package com.mulesoft.modules.cryptography.internal.pgp;

import com.mulesoft.modules.cryptography.api.pgp.config.PgpEncryptionAlgorithm;
import com.mulesoft.modules.cryptography.api.pgp.config.PgpKeyInfo;
import com.mulesoft.modules.cryptography.internal.FipsUtils;
import com.mulesoft.modules.cryptography.internal.WrappedErrorPipedInputStream;
import com.mulesoft.modules.cryptography.internal.errors.CryptoErrors;
import com.mulesoft.modules.cryptography.internal.pgp.config.PgpConfiguration;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PipedOutputStream;
import java.util.AbstractMap;
import java.util.Date;
import java.util.Iterator;
import java.util.Map;
import java.util.Optional;
import org.bouncycastle.shaded.bcpg.ArmoredOutputStream;
import org.bouncycastle.shaded.jce.provider.BouncyCastleProvider;
import org.bouncycastle.shaded.openpgp.PGPCompressedData;
import org.bouncycastle.shaded.openpgp.PGPCompressedDataGenerator;
import org.bouncycastle.shaded.openpgp.PGPEncryptedData;
import org.bouncycastle.shaded.openpgp.PGPEncryptedDataGenerator;
import org.bouncycastle.shaded.openpgp.PGPEncryptedDataList;
import org.bouncycastle.shaded.openpgp.PGPException;
import org.bouncycastle.shaded.openpgp.PGPLiteralData;
import org.bouncycastle.shaded.openpgp.PGPLiteralDataGenerator;
import org.bouncycastle.shaded.openpgp.PGPOnePassSignature;
import org.bouncycastle.shaded.openpgp.PGPOnePassSignatureList;
import org.bouncycastle.shaded.openpgp.PGPPrivateKey;
import org.bouncycastle.shaded.openpgp.PGPPublicKey;
import org.bouncycastle.shaded.openpgp.PGPPublicKeyEncryptedData;
import org.bouncycastle.shaded.openpgp.PGPSignature;
import org.bouncycastle.shaded.openpgp.PGPSignatureGenerator;
import org.bouncycastle.shaded.openpgp.PGPSignatureList;
import org.bouncycastle.shaded.openpgp.PGPSignatureSubpacketGenerator;
import org.bouncycastle.shaded.openpgp.PGPUtil;
import org.bouncycastle.shaded.openpgp.jcajce.JcaPGPObjectFactory;
import org.bouncycastle.shaded.openpgp.operator.bc.BcKeyFingerprintCalculator;
import org.bouncycastle.shaded.openpgp.operator.bc.BcPBESecretKeyDecryptorBuilder;
import org.bouncycastle.shaded.openpgp.operator.bc.BcPGPContentSignerBuilder;
import org.bouncycastle.shaded.openpgp.operator.bc.BcPGPContentVerifierBuilderProvider;
import org.bouncycastle.shaded.openpgp.operator.bc.BcPGPDigestCalculatorProvider;
import org.bouncycastle.shaded.openpgp.operator.bc.BcPublicKeyKeyEncryptionMethodGenerator;
import org.bouncycastle.shaded.openpgp.operator.jcajce.JcaPGPContentVerifierBuilderProvider;
import org.bouncycastle.shaded.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder;
import org.bouncycastle.shaded.openpgp.operator.jcajce.JcePublicKeyDataDecryptorFactoryBuilder;
import org.mule.runtime.api.i18n.I18nMessageFactory;
import org.mule.runtime.api.scheduler.Scheduler;
import org.mule.runtime.core.api.util.IOUtils;
import org.mule.runtime.core.api.util.StringUtils;
import org.mule.runtime.extension.api.exception.ModuleException;
import org.mule.sdk.api.streaming.bytes.ImmutableFileRepeatableInputStream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/mulesoft/modules/cryptography/internal/pgp/PgpEncrypter.class */
public class PgpEncrypter {
    public static final BcKeyFingerprintCalculator KEY_FINGERPRINT_CALCULATOR = new BcKeyFingerprintCalculator();
    public static final BcPGPDigestCalculatorProvider PGP_DIGEST_CALCULATOR_PROVIDER = new BcPGPDigestCalculatorProvider();
    public static final BcPBESecretKeyDecryptorBuilder PBE_SECRET_KEY_DECRYPTOR_BUILDER = new BcPBESecretKeyDecryptorBuilder(PGP_DIGEST_CALCULATOR_PROVIDER);
    private static final int BUFFER_SIZE = 65536;
    private static final String PGP_ERROR_MESSAGE = "Could not encrypt with PGP";
    private final Logger LOGGER = LoggerFactory.getLogger(PgpEncrypter.class);
    private PgpConfiguration config;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/mulesoft/modules/cryptography/internal/pgp/PgpEncrypter$DecryptedData.class */
    public class DecryptedData {
        private InputStream decryptedInputStream;
        private PGPOnePassSignature onePassSignature;
        private JcaPGPObjectFactory jcaPGPObjectFactory;

        private DecryptedData() {
        }

        public void setDecryptedInputStream(InputStream inputStream) {
            this.decryptedInputStream = inputStream;
        }

        public void setOnePassSignature(PGPOnePassSignature pGPOnePassSignature) {
            this.onePassSignature = pGPOnePassSignature;
        }

        public void setJcaPGPObjectFactory(JcaPGPObjectFactory jcaPGPObjectFactory) {
            this.jcaPGPObjectFactory = jcaPGPObjectFactory;
        }

        public InputStream getDecryptedInputStream() {
            return this.decryptedInputStream;
        }

        public PGPOnePassSignature getOnePassSignature() {
            return this.onePassSignature;
        }

        public JcaPGPObjectFactory getJcaPGPObjectFactory() {
            return this.jcaPGPObjectFactory;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/mulesoft/modules/cryptography/internal/pgp/PgpEncrypter$NullSignatureGeneratorClosable.class */
    public class NullSignatureGeneratorClosable extends SignatureGeneratorClosable {
        private NullSignatureGeneratorClosable() {
            super(false, null, null);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/mulesoft/modules/cryptography/internal/pgp/PgpEncrypter$SignatureGeneratorClosable.class */
    public class SignatureGeneratorClosable implements AutoCloseable {
        private final boolean enabled;
        private final PGPSignatureGenerator signatureGenerator;
        private final OutputStream compressorEntryPoint;

        private SignatureGeneratorClosable(boolean z, PGPSignatureGenerator pGPSignatureGenerator, OutputStream outputStream) {
            this.enabled = z;
            this.signatureGenerator = pGPSignatureGenerator;
            this.compressorEntryPoint = outputStream;
        }

        @Override // java.lang.AutoCloseable
        public void close() throws Exception {
            if (this.enabled) {
                this.signatureGenerator.generate().encode(this.compressorEntryPoint);
            }
        }

        public boolean isEnabled() {
            return this.enabled;
        }

        public PGPSignatureGenerator getSignatureGenerator() {
            return this.signatureGenerator;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/mulesoft/modules/cryptography/internal/pgp/PgpEncrypter$TemporarySaverDataUtil.class */
    public class TemporarySaverDataUtil {
        private static final int AMOUNT_OUT_BYTES_AROUND_220MB = 220686720;
        private int amountOfBytesLoaded;
        private File temp;
        private OutputStream tempFileOutputStream;
        private ByteArrayOutputStream byteArrayOutputStream;

        private TemporarySaverDataUtil() {
            this.amountOfBytesLoaded = 0;
            this.temp = null;
            this.tempFileOutputStream = null;
            this.byteArrayOutputStream = new ByteArrayOutputStream();
        }

        public void write(byte[] bArr, int i, int i2) throws IOException {
            if (this.amountOfBytesLoaded < AMOUNT_OUT_BYTES_AROUND_220MB) {
                this.amountOfBytesLoaded += bArr.length;
                this.byteArrayOutputStream.write(bArr, i, i2);
            } else {
                initializeTemporaryFileIfNull();
                this.tempFileOutputStream.write(bArr, i, i2);
            }
        }

        public InputStream getDecryptedData() throws IOException {
            if (this.amountOfBytesLoaded < AMOUNT_OUT_BYTES_AROUND_220MB) {
                this.byteArrayOutputStream.flush();
                return new ByteArrayInputStream(this.byteArrayOutputStream.toByteArray());
            }
            this.byteArrayOutputStream = null;
            return new ImmutableFileRepeatableInputStream(this.temp, true);
        }

        private void initializeTemporaryFileIfNull() throws IOException {
            if (this.temp != null) {
                return;
            }
            this.temp = File.createTempFile("com.mulesoft.modules.cryptography", ".tmp");
            PgpEncrypter.this.LOGGER.debug("200 MB size reached while decrypting and verifying signature, to avoid OOM, writing TEMP file to: %s", this.temp.getAbsolutePath());
            this.tempFileOutputStream = new FileOutputStream(this.temp);
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.byteArrayOutputStream.toByteArray());
            byte[] bArr = new byte[1024];
            while (true) {
                int read = byteArrayInputStream.read(bArr);
                if (read <= -1) {
                    return;
                } else {
                    this.tempFileOutputStream.write(bArr, 0, read);
                }
            }
        }
    }

    public static String formatKeyFingerprint(Long l) {
        return Long.toHexString(l.longValue()).toUpperCase();
    }

    public PgpEncrypter(PgpConfiguration pgpConfiguration) {
        this.config = pgpConfiguration;
    }

    public InputStream encrypt(InputStream inputStream, String str, PgpKeyInfo pgpKeyInfo, PgpEncryptionAlgorithm pgpEncryptionAlgorithm, boolean z, Scheduler scheduler, Boolean bool) {
        return encrypt(inputStream, str, pgpKeyInfo, pgpEncryptionAlgorithm, Optional.empty(), z, scheduler, bool);
    }

    public InputStream encrypt(InputStream inputStream, String str, PgpKeyInfo pgpKeyInfo, PgpEncryptionAlgorithm pgpEncryptionAlgorithm, Optional<PgpKeyInfo> optional, boolean z, Scheduler scheduler, Boolean bool) {
        try {
            if (pgpKeyInfo.isSymmetric()) {
                throw new ModuleException(I18nMessageFactory.createStaticMessage("Symmetric encryption with PGP is not implemented yet"), CryptoErrors.ENCRYPTION);
            }
            PGPPublicKey publicKey = pgpKeyInfo.getPublicKey(this.config.getKeystore());
            JcePGPDataEncryptorBuilder jcePGPDataEncryptorBuilder = new JcePGPDataEncryptorBuilder(pgpEncryptionAlgorithm.getNumericId());
            jcePGPDataEncryptorBuilder.setWithIntegrityPacket(!z);
            PGPEncryptedDataGenerator pGPEncryptedDataGenerator = new PGPEncryptedDataGenerator(jcePGPDataEncryptorBuilder, false);
            pGPEncryptedDataGenerator.addMethod(new BcPublicKeyKeyEncryptionMethodGenerator(publicKey));
            PGPCompressedDataGenerator pGPCompressedDataGenerator = new PGPCompressedDataGenerator(1);
            PGPLiteralDataGenerator pGPLiteralDataGenerator = new PGPLiteralDataGenerator();
            WrappedErrorPipedInputStream wrappedErrorPipedInputStream = new WrappedErrorPipedInputStream();
            PipedOutputStream pipedOutputStream = new PipedOutputStream(wrappedErrorPipedInputStream);
            ArmoredOutputStream armoredOutputStream = new ArmoredOutputStream(pipedOutputStream);
            scheduler.submit(() -> {
                encryptAsync(pGPEncryptedDataGenerator, pGPCompressedDataGenerator, armoredOutputStream, wrappedErrorPipedInputStream, pipedOutputStream, optional, pGPLiteralDataGenerator, str, inputStream, bool.booleanValue());
            });
            return wrappedErrorPipedInputStream;
        } catch (Exception e) {
            throw new ModuleException(I18nMessageFactory.createStaticMessage(PGP_ERROR_MESSAGE), CryptoErrors.ENCRYPTION, e);
        } catch (ModuleException e2) {
            throw e2;
        }
    }

    public InputStream encryptAsync(PGPEncryptedDataGenerator pGPEncryptedDataGenerator, PGPCompressedDataGenerator pGPCompressedDataGenerator, OutputStream outputStream, WrappedErrorPipedInputStream wrappedErrorPipedInputStream, PipedOutputStream pipedOutputStream, Optional<PgpKeyInfo> optional, PGPLiteralDataGenerator pGPLiteralDataGenerator, String str, InputStream inputStream, boolean z) {
        OutputStream outputStream2 = null;
        OutputStream outputStream3 = null;
        SignatureGeneratorClosable signatureGeneratorClosable = null;
        OutputStream outputStream4 = null;
        try {
            try {
                try {
                    outputStream2 = pGPEncryptedDataGenerator.open(z ? outputStream : pipedOutputStream, new byte[BUFFER_SIZE]);
                    outputStream3 = pGPCompressedDataGenerator.open(outputStream2, new byte[BUFFER_SIZE]);
                    signatureGeneratorClosable = generateSignatureGeneratorClosable(optional, outputStream3);
                    outputStream4 = pGPLiteralDataGenerator.open(outputStream3, 'b', str, new Date(), new byte[BUFFER_SIZE]);
                    byte[] bArr = new byte[BUFFER_SIZE];
                    while (true) {
                        int read = inputStream.read(bArr);
                        if (read <= 0) {
                            break;
                        }
                        outputStream4.write(bArr, 0, read);
                        if (signatureGeneratorClosable.isEnabled()) {
                            signatureGeneratorClosable.getSignatureGenerator().update(bArr, 0, read);
                        }
                    }
                    try {
                        inputStream.close();
                        IOUtils.closeQuietly(outputStream4);
                        if (signatureGeneratorClosable != null) {
                            signatureGeneratorClosable.close();
                        }
                        IOUtils.closeQuietly(outputStream3);
                        IOUtils.closeQuietly(outputStream2);
                        IOUtils.closeQuietly(outputStream);
                        IOUtils.closeQuietly(pipedOutputStream);
                    } catch (Exception e) {
                        wrappedErrorPipedInputStream.fail(new ModuleException(I18nMessageFactory.createStaticMessage(PGP_ERROR_MESSAGE), CryptoErrors.ENCRYPTION, e));
                    }
                } catch (IOException e2) {
                    wrappedErrorPipedInputStream.fail(new ModuleException(I18nMessageFactory.createStaticMessage(PGP_ERROR_MESSAGE), CryptoErrors.ENCRYPTION, e2));
                    try {
                        inputStream.close();
                        IOUtils.closeQuietly(outputStream4);
                        if (signatureGeneratorClosable != null) {
                            signatureGeneratorClosable.close();
                        }
                        IOUtils.closeQuietly(outputStream3);
                        IOUtils.closeQuietly(outputStream2);
                        IOUtils.closeQuietly(outputStream);
                        IOUtils.closeQuietly(pipedOutputStream);
                    } catch (Exception e3) {
                        wrappedErrorPipedInputStream.fail(new ModuleException(I18nMessageFactory.createStaticMessage(PGP_ERROR_MESSAGE), CryptoErrors.ENCRYPTION, e3));
                    }
                } catch (Throwable th) {
                    wrappedErrorPipedInputStream.fail(new ModuleException(I18nMessageFactory.createStaticMessage(PGP_ERROR_MESSAGE), CryptoErrors.ENCRYPTION, th));
                    try {
                        inputStream.close();
                        IOUtils.closeQuietly(outputStream4);
                        if (signatureGeneratorClosable != null) {
                            signatureGeneratorClosable.close();
                        }
                        IOUtils.closeQuietly(outputStream3);
                        IOUtils.closeQuietly(outputStream2);
                        IOUtils.closeQuietly(outputStream);
                        IOUtils.closeQuietly(pipedOutputStream);
                    } catch (Exception e4) {
                        wrappedErrorPipedInputStream.fail(new ModuleException(I18nMessageFactory.createStaticMessage(PGP_ERROR_MESSAGE), CryptoErrors.ENCRYPTION, e4));
                    }
                }
            } catch (ModuleException e5) {
                wrappedErrorPipedInputStream.fail(e5);
                try {
                    inputStream.close();
                    IOUtils.closeQuietly(outputStream4);
                    if (signatureGeneratorClosable != null) {
                        signatureGeneratorClosable.close();
                    }
                    IOUtils.closeQuietly(outputStream3);
                    IOUtils.closeQuietly(outputStream2);
                    IOUtils.closeQuietly(outputStream);
                    IOUtils.closeQuietly(pipedOutputStream);
                } catch (Exception e6) {
                    wrappedErrorPipedInputStream.fail(new ModuleException(I18nMessageFactory.createStaticMessage(PGP_ERROR_MESSAGE), CryptoErrors.ENCRYPTION, e6));
                }
            } catch (Exception e7) {
                wrappedErrorPipedInputStream.fail(new ModuleException(I18nMessageFactory.createStaticMessage(PGP_ERROR_MESSAGE), CryptoErrors.ENCRYPTION, e7));
                try {
                    inputStream.close();
                    IOUtils.closeQuietly(outputStream4);
                    if (signatureGeneratorClosable != null) {
                        signatureGeneratorClosable.close();
                    }
                    IOUtils.closeQuietly(outputStream3);
                    IOUtils.closeQuietly(outputStream2);
                    IOUtils.closeQuietly(outputStream);
                    IOUtils.closeQuietly(pipedOutputStream);
                } catch (Exception e8) {
                    wrappedErrorPipedInputStream.fail(new ModuleException(I18nMessageFactory.createStaticMessage(PGP_ERROR_MESSAGE), CryptoErrors.ENCRYPTION, e8));
                }
            }
            return wrappedErrorPipedInputStream;
        } catch (Throwable th2) {
            try {
                inputStream.close();
                IOUtils.closeQuietly(outputStream4);
                if (signatureGeneratorClosable != null) {
                    signatureGeneratorClosable.close();
                }
                IOUtils.closeQuietly(outputStream3);
                IOUtils.closeQuietly(outputStream2);
                IOUtils.closeQuietly(outputStream);
                IOUtils.closeQuietly(pipedOutputStream);
            } catch (Exception e9) {
                wrappedErrorPipedInputStream.fail(new ModuleException(I18nMessageFactory.createStaticMessage(PGP_ERROR_MESSAGE), CryptoErrors.ENCRYPTION, e9));
            }
            throw th2;
        }
    }

    protected SignatureGeneratorClosable generateSignatureGeneratorClosable(Optional<PgpKeyInfo> optional, OutputStream outputStream) throws PGPException, IOException {
        boolean isPresent = optional.isPresent();
        PGPSignatureGenerator pGPSignatureGenerator = null;
        if (isPresent) {
            pGPSignatureGenerator = prepareSignatureGenerator(outputStream, optional.get().getPrivateKey(this.config.getKeystore()));
        }
        return pGPSignatureGenerator != null ? new SignatureGeneratorClosable(isPresent, pGPSignatureGenerator, outputStream) : new NullSignatureGeneratorClosable();
    }

    private PGPSignatureGenerator prepareSignatureGenerator(OutputStream outputStream, PGPPrivateKey pGPPrivateKey) throws PGPException, IOException {
        PGPSignatureGenerator pGPSignatureGenerator = new PGPSignatureGenerator(new BcPGPContentSignerBuilder(pGPPrivateKey.getPublicKeyPacket().getAlgorithm(), 2));
        pGPSignatureGenerator.init(0, pGPPrivateKey);
        PGPSignatureSubpacketGenerator pGPSignatureSubpacketGenerator = new PGPSignatureSubpacketGenerator();
        pGPSignatureSubpacketGenerator.addSignerUserID(false, getUserIdFrom(pGPPrivateKey.getKeyID()));
        pGPSignatureGenerator.setHashedSubpackets(pGPSignatureSubpacketGenerator.generate());
        pGPSignatureGenerator.generateOnePassVersion(false).encode(outputStream);
        return pGPSignatureGenerator;
    }

    private String getUserIdFrom(long j) {
        String principalFromFingerprint = this.config.getKeystore().getPrincipalFromFingerprint(Long.valueOf(j));
        return principalFromFingerprint != null ? principalFromFingerprint : this.config.getKeystore().getPublicKey(Long.valueOf(j)).getUserIDs().next();
    }

    private PGPEncryptedDataList getEncryptedDataListFromInput(InputStream inputStream, Object obj) throws IOException, PGPException {
        JcaPGPObjectFactory jcaPGPObjectFactory = new JcaPGPObjectFactory(PGPUtil.getDecoderStream(inputStream));
        Object nextObject = jcaPGPObjectFactory.nextObject();
        if (nextObject == null) {
            throw new PGPException("Invalid PGP message");
        }
        return nextObject instanceof PGPEncryptedDataList ? (PGPEncryptedDataList) nextObject : (PGPEncryptedDataList) jcaPGPObjectFactory.nextObject();
    }

    private Map.Entry<PGPPublicKeyEncryptedData, PGPPrivateKey> getPublicAndPrivateKeyTuple(PGPEncryptedDataList pGPEncryptedDataList) {
        PGPPublicKeyEncryptedData pGPPublicKeyEncryptedData = null;
        PGPPrivateKey pGPPrivateKey = null;
        Iterator<PGPEncryptedData> encryptedDataObjects = pGPEncryptedDataList.getEncryptedDataObjects();
        while (true) {
            if (!encryptedDataObjects.hasNext()) {
                break;
            }
            pGPPublicKeyEncryptedData = (PGPPublicKeyEncryptedData) encryptedDataObjects.next();
            if (this.config.getKeystore().hasPrivateKey(Long.valueOf(pGPPublicKeyEncryptedData.getKeyID()))) {
                pGPPrivateKey = this.config.getKeystore().decryptPrivateKey(Long.valueOf(pGPPublicKeyEncryptedData.getKeyID()));
                break;
            }
        }
        if (pGPPrivateKey == null) {
            throw new ModuleException("No valid private key found", CryptoErrors.MISSING_KEY);
        }
        return new AbstractMap.SimpleEntry(pGPPublicKeyEncryptedData, pGPPrivateKey);
    }

    private InputStream decodeInputDataWithKeys(PGPPublicKeyEncryptedData pGPPublicKeyEncryptedData, PGPPrivateKey pGPPrivateKey) throws PGPException {
        JcePublicKeyDataDecryptorFactoryBuilder jcePublicKeyDataDecryptorFactoryBuilder = new JcePublicKeyDataDecryptorFactoryBuilder();
        if (!FipsUtils.isFipsEnabled()) {
            jcePublicKeyDataDecryptorFactoryBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME);
        }
        return pGPPublicKeyEncryptedData.getDataStream(jcePublicKeyDataDecryptorFactoryBuilder.build(pGPPrivateKey));
    }

    public InputStream decrypt(InputStream inputStream, String str, boolean z) {
        try {
            DecryptedData decryptedInputStream = getDecryptedInputStream(inputStream, str);
            PGPOnePassSignature onePassSignature = decryptedInputStream.getOnePassSignature();
            JcaPGPObjectFactory jcaPGPObjectFactory = decryptedInputStream.getJcaPGPObjectFactory();
            InputStream decryptedInputStream2 = decryptedInputStream.getDecryptedInputStream();
            return onePassSignature != null && z ? verifySignature(onePassSignature, jcaPGPObjectFactory, decryptedInputStream2) : decryptedInputStream2;
        } catch (ModuleException e) {
            throw e;
        } catch (Exception e2) {
            throw new ModuleException(I18nMessageFactory.createStaticMessage("Could not decrypt PGP data"), CryptoErrors.DECRYPTION, e2);
        }
    }

    private InputStream verifySignature(PGPOnePassSignature pGPOnePassSignature, JcaPGPObjectFactory jcaPGPObjectFactory, InputStream inputStream) throws PGPException, IOException {
        this.LOGGER.debug("One pass signature found, and validation was requested. Starting validation procedure");
        pGPOnePassSignature.init(new BcPGPContentVerifierBuilderProvider(), this.config.getKeystore().getPublicKey(Long.valueOf(pGPOnePassSignature.getKeyID())));
        byte[] bArr = new byte[1024];
        this.LOGGER.debug("About to do a pass over the literal decrypted data");
        TemporarySaverDataUtil temporarySaverDataUtil = new TemporarySaverDataUtil();
        while (true) {
            int read = inputStream.read(bArr);
            if (read <= -1) {
                break;
            }
            temporarySaverDataUtil.write(bArr, 0, read);
            pGPOnePassSignature.update(bArr, 0, read);
        }
        PGPSignature pGPSignature = ((PGPSignatureList) jcaPGPObjectFactory.nextObject()).get(0);
        PGPPublicKey publicKey = this.config.getKeystore().getPublicKey(Long.valueOf(pGPSignature.getKeyID()));
        JcaPGPContentVerifierBuilderProvider jcaPGPContentVerifierBuilderProvider = new JcaPGPContentVerifierBuilderProvider();
        if (!FipsUtils.isFipsEnabled()) {
            jcaPGPContentVerifierBuilderProvider.setProvider(BouncyCastleProvider.PROVIDER_NAME);
        }
        pGPSignature.init(jcaPGPContentVerifierBuilderProvider, publicKey);
        if (pGPOnePassSignature.verify(pGPSignature)) {
            return temporarySaverDataUtil.getDecryptedData();
        }
        this.LOGGER.error("Discovered signature verification failed!");
        throw new ModuleException(I18nMessageFactory.createStaticMessage("Could not verify signature of decrypted message"), CryptoErrors.DECRYPTION);
    }

    private DecryptedData getDecryptedInputStream(InputStream inputStream, String str) throws PGPException, IOException {
        DecryptedData decryptedData = new DecryptedData();
        Map.Entry<PGPPublicKeyEncryptedData, PGPPrivateKey> publicAndPrivateKeyTuple = getPublicAndPrivateKeyTuple(getEncryptedDataListFromInput(inputStream, null));
        JcaPGPObjectFactory jcaPGPObjectFactory = new JcaPGPObjectFactory(decodeInputDataWithKeys(publicAndPrivateKeyTuple.getKey(), publicAndPrivateKeyTuple.getValue()));
        Object nextObject = jcaPGPObjectFactory.nextObject();
        decryptedData.setJcaPGPObjectFactory(jcaPGPObjectFactory);
        while (!(nextObject instanceof PGPLiteralData)) {
            if (nextObject instanceof PGPOnePassSignatureList) {
                decryptedData.setOnePassSignature(((PGPOnePassSignatureList) nextObject).get(0));
                nextObject = jcaPGPObjectFactory.nextObject();
            } else {
                if (!(nextObject instanceof PGPCompressedData)) {
                    throw new PGPException("input is not PGPLiteralData - type unknown.");
                }
                jcaPGPObjectFactory = new JcaPGPObjectFactory(((PGPCompressedData) nextObject).getDataStream());
                decryptedData.setJcaPGPObjectFactory(jcaPGPObjectFactory);
                nextObject = jcaPGPObjectFactory.nextObject();
                if (!StringUtils.isBlank(str) && (nextObject instanceof PGPLiteralData) && ((PGPLiteralData) nextObject).getFileName().equals(str)) {
                }
            }
        }
        decryptedData.setDecryptedInputStream(((PGPLiteralData) nextObject).getInputStream());
        return decryptedData;
    }
}
