package net.savignano.cryptography.mail.decrypt;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import javax.activation.DataHandler;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.Part;
import javax.mail.Session;
import javax.mail.internet.ContentType;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.util.ByteArrayDataSource;
import net.savignano.cryptography.Constants;
import net.savignano.cryptography.enums.ECryptographyType;
import net.savignano.cryptography.enums.EKeyValidity;
import net.savignano.cryptography.key.smime.SmimeDecryptionKey;
import net.savignano.cryptography.mail.IKeyProvider;
import net.savignano.cryptography.util.MessageUtil;
import net.savignano.cryptography.util.SmimeUtil;
import net.savignano.cryptography.version.FullVersion;
import net.savignano.thirdparty.org.bouncycastle.asn1.ASN1InputStream;
import net.savignano.thirdparty.org.bouncycastle.asn1.ASN1ObjectIdentifier;
import net.savignano.thirdparty.org.bouncycastle.asn1.ASN1Primitive;
import net.savignano.thirdparty.org.bouncycastle.asn1.cms.ContentInfo;
import net.savignano.thirdparty.org.bouncycastle.cms.CMSException;
import net.savignano.thirdparty.org.bouncycastle.cms.KeyTransRecipientId;
import net.savignano.thirdparty.org.bouncycastle.cms.Recipient;
import net.savignano.thirdparty.org.bouncycastle.cms.RecipientId;
import net.savignano.thirdparty.org.bouncycastle.cms.RecipientInformation;
import net.savignano.thirdparty.org.bouncycastle.cms.RecipientInformationStore;
import net.savignano.thirdparty.org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
import net.savignano.thirdparty.org.bouncycastle.mail.smime.SMIMEEnveloped;
import net.savignano.thirdparty.org.bouncycastle.mail.smime.SMIMEException;
import net.savignano.thirdparty.org.bouncycastle.mail.smime.SMIMEUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/savignano/cryptography/mail/decrypt/SmimeMailDecryptor.class */
public class SmimeMailDecryptor extends AMailDecryptor<SmimeDecryptionKey, KeyTransRecipientId> {
    public static final boolean isMessageEncrypted(Message message) {
        return isMessageEncrypted((Part) message);
    }

    private static final boolean isMessageEncrypted(Part part) {
        try {
            ContentType contentType = new ContentType(part.getContentType());
            if (!contentType.match(Constants.MIME_CONTENT_TYPE_PKCS7) && !contentType.match(Constants.MIME_CONTENT_TYPE_XPKCS7)) {
                return false;
            }
            String parameter = contentType.getParameter(Constants.MIME_PARAM_SMIME_TYPE);
            return parameter != null ? Constants.MIME_PARAM_SMIME_TYPE_ENVELOPED_DATA.equalsIgnoreCase(parameter) : checkAsn1Type(part);
        } catch (Exception e) {
            LoggerFactory.getLogger(SmimeMailDecryptor.class).error(e.getMessage(), e);
            return false;
        }
    }

    private static final boolean checkAsn1Type(Part part) throws IOException, MessagingException {
        ASN1InputStream aSN1InputStream = new ASN1InputStream(part.getInputStream());
        Throwable th = null;
        try {
            try {
                ASN1Primitive readObject = aSN1InputStream.readObject();
                if (aSN1InputStream != null) {
                    if (0 != 0) {
                        try {
                            aSN1InputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        aSN1InputStream.close();
                    }
                }
                ContentInfo contentInfo = ContentInfo.getInstance(readObject);
                return contentInfo != null && Constants.OID_PKCS7_ENVELOPED_DATA.equals(contentInfo.getContentType().toString());
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (aSN1InputStream != null) {
                if (th != null) {
                    try {
                        aSN1InputStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    aSN1InputStream.close();
                }
            }
            throw th4;
        }
    }

    public SmimeMailDecryptor(Session session) {
        super(session, ECryptographyType.SMIME);
    }

    @Override // net.savignano.cryptography.mail.decrypt.AMailDecryptor
    protected void decrypt(MimeMessage mimeMessage, IKeyProvider<KeyTransRecipientId, SmimeDecryptionKey> iKeyProvider) throws Exception {
        if (!isMessageEncrypted((Message) mimeMessage)) {
            getLog().debug("Message is not S/MIME encrypted. Content type encountered: {}", mimeMessage.getContentType());
            return;
        }
        String messageId = MessageUtil.getMessageId(mimeMessage);
        SMIMEEnveloped sMIMEEnveloped = new SMIMEEnveloped(mimeMessage);
        ASN1ObjectIdentifier algorithm = sMIMEEnveloped.getContentEncryptionAlgorithm().getAlgorithm();
        getLog().debug("Used symmetric encryption algorithm: {}", SmimeUtil.getCmsName(algorithm));
        if (!SmimeUtil.isSupportedSymmetricKeyAlgorithm(algorithm)) {
            throw new MessagingException("Algorithm " + SmimeUtil.getCmsName(algorithm) + " that was used to encrypt Email with ID " + messageId + " is not supported.");
        }
        RecipientInformation recipientInformation = null;
        SmimeDecryptionKey smimeDecryptionKey = new SmimeDecryptionKey(EKeyValidity.NOT_FOUND);
        RecipientInformationStore recipientInfos = sMIMEEnveloped.getRecipientInfos();
        Iterator<RecipientInformation> it = recipientInfos.getRecipients().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            RecipientInformation next = it.next();
            smimeDecryptionKey = getDecryptionKey(next, iKeyProvider);
            if (smimeDecryptionKey.isValid()) {
                getLog().debug("Used asymmetric encryption algorithm: {}", SmimeUtil.getCmsName(next.getKeyEncryptionAlgorithm().getAlgorithm()));
                recipientInformation = next;
                break;
            }
        }
        if (!smimeDecryptionKey.isValid()) {
            throwRecipientCertificateNotFoundException(messageId, recipientInfos);
        }
        decrypt(mimeMessage, recipientInformation, new JceKeyTransEnvelopedRecipient(smimeDecryptionKey.getKey()));
        includeDecryptionHeader(mimeMessage);
        mimeMessage.saveChanges();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.savignano.cryptography.mail.decrypt.AMailDecryptor
    public IKeyProvider<KeyTransRecipientId, SmimeDecryptionKey> toProvider(SmimeDecryptionKey smimeDecryptionKey) {
        return keyTransRecipientId -> {
            X509Certificate certificate = smimeDecryptionKey.getCertificate();
            return (certificate != null && certificate.getSerialNumber().equals(keyTransRecipientId.getSerialNumber()) && SmimeUtil.getIssuer(certificate).equals(keyTransRecipientId.getIssuer())) ? smimeDecryptionKey : new SmimeDecryptionKey(EKeyValidity.NOT_FOUND);
        };
    }

    private SmimeDecryptionKey getDecryptionKey(RecipientInformation recipientInformation, IKeyProvider<KeyTransRecipientId, SmimeDecryptionKey> iKeyProvider) throws GeneralSecurityException {
        Logger log = getLog();
        if (recipientInformation.getRID().getType() != 0) {
            log.debug("Recipient Info {} is not of type Key Transport (0), but {}", recipientInformation.getRID(), Integer.valueOf(recipientInformation.getRID().getType()));
            return new SmimeDecryptionKey(EKeyValidity.INVALID);
        }
        KeyTransRecipientId keyTransRecipientId = (KeyTransRecipientId) recipientInformation.getRID();
        String keyId = getKeyId(keyTransRecipientId);
        if (SmimeUtil.isSupportedAsymmetricKeyAlgorithm(recipientInformation.getKeyEncryptionAlgorithm().getAlgorithm())) {
            return iKeyProvider.getKey(keyTransRecipientId);
        }
        log.warn("Key {} cannot be used for decryption, as the asymmetric algorith is not supported. Used algorithm: {}", keyId, SmimeUtil.getCmsName(recipientInformation.getKeyEncryptionAlgorithm().getAlgorithm()));
        return new SmimeDecryptionKey(EKeyValidity.ERROR);
    }

    private void throwRecipientCertificateNotFoundException(String str, RecipientInformationStore recipientInformationStore) throws MessagingException {
        String str2 = null;
        Iterator<RecipientInformation> it = recipientInformationStore.getRecipients().iterator();
        while (it.hasNext()) {
            RecipientId rid = it.next().getRID();
            getLog().debug("Recipient Type encountered: {}", getRecipientType(rid));
            if (rid.getType() == 0 && (rid instanceof KeyTransRecipientId)) {
                String keyId = getKeyId((KeyTransRecipientId) rid);
                getLog().debug("Key ID: {}", keyId);
                str2 = str2 == null ? keyId : str2 + ", " + keyId;
            }
        }
        if (str2 == null) {
            str2 = FullVersion.UNKNOWN_VERSION;
        }
        throw new MessagingException("Found no valid private key in Key Store to decrypt Email with ID " + str + ". Certificate(s) used to encrypt email have ID(s): " + str2);
    }

    private String getKeyId(KeyTransRecipientId keyTransRecipientId) {
        return SmimeUtil.getSerialNumber(keyTransRecipientId.getSerialNumber()) + " from " + keyTransRecipientId.getIssuer();
    }

    private void decrypt(MimeMessage mimeMessage, RecipientInformation recipientInformation, Recipient recipient) throws SMIMEException, CMSException, MessagingException, IOException {
        getLog().debug("Decrypting content.");
        MimeBodyPart mimeBodyPart = SMIMEUtil.toMimeBodyPart(recipientInformation.getContent(recipient));
        mimeMessage.setDisposition((String) null);
        mimeMessage.removeHeader(Constants.MIME_HEADER_CONTENT_TRANSFER_ENCODING);
        mimeMessage.setDataHandler(new DataHandler(new ByteArrayDataSource(mimeBodyPart.getInputStream(), mimeBodyPart.getContentType())));
        MessageUtil.copyAllHeaders(mimeBodyPart, mimeMessage);
    }

    private String getRecipientType(RecipientId recipientId) {
        switch (recipientId.getType()) {
            case 0:
                return "KeyTrans";
            case 1:
                return "Kek";
            case 2:
                return "KeyAgree";
            case 3:
                return "Password";
            default:
                return FullVersion.UNKNOWN_VERSION;
        }
    }
}
