package net.savignano.snotify.atlassian.mailer.encrypt;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.cert.CertificateEncodingException;
import java.text.MessageFormat;
import javax.mail.MessagingException;
import javax.mail.Session;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;
import javax.mail.internet.MimeUtility;
import net.savignano.snotify.atlassian.common.security.key.publicly.SnotifySmimePublicKey;
import net.savignano.snotify.atlassian.common.util.MessageUtil;
import net.savignano.snotify.atlassian.common.util.SmimeUtil;
import net.savignano.thirdparty.org.bouncycastle.asn1.ASN1ObjectIdentifier;
import net.savignano.thirdparty.org.bouncycastle.asn1.ASN1Primitive;
import net.savignano.thirdparty.org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
import net.savignano.thirdparty.org.bouncycastle.cms.CMSAlgorithm;
import net.savignano.thirdparty.org.bouncycastle.cms.CMSException;
import net.savignano.thirdparty.org.bouncycastle.cms.bc.BcCMSContentEncryptorBuilder;
import net.savignano.thirdparty.org.bouncycastle.cms.bc.BcRSAKeyTransRecipientInfoGenerator;
import net.savignano.thirdparty.org.bouncycastle.mail.smime.SMIMEEnvelopedGenerator;
import net.savignano.thirdparty.org.bouncycastle.mail.smime.SMIMEException;
import net.savignano.thirdparty.org.bouncycastle.operator.OutputEncryptor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/savignano/snotify/atlassian/mailer/encrypt/SmimeMailEncryptor.class */
public class SmimeMailEncryptor extends AMailEncryptor<SnotifySmimePublicKey> {
    private static final Logger log = LoggerFactory.getLogger(SmimeMailEncryptor.class);
    private static final String XENCRPYTED_MAIL_VALUE = "by {0} {1} at {2} using S/MIME encryption with {3}";
    private ASN1ObjectIdentifier forceSymmetricKeyAlgorithm;
    private int forceSymmetricKeySize;

    public SmimeMailEncryptor(Session session, SnotifySmimePublicKey snotifySmimePublicKey) {
        super(session, snotifySmimePublicKey);
    }

    @Override // net.savignano.snotify.atlassian.mailer.encrypt.AMailEncryptor
    protected void encrypt(MimeMessage mimeMessage) throws IOException, MessagingException {
        log.debug("Encrypting email with certificate: {}", getPublicKey().getKey());
        if (log.isTraceEnabled()) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            mimeMessage.writeTo(byteArrayOutputStream);
            log.trace("Original email:\n{}\n", byteArrayOutputStream.toString());
        }
        SMIMEEnvelopedGenerator sMIMEEnvelopedGenerator = new SMIMEEnvelopedGenerator();
        addRecipientEncryption(sMIMEEnvelopedGenerator);
        addSenderEncryption(sMIMEEnvelopedGenerator);
        OutputEncryptor createOutputEncryptor = createOutputEncryptor();
        encrypt(mimeMessage, sMIMEEnvelopedGenerator, createOutputEncryptor);
        mimeMessage.saveChanges();
        if (log.isTraceEnabled()) {
            ASN1ObjectIdentifier algorithm = createOutputEncryptor.getAlgorithmIdentifier().getAlgorithm();
            if (algorithm.equals((ASN1Primitive) CMSAlgorithm.AES128_GCM) || algorithm.equals((ASN1Primitive) CMSAlgorithm.AES192_GCM) || algorithm.equals((ASN1Primitive) CMSAlgorithm.AES256_GCM)) {
                log.trace("Final email: Cannot log email, because of implementation details of algorithm {}.", SmimeUtil.getCmsName(algorithm));
            } else {
                ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                mimeMessage.writeTo(byteArrayOutputStream2);
                log.trace("Final email:\n{}\n", byteArrayOutputStream2.toString());
            }
        }
        log.debug("Encrypting email successfully finished.");
    }

    private OutputEncryptor createOutputEncryptor() throws MessagingException {
        OutputEncryptor build;
        ASN1ObjectIdentifier forceSymmetricKeyAlgorithm = getForceSymmetricKeyAlgorithm();
        int forceSymmetricKeySize = getForceSymmetricKeySize();
        if (forceSymmetricKeyAlgorithm == null) {
            forceSymmetricKeyAlgorithm = CMSAlgorithm.AES256_CBC;
            forceSymmetricKeySize = 0;
        }
        log.debug("Used symmetric encryption algorithm: {}", SmimeUtil.getCmsName(forceSymmetricKeyAlgorithm));
        if (forceSymmetricKeySize != 0) {
            log.debug("Variable key size used: {}", Integer.valueOf(forceSymmetricKeySize));
        }
        try {
            build = forceSymmetricKeySize == 0 ? new BcCMSContentEncryptorBuilder(forceSymmetricKeyAlgorithm).build() : new BcCMSContentEncryptorBuilder(forceSymmetricKeyAlgorithm, forceSymmetricKeySize).build();
        } catch (CMSException e) {
            if (!e.getMessage().contains("Illegal key size")) {
                throw new MessagingException("Could not create content encryptor. Error message: " + e.getMessage(), e);
            }
            log.debug(e.getMessage(), e);
            log.warn("\"Java Cryptography Extension (JCE) Unlimited Strength\" is not installed on this machine. {} encryption cannot be used. Using fallback AES128_CBC encryption algorithm.", SmimeUtil.getCmsName(forceSymmetricKeyAlgorithm));
            try {
                build = new BcCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).build();
            } catch (CMSException e2) {
                throw new MessagingException("Could not create fallback content encryptor. Error message: " + e2.getMessage(), e2);
            }
        }
        return build;
    }

    private void addRecipientEncryption(SMIMEEnvelopedGenerator sMIMEEnvelopedGenerator) throws IOException, MessagingException {
        log.debug("Adding encryption information for recipient.");
        try {
            sMIMEEnvelopedGenerator.addRecipientInfoGenerator(new BcRSAKeyTransRecipientInfoGenerator(new JcaX509CertificateHolder(getPublicKey().getKey())));
        } catch (CertificateEncodingException e) {
            throw new MessagingException("Could not use certificate for encryption. Error message: " + e.getMessage(), e);
        }
    }

    private void addSenderEncryption(SMIMEEnvelopedGenerator sMIMEEnvelopedGenerator) {
        log.debug("Sender key: {}", getSenderKey());
        if (getSenderKey().isPresent() && getSenderKey().get().isValid()) {
            log.debug("Adding encryption information for sender.");
            try {
                sMIMEEnvelopedGenerator.addRecipientInfoGenerator(new BcRSAKeyTransRecipientInfoGenerator(new JcaX509CertificateHolder(getSenderKey().get().getKey())));
            } catch (Exception e) {
                log.error("Could not use sender certificate for encryption. Error message: " + e.getMessage(), e);
            }
        }
    }

    private void encrypt(MimeMessage mimeMessage, SMIMEEnvelopedGenerator sMIMEEnvelopedGenerator, OutputEncryptor outputEncryptor) throws IOException, MessagingException {
        MimeBodyPart generate;
        log.debug("Encrypting content.");
        try {
            if ((mimeMessage.getContent() instanceof MimeBodyPart) || (mimeMessage.getContent() instanceof MimeMultipart)) {
                generate = sMIMEEnvelopedGenerator.generate(mimeMessage, outputEncryptor);
            } else {
                MimeBodyPart mimeBodyPart = new MimeBodyPart();
                MessageUtil.copyAllHeaders(mimeMessage, mimeBodyPart);
                mimeBodyPart.setContent(mimeMessage.getContent(), mimeMessage.getContentType());
                generate = sMIMEEnvelopedGenerator.generate(mimeBodyPart, outputEncryptor);
            }
            mimeMessage.setContent(generate.getContent(), generate.getContentType());
            MessageUtil.copyAllHeaders(generate, mimeMessage);
            mimeMessage.addHeader("X-Encrypted", MimeUtility.fold("X-Encrypted".length() + 2, getXencryptedMailValue(SmimeUtil.getCmsName(outputEncryptor.getAlgorithmIdentifier().getAlgorithm()))));
        } catch (SMIMEException e) {
            throw new MessagingException("Could not encrypt email. Error Message: " + e.getMessage(), e);
        }
    }

    protected String getXencryptedMailValue(String str) {
        return MessageFormat.format(XENCRPYTED_MAIL_VALUE, getSnotifyName(), getVersion(), getHostName(), str);
    }

    public ASN1ObjectIdentifier getForceSymmetricKeyAlgorithm() {
        return this.forceSymmetricKeyAlgorithm;
    }

    public void setForceSymmetricKeyAlgorithm(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        this.forceSymmetricKeyAlgorithm = aSN1ObjectIdentifier;
    }

    public int getForceSymmetricKeySize() {
        return this.forceSymmetricKeySize;
    }

    public void setForceSymmetricKeySize(int i) {
        this.forceSymmetricKeySize = i;
    }
}
