package org.eclipse.jgit.gpg.bc.internal.keys;

import java.io.BufferedInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URISyntaxException;
import java.text.MessageFormat;
import org.bouncycastle.bcpg.ECPublicBCPGKey;
import org.bouncycastle.gpg.PGPSecretKeyParser;
import org.bouncycastle.gpg.SExprParser;
import org.bouncycastle.openpgp.ExtendedPGPSecretKey;
import org.bouncycastle.openpgp.OpenedPGPKeyData;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.operator.KeyFingerPrintCalculator;
import org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider;
import org.bouncycastle.openpgp.operator.jcajce.JcaKeyFingerprintCalculator;
import org.bouncycastle.openpgp.operator.jcajce.JcePBEProtectionRemoverFactory;
import org.eclipse.jgit.api.errors.CanceledException;
import org.eclipse.jgit.errors.UnsupportedCredentialItem;
import org.eclipse.jgit.gpg.bc.internal.BCText;

/* loaded from: input_file:org/eclipse/jgit/gpg/bc/internal/keys/SecretKeys.class */
public final class SecretKeys {
    private static final int MAX_SEXPR_NESTING = 20;

    /* loaded from: input_file:org/eclipse/jgit/gpg/bc/internal/keys/SecretKeys$PassphraseSupplier.class */
    public interface PassphraseSupplier {
        char[] getPassphrase() throws PGPException, CanceledException, UnsupportedCredentialItem, URISyntaxException;
    }

    private SecretKeys() {
    }

    public static PGPSecretKey readSecretKey(InputStream inputStream, PGPDigestCalculatorProvider pGPDigestCalculatorProvider, PassphraseSupplier passphraseSupplier, PGPPublicKey pGPPublicKey) throws IOException, PGPException, CanceledException, UnsupportedCredentialItem, URISyntaxException {
        Throwable th = null;
        try {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream);
            try {
                OpenedPGPKeyData parse = PGPSecretKeyParser.parse(bufferedInputStream, MAX_SEXPR_NESTING);
                if (bufferedInputStream != null) {
                    bufferedInputStream.close();
                }
                JcePBEProtectionRemoverFactory jcePBEProtectionRemoverFactory = null;
                if (isProtected(parse)) {
                    jcePBEProtectionRemoverFactory = new JcePBEProtectionRemoverFactory(passphraseSupplier.getPassphrase(), pGPDigestCalculatorProvider);
                }
                switch (pGPPublicKey.getAlgorithm()) {
                    case 22:
                    case 27:
                        ExtendedPGPSecretKey keyData = parse.getKeyData((PGPPublicKey) null, pGPDigestCalculatorProvider, jcePBEProtectionRemoverFactory, new JcaKeyFingerprintCalculator(), MAX_SEXPR_NESTING);
                        PGPPublicKey publicKey = keyData.getPublicKey();
                        int algorithm = publicKey.getAlgorithm();
                        if (algorithm != 22 && algorithm != 27) {
                            throw new PGPException(BCText.get().keyAlgorithmMismatch);
                        }
                        ECPublicBCPGKey key = pGPPublicKey.getPublicKeyPacket().getKey();
                        ECPublicBCPGKey key2 = publicKey.getPublicKeyPacket().getKey();
                        if (ObjectIds.match(key.getCurveOID(), key2.getCurveOID()) && key.getEncodedPoint().equals(key2.getEncodedPoint())) {
                            return keyData;
                        }
                        throw new PGPException(MessageFormat.format(BCText.get().keyMismatch, key.getCurveOID(), key.getEncodedPoint(), key2.getCurveOID(), key2.getEncodedPoint()));
                    default:
                        return parse.getKeyData(pGPPublicKey, pGPDigestCalculatorProvider, jcePBEProtectionRemoverFactory, (KeyFingerPrintCalculator) null, MAX_SEXPR_NESTING);
                }
            } catch (Throwable th2) {
                if (bufferedInputStream != null) {
                    bufferedInputStream.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }

    private static boolean isProtected(OpenedPGPKeyData openedPGPKeyData) {
        return 2 == SExprParser.getProtectionType(openedPGPKeyData.getKeyExpression().getString(0));
    }
}
