package net.savignano.cryptography.mail.sign;

import java.io.IOException;
import java.security.cert.CertificateEncodingException;
import java.util.ArrayList;
import javax.mail.MessagingException;
import javax.mail.Session;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;
import net.savignano.cryptography.Constants;
import net.savignano.cryptography.enums.ECryptographyType;
import net.savignano.cryptography.key.smime.SmimeSignKey;
import net.savignano.cryptography.util.MessageUtil;
import net.savignano.cryptography.util.SecurityUtil;
import net.savignano.thirdparty.org.bouncycastle.asn1.ASN1Encodable;
import net.savignano.thirdparty.org.bouncycastle.asn1.ASN1EncodableVector;
import net.savignano.thirdparty.org.bouncycastle.asn1.DLSequence;
import net.savignano.thirdparty.org.bouncycastle.asn1.DLSet;
import net.savignano.thirdparty.org.bouncycastle.asn1.cms.Attribute;
import net.savignano.thirdparty.org.bouncycastle.asn1.cms.AttributeTable;
import net.savignano.thirdparty.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import net.savignano.thirdparty.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import net.savignano.thirdparty.org.bouncycastle.cert.jcajce.JcaCertStore;
import net.savignano.thirdparty.org.bouncycastle.cms.CMSAttributeTableGenerator;
import net.savignano.thirdparty.org.bouncycastle.cms.DefaultSignedAttributeTableGenerator;
import net.savignano.thirdparty.org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
import net.savignano.thirdparty.org.bouncycastle.mail.smime.SMIMEException;
import net.savignano.thirdparty.org.bouncycastle.mail.smime.SMIMESignedGenerator;
import net.savignano.thirdparty.org.bouncycastle.operator.OperatorCreationException;

/* loaded from: input_file:net/savignano/cryptography/mail/sign/SmimeMailSigner.class */
public class SmimeMailSigner extends AMailSigner<SmimeSignKey> {
    private boolean opaque;

    public SmimeMailSigner(Session session) {
        super(session, ECryptographyType.SMIME);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.savignano.cryptography.mail.sign.AMailSigner
    public void sign(MimeMessage mimeMessage, SmimeSignKey smimeSignKey) throws Exception {
        SMIMESignedGenerator prepareGenerator = prepareGenerator(smimeSignKey, "SHA256withRSA");
        if (isOpaque()) {
            signOpaque(mimeMessage, prepareGenerator);
        } else {
            signTransparent(mimeMessage, prepareGenerator);
        }
        includeSignatureHeader(mimeMessage, "SHA256withRSA");
        mimeMessage.saveChanges();
    }

    private SMIMESignedGenerator prepareGenerator(SmimeSignKey smimeSignKey, String str) throws CertificateEncodingException, OperatorCreationException {
        getLog().debug("Preparing S/MIME Signed generator.");
        SMIMESignedGenerator sMIMESignedGenerator = new SMIMESignedGenerator();
        sMIMESignedGenerator.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(SecurityUtil.getProvider()).setSignedAttributeGenerator(createSignedAttrGenerator()).build(str, smimeSignKey.getKey(), smimeSignKey.getPublicCert()));
        ArrayList arrayList = new ArrayList();
        arrayList.add(smimeSignKey.getPublicCert());
        arrayList.addAll(smimeSignKey.getIntermediateCerts());
        sMIMESignedGenerator.addCertificates(new JcaCertStore(arrayList));
        return sMIMESignedGenerator;
    }

    private CMSAttributeTableGenerator createSignedAttrGenerator() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(createSmimeCapabilities());
        return new DefaultSignedAttributeTableGenerator(new AttributeTable(aSN1EncodableVector));
    }

    private Attribute createSmimeCapabilities() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new DLSequence(NISTObjectIdentifiers.id_aes256_GCM));
        arrayList.add(new DLSequence(NISTObjectIdentifiers.id_aes256_CBC));
        arrayList.add(new DLSequence(PKCSObjectIdentifiers.id_alg_AEADChaCha20Poly1305));
        arrayList.add(new DLSequence(NISTObjectIdentifiers.id_aes128_GCM));
        arrayList.add(new DLSequence(NISTObjectIdentifiers.id_aes128_CBC));
        return new Attribute(PKCSObjectIdentifiers.pkcs_9_at_smimeCapabilities, new DLSet(new DLSequence((ASN1Encodable[]) arrayList.toArray(new ASN1Encodable[arrayList.size()]))));
    }

    private void signTransparent(MimeMessage mimeMessage, SMIMESignedGenerator sMIMESignedGenerator) throws IOException, MessagingException, SMIMEException {
        getLog().debug("Signing message in a transparent way.");
        MimeBodyPart mimeBodyPart = new MimeBodyPart();
        MessageUtil.movePart(mimeMessage, mimeBodyPart);
        MimeMultipart generate = sMIMESignedGenerator.generate(mimeBodyPart);
        MessageUtil.removeMatchingHeaders(mimeMessage, Constants.STRUCTURAL_MIME_HEADERS);
        mimeMessage.setContent(generate);
    }

    private void signOpaque(MimeMessage mimeMessage, SMIMESignedGenerator sMIMESignedGenerator) throws IOException, MessagingException, SMIMEException {
        getLog().debug("Signing message in an opaque way.");
        MimeBodyPart mimeBodyPart = new MimeBodyPart();
        MessageUtil.movePart(mimeMessage, mimeBodyPart);
        MimeBodyPart generateEncapsulated = sMIMESignedGenerator.generateEncapsulated(mimeBodyPart);
        MessageUtil.movePart(generateEncapsulated, mimeMessage);
        MessageUtil.copyAllHeaders(generateEncapsulated, mimeMessage);
        mimeMessage.saveChanges();
    }

    public boolean isOpaque() {
        return this.opaque;
    }

    public void setOpaque(boolean z) {
        this.opaque = z;
    }
}
