package at.rundquadrat.android.r2mail2;

import android.content.Context;
import android.util.Log;
import at.rundquadrat.android.r2mail2.ValidationResult;
import at.rundquadrat.org.apache.commons.httpclient.methods.multipart.FilePart;
import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.UUID;
import javax.mail.MessagingException;
import javax.mail.Session;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;
import org2.bouncycastle.cert.X509CertificateHolder;
import org2.bouncycastle.cert.jcajce.JcaCertStore;
import org2.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org2.bouncycastle.cms.CMSAlgorithm;
import org2.bouncycastle.cms.CMSException;
import org2.bouncycastle.cms.CMSSignerDigestMismatchException;
import org2.bouncycastle.cms.CMSTypedStream;
import org2.bouncycastle.cms.RecipientInformation;
import org2.bouncycastle.cms.SignerInformation;
import org2.bouncycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
import org2.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
import org2.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org2.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
import org2.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
import org2.bouncycastle.jce.provider.BouncyCastleProvider;
import org2.bouncycastle.mail.smime.SMIMEEnvelopedGenerator;
import org2.bouncycastle.mail.smime.SMIMEException;
import org2.bouncycastle.mail.smime.SMIMESignedGenerator;
import org2.bouncycastle.mail.smime.SMIMESignedParser;
import org2.bouncycastle.mail.smime.SMIMEUtil;
import org2.bouncycastle.mail.smime.util.SharedFileInputStream;
import org2.bouncycastle.operator.OperatorCreationException;
import org2.bouncycastle.util.StoreException;
import org2.bouncycastle.util.Strings;

/* loaded from: classes.dex */
public class SMimeProcessor implements Constants {
    public static MimeMessage decrypt(MimeMessage mimeMessage, PrivateKey privateKey, RecipientInformation recipientInformation) throws CMSException, SMIMEException, MessagingException, IOException {
        byte[] bArr = (byte[]) null;
        if (recipientInformation != null && privateKey != null) {
            bArr = recipientInformation.getContent(new JceKeyTransEnvelopedRecipient(privateKey));
        }
        if (bArr == null) {
            return null;
        }
        MimeBodyPart mimeBodyPart = SMIMEUtil.toMimeBodyPart(bArr);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        mimeBodyPart.writeTo(byteArrayOutputStream);
        MimeMessage mimeMessage2 = new MimeMessage(Session.getInstance(new Properties()), new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        byteArrayOutputStream.close();
        Enumeration allHeaderLines = mimeMessage.getAllHeaderLines();
        while (allHeaderLines.hasMoreElements()) {
            String str = (String) allHeaderLines.nextElement();
            if (!Strings.toLowerCase(str).startsWith("content-")) {
                mimeMessage2.addHeaderLine(str);
            }
        }
        mimeMessage2.saveChanges();
        return mimeMessage2;
    }

    public static MimeMessage decryptToFile(MimeMessage mimeMessage, PrivateKey privateKey, RecipientInformation recipientInformation) throws CMSException, SMIMEException, MessagingException, IOException {
        CMSTypedStream cMSTypedStream = null;
        if (recipientInformation != null && privateKey != null) {
            cMSTypedStream = recipientInformation.getContentStream(new JceKeyTransEnvelopedRecipient(privateKey));
        }
        if (cMSTypedStream == null) {
            return null;
        }
        File downloadFile = Util.getDownloadFile(R2Mail2.TEMP_DIR, UUID.randomUUID().toString());
        BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(downloadFile));
        byte[] bytes = net.fortuna.ical4j.util.Strings.LINE_SEPARATOR.getBytes("UTF-8");
        Enumeration allHeaderLines = mimeMessage.getAllHeaderLines();
        while (allHeaderLines.hasMoreElements()) {
            String str = (String) allHeaderLines.nextElement();
            if (!Strings.toLowerCase(str).startsWith("content-")) {
                bufferedOutputStream.write(str.getBytes());
                bufferedOutputStream.write(bytes);
            }
        }
        byte[] bArr = new byte[32760];
        while (true) {
            int read = cMSTypedStream.getContentStream().read(bArr, 0, bArr.length);
            if (read <= 0) {
                bufferedOutputStream.close();
                return new MimeMessage(Session.getInstance(new Properties()), new SharedFileInputStream(downloadFile));
            }
            bufferedOutputStream.write(bArr, 0, read);
        }
    }

    public static IDSaveMimeMessage encrypt(MimeMessage mimeMessage, ArrayList<X509Certificate> arrayList) throws MessagingException, CMSException, CertificateEncodingException, SMIMEException, IOException {
        MimeBodyPart mimeBodyPart = new MimeBodyPart();
        if (mimeMessage.getContentType() == null || mimeMessage.getContent() == null) {
            Log.e("R2Mail2", "Either the content type or the content is null");
            return null;
        }
        mimeBodyPart.setContent(mimeMessage.getContent(), mimeMessage.getContentType());
        SMIMEEnvelopedGenerator sMIMEEnvelopedGenerator = new SMIMEEnvelopedGenerator();
        Iterator<X509Certificate> it = arrayList.iterator();
        while (it.hasNext()) {
            sMIMEEnvelopedGenerator.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(it.next()));
        }
        MimeBodyPart generate = sMIMEEnvelopedGenerator.generate(mimeBodyPart, R2Mail2.ENC_ALG.equals("DES_EDE3_CBC") ? new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(new BouncyCastleProvider()).build() : R2Mail2.ENC_ALG.equals("AES128_CBC") ? new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC, 128).setProvider(new BouncyCastleProvider()).build() : new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES256_CBC, 256).setProvider(new BouncyCastleProvider()).build());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        generate.writeTo(byteArrayOutputStream);
        IDSaveMimeMessage iDSaveMimeMessage = new IDSaveMimeMessage(Session.getInstance(new Properties()), new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        byteArrayOutputStream.close();
        Enumeration allHeaderLines = mimeMessage.getAllHeaderLines();
        while (allHeaderLines.hasMoreElements()) {
            String str = (String) allHeaderLines.nextElement();
            if (!Strings.toLowerCase(str).startsWith("content-")) {
                iDSaveMimeMessage.addHeaderLine(str);
            }
        }
        iDSaveMimeMessage.saveChanges();
        return iDSaveMimeMessage;
    }

    public static IDSaveMimeMessage encryptToFile(MimeMessage mimeMessage, ArrayList<X509Certificate> arrayList) throws MessagingException, CMSException, CertificateEncodingException, SMIMEException, IOException {
        MimeBodyPart mimeBodyPart = new MimeBodyPart();
        if (mimeMessage.getContentType() == null || mimeMessage.getContent() == null) {
            Log.e("R2Mail2", "Either the content type or the content is null");
            return null;
        }
        mimeBodyPart.setContent(mimeMessage.getContent(), mimeMessage.getContentType());
        SMIMEEnvelopedGenerator sMIMEEnvelopedGenerator = new SMIMEEnvelopedGenerator();
        Iterator<X509Certificate> it = arrayList.iterator();
        while (it.hasNext()) {
            sMIMEEnvelopedGenerator.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(it.next()));
        }
        MimeBodyPart generate = sMIMEEnvelopedGenerator.generate(mimeBodyPart, R2Mail2.ENC_ALG.equals("DES_EDE3_CBC") ? new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(new BouncyCastleProvider()).build() : R2Mail2.ENC_ALG.equals("AES128_CBC") ? new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC, 128).setProvider(new BouncyCastleProvider()).build() : new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES256_CBC, 256).setProvider(new BouncyCastleProvider()).build());
        File downloadFile = Util.getDownloadFile(R2Mail2.TEMP_DIR, UUID.randomUUID().toString());
        BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(downloadFile));
        byte[] bytes = net.fortuna.ical4j.util.Strings.LINE_SEPARATOR.getBytes("UTF-8");
        Enumeration allHeaderLines = mimeMessage.getAllHeaderLines();
        while (allHeaderLines.hasMoreElements()) {
            String str = (String) allHeaderLines.nextElement();
            if (!Strings.toLowerCase(str).startsWith("content-")) {
                bufferedOutputStream.write(str.getBytes());
                bufferedOutputStream.write(bytes);
            }
        }
        generate.writeTo(bufferedOutputStream);
        bufferedOutputStream.close();
        return new IDSaveMimeMessage(Session.getInstance(new Properties()), new SharedFileInputStream(downloadFile));
    }

    public static Boolean isencrypted(MimeMessage mimeMessage) throws MessagingException {
        return (mimeMessage.isMimeType("application/pkcs7-mime") || mimeMessage.isMimeType("application/x-pkcs7-mime")) && mimeMessage.getContentType().contains("enveloped-data");
    }

    public static Boolean issigned(MimeMessage mimeMessage) throws MessagingException {
        if (mimeMessage.isMimeType("multipart/signed") && (mimeMessage.getContentType().contains("application/x-pkcs7-signature") || mimeMessage.getContentType().contains("application/pkcs7-signature"))) {
            return true;
        }
        if ((mimeMessage.isMimeType("application/pkcs7-mime") || mimeMessage.isMimeType("application/x-pkcs7-mime")) && mimeMessage.getContentType().contains("signed-data")) {
            return true;
        }
        return mimeMessage.isMimeType(FilePart.DEFAULT_CONTENT_TYPE) && mimeMessage.getContentType().matches("p7m|p7s|p7c|p7z");
    }

    public static IDSaveMimeMessage sign(MimeMessage mimeMessage, PrivateKey privateKey, X509Certificate x509Certificate, List<X509Certificate> list) throws CertificateEncodingException, IOException, MessagingException, SMIMEException, OperatorCreationException, NoSuchAlgorithmException, NoSuchProviderException {
        MimeBodyPart mimeBodyPart = new MimeBodyPart();
        if (mimeMessage == null || mimeMessage.getContentType() == null || mimeMessage.getContent() == null) {
            Log.e("R2Mail2", "Either the content type or the content is null");
            return null;
        }
        mimeBodyPart.setContent(mimeMessage.getContent(), mimeMessage.getContentType());
        SMIMESignedGenerator sMIMESignedGenerator = new SMIMESignedGenerator();
        JcaSimpleSignerInfoGeneratorBuilder jcaSimpleSignerInfoGeneratorBuilder = new JcaSimpleSignerInfoGeneratorBuilder();
        jcaSimpleSignerInfoGeneratorBuilder.setProvider(new BouncyCastleProvider());
        sMIMESignedGenerator.addSignerInfoGenerator(R2Mail2.DIGEST.equals("RIPEMD160withRSA") ? jcaSimpleSignerInfoGeneratorBuilder.build("RIPEMD160withRSA", privateKey, x509Certificate) : R2Mail2.DIGEST.equals("SHA256withRSA") ? jcaSimpleSignerInfoGeneratorBuilder.build("SHA256withRSA", privateKey, x509Certificate) : R2Mail2.DIGEST.equals("SHA512withRSA") ? jcaSimpleSignerInfoGeneratorBuilder.build("SHA512withRSA", privateKey, x509Certificate) : jcaSimpleSignerInfoGeneratorBuilder.build("SHA1WithRSA", privateKey, x509Certificate));
        if (list == null || list.isEmpty()) {
            list = new ArrayList<>();
            list.add(x509Certificate);
        }
        sMIMESignedGenerator.addCertificates(new JcaCertStore(list));
        MimeMultipart generate = sMIMESignedGenerator.generate(mimeBodyPart, new BouncyCastleProvider());
        IDSaveMimeMessage iDSaveMimeMessage = new IDSaveMimeMessage(Session.getInstance(new Properties()));
        iDSaveMimeMessage.setContent(generate, generate.getContentType());
        Enumeration allHeaderLines = mimeMessage.getAllHeaderLines();
        while (allHeaderLines.hasMoreElements()) {
            String str = (String) allHeaderLines.nextElement();
            if (!Strings.toLowerCase(str).startsWith("content-")) {
                iDSaveMimeMessage.addHeaderLine(str);
            }
        }
        iDSaveMimeMessage.saveChanges();
        return iDSaveMimeMessage;
    }

    public static ValidationResult.SignatureValidationResult verifySignature(Context context, MimeMessage mimeMessage, File file) throws MessagingException, IOException, CMSException, SMIMEException, CertificateParsingException, CertificateEncodingException, StoreException, OperatorCreationException, CertificateException {
        if (issigned(mimeMessage).booleanValue()) {
            return verifySignature(context, mimeMessage, mimeMessage.isMimeType("multipart/signed") ? new SMIMESignedParser((MimeMultipart) mimeMessage.getContent(), file) : new SMIMESignedParser(mimeMessage, file));
        }
        ValidationResult.SignatureValidationResult signatureValidationResult = new ValidationResult.SignatureValidationResult();
        signatureValidationResult.errors.add("Message not signed!");
        return signatureValidationResult;
    }

    public static ValidationResult.SignatureValidationResult verifySignature(Context context, MimeMessage mimeMessage, SMIMESignedParser sMIMESignedParser) throws CertificateParsingException, CertificateEncodingException, StoreException, OperatorCreationException, CertificateException, MessagingException, IOException, CMSException, SMIMEException {
        ValidationResult.SignatureValidationResult signatureValidationResult = new ValidationResult.SignatureValidationResult();
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        String str = null;
        if (mimeMessage.getFrom() != null && mimeMessage.getFrom().length > 0) {
            str = new InternetAddress(mimeMessage.getFrom()[0].toString()).getAddress().toLowerCase();
        }
        String lowerCase = mimeMessage.getSender() != null ? new InternetAddress(mimeMessage.getSender().toString()).getAddress().toLowerCase() : null;
        for (SignerInformation signerInformation : sMIMESignedParser.getSignerInfos().getSigners()) {
            Collection matches = sMIMESignedParser.getCertificates().getMatches(signerInformation.getSID());
            Iterator it = matches.iterator();
            if (!matches.isEmpty()) {
                try {
                    X509CertificateHolder x509CertificateHolder = (X509CertificateHolder) it.next();
                    signatureValidationResult.signatureValid = signerInformation.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(bouncyCastleProvider).build(x509CertificateHolder));
                    FullX509Certificate fullX509Certificate = new FullX509Certificate(x509CertificateHolder.getEncoded());
                    signatureValidationResult.signerCertificate = fullX509Certificate;
                    while (it.hasNext()) {
                        signatureValidationResult.signerIntermediates.add(new JcaX509CertificateConverter().setProvider(bouncyCastleProvider).getCertificate((X509CertificateHolder) it.next()));
                    }
                    if (!fullX509Certificate.getAllEmail().isEmpty() && (str == null || !fullX509Certificate.getAllEmail().contains(str))) {
                        if (lowerCase == null || !fullX509Certificate.getAllEmail().contains(lowerCase)) {
                            signatureValidationResult.signatureValid = false;
                            signatureValidationResult.errors.add(context.getString(R.string.sigvalidator_error_noemail));
                        }
                    }
                } catch (CMSSignerDigestMismatchException e) {
                    signatureValidationResult.errors.add(context.getString(R.string.sigvalidator_error_modified));
                }
            }
        }
        return signatureValidationResult;
    }
}
