z) {
                addSubkey.addSubkey(KeySpec.getBuilder(KeyType.XDH(XDHSpec._X25519), KeyFlag.ENCRYPT_COMMS, new KeyFlag[]{KeyFlag.ENCRYPT_STORAGE}));
            }
        } else {
            if (!str.equals(RSA4096_PROFILE.getName())) {
                throw new SOPGPException.UnsupportedProfile("generate-key", str);
            }
            addSubkey = PGPainless.buildKeyRing().setPrimaryKey(KeySpec.getBuilder(KeyType.RSA(RsaLength._4096), KeyFlag.CERTIFY_OTHER, new KeyFlag[0])).addSubkey(KeySpec.getBuilder(KeyType.RSA(RsaLength._4096), KeyFlag.SIGN_DATA, new KeyFlag[0]));
            if (!z) {
                addSubkey.addSubkey(KeySpec.getBuilder(KeyType.RSA(RsaLength._4096), KeyFlag.ENCRYPT_COMMS, new KeyFlag[]{KeyFlag.ENCRYPT_STORAGE}));
            }
        }
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            addSubkey.addUserId(it.next());
        }
        if (!passphrase.isEmpty()) {
            addSubkey.setPassphrase(passphrase);
        }
        return addSubkey.build();
    }
}
