package com.android.smime;

import android.content.Context;
import android.os.AsyncTask;
import android.security.KeyChain;
import com.android.baseutils.LogUtils;
import com.android.email.security.SmimeController;
import com.android.emailcommon.mail.MessagingException;
import com.android.smime.ICrypto;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.cms.CMSAlgorithm;
import org.bouncycastle.cms.CMSEnvelopedDataParser;
import org.bouncycastle.cms.CMSEnvelopedDataStreamGenerator;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.RecipientInformation;
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientId;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes.dex */
public class SmimeCryptoImpl implements ICrypto {
    private SmimeController.Cancellable decryptCancelable;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class DecryptWorker extends AsyncTask<Void, Void, Void> {
        private final String alias;
        private final Context ctx;
        private final IOutputTask listener;
        private final OutputStream output;
        private final InputStream source;
        private TaskError taskError = null;

        public DecryptWorker(InputStream inputStream, String str, OutputStream outputStream, IOutputTask iOutputTask, Context context) {
            this.source = inputStream;
            this.alias = str;
            this.output = outputStream;
            this.listener = iOutputTask;
            this.ctx = context;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public Void doInBackground(Void... voidArr) {
            PrivateKey privateKey;
            InputStream inputStream = null;
            try {
                try {
                    try {
                        try {
                            try {
                                try {
                                    SmimeCryptoImpl.this.checkIfDecryptThreadCancelled();
                                    privateKey = KeyChain.getPrivateKey(this.ctx, this.alias);
                                } catch (Exception e) {
                                    LogUtils.e("SmimeCryptoImpl", "Exception", e);
                                    this.taskError = TaskError.GENERIC_ERROR;
                                    if (0 != 0) {
                                        inputStream.close();
                                    }
                                }
                            } catch (CMSException e2) {
                                LogUtils.e("SmimeCryptoImpl", "CMSException", e2);
                                this.taskError = TaskError.CMS_ERROR;
                                if (0 != 0) {
                                    inputStream.close();
                                }
                            }
                        } catch (InterruptedException e3) {
                            LogUtils.e("SmimeCryptoImpl", "DecryptWorker is canceled");
                            this.taskError = TaskError.GENERIC_ERROR;
                            if (0 != 0) {
                                inputStream.close();
                            }
                        }
                    } catch (CertificateException e4) {
                        LogUtils.e("SmimeCryptoImpl", "CertificateException", e4);
                        this.taskError = TaskError.PRIV_KEY_ERROR;
                        if (0 != 0) {
                            inputStream.close();
                        }
                    }
                } catch (IOException e5) {
                    LogUtils.e("SmimeCryptoImpl", "failed to close input stream");
                }
                if (privateKey == null) {
                    LogUtils.e("SmimeCryptoImpl", "getPrivateKey failed");
                    throw new CertificateException("no private key found for alias: " + this.alias);
                }
                X509Certificate[] certificateChain = KeyChain.getCertificateChain(this.ctx, this.alias);
                if (certificateChain != null && certificateChain.length > 0) {
                    RecipientInformation recipientInformation = null;
                    CMSEnvelopedDataParser cMSEnvelopedDataParser = new CMSEnvelopedDataParser(this.source);
                    for (X509Certificate x509Certificate : certificateChain) {
                        recipientInformation = cMSEnvelopedDataParser.getRecipientInfos().get(new JceKeyTransRecipientId(x509Certificate));
                        if (recipientInformation != null) {
                            break;
                        }
                    }
                    if (recipientInformation == null) {
                        throw new CMSException("RecipientInformation doesn't exist");
                    }
                    SmimeCryptoImpl.this.checkIfDecryptThreadCancelled();
                    InputStream contentStream = recipientInformation.getContentStream(new JceKeyTransEnvelopedRecipient(privateKey).setProvider("BC")).getContentStream();
                    SmimeCryptoImpl.this.checkIfDecryptThreadCancelled();
                    SmimeUtilities.copyStream(contentStream, this.output);
                    if (contentStream != null) {
                        contentStream.close();
                    }
                    return null;
                }
                throw new CertificateException("no certificate found for alias: " + this.alias);
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        inputStream.close();
                    } catch (IOException e6) {
                        LogUtils.e("SmimeCryptoImpl", "failed to close input stream");
                    }
                }
                throw th;
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public void onPostExecute(Void r4) {
            if (this.listener != null) {
                this.listener.onDecTaskCompleted(this.output, this.taskError);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class EncryptWorker extends AsyncTask<Void, Void, Void> {
        private long accountId;
        private Context ctx;
        private ASN1ObjectIdentifier encryptionOID;
        private IOutputTask listener;
        private OutputStream output;
        private IContact[] receiverInfoList;
        private InputStream source;
        private TaskError taskError = null;
        private String alias = null;

        public EncryptWorker(InputStream inputStream, ASN1ObjectIdentifier aSN1ObjectIdentifier, IContact[] iContactArr, OutputStream outputStream, IOutputTask iOutputTask, Context context, long j) {
            this.source = inputStream;
            this.encryptionOID = aSN1ObjectIdentifier;
            this.receiverInfoList = iContactArr;
            this.output = outputStream;
            this.listener = iOutputTask;
            this.ctx = context;
            this.accountId = j;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public Void doInBackground(Void... voidArr) {
            X509Certificate certificate;
            OutputStream outputStream = null;
            try {
                try {
                    try {
                        try {
                            CMSEnvelopedDataStreamGenerator cMSEnvelopedDataStreamGenerator = new CMSEnvelopedDataStreamGenerator();
                            for (int i = 0; i < this.receiverInfoList.length; i++) {
                                LogUtils.i("SmimeCryptoImpl", "try to add cert");
                                SmimeContact smimeContact = (SmimeContact) this.receiverInfoList[i];
                                this.alias = smimeContact.email;
                                if (this.alias == null) {
                                    LogUtils.e("SmimeCryptoImpl", "receiver.email is null");
                                } else {
                                    if (smimeContact.isAccountAddress) {
                                        certificate = (X509Certificate) SmimeCryptoImpl.this.getSmimeKeyStore().getAccountCertificate(this.ctx, this.alias);
                                    } else {
                                        this.alias = SmimeUtilities.formatAndCheckEmail(this.alias);
                                        certificate = SmimeCryptoImpl.this.getCertificate(this.alias, this.ctx, this.accountId);
                                    }
                                    if (certificate == null) {
                                        LogUtils.w("SmimeCryptoImpl", "no certificate found for alias");
                                    } else {
                                        try {
                                            certificate.checkValidity();
                                            LogUtils.i("SmimeCryptoImpl", "recvCert valid");
                                            if (certificate.getSerialNumber() != null) {
                                                String bigInteger = certificate.getSerialNumber().toString(16);
                                                if (bigInteger.length() < 4) {
                                                    LogUtils.e("SmimeCryptoImpl", "Gal sn length error");
                                                } else {
                                                    LogUtils.i("SmimeCryptoImpl", "Gal get nb: " + bigInteger.substring(bigInteger.length() - 4));
                                                }
                                            }
                                            cMSEnvelopedDataStreamGenerator.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(certificate).setProvider("BC"));
                                            LogUtils.i("SmimeCryptoImpl", "addRecipientInfoGenerator alias success");
                                        } catch (CertificateExpiredException e) {
                                            LogUtils.e("SmimeCryptoImpl", "CertificateExpiredException ", e);
                                        } catch (CertificateNotYetValidException e2) {
                                            LogUtils.e("SmimeCryptoImpl", "CertificateNotYetValidException ", e2);
                                        }
                                    }
                                }
                            }
                            JceCMSContentEncryptorBuilder jceCMSContentEncryptorBuilder = new JceCMSContentEncryptorBuilder(this.encryptionOID);
                            outputStream = cMSEnvelopedDataStreamGenerator.open(this.output, jceCMSContentEncryptorBuilder.setProvider("BC").build());
                            SmimeUtilities.copyStream(this.source, outputStream);
                            jceCMSContentEncryptorBuilder.clearSecretKey();
                        } catch (Throwable th) {
                            if (outputStream != null) {
                                try {
                                    outputStream.close();
                                } catch (IOException e3) {
                                    this.taskError = TaskError.GENERIC_ERROR;
                                }
                            }
                            throw th;
                        }
                    } catch (MessagingException e4) {
                        this.taskError = TaskError.INVALID_PARAMS_ERROR;
                        LogUtils.e("SmimeCryptoImpl", "NullPointerException ", e4);
                        if (outputStream != null) {
                            outputStream.close();
                        }
                    } catch (IOException e5) {
                        this.taskError = TaskError.GENERIC_ERROR;
                        LogUtils.e("SmimeCryptoImpl", "Exception ", e5);
                        if (outputStream != null) {
                            outputStream.close();
                        }
                    }
                } catch (CertificateException e6) {
                    this.taskError = TaskError.PUB_KEY_ERROR;
                    LogUtils.e("SmimeCryptoImpl", "CertificateException ", e6);
                    if (outputStream != null) {
                        outputStream.close();
                    }
                } catch (CMSException e7) {
                    this.taskError = TaskError.GENERIC_ERROR;
                    LogUtils.e("SmimeCryptoImpl", "Exception ", e7);
                    if (outputStream != null) {
                        outputStream.close();
                    }
                }
                if (outputStream != null) {
                    outputStream.close();
                }
            } catch (IOException e8) {
                this.taskError = TaskError.GENERIC_ERROR;
            }
            return null;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public void onPostExecute(Void r4) {
            if (this.listener != null) {
                this.listener.onEncTaskCompleted(this.output, this.taskError);
            }
        }
    }

    static {
        try {
            Security.addProvider(new BouncyCastleProvider());
        } catch (Exception e) {
            LogUtils.e("SmimeCryptoImpl", "Exception", e.toString());
        } catch (NoClassDefFoundError e2) {
            LogUtils.e("SmimeCryptoImpl", "NoClassDefFoundError", e2.toString());
        }
    }

    public void checkIfDecryptThreadCancelled() throws InterruptedException {
        if (this.decryptCancelable != null) {
            this.decryptCancelable.checkIfThreadCancelled();
        }
    }

    public void decrypt(InputStream inputStream, String str, OutputStream outputStream, IOutputTask iOutputTask, Context context) throws NoSuchAlgorithmException, SecurityException {
        if (inputStream != null && str != null && outputStream != null && iOutputTask != null && context != null) {
            new DecryptWorker(inputStream, str, outputStream, iOutputTask, context).execute(new Void[0]);
        } else if (iOutputTask != null) {
            iOutputTask.onDecTaskCompleted(outputStream, TaskError.GENERIC_ERROR);
        }
    }

    public void encrypt(InputStream inputStream, ICrypto.CryptoAlgorithm cryptoAlgorithm, IContact[] iContactArr, OutputStream outputStream, IOutputTask iOutputTask, Context context, long j) throws NoSuchAlgorithmException, SecurityException {
        ASN1ObjectIdentifier aSN1ObjectIdentifier;
        if (inputStream == null || cryptoAlgorithm == null || iContactArr == null || outputStream == null || iOutputTask == null || context == null) {
            LogUtils.w("SmimeCryptoImpl", "something invalid");
            throw new IllegalArgumentException("invalid parameter");
        }
        switch (cryptoAlgorithm) {
            case AES_128_CBC:
                aSN1ObjectIdentifier = CMSAlgorithm.AES128_CBC;
                break;
            case AES_192_CBC:
                aSN1ObjectIdentifier = CMSAlgorithm.AES192_CBC;
                break;
            case AES_256_CBC:
                aSN1ObjectIdentifier = CMSAlgorithm.AES256_CBC;
                break;
            case TRIPLE_DES:
                aSN1ObjectIdentifier = CMSAlgorithm.DES_EDE3_CBC;
                break;
            default:
                throw new NoSuchAlgorithmException("unsupported algorithm");
        }
        try {
            new EncryptWorker(inputStream, aSN1ObjectIdentifier, iContactArr, outputStream, iOutputTask, context, j).execute(new Void[0]);
        } catch (Exception e) {
            throw new SecurityException("security exception");
        }
    }

    protected X509Certificate getCertificate(String str, Context context, long j) {
        try {
            return (X509Certificate) getSmimeKeyStore().getCertificate(str, context, j);
        } catch (CertificateException e) {
            LogUtils.e("SmimeCryptoImpl", "failed to get Certificate");
            return null;
        }
    }

    SmimeKeyStore getSmimeKeyStore() {
        return new SmimeKeyStore();
    }

    public void setDecryptCancelable(SmimeController.Cancellable cancellable) {
        this.decryptCancelable = cancellable;
    }
}
