package de.mhus.lib.core.mail;

import de.mhus.lib.core.MString;
import de.mhus.lib.core.crypt.MBouncy;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertStore;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import javax.mail.Authenticator;
import javax.mail.Message;
import javax.mail.Session;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.smime.SMIMECapabilitiesAttribute;
import org.bouncycastle.asn1.smime.SMIMECapability;
import org.bouncycastle.asn1.smime.SMIMECapabilityVector;
import org.bouncycastle.asn1.smime.SMIMEEncryptionKeyPreferenceAttribute;
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.asn1.x509.X509Name;
import org.bouncycastle.mail.smime.SMIMESignedGenerator;
import org.bouncycastle.x509.X509V3CertificateGenerator;

/* loaded from: input_file:de/mhus/lib/core/mail/GpgSignedMail.class */
public class GpgSignedMail implements Mail {
    static int serialNo = 1;
    private String from;
    private String[] to;
    private String[] cc;
    private String[] bcc;
    private String subject;
    private String content;
    private String signDN;
    private X509Certificate origCert;
    private KeyPair origKP;
    private CertStore certsAndcrls;

    public GpgSignedMail setFrom(String str) {
        this.from = str;
        return this;
    }

    public GpgSignedMail setTo(String... strArr) {
        this.to = strArr;
        return this;
    }

    public GpgSignedMail setCc(String... strArr) {
        this.cc = strArr;
        return this;
    }

    public GpgSignedMail setBcc(String... strArr) {
        this.bcc = strArr;
        return this;
    }

    public GpgSignedMail setSubject(String str) {
        this.subject = str;
        return this;
    }

    public GpgSignedMail setContent(String str) {
        this.content = str;
        return this;
    }

    public GpgSignedMail createCertificates(String str, String str2) throws Exception {
        this.signDN = str;
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
        keyPairGenerator.initialize(1024, new SecureRandom());
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        X509Certificate makeCertificate = makeCertificate(generateKeyPair, str, generateKeyPair, str);
        this.origKP = keyPairGenerator.generateKeyPair();
        this.origCert = makeCertificate(this.origKP, str2, generateKeyPair, str);
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.origCert);
        arrayList.add(makeCertificate);
        setCertsAndcrls(CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList), "BC"));
        return this;
    }

    @Override // de.mhus.lib.core.mail.Mail
    public void send(MailTransport mailTransport) throws Exception {
        MBouncy.init();
        InternetAddress[] internetAddressArr = new InternetAddress[this.to.length];
        for (int i = 0; i < this.to.length; i++) {
            internetAddressArr[i] = new InternetAddress(this.to[i]);
        }
        InternetAddress[] internetAddressArr2 = null;
        if (this.cc != null && this.cc.length > 0) {
            internetAddressArr2 = new InternetAddress[this.cc.length];
            for (int i2 = 0; i2 < this.cc.length; i2++) {
                internetAddressArr2[i2] = new InternetAddress(this.cc[i2]);
            }
        }
        InternetAddress[] internetAddressArr3 = null;
        if (this.bcc != null && this.bcc.length > 0) {
            internetAddressArr3 = new InternetAddress[this.bcc.length];
            for (int i3 = 0; i3 < this.bcc.length; i3++) {
                internetAddressArr3[i3] = new InternetAddress(this.bcc[i3]);
            }
        }
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        SMIMECapabilityVector sMIMECapabilityVector = new SMIMECapabilityVector();
        sMIMECapabilityVector.addCapability(SMIMECapability.dES_EDE3_CBC);
        sMIMECapabilityVector.addCapability(SMIMECapability.rC2_CBC, 128);
        sMIMECapabilityVector.addCapability(SMIMECapability.dES_CBC);
        aSN1EncodableVector.add(new SMIMECapabilitiesAttribute(sMIMECapabilityVector));
        aSN1EncodableVector.add(new SMIMEEncryptionKeyPreferenceAttribute(new IssuerAndSerialNumber(new X509Name(this.signDN), this.origCert.getSerialNumber())));
        SMIMESignedGenerator sMIMESignedGenerator = new SMIMESignedGenerator();
        sMIMESignedGenerator.addSigner(this.origKP.getPrivate(), this.origCert, SMIMESignedGenerator.DIGEST_SHA1, new AttributeTable(aSN1EncodableVector), (AttributeTable) null);
        sMIMESignedGenerator.addCertificatesAndCRLs(getCertsAndcrls());
        MimeBodyPart mimeBodyPart = new MimeBodyPart();
        mimeBodyPart.setText(this.content);
        MimeMultipart generate = sMIMESignedGenerator.generate(mimeBodyPart, "BC");
        MimeMessage mimeMessage = new MimeMessage(Session.getDefaultInstance(System.getProperties(), (Authenticator) null));
        mimeMessage.setFrom(MString.isSet(this.from) ? new InternetAddress(this.from) : mailTransport.getFrom());
        mimeMessage.setRecipients(Message.RecipientType.TO, internetAddressArr);
        if (internetAddressArr2 != null) {
            mimeMessage.setRecipients(Message.RecipientType.CC, internetAddressArr2);
        }
        if (internetAddressArr3 != null) {
            mimeMessage.setRecipients(Message.RecipientType.BCC, internetAddressArr3);
        }
        mimeMessage.setSubject(this.subject);
        mimeMessage.setContent(generate, generate.getContentType());
        mimeMessage.saveChanges();
        mailTransport.send(mimeMessage);
    }

    static X509Certificate makeCertificate(KeyPair keyPair, String str, KeyPair keyPair2, String str2) throws GeneralSecurityException, IOException {
        PublicKey publicKey = keyPair.getPublic();
        PrivateKey privateKey = keyPair2.getPrivate();
        PublicKey publicKey2 = keyPair2.getPublic();
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        int i = serialNo;
        serialNo = i + 1;
        x509V3CertificateGenerator.setSerialNumber(BigInteger.valueOf(i));
        x509V3CertificateGenerator.setIssuerDN(new X509Name(str2));
        x509V3CertificateGenerator.setNotBefore(new Date(System.currentTimeMillis()));
        x509V3CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + 8640000000L));
        x509V3CertificateGenerator.setSubjectDN(new X509Name(str));
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.setSignatureAlgorithm("MD5WithRSAEncryption");
        x509V3CertificateGenerator.addExtension(X509Extensions.SubjectKeyIdentifier, false, createSubjectKeyId(publicKey));
        x509V3CertificateGenerator.addExtension(X509Extensions.AuthorityKeyIdentifier, false, createAuthorityKeyId(publicKey2));
        return x509V3CertificateGenerator.generateX509Certificate(privateKey);
    }

    static AuthorityKeyIdentifier createAuthorityKeyId(PublicKey publicKey) throws IOException {
        return new AuthorityKeyIdentifier(new SubjectPublicKeyInfo(new ASN1InputStream(new ByteArrayInputStream(publicKey.getEncoded())).readObject()));
    }

    static SubjectKeyIdentifier createSubjectKeyId(PublicKey publicKey) throws IOException {
        return new SubjectKeyIdentifier(new SubjectPublicKeyInfo(new ASN1InputStream(new ByteArrayInputStream(publicKey.getEncoded())).readObject()).getEncoded());
    }

    public KeyPair getOrigKP() {
        return this.origKP;
    }

    public GpgSignedMail setOrigKP(KeyPair keyPair) {
        this.origKP = keyPair;
        return this;
    }

    public String getSignDN() {
        return this.signDN;
    }

    public void setSignDN(String str) {
        this.signDN = str;
    }

    public X509Certificate getOrigCert() {
        return this.origCert;
    }

    public void setOrigCert(X509Certificate x509Certificate) {
        this.origCert = x509Certificate;
    }

    public CertStore getCertsAndcrls() {
        return this.certsAndcrls;
    }

    public void setCertsAndcrls(CertStore certStore) {
        this.certsAndcrls = certStore;
    }
}
