package com.inet.mail.smime;

import com.inet.classloader.I18nMessages;
import com.inet.config.ConfigKey;
import com.inet.error.ErrorCode;
import com.inet.http.ClientMessageException;
import com.inet.http.servlet.ClientLocale;
import com.inet.lib.io.FastByteArrayInputStream;
import com.inet.mail.api.BaseEmail;
import com.inet.notification.NotificationManager;
import com.inet.persistence.Persistence;
import com.inet.persistence.PersistenceEntry;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Base64;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ForkJoinPool;
import java.util.function.Predicate;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.mail.smime.SMIMESignedGenerator;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.X509TrustedCertificateBlock;

/* loaded from: input_file:com/inet/mail/smime/e.class */
public class e {
    private static Provider U;
    private static ConcurrentHashMap<b, PrivateKey> V;

    @Nonnull
    public static final ConfigKey S = new ConfigKey("smime.signed", "true", Boolean.class);

    @Nonnull
    public static final ConfigKey T = new ConfigKey("smime.encryption", "true", Boolean.class);
    private static final ConcurrentHashMap<String, c> W = new ConcurrentHashMap<>();
    static final I18nMessages X = new I18nMessages("com.inet.mail.structure.i18n.ConfigStructure", e.class);
    private static Predicate<Date> Y = date -> {
        return date.getTime() < System.currentTimeMillis() + 3600000;
    };

    @Nonnull
    private static PersistenceEntry a(boolean z) {
        return Persistence.getInstance().resolve(z ? "/smime/public" : "/smime/private");
    }

    @Nonnull
    private static String g(@Nonnull String str) {
        return Base64.getEncoder().withoutPadding().encodeToString(str.toLowerCase().getBytes(StandardCharsets.UTF_8));
    }

    @Nonnull
    private static PersistenceEntry a(boolean z, @Nonnull String str) {
        return a(z).resolve(g(str));
    }

    @Nonnull
    private static PersistenceEntry a(boolean z, @Nonnull String str, long j) {
        return a(a(z, str).resolve(String.valueOf(j)));
    }

    @Nonnull
    private static PersistenceEntry a(@Nonnull PersistenceEntry persistenceEntry) {
        String name = persistenceEntry.getName();
        return persistenceEntry.getCryptoInstance(name.toCharArray(), name.getBytes(StandardCharsets.UTF_8));
    }

    @Nonnull
    public static Provider d() {
        BouncyCastleProvider bouncyCastleProvider = U;
        if (bouncyCastleProvider == null) {
            BouncyCastleProvider bouncyCastleProvider2 = new BouncyCastleProvider();
            bouncyCastleProvider = bouncyCastleProvider2;
            U = bouncyCastleProvider2;
        }
        return bouncyCastleProvider;
    }

    @Nonnull
    public static List<a> b(boolean z) {
        PersistenceEntry a = a(z);
        ArrayList arrayList = new ArrayList();
        Base64.Decoder decoder = Base64.getDecoder();
        for (PersistenceEntry persistenceEntry : a.getChildren()) {
            Iterator it = persistenceEntry.getChildren().iterator();
            while (it.hasNext()) {
                try {
                    arrayList.add(new a(new String(decoder.decode(persistenceEntry.getName()), StandardCharsets.UTF_8), Long.parseLong(((PersistenceEntry) it.next()).getName())));
                } catch (Exception e) {
                    BaseEmail.LOGGER.error(e);
                }
            }
        }
        arrayList.sort(Comparator.comparing((v0) -> {
            return v0.b();
        }));
        return arrayList;
    }

    public static void b(boolean z, @Nonnull String str, long j) {
        a(z).resolve(g(str)).resolve(String.valueOf(j)).deleteValue();
        if (z) {
            return;
        }
        V = null;
        W.remove(str);
    }

    @Nonnull
    public static X509Certificate a(byte[] bArr) {
        Object readObject;
        try {
            try {
                return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificates(new FastByteArrayInputStream(bArr)).iterator().next();
            } catch (Exception e) {
                PEMParser pEMParser = new PEMParser(new InputStreamReader(new FastByteArrayInputStream(bArr)));
                do {
                    try {
                        readObject = pEMParser.readObject();
                        if (readObject == null) {
                            pEMParser.close();
                            throw e;
                        }
                        if (readObject instanceof X509TrustedCertificateBlock) {
                            readObject = ((X509TrustedCertificateBlock) readObject).getCertificateHolder();
                        }
                    } finally {
                    }
                } while (!(readObject instanceof X509CertificateHolder));
                X509Certificate certificate = new JcaX509CertificateConverter().getCertificate((X509CertificateHolder) readObject);
                pEMParser.close();
                return certificate;
            }
        } catch (Exception e2) {
            throw ((RuntimeException) ErrorCode.throwAny(e2));
        }
    }

    public static a a(X509Certificate x509Certificate) {
        try {
            a b = b(x509Certificate);
            if (Y.test(x509Certificate.getNotAfter())) {
                return null;
            }
            PersistenceEntry a = a(true, b.b(), x509Certificate.getNotAfter().getTime());
            a.setBytes(x509Certificate.getEncoded());
            PersistenceEntry parent = a.getParent();
            if (parent != null) {
                for (PersistenceEntry persistenceEntry : parent.getChildren()) {
                    if (!persistenceEntry.getName().equals(a.getName())) {
                        persistenceEntry.deleteValue();
                    }
                }
            }
            return b;
        } catch (Exception e) {
            throw ((RuntimeException) ErrorCode.throwAny(e));
        }
    }

    @Nullable
    public static X509Certificate h(@Nonnull String str) {
        try {
            Iterator it = a(true, str).getChildren().iterator();
            if (!it.hasNext()) {
                c j = j(str);
                if (j == null) {
                    return null;
                }
                X509Certificate x509Certificate = j.L;
                return null;
            }
            InputStream inputStream = a((PersistenceEntry) it.next()).getInputStream();
            if (inputStream == null) {
                if (inputStream != null) {
                    inputStream.close();
                }
                return null;
            }
            try {
                X509Certificate x509Certificate2 = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificates(inputStream).iterator().next();
                if (inputStream != null) {
                    inputStream.close();
                }
                if (!Y.test(x509Certificate2.getNotAfter())) {
                    return x509Certificate2;
                }
                b(true, str, x509Certificate2.getNotAfter().getTime());
                return null;
            } catch (Throwable th) {
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (Exception e) {
            throw ((RuntimeException) ErrorCode.throwAny(e));
        }
    }

    @Nonnull
    private static ConcurrentHashMap<b, PrivateKey> e() {
        ConcurrentHashMap<b, PrivateKey> concurrentHashMap = V;
        if (concurrentHashMap == null) {
            concurrentHashMap = new ConcurrentHashMap<>();
            for (a aVar : b(false)) {
                byte[] bytes = a(false, aVar.b(), aVar.c()).getBytes();
                if (bytes != null) {
                    try {
                        c a = a(bytes, new char[0]);
                        concurrentHashMap.put(new b(a.L), a.K);
                    } catch (Exception e) {
                        BaseEmail.LOGGER.error(e);
                    }
                }
            }
            V = concurrentHashMap;
        }
        return concurrentHashMap;
    }

    public static boolean f() {
        return !e().isEmpty();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Nullable
    public static PrivateKey a(@Nonnull b bVar) {
        return e().get(bVar);
    }

    @Nonnull
    public static a a(@Nonnull byte[] bArr, @Nonnull String str) {
        try {
            c a = a(bArr, str.toCharArray());
            e().put(new b(a.L), a.K);
            String str2 = a.address;
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(null, null);
            char[] cArr = new char[0];
            keyStore.setKeyEntry(a.J, a.K, cArr, a.M);
            long time = a.L.getNotAfter().getTime();
            OutputStream outputStream = a(false, str2, time).getOutputStream();
            try {
                keyStore.store(outputStream, cArr);
                if (outputStream != null) {
                    outputStream.close();
                }
                W.remove(str2);
                h();
                return new a(str2, time);
            } finally {
            }
        } catch (Exception e) {
            throw ((RuntimeException) ErrorCode.throwAny(e));
        }
    }

    @Nullable
    public static SMIMESignedGenerator i(@Nonnull String str) {
        try {
            c cVar = W.get(str);
            if (cVar != null) {
                if (cVar.L == null) {
                    return null;
                }
                Date notAfter = cVar.L.getNotAfter();
                if (notAfter == null || !Y.test(notAfter)) {
                    return a(cVar);
                }
            }
            c j = j(str);
            if (j == null) {
                W.put(str, new c());
                return null;
            }
            W.put(str, j);
            return a(j);
        } catch (Exception e) {
            BaseEmail.LOGGER.error(e);
            return null;
        }
    }

    @Nonnull
    private static SMIMESignedGenerator a(@Nonnull c cVar) throws Exception {
        JcaCertStore jcaCertStore = new JcaCertStore(Arrays.asList(cVar.M));
        SMIMESignedGenerator sMIMESignedGenerator = new SMIMESignedGenerator();
        sMIMESignedGenerator.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(d()).build("SHA1withRSA", cVar.K, cVar.L));
        sMIMESignedGenerator.addCertificates(jcaCertStore);
        return sMIMESignedGenerator;
    }

    @Nullable
    private static c j(@Nonnull String str) {
        List children = a(false, str).getChildren();
        if (children.isEmpty()) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        Iterator it = children.iterator();
        while (it.hasNext()) {
            byte[] bytes = a((PersistenceEntry) it.next()).getBytes();
            if (bytes != null) {
                c a = a(bytes, new char[0]);
                if (!Y.test(a.L.getNotAfter())) {
                    arrayList.add(a);
                }
            }
        }
        if (arrayList.size() == 0) {
            return null;
        }
        arrayList.sort((cVar, cVar2) -> {
            return cVar2.L.getNotAfter().compareTo(cVar.L.getNotAfter());
        });
        return (c) arrayList.get(0);
    }

    @Nonnull
    public static a b(@Nonnull byte[] bArr, String str) {
        c a = a(bArr, str == null ? new char[0] : str.toCharArray());
        return new a(a.address, a.L.getNotAfter().getTime());
    }

    @Nonnull
    public static a b(@Nonnull X509Certificate x509Certificate) {
        try {
            Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
            if (subjectAlternativeNames != null) {
                for (List<?> list : subjectAlternativeNames) {
                    if (((Integer) list.get(0)).intValue() == 1) {
                        return new a((String) list.get(1), x509Certificate.getNotAfter().getTime());
                    }
                }
            }
            throw new ClientMessageException(new com.inet.mail.structure.a().translate(ClientLocale.getThreadLocale(), "smime.noemail.certificate", new Object[]{x509Certificate.getSubjectDN()}));
        } catch (Exception e) {
            throw ((RuntimeException) ErrorCode.throwAny(e));
        }
    }

    static c a(@Nonnull byte[] bArr, char[] cArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(new FastByteArrayInputStream(bArr), cArr);
            c cVar = new c();
            String nextElement = keyStore.aliases().nextElement();
            cVar.J = nextElement;
            cVar.K = (PrivateKey) keyStore.getKey(nextElement, cArr);
            cVar.L = (X509Certificate) keyStore.getCertificate(nextElement);
            cVar.M = keyStore.getCertificateChain(nextElement);
            cVar.address = b(cVar.L).b();
            return cVar;
        } catch (Exception e) {
            throw ((RuntimeException) ErrorCode.throwAny(e));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void g() {
        V = null;
        W.clear();
    }

    public static void h() {
        ForkJoinPool.commonPool().execute(() -> {
            HashMap hashMap = new HashMap();
            for (a aVar : b(false)) {
                byte[] bytes = a(false, aVar.b(), aVar.c()).getBytes();
                if (bytes != null) {
                    try {
                        c a = a(bytes, new char[0]);
                        String str = a.address;
                        Date notAfter = a.L.getNotAfter();
                        Date date = (Date) hashMap.get(str);
                        if (date == null || date.before(notAfter)) {
                            hashMap.put(str, notAfter);
                        }
                    } catch (Exception e) {
                        BaseEmail.LOGGER.error(e);
                    }
                }
            }
            if (hashMap.size() <= 0) {
                NotificationManager.getInstance().unregisterGenerator(f.Z);
            } else {
                Map.Entry entry = (Map.Entry) Collections.min(hashMap.entrySet(), Map.Entry.comparingByValue());
                NotificationManager.getInstance().registerGenerator(new f((String) entry.getKey(), ((Date) entry.getValue()).getTime()));
            }
        });
    }
}
