package org.apache.james.transport.mailets;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.mail.MessagingException;
import javax.mail.Part;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import org.apache.commons.io.IOUtils;
import org.apache.james.transport.SMIMEKeyHolder;
import org.apache.mailet.Attribute;
import org.apache.mailet.AttributeName;
import org.apache.mailet.AttributeValue;
import org.apache.mailet.Mail;
import org.apache.mailet.MailetConfig;
import org.apache.mailet.base.GenericMailet;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.RecipientInformation;
import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
import org.bouncycastle.mail.smime.SMIMEEnveloped;
import org.bouncycastle.mail.smime.SMIMEUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/james/transport/mailets/SMIMEDecrypt.class */
public class SMIMEDecrypt extends GenericMailet {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) SMIMEDecrypt.class);
    private SMIMEKeyHolder keyHolder;
    private X509CertificateHolder certificateHolder;
    private AttributeName mailAttribute = AttributeName.of("org.apache.james.SMIMEDecrypt");

    @Override // org.apache.mailet.base.GenericMailet
    public void init() throws MessagingException {
        super.init();
        MailetConfig mailetConfig = getMailetConfig();
        String initParameter = mailetConfig.getInitParameter("keyStoreType");
        String initParameter2 = mailetConfig.getInitParameter("keyStoreFileName");
        if (initParameter2 == null) {
            throw new MessagingException("No keyStoreFileName specified");
        }
        String initParameter3 = mailetConfig.getInitParameter("keyStorePassword");
        String initParameter4 = mailetConfig.getInitParameter("keyAlias");
        String initParameter5 = mailetConfig.getInitParameter("keyAliasPassword");
        String initParameter6 = mailetConfig.getInitParameter("mailAttribute");
        if (initParameter6 != null) {
            this.mailAttribute = AttributeName.of(initParameter6);
        }
        try {
            this.keyHolder = new SMIMEKeyHolder(initParameter2, initParameter3, initParameter4, initParameter5, initParameter);
            this.certificateHolder = from(this.keyHolder.getCertificate());
        } catch (IOException | GeneralSecurityException e) {
            throw new MessagingException("Error loading keystore", e);
        }
    }

    private X509CertificateHolder from(X509Certificate x509Certificate) throws MessagingException {
        try {
            return new X509CertificateHolder(x509Certificate.getEncoded());
        } catch (IOException | CertificateEncodingException e) {
            throw new MessagingException("Error during the parsing of the certificate", e);
        }
    }

    @Override // org.apache.mailet.base.GenericMailet, org.apache.mailet.Mailet
    public void service(Mail mail) throws MessagingException {
        MimeMessage message = mail.getMessage();
        MimeBodyPart mimeBodyPart = null;
        LOGGER.info("Starting message decryption..");
        if (message.isMimeType("application/x-pkcs7-mime") || message.isMimeType("application/pkcs7-mime")) {
            try {
                for (RecipientInformation recipientInformation : new SMIMEEnveloped(message).getRecipientInfos().getRecipients()) {
                    if (recipientInformation.getRID().match(this.certificateHolder)) {
                        try {
                            mimeBodyPart = SMIMEUtil.toMimeBodyPart(recipientInformation.getContent(new JceKeyTransEnvelopedRecipient(this.keyHolder.getPrivateKey())));
                            LOGGER.info("Encrypted message decrypted");
                        } catch (Exception e) {
                            throw new MessagingException("Error during the decryption of the message", e);
                        }
                    } else {
                        LOGGER.info("Found an encrypted message but it isn't encrypted for the supplied key");
                    }
                }
            } catch (CMSException e2) {
                throw new MessagingException("Error during the decryption of the message", e2);
            }
        }
        if (mimeBodyPart != null) {
            ArrayList arrayList = new ArrayList(1);
            try {
                arrayList.add(AttributeValue.of(this.keyHolder.getCertificate().getEncoded()));
            } catch (CertificateEncodingException e3) {
                LOGGER.warn("Failed to encode certificate", (Throwable) e3);
            }
            mail.setAttribute(new Attribute(this.mailAttribute, AttributeValue.of(arrayList)));
            try {
                MimeMessage mimeMessage = new MimeMessage(message);
                mimeMessage.setText(text(mimeBodyPart), StandardCharsets.UTF_8.name());
                if (!mimeBodyPart.isMimeType("multipart/*")) {
                    mimeMessage.setDisposition(null);
                }
                mimeMessage.saveChanges();
                mail.setMessage(mimeMessage);
            } catch (IOException e4) {
                LOGGER.error("Error during the strip of the encrypted message", (Throwable) e4);
                throw new MessagingException("Error during the stripping of the encrypted message", e4);
            }
        }
    }

    private String text(Part part) throws IOException, MessagingException {
        return IOUtils.toString(part.getDataHandler().getInputStream(), StandardCharsets.UTF_8);
    }
}
