package net.savignano.snotify.atlassian.mailer.sign;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.cert.CertificateEncodingException;
import java.util.ArrayList;
import javax.mail.MessagingException;
import javax.mail.Session;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;
import net.savignano.snotify.atlassian.common.security.key.secret.SnotifySmimeSignKey;
import net.savignano.snotify.atlassian.common.util.MessageUtil;
import net.savignano.snotify.atlassian.common.util.SecurityUtil;
import net.savignano.thirdparty.org.bouncycastle.asn1.ASN1Encodable;
import net.savignano.thirdparty.org.bouncycastle.asn1.ASN1EncodableVector;
import net.savignano.thirdparty.org.bouncycastle.asn1.DLSequence;
import net.savignano.thirdparty.org.bouncycastle.asn1.DLSet;
import net.savignano.thirdparty.org.bouncycastle.asn1.cms.Attribute;
import net.savignano.thirdparty.org.bouncycastle.asn1.cms.AttributeTable;
import net.savignano.thirdparty.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import net.savignano.thirdparty.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import net.savignano.thirdparty.org.bouncycastle.cert.jcajce.JcaCertStore;
import net.savignano.thirdparty.org.bouncycastle.cms.CMSAttributeTableGenerator;
import net.savignano.thirdparty.org.bouncycastle.cms.DefaultSignedAttributeTableGenerator;
import net.savignano.thirdparty.org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
import net.savignano.thirdparty.org.bouncycastle.mail.smime.SMIMEException;
import net.savignano.thirdparty.org.bouncycastle.mail.smime.SMIMESignedGenerator;
import net.savignano.thirdparty.org.bouncycastle.operator.OperatorCreationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/savignano/snotify/atlassian/mailer/sign/SmimeMailSigner.class */
public class SmimeMailSigner extends AMailSigner<SnotifySmimeSignKey> {
    private static final Logger log = LoggerFactory.getLogger(SmimeMailSigner.class);
    private boolean opaque;

    public SmimeMailSigner(Session session, SnotifySmimeSignKey snotifySmimeSignKey) {
        super(session, snotifySmimeSignKey);
    }

    @Override // net.savignano.snotify.atlassian.mailer.sign.AMailSigner
    protected void sign(MimeMessage mimeMessage) throws IOException, MessagingException {
        log.debug("Signing message with msg ID: {}", mimeMessage.getMessageID());
        if (log.isTraceEnabled()) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            mimeMessage.writeTo(byteArrayOutputStream);
            log.trace("Original email:\n{}\n", byteArrayOutputStream.toString());
        }
        SMIMESignedGenerator prepareGenerator = prepareGenerator();
        if (isOpaque()) {
            signOpaque(mimeMessage, prepareGenerator);
        } else {
            signNonOpaque(mimeMessage, prepareGenerator);
        }
        log.debug("Successfully signed message with msg ID: {}", mimeMessage.getMessageID());
        if (log.isTraceEnabled()) {
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            mimeMessage.writeTo(byteArrayOutputStream2);
            log.trace("Final email:\n{}\n", byteArrayOutputStream2.toString());
        }
    }

    private SMIMESignedGenerator prepareGenerator() throws MessagingException {
        log.debug("Preparing S/MIME Signed generator.");
        SMIMESignedGenerator sMIMESignedGenerator = new SMIMESignedGenerator();
        try {
            sMIMESignedGenerator.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(SecurityUtil.getProvider()).setSignedAttributeGenerator(createSignedAttrGenerator()).build("SHA1withRSA", getPrivateKey().getKey(), getPrivateKey().getPublicCert()));
            ArrayList arrayList = new ArrayList();
            arrayList.add(getPrivateKey().getPublicCert());
            arrayList.addAll(getPrivateKey().getIntermediateCerts());
            try {
                sMIMESignedGenerator.addCertificates(new JcaCertStore(arrayList));
                return sMIMESignedGenerator;
            } catch (CertificateEncodingException e) {
                throw new MessagingException("Could not read certificate. Error message: " + e.getMessage(), e);
            }
        } catch (CertificateEncodingException e2) {
            throw new MessagingException("Could not read certificate. Error message: " + e2.getMessage(), e2);
        } catch (OperatorCreationException e3) {
            throw new MessagingException("Failure creating signer information. Error message: " + e3.getMessage(), e3);
        }
    }

    private CMSAttributeTableGenerator createSignedAttrGenerator() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(createSmimeCapabilities());
        return new DefaultSignedAttributeTableGenerator(new AttributeTable(aSN1EncodableVector));
    }

    private Attribute createSmimeCapabilities() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new DLSequence(NISTObjectIdentifiers.id_aes256_GCM));
        arrayList.add(new DLSequence(NISTObjectIdentifiers.id_aes256_CBC));
        arrayList.add(new DLSequence(PKCSObjectIdentifiers.id_alg_AEADChaCha20Poly1305));
        arrayList.add(new DLSequence(NISTObjectIdentifiers.id_aes128_GCM));
        arrayList.add(new DLSequence(NISTObjectIdentifiers.id_aes128_CBC));
        return new Attribute(PKCSObjectIdentifiers.pkcs_9_at_smimeCapabilities, new DLSet(new DLSequence((ASN1Encodable[]) arrayList.toArray(new ASN1Encodable[arrayList.size()]))));
    }

    private void signNonOpaque(MimeMessage mimeMessage, SMIMESignedGenerator sMIMESignedGenerator) throws IOException, MessagingException {
        MimeMultipart generate;
        log.debug("Signing message in a non-opaque way.");
        try {
            if ((mimeMessage.getContent() instanceof MimeBodyPart) || (mimeMessage.getContent() instanceof MimeMultipart)) {
                generate = sMIMESignedGenerator.generate(mimeMessage);
            } else {
                MimeBodyPart mimeBodyPart = new MimeBodyPart();
                mimeBodyPart.setContent(mimeMessage.getContent(), mimeMessage.getContentType());
                generate = sMIMESignedGenerator.generate(mimeBodyPart);
            }
            mimeMessage.setContent(generate);
            mimeMessage.setDisposition((String) null);
            mimeMessage.saveChanges();
        } catch (SMIMEException e) {
            throw new MessagingException("Could not sign email. Error message: " + e.getMessage(), e);
        }
    }

    private void signOpaque(MimeMessage mimeMessage, SMIMESignedGenerator sMIMESignedGenerator) throws MessagingException, IOException {
        log.debug("Signing message in an opaque way.");
        try {
            MimeBodyPart generateEncapsulated = sMIMESignedGenerator.generateEncapsulated(mimeMessage);
            mimeMessage.setContent(generateEncapsulated.getContent(), generateEncapsulated.getContentType());
            MessageUtil.copyAllHeaders(generateEncapsulated, mimeMessage);
            mimeMessage.saveChanges();
        } catch (SMIMEException e) {
            throw new MessagingException("Could not sign email. Error message: " + e.getMessage(), e);
        }
    }

    public boolean isOpaque() {
        return this.opaque;
    }

    public void setOpaque(boolean z) {
        this.opaque = z;
    }
}
