package org.gradle.api.internal.artifacts.verification.signatures;

import java.io.File;
import java.io.IOException;
import java.io.UncheckedIOException;
import java.net.URI;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.concurrent.atomic.AtomicBoolean;
import org.gradle.cache.CacheRepository;
import org.gradle.cache.internal.CacheScopeMapping;
import org.gradle.cache.internal.InMemoryCacheDecoratorFactory;
import org.gradle.initialization.layout.ProjectCacheDir;
import org.gradle.internal.UncheckedException;
import org.gradle.internal.hash.FileHasher;
import org.gradle.internal.impldep.com.google.common.collect.ImmutableList;
import org.gradle.internal.impldep.org.bouncycastle.openpgp.PGPException;
import org.gradle.internal.impldep.org.bouncycastle.openpgp.PGPPublicKey;
import org.gradle.internal.impldep.org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.gradle.internal.impldep.org.bouncycastle.openpgp.PGPSignature;
import org.gradle.internal.operations.BuildOperationExecutor;
import org.gradle.internal.resource.connector.ResourceConnectorSpecification;
import org.gradle.internal.resource.transport.http.HttpConnectorFactory;
import org.gradle.security.internal.Fingerprint;
import org.gradle.security.internal.KeyringFilePublicKeyService;
import org.gradle.security.internal.PublicKeyDownloadService;
import org.gradle.security.internal.PublicKeyResultBuilder;
import org.gradle.security.internal.PublicKeyService;
import org.gradle.security.internal.PublicKeyServiceChain;
import org.gradle.security.internal.SecuritySupport;
import org.gradle.util.BuildCommencedTimeProvider;

/* loaded from: input_file:org/gradle/api/internal/artifacts/verification/signatures/DefaultSignatureVerificationServiceFactory.class */
public class DefaultSignatureVerificationServiceFactory implements SignatureVerificationServiceFactory {
    private final HttpConnectorFactory httpConnectorFactory;
    private final CacheRepository cacheRepository;
    private final InMemoryCacheDecoratorFactory decoratorFactory;
    private final BuildOperationExecutor buildOperationExecutor;
    private final FileHasher fileHasher;
    private final CacheScopeMapping scopeCacheMapping;
    private final ProjectCacheDir projectCacheDir;
    private final BuildCommencedTimeProvider timeProvider;
    private final boolean refreshKeys;

    /* loaded from: input_file:org/gradle/api/internal/artifacts/verification/signatures/DefaultSignatureVerificationServiceFactory$DefaultSignatureVerificationService.class */
    private static class DefaultSignatureVerificationService implements SignatureVerificationService {
        private final PublicKeyService keyService;

        public DefaultSignatureVerificationService(PublicKeyService publicKeyService) {
            this.keyService = publicKeyService;
        }

        @Override // org.gradle.api.internal.artifacts.verification.signatures.SignatureVerificationService
        public void verify(final File file, File file2, final Set<String> set, final Set<String> set2, final SignatureVerificationResultBuilder signatureVerificationResultBuilder) {
            Iterator<PGPSignature> it = SecuritySupport.readSignatures(file2).iterator();
            while (it.hasNext()) {
                final PGPSignature next = it.next();
                String longIdHexString = SecuritySupport.toLongIdHexString(next.getKeyID());
                if (set2.contains(longIdHexString)) {
                    signatureVerificationResultBuilder.ignored(longIdHexString);
                } else {
                    final AtomicBoolean atomicBoolean = new AtomicBoolean(true);
                    this.keyService.findByLongId(next.getKeyID(), new PublicKeyResultBuilder() { // from class: org.gradle.api.internal.artifacts.verification.signatures.DefaultSignatureVerificationServiceFactory.DefaultSignatureVerificationService.1
                        @Override // org.gradle.security.internal.PublicKeyResultBuilder
                        public void keyRing(PGPPublicKeyRing pGPPublicKeyRing) {
                        }

                        @Override // org.gradle.security.internal.PublicKeyResultBuilder
                        public void publicKey(PGPPublicKey pGPPublicKey) {
                            atomicBoolean.set(false);
                            String fingerprint = Fingerprint.of(pGPPublicKey).toString();
                            if (set2.contains(fingerprint)) {
                                signatureVerificationResultBuilder.ignored(fingerprint);
                                return;
                            }
                            try {
                                if (SecuritySupport.verify(file, next, pGPPublicKey)) {
                                    signatureVerificationResultBuilder.verified(pGPPublicKey, set.contains(fingerprint) || set.contains(SecuritySupport.toLongIdHexString(pGPPublicKey.getKeyID())));
                                } else {
                                    signatureVerificationResultBuilder.failed(pGPPublicKey);
                                }
                            } catch (PGPException e) {
                                throw UncheckedException.throwAsUncheckedException(e);
                            }
                        }
                    });
                    if (atomicBoolean.get()) {
                        signatureVerificationResultBuilder.missingKey(longIdHexString);
                    }
                }
            }
        }

        @Override // org.gradle.api.internal.artifacts.verification.signatures.SignatureVerificationService
        public PublicKeyService getPublicKeyService() {
            return this.keyService;
        }

        @Override // org.gradle.internal.concurrent.Stoppable
        public void stop() {
            try {
                this.keyService.close();
            } catch (IOException e) {
                throw new UncheckedIOException(e);
            }
        }
    }

    public DefaultSignatureVerificationServiceFactory(HttpConnectorFactory httpConnectorFactory, CacheRepository cacheRepository, InMemoryCacheDecoratorFactory inMemoryCacheDecoratorFactory, BuildOperationExecutor buildOperationExecutor, FileHasher fileHasher, CacheScopeMapping cacheScopeMapping, ProjectCacheDir projectCacheDir, BuildCommencedTimeProvider buildCommencedTimeProvider, boolean z) {
        this.httpConnectorFactory = httpConnectorFactory;
        this.cacheRepository = cacheRepository;
        this.decoratorFactory = inMemoryCacheDecoratorFactory;
        this.buildOperationExecutor = buildOperationExecutor;
        this.fileHasher = fileHasher;
        this.scopeCacheMapping = cacheScopeMapping;
        this.projectCacheDir = projectCacheDir;
        this.timeProvider = buildCommencedTimeProvider;
        this.refreshKeys = z;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [org.gradle.security.internal.PublicKeyService] */
    @Override // org.gradle.api.internal.artifacts.verification.signatures.SignatureVerificationServiceFactory
    public SignatureVerificationService create(File file, List<URI> list) {
        CrossBuildCachingKeyService crossBuildCachingKeyService = new CrossBuildCachingKeyService(this.cacheRepository, this.decoratorFactory, this.buildOperationExecutor, new PublicKeyDownloadService(ImmutableList.copyOf((Collection) list), this.httpConnectorFactory.createResourceConnector(new ResourceConnectorSpecification() { // from class: org.gradle.api.internal.artifacts.verification.signatures.DefaultSignatureVerificationServiceFactory.1
        })), this.timeProvider, this.refreshKeys);
        if (file.exists()) {
            crossBuildCachingKeyService = PublicKeyServiceChain.of(new KeyringFilePublicKeyService(file), crossBuildCachingKeyService);
        }
        return new CrossBuildSignatureVerificationService(new DefaultSignatureVerificationService(crossBuildCachingKeyService), this.fileHasher, this.scopeCacheMapping, this.projectCacheDir, this.cacheRepository, this.decoratorFactory, this.timeProvider, this.refreshKeys);
    }
}
