package oracle.security.crypto.smime;

import java.io.IOException;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import java.util.Vector;
import javax.activation.DataSource;
import javax.mail.Address;
import javax.mail.MessagingException;
import javax.mail.internet.ContentType;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMultipart;
import oracle.security.crypto.asn1.ASN1Date;
import oracle.security.crypto.cert.AttributeSet;
import oracle.security.crypto.cert.CRL;
import oracle.security.crypto.cert.CertificateTrustPolicy;
import oracle.security.crypto.cms.CMS;
import oracle.security.crypto.cms.CMSContentInfo;
import oracle.security.crypto.cms.CMSDataContentInfo;
import oracle.security.crypto.cms.CMSSignedDataContentInfo;
import oracle.security.crypto.cms.CMSSignerInfo;
import oracle.security.crypto.cms.CMSUtils;
import oracle.security.crypto.core.AlgorithmIdentifier;
import oracle.security.crypto.core.AuthenticationException;
import oracle.security.crypto.smime.ess.ESSSecurityLabel;
import oracle.security.crypto.smime.ess.EquivalentLabels;
import oracle.security.crypto.smime.ess.MLExpansionHistory;
import oracle.security.crypto.smime.ess.ReceiptRequest;
import oracle.security.crypto.smime.ess.SigningCertificate;
import oracle.security.crypto.util.InvalidInputException;
import oracle.security.crypto.util.UnsyncByteArrayOutputStream;
import oracle.security.crypto.util.Utils;

/* loaded from: input_file:oracle/security/crypto/smime/SmimeMultipartSigned.class */
public class SmimeMultipartSigned extends MimeMultipart implements SmimeSignedObject {
    private CMSDataContentInfo data;
    private CMSSignedDataContentInfo sig;
    private AlgorithmIdentifier digestAlgID;
    private String micalg;

    public SmimeMultipartSigned(MimeBodyPart mimeBodyPart, AlgorithmIdentifier algorithmIdentifier) throws MessagingException {
        new BodyPartUpdater(mimeBodyPart);
        SmimeUtils.canonicalize(mimeBodyPart);
        UnsyncByteArrayOutputStream unsyncByteArrayOutputStream = new UnsyncByteArrayOutputStream();
        try {
            mimeBodyPart.writeTo(unsyncByteArrayOutputStream);
            this.data = new CMSDataContentInfo(unsyncByteArrayOutputStream.toByteArray());
            this.sig = new CMSSignedDataContentInfo(new CMSDataContentInfo());
            this.digestAlgID = algorithmIdentifier;
            if (algorithmIdentifier.getOID().equals(Smime.md5.getOID())) {
                this.micalg = "md5";
                return;
            }
            if (algorithmIdentifier.getOID().equals(Smime.sha_1.getOID())) {
                this.micalg = "sha-1";
                return;
            }
            if (algorithmIdentifier.getOID().equals(Smime.sha_256.getOID())) {
                this.micalg = "sha-256";
                return;
            }
            if (algorithmIdentifier.getOID().equals(Smime.sha_384.getOID())) {
                this.micalg = "sha-384";
            } else if (algorithmIdentifier.getOID().equals(Smime.sha_512.getOID())) {
                this.micalg = "sha-512";
            } else {
                this.micalg = null;
            }
        } catch (IOException e) {
            throw new MessagingException("Unexpected I/O exception", e);
        }
    }

    public SmimeMultipartSigned(DataSource dataSource) throws MessagingException, IOException {
        super(dataSource);
        if (getCount() != 2) {
            throw new InvalidInputException("Wrong number of body parts for multipart/signed.");
        }
        ContentType contentType = new ContentType(getBodyPart(1).getContentType());
        if (!contentType.match("application/pkcs7-signature") && !contentType.match("application/x-pkcs7-signature")) {
            throw new InvalidInputException("Signature has unrecognized content type (" + contentType + ").");
        }
        UnsyncByteArrayOutputStream unsyncByteArrayOutputStream = new UnsyncByteArrayOutputStream();
        getBodyPart(0).writeTo(unsyncByteArrayOutputStream);
        this.data = new CMSDataContentInfo(unsyncByteArrayOutputStream.toByteArray());
        try {
            this.sig = ((SmimeSigned) getBodyPart(1).getContent()).getSD();
        } catch (ClassCastException e) {
            throw new MessagingException("Installed data handler generates invalid content.");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CMSSignedDataContentInfo getSD() {
        return this.sig;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CMSContentInfo getCMSContentObject() {
        return this.data;
    }

    public void addSignature(PrivateKey privateKey, X509Certificate x509Certificate) throws NoSuchAlgorithmException, InvalidKeyException, IOException, CertificateEncodingException, SignatureException {
        Signature.getInstance(CMSUtils.getSigAlgName(privateKey.getAlgorithm(), CMSUtils.getAlgoName(this.digestAlgID))).initSign(privateKey);
        this.sig.addSignerInfo(x509Certificate, new CMSSignerInfo(this.data, (AttributeSet) null, privateKey, x509Certificate, this.digestAlgID, CMSUtils.getAlgoID(privateKey.getAlgorithm()), (AttributeSet) null));
    }

    public void addSignature(PrivateKey privateKey, X509Certificate x509Certificate, Date date) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, IOException, CertificateEncodingException {
        AttributeSet attributeSet = new AttributeSet();
        attributeSet.addAttribute(CMS.id_signingTime, new ASN1Date(date));
        Signature.getInstance(CMSUtils.getSigAlgName(privateKey.getAlgorithm(), CMSUtils.getAlgoName(this.digestAlgID))).initSign(privateKey);
        this.sig.addSignerInfo(x509Certificate, new CMSSignerInfo(this.data, attributeSet, privateKey, x509Certificate, this.digestAlgID, CMSUtils.getAlgoID(privateKey.getAlgorithm()), (AttributeSet) null));
    }

    public void addSignature(PrivateKey privateKey, X509Certificate x509Certificate, SmimeCapabilities smimeCapabilities) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, IOException, CertificateEncodingException {
        AttributeSet attributeSet = new AttributeSet();
        attributeSet.addAttribute(Smime.smimeCapabilities, smimeCapabilities);
        Signature.getInstance(CMSUtils.getSigAlgName(privateKey.getAlgorithm(), CMSUtils.getAlgoName(this.digestAlgID))).initSign(privateKey);
        this.sig.addSignerInfo(x509Certificate, new CMSSignerInfo(this.data, attributeSet, privateKey, x509Certificate, this.digestAlgID, CMSUtils.getAlgoID(privateKey.getAlgorithm()), (AttributeSet) null));
    }

    public void addSignature(PrivateKey privateKey, X509Certificate x509Certificate, Date date, SmimeCapabilities smimeCapabilities) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, IOException, CertificateEncodingException {
        AttributeSet attributeSet = new AttributeSet();
        attributeSet.addAttribute(CMS.id_signingTime, new ASN1Date(date));
        attributeSet.addAttribute(Smime.smimeCapabilities, smimeCapabilities);
        Signature.getInstance(CMSUtils.getSigAlgName(privateKey.getAlgorithm(), CMSUtils.getAlgoName(this.digestAlgID))).initSign(privateKey);
        this.sig.addSignerInfo(x509Certificate, new CMSSignerInfo(this.data, attributeSet, privateKey, x509Certificate, this.digestAlgID, CMSUtils.getAlgoID(privateKey.getAlgorithm()), (AttributeSet) null));
    }

    public void addSignature(PrivateKey privateKey, X509Certificate x509Certificate, AlgorithmIdentifier algorithmIdentifier, AttributeSet attributeSet) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, IOException, CertificateEncodingException {
        Signature.getInstance(CMSUtils.getSigAlgName(privateKey.getAlgorithm(), CMSUtils.getAlgoName(algorithmIdentifier))).initSign(privateKey);
        this.sig.addSignerInfo(x509Certificate, new CMSSignerInfo(this.data, attributeSet, privateKey, x509Certificate, algorithmIdentifier, CMSUtils.getAlgoID(privateKey.getAlgorithm()), (AttributeSet) null));
    }

    public void addCertificate(X509Certificate x509Certificate) {
        this.sig.addCertificate(x509Certificate);
    }

    public void addCRL(CRL crl) {
        this.sig.addCRL(crl);
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public MimeBodyPart getEnclosedBodyPart() throws InvalidInputException, MessagingException {
        return getBodyPart(0);
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public Enumeration signers() {
        return this.sig.signers();
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public Vector getCertificates() {
        return this.sig.getCertificates();
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public Vector getCRLs() {
        return this.sig.getCRLs();
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public void verifySignature(X509Certificate x509Certificate) throws AuthenticationException, SignatureException {
        try {
            this.sig.verifySignature(x509Certificate, this.data);
        } catch (IOException e) {
            throw new AuthenticationException(e.toString());
        } catch (NoSuchAlgorithmException e2) {
            throw new AuthenticationException(e2.toString());
        } catch (CertificateEncodingException e3) {
            throw new AuthenticationException(e3.toString());
        }
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public void verifySignature(X509Certificate x509Certificate, Address[] addressArr) throws AuthenticationException, SignatureException {
        if (addressArr == null) {
            throw new AuthenticationException("No 'sender' or 'from' addresses found.");
        }
        SmimeUtils.checkEmailAddress(x509Certificate, addressArr);
        try {
            this.sig.verifySignature(x509Certificate, this.data);
        } catch (IOException e) {
            throw new AuthenticationException(e.toString());
        } catch (NoSuchAlgorithmException e2) {
            throw new AuthenticationException(e2.toString());
        } catch (CertificateEncodingException e3) {
            throw new AuthenticationException(e3.toString());
        }
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public void verify(CertificateTrustPolicy certificateTrustPolicy) throws AuthenticationException {
        this.sig.verify(certificateTrustPolicy, this.data);
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public void verify(CertificateTrustPolicy certificateTrustPolicy, Address[] addressArr) throws AuthenticationException {
        this.sig.verify(new MailTrustPolicy(certificateTrustPolicy, addressArr), this.data);
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public ESSSecurityLabel getESSSecurityLabel(X509Certificate x509Certificate) throws AuthenticationException, SignatureException {
        try {
            this.sig.verifySignature(x509Certificate, this.data);
            ESSSecurityLabel eSSSecurityLabel = new ESSSecurityLabel(this.sig.getSignerInfo(x509Certificate));
            Enumeration signers = this.sig.signers();
            while (signers.hasMoreElements()) {
                if (!eSSSecurityLabel.equals(new ESSSecurityLabel((CMSSignerInfo) signers.nextElement()))) {
                    throw new AuthenticationException("ESSSecurityLabels MUST be identical");
                    break;
                }
            }
            return eSSSecurityLabel;
        } catch (InvalidInputException e) {
            throw new SignatureException("Could not find ESSSecurityLabel with Verifiable Signature");
        } catch (IOException e2) {
            throw new AuthenticationException(e2.toString());
        } catch (NoSuchAlgorithmException e3) {
            throw new AuthenticationException(e3.toString());
        } catch (CertificateEncodingException e4) {
            throw new AuthenticationException(e4.toString());
        }
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public EquivalentLabels getEquivalentLabels(X509Certificate x509Certificate) throws AuthenticationException, SignatureException {
        try {
            this.sig.verifySignature(x509Certificate, this.data);
            EquivalentLabels equivalentLabels = new EquivalentLabels(this.sig.getSignerInfo(x509Certificate));
            Enumeration signers = this.sig.signers();
            while (signers.hasMoreElements()) {
                if (!equivalentLabels.equals(new EquivalentLabels((CMSSignerInfo) signers.nextElement()))) {
                    throw new AuthenticationException("EquivalentLabels MUST be identical");
                    break;
                }
            }
            return equivalentLabels;
        } catch (InvalidInputException e) {
            throw new SignatureException("Could not find EquivalentLabels with Verifiable Signature");
        } catch (IOException e2) {
            throw new AuthenticationException(e2.toString());
        } catch (NoSuchAlgorithmException e3) {
            throw new AuthenticationException(e3.toString());
        } catch (CertificateEncodingException e4) {
            throw new AuthenticationException(e4.toString());
        }
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public SigningCertificate getSigningCertificate(X509Certificate x509Certificate) throws AuthenticationException, SignatureException {
        try {
            this.sig.verifySignature(x509Certificate, this.data);
            return new SigningCertificate(this.sig.getSignerInfo(x509Certificate));
        } catch (CertificateEncodingException e) {
            throw new AuthenticationException(e.toString());
        } catch (InvalidInputException e2) {
            throw new SignatureException("Could not find SigningCertificate with Verifiable Signature");
        } catch (IOException e3) {
            throw new AuthenticationException(e3.toString());
        } catch (NoSuchAlgorithmException e4) {
            throw new AuthenticationException(e4.toString());
        }
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public MLExpansionHistory getMLExpansionHistory(X509Certificate x509Certificate) throws AuthenticationException, SignatureException {
        try {
            this.sig.verifySignature(x509Certificate, this.data);
            MLExpansionHistory mLExpansionHistory = new MLExpansionHistory(this.sig.getSignerInfo(x509Certificate));
            Enumeration signers = this.sig.signers();
            while (signers.hasMoreElements()) {
                if (!mLExpansionHistory.equals(new MLExpansionHistory((CMSSignerInfo) signers.nextElement()))) {
                    throw new AuthenticationException("MLExpansionHistory's MUST be identical");
                    break;
                }
            }
            return mLExpansionHistory;
        } catch (InvalidInputException e) {
            throw new SignatureException("Could not find MLExpansionHistory with Verifiable Signature");
        } catch (IOException e2) {
            throw new AuthenticationException(e2.toString());
        } catch (NoSuchAlgorithmException e3) {
            throw new AuthenticationException(e3.toString());
        } catch (CertificateEncodingException e4) {
            throw new AuthenticationException(e4.toString());
        }
    }

    @Override // oracle.security.crypto.smime.SmimeSignedObject
    public ReceiptRequest getReceiptRequest(X509Certificate x509Certificate) throws AuthenticationException, SignatureException {
        try {
            this.sig.verifySignature(x509Certificate, this.data);
            ReceiptRequest receiptRequest = new ReceiptRequest(this.sig.getSignerInfo(x509Certificate));
            Enumeration signers = this.sig.signers();
            while (signers.hasMoreElements()) {
                if (!receiptRequest.equals(new ReceiptRequest((CMSSignerInfo) signers.nextElement()))) {
                    throw new AuthenticationException("ReceiptRequest's MUST be identical");
                    break;
                }
            }
            return receiptRequest;
        } catch (InvalidInputException e) {
            throw new SignatureException("Could not find ReceiptRequest with Verifiable Signature" + e.toString());
        } catch (IOException e2) {
            throw new AuthenticationException(e2.toString());
        } catch (NoSuchAlgorithmException e3) {
            throw new AuthenticationException(e3.toString());
        } catch (CertificateEncodingException e4) {
            throw new AuthenticationException(e4.toString());
        }
    }

    @Override // oracle.security.crypto.smime.SmimeObject
    public String generateContentType(boolean z) {
        return z ? makeContentTypeUsingSHA1AsDigestAlgorithm("application/pkcs7-signature") : makeContentTypeUsingSHA1AsDigestAlgorithm("application/x-pkcs7-signature");
    }

    @Override // oracle.security.crypto.smime.SmimeObject
    public String generateContentType() {
        return generateContentType(true);
    }

    public String generateContentType(boolean z, AlgorithmIdentifier algorithmIdentifier) throws NoSuchAlgorithmException {
        return z ? makeContentTypeUsingGivenDigestAlgorithm("application/pkcs7-signature", algorithmIdentifier) : makeContentTypeUsingGivenDigestAlgorithm("application/x-pkcs7-signature", algorithmIdentifier);
    }

    public String generateContentType(AlgorithmIdentifier algorithmIdentifier) throws NoSuchAlgorithmException {
        return generateContentType(true, algorithmIdentifier);
    }

    public String getContentType() {
        return generateContentType();
    }

    private String makeContentTypeUsingSHA1AsDigestAlgorithm(String str) {
        byte[] bArr = null;
        try {
            bArr = MessageDigest.getInstance(CMSUtils.getAlgoName(CMS.sha_1)).digest(this.data.getData());
        } catch (NoSuchAlgorithmException e) {
            try {
                bArr = MessageDigest.getInstance(SmimeUtils.DEFAULT_Cert_HASH_ALG).digest(this.data.getData());
            } catch (NoSuchAlgorithmException e2) {
            }
        }
        return makeContentTypeCommon(str, bArr);
    }

    private String makeContentTypeUsingGivenDigestAlgorithm(String str, AlgorithmIdentifier algorithmIdentifier) throws NoSuchAlgorithmException {
        return makeContentTypeCommon(str, MessageDigest.getInstance(CMSUtils.getAlgoName(algorithmIdentifier)).digest(this.data.getData()));
    }

    private String makeContentTypeCommon(String str, byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer("multipart/signed; protocol=\"");
        stringBuffer.append(str);
        stringBuffer.append("\";\r\n");
        if (this.micalg != null) {
            stringBuffer.append("     micalg=");
            stringBuffer.append(this.micalg);
            stringBuffer.append(";\r\n");
        }
        stringBuffer.append(" boundary=\"SMS:");
        stringBuffer.append(Utils.toBase64(bArr, false));
        stringBuffer.append('\"');
        return stringBuffer.toString();
    }

    protected void updateHeaders() {
    }

    @Override // oracle.security.crypto.smime.SmimeObject
    public void writeTo(OutputStream outputStream, String str) throws IOException, MessagingException {
        ContentType contentType = new ContentType(str);
        String parameter = contentType.getParameter("protocol");
        byte[] bytes = new StringBuffer("--").append(contentType.getParameter("boundary")).toString().getBytes("ASCII");
        byte[] bytes2 = "\r\n".getBytes("ASCII");
        outputStream.write(bytes);
        outputStream.write(bytes2);
        outputStream.write(this.data.getData());
        outputStream.write(bytes2);
        outputStream.write(bytes);
        outputStream.write(bytes2);
        outputStream.write(new StringBuffer("Content-Type: ").append(parameter).toString().getBytes("ASCII"));
        outputStream.write(bytes2);
        outputStream.write("Content-Transfer-Encoding: base64".getBytes("ASCII"));
        outputStream.write(bytes2);
        outputStream.write(bytes2);
        outputStream.write(Utils.toBase64(Utils.toBytes(this.sig), "\r\n").getBytes("ASCII"));
        outputStream.write(bytes);
        outputStream.write("--".getBytes("ASCII"));
        outputStream.write(bytes2);
    }
}
