package sernet.verinice.encryption.impl.util;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileReader;
import java.io.FilterInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.mail.MessagingException;
import javax.mail.internet.MimeBodyPart;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.RecipientInformation;
import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientId;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.mail.smime.SMIMEEnveloped;
import org.bouncycastle.openssl.PEMReader;
import org.bouncycastle.openssl.PasswordFinder;
import org.bouncycastle.util.encoders.Base64;
import sernet.verinice.interfaces.encryption.EncryptionException;

/* loaded from: input_file:sernet/verinice/encryption/impl/util/SMIMEDecryptedInputStream.class */
public class SMIMEDecryptedInputStream extends FilterInputStream {
    private byte[] decryptedByteData;
    private static final String STD_ERR_MSG = "There was an IO problem during the en- or decryption process. See the stacktrace for details.";

    public SMIMEDecryptedInputStream(InputStream inputStream, File file, File file2) throws CertificateException, IOException, EncryptionException {
        this(inputStream, file, file2, null);
    }

    public SMIMEDecryptedInputStream(InputStream inputStream, File file, File file2, final String str) throws CertificateException, IOException, EncryptionException {
        super(inputStream);
        this.decryptedByteData = new byte[0];
        X509Certificate loadX509CertificateFromFile = CertificateUtils.loadX509CertificateFromFile(file);
        FileReader fileReader = new FileReader(file2);
        PasswordFinder passwordFinder = new PasswordFinder() { // from class: sernet.verinice.encryption.impl.util.SMIMEDecryptedInputStream.1
            public char[] getPassword() {
                if (str != null) {
                    return str.toCharArray();
                }
                return null;
            }
        };
        PrivateKey privateKey = ((KeyPair) (passwordFinder.getPassword() != null ? new PEMReader(fileReader, passwordFinder) : new PEMReader(fileReader)).readObject()).getPrivate();
        try {
            RecipientInformation recipientInformation = new SMIMEEnveloped(new MimeBodyPart(inputStream)).getRecipientInfos().get(new JceKeyTransRecipientId(loadX509CertificateFromFile));
            if (recipientInformation != null) {
                JceKeyTransEnvelopedRecipient jceKeyTransEnvelopedRecipient = new JceKeyTransEnvelopedRecipient(privateKey);
                jceKeyTransEnvelopedRecipient.setProvider("SunPKCS11-verinice");
                jceKeyTransEnvelopedRecipient.setContentProvider(BouncyCastleProvider.PROVIDER_NAME);
                this.decryptedByteData = recipientInformation.getContent(jceKeyTransEnvelopedRecipient);
                this.decryptedByteData = Base64.decode(this.decryptedByteData);
            }
            ((FilterInputStream) this).in = new ByteArrayInputStream(this.decryptedByteData);
        } catch (CMSException e) {
            throw new EncryptionException(STD_ERR_MSG, e);
        } catch (MessagingException e2) {
            throw new EncryptionException(STD_ERR_MSG, e2);
        }
    }

    public SMIMEDecryptedInputStream(InputStream inputStream, String str) throws CertificateException, IOException, EncryptionException {
        super(inputStream);
        this.decryptedByteData = new byte[0];
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS11", "SunPKCS11-verinice");
            keyStore.load(null, null);
            X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str);
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(str, null);
            SMIMEEnveloped sMIMEEnveloped = new SMIMEEnveloped(new MimeBodyPart(inputStream));
            RecipientInformation recipientInformation = sMIMEEnveloped.getRecipientInfos().get(new JceKeyTransRecipientId(x509Certificate));
            if (recipientInformation != null) {
                JceKeyTransEnvelopedRecipient jceKeyTransEnvelopedRecipient = new JceKeyTransEnvelopedRecipient(privateKey);
                jceKeyTransEnvelopedRecipient.setProvider("SunPKCS11-verinice");
                jceKeyTransEnvelopedRecipient.setContentProvider(BouncyCastleProvider.PROVIDER_NAME);
                this.decryptedByteData = recipientInformation.getContent(jceKeyTransEnvelopedRecipient);
                this.decryptedByteData = Base64.decode(this.decryptedByteData);
            }
            ((FilterInputStream) this).in = new ByteArrayInputStream(this.decryptedByteData);
        } catch (CMSException e) {
            throw new EncryptionException(STD_ERR_MSG, e);
        } catch (MessagingException e2) {
            throw new EncryptionException(STD_ERR_MSG, e2);
        } catch (GeneralSecurityException e3) {
            throw new EncryptionException(STD_ERR_MSG, e3);
        }
    }

    @Override // java.io.FilterInputStream, java.io.InputStream
    public int available() throws IOException {
        return this.decryptedByteData.length;
    }
}
