package net.savignano.cryptography.mail.decrypt;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.util.Iterator;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import javax.activation.DataHandler;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.Multipart;
import javax.mail.Part;
import javax.mail.Session;
import javax.mail.internet.ContentType;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimePart;
import javax.mail.util.ByteArrayDataSource;
import net.savignano.cryptography.Constants;
import net.savignano.cryptography.enums.ECryptographyType;
import net.savignano.cryptography.enums.EKeyValidity;
import net.savignano.cryptography.key.pgp.PgpDecryptionKey;
import net.savignano.cryptography.mail.IKeyProvider;
import net.savignano.cryptography.mail.visitor.ManipulateMessageVisitor;
import net.savignano.cryptography.mail.visitor.ResultMessageVisitor;
import net.savignano.cryptography.util.MessageUtil;
import net.savignano.cryptography.util.PgpUtil;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPException;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPPublicKeyEncryptedData;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPUtil;
import net.savignano.thirdparty.org.bouncycastle.openpgp.operator.bc.BcPublicKeyDataDecryptorFactory;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/savignano/cryptography/mail/decrypt/PgpMailDecryptor.class */
public class PgpMailDecryptor extends AMailDecryptor<PgpDecryptionKey, Long> {
    private static final String CONTENT_TYPE_PGP_ENCRYPTED_PART1 = "application/pgp-encrypted";
    private static final String CONTENT_TYPE_PGP_ENCRYPTED_PART2 = "application/octet-stream";
    private boolean checkInline;
    private String binaryRegex;
    private boolean preferredAlgorithmUsed;

    /* loaded from: input_file:net/savignano/cryptography/mail/decrypt/PgpMailDecryptor$DecryptVisitor.class */
    private static final class DecryptVisitor extends ManipulateMessageVisitor {
        private final Session session;
        private final IKeyProvider<Long, PgpDecryptionKey> keyProvider;
        private final boolean inline;
        private final Pattern binaryPattern;
        private boolean preferredAlgorithmUsed;

        public DecryptVisitor(Session session, IKeyProvider<Long, PgpDecryptionKey> iKeyProvider, boolean z, Pattern pattern) {
            this.session = session;
            this.keyProvider = iKeyProvider;
            this.inline = z;
            this.binaryPattern = pattern;
        }

        @Override // net.savignano.cryptography.mail.visitor.ContentTypeVisitor
        protected void handlePart(MimePart mimePart) throws Exception {
            if (PgpMailDecryptor.isPgpEncrypted(mimePart)) {
                if (sanityCheck(mimePart)) {
                    decryptPgp(mimePart, (Multipart) mimePart.getContent());
                    setChanged(true);
                    return;
                }
                return;
            }
            if (checkInline() && PgpMailDecryptor.isEncryptedInlineText(mimePart)) {
                decryptPgpInlineText(mimePart);
                setChanged(true);
            } else if (checkInline() && PgpMailDecryptor.isEncryptedInlineAttachment(mimePart)) {
                decryptPgpInlineAttachment(mimePart);
                setChanged(true);
            } else if (checkBinary() && PgpMailDecryptor.isMatchingAttachment(mimePart, getBinaryPattern())) {
                decryptPgpBinaryAttachment(mimePart);
                setChanged(true);
            }
        }

        private boolean sanityCheck(MimePart mimePart) throws MessagingException, IOException {
            if (!mimePart.isMimeType(Constants.MIME_CONTENT_TYPE_MULTIPART_ENCRYPTED)) {
                getLog().warn("PGP encryption does not have expected content type. Found: {}", mimePart.getContentType());
            }
            Multipart multipart = (Multipart) mimePart.getContent();
            if (multipart.getCount() != 2) {
                getLog().warn("PGP encryption does not have expected part count. Two expected, but found: {}", Integer.valueOf(multipart.getCount()));
                return false;
            }
            String contentType = multipart.getContentType();
            if (contentType == null || !contentType.startsWith(Constants.MIME_CONTENT_TYPE_MULTIPART_ENCRYPTED)) {
                getLog().warn("PGP encryption does not have expected content type. Found: {}", multipart.getContentType());
                return false;
            }
            if (!multipart.getBodyPart(0).isMimeType("application/pgp-encrypted")) {
                getLog().warn("PGP encryption version part does not have expected content type. Found: {}", multipart.getBodyPart(0).getContentType());
                return false;
            }
            if (multipart.getBodyPart(1).isMimeType(PgpMailDecryptor.CONTENT_TYPE_PGP_ENCRYPTED_PART2)) {
                return true;
            }
            getLog().warn("PGP encryption content part does not have expected content type. Found: {}", multipart.getBodyPart(1).getContentType());
            return false;
        }

        private void decryptPgp(Part part, Multipart multipart) throws MessagingException, IOException {
            getLog().debug("Decrypting PGP message.");
            MimeMessage mimeMessage = new MimeMessage(getSession(), new ByteArrayInputStream(decryptPart(multipart.getBodyPart(1))));
            MessageUtil.movePart(mimeMessage, part);
            MessageUtil.copyAllHeaders(mimeMessage, part);
        }

        private void decryptPgpInlineText(MimePart mimePart) throws MessagingException, IOException {
            getLog().debug("Decrypting inline text.");
            byte[] decryptPart = decryptPart(mimePart);
            String parameter = new ContentType(mimePart.getContentType()).getParameter("charset");
            String str = parameter == null ? Constants.UTF8 : parameter;
            mimePart.setText(new String(decryptPart, str), str);
        }

        private void decryptPgpInlineAttachment(MimePart mimePart) throws MessagingException, IOException {
            getLog().debug("Decrypting inline attachment. File name: {}", mimePart.getFileName());
            setDecryptedContent(mimePart, decryptPart(mimePart));
        }

        private void decryptPgpBinaryAttachment(MimePart mimePart) throws MessagingException, IOException {
            getLog().debug("Decrypting binary attachment. File name: {}", mimePart.getFileName());
            try {
                setDecryptedContent(mimePart, decryptPart(mimePart));
            } catch (IOException | MessagingException e) {
                getLog().debug("Could not decrypt binary attachment. Probably not PGP encrypted. Error message: " + e.getMessage(), e);
            }
        }

        private byte[] decryptPart(Part part) throws IOException, MessagingException {
            byte[] bArr = null;
            boolean z = false;
            InputStream decoderStream = PGPUtil.getDecoderStream(part.getInputStream());
            Throwable th = null;
            try {
                try {
                    Iterator<PGPPublicKeyEncryptedData> encryptionInformation = PgpUtil.getEncryptionInformation(decoderStream);
                    while (bArr == null && encryptionInformation.hasNext()) {
                        PGPPublicKeyEncryptedData next = encryptionInformation.next();
                        String prettyId = PgpUtil.getPrettyId(next.getKeyID());
                        PgpDecryptionKey mapToKey = mapToKey(Long.valueOf(next.getKeyID()));
                        if (mapToKey.isValid()) {
                            z = true;
                            try {
                                getLog().info("Decrypting message with ID \"{}\" with key with ID \"{}\".", getMsgId(), prettyId);
                                bArr = PgpUtil.decrypt(next, mapToKey.getKey());
                            } catch (Exception e) {
                                if (PgpUtil.ERROR_MESSAGE_FOR_WRONG_PASSWORD.equals(e.getMessage())) {
                                    getLog().error("Supplied password for private key with ID \"" + prettyId + "\" was wrong.", e);
                                } else {
                                    getLog().error("Error decrypting message encoded with key with ID \"" + prettyId + "\". Error message: " + e.getMessage(), e);
                                }
                            }
                            if (bArr != null) {
                                try {
                                    setPreferredAlgorithmUsed(isPreferredAlgorithm(next, mapToKey, prettyId));
                                } catch (PGPException e2) {
                                    getLog().error("Could not check wether message with ID \"" + getMsgId() + "\" was encrypted with preferred algorithm of key with ID \"" + prettyId + "\". Error message: " + e2.getMessage(), e2);
                                    setPreferredAlgorithmUsed(false);
                                }
                            }
                        } else {
                            getLog().trace("Found no key for ID \"{}\".", prettyId);
                        }
                    }
                    if (bArr != null) {
                        return bArr;
                    }
                    if (z) {
                        throw new MessagingException("Could not decrypt message with ID: " + getMsgId());
                    }
                    throw new MessagingException("Found no valid private key to decrypt message with ID: " + getMsgId());
                } catch (Exception e3) {
                    throw new MessagingException("Could not read encryption data for message with ID \"" + getMsgId() + "\". Error message: " + e3.getMessage(), e3);
                }
            } finally {
                if (decoderStream != null) {
                    if (0 != 0) {
                        try {
                            decoderStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        decoderStream.close();
                    }
                }
            }
        }

        private boolean isPreferredAlgorithm(PGPPublicKeyEncryptedData pGPPublicKeyEncryptedData, PgpDecryptionKey pgpDecryptionKey, String str) throws PGPException {
            boolean z = false;
            if (pgpDecryptionKey.getPublicKey() != null) {
                int symmetricAlgorithm = pGPPublicKeyEncryptedData.getSymmetricAlgorithm(new BcPublicKeyDataDecryptorFactory(pgpDecryptionKey.getKey()));
                int[] preferredSymmetricKeyAlgorithms = PgpUtil.getPreferredSymmetricKeyAlgorithms(pgpDecryptionKey.getPublicKey());
                getLog().debug("Used cipher in message was \"{}\" (\"{}\").", PgpUtil.getSymmetricCipherName(symmetricAlgorithm), Integer.valueOf(symmetricAlgorithm));
                int length = preferredSymmetricKeyAlgorithms.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    if (preferredSymmetricKeyAlgorithms[i] == symmetricAlgorithm) {
                        z = true;
                        break;
                    }
                    i++;
                }
                if (z) {
                    getLog().debug("Cipher is part of preferred algorithms.");
                } else {
                    getLog().info("Message with ID \"{}\" was not encrypted with a preferred cipher of key with ID \"{}\". Used cipher in message was: {} ({})", new Object[]{getMsgId(), str, PgpUtil.getSymmetricCipherName(symmetricAlgorithm), Integer.valueOf(symmetricAlgorithm)});
                }
            } else {
                getLog().info("No public key available for ID \"{}\".", str);
            }
            return z;
        }

        private PgpDecryptionKey mapToKey(Long l) {
            try {
                return getKeyProvider().getKey(l);
            } catch (GeneralSecurityException e) {
                LoggerFactory.getLogger(PgpMailDecryptor.class).error("Could not retrieve key with ID " + PgpUtil.getPrettyId(l.longValue()) + ". Error message: " + e.getMessage(), e);
                return new PgpDecryptionKey(EKeyValidity.ERROR);
            }
        }

        private void setDecryptedContent(MimePart mimePart, byte[] bArr) throws MessagingException, IOException {
            MimePart asPart = asPart(bArr);
            if (asPart != null && asPart.getHeader(Constants.MIME_HEADER_CONTENT_TYPE, (String) null) != null) {
                getLog().debug("Attachment seems to be a MimePart. Content Type: {}", asPart.getContentType());
                MessageUtil.movePart(asPart, mimePart);
                MessageUtil.copyAllHeaders(asPart, mimePart);
                return;
            }
            getLog().debug("Attachment is not a MimePart.");
            mimePart.setDataHandler(new DataHandler(new ByteArrayDataSource(bArr, PgpMailDecryptor.CONTENT_TYPE_PGP_ENCRYPTED_PART2)));
            String fileName = mimePart.getFileName();
            if (fileName != null) {
                if (fileName.endsWith(".pgp") || fileName.endsWith(".gpg") || fileName.endsWith(".asc")) {
                    mimePart.setFileName(fileName.substring(0, fileName.length() - 4));
                }
            }
        }

        private MimePart asPart(byte[] bArr) {
            try {
                return new MimeBodyPart(new ByteArrayInputStream(bArr));
            } catch (MessagingException e) {
                getLog().debug("Could not parse data into body part. Probably not a MIME part. Error message: " + e.getMessage(), e);
                return null;
            }
        }

        private boolean checkInline() {
            return this.inline;
        }

        private boolean checkBinary() {
            return this.binaryPattern != null;
        }

        private Pattern getBinaryPattern() {
            return this.binaryPattern;
        }

        private IKeyProvider<Long, PgpDecryptionKey> getKeyProvider() {
            return this.keyProvider;
        }

        private Session getSession() {
            return this.session;
        }

        public boolean isPreferredAlgorithmUsed() {
            return this.preferredAlgorithmUsed;
        }

        public void setPreferredAlgorithmUsed(boolean z) {
            this.preferredAlgorithmUsed = z;
        }
    }

    public static final boolean isMessageEncrypted(Message message) {
        if (!(message instanceof MimeMessage)) {
            return false;
        }
        ResultMessageVisitor<Boolean> resultMessageVisitor = new ResultMessageVisitor<Boolean>(false) { // from class: net.savignano.cryptography.mail.decrypt.PgpMailDecryptor.1
            @Override // net.savignano.cryptography.mail.visitor.ContentTypeVisitor
            protected void handlePart(MimePart mimePart) throws Exception {
                if (!getResult().booleanValue() && PgpMailDecryptor.isPgpEncrypted(mimePart)) {
                    setResult(true);
                }
            }
        };
        try {
            resultMessageVisitor.visit((MimeMessage) message);
        } catch (Exception e) {
            LoggerFactory.getLogger(PgpMailDecryptor.class).error(e.getMessage(), e);
        }
        return resultMessageVisitor.getResult().booleanValue();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final boolean isPgpEncrypted(MimePart mimePart) throws MessagingException {
        ContentType contentType = new ContentType(mimePart.getContentType());
        if (contentType.match(Constants.MIME_CONTENT_TYPE_MULTIPART_ENCRYPTED)) {
            return "application/pgp-encrypted".equalsIgnoreCase(contentType.getParameter(Constants.MIME_PARAM_PROTOCOL));
        }
        return false;
    }

    public static final boolean isMessageEncryptedInline(Message message) {
        if (!(message instanceof MimeMessage)) {
            return false;
        }
        ResultMessageVisitor<Boolean> resultMessageVisitor = new ResultMessageVisitor<Boolean>(false) { // from class: net.savignano.cryptography.mail.decrypt.PgpMailDecryptor.2
            @Override // net.savignano.cryptography.mail.visitor.ContentTypeVisitor
            protected void handlePart(MimePart mimePart) throws Exception {
                if (getResult().booleanValue()) {
                    return;
                }
                if (PgpMailDecryptor.isEncryptedInlineText(mimePart)) {
                    setResult(true);
                } else if (PgpMailDecryptor.isEncryptedInlineAttachment(mimePart)) {
                    setResult(true);
                }
            }
        };
        try {
            resultMessageVisitor.visit((MimeMessage) message);
        } catch (Exception e) {
            LoggerFactory.getLogger(PgpMailDecryptor.class).error(e.getMessage(), e);
        }
        return resultMessageVisitor.getResult().booleanValue();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final boolean isEncryptedInlineText(Part part) throws MessagingException, IOException {
        if (!part.isMimeType("text/plain")) {
            return false;
        }
        InputStream inputStream = part.getInputStream();
        Throwable th = null;
        try {
            boolean isPgpArmored = PgpUtil.isPgpArmored(inputStream, Constants.PGP_ASCII_ARMORED_ENCRYPTED_BEGIN);
            if (inputStream != null) {
                if (0 != 0) {
                    try {
                        inputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    inputStream.close();
                }
            }
            return isPgpArmored;
        } catch (Throwable th3) {
            if (inputStream != null) {
                if (0 != 0) {
                    try {
                        inputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    inputStream.close();
                }
            }
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final boolean isEncryptedInlineAttachment(MimePart mimePart) throws MessagingException, IOException {
        if (!"attachment".equalsIgnoreCase(mimePart.getDisposition())) {
            return false;
        }
        InputStream inputStream = mimePart.getInputStream();
        Throwable th = null;
        try {
            boolean isPgpArmored = PgpUtil.isPgpArmored(inputStream, Constants.PGP_ASCII_ARMORED_ENCRYPTED_BEGIN);
            if (inputStream != null) {
                if (0 != 0) {
                    try {
                        inputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    inputStream.close();
                }
            }
            return isPgpArmored;
        } catch (Throwable th3) {
            if (inputStream != null) {
                if (0 != 0) {
                    try {
                        inputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    inputStream.close();
                }
            }
            throw th3;
        }
    }

    public static final boolean isMessageEncryptedBinary(Message message, String str) {
        final Pattern binaryPattern;
        if (!(message instanceof MimeMessage) || (binaryPattern = getBinaryPattern(str)) == null) {
            return false;
        }
        ResultMessageVisitor<Boolean> resultMessageVisitor = new ResultMessageVisitor<Boolean>(false) { // from class: net.savignano.cryptography.mail.decrypt.PgpMailDecryptor.3
            @Override // net.savignano.cryptography.mail.visitor.ContentTypeVisitor
            protected void handlePart(MimePart mimePart) throws Exception {
                if (!getResult().booleanValue() && PgpMailDecryptor.isMatchingAttachment(mimePart, binaryPattern)) {
                    setResult(true);
                }
            }
        };
        try {
            resultMessageVisitor.visit((MimeMessage) message);
        } catch (Exception e) {
            LoggerFactory.getLogger(PgpMailDecryptor.class).error(e.getMessage(), e);
        }
        return resultMessageVisitor.getResult().booleanValue();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final boolean isMatchingAttachment(MimePart mimePart, Pattern pattern) throws MessagingException {
        String fileName;
        return "attachment".equalsIgnoreCase(mimePart.getDisposition()) && (fileName = mimePart.getFileName()) != null && pattern.matcher(fileName).matches();
    }

    private static final Pattern getBinaryPattern(String str) {
        if (str == null) {
            return null;
        }
        try {
            return Pattern.compile(str, 2);
        } catch (PatternSyntaxException e) {
            LoggerFactory.getLogger(PgpMailDecryptor.class).error(e.getMessage(), e);
            return null;
        }
    }

    public PgpMailDecryptor(Session session) {
        super(session, ECryptographyType.PGP);
    }

    @Override // net.savignano.cryptography.mail.decrypt.AMailDecryptor
    protected void decrypt(MimeMessage mimeMessage, IKeyProvider<Long, PgpDecryptionKey> iKeyProvider) throws Exception {
        DecryptVisitor decryptVisitor = new DecryptVisitor(getSession(), iKeyProvider, isCheckInline(), getBinaryPattern(getBinaryRegex()));
        decryptVisitor.visit(mimeMessage);
        this.preferredAlgorithmUsed = decryptVisitor.isPreferredAlgorithmUsed();
        if (decryptVisitor.isChanged()) {
            includeDecryptionHeader(mimeMessage);
            mimeMessage.saveChanges();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.savignano.cryptography.mail.decrypt.AMailDecryptor
    public IKeyProvider<Long, PgpDecryptionKey> toProvider(PgpDecryptionKey pgpDecryptionKey) {
        return l -> {
            return l.longValue() == pgpDecryptionKey.getKey().getKeyID() ? pgpDecryptionKey : new PgpDecryptionKey(EKeyValidity.NOT_FOUND);
        };
    }

    public boolean isCheckInline() {
        return this.checkInline;
    }

    public void setCheckInline(boolean z) {
        this.checkInline = z;
    }

    public String getBinaryRegex() {
        return this.binaryRegex;
    }

    public void setBinaryRegex(String str) {
        this.binaryRegex = str;
    }

    public boolean isPreferredAlgorithmUsed() {
        return this.preferredAlgorithmUsed;
    }
}
