package com.kingsoft.smime;

import android.content.Context;
import com.android.emailcommon.provider.Account;
import com.android.emailcommon.provider.EmailContent;
import com.kingsoft.emailcommon.mail.Address;
import com.kingsoft.mail.preferences.AccountPreferences;
import com.kingsoft.smime.common.SMIMEEnvelopedGenerator;
import com.kingsoft.smime.common.SMIMESignedGenerator;
import com.kingsoft.smime.db.ContactCertificate;
import com.kingsoft.smime.db.EasCertificate;
import com.wps.mail.smime.MailSignerInfoGeneratorBuilder;
import java.io.IOException;
import java.io.OutputStream;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.List;
import javax.mail.Header;
import javax.mail.MessagingException;
import javax.mail.Multipart;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.smime.SMIMECapabilitiesAttribute;
import org.bouncycastle.asn1.smime.SMIMECapability;
import org.bouncycastle.asn1.smime.SMIMECapabilityVector;
import org.bouncycastle.asn1.smime.SMIMEEncryptionKeyPreferenceAttribute;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cms.CMSAlgorithm;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.SignerInfoGenerator;
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.OutputEncryptor;

/* loaded from: classes2.dex */
public class SmimeUtil2 {
    private static void copyContent(MimeBodyPart mimeBodyPart, MimeMessage mimeMessage) throws MessagingException, IOException {
        mimeMessage.setContent(mimeBodyPart.getContent(), mimeBodyPart.getContentType());
    }

    private static void copyHeaderLines(MimeMessage mimeMessage, MimeMessage mimeMessage2) throws MessagingException {
        Enumeration<String> allHeaderLines = mimeMessage.getAllHeaderLines();
        while (allHeaderLines.hasMoreElements()) {
            mimeMessage2.addHeaderLine(allHeaderLines.nextElement());
        }
    }

    private static void copyHeaders(Enumeration<Header> enumeration, MimeMessage mimeMessage) throws MessagingException {
        while (enumeration.hasMoreElements()) {
            Header nextElement = enumeration.nextElement();
            mimeMessage.setHeader(nextElement.getName(), nextElement.getValue());
        }
    }

    private static void copyHeaders(MimeBodyPart mimeBodyPart, MimeMessage mimeMessage) throws MessagingException {
        copyHeaders(mimeBodyPart.getAllHeaders(), mimeMessage);
    }

    private static void copyHeaders(MimeMessage mimeMessage, MimeMessage mimeMessage2) throws MessagingException {
        copyHeaders(mimeMessage.getAllHeaders(), mimeMessage2);
    }

    public static MimeMessage encryptMessage(MimeMessage mimeMessage, X509Certificate[] x509CertificateArr) {
        try {
            MimeMessage mimeMessage2 = new MimeMessage(mimeMessage.getSession());
            copyHeaders(mimeMessage, mimeMessage2);
            MimeBodyPart generate = prepareGenerator(x509CertificateArr).generate(mimeMessage, prepareEncryptor());
            copyContent(generate, mimeMessage2);
            copyHeaders(generate, mimeMessage2);
            mimeMessage2.saveChanges();
            return mimeMessage2;
        } catch (Exception e) {
            throw handledException(e);
        }
    }

    private static MimeBodyPart extractMimeBodyPart(MimeMessage mimeMessage) throws IOException, MessagingException {
        Object content = mimeMessage.getContent();
        UpdatableMimeBodyPart updatableMimeBodyPart = new UpdatableMimeBodyPart();
        if (content instanceof Multipart) {
            updatableMimeBodyPart.setContent((Multipart) content);
        } else {
            updatableMimeBodyPart.setContent(content, mimeMessage.getDataHandler().getContentType());
        }
        updatableMimeBodyPart.updateHeaders();
        return updatableMimeBodyPart;
    }

    private static SMIMECapabilityVector getCapabilityVector() {
        SMIMECapabilityVector sMIMECapabilityVector = new SMIMECapabilityVector();
        sMIMECapabilityVector.addCapability(SMIMECapability.dES_EDE3_CBC);
        sMIMECapabilityVector.addCapability(SMIMECapability.rC2_CBC, 128);
        sMIMECapabilityVector.addCapability(SMIMECapability.dES_CBC);
        return sMIMECapabilityVector;
    }

    private static X509Certificate[] getCertificateForRecipient(EmailContent.Message message, Context context, Account account) throws CertificateException {
        Address[] unpack = Address.unpack(message.mTo);
        Address[] unpack2 = Address.unpack(message.mCc);
        Address[] unpack3 = Address.unpack(message.mBcc);
        long j = account.mId;
        int accountType = account.getAccountType(context);
        ArrayList arrayList = new ArrayList();
        for (Address address : unpack) {
            if (1 == accountType) {
                EasCertificate restore = EasCertificate.restore(context, address.getAddress(), j);
                if (restore != null) {
                    arrayList.add(restore.crateCert());
                } else {
                    arrayList.add(ContactCertificate.restore(context, address.getAddress(), j).crateCert());
                }
            } else {
                arrayList.add(ContactCertificate.restore(context, address.getAddress(), j).crateCert());
            }
        }
        for (Address address2 : unpack2) {
            if (1 == accountType) {
                EasCertificate restore2 = EasCertificate.restore(context, address2.getAddress(), j);
                if (restore2 != null) {
                    arrayList.add(restore2.crateCert());
                } else {
                    arrayList.add(ContactCertificate.restore(context, address2.getAddress(), j).crateCert());
                }
            } else {
                arrayList.add(ContactCertificate.restore(context, address2.getAddress(), j).crateCert());
            }
        }
        for (Address address3 : unpack3) {
            if (1 == accountType) {
                EasCertificate restore3 = EasCertificate.restore(context, address3.getAddress(), j);
                if (restore3 != null) {
                    arrayList.add(restore3.crateCert());
                } else {
                    arrayList.add(ContactCertificate.restore(context, address3.getAddress(), j).crateCert());
                }
            } else {
                arrayList.add(ContactCertificate.restore(context, address3.getAddress(), j).crateCert());
            }
        }
        arrayList.add(new SmimeKeyStore().getPrivateKey(AccountPreferences.get(context, account.getEmailAddress()).getEncryptCertAlias(), null).getCertificate());
        X509Certificate[] x509CertificateArr = new X509Certificate[arrayList.size()];
        arrayList.toArray(x509CertificateArr);
        return x509CertificateArr;
    }

    private static JcaCertStore getCertificateStore(SmimeKey smimeKey) throws CertificateEncodingException {
        List list;
        X509Certificate[] certificateChain = smimeKey.getCertificateChain();
        X509Certificate certificate = smimeKey.getCertificate();
        if (certificateChain == null || certificateChain.length <= 0) {
            ArrayList arrayList = new ArrayList();
            arrayList.add(certificate);
            list = arrayList;
        } else {
            list = Arrays.asList(certificateChain);
        }
        return new JcaCertStore(list);
    }

    private static SMIMESignedGenerator getGenerator(SmimeKey smimeKey) throws CertificateEncodingException, OperatorCreationException {
        SMIMESignedGenerator sMIMESignedGenerator = new SMIMESignedGenerator();
        sMIMESignedGenerator.addCertificates(getCertificateStore(smimeKey));
        sMIMESignedGenerator.addSignerInfoGenerator(getInfoGenerator(smimeKey));
        return sMIMESignedGenerator;
    }

    private static SignerInfoGenerator getInfoGenerator(SmimeKey smimeKey) throws OperatorCreationException, CertificateEncodingException {
        return new MailSignerInfoGeneratorBuilder().build("SHA256withRSA", smimeKey.getPrivateKey(), smimeKey.getCertificate());
    }

    private static IssuerAndSerialNumber getIssuerAndSerialNumber(SmimeKey smimeKey) {
        X509Certificate certificate = smimeKey.getCertificate();
        return new IssuerAndSerialNumber(new X500Name(certificate.getIssuerDN().getName()), certificate.getSerialNumber());
    }

    private static ASN1EncodableVector getSignedAttributes(SmimeKey smimeKey) {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new SMIMEEncryptionKeyPreferenceAttribute(getIssuerAndSerialNumber(smimeKey)));
        aSN1EncodableVector.add(new SMIMECapabilitiesAttribute(getCapabilityVector()));
        return aSN1EncodableVector;
    }

    private static SmimeKey getSmimeKeyForSender(String str, Context context) {
        return new SmimeKeyStore().getPrivateKey(AccountPreferences.get(context, str).getSignCertAlias(), null);
    }

    private static SmimeException handledException(Exception exc) {
        return exc instanceof SmimeException ? (SmimeException) exc : new SmimeException(exc.getMessage(), exc);
    }

    private static OutputEncryptor prepareEncryptor() throws CMSException {
        return new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).build();
    }

    private static SMIMEEnvelopedGenerator prepareGenerator(X509Certificate[] x509CertificateArr) throws CertificateEncodingException {
        SMIMEEnvelopedGenerator sMIMEEnvelopedGenerator = new SMIMEEnvelopedGenerator();
        for (X509Certificate x509Certificate : x509CertificateArr) {
            JceKeyTransRecipientInfoGenerator jceKeyTransRecipientInfoGenerator = new JceKeyTransRecipientInfoGenerator(x509Certificate);
            jceKeyTransRecipientInfoGenerator.setProvider(BouncyCastleProvider.PROVIDER_NAME);
            sMIMEEnvelopedGenerator.addRecipientInfoGenerator(jceKeyTransRecipientInfoGenerator);
        }
        return sMIMEEnvelopedGenerator;
    }

    private static MimeBodyPart sign(MimeBodyPart mimeBodyPart, SmimeKey smimeKey) {
        try {
            MimeMultipart generate = getGenerator(smimeKey).generate(MimeUtil.canonicalize(mimeBodyPart));
            MimeBodyPart mimeBodyPart2 = new MimeBodyPart();
            mimeBodyPart2.setContent(generate);
            return mimeBodyPart2;
        } catch (Exception e) {
            throw handledException(e);
        }
    }

    private static MimeMessage sign(MimeMessage mimeMessage, SmimeKey smimeKey) {
        try {
            MimeMessage mimeMessage2 = new MimeMessage(mimeMessage.getSession());
            copyHeaderLines(mimeMessage, mimeMessage2);
            copyContent(sign(extractMimeBodyPart(mimeMessage), smimeKey), mimeMessage2);
            return mimeMessage2;
        } catch (Exception e) {
            throw handledException(e);
        }
    }

    private static void signMessage(MimeMessage mimeMessage, OutputStream outputStream, Context context, String str) {
        try {
            sign(mimeMessage, getSmimeKeyForSender(str, context)).writeTo(outputStream);
        } catch (Exception e) {
            throw handledException(e);
        }
    }

    public static void writeSmime(EmailContent.Message message, OutputStream outputStream, Context context, Account account, boolean z, boolean z2) throws IOException, CertificateException, MessagingException {
        int i = message.mFlagSmime & 3;
        if (i == 1) {
            signMessage(MimeMessageUtil.makeMessage(context, message, z, z2, null, false), outputStream, context, message.mFromAddress);
        } else if (i == 2) {
            encryptMessage(MimeMessageUtil.makeMessage(context, message, z, z2, null, false), getCertificateForRecipient(message, context, account)).writeTo(outputStream);
        } else if (i == 3) {
            encryptMessage(sign(MimeMessageUtil.makeMessage(context, message, z, z2, null, false), getSmimeKeyForSender(message.mFromAddress, context)), getCertificateForRecipient(message, context, account)).writeTo(outputStream);
        }
    }
}
