package org.pgpainless.sop;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.CharacterCodingException;
import java.util.ArrayList;
import java.util.Iterator;
import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
import org.pgpainless.PGPainless;
import org.pgpainless.exception.WrongPassphraseException;
import org.pgpainless.key.OpenPgpFingerprint;
import org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface;
import org.pgpainless.key.util.KeyRingUtils;
import org.pgpainless.key.util.RevocationAttributes;
import org.pgpainless.util.ArmoredOutputStreamFactory;
import org.pgpainless.util.Passphrase;
import sop.Ready;
import sop.exception.SOPGPException;
import sop.operation.RevokeKey;
import sop.util.UTF8Util;

/* loaded from: input_file:org/pgpainless/sop/RevokeKeyImpl.class */
public class RevokeKeyImpl implements RevokeKey {
    private final MatchMakingSecretKeyRingProtector protector = new MatchMakingSecretKeyRingProtector();
    private boolean armor = true;

    public RevokeKey noArmor() {
        this.armor = false;
        return this;
    }

    public RevokeKey withKeyPassword(byte[] bArr) throws SOPGPException.UnsupportedOption, SOPGPException.PasswordNotHumanReadable {
        try {
            this.protector.addPassphrase(Passphrase.fromPassword(UTF8Util.decodeUTF8(bArr)));
            return this;
        } catch (CharacterCodingException e) {
            throw new SOPGPException.PasswordNotHumanReadable("Cannot UTF8-decode password.");
        }
    }

    public Ready keys(InputStream inputStream) throws SOPGPException.BadData {
        try {
            PGPSecretKeyRingCollection readSecretKeys = KeyReader.readSecretKeys(inputStream, true);
            Iterator it = readSecretKeys.iterator();
            while (it.hasNext()) {
                this.protector.addSecretKey((PGPSecretKeyRing) it.next());
            }
            final ArrayList arrayList = new ArrayList();
            Iterator it2 = readSecretKeys.iterator();
            while (it2.hasNext()) {
                PGPSecretKeyRing pGPSecretKeyRing = (PGPSecretKeyRing) it2.next();
                SecretKeyRingEditorInterface modifyKeyRing = PGPainless.modifyKeyRing(pGPSecretKeyRing);
                try {
                    RevocationAttributes withoutDescription = RevocationAttributes.createKeyRevocation().withReason(RevocationAttributes.Reason.NO_REASON).withoutDescription();
                    if (pGPSecretKeyRing.getPublicKey().getVersion() == 6) {
                        arrayList.add(modifyKeyRing.createMinimalRevocationCertificate(this.protector, withoutDescription));
                    } else {
                        arrayList.add(KeyRingUtils.injectCertification(PGPainless.extractCertificate(pGPSecretKeyRing), modifyKeyRing.createRevocation(this.protector, withoutDescription)));
                    }
                } catch (PGPException e) {
                    throw new RuntimeException("Cannot generate revocation certificate.", e);
                } catch (WrongPassphraseException e2) {
                    throw new SOPGPException.KeyIsProtected("Missing or wrong passphrase for key " + OpenPgpFingerprint.of(pGPSecretKeyRing), e2);
                }
            }
            return new Ready() { // from class: org.pgpainless.sop.RevokeKeyImpl.1
                public void writeTo(OutputStream outputStream) throws IOException {
                    PGPPublicKeyRingCollection pGPPublicKeyRingCollection = new PGPPublicKeyRingCollection(arrayList);
                    if (!RevokeKeyImpl.this.armor) {
                        pGPPublicKeyRingCollection.encode(outputStream);
                        return;
                    }
                    ArmoredOutputStream armoredOutputStream = ArmoredOutputStreamFactory.get(outputStream);
                    pGPPublicKeyRingCollection.encode(armoredOutputStream);
                    armoredOutputStream.close();
                }
            };
        } catch (IOException e3) {
            throw new SOPGPException.BadData("Cannot decode secret keys.", e3);
        }
    }
}
