package org.kman.AquaMail.mail.smime;

import java.io.ByteArrayOutputStream;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECKey;
import java.util.Collection;
import java.util.Iterator;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.cms.CMSAlgorithm;
import org.bouncycastle.cms.CMSEnvelopedData;
import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.KeyAgreeRecipientInformation;
import org.bouncycastle.cms.KeyTransRecipientInformation;
import org.bouncycastle.cms.RecipientInfoGenerator;
import org.bouncycastle.cms.RecipientInformation;
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.bouncycastle.cms.jcajce.JceKeyAgreeEnvelopedRecipient;
import org.bouncycastle.cms.jcajce.JceKeyAgreeRecipientInfoGenerator;
import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;

/* loaded from: classes3.dex */
public class f {
    public static final String contentDescription = "Content-Description: S/MIME Encrypted Message";
    public static final String contentDesposition = "Content-Disposition: attachment; filename=\"smime.p7m\"";
    public static final String contentTransferEncoding = "Content-Transfer-Encoding: base64";
    public static final String contentType = "Content-Type: application/pkcs7-mime; name=\"smime.p7m\"; smime-type=enveloped-data";

    /* loaded from: classes3.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        byte[] f21867a;
    }

    /* loaded from: classes3.dex */
    public static class b {

        /* renamed from: a, reason: collision with root package name */
        public int f21868a;

        /* renamed from: b, reason: collision with root package name */
        public int f21869b = 1;
    }

    public static byte[] a(byte[] bArr, Collection<org.kman.AquaMail.cert.smime.d> collection, org.kman.AquaMail.cert.smime.d dVar, b bVar) {
        try {
            ASN1ObjectIdentifier d3 = d(bVar);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write(contentType.getBytes());
            byte[] bArr2 = org.kman.AquaMail.coredefs.j.f18887c;
            byteArrayOutputStream.write(bArr2);
            byteArrayOutputStream.write("Content-Transfer-Encoding: base64".getBytes());
            byteArrayOutputStream.write(bArr2);
            byteArrayOutputStream.write(contentDesposition.getBytes());
            byteArrayOutputStream.write(bArr2);
            byteArrayOutputStream.write(contentDescription.getBytes());
            byteArrayOutputStream.write(bArr2);
            byteArrayOutputStream.write(bArr2);
            Provider j3 = k.f21890a.j();
            CMSProcessableByteArray cMSProcessableByteArray = new CMSProcessableByteArray(bArr);
            CMSEnvelopedDataGenerator cMSEnvelopedDataGenerator = new CMSEnvelopedDataGenerator();
            Iterator<org.kman.AquaMail.cert.smime.d> it = collection.iterator();
            while (it.hasNext()) {
                cMSEnvelopedDataGenerator.addRecipientInfoGenerator(b(it.next().c(), dVar, j3));
            }
            if (bVar.f21869b > 0) {
                cMSEnvelopedDataGenerator.addRecipientInfoGenerator(b(dVar.c(), dVar, j3));
            }
            k.f21890a.t(org.kman.AquaMail.util.e.e(cMSEnvelopedDataGenerator.generate(cMSProcessableByteArray, new JceCMSContentEncryptorBuilder(d3).setProvider(j3).build()).getEncoded()), byteArrayOutputStream, 76);
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e3) {
            throw new SMimeError(org.kman.AquaMail.mail.smime.a.ERROR_ENCRYPT_FAILED_TO_CREATE_MESSAGE, "Failed to encrypt message", e3);
        }
    }

    private static RecipientInfoGenerator b(X509Certificate x509Certificate, org.kman.AquaMail.cert.smime.d dVar, Provider provider) throws CertificateEncodingException {
        PublicKey publicKey = dVar.c().getPublicKey();
        PrivateKey l3 = dVar.l();
        if ((x509Certificate.getPublicKey() instanceof ECKey) || (l3 instanceof ECKey)) {
            throw new SMimeError(org.kman.AquaMail.mail.smime.a.ERROR_ENCRYPT_EC_KEYS_NOT_SUPPORTED, "EC Keys not supported.", null);
        }
        return x509Certificate.getPublicKey() instanceof ECKey ? new JceKeyAgreeRecipientInfoGenerator(CMSAlgorithm.ECCDH_SHA256KDF, l3, publicKey, CMSAlgorithm.AES256_WRAP).setProvider(provider).addRecipient(x509Certificate) : new JceKeyTransRecipientInfoGenerator(x509Certificate).setProvider(provider);
    }

    public static a c(byte[] bArr, org.kman.AquaMail.cert.smime.d dVar) throws CMSException {
        if (bArr == null) {
            return null;
        }
        Provider j3 = k.f21890a.j();
        Iterator<RecipientInformation> it = new CMSEnvelopedData(bArr).getRecipientInfos().iterator();
        byte[] bArr2 = null;
        while (it.hasNext()) {
            RecipientInformation next = it.next();
            try {
                if (next instanceof KeyTransRecipientInformation) {
                    bArr2 = ((KeyTransRecipientInformation) next).getContent(new JceKeyTransEnvelopedRecipient(dVar.l()).setProvider(j3).setContentProvider(j3));
                } else if (next instanceof KeyAgreeRecipientInformation) {
                    bArr2 = ((KeyAgreeRecipientInformation) next).getContent(new JceKeyAgreeEnvelopedRecipient(dVar.l()).setProvider(j3).setContentProvider(j3));
                }
            } catch (Exception unused) {
                bArr2 = null;
            }
            if (bArr2 != null) {
                break;
            }
        }
        if (bArr2 == null) {
            return null;
        }
        a aVar = new a();
        aVar.f21867a = bArr2;
        return aVar;
    }

    private static ASN1ObjectIdentifier d(b bVar) {
        int i3 = bVar.f21868a;
        return i3 != 1 ? i3 != 2 ? CMSAlgorithm.AES256_CBC : CMSAlgorithm.AES128_CBC : CMSAlgorithm.AES192_CBC;
    }
}
