package com.google.gerrit.gpg;

import com.google.common.collect.ImmutableList;
import com.google.common.flogger.FluentLogger;
import com.google.common.io.BaseEncoding;
import com.google.gerrit.entities.Account;
import com.google.gerrit.server.account.externalids.ExternalId;
import com.google.gerrit.server.account.externalids.ExternalIds;
import com.google.inject.Inject;
import com.google.inject.Provider;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.eclipse.jgit.lib.CommitBuilder;
import org.eclipse.jgit.lib.PersonIdent;
import org.eclipse.jgit.lib.RefUpdate;
import org.eclipse.jgit.util.NB;

/* loaded from: input_file:com/google/gerrit/gpg/PublicKeyStoreUtil.class */
public class PublicKeyStoreUtil {
    private static final FluentLogger logger = FluentLogger.forEnclosingClass();
    private final ExternalIds externalIds;
    private final Provider<PublicKeyStore> storeProvider;

    @Inject
    PublicKeyStoreUtil(ExternalIds externalIds, Provider<PublicKeyStore> provider) {
        this.externalIds = externalIds;
        this.storeProvider = provider;
    }

    public static byte[] parseFingerprint(ExternalId externalId) {
        return BaseEncoding.base16().decode(externalId.key().id());
    }

    public static long keyIdFromFingerprint(byte[] bArr) {
        return NB.decodeInt64(bArr, bArr.length - 8);
    }

    public boolean hasInitializedPublicKeyStore() {
        try {
            return this.storeProvider.get() != null;
        } catch (Exception e) {
            return false;
        }
    }

    public List<PGPPublicKey> listGpgKeysForUser(Account.Id id) throws PGPException, IOException {
        ArrayList arrayList = new ArrayList();
        PublicKeyStore publicKeyStore = this.storeProvider.get();
        try {
            Iterator<ExternalId> it = getGpgExtIds(id).iterator();
            while (it.hasNext()) {
                byte[] parseFingerprint = parseFingerprint(it.next());
                boolean z = false;
                Iterator it2 = publicKeyStore.get(keyIdFromFingerprint(parseFingerprint)).iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    }
                    PGPPublicKeyRing pGPPublicKeyRing = (PGPPublicKeyRing) it2.next();
                    if (Arrays.equals(pGPPublicKeyRing.getPublicKey().getFingerprint(), parseFingerprint)) {
                        z = true;
                        arrayList.add(pGPPublicKeyRing.getPublicKey());
                        break;
                    }
                }
                if (!z) {
                    logger.atWarning().log("No public key stored for fingerprint %s", Fingerprint.toString(parseFingerprint));
                }
            }
            if (publicKeyStore != null) {
                publicKeyStore.close();
            }
            return arrayList;
        } catch (Throwable th) {
            if (publicKeyStore != null) {
                try {
                    publicKeyStore.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    public Iterable<ExternalId> getGpgExtIds(Account.Id id) throws IOException {
        return this.externalIds.byAccount(id, ExternalId.SCHEME_GPGKEY);
    }

    public RefUpdate.Result deletePgpKey(PGPPublicKey pGPPublicKey, PersonIdent personIdent, PersonIdent personIdent2) throws PGPException, IOException {
        return deletePgpKeys(ImmutableList.of(pGPPublicKey), personIdent, personIdent2).get(0);
    }

    public List<RefUpdate.Result> deletePgpKeys(List<PGPPublicKey> list, PersonIdent personIdent, PersonIdent personIdent2) throws IOException, PGPException {
        ArrayList arrayList = new ArrayList();
        PublicKeyStore publicKeyStore = this.storeProvider.get();
        try {
            for (PGPPublicKey pGPPublicKey : list) {
                publicKeyStore.remove(pGPPublicKey.getFingerprint());
                CommitBuilder commitBuilder = new CommitBuilder();
                commitBuilder.setAuthor(personIdent2);
                commitBuilder.setCommitter(personIdent);
                commitBuilder.setMessage("Delete public key " + PublicKeyStore.keyIdToString(pGPPublicKey.getKeyID()));
                arrayList.add(publicKeyStore.save(commitBuilder));
            }
            if (publicKeyStore != null) {
                publicKeyStore.close();
            }
            return arrayList;
        } catch (Throwable th) {
            if (publicKeyStore != null) {
                try {
                    publicKeyStore.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    public List<RefUpdate.Result> deleteAllPgpKeysForUser(Account.Id id, PersonIdent personIdent, PersonIdent personIdent2) throws PGPException, IOException {
        return deletePgpKeys(listGpgKeysForUser(id), personIdent, personIdent2);
    }
}
