package de.gematik.rbellogger.util.email_crypto;

import de.gematik.rbellogger.key.IdentityBackedRbelKey;
import de.gematik.rbellogger.key.RbelKey;
import de.gematik.rbellogger.key.RbelKeyManager;
import de.gematik.rbellogger.util.email_crypto.elliptic_curve.BcException;
import de.gematik.rbellogger.util.email_crypto.elliptic_curve.ParseException;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.lang.reflect.Field;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.spec.MGF1ParameterSpec;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Objects;
import java.util.Optional;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import javax.crypto.spec.SecretKeySpec;
import javax.naming.directory.InvalidAttributesException;
import lombok.Generated;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.lang3.ArrayUtils;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Util;
import org.bouncycastle.asn1.BERSequence;
import org.bouncycastle.asn1.BERTaggedObject;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DLSequence;
import org.bouncycastle.asn1.DLTaggedObject;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.cms.KeyTransRecipientInfo;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.cms.CMSAuthEnvelopedData;
import org.bouncycastle.cms.CMSEnvelopedData;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.KeyTransRecipientId;
import org.bouncycastle.cms.KeyTransRecipientInformation;
import org.bouncycastle.cms.RecipientId;
import org.bouncycastle.cms.RecipientInformation;
import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.jose4j.jwe.SimpleAeadCipher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/tiger-rbel-3.2.4.jar:de/gematik/rbellogger/util/email_crypto/EmailDecryption.class */
public class EmailDecryption {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) EmailDecryption.class);
    private static final String OID_AES256_GCM = "2.16.840.1.101.3.4.1.46";

    public static Optional<byte[]> decrypt(byte[] bArr, RbelKeyManager rbelKeyManager) throws CMSException {
        CMSAuthEnvelopedData cMSAuthEnvelopedData = new CMSAuthEnvelopedData(bArr);
        AlgorithmIdentifier algorithm = getAlgorithm(cMSAuthEnvelopedData);
        return algorithm.getAlgorithm().getId().equals(OID_AES256_GCM) ? decryptOidAes256Gcm(cMSAuthEnvelopedData, algorithm, rbelKeyManager) : decryptDefault(bArr, rbelKeyManager);
    }

    private static Optional<byte[]> decryptDefault(byte[] bArr, RbelKeyManager rbelKeyManager) throws CMSException {
        for (RecipientInformation recipientInformation : new CMSEnvelopedData(bArr).getRecipientInfos().getRecipients()) {
            RecipientId rid = recipientInformation.getRID();
            if (rid instanceof KeyTransRecipientId) {
                Optional<PrivateKey> findMatchingKey = findMatchingKey(rbelKeyManager, (KeyTransRecipientId) rid);
                if (findMatchingKey.isPresent()) {
                    return Optional.of(recipientInformation.getContent(new JceKeyTransEnvelopedRecipient(findMatchingKey.get()).setProvider(BouncyCastleProvider.PROVIDER_NAME)));
                }
            }
        }
        return Optional.empty();
    }

    private static Optional<PrivateKey> findMatchingKey(RbelKeyManager rbelKeyManager, KeyTransRecipientId keyTransRecipientId) {
        Optional<U> map = rbelKeyManager.getAllKeys().filter(rbelKey -> {
            return serialNumberMatches(rbelKey, keyTransRecipientId.getSerialNumber());
        }).findFirst().map((v0) -> {
            return v0.getKey();
        });
        Class<PrivateKey> cls = PrivateKey.class;
        Objects.requireNonNull(PrivateKey.class);
        return map.map((v1) -> {
            return r1.cast(v1);
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean serialNumberMatches(RbelKey rbelKey, BigInteger bigInteger) {
        if (rbelKey.isPrivateKey() && (rbelKey instanceof IdentityBackedRbelKey)) {
            return bigInteger.equals(((IdentityBackedRbelKey) rbelKey).getCertificate().getSerialNumber());
        }
        return false;
    }

    private static Optional<byte[]> decryptOidAes256Gcm(CMSAuthEnvelopedData cMSAuthEnvelopedData, AlgorithmIdentifier algorithmIdentifier, RbelKeyManager rbelKeyManager) {
        for (RecipientInformation recipientInformation : cMSAuthEnvelopedData.getRecipientInfos().getRecipients()) {
            RecipientId rid = recipientInformation.getRID();
            if (rid instanceof KeyTransRecipientId) {
                Optional<PrivateKey> findMatchingKey = findMatchingKey(rbelKeyManager, (KeyTransRecipientId) rid);
                if (findMatchingKey.isPresent()) {
                    return Optional.of(decryptOidAes256Gcm(cMSAuthEnvelopedData, (KeyTransRecipientInformation) recipientInformation, algorithmIdentifier, findMatchingKey.get()));
                }
            }
        }
        return Optional.empty();
    }

    private static byte[] decryptOidAes256Gcm(CMSAuthEnvelopedData cMSAuthEnvelopedData, KeyTransRecipientInformation keyTransRecipientInformation, AlgorithmIdentifier algorithmIdentifier, PrivateKey privateKey) {
        byte[] extractPlainSymKey = extractPlainSymKey(keyTransRecipientInformation, privateKey);
        byte[] extractNonceValue = extractNonceValue(algorithmIdentifier);
        byte[] extractEncKeyData = extractEncKeyData(cMSAuthEnvelopedData);
        byte[] mac = cMSAuthEnvelopedData.getMac();
        if (checkExistenceOfPMacInEncValue(extractEncKeyData, mac)) {
            throw new RbelDecryptionException("This PKCS7-Content does not contain the mac value in the encoded value!");
        }
        return decryptSymEncodedWithMac(extractEncKeyData, mac, extractNonceValue, extractPlainSymKey);
    }

    private static boolean checkExistenceOfPMacInEncValue(byte[] bArr, byte[] bArr2) {
        return Arrays.equals(ArrayUtils.subarray(bArr, bArr.length - bArr2.length, bArr.length), bArr2);
    }

    private static byte[] extractNonceValue(AlgorithmIdentifier algorithmIdentifier) {
        DLSequence dLSequence = (DLSequence) algorithmIdentifier.getParameters();
        int i = 0;
        while (true) {
            if (i >= dLSequence.size()) {
                break;
            }
            ASN1Encodable objectAt = dLSequence.getObjectAt(i);
            if (objectAt instanceof DEROctetString) {
                byte[] octets = ((DEROctetString) objectAt).getOctets();
                if (octets != null && octets.length != 0) {
                    return octets;
                }
            } else {
                i++;
            }
        }
        throw new RbelDecryptionException("This PKCS7-Content has not a valid nonce value!");
    }

    private static byte[] extractEncKeyData(CMSAuthEnvelopedData cMSAuthEnvelopedData) {
        try {
            ContentInfo aSN1Structure = cMSAuthEnvelopedData.toASN1Structure();
            if (aSN1Structure == null) {
                return new byte[0];
            }
            ASN1Encodable content = aSN1Structure.getContent();
            if (content instanceof DLSequence) {
                return extractEncKeyData((DLSequence) content);
            }
            ASN1Encodable content2 = aSN1Structure.getContent();
            if (content2 instanceof BERSequence) {
                return extractEncKeyData((BERSequence) content2);
            }
            throw new RbelDecryptionException("This PKCS7-Content has not a valid encrypted Key value!");
        } catch (IOException e) {
            throw new RbelDecryptionException(e.getMessage(), e);
        }
    }

    private static byte[] extractEncKeyData(BERSequence bERSequence) throws IOException {
        for (int i = 0; i < bERSequence.size(); i++) {
            ASN1Encodable objectAt = bERSequence.getObjectAt(i);
            if (objectAt instanceof BERSequence) {
                Optional<byte[]> accumulatedOctets = getAccumulatedOctets((BERSequence) objectAt);
                if (accumulatedOctets.isPresent()) {
                    return accumulatedOctets.get();
                }
            }
        }
        throw new RbelDecryptionException("Could not extract encoded key data");
    }

    private static Optional<byte[]> getAccumulatedOctets(BERSequence bERSequence) throws IOException {
        for (int i = 0; i < bERSequence.size(); i++) {
            ASN1Encodable objectAt = bERSequence.getObjectAt(i);
            if (objectAt instanceof BERTaggedObject) {
                return getAccumulatedOctets((BERTaggedObject) objectAt);
            }
        }
        return Optional.empty();
    }

    private static Optional<byte[]> getAccumulatedOctets(BERTaggedObject bERTaggedObject) throws IOException {
        ASN1Primitive aSN1Primitive = ASN1Util.parseContextBaseUniversal(bERTaggedObject, bERTaggedObject.getTagNo(), bERTaggedObject.isExplicit(), 16).toASN1Primitive();
        if (!(aSN1Primitive instanceof BERSequence)) {
            return Optional.empty();
        }
        Enumeration objects = ((BERSequence) aSN1Primitive).getObjects();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        while (objects.hasMoreElements()) {
            byte[] octets = ((DEROctetString) objects.nextElement()).getOctets();
            byteArrayOutputStream.write(octets, 0, octets.length);
        }
        return Optional.of(byteArrayOutputStream.toByteArray());
    }

    private static byte[] extractEncKeyData(DLSequence dLSequence) {
        for (int i = 0; i < dLSequence.size(); i++) {
            ASN1Encodable objectAt = dLSequence.getObjectAt(i);
            if (objectAt instanceof DLSequence) {
                DLSequence dLSequence2 = (DLSequence) objectAt;
                for (int i2 = 0; i2 < dLSequence2.size(); i2++) {
                    ASN1Encodable objectAt2 = dLSequence2.getObjectAt(i2);
                    if (objectAt2 instanceof DLTaggedObject) {
                        return ((DEROctetString) ((DLTaggedObject) objectAt2).getBaseObject()).getOctets();
                    }
                }
            }
        }
        throw new RbelDecryptionException("This PKCS7-Content has not a valid encrypted Key value!");
    }

    private static AlgorithmIdentifier getAlgorithm(CMSAuthEnvelopedData cMSAuthEnvelopedData) {
        try {
            Field declaredField = cMSAuthEnvelopedData.getClass().getDeclaredField("authEncAlg");
            declaredField.setAccessible(true);
            return (AlgorithmIdentifier) declaredField.get(cMSAuthEnvelopedData);
        } catch (IllegalAccessException | NoSuchFieldException | SecurityException e) {
            throw new RbelDecryptionException("Cannot extract algorithm", e);
        }
    }

    private static byte[] extractPlainSymKey(KeyTransRecipientInformation keyTransRecipientInformation, PrivateKey privateKey) {
        if (keyTransRecipientInformation != null) {
            try {
                Field declaredField = keyTransRecipientInformation.getClass().getDeclaredField("info");
                declaredField.setAccessible(true);
                DEROctetString dEROctetString = (DEROctetString) ((KeyTransRecipientInfo) declaredField.get(keyTransRecipientInformation)).getEncryptedKey();
                if (dEROctetString != null) {
                    return privateKey.getAlgorithm().equals("EC") ? decryptTransportKeyEc(privateKey, dEROctetString) : decryptTransportKeyRsa(privateKey, dEROctetString);
                }
            } catch (IllegalAccessException | NoSuchFieldException e) {
                throw new RbelDecryptionException("Plain Symmetric Key could not be extracted", e);
            }
        }
        throw new RbelDecryptionException("Plain Symmetric Key could not be extracted");
    }

    private static byte[] decryptTransportKeyRsa(PrivateKey privateKey, DEROctetString dEROctetString) {
        try {
            OAEPParameterSpec oAEPParameterSpec = new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT);
            Cipher cipher = Cipher.getInstance("RSA/None/OAEPWithSHA256AndMGF1Padding", BouncyCastleProvider.PROVIDER_NAME);
            cipher.init(2, privateKey, oAEPParameterSpec);
            return cipher.doFinal(dEROctetString.getOctets());
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new RbelDecryptionException("Cannot decrypt RSA transport key", e);
        }
    }

    private static byte[] decryptTransportKeyEc(PrivateKey privateKey, DEROctetString dEROctetString) {
        try {
            return new TransportKeyDecryptor(privateKey).decryptTransportKey(dEROctetString.getOctets());
        } catch (BcException | ParseException | IOException | InvalidAttributesException | DecoderException e) {
            throw new RbelDecryptionException("Cannot decrypt EC transport key", e);
        }
    }

    private static byte[] decryptSymEncodedWithMac(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                byteArrayOutputStream.write(bArr);
                byteArrayOutputStream.write(bArr2);
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr3);
                SecretKeySpec secretKeySpec = new SecretKeySpec(bArr4, "AES");
                Cipher cipher = Cipher.getInstance(SimpleAeadCipher.GCM_TRANSFORMATION_NAME);
                cipher.init(2, secretKeySpec, gCMParameterSpec);
                byte[] doFinal = cipher.doFinal(byteArray);
                byteArrayOutputStream.close();
                return doFinal;
            } finally {
            }
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new RbelDecryptionException("This PKCS7-Content could not be decrypted!", e);
        }
    }

    @Generated
    private EmailDecryption() {
    }
}
