package mitm.common.security.smime;

import android.util.Log;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import javax.crypto.SecretKey;
import javax.mail.BodyPart;
import javax.mail.MessagingException;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;
import mitm.common.mail.BodyPartUtils;
import mitm.common.mail.HeaderUtils;
import mitm.common.mail.MailSession;
import mitm.common.mail.matcher.ContentHeaderNameMatcher;
import mitm.common.mail.matcher.HeaderMatcher;
import mitm.common.mail.matcher.NotHeaderNameMatcher;
import mitm.common.mail.matcher.ProtectedContentHeaderNameMatcher;
import mitm.common.security.SecurityFactory;
import mitm.common.security.SecurityFactoryFactory;
import mitm.common.security.bouncycastle.X509CertificateHolderStore;
import mitm.common.security.certificate.X509CertificateInspector;
import mitm.common.util.Check;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.DefaultSignedAttributeTableGenerator;
import org.bouncycastle.cms.SignerInfoGeneratorBuilder;
import org.bouncycastle.cms.SimpleAttributeTableGenerator;
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.bouncycastle.cms.jcajce.JceKEKRecipientInfoGenerator;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
import org.bouncycastle.cms.jcajce.ZlibCompressor;
import org.bouncycastle.mail.smime.SMIMECompressedGenerator;
import org.bouncycastle.mail.smime.SMIMEEnvelopedGenerator;
import org.bouncycastle.mail.smime.SMIMEException;
import org.bouncycastle.mail.smime.SMIMESignedGenerator;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;

/* loaded from: classes2.dex */
public class SMIMEBuilderImpl implements SMIMEBuilder {
    private static final String TAG = "SMIMEBuilderImpl";
    private MimeBodyPart bodyPart;
    private SMIMECompressedGenerator compressedGenerator;
    private SMIMEEnvelopedGenerator envelopedGenerator;
    private String nonSensitiveProvider;
    private final HeaderMatcher protectedContentMatcher;
    private SecurityFactory securityFactory;
    private String sensitiveProvider;
    private SMIMESignedGenerator signedGenerator;
    private final MimeMessage sourceMessage;
    private boolean useDeprecatedContentTypes;

    /* loaded from: classes2.dex */
    private static class PrivateSMIMECompressedGenerator extends SMIMECompressedGenerator {
        private PrivateSMIMECompressedGenerator() {
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.bouncycastle.mail.smime.SMIMEGenerator
        public MimeBodyPart makeContentBodyPart(MimeBodyPart mimeBodyPart) throws SMIMEException {
            return mimeBodyPart;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static class PrivateSMIMEEnvelopedGenerator extends SMIMEEnvelopedGenerator {
        private PrivateSMIMEEnvelopedGenerator() {
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.bouncycastle.mail.smime.SMIMEGenerator
        public MimeBodyPart makeContentBodyPart(MimeBodyPart mimeBodyPart) throws SMIMEException {
            return mimeBodyPart;
        }
    }

    /* loaded from: classes2.dex */
    private static class PrivateSMIMESignedGenerator extends SMIMESignedGenerator {
        private PrivateSMIMESignedGenerator() {
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.bouncycastle.mail.smime.SMIMEGenerator
        public MimeBodyPart makeContentBodyPart(MimeBodyPart mimeBodyPart) throws SMIMEException {
            return mimeBodyPart;
        }
    }

    public SMIMEBuilderImpl(MimeMessage mimeMessage) throws MessagingException, IOException {
        this(mimeMessage, ProtectedContentHeaderNameMatcher.DEFAULT_PROTECTED_CONTENT_HEADERS);
    }

    public SMIMEBuilderImpl(MimeMessage mimeMessage, String... strArr) throws MessagingException, IOException {
        ProtectedContentHeaderNameMatcher protectedContentHeaderNameMatcher = new ProtectedContentHeaderNameMatcher(strArr);
        this.protectedContentMatcher = protectedContentHeaderNameMatcher;
        this.sourceMessage = mimeMessage;
        SecurityFactory securityFactory = SecurityFactoryFactory.getSecurityFactory();
        this.securityFactory = securityFactory;
        this.nonSensitiveProvider = securityFactory.getNonSensitiveProvider();
        this.sensitiveProvider = this.securityFactory.getSensitiveProvider();
        this.bodyPart = BodyPartUtils.makeContentBodyPart(mimeMessage, (HeaderMatcher) protectedContentHeaderNameMatcher);
        this.envelopedGenerator = new PrivateSMIMEEnvelopedGenerator();
        this.signedGenerator = new PrivateSMIMESignedGenerator();
        this.compressedGenerator = new PrivateSMIMECompressedGenerator();
    }

    private void addSigner(PrivateKey privateKey, X509Certificate x509Certificate, SMIMESigningAlgorithm sMIMESigningAlgorithm, AttributeTable attributeTable, AttributeTable attributeTable2) throws SMIMEBuilderException {
        try {
            JcaDigestCalculatorProviderBuilder jcaDigestCalculatorProviderBuilder = new JcaDigestCalculatorProviderBuilder();
            jcaDigestCalculatorProviderBuilder.setProvider(this.nonSensitiveProvider);
            SignerInfoGeneratorBuilder signerInfoGeneratorBuilder = new SignerInfoGeneratorBuilder(jcaDigestCalculatorProviderBuilder.build());
            if (attributeTable != null) {
                signerInfoGeneratorBuilder.setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(attributeTable));
            }
            if (attributeTable2 != null) {
                signerInfoGeneratorBuilder.setUnsignedAttributeGenerator(new SimpleAttributeTableGenerator(attributeTable2));
            }
            JcaContentSignerBuilder jcaContentSignerBuilder = new JcaContentSignerBuilder(sMIMESigningAlgorithm.getAlgorithm());
            jcaContentSignerBuilder.setProvider(this.sensitiveProvider);
            this.signedGenerator.addSignerInfoGenerator(signerInfoGeneratorBuilder.build(jcaContentSignerBuilder.build(privateKey), new JcaX509CertificateHolder(x509Certificate)));
        } catch (CertificateEncodingException e) {
            throw new SMIMEBuilderException(e);
        } catch (OperatorCreationException e2) {
            throw new SMIMEBuilderException(e2);
        }
    }

    @Override // mitm.common.security.smime.SMIMEBuilder
    public void addCertificates(Collection<X509Certificate> collection) throws SMIMEBuilderException {
        if (collection == null) {
            return;
        }
        this.signedGenerator.addCertificates(new X509CertificateHolderStore(collection));
    }

    @Override // mitm.common.security.smime.SMIMEBuilder
    public void addCertificates(X509Certificate... x509CertificateArr) throws SMIMEBuilderException {
        if (x509CertificateArr == null) {
            return;
        }
        addCertificates(Arrays.asList(x509CertificateArr));
    }

    @Override // mitm.common.security.smime.SMIMEBuilder
    public void addRecipient(X509Certificate x509Certificate, SMIMERecipientMode sMIMERecipientMode) throws SMIMEBuilderException {
        Check.notNull(x509Certificate, "certificate");
        try {
            byte[] subjectKeyIdentifier = X509CertificateInspector.getSubjectKeyIdentifier(x509Certificate);
            if ((sMIMERecipientMode == SMIMERecipientMode.SUBJECT_KEY_ID_IF_AVAILABLE || sMIMERecipientMode == SMIMERecipientMode.BOTH) && subjectKeyIdentifier != null) {
                JceKeyTransRecipientInfoGenerator jceKeyTransRecipientInfoGenerator = new JceKeyTransRecipientInfoGenerator(subjectKeyIdentifier, x509Certificate.getPublicKey());
                jceKeyTransRecipientInfoGenerator.setProvider(this.nonSensitiveProvider);
                this.envelopedGenerator.addRecipientInfoGenerator(jceKeyTransRecipientInfoGenerator);
            }
            if (sMIMERecipientMode == SMIMERecipientMode.ISSUER_SERIAL || sMIMERecipientMode == SMIMERecipientMode.BOTH || subjectKeyIdentifier == null) {
                JceKeyTransRecipientInfoGenerator jceKeyTransRecipientInfoGenerator2 = new JceKeyTransRecipientInfoGenerator(x509Certificate);
                jceKeyTransRecipientInfoGenerator2.setProvider(this.nonSensitiveProvider);
                this.envelopedGenerator.addRecipientInfoGenerator(jceKeyTransRecipientInfoGenerator2);
            }
        } catch (IOException e) {
            throw new SMIMEBuilderException(e);
        } catch (CertificateEncodingException e2) {
            throw new SMIMEBuilderException(e2);
        }
    }

    @Override // mitm.common.security.smime.SMIMEBuilder
    public void addRecipient(SecretKey secretKey, byte[] bArr) {
        this.envelopedGenerator.addRecipientInfoGenerator(new JceKEKRecipientInfoGenerator(bArr, secretKey));
    }

    @Override // mitm.common.security.smime.SMIMEBuilder
    public void addSigner(PrivateKey privateKey, X509Certificate x509Certificate, SMIMESigningAlgorithm sMIMESigningAlgorithm) throws SMIMEBuilderException {
        try {
            addSigner(privateKey, x509Certificate, sMIMESigningAlgorithm, SMIMEAttributeUtils.getDefaultSignedAttributes(), (AttributeTable) null);
        } catch (IOException e) {
            throw new SMIMEBuilderException(e);
        }
    }

    @Override // mitm.common.security.smime.SMIMEBuilder
    public void addSigner(PrivateKey privateKey, X509Certificate x509Certificate, SMIMESigningAlgorithm sMIMESigningAlgorithm, X509Certificate x509Certificate2) throws SMIMEBuilderException {
        try {
            addSigner(privateKey, x509Certificate, sMIMESigningAlgorithm, SMIMEAttributeUtils.getDefaultSignedAttributes(x509Certificate2), (AttributeTable) null);
        } catch (IOException e) {
            throw new SMIMEBuilderException(e);
        }
    }

    @Override // mitm.common.security.smime.SMIMEBuilder
    public void addSigner(PrivateKey privateKey, byte[] bArr, SMIMESigningAlgorithm sMIMESigningAlgorithm) throws SMIMEBuilderException {
        try {
            addSigner(privateKey, bArr, sMIMESigningAlgorithm, SMIMEAttributeUtils.getDefaultSignedAttributes(), (AttributeTable) null);
        } catch (IOException e) {
            throw new SMIMEBuilderException(e);
        }
    }

    public void addSigner(PrivateKey privateKey, byte[] bArr, SMIMESigningAlgorithm sMIMESigningAlgorithm, AttributeTable attributeTable, AttributeTable attributeTable2) throws SMIMEBuilderException {
        try {
            JcaDigestCalculatorProviderBuilder jcaDigestCalculatorProviderBuilder = new JcaDigestCalculatorProviderBuilder();
            jcaDigestCalculatorProviderBuilder.setProvider(this.nonSensitiveProvider);
            SignerInfoGeneratorBuilder signerInfoGeneratorBuilder = new SignerInfoGeneratorBuilder(jcaDigestCalculatorProviderBuilder.build());
            if (attributeTable != null) {
                signerInfoGeneratorBuilder.setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(attributeTable));
            }
            if (attributeTable2 != null) {
                signerInfoGeneratorBuilder.setUnsignedAttributeGenerator(new SimpleAttributeTableGenerator(attributeTable2));
            }
            JcaContentSignerBuilder jcaContentSignerBuilder = new JcaContentSignerBuilder(sMIMESigningAlgorithm.getAlgorithm());
            jcaContentSignerBuilder.setProvider(this.sensitiveProvider);
            this.signedGenerator.addSignerInfoGenerator(signerInfoGeneratorBuilder.build(jcaContentSignerBuilder.build(privateKey), bArr));
        } catch (OperatorCreationException e) {
            throw new SMIMEBuilderException(e);
        }
    }

    @Override // mitm.common.security.smime.SMIMEBuilder
    public MimeMessage buildMessage() throws SMIMEBuilderException, MessagingException {
        try {
            MimeMessage mimeMessage = new MimeMessage(MailSession.getDefaultSession());
            mimeMessage.setContent(this.bodyPart.getContent(), this.bodyPart.getContentType());
            ContentHeaderNameMatcher contentHeaderNameMatcher = new ContentHeaderNameMatcher();
            HeaderUtils.copyHeaders(this.bodyPart, mimeMessage, contentHeaderNameMatcher);
            HeaderUtils.copyHeaders(this.sourceMessage, mimeMessage, new NotHeaderNameMatcher(contentHeaderNameMatcher));
            mimeMessage.saveChanges();
            return mimeMessage;
        } catch (IOException e) {
            throw new SMIMEBuilderException(e);
        }
    }

    @Override // mitm.common.security.smime.SMIMEBuilder
    public void compress() throws SMIMEBuilderException {
        try {
            MimeBodyPart generate = this.compressedGenerator.generate(this.bodyPart, new ZlibCompressor());
            this.bodyPart = generate;
            if (this.useDeprecatedContentTypes) {
                generate.setHeader("Content-Type", SMIMEHeader.DEPRECATED_COMPRESSED_CONTENT_TYPE);
            }
            this.compressedGenerator = new PrivateSMIMECompressedGenerator();
        } catch (MessagingException e) {
            throw new SMIMEBuilderException(e);
        } catch (SMIMEException e2) {
            throw new SMIMEBuilderException(e2);
        }
    }

    @Override // mitm.common.security.smime.SMIMEBuilder
    public void encrypt(SMIMEEncryptionAlgorithm sMIMEEncryptionAlgorithm) throws SMIMEBuilderException {
        encrypt(sMIMEEncryptionAlgorithm, sMIMEEncryptionAlgorithm.defaultKeySize());
    }

    @Override // mitm.common.security.smime.SMIMEBuilder
    public void encrypt(SMIMEEncryptionAlgorithm sMIMEEncryptionAlgorithm, int i) throws SMIMEBuilderException {
        try {
            JceCMSContentEncryptorBuilder jceCMSContentEncryptorBuilder = new JceCMSContentEncryptorBuilder(sMIMEEncryptionAlgorithm.getOID(), i);
            jceCMSContentEncryptorBuilder.setProvider(this.nonSensitiveProvider);
            jceCMSContentEncryptorBuilder.setSecureRandom(this.securityFactory.createSecureRandom());
            MimeBodyPart generate = this.envelopedGenerator.generate(this.bodyPart, jceCMSContentEncryptorBuilder.build());
            this.bodyPart = generate;
            if (this.useDeprecatedContentTypes) {
                generate.setHeader("Content-Type", SMIMEHeader.DEPRECATED_ENCRYPTED_CONTENT_TYPE);
            }
            this.envelopedGenerator = new PrivateSMIMEEnvelopedGenerator();
        } catch (NoSuchAlgorithmException e) {
            throw new SMIMEBuilderException(e);
        } catch (NoSuchProviderException e2) {
            throw new SMIMEBuilderException(e2);
        } catch (MessagingException e3) {
            throw new SMIMEBuilderException(e3);
        } catch (CMSException e4) {
            throw new SMIMEBuilderException(e4);
        } catch (SMIMEException e5) {
            throw new SMIMEBuilderException(e5);
        }
    }

    public String getNonSensitiveProvider() {
        return this.nonSensitiveProvider;
    }

    public String getSensitiveProvider() {
        return this.sensitiveProvider;
    }

    @Override // mitm.common.security.smime.SMIMEBuilder
    public boolean isUseDeprecatedContentTypes() {
        return this.useDeprecatedContentTypes;
    }

    public void setNonSensitiveProvider(String str) {
        this.nonSensitiveProvider = str;
    }

    public void setSensitiveProvider(String str) {
        this.sensitiveProvider = str;
    }

    @Override // mitm.common.security.smime.SMIMEBuilder
    public void setUseDeprecatedContentTypes(boolean z) {
        this.useDeprecatedContentTypes = z;
    }

    @Override // mitm.common.security.smime.SMIMEBuilder
    public void sign(SMIMESignMode sMIMESignMode) throws SMIMEBuilderException {
        BodyPart[] dissectSigned;
        String str = TAG;
        Log.d(str, "Sign mode " + sMIMESignMode.getName());
        try {
            if (sMIMESignMode == SMIMESignMode.CLEAR) {
                MimeMultipart generate = this.signedGenerator.generate(this.bodyPart);
                if (this.useDeprecatedContentTypes && (dissectSigned = SMIMEUtils.dissectSigned(generate)) != null) {
                    dissectSigned[1].setHeader("Content-Type", SMIMEHeader.DEPRECATED_DETACHED_SIGNATURE_TYPE);
                }
                MimeMessage mimeMessage = new MimeMessage(MailSession.getDefaultSession());
                mimeMessage.setContent(generate);
                mimeMessage.saveChanges();
                this.bodyPart = BodyPartUtils.makeContentBodyPart(mimeMessage, this.protectedContentMatcher);
                Log.d(str, "Signed successfully 1");
            } else {
                if (sMIMESignMode != SMIMESignMode.OPAQUE) {
                    throw new IllegalArgumentException("Unknown signMode.");
                }
                MimeBodyPart generateEncapsulated = this.signedGenerator.generateEncapsulated(this.bodyPart);
                this.bodyPart = generateEncapsulated;
                if (this.useDeprecatedContentTypes) {
                    generateEncapsulated.setHeader("Content-Type", SMIMEHeader.DEPRECATED_ENCAPSULATED_SIGNED_CONTENT_TYPE);
                }
                Log.d(str, "Signed successfully 2");
            }
            this.signedGenerator = new PrivateSMIMESignedGenerator();
        } catch (IOException e) {
            throw new SMIMEBuilderException(e);
        } catch (MessagingException e2) {
            throw new SMIMEBuilderException(e2);
        } catch (SMIMEException e3) {
            throw new SMIMEBuilderException(e3);
        }
    }
}
