package org.bouncycastle.openpgp.test;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Date;
import java.util.Iterator;
import org.bouncycastle.bcpg.ArmoredInputStream;
import org.bouncycastle.bcpg.BCPGInputStream;
import org.bouncycastle.bcpg.S2K;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.CryptoServicesRegistrar;
import org.bouncycastle.crypto.generators.Ed25519KeyPairGenerator;
import org.bouncycastle.crypto.params.Ed25519KeyGenerationParameters;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPKeyPair;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.bc.BcPGPObjectFactory;
import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor;
import org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider;
import org.bouncycastle.openpgp.operator.bc.BcAEADSecretKeyEncryptorBuilder;
import org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyDecryptorBuilder;
import org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyEncryptorBuilder;
import org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider;
import org.bouncycastle.openpgp.operator.bc.BcPGPKeyPair;
import org.bouncycastle.openpgp.operator.jcajce.JcaAEADSecretKeyEncryptorBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPKeyPair;
import org.bouncycastle.openpgp.operator.jcajce.JcePBEProtectionRemoverFactory;
import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyEncryptorBuilder;
import org.bouncycastle.util.Strings;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:org/bouncycastle/openpgp/test/AEADProtectedPGPSecretKeyTest.class */
public class AEADProtectedPGPSecretKeyTest extends AbstractPgpKeyPairTest {
    @Override // org.bouncycastle.util.test.SimpleTest, org.bouncycastle.util.test.Test
    public String getName() {
        return "AEADProtectedPGPSecretKeyTest";
    }

    @Override // org.bouncycastle.util.test.SimpleTest
    public void performTest() throws Exception {
        unlockTestVector();
        generateAndLockUnlockEd25519v4Key();
        generateAndLockUnlockEd25519v6Key();
        testUnlockKeyWithWrongPassphraseBc();
        testUnlockKeyWithWrongPassphraseJca();
        reencryptKey();
    }

    private void unlockTestVector() throws IOException, PGPException {
        char[] charArray = "correct horse battery staple".toCharArray();
        byte[] decode = Hex.decode("1972817b12be707e8d5f586ce61361201d344eb266a2c82fde6835762b65b0b7");
        byte[] decode2 = Hex.decode("4d600a4f794d44775c57a26e0feefed558e9afffd6ad0d582d57fb2ba2dcedb8");
        Iterator secretKeys = ((PGPSecretKeyRing) new BcPGPObjectFactory(new BCPGInputStream(new ArmoredInputStream(new ByteArrayInputStream(Strings.toUTF8ByteArray("-----BEGIN PGP PRIVATE KEY BLOCK-----\n\nxYIGY4d/4xsAAAAg+U2nu0jWCmHlZ3BqZYfQMxmZu52JGggkLq2EVD34laP9JgkC\nFARdb9ccngltHraRe25uHuyuAQQVtKipJ0+r5jL4dacGWSAheCWPpITYiyfyIOPS\n3gIDyg8f7strd1OB4+LZsUhcIjOMpVHgmiY/IutJkulneoBYwrEGHxsKAAAAQgWC\nY4d/4wMLCQcFFQoOCAwCFgACmwMCHgkiIQbLGGxPBgmml+TVLfpscisMHx4nwYpW\ncI9lJewnutmsyQUnCQIHAgAAAACtKCAQPi19In7A5tfORHHbNr/JcIMlNpAnFJin\n7wV2wH+q4UWFs7kDsBJ+xP2i8CMEWi7Ha8tPlXGpZR4UruETeh1mhELIj5UeM8T/\n0z+5oX1RHu11j8bZzFDLX9eTsgOdWATHggZjh3/jGQAAACCGkySDZ/nlAV25Ivj0\ngJXdp4SYfy1ZhbEvutFsr15ENf0mCQIUBA5hhGgp2oaavg6mFUXcFMwBBBUuE8qf\n9Ock+xwusd+GAglBr5LVyr/lup3xxQvHXFSjjA2haXfoN6xUGRdDEHI6+uevKjVR\nv5oAxgu7eJpaXNjCmwYYGwoAAAAsBYJjh3/jApsMIiEGyxhsTwYJppfk1S36bHIr\nDB8eJ8GKVnCPZSXsJ7rZrMkAAAAABAEgpukYbZ1ZNfyP5WMUzbUnSGpaUSD5t2Ki\nNacp8DkBClZRa2c3AMQzSDXa9jGhYzxjzVb5scHDzTkjyRZWRdTq8U6L4da+/+Kt\nruh8m7Xo2ehSSFyWRSuTSZe5tm/KXgYG\n-----END PGP PRIVATE KEY BLOCK-----"))))).nextObject()).getSecretKeys();
        PGPSecretKey pGPSecretKey = (PGPSecretKey) secretKeys.next();
        PGPSecretKey pGPSecretKey2 = (PGPSecretKey) secretKeys.next();
        isEncodingEqual(decode, pGPSecretKey.extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(charArray)).getPrivateKeyDataPacket().getEncoded());
        isEncodingEqual(decode2, pGPSecretKey2.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider(new BouncyCastleProvider()).build(charArray)).getPrivateKeyDataPacket().getEncoded());
        isEncodingEqual(decode2, pGPSecretKey2.extractPrivateKey(new JcePBEProtectionRemoverFactory(charArray).setProvider(new BouncyCastleProvider()).createDecryptor("")).getPrivateKeyDataPacket().getEncoded());
    }

    private void generateAndLockUnlockEd25519v4Key() throws PGPException {
        Ed25519KeyPairGenerator ed25519KeyPairGenerator = new Ed25519KeyPairGenerator();
        ed25519KeyPairGenerator.init(new Ed25519KeyGenerationParameters(new SecureRandom()));
        BcPGPKeyPair bcPGPKeyPair = new BcPGPKeyPair(4, 27, ed25519KeyPairGenerator.generateKeyPair(), currentTimeRounded());
        lockUnlockKeyBc(bcPGPKeyPair, 1, 7, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 2, 7, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 3, 7, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 1, 7, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 2, 7, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 3, 7, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 1, 8, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 2, 8, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 3, 8, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 1, 8, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 2, 8, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 3, 8, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 1, 9, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 2, 9, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 3, 9, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 1, 9, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 2, 9, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 3, 9, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 1, 11, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 2, 11, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 3, 11, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 1, 11, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 2, 11, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 3, 11, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 1, 12, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 2, 12, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 3, 12, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 1, 12, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 2, 12, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 3, 12, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 1, 13, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 2, 13, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 3, 13, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 1, 13, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 2, 13, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 3, 13, "a$$word", "a$$word");
    }

    private void generateAndLockUnlockEd25519v6Key() throws PGPException {
        Ed25519KeyPairGenerator ed25519KeyPairGenerator = new Ed25519KeyPairGenerator();
        ed25519KeyPairGenerator.init(new Ed25519KeyGenerationParameters(new SecureRandom()));
        BcPGPKeyPair bcPGPKeyPair = new BcPGPKeyPair(6, 27, ed25519KeyPairGenerator.generateKeyPair(), currentTimeRounded());
        lockUnlockKeyBc(bcPGPKeyPair, 1, 9, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 2, 9, "a$$word", "a$$word");
        lockUnlockKeyBc(bcPGPKeyPair, 3, 9, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 1, 9, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 2, 9, "a$$word", "a$$word");
        lockUnlockKeyJca(bcPGPKeyPair, 3, 9, "a$$word", "a$$word");
    }

    private void testUnlockKeyWithWrongPassphraseBc() throws PGPException {
        Ed25519KeyPairGenerator ed25519KeyPairGenerator = new Ed25519KeyPairGenerator();
        ed25519KeyPairGenerator.init(new Ed25519KeyGenerationParameters(new SecureRandom()));
        AsymmetricCipherKeyPair generateKeyPair = ed25519KeyPairGenerator.generateKeyPair();
        Date currentTimeRounded = currentTimeRounded();
        int i = 0;
        while (i != 2) {
            BcPGPKeyPair bcPGPKeyPair = new BcPGPKeyPair(i == 0 ? 4 : 6, 27, generateKeyPair, currentTimeRounded);
            BcAEADSecretKeyEncryptorBuilder bcAEADSecretKeyEncryptorBuilder = new BcAEADSecretKeyEncryptorBuilder(2, 9, S2K.Argon2Params.memoryConstrainedParameters());
            BcPGPDigestCalculatorProvider bcPGPDigestCalculatorProvider = new BcPGPDigestCalculatorProvider();
            try {
                new PGPSecretKey(bcPGPKeyPair.getPrivateKey(), bcPGPKeyPair.getPublicKey(), bcPGPDigestCalculatorProvider.get(2), true, bcAEADSecretKeyEncryptorBuilder.build("passphrase".toCharArray(), bcPGPKeyPair.getPublicKey().getPublicKeyPacket())).extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(bcPGPDigestCalculatorProvider).build("password".toCharArray()));
                fail("Expected PGPException due to mismatched passphrase");
            } catch (PGPException e) {
            }
            i++;
        }
    }

    private void testUnlockKeyWithWrongPassphraseJca() throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EdDSA", (Provider) bouncyCastleProvider);
        keyPairGenerator.initialize((AlgorithmParameterSpec) new ECNamedCurveGenParameterSpec("ed25519"));
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        Date currentTimeRounded = currentTimeRounded();
        int i = 0;
        while (i != 2) {
            JcaPGPKeyPair jcaPGPKeyPair = new JcaPGPKeyPair(i == 0 ? 4 : 6, 27, generateKeyPair, currentTimeRounded);
            JcaAEADSecretKeyEncryptorBuilder provider = new JcaAEADSecretKeyEncryptorBuilder(2, 9, S2K.Argon2Params.memoryConstrainedParameters()).setProvider(bouncyCastleProvider);
            PGPDigestCalculatorProvider build = new JcaPGPDigestCalculatorProviderBuilder().setProvider(bouncyCastleProvider).build();
            try {
                new PGPSecretKey(jcaPGPKeyPair.getPrivateKey(), jcaPGPKeyPair.getPublicKey(), build.get(2), true, provider.build("Yin".toCharArray(), jcaPGPKeyPair.getPublicKey().getPublicKeyPacket())).extractPrivateKey(new JcePBESecretKeyDecryptorBuilder(build).setProvider(bouncyCastleProvider).build("Yang".toCharArray()));
                fail("Expected PGPException due to wrong passphrase");
            } catch (PGPException e) {
            }
            i++;
        }
    }

    private void lockUnlockKeyBc(PGPKeyPair pGPKeyPair, int i, int i2, String str, String str2) throws PGPException {
        BcAEADSecretKeyEncryptorBuilder bcAEADSecretKeyEncryptorBuilder = new BcAEADSecretKeyEncryptorBuilder(i, i2, S2K.Argon2Params.memoryConstrainedParameters());
        BcPGPDigestCalculatorProvider bcPGPDigestCalculatorProvider = new BcPGPDigestCalculatorProvider();
        PGPSecretKey pGPSecretKey = new PGPSecretKey(pGPKeyPair.getPrivateKey(), pGPKeyPair.getPublicKey(), bcPGPDigestCalculatorProvider.get(2), true, bcAEADSecretKeyEncryptorBuilder.build(str.toCharArray(), pGPKeyPair.getPublicKey().getPublicKeyPacket()));
        isEquals("S2KUsage mismatch", 253L, pGPSecretKey.getS2KUsage());
        isEquals("S2K type mismatch", 4L, pGPSecretKey.getS2K().getType());
        isEquals("Argon2 passes parameter mismatch", 3L, pGPSecretKey.getS2K().getPasses());
        isEquals("Argon2 parallelism parameter mismatch", 4L, pGPSecretKey.getS2K().getParallelism());
        isEquals("Argon2 memory exponent parameter mismatch", 16L, pGPSecretKey.getS2K().getMemorySizeExponent());
        isEquals("Symmetric key encryption algorithm mismatch", i2, pGPSecretKey.getKeyEncryptionAlgorithm());
        isEquals("AEAD key encryption algorithm mismatch", i, pGPSecretKey.getAEADKeyEncryptionAlgorithm());
        isEncodingEqual("Decrypted key encoding mismatch", pGPKeyPair.getPrivateKey().getPrivateKeyDataPacket().getEncoded(), pGPSecretKey.extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(bcPGPDigestCalculatorProvider).build(str2.toCharArray())).getPrivateKeyDataPacket().getEncoded());
    }

    private void lockUnlockKeyJca(PGPKeyPair pGPKeyPair, int i, int i2, String str, String str2) throws PGPException {
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        JcaAEADSecretKeyEncryptorBuilder provider = new JcaAEADSecretKeyEncryptorBuilder(i, i2, S2K.Argon2Params.memoryConstrainedParameters()).setProvider(bouncyCastleProvider);
        PGPDigestCalculatorProvider build = new JcaPGPDigestCalculatorProviderBuilder().setProvider(bouncyCastleProvider).build();
        PGPSecretKey pGPSecretKey = new PGPSecretKey(pGPKeyPair.getPrivateKey(), pGPKeyPair.getPublicKey(), build.get(2), true, provider.build(str.toCharArray(), pGPKeyPair.getPublicKey().getPublicKeyPacket()));
        isEquals("S2KUsage mismatch", 253L, pGPSecretKey.getS2KUsage());
        isEquals("S2K type mismatch", 4L, pGPSecretKey.getS2K().getType());
        isEquals("Argon2 passes parameter mismatch", 3L, pGPSecretKey.getS2K().getPasses());
        isEquals("Argon2 parallelism parameter mismatch", 4L, pGPSecretKey.getS2K().getParallelism());
        isEquals("Argon2 memory exponent parameter mismatch", 16L, pGPSecretKey.getS2K().getMemorySizeExponent());
        isEquals("Symmetric key encryption algorithm mismatch", i2, pGPSecretKey.getKeyEncryptionAlgorithm());
        isEquals("AEAD algorithm mismatch", i, pGPSecretKey.getAEADKeyEncryptionAlgorithm());
        isEncodingEqual("Decrypted key encoding mismatch", pGPKeyPair.getPrivateKey().getPrivateKeyDataPacket().getEncoded(), pGPSecretKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder(build).setProvider(bouncyCastleProvider).build(str2.toCharArray())).getPrivateKeyDataPacket().getEncoded());
    }

    private void reencryptKey() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
        reencryptKeyBc();
        reencryptKeyJca();
    }

    private void reencryptKeyJca() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, PGPException {
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EdDSA", (Provider) bouncyCastleProvider);
        keyPairGenerator.initialize((AlgorithmParameterSpec) new ECNamedCurveGenParameterSpec("ed25519"));
        JcaPGPKeyPair jcaPGPKeyPair = new JcaPGPKeyPair(6, 27, keyPairGenerator.generateKeyPair(), currentTimeRounded());
        PBESecretKeyEncryptor build = new JcePBESecretKeyEncryptorBuilder(7).setProvider(bouncyCastleProvider).setSecureRandom(CryptoServicesRegistrar.getSecureRandom()).build("recycle".toCharArray());
        PGPDigestCalculatorProvider build2 = new JcaPGPDigestCalculatorProviderBuilder().setProvider(bouncyCastleProvider).build();
        PGPSecretKey pGPSecretKey = new PGPSecretKey(jcaPGPKeyPair.getPrivateKey(), jcaPGPKeyPair.getPublicKey(), build2.get(2), true, build);
        isNotNull(PGPSecretKey.copyWithNewPassword(pGPSecretKey, new JcePBESecretKeyDecryptorBuilder(build2).setProvider(bouncyCastleProvider).build("recycle".toCharArray()), new JcaAEADSecretKeyEncryptorBuilder(2, 7, S2K.Argon2Params.memoryConstrainedParameters()).setProvider(bouncyCastleProvider).build("recycle".toCharArray(), pGPSecretKey.getPublicKey().getPublicKeyPacket())).extractPrivateKey(new JcePBESecretKeyDecryptorBuilder(build2).setProvider(bouncyCastleProvider).build("recycle".toCharArray())));
    }

    private void reencryptKeyBc() throws PGPException {
        Ed25519KeyPairGenerator ed25519KeyPairGenerator = new Ed25519KeyPairGenerator();
        ed25519KeyPairGenerator.init(new Ed25519KeyGenerationParameters(new SecureRandom()));
        BcPGPKeyPair bcPGPKeyPair = new BcPGPKeyPair(6, 27, ed25519KeyPairGenerator.generateKeyPair(), currentTimeRounded());
        PBESecretKeyEncryptor build = new BcPBESecretKeyEncryptorBuilder(7).build("recycle".toCharArray());
        BcPGPDigestCalculatorProvider bcPGPDigestCalculatorProvider = new BcPGPDigestCalculatorProvider();
        PGPSecretKey pGPSecretKey = new PGPSecretKey(bcPGPKeyPair.getPrivateKey(), bcPGPKeyPair.getPublicKey(), bcPGPDigestCalculatorProvider.get(2), true, build);
        isNotNull(PGPSecretKey.copyWithNewPassword(pGPSecretKey, new BcPBESecretKeyDecryptorBuilder(bcPGPDigestCalculatorProvider).build("recycle".toCharArray()), new BcAEADSecretKeyEncryptorBuilder(2, 7, S2K.Argon2Params.memoryConstrainedParameters()).build("recycle".toCharArray(), pGPSecretKey.getPublicKey().getPublicKeyPacket())).extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(bcPGPDigestCalculatorProvider).build("recycle".toCharArray())));
    }

    public static void main(String[] strArr) {
        runTest(new AEADProtectedPGPSecretKeyTest());
    }
}
