package com.ibm.ega.android.kvconnect.data.repositories.kvconnect;

import android.os.Build;
import arrow.core.Either;
import com.ibm.ega.android.common.errors.BuildVersionNotSupportedException;
import com.ibm.ega.android.common.f;
import com.ibm.ega.android.common.file.FileType;
import com.ibm.ega.android.common.util.SMimeHandler;
import com.ibm.ega.android.kvconnect.models.item.Message;
import com.ibm.ega.android.kvconnect.models.item.Sender;
import com.ibm.ega.android_openssl.OpenSSL;
import com.ibm.ega.android_openssl.OpenSSLException;
import com.ibm.ega.document.models.kvconnect.KvConnectAttachment;
import com.ibm.ega.document.models.kvconnect.KvConnectMessageDTO;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import javax.mail.Address;
import javax.mail.BodyPart;
import javax.mail.Session;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin.TypeCastException;
import kotlin.collections.r;
import kotlin.collections.y;
import kotlin.jvm.internal.o;
import kotlin.jvm.internal.s;
import kotlin.text.Regex;
import kotlin.text.StringsKt__StringsKt;
import kotlin.text.j;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.x500.AttributeTypeAndValue;
import org.spongycastle.asn1.x500.RDN;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x500.style.BCStyle;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import org.spongycastle.cms.CMSAttributeTableGenerator;
import org.spongycastle.cms.SignerInformation;

@Metadata(bv = {1, 0, 3}, d1 = {"\u0000l\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010 \n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\u0018\u0000 #2\u00020\u0001:\u0001#B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u0018\u0010\u0007\u001a\u00020\u00032\u0006\u0010\u0002\u001a\u00020\u00032\u0006\u0010\b\u001a\u00020\tH\u0002JB\u0010\n\u001a\u0018\u0012\u0004\u0012\u00020\f\u0012\u0004\u0012\u00020\r0\u000bj\b\u0012\u0004\u0012\u00020\r`\u000e2\u0006\u0010\u000f\u001a\u00020\r2\u0006\u0010\u0010\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u00132\f\u0010\u0014\u001a\b\u0012\u0004\u0012\u00020\u00130\u0015J\u000e\u0010\u0016\u001a\u00020\u00172\u0006\u0010\u000f\u001a\u00020\rJ\u001c\u0010\u0018\u001a\n\u0012\u0004\u0012\u00020\u0019\u0018\u00010\u0015*\u00020\u001a2\u0006\u0010\u0002\u001a\u00020\u0003H\u0002J\f\u0010\u001b\u001a\u00020\u0013*\u00020\u001aH\u0002J\u000e\u0010\u001c\u001a\u0004\u0018\u00010\u001a*\u00020\u001aH\u0002J\u0014\u0010\u001d\u001a\u00020\t*\u00020\u001e2\u0006\u0010\u001f\u001a\u00020 H\u0002J\f\u0010!\u001a\u00020\t*\u00020\"H\u0002J\f\u0010!\u001a\u00020\t*\u00020\u0013H\u0002R\u000e\u0010\u0005\u001a\u00020\u0006X\u0082.¢\u0006\u0002\n\u0000R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006$"}, d2 = {"Lcom/ibm/ega/android/kvconnect/data/repositories/kvconnect/KVConnectMessageTransformer;", "", "tempDir", "Ljava/io/File;", "(Ljava/io/File;)V", "openssl", "Lcom/ibm/ega/android_openssl/OpenSSL;", "createTempFile", "ofExtension", "", "decrypt", "Larrow/core/Either;", "Lcom/ibm/ega/android/common/EgaError;", "Lcom/ibm/ega/document/models/kvconnect/KvConnectMessageDTO;", "Lcom/ibm/ega/android/common/types/EgaEither;", "dto", "using", "Lcom/ibm/ega/android/communication/encryption/EgaKeyPair;", "recipientCertificate", "Ljava/security/cert/X509Certificate;", "kvConnectCertificateChain", "", "toItem", "Lcom/ibm/ega/android/kvconnect/models/item/KVConnect$Message;", "extractAttachments", "Lcom/ibm/ega/document/models/kvconnect/KvConnectAttachment;", "Ljavax/mail/internet/MimeMultipart;", "extractCertificate", "extractContent", "rdn", "Lorg/spongycastle/asn1/x500/X500Name;", "objectIdentifier", "Lorg/spongycastle/asn1/ASN1ObjectIdentifier;", "toPem", "Ljava/security/PrivateKey;", "Companion", "kvconnect_release"}, k = 1, mv = {1, 1, 15})
/* renamed from: com.ibm.ega.android.kvconnect.data.repositories.kvconnect.b, reason: from Kotlin metadata */
/* loaded from: classes2.dex */
public final class KVConnectMessageTransformer {

    /* renamed from: a, reason: collision with root package name */
    private OpenSSL f11883a;
    private final File b;

    /* renamed from: com.ibm.ega.android.kvconnect.data.repositories.kvconnect.b$a */
    /* loaded from: classes2.dex */
    public static final class a extends com.google.gson.u.a<List<? extends KvConnectMessageDTO>> {
        a() {
        }
    }

    /* renamed from: com.ibm.ega.android.kvconnect.data.repositories.kvconnect.b$b */
    /* loaded from: classes2.dex */
    public static final class b extends com.google.gson.u.a<KvConnectMessageDTO> {
        b() {
        }
    }

    /* renamed from: com.ibm.ega.android.kvconnect.data.repositories.kvconnect.b$c */
    /* loaded from: classes2.dex */
    public static final class c {
        private c() {
        }

        public /* synthetic */ c(o oVar) {
            this();
        }
    }

    static {
        new c(null);
        new b();
        new a();
    }

    public KVConnectMessageTransformer(File file) {
        s.b(file, "tempDir");
        this.b = file;
    }

    private final File a(File file, String str) {
        if (!file.exists()) {
            file.mkdirs();
        }
        if (!file.isDirectory()) {
            throw new IOException("No such directory: " + file.getAbsolutePath());
        }
        File createTempFile = File.createTempFile("_doc", '.' + str, file);
        s.a((Object) createTempFile, "File.createTempFile(\n   …        tempDir\n        )");
        return createTempFile;
    }

    private final String a(PrivateKey privateKey) {
        return com.ibm.ega.android.common.util.e.f11017a.a(privateKey);
    }

    private final String a(X509Certificate x509Certificate) {
        return com.ibm.ega.android.common.util.e.f11017a.a(x509Certificate);
    }

    private final String a(X500Name x500Name, ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        RDN rdn = x500Name.getRDNs(aSN1ObjectIdentifier)[0];
        s.a((Object) rdn, "this.getRDNs(objectIdentifier)[0]");
        AttributeTypeAndValue first = rdn.getFirst();
        s.a((Object) first, "this.getRDNs(objectIdentifier)[0].first");
        return first.getValue().toString();
    }

    private final X509Certificate a(MimeMultipart mimeMultipart) {
        List<Pair<SignerInformation, X509CertificateHolder>> a2 = com.ibm.ega.android.common.types.a.a(mimeMultipart);
        if (a2.isEmpty()) {
            throw new IllegalStateException("No certificate found in email");
        }
        if (a2.size() > 1) {
            throw new IllegalStateException("More than one certificate found in email");
        }
        X509Certificate certificate = new JcaX509CertificateConverter().getCertificate(com.ibm.ega.android.common.types.a.a(mimeMultipart).get(0).getSecond());
        s.a((Object) certificate, "JcaX509CertificateConver…ificates().get(0).second)");
        return certificate;
    }

    private final List<KvConnectAttachment> a(MimeMultipart mimeMultipart, File file) {
        boolean a2;
        ArrayList arrayList = new ArrayList();
        int count = mimeMultipart.getCount();
        for (int i2 = 0; i2 < count; i2++) {
            BodyPart bodyPart = mimeMultipart.getBodyPart(i2);
            if (bodyPart == null) {
                throw new TypeCastException("null cannot be cast to non-null type javax.mail.internet.MimeBodyPart");
            }
            MimeBodyPart mimeBodyPart = (MimeBodyPart) bodyPart;
            String contentType = mimeBodyPart.getContentType();
            for (FileType fileType : FileType.values()) {
                s.a((Object) contentType, CMSAttributeTableGenerator.CONTENT_TYPE);
                a2 = StringsKt__StringsKt.a((CharSequence) contentType, (CharSequence) fileType.getMimeType(), false, 2, (Object) null);
                if (a2) {
                    File a3 = a(file, fileType.getExtension());
                    String fileName = mimeBodyPart.getFileName();
                    if (fileName == null) {
                        fileName = "";
                    }
                    mimeBodyPart.saveFile(a3);
                    arrayList.add(new KvConnectAttachment(fileName, fileType, null, a3, 0L, 20, null));
                }
            }
        }
        return arrayList;
    }

    private final MimeMultipart b(MimeMultipart mimeMultipart) {
        try {
            BodyPart bodyPart = mimeMultipart.getBodyPart(0);
            s.a((Object) bodyPart, "this.getBodyPart(0)");
            Object content = bodyPart.getContent();
            if (content != null) {
                return (MimeMultipart) content;
            }
            throw new TypeCastException("null cannot be cast to non-null type javax.mail.internet.MimeMultipart");
        } catch (Exception e2) {
            o.a.a.a(e2, "Couldn't extract content", new Object[0]);
            return null;
        }
    }

    public final Either<f, KvConnectMessageDTO> a(KvConnectMessageDTO kvConnectMessageDTO, com.ibm.ega.android.communication.encryption.e eVar, X509Certificate x509Certificate, List<? extends X509Certificate> list) {
        int a2;
        List b2;
        CharSequence a3;
        s.b(kvConnectMessageDTO, "dto");
        s.b(eVar, "using");
        s.b(x509Certificate, "recipientCertificate");
        s.b(list, "kvConnectCertificateChain");
        if (Build.VERSION.SDK_INT <= 22) {
            throw new BuildVersionNotSupportedException("Currently KvConnect is not supported for Lollipop");
        }
        this.f11883a = new OpenSSL();
        o.a.a.a("Start decrypting and verifying email " + kvConnectMessageDTO.getId(), new Object[0]);
        Session session = Session.getInstance(new Properties());
        PrivateKey a4 = eVar.a();
        a2 = r.a(list, 10);
        ArrayList arrayList = new ArrayList(a2);
        Iterator<T> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(a((X509Certificate) it.next()));
        }
        String a5 = a(x509Certificate);
        o.a.a.a("Decrypting outer message", new Object[0]);
        try {
            OpenSSL openSSL = this.f11883a;
            if (openSSL == null) {
                s.d("openssl");
                throw null;
            }
            String str = new String(openSSL.decrypt(kvConnectMessageDTO.getEmail(), a(a4), a5), kotlin.text.d.f23144a);
            o.a.a.a("Verify outer mail", new Object[0]);
            try {
                OpenSSL openSSL2 = this.f11883a;
                if (openSSL2 == null) {
                    s.d("openssl");
                    throw null;
                }
                Object[] array = arrayList.toArray(new String[0]);
                if (array == null) {
                    throw new TypeCastException("null cannot be cast to non-null type kotlin.Array<T>");
                }
                String str2 = new String(openSSL2.verify(str, a5, (String[]) array), kotlin.text.d.f23144a);
                o.a.a.a("Decrypting inner mail", new Object[0]);
                j find$default = Regex.find$default(new Regex("\\r\\n\\r\\n"), str2, 0, 2, null);
                if (find$default != null) {
                    a3 = StringsKt__StringsKt.a(str2, find$default.a().getF23160a(), find$default.a().getB());
                    str2 = a3.toString();
                }
                try {
                    OpenSSL openSSL3 = this.f11883a;
                    if (openSSL3 == null) {
                        s.d("openssl");
                        throw null;
                    }
                    String str3 = new String(openSSL3.decrypt(str2, a(a4), a5), kotlin.text.d.f23144a);
                    o.a.a.a("Extract signers cert", new Object[0]);
                    try {
                        OpenSSL openSSL4 = this.f11883a;
                        if (openSSL4 == null) {
                            s.d("openssl");
                            throw null;
                        }
                        String str4 = new String(openSSL4.extractSigner(str3, a5), kotlin.text.d.f23144a);
                        o.a.a.a("Verify inner mail", new Object[0]);
                        b2 = y.b((Collection) arrayList);
                        b2.add(str4);
                        try {
                            OpenSSL openSSL5 = this.f11883a;
                            if (openSSL5 == null) {
                                s.d("openssl");
                                throw null;
                            }
                            Object[] array2 = b2.toArray(new String[0]);
                            if (array2 == null) {
                                throw new TypeCastException("null cannot be cast to non-null type kotlin.Array<T>");
                            }
                            new String(openSSL5.verify(str3, a5, (String[]) array2), kotlin.text.d.f23144a);
                            o.a.a.a("Verify signer certificate", new Object[0]);
                            byte[] bytes = str3.getBytes(kotlin.text.d.f23144a);
                            s.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
                            Object content = new MimeMessage(session, new ByteArrayInputStream(bytes)).getContent();
                            if (content == null) {
                                throw new TypeCastException("null cannot be cast to non-null type javax.mail.internet.MimeMultipart");
                            }
                            MimeMultipart mimeMultipart = (MimeMultipart) content;
                            Charset charset = kotlin.text.d.f23144a;
                            if (str2 == null) {
                                throw new TypeCastException("null cannot be cast to non-null type java.lang.String");
                            }
                            byte[] bytes2 = str2.getBytes(charset);
                            s.a((Object) bytes2, "(this as java.lang.String).getBytes(charset)");
                            Address[] from = new MimeMessage(session, new ByteArrayInputStream(bytes2)).getFrom();
                            s.a((Object) from, "MimeMessage(\n           …utStream()\n        ).from");
                            Object e2 = kotlin.collections.f.e(from);
                            if (e2 == null) {
                                throw new TypeCastException("null cannot be cast to non-null type javax.mail.internet.InternetAddress");
                            }
                            SMimeHandler.f11018a.a(((InternetAddress) e2).getAddress(), mimeMultipart);
                            o.a.a.a("Finished decrypting and verifying email", new Object[0]);
                            return Either.f2828a.b(new KvConnectMessageDTO(kvConnectMessageDTO.getId(), str3, a(mimeMultipart)));
                        } catch (OpenSSLException e3) {
                            o.a.a.b("Verification failed with " + e3.getMessage(), new Object[0]);
                            throw e3;
                        }
                    } catch (OpenSSLException e4) {
                        o.a.a.b("Extracting signers cert failed with " + e4.getMessage(), new Object[0]);
                        throw e4;
                    }
                } catch (OpenSSLException e5) {
                    o.a.a.b("Decryption failed with " + e5.getMessage(), new Object[0]);
                    throw e5;
                }
            } catch (OpenSSLException e6) {
                o.a.a.b("Verification failed with " + e6.getMessage(), new Object[0]);
                throw e6;
            }
        } catch (OpenSSLException e7) {
            o.a.a.b("Decryption failed with " + e7.getMessage(), new Object[0]);
            throw e7;
        }
    }

    public final Message a(KvConnectMessageDTO kvConnectMessageDTO) {
        s.b(kvConnectMessageDTO, "dto");
        Session session = Session.getInstance(new Properties());
        String email = kvConnectMessageDTO.getEmail();
        Charset charset = kotlin.text.d.f23144a;
        if (email == null) {
            throw new TypeCastException("null cannot be cast to non-null type java.lang.String");
        }
        byte[] bytes = email.getBytes(charset);
        s.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
        Object content = new MimeMessage(session, new ByteArrayInputStream(bytes)).getContent();
        if (content == null) {
            throw new TypeCastException("null cannot be cast to non-null type javax.mail.internet.MimeMultipart");
        }
        X509Certificate senderCertificate = kvConnectMessageDTO.getSenderCertificate();
        MimeMultipart b2 = b((MimeMultipart) content);
        X500Name a2 = com.ibm.ega.android.common.types.b.a(senderCertificate);
        String id = kvConnectMessageDTO.getId();
        ASN1ObjectIdentifier aSN1ObjectIdentifier = BCStyle.EmailAddress;
        s.a((Object) aSN1ObjectIdentifier, "BCStyle.EmailAddress");
        String a3 = a(a2, aSN1ObjectIdentifier);
        ASN1ObjectIdentifier aSN1ObjectIdentifier2 = BCStyle.CN;
        s.a((Object) aSN1ObjectIdentifier2, "BCStyle.CN");
        return new Message(id, new Sender(a3, a(a2, aSN1ObjectIdentifier2), senderCertificate), b2 != null ? a(b2, this.b) : null, null, null, 24, null);
    }
}
