package com.ibm.ega.android.common.smime;

import com.ibm.ega.android.common.errors.SignatureVerificationException;
import com.ibm.ega.android.common.smime.handlers.HtmlTextContentHandler;
import com.ibm.ega.android.common.smime.handlers.MultipartMixedContentHandler;
import com.ibm.ega.android.common.smime.handlers.RFC822MessageContentHandler;
import com.ibm.ega.android.common.smime.handlers.TextContentHandler;
import com.ibm.ega.android.common.smime.handlers.XmlTextContentHandler;
import com.ibm.ega.android.common.smime.handlers.k;
import com.ibm.ega.android.common.smime.handlers.m;
import com.ibm.ega.android.common.smime.handlers.n;
import com.ibm.ega.android.common.smime.handlers.o;
import com.ibm.health.common.logging.LogBlock;
import com.ibm.health.common.logging.Lumber;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.security.AccessController;
import java.security.PrivateKey;
import java.security.PrivilegedAction;
import java.security.cert.CertStore;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
import java.util.Properties;
import java.util.Set;
import javax.activation.l;
import javax.mail.Address;
import javax.mail.f;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.g;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt___CollectionsKt;
import kotlin.collections.h;
import kotlin.collections.i0;
import kotlin.collections.r;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.Lambda;
import kotlin.jvm.internal.q;
import kotlin.jvm.internal.u;
import kotlin.reflect.KClass;
import kotlin.text.Charsets;
import kotlin.text.StringsKt__StringsKt;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cms.CMSEnvelopedDataParser;
import org.bouncycastle.cms.CMSSignedDataParser;
import org.bouncycastle.cms.RecipientInformation;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
import org.bouncycastle.i18n.ErrorBundle;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.mail.smime.SMIMEEnvelopedParser;
import org.bouncycastle.mail.smime.validator.SignedMailValidator;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.bouncycastle.util.Selector;

@Metadata(bv = {1, 0, 3}, d1 = {"\u0000n\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0012\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0002\n\u0002\b\u0006\n\u0002\u0010 \n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0007\bÆ\u0002\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b3\u00104J\u001b\u0010\u0006\u001a\u00020\u0005*\u00020\u00022\u0006\u0010\u0004\u001a\u00020\u0003H\u0002¢\u0006\u0004\b\u0006\u0010\u0007J\u001f\u0010\r\u001a\u00020\f2\b\u0010\t\u001a\u0004\u0018\u00010\b2\u0006\u0010\u000b\u001a\u00020\n¢\u0006\u0004\b\r\u0010\u000eJ\u0015\u0010\u0010\u001a\u00020\u00052\u0006\u0010\u000f\u001a\u00020\u0005¢\u0006\u0004\b\u0010\u0010\u0011JX\u0010\u001f\u001a\u00020\f2\u0006\u0010\u0012\u001a\u00020\u00052\f\u0010\u0015\u001a\b\u0012\u0004\u0012\u00020\u00140\u00132\n\b\u0002\u0010\u0016\u001a\u0004\u0018\u00010\b2'\b\u0002\u0010\u001e\u001a!\u0012\u0017\u0012\u00150\u0018R\u00020\u0019¢\u0006\f\b\u001a\u0012\b\b\u001b\u0012\u0004\b\b(\u001c\u0012\u0004\u0012\u00020\u001d0\u0017¢\u0006\u0004\b\u001f\u0010 J\u0015\u0010\"\u001a\u00020\n2\u0006\u0010!\u001a\u00020\u0005¢\u0006\u0004\b\"\u0010#J\u0017\u0010%\u001a\u0004\u0018\u00010$2\u0006\u0010!\u001a\u00020\b¢\u0006\u0004\b%\u0010&J\u0015\u0010)\u001a\u00020(2\u0006\u0010'\u001a\u00020\u0005¢\u0006\u0004\b)\u0010*J\u0017\u0010,\u001a\u0004\u0018\u00010\b2\u0006\u0010+\u001a\u00020\u0005¢\u0006\u0004\b,\u0010-J\u001d\u00100\u001a\u00020\u00052\u0006\u0010/\u001a\u00020.2\u0006\u0010\u0004\u001a\u00020\u0003¢\u0006\u0004\b0\u00101J\u001d\u00102\u001a\u00020\u00052\u0006\u0010!\u001a\u00020.2\u0006\u0010\u0004\u001a\u00020\u0003¢\u0006\u0004\b2\u00101¨\u00065"}, d2 = {"Lcom/ibm/ega/android/common/smime/SMimeHandler;", "", "Lorg/bouncycastle/cms/CMSEnvelopedDataParser;", "Ljava/security/PrivateKey;", "privateKey", "", "a", "(Lorg/bouncycastle/cms/CMSEnvelopedDataParser;Ljava/security/PrivateKey;)[B", "", "senderMailAddress", "Ljavax/mail/internet/MimeMultipart;", "messageDecrypted", "", "verifyOwnership", "(Ljava/lang/String;Ljavax/mail/internet/MimeMultipart;)V", "decryptedDocument", "verifyDocument", "([B)[B", "decryptedMessage", "", "Ljava/security/cert/X509Certificate;", "certChain", "sender", "Lkotlin/Function1;", "Lorg/bouncycastle/mail/smime/validator/SignedMailValidator$ValidationResult;", "Lorg/bouncycastle/mail/smime/validator/SignedMailValidator;", "Lkotlin/ParameterName;", "name", "result", "", "validate", "verifyMail", "([BLjava/util/List;Ljava/lang/String;Lkotlin/jvm/functions/Function1;)V", "encryptedMessage", "parseCmsMail", "([B)Ljavax/mail/internet/MimeMultipart;", "Ljavax/mail/internet/InternetAddress;", "parseSender", "(Ljava/lang/String;)Ljavax/mail/internet/InternetAddress;", "cmsBytes", "Ljava/io/ByteArrayInputStream;", "parseCmsDocument", "([B)Ljava/io/ByteArrayInputStream;", "mimeMessageRaw", "parseExtension", "([B)Ljava/lang/String;", "Ljava/io/InputStream;", "encryptedBytes", "decryptDocument", "(Ljava/io/InputStream;Ljava/security/PrivateKey;)[B", "decryptMail", "<init>", "()V", "common_release"}, k = 1, mv = {1, 5, 1})
/* loaded from: classes3.dex */
public final class SMimeHandler {
    public static final SMimeHandler a = new SMimeHandler();

    /* loaded from: classes3.dex */
    public static final class a extends Lambda implements Function1<SignedMailValidator.ValidationResult, Boolean> {
        public static final a a = new a();

        a() {
            super(1);
        }

        public final boolean a(SignedMailValidator.ValidationResult validationResult) {
            return validationResult.isValidSignature();
        }

        @Override // kotlin.jvm.functions.Function1
        public /* bridge */ /* synthetic */ Boolean invoke(SignedMailValidator.ValidationResult validationResult) {
            return Boolean.valueOf(a(validationResult));
        }
    }

    @Metadata(bv = {1, 0, 3}, d1 = {"\u0000\u001d\n\u0000\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0003\n\u0002\u0010\u000b\n\u0002\b\u0003*\u0001\u0000\b\n\u0018\u00002\b\u0012\u0004\u0012\u00020\u00020\u0001J\u000f\u0010\u0004\u001a\u00020\u0003H\u0016¢\u0006\u0004\b\u0004\u0010\u0005J\u0019\u0010\b\u001a\u00020\u00072\b\u0010\u0006\u001a\u0004\u0018\u00010\u0002H\u0016¢\u0006\u0004\b\b\u0010\t¨\u0006\n"}, d2 = {"com/ibm/ega/android/common/smime/SMimeHandler$verifyOwnership$senderCertificateMailAddress$1$1", "Lorg/bouncycastle/util/Selector;", "Lorg/bouncycastle/cert/X509CertificateHolder;", "", "clone", "()Ljava/lang/Object;", "obj", "", "match", "(Lorg/bouncycastle/cert/X509CertificateHolder;)Z", "common_release"}, k = 1, mv = {1, 5, 1})
    /* loaded from: classes3.dex */
    public static final class b implements Selector<X509CertificateHolder> {
        final /* synthetic */ SignerInformation a;

        b(SignerInformation signerInformation) {
            this.a = signerInformation;
        }

        @Override // org.bouncycastle.util.Selector
        /* renamed from: a */
        public boolean match(X509CertificateHolder x509CertificateHolder) {
            if (x509CertificateHolder == null) {
                return false;
            }
            IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(x509CertificateHolder.toASN1Structure());
            return q.c(issuerAndSerialNumber.getName(), this.a.getSID().getIssuer()) && q.c(issuerAndSerialNumber.getSerialNumber().getValue(), this.a.getSID().getSerialNumber());
        }

        @Override // org.bouncycastle.util.Selector
        public Object clone() {
            return clone();
        }
    }

    static {
        Map m2;
        javax.activation.c c = javax.activation.c.c();
        Objects.requireNonNull(c, "null cannot be cast to non-null type javax.activation.MailcapCommandMap");
        final l lVar = (l) c;
        m2 = i0.m(kotlin.l.a("application/pkcs7-signature", u.b(m.class)), kotlin.l.a("application/pkcs7-mime", u.b(com.ibm.ega.android.common.smime.handlers.l.class)), kotlin.l.a("application/x-pkcs7-signature", u.b(o.class)), kotlin.l.a("application/x-pkcs7-mime", u.b(n.class)), kotlin.l.a("multipart/signed", u.b(k.class)), kotlin.l.a("multipart/mixed", u.b(MultipartMixedContentHandler.class)), kotlin.l.a("message/rfc822", u.b(RFC822MessageContentHandler.class)), kotlin.l.a("text/plain", u.b(TextContentHandler.class)), kotlin.l.a("text/html", u.b(HtmlTextContentHandler.class)), kotlin.l.a("text/xml", u.b(XmlTextContentHandler.class)), kotlin.l.a("application/xml", u.b(XmlTextContentHandler.class)));
        for (Map.Entry entry : m2.entrySet()) {
            lVar.e(((String) entry.getKey()) + ";; x-java-content-handler=" + ((Object) ((KClass) entry.getValue()).l()));
        }
        AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ega.android.common.smime.b
            @Override // java.security.PrivilegedAction
            public final Object run() {
                Object a2;
                a2 = SMimeHandler.a(l.this);
                return a2;
            }
        });
    }

    private SMimeHandler() {
    }

    public static final Object a(l lVar) {
        javax.activation.c.d(lVar);
        return null;
    }

    public static final String b() {
        return "More than one sender mail address found";
    }

    public static final String c(ErrorBundle errorBundle) {
        return errorBundle.getDetail(Locale.US);
    }

    private final byte[] d(CMSEnvelopedDataParser cMSEnvelopedDataParser, PrivateKey privateKey) {
        ArrayList arrayList = new ArrayList();
        for (Iterator it = cMSEnvelopedDataParser.getRecipientInfos().getRecipients().iterator(); it.hasNext(); it = it) {
            try {
                return ((RecipientInformation) it.next()).getContent(new JceKeyTransEnvelopedRecipient(privateKey));
            } catch (Exception e2) {
                arrayList.add(e2);
            }
        }
        throw ((Throwable) kotlin.collections.o.c0(arrayList));
    }

    public static final String e() {
        return "Signer certificate does not match with the email sender";
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static /* synthetic */ void r(SMimeHandler sMimeHandler, byte[] bArr, List list, String str, Function1 function1, int i2, Object obj) {
        if ((i2 & 4) != 0) {
            str = null;
        }
        if ((i2 & 8) != 0) {
            function1 = a.a;
        }
        sMimeHandler.q(bArr, list, str, function1);
    }

    public final byte[] f(InputStream inputStream, PrivateKey privateKey) {
        return d(new CMSEnvelopedDataParser(inputStream), privateKey);
    }

    public final byte[] g(InputStream inputStream, PrivateKey privateKey) {
        return d(new SMIMEEnvelopedParser(new MimeMessage(javax.mail.o.h(new Properties()), inputStream)), privateKey);
    }

    public final ByteArrayInputStream l(byte[] bArr) {
        InputStream rawInputStream = new MimeMessage(javax.mail.o.h(new Properties()), new ByteArrayInputStream(bArr)).getRawInputStream();
        Objects.requireNonNull(rawInputStream, "null cannot be cast to non-null type java.io.ByteArrayInputStream");
        return (ByteArrayInputStream) rawInputStream;
    }

    public final g m(byte[] bArr) {
        Object content = new MimeMessage(javax.mail.o.h(new Properties()), new ByteArrayInputStream(bArr)).getContent();
        Objects.requireNonNull(content, "null cannot be cast to non-null type javax.mail.internet.MimeMultipart");
        return (g) content;
    }

    public final String n(byte[] bArr) {
        Object obj;
        String b2;
        String W0;
        boolean R;
        Iterator it = Collections.list(new MimeMessage(javax.mail.o.h(new Properties()), new ByteArrayInputStream(bArr)).getAllHeaders()).iterator();
        while (true) {
            if (!it.hasNext()) {
                obj = null;
                break;
            }
            obj = it.next();
            R = StringsKt__StringsKt.R(((f) obj).b(), "attachment", false, 2, null);
            if (R) {
                break;
            }
        }
        f fVar = (f) obj;
        if (fVar == null || (b2 = fVar.b()) == null) {
            return null;
        }
        W0 = StringsKt__StringsKt.W0(b2, ".", null, 2, null);
        return W0;
    }

    public final InternetAddress o(String str) {
        Address[] from = new MimeMessage(javax.mail.o.h(new Properties()), new ByteArrayInputStream(str.getBytes(Charsets.a))).getFrom();
        Address address = from == null ? null : (Address) h.F(from);
        if (address instanceof InternetAddress) {
            return (InternetAddress) address;
        }
        return null;
    }

    public final byte[] p(byte[] bArr) {
        CMSSignedDataParser cMSSignedDataParser = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build(), bArr);
        byte[] c = kotlin.io.a.c(cMSSignedDataParser.getSignedContent().getContentStream());
        cMSSignedDataParser.getSignedContent().drain();
        for (SignerInformation signerInformation : cMSSignedDataParser.getSignerInfos().getSigners()) {
            Object d0 = kotlin.collections.o.d0(cMSSignedDataParser.getCertificates().getMatches(signerInformation.getSID()));
            if (!q.c(d0 == null ? null : Boolean.valueOf(signerInformation.verify(new JcaSimpleSignerInfoVerifierBuilder().build((X509CertificateHolder) d0))), Boolean.TRUE)) {
                throw new SignatureVerificationException();
            }
        }
        return c;
    }

    public final void q(byte[] bArr, List<? extends X509Certificate> list, String str, Function1<? super SignedMailValidator.ValidationResult, Boolean> function1) {
        int s;
        Set Z0;
        int s2;
        boolean z;
        javax.mail.o h2 = javax.mail.o.h(new Properties());
        ArrayList arrayList = new ArrayList();
        for (Object obj : list) {
            X509Certificate x509Certificate = (X509Certificate) obj;
            if (q.c(x509Certificate.getIssuerX500Principal(), x509Certificate.getSubjectX500Principal())) {
                arrayList.add(obj);
            }
        }
        s = r.s(arrayList, 10);
        ArrayList arrayList2 = new ArrayList(s);
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            arrayList2.add(new TrustAnchor((X509Certificate) it.next(), null));
        }
        Z0 = CollectionsKt___CollectionsKt.Z0(arrayList2);
        CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(list));
        PKIXParameters pKIXParameters = new PKIXParameters((Set<TrustAnchor>) Z0);
        pKIXParameters.addCertStore(certStore);
        MimeMessage mimeMessage = new MimeMessage(h2, new ByteArrayInputStream(bArr));
        if (str != null) {
            mimeMessage.setHeader("Sender", str);
        }
        SignedMailValidator signedMailValidator = new SignedMailValidator(mimeMessage, pKIXParameters, CompatiblePKIXCertPathReviewer.class);
        Collection<SignerInformation> signers = signedMailValidator.getSignerInformationStore().getSigners();
        s2 = r.s(signers, 10);
        ArrayList arrayList3 = new ArrayList(s2);
        Iterator<T> it2 = signers.iterator();
        while (it2.hasNext()) {
            arrayList3.add(signedMailValidator.getValidationResult((SignerInformation) it2.next()));
        }
        if (!arrayList3.isEmpty()) {
            Iterator it3 = arrayList3.iterator();
            while (it3.hasNext()) {
                if (!function1.invoke(it3.next()).booleanValue()) {
                    z = false;
                    break;
                }
            }
        }
        z = true;
        if (z) {
            return;
        }
        Iterator it4 = arrayList3.iterator();
        while (it4.hasNext()) {
            for (Object obj2 : ((SignedMailValidator.ValidationResult) it4.next()).getErrors()) {
                final ErrorBundle errorBundle = obj2 instanceof ErrorBundle ? (ErrorBundle) obj2 : null;
                if (errorBundle != null) {
                    Lumber.Companion.e$default(Lumber.INSTANCE, null, new LogBlock() { // from class: com.ibm.ega.android.common.smime.c
                        @Override // com.ibm.health.common.logging.LogBlock
                        public final String invoke() {
                            String c;
                            c = SMimeHandler.c(ErrorBundle.this);
                            return c;
                        }
                    }, 1, null);
                }
            }
        }
        throw new SignatureVerificationException();
    }

    /* JADX WARN: Removed duplicated region for block: B:5:0x0013 A[Catch: all -> 0x000d, TryCatch #0 {all -> 0x000d, blocks: (B:77:0x0004, B:5:0x0013, B:6:0x0029, B:8:0x002f, B:10:0x0046, B:11:0x0055, B:13:0x005b, B:15:0x007d, B:17:0x0089, B:19:0x008c, B:22:0x008f, B:24:0x0093, B:25:0x00a0, B:27:0x00a7, B:32:0x00ba, B:36:0x00b4, B:38:0x00be, B:40:0x00c4, B:42:0x00ca, B:43:0x00d1, B:50:0x010f, B:51:0x0111, B:52:0x00d8, B:53:0x00dc, B:55:0x00e2, B:58:0x00ec, B:60:0x00f4, B:66:0x00ff, B:67:0x0104, B:69:0x0105, B:70:0x010a, B:72:0x0112, B:73:0x0114, B:74:0x0115, B:75:0x0117), top: B:76:0x0004 }] */
    /* JADX WARN: Removed duplicated region for block: B:74:0x0115 A[Catch: all -> 0x000d, TryCatch #0 {all -> 0x000d, blocks: (B:77:0x0004, B:5:0x0013, B:6:0x0029, B:8:0x002f, B:10:0x0046, B:11:0x0055, B:13:0x005b, B:15:0x007d, B:17:0x0089, B:19:0x008c, B:22:0x008f, B:24:0x0093, B:25:0x00a0, B:27:0x00a7, B:32:0x00ba, B:36:0x00b4, B:38:0x00be, B:40:0x00c4, B:42:0x00ca, B:43:0x00d1, B:50:0x010f, B:51:0x0111, B:52:0x00d8, B:53:0x00dc, B:55:0x00e2, B:58:0x00ec, B:60:0x00f4, B:66:0x00ff, B:67:0x0104, B:69:0x0105, B:70:0x010a, B:72:0x0112, B:73:0x0114, B:74:0x0115, B:75:0x0117), top: B:76:0x0004 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final void s(java.lang.String r9, javax.mail.internet.g r10) {
        /*
            Method dump skipped, instructions count: 288
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ega.android.common.smime.SMimeHandler.s(java.lang.String, javax.mail.internet.g):void");
    }
}
