package com.aspose.email;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.MGF1ParameterSpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.smime.SMIMECapabilitiesAttribute;
import org.bouncycastle.asn1.smime.SMIMECapability;
import org.bouncycastle.asn1.smime.SMIMECapabilityVector;
import org.bouncycastle.asn1.smime.SMIMEEncryptionKeyPreferenceAttribute;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cms.CMSAlgorithm;
import org.bouncycastle.cms.CMSEnvelopedData;
import org.bouncycastle.cms.CMSEnvelopedDataStreamGenerator;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataStreamGenerator;
import org.bouncycastle.cms.RecipientInformation;
import org.bouncycastle.cms.SignerId;
import org.bouncycastle.cms.SignerInfoGenerator;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.SignerInformationVerifier;
import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientId;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.OutputEncryptor;
import org.bouncycastle.operator.jcajce.JcaAlgorithmParametersConverter;
import org.bouncycastle.util.Store;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/aspose/email/PalCryptographyBC.class */
public class PalCryptographyBC {
    private static final String d = zblo.a(new byte[]{-65, -52, 36, -77, -51, -78});
    private static final String[] e = {d, "BC"};
    public static final String a = zblo.a(new byte[]{-82, -57, 35, -56, -88, -41, -77, -74, 111, -67, 55, 122, -111});
    public static final KeyEncapsulationAlgorithm b = KeyEncapsulationAlgorithm.RSA;
    public static final ASN1ObjectIdentifier c = CMSAlgorithm.DES_EDE3_CBC;

    /* loaded from: input_file:com/aspose/email/PalCryptographyBC$KeyEncapsulationAlgorithm.class */
    public enum KeyEncapsulationAlgorithm {
        RSA,
        RSA_OAEP_SHA224,
        RSA_OAEP_SHA256,
        RSA_OAEP_SHA384,
        RSA_OAEP_SHA512
    }

    private static JcaCertStore a(X509Certificate[] x509CertificateArr) {
        Certificate[] certificateArr = (Certificate[]) x509CertificateArr.clone();
        try {
            return new JcaCertStore((certificateArr == null || certificateArr.length <= 0) ? new ArrayList() : Arrays.asList(certificateArr));
        } catch (CertificateEncodingException e2) {
            throw new RuntimeException(e2);
        }
    }

    private static SignerInfoGenerator a(PrivateKey privateKey, X509Certificate[] x509CertificateArr) {
        try {
            JcaSimpleSignerInfoGeneratorBuilder jcaSimpleSignerInfoGeneratorBuilder = new JcaSimpleSignerInfoGeneratorBuilder();
            jcaSimpleSignerInfoGeneratorBuilder.setSignedAttributeGenerator(new AttributeTable(b(x509CertificateArr)));
            jcaSimpleSignerInfoGeneratorBuilder.setProvider(b());
            return jcaSimpleSignerInfoGeneratorBuilder.build(a, privateKey, x509CertificateArr[0]);
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    private static ASN1EncodableVector b(X509Certificate[] x509CertificateArr) {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new SMIMEEncryptionKeyPreferenceAttribute(c(x509CertificateArr)));
        aSN1EncodableVector.add(new SMIMECapabilitiesAttribute(c()));
        return aSN1EncodableVector;
    }

    private static SMIMECapabilityVector c() {
        SMIMECapabilityVector sMIMECapabilityVector = new SMIMECapabilityVector();
        sMIMECapabilityVector.addCapability(SMIMECapability.dES_EDE3_CBC);
        sMIMECapabilityVector.addCapability(SMIMECapability.rC2_CBC, 128);
        sMIMECapabilityVector.addCapability(SMIMECapability.dES_CBC);
        return sMIMECapabilityVector;
    }

    private static IssuerAndSerialNumber c(X509Certificate[] x509CertificateArr) {
        X509Certificate x509Certificate = x509CertificateArr[0];
        return new IssuerAndSerialNumber(new X500Name(x509Certificate.getIssuerX500Principal().getName()), x509Certificate.getSerialNumber());
    }

    private static CMSSignedDataStreamGenerator a(JcaCertStore jcaCertStore, SignerInfoGenerator signerInfoGenerator) {
        try {
            CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator = new CMSSignedDataStreamGenerator();
            cMSSignedDataStreamGenerator.addCertificates(jcaCertStore);
            cMSSignedDataStreamGenerator.addSignerInfoGenerator(signerInfoGenerator);
            return cMSSignedDataStreamGenerator;
        } catch (CMSException e2) {
            throw new RuntimeException((Throwable) e2);
        }
    }

    public static byte[] a(byte[] bArr, PrivateKey privateKey, X509Certificate[] x509CertificateArr, boolean z) {
        CMSSignedDataStreamGenerator a2 = a(a(x509CertificateArr), a(privateKey, x509CertificateArr));
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            OutputStream open = a2.open(byteArrayOutputStream, !z);
            open.write(bArr);
            open.close();
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e2) {
            throw new RuntimeException(e2);
        }
    }

    private static X509Certificate a(Store store, SignerId signerId) throws CertificateException {
        X509CertificateHolder x509CertificateHolder = (X509CertificateHolder) store.getMatches(signerId).iterator().next();
        JcaX509CertificateConverter jcaX509CertificateConverter = new JcaX509CertificateConverter();
        jcaX509CertificateConverter.setProvider(b());
        return jcaX509CertificateConverter.getCertificate(x509CertificateHolder);
    }

    private static SignerInformationVerifier a(X509Certificate x509Certificate) throws OperatorCreationException {
        JcaSimpleSignerInfoVerifierBuilder jcaSimpleSignerInfoVerifierBuilder = new JcaSimpleSignerInfoVerifierBuilder();
        jcaSimpleSignerInfoVerifierBuilder.setProvider(b());
        return jcaSimpleSignerInfoVerifierBuilder.build(x509Certificate);
    }

    public static byte[] a(byte[] bArr) {
        try {
            return (byte[]) new CMSSignedData(bArr).getSignedContent().getContent();
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    public static Collection<X509Certificate> a(byte[] bArr, byte[] bArr2) {
        try {
            HashSet hashSet = new HashSet();
            CMSSignedData cMSSignedData = bArr2 == null ? new CMSSignedData(bArr) : new CMSSignedData(new CMSProcessableByteArray(bArr2), bArr);
            Store certificates = cMSSignedData.getCertificates();
            for (SignerInformation signerInformation : cMSSignedData.getSignerInfos().getSigners()) {
                X509Certificate a2 = a(certificates, signerInformation.getSID());
                if (!signerInformation.verify(a(a2))) {
                    throw new RuntimeException(zblo.a(new byte[]{-82, -26, 5, -108, -4, -107, -79, -83, 126, -11, 19, 76, -94, -18, -66, 18, -107, -72, 59, 117, -110, -31, 66, -100, -4, -120, -88, -70, Byte.MAX_VALUE}));
                }
                hashSet.add(a2);
            }
            return hashSet;
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    public static byte[] a(byte[] bArr, Collection<X509Certificate> collection) {
        return a(bArr, collection, b, c);
    }

    public static byte[] a(byte[] bArr, Collection<X509Certificate> collection, KeyEncapsulationAlgorithm keyEncapsulationAlgorithm, ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        try {
            CMSEnvelopedDataStreamGenerator a2 = a(collection, keyEncapsulationAlgorithm);
            OutputEncryptor a3 = a(aSN1ObjectIdentifier);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            OutputStream open = a2.open(byteArrayOutputStream, a3);
            open.write(bArr);
            open.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    private static CMSEnvelopedDataStreamGenerator a(Collection<X509Certificate> collection, KeyEncapsulationAlgorithm keyEncapsulationAlgorithm) throws CertificateEncodingException, InvalidAlgorithmParameterException {
        JceKeyTransRecipientInfoGenerator jceKeyTransRecipientInfoGenerator;
        CMSEnvelopedDataStreamGenerator cMSEnvelopedDataStreamGenerator = new CMSEnvelopedDataStreamGenerator();
        for (X509Certificate x509Certificate : collection) {
            if (keyEncapsulationAlgorithm == KeyEncapsulationAlgorithm.RSA) {
                jceKeyTransRecipientInfoGenerator = new JceKeyTransRecipientInfoGenerator(x509Certificate);
            } else {
                String a2 = a(keyEncapsulationAlgorithm);
                jceKeyTransRecipientInfoGenerator = new JceKeyTransRecipientInfoGenerator(x509Certificate, new JcaAlgorithmParametersConverter().getAlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP, new OAEPParameterSpec(a2, zblo.a(new byte[]{-80, -56, 36, -53}), new MGF1ParameterSpec(a2), PSource.PSpecified.DEFAULT)));
            }
            JceKeyTransRecipientInfoGenerator jceKeyTransRecipientInfoGenerator2 = jceKeyTransRecipientInfoGenerator;
            jceKeyTransRecipientInfoGenerator2.setProvider(b());
            cMSEnvelopedDataStreamGenerator.addRecipientInfoGenerator(jceKeyTransRecipientInfoGenerator2);
        }
        return cMSEnvelopedDataStreamGenerator;
    }

    private static String a(KeyEncapsulationAlgorithm keyEncapsulationAlgorithm) throws InvalidAlgorithmParameterException {
        if (keyEncapsulationAlgorithm == KeyEncapsulationAlgorithm.RSA_OAEP_SHA224) {
            return zblo.a(new byte[]{-82, -57, 35, -41, -81, -46, -16});
        }
        if (keyEncapsulationAlgorithm == KeyEncapsulationAlgorithm.RSA_OAEP_SHA256) {
            return zblo.a(new byte[]{-82, -57, 35, -41, -81, -44, -14});
        }
        if (keyEncapsulationAlgorithm == KeyEncapsulationAlgorithm.RSA_OAEP_SHA384) {
            return zblo.a(new byte[]{-82, -57, 35, -41, -82, -39, -16});
        }
        if (keyEncapsulationAlgorithm == KeyEncapsulationAlgorithm.RSA_OAEP_SHA512) {
            return zblo.a(new byte[]{-82, -57, 35, -41, -88, -48, -10});
        }
        throw new InvalidAlgorithmParameterException(zblo.a(new byte[]{-88, -31, 9, -108, -14, -106, -86, -1, 72, -6, 40, 96, -99, -62, -8, 16, -109, -96, 111, 121, -109, -20, 3, -118, -18, -108, -88, -66, 111, -68, 10, 71, -16, -26, -76, 28, -103, -85, 38, 104, -107, -30, 88, -38}) + keyEncapsulationAlgorithm.name());
    }

    private static OutputEncryptor a(ASN1ObjectIdentifier aSN1ObjectIdentifier) throws CMSException {
        return new JceCMSContentEncryptorBuilder(aSN1ObjectIdentifier).setProvider(b()).build();
    }

    public static Collection<X509Certificate> a(byte[] bArr, SmimeKey smimeKey) {
        try {
            HashSet hashSet = new HashSet();
            if (smimeKey.getCertificateChain().length == 0) {
                return hashSet;
            }
            for (RecipientInformation recipientInformation : new CMSEnvelopedData(bArr).getRecipientInfos().getRecipients()) {
                for (X509Certificate x509Certificate : smimeKey.getCertificateChain()) {
                }
            }
            return hashSet;
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    public static byte[] b(byte[] bArr, SmimeKey smimeKey) {
        try {
            X509Certificate certificate = smimeKey.getCertificate();
            PrivateKey privateKey = smimeKey.getPrivateKey();
            RecipientInformation recipientInformation = new CMSEnvelopedData(bArr).getRecipientInfos().get(new JceKeyTransRecipientId(certificate));
            if (null == recipientInformation) {
                throw new RuntimeException(zblo.a(new byte[]{-109, -32, 66, -120, -8, -126, -83, -81, 114, -80, 11, 93}));
            }
            JceKeyTransEnvelopedRecipient jceKeyTransEnvelopedRecipient = new JceKeyTransEnvelopedRecipient(privateKey);
            jceKeyTransEnvelopedRecipient.setProvider(b());
            return recipientInformation.getContent(jceKeyTransEnvelopedRecipient);
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    public static String[] a() {
        return e;
    }

    public static String b() {
        for (String str : a()) {
            if (Security.getProvider(str) != null) {
                return str;
            }
        }
        return "BC";
    }
}
