package oracle.security.crypto.smime;

import java.util.Vector;
import javax.mail.Address;
import oracle.security.crypto.cert.CertificateTrustPolicy;
import oracle.security.crypto.cert.CertificateVerifier;
import oracle.security.crypto.cert.IssuerAndSerialNo;
import oracle.security.crypto.cert.X509;
import oracle.security.crypto.core.AuthenticationException;

/* loaded from: input_file:oracle/security/crypto/smime/MailTrustPolicy.class */
public class MailTrustPolicy implements CertificateTrustPolicy {
    private CertificateTrustPolicy trustPolicy;
    private Address[] addresses;

    /* loaded from: input_file:oracle/security/crypto/smime/MailTrustPolicy$MailCertificateVerifier.class */
    private static class MailCertificateVerifier implements CertificateVerifier {
        CertificateVerifier cv;
        Address[] addresses;

        MailCertificateVerifier(CertificateVerifier certificateVerifier, Address[] addressArr) {
            this.cv = certificateVerifier;
            this.addresses = addressArr;
        }

        public X509 getValidCertificate(IssuerAndSerialNo issuerAndSerialNo) throws AuthenticationException {
            if (this.addresses == null) {
                throw new AuthenticationException("No 'sender' or 'from' addresses found.");
            }
            X509 validCertificate = this.cv.getValidCertificate(issuerAndSerialNo);
            if (validCertificate != null) {
                String email = validCertificate.getSubject().getEmail();
                if (email == null) {
                    throw new AuthenticationException("Certificate does not contain email address");
                }
                boolean z = false;
                int i = 0;
                while (true) {
                    if (i >= this.addresses.length) {
                        break;
                    }
                    if (email.equals(this.addresses[i].toString())) {
                        z = true;
                        break;
                    }
                    i++;
                }
                if (!z) {
                    throw new AuthenticationException("E-mail address on certificate is not correct");
                }
            }
            return validCertificate;
        }
    }

    public MailTrustPolicy(CertificateTrustPolicy certificateTrustPolicy, Address[] addressArr) {
        this.trustPolicy = certificateTrustPolicy;
        this.addresses = addressArr;
    }

    public CertificateVerifier makeCertificateVerifier(Vector vector, Vector vector2) {
        return new MailCertificateVerifier(this.trustPolicy.makeCertificateVerifier(vector, vector2), this.addresses);
    }
}
