package org.apache.james.transport;

import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.mail.smime.SMIMEException;
import org.bouncycastle.mail.smime.SMIMESignedGenerator;
import org.bouncycastle.operator.OperatorCreationException;

/* loaded from: input_file:org/apache/james/transport/SMIMEKeyHolder.class */
public class SMIMEKeyHolder implements KeyHolder {
    private final JcaCertStore jcaCertStore;
    private final PrivateKey privateKey;
    private final X509Certificate certificate;
    private final CertStore certStore;

    public static String getDefaultType() {
        return KeyStore.getDefaultType();
    }

    public SMIMEKeyHolder(String str, String str2, String str3, String str4, String str5) throws KeyStoreException, IOException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, CertificateException, UnrecoverableKeyException, NoSuchProviderException {
        try {
            InitJCE.init();
            KeyStore keyStore = KeyStore.getInstance(str5 == null ? KeyStore.getDefaultType() : str5);
            keyStore.load(new BufferedInputStream(new FileInputStream(str)), str2.toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            if (str3 == null) {
                if (!aliases.hasMoreElements()) {
                    throw new KeyStoreException("No alias was found in keystore.");
                }
                str3 = aliases.nextElement();
                if (aliases.hasMoreElements()) {
                    throw new KeyStoreException("No <keyAlias> was given and more than one alias was found in keystore.");
                }
            }
            this.privateKey = (PrivateKey) keyStore.getKey(str3, (str4 == null ? str2 : str4).toCharArray());
            if (this.privateKey == null) {
                throw new KeyStoreException("The \"" + str3 + "\" PrivateKey alias was not found in keystore.");
            }
            this.certificate = (X509Certificate) keyStore.getCertificate(str3);
            if (this.certificate == null) {
                throw new KeyStoreException("The \"" + str3 + "\" X509Certificate alias was not found in keystore.");
            }
            Certificate[] certificateChain = keyStore.getCertificateChain(str3);
            ArrayList arrayList = new ArrayList();
            if (certificateChain == null) {
                arrayList.add(this.certificate);
            } else {
                Collections.addAll(arrayList, certificateChain);
            }
            this.certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList), BouncyCastleProvider.PROVIDER_NAME);
            this.jcaCertStore = new JcaCertStore(arrayList);
        } catch (ClassNotFoundException | IllegalAccessException | InstantiationException | NoSuchMethodException | InvocationTargetException e) {
            NoSuchProviderException noSuchProviderException = new NoSuchProviderException("Error during cryptography provider initialization. Has bcprov-jdkxx-yyy.jar been copied in the lib directory or installed in the system?");
            noSuchProviderException.initCause(e);
            throw noSuchProviderException;
        }
    }

    public PrivateKey getPrivateKey() {
        return this.privateKey;
    }

    public X509Certificate getCertificate() {
        return this.certificate;
    }

    public CertStore getCertStore() {
        return this.certStore;
    }

    public SMIMESignedGenerator createGenerator() throws CertStoreException, SMIMEException, OperatorCreationException, CertificateEncodingException {
        SMIMESignedGenerator sMIMESignedGenerator = new SMIMESignedGenerator();
        sMIMESignedGenerator.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build("SHA1withRSA", this.privateKey, this.certificate));
        sMIMESignedGenerator.addCertificates(this.jcaCertStore);
        return sMIMESignedGenerator;
    }

    @Override // org.apache.james.transport.KeyHolder
    public MimeMultipart generate(MimeMessage mimeMessage) throws CertStoreException, NoSuchAlgorithmException, NoSuchProviderException, SMIMEException, OperatorCreationException, CertificateEncodingException {
        return createGenerator().generate(mimeMessage);
    }

    @Override // org.apache.james.transport.KeyHolder
    public MimeMultipart generate(MimeBodyPart mimeBodyPart) throws CertStoreException, NoSuchAlgorithmException, NoSuchProviderException, SMIMEException, OperatorCreationException, CertificateEncodingException {
        return createGenerator().generate(mimeBodyPart);
    }

    public static String getSignerDistinguishedName(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectDN().toString();
    }

    public static String getSignerCN(X509Certificate x509Certificate) {
        return extractAttribute(x509Certificate.getSubjectDN().toString(), "CN=");
    }

    public static String getSignerAddress(X509Certificate x509Certificate) {
        return extractAttribute(x509Certificate.getSubjectDN().toString(), "EMAILADDRESS=");
    }

    @Override // org.apache.james.transport.KeyHolder
    public String getSignerDistinguishedName() {
        return getSignerDistinguishedName(getCertificate());
    }

    @Override // org.apache.james.transport.KeyHolder
    public String getSignerCN() {
        return getSignerCN(getCertificate());
    }

    @Override // org.apache.james.transport.KeyHolder
    public String getSignerAddress() {
        return getSignerAddress(getCertificate());
    }

    private static String extractAttribute(String str, String str2) {
        int indexOf = str.indexOf(str2);
        if (indexOf < 0) {
            return null;
        }
        int length = indexOf + str2.length();
        int indexOf2 = str.indexOf(",", length);
        if (indexOf2 - 1 <= 0) {
            return null;
        }
        return str.substring(length, indexOf2).trim();
    }
}
