package oracle.security.crypto.smime;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import java.util.Vector;
import javax.mail.Address;
import javax.mail.MessagingException;
import javax.mail.internet.MimeBodyPart;
import oracle.security.crypto.asn1.ASN1Date;
import oracle.security.crypto.cert.AttributeSet;
import oracle.security.crypto.cert.CRL;
import oracle.security.crypto.cert.CertificateTrustPolicy;
import oracle.security.crypto.cms.CMS;
import oracle.security.crypto.cms.CMSContentInfo;
import oracle.security.crypto.cms.CMSDataContentInfo;
import oracle.security.crypto.cms.CMSSignedDataContentInfo;
import oracle.security.crypto.cms.CMSSignerInfo;
import oracle.security.crypto.cms.CMSUtils;
import oracle.security.crypto.cms.ESSReceipt;
import oracle.security.crypto.core.AlgorithmIdentifier;
import oracle.security.crypto.core.AuthenticationException;
import oracle.security.crypto.smime.ess.ESSSecurityLabel;
import oracle.security.crypto.smime.ess.EquivalentLabels;
import oracle.security.crypto.smime.ess.MLExpansionHistory;
import oracle.security.crypto.smime.ess.ReceiptRequest;
import oracle.security.crypto.smime.ess.SigningCertificate;
import oracle.security.crypto.util.InvalidInputException;
import oracle.security.crypto.util.UnsyncByteArrayInputStream;

/* loaded from: input_file:oracle/security/crypto/smime/SmimeSigned.class */
public class SmimeSigned implements SmimeSignedObject {
    private CMSSignedDataContentInfo sd;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SmimeSigned(CMSSignedDataContentInfo cMSSignedDataContentInfo) {
        this.sd = cMSSignedDataContentInfo;
    }

    public SmimeSigned() {
        this.sd = new CMSSignedDataContentInfo(new CMSDataContentInfo());
    }

    public SmimeSigned(MimeBodyPart mimeBodyPart) throws MessagingException, IOException {
        this(mimeBodyPart, false);
    }

    public SmimeSigned(MimeBodyPart mimeBodyPart, boolean z) throws MessagingException, IOException {
        if (mimeBodyPart == null) {
            this.sd = new CMSSignedDataContentInfo(new CMSDataContentInfo());
            return;
        }
        new BodyPartUpdater(mimeBodyPart);
        byte[] bytes = SmimeUtils.toBytes(mimeBodyPart);
        if (bytes == null || bytes.length < 1) {
            throw new InvalidInputException("Message content is empty");
        }
        this.sd = new CMSSignedDataContentInfo(new CMSDataContentInfo(bytes));
    }

    public SmimeSigned(InputStream inputStream) throws IOException {
        this(new CMSSignedDataContentInfo(inputStream));
    }

    public void addCertificate(X509Certificate x509Certificate) {
        this.sd.addCertificate(x509Certificate);
    }

    public void addCRL(CRL crl) {
        this.sd.addCRL(crl);
    }

    public void addSignature(PrivateKey privateKey, X509Certificate x509Certificate, AlgorithmIdentifier algorithmIdentifier) throws InvalidKeyException, SignatureException, NoSuchAlgorithmException, CertificateEncodingException, IOException {
        addSignature(privateKey, x509Certificate, algorithmIdentifier, (AttributeSet) null);
    }

    public void addSignature(PrivateKey privateKey, X509Certificate x509Certificate, AlgorithmIdentifier algorithmIdentifier, Date date) throws InvalidKeyException, SignatureException, NoSuchAlgorithmException, CertificateEncodingException, IOException {
        addSignature(privateKey, x509Certificate, algorithmIdentifier, date, null);
    }

    public void addSignature(PrivateKey privateKey, X509Certificate x509Certificate, AlgorithmIdentifier algorithmIdentifier, SmimeCapabilities smimeCapabilities) throws InvalidKeyException, SignatureException, NoSuchAlgorithmException, CertificateEncodingException, IOException {
        addSignature(privateKey, x509Certificate, algorithmIdentifier, null, smimeCapabilities);
    }

    public void addSignature(PrivateKey privateKey, X509Certificate x509Certificate, AlgorithmIdentifier algorithmIdentifier, Date date, SmimeCapabilities smimeCapabilities) throws InvalidKeyException, SignatureException, NoSuchAlgorithmException, CertificateEncodingException, IOException {
        AttributeSet attributeSet = null;
        if (date != null || smimeCapabilities != null) {
            attributeSet = new AttributeSet();
            if (date != null) {
                attributeSet.addAttribute(CMS.id_signingTime, new ASN1Date(date));
            }
            if (smimeCapabilities != null) {
                attributeSet.addAttribute(Smime.smimeCapabilities, smimeCapabilities);
            }
        }
        addSignature(privateKey, x509Certificate, algorithmIdentifier, attributeSet);
    }

    public void addSignature(PrivateKey privateKey, X509Certificate x509Certificate, AlgorithmIdentifier algorithmIdentifier, AttributeSet attributeSet) throws InvalidKeyException, SignatureException, NoSuchAlgorithmException, IOException, CertificateEncodingException {
        Signature.getInstance(CMSUtils.getSigAlgName(privateKey.getAlgorithm(), CMSUtils.getAlgoName(algorithmIdentifier))).initSign(privateKey);
        this.sd.addSignature(attributeSet, privateKey, x509Certificate, algorithmIdentifier, CMSUtils.getAlgoID(privateKey.getAlgorithm()), (AttributeSet) null);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CMSSignedDataContentInfo getSD() {
        return this.sd;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CMSContentInfo getCMSContentObject() {
        return this.sd.getEnclosed();
    }

    public ESSReceipt getReceipt() {
        if (isSignedReceipt()) {
            return this.sd.getEnclosed();
        }
        return null;
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public MimeBodyPart getEnclosedBodyPart() throws InvalidInputException, MessagingException {
        try {
            CMSDataContentInfo enclosed = this.sd.getEnclosed();
            if (enclosed.isDegenerate()) {
                return null;
            }
            return new MimeBodyPart(new UnsyncByteArrayInputStream(enclosed.getData()));
        } catch (ClassCastException e) {
            throw new InvalidInputException("Content-type 'data' expected");
        }
    }

    public boolean isSignedReceipt() {
        return this.sd.getEnclosedContentType().equals(CMS.id_ct_receipt);
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public Vector getCertificates() {
        return this.sd.getCertificates();
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public Vector getCRLs() {
        return this.sd.getCRLs();
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public Enumeration signers() {
        return this.sd.signers();
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public void verifySignature(X509Certificate x509Certificate) throws AuthenticationException, SignatureException {
        try {
            this.sd.verifySignature(x509Certificate);
        } catch (IOException e) {
            throw new AuthenticationException(e.toString());
        } catch (NoSuchAlgorithmException e2) {
            throw new AuthenticationException(e2.toString());
        } catch (CertificateEncodingException e3) {
            throw new AuthenticationException(e3.toString());
        }
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public void verifySignature(X509Certificate x509Certificate, Address[] addressArr) throws AuthenticationException, SignatureException {
        if (addressArr == null) {
            throw new AuthenticationException("No 'sender' or 'from' addresses found.");
        }
        SmimeUtils.checkEmailAddress(x509Certificate, addressArr);
        try {
            this.sd.verifySignature(x509Certificate);
        } catch (IOException e) {
            throw new AuthenticationException(e.toString());
        } catch (NoSuchAlgorithmException e2) {
            throw new AuthenticationException(e2.toString());
        } catch (CertificateEncodingException e3) {
            throw new AuthenticationException(e3.toString());
        }
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public void verify(CertificateTrustPolicy certificateTrustPolicy) throws AuthenticationException {
        this.sd.verify(certificateTrustPolicy);
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public void verify(CertificateTrustPolicy certificateTrustPolicy, Address[] addressArr) throws AuthenticationException {
        this.sd.verify(new MailTrustPolicy(certificateTrustPolicy, addressArr));
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public ESSSecurityLabel getESSSecurityLabel(X509Certificate x509Certificate) throws AuthenticationException, SignatureException {
        try {
            CMSSignerInfo signerInfo = this.sd.getSignerInfo(x509Certificate);
            this.sd.verifySignature(x509Certificate);
            ESSSecurityLabel eSSSecurityLabel = new ESSSecurityLabel(signerInfo);
            Enumeration signers = this.sd.signers();
            while (signers.hasMoreElements()) {
                if (!eSSSecurityLabel.equals(new ESSSecurityLabel((CMSSignerInfo) signers.nextElement()))) {
                    throw new AuthenticationException("ESSSecurityLabel's MUST be identical");
                    break;
                }
            }
            return eSSSecurityLabel;
        } catch (IOException e) {
            throw new AuthenticationException(e.toString());
        } catch (CertificateEncodingException e2) {
            throw new AuthenticationException(e2.toString());
        } catch (InvalidInputException e3) {
            throw new SignatureException("Could not find ESSSecurityLabel with Verifiable Signature");
        } catch (NoSuchAlgorithmException e4) {
            throw new AuthenticationException(e4.toString());
        }
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public EquivalentLabels getEquivalentLabels(X509Certificate x509Certificate) throws AuthenticationException, SignatureException {
        try {
            this.sd.verifySignature(x509Certificate);
            EquivalentLabels equivalentLabels = new EquivalentLabels(this.sd.getSignerInfo(x509Certificate));
            Enumeration signers = this.sd.signers();
            while (signers.hasMoreElements()) {
                if (!equivalentLabels.equals(new EquivalentLabels((CMSSignerInfo) signers.nextElement()))) {
                    throw new AuthenticationException("EquivalentLabels MUST be identical");
                    break;
                }
            }
            return equivalentLabels;
        } catch (IOException e) {
            throw new AuthenticationException(e.toString());
        } catch (CertificateEncodingException e2) {
            throw new AuthenticationException(e2.toString());
        } catch (InvalidInputException e3) {
            throw new SignatureException("Could not find EquivalentLabels with Verifiable Signature" + e3.toString());
        } catch (NoSuchAlgorithmException e4) {
            throw new AuthenticationException(e4.toString());
        }
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public SigningCertificate getSigningCertificate(X509Certificate x509Certificate) throws AuthenticationException, SignatureException {
        try {
            this.sd.verifySignature(x509Certificate);
            return new SigningCertificate(this.sd.getSignerInfo(x509Certificate));
        } catch (IOException e) {
            throw new AuthenticationException(e.toString());
        } catch (CertificateEncodingException e2) {
            throw new AuthenticationException(e2.toString());
        } catch (InvalidInputException e3) {
            throw new SignatureException("Could not find SigningCertificate with Verifiable Signature " + e3.toString());
        } catch (NoSuchAlgorithmException e4) {
            throw new AuthenticationException(e4.toString());
        }
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public MLExpansionHistory getMLExpansionHistory(X509Certificate x509Certificate) throws AuthenticationException, SignatureException {
        try {
            this.sd.verifySignature(x509Certificate);
            MLExpansionHistory mLExpansionHistory = new MLExpansionHistory(this.sd.getSignerInfo(x509Certificate));
            Enumeration signers = this.sd.signers();
            while (signers.hasMoreElements()) {
                if (!mLExpansionHistory.equals(new MLExpansionHistory((CMSSignerInfo) signers.nextElement()))) {
                    throw new AuthenticationException("ESSSecurityLabel's MUST be identical");
                    break;
                }
            }
            return mLExpansionHistory;
        } catch (IOException e) {
            throw new AuthenticationException(e.toString());
        } catch (CertificateEncodingException e2) {
            throw new AuthenticationException(e2.toString());
        } catch (InvalidInputException e3) {
            throw new SignatureException("Could not find MLExpansionHistory with Verifiable Signature" + e3.toString());
        } catch (NoSuchAlgorithmException e4) {
            throw new AuthenticationException(e4.toString());
        }
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public ReceiptRequest getReceiptRequest(X509Certificate x509Certificate) throws AuthenticationException, SignatureException {
        try {
            this.sd.verifySignature(x509Certificate);
            ReceiptRequest receiptRequest = new ReceiptRequest(this.sd.getSignerInfo(x509Certificate));
            Enumeration signers = this.sd.signers();
            while (signers.hasMoreElements()) {
                if (!receiptRequest.equals(new ReceiptRequest((CMSSignerInfo) signers.nextElement()))) {
                    throw new AuthenticationException("ReceiptRequest's MUST be identical");
                    break;
                }
            }
            return receiptRequest;
        } catch (IOException e) {
            throw new AuthenticationException(e.toString());
        } catch (CertificateEncodingException e2) {
            throw new AuthenticationException(e2.toString());
        } catch (InvalidInputException e3) {
            throw new SignatureException("Could not find ReceiptRequest with Verifiable Signature " + e3.toString());
        } catch (NoSuchAlgorithmException e4) {
            throw new AuthenticationException(e4.toString());
        }
    }

    @Override // oracle.security.crypto.smime.SmimeObject
    public String generateContentType(boolean z) {
        if (this.sd.getEnclosed().getData() != null) {
            return z ? "application/pkcs7-mime; smime-type=signed-data" : "application/x-pkcs7-mime; smime-type=signed-data";
        }
        Enumeration signers = this.sd.signers();
        return (signers == null || !signers.hasMoreElements()) ? z ? "application/pkcs7-mime; smime-type=certs-only" : "application/x-pkcs7-mime; smime-type=certs-only" : z ? "application/pkcs7-signature" : "application/x-pkcs7-signature";
    }

    @Override // oracle.security.crypto.smime.SmimeObject
    public String generateContentType() {
        return generateContentType(true);
    }

    @Override // oracle.security.crypto.smime.SmimeObject
    public void writeTo(OutputStream outputStream, String str) throws IOException, MessagingException {
        this.sd.output(outputStream);
    }
}
