package net.savignano.snotify.bitbucket.gui.servlet;

import com.atlassian.bitbucket.server.ApplicationPropertiesService;
import com.atlassian.sal.api.component.ComponentLocator;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.savignano.cryptography.Constants;
import net.savignano.cryptography.enums.ECryptographyType;
import net.savignano.cryptography.enums.EEncryptionTypePriority;
import net.savignano.cryptography.util.SecurityUtil;
import net.savignano.snotify.atlassian.common.EProperty;
import net.savignano.snotify.atlassian.common.properties.ASnotifyAppProperties;
import net.savignano.snotify.atlassian.gui.keysource.verification.VerificationStatus;
import net.savignano.snotify.atlassian.gui.keysource.verification.pgp.PgpPrivateKeyStoreVerification;
import net.savignano.snotify.atlassian.gui.keysource.verification.smime.SmimeKeyStoreVerification;
import net.savignano.snotify.atlassian.gui.templates.handler.IValueHandlerProvider;
import net.savignano.snotify.atlassian.gui.templates.handler.impl.InputHandler;
import net.savignano.snotify.atlassian.gui.templates.handler.impl.PasswordHandler;
import net.savignano.snotify.atlassian.gui.templates.handler.impl.provider.ValueHandlerContainer;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/savignano/snotify/bitbucket/gui/servlet/ServerKeyStoreSettingsServlet.class */
public class ServerKeyStoreSettingsServlet extends AdminSettingsServlet {
    private static final long serialVersionUID = 5134137930221061056L;
    private static final Logger log = LoggerFactory.getLogger(ServerKeyStoreSettingsServlet.class);
    private static final String SMIME_PRIVATE_KEYSTORE_LOCATION_ID = "smimePrivateKeystoreLocation";
    private static final String SMIME_PRIVATE_KEYSTORE_PASSWORD_ID = "smimePrivateKeystorePassword";
    private static final String PGP_PRIVATE_KEYSTORE_LOCATION_ID = "pgpPrivateKeystoreLocation";
    private static final String PGP_PRIVATE_KEY_PASSWORD_ID = "pgpPrivateKeyPassword";
    private static final String VERIFY_PGP_BUTTON_PARAM = "Verify-PGP";
    private static final String VERIFY_SMIME_BUTTON_PARAM = "Verify-SMIME";
    private static final String CLEAR_CACHE_PGP_BUTTON_PARAM = "Clear-Cache-PGP";
    private static final String CLEAR_CACHE_SMIME_PARAM = "Clear-Cache-SMIME";
    private static final String SUBMIT_PGP_BUTTON_PARAM = "Update-PGP";
    private static final String SUBMIT_SMIME_BUTTON_PARAM = "Update-SMIME";
    private static final String DISPLAYED_TAB_KEY = "displayedTab";
    private static final String VERIFY_MESSAGE_KEY = "verifyMessageHtml";
    private static final String EXPIRE_KEYS_KEY = "expireKeys";

    public ServerKeyStoreSettingsServlet() {
        super("server-key-store-settings");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.savignano.snotify.bitbucket.gui.servlet.AdminSettingsServlet, net.savignano.snotify.bitbucket.gui.servlet.SnotifyServlet
    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (!hasAdminRights()) {
            redirectLogin(httpServletRequest, httpServletResponse);
            return;
        }
        Map<String, Object> createRendererData = createRendererData(httpServletRequest);
        ValueHandlerContainer createValueHandlerProvider = createValueHandlerProvider();
        createValueHandlerProvider.read();
        createRendererData.put("valueHandlerProvider", createValueHandlerProvider);
        renderInput(httpServletResponse, createRendererData);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (!hasAdminRights()) {
            redirectLogin(httpServletRequest, httpServletResponse);
            return;
        }
        if (!hasMatchinXsrfToken(httpServletRequest)) {
            renderXsrfError(httpServletRequest, httpServletResponse);
            return;
        }
        Map<String, Object> createRendererData = createRendererData(httpServletRequest);
        ValueHandlerContainer createValueHandlerProvider = createValueHandlerProvider();
        createValueHandlerProvider.receive(httpServletRequest);
        createRendererData.put("valueHandlerProvider", createValueHandlerProvider);
        clearCache();
        if (httpServletRequest.getParameter(SUBMIT_PGP_BUTTON_PARAM) != null) {
            createRendererData.put(DISPLAYED_TAB_KEY, ECryptographyType.PGP);
            createRendererData.put("showUpdated", true);
            storeSettings(createValueHandlerProvider);
            renderInput(httpServletResponse, createRendererData);
            return;
        }
        if (httpServletRequest.getParameter(SUBMIT_SMIME_BUTTON_PARAM) != null) {
            createRendererData.put(DISPLAYED_TAB_KEY, ECryptographyType.SMIME);
            createRendererData.put("showUpdated", true);
            storeSettings(createValueHandlerProvider);
            renderInput(httpServletResponse, createRendererData);
            return;
        }
        if (httpServletRequest.getParameter(VERIFY_PGP_BUTTON_PARAM) != null) {
            createRendererData.put(DISPLAYED_TAB_KEY, ECryptographyType.PGP);
            createRendererData.put(VERIFY_MESSAGE_KEY, verifySettings(createValueHandlerProvider));
            renderInput(httpServletResponse, createRendererData);
            return;
        }
        if (httpServletRequest.getParameter(VERIFY_SMIME_BUTTON_PARAM) != null) {
            createRendererData.put(DISPLAYED_TAB_KEY, ECryptographyType.SMIME);
            createRendererData.put(VERIFY_MESSAGE_KEY, verifySettings(createValueHandlerProvider));
            renderInput(httpServletResponse, createRendererData);
        } else if (httpServletRequest.getParameter(CLEAR_CACHE_PGP_BUTTON_PARAM) != null) {
            createRendererData.put(DISPLAYED_TAB_KEY, ECryptographyType.PGP);
            createRendererData.put(EXPIRE_KEYS_KEY, true);
            renderInput(httpServletResponse, createRendererData);
        } else {
            if (httpServletRequest.getParameter(CLEAR_CACHE_SMIME_PARAM) == null) {
                httpServletResponse.sendError(400);
                return;
            }
            createRendererData.put(DISPLAYED_TAB_KEY, ECryptographyType.SMIME);
            createRendererData.put(EXPIRE_KEYS_KEY, true);
            renderInput(httpServletResponse, createRendererData);
        }
    }

    private void storeSettings(ValueHandlerContainer valueHandlerContainer) {
        valueHandlerContainer.store();
    }

    private String verifySettings(IValueHandlerProvider iValueHandlerProvider) {
        ArrayList arrayList = new ArrayList();
        String str = (String) iValueHandlerProvider.getValue(SMIME_PRIVATE_KEYSTORE_LOCATION_ID);
        if (StringUtils.isNotBlank(str)) {
            char[] cArr = (char[]) iValueHandlerProvider.getValue(SMIME_PRIVATE_KEYSTORE_PASSWORD_ID);
            arrayList.addAll(verifySmimePrivateKeystore(str, cArr));
            SecurityUtil.clearPassword(cArr);
        }
        String str2 = (String) iValueHandlerProvider.getValue(PGP_PRIVATE_KEYSTORE_LOCATION_ID);
        if (StringUtils.isNotBlank(str2)) {
            char[] cArr2 = (char[]) iValueHandlerProvider.getValue(PGP_PRIVATE_KEY_PASSWORD_ID);
            arrayList.addAll(verifyPgpPrivateKeystore(str2, cArr2));
            SecurityUtil.clearPassword(cArr2);
        }
        StringBuilder sb = new StringBuilder(512 * arrayList.size());
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            sb.append(((VerificationStatus) it.next()).getHtmlStatus());
        }
        return sb.toString();
    }

    private List<VerificationStatus> verifySmimePrivateKeystore(String str, char[] cArr) {
        log.info("Verifying S/MIME private key store at location: {}", str);
        SmimeKeyStoreVerification smimeKeyStoreVerification = new SmimeKeyStoreVerification(str, Constants.P12_KEYSTORE_TYPE, getI18n());
        smimeKeyStoreVerification.getEmails().addAll(getEmails());
        smimeKeyStoreVerification.setKeyStorePassword(cArr);
        smimeKeyStoreVerification.setKeyPassword(cArr);
        smimeKeyStoreVerification.setEnablePrivateKeyCheck(true);
        return smimeKeyStoreVerification.verify();
    }

    private List<VerificationStatus> verifyPgpPrivateKeystore(String str, char[] cArr) {
        log.info("Verifying PGP private key store at location: {}", str);
        PgpPrivateKeyStoreVerification pgpPrivateKeyStoreVerification = new PgpPrivateKeyStoreVerification(str, getI18n());
        pgpPrivateKeyStoreVerification.getEmails().addAll(getEmails());
        pgpPrivateKeyStoreVerification.setPassword(cArr);
        return pgpPrivateKeyStoreVerification.verify();
    }

    private void clearCache() {
        getAppProps().setLong(EProperty.EXPIRE_KEYS_PRIVATE_TIMESTAMP, Long.valueOf(System.currentTimeMillis()));
    }

    private EEncryptionTypePriority getTypePriority() {
        return (EEncryptionTypePriority) getAppProps().getEnum(EProperty.ENCRYPTION_TYPE_PRIORITY, EEncryptionTypePriority.class);
    }

    private List<String> getEmails() {
        ArrayList arrayList = new ArrayList();
        String mailServerEmail = getMailServerEmail();
        if (mailServerEmail != null) {
            arrayList.add(mailServerEmail);
        }
        return arrayList;
    }

    private String getMailServerEmail() {
        String serverEmailAddress = ((ApplicationPropertiesService) ComponentLocator.getComponent(ApplicationPropertiesService.class)).getServerEmailAddress();
        log.debug("Email address configured for outgoing mail server: <{}>", serverEmailAddress);
        return serverEmailAddress;
    }

    private ValueHandlerContainer createValueHandlerProvider() {
        ValueHandlerContainer valueHandlerContainer = new ValueHandlerContainer();
        valueHandlerContainer.add(new InputHandler(SMIME_PRIVATE_KEYSTORE_LOCATION_ID, getAppProps(), EProperty.PRIVATE_SMIME_KEYSTORE_LOCATION));
        valueHandlerContainer.add(new PasswordHandler(SMIME_PRIVATE_KEYSTORE_PASSWORD_ID, (ASnotifyAppProperties) getAppProps(), EProperty.PRIVATE_SMIME_KEY_PASSWORD));
        valueHandlerContainer.add(new InputHandler(PGP_PRIVATE_KEYSTORE_LOCATION_ID, getAppProps(), EProperty.PRIVATE_PGP_KEYSTORE_LOCATION));
        valueHandlerContainer.add(new PasswordHandler(PGP_PRIVATE_KEY_PASSWORD_ID, (ASnotifyAppProperties) getAppProps(), EProperty.PRIVATE_PGP_KEY_PASSWORD));
        return valueHandlerContainer;
    }

    public boolean isSmimeSelected(ECryptographyType eCryptographyType) {
        if (eCryptographyType == ECryptographyType.SMIME) {
            return true;
        }
        if (eCryptographyType == ECryptographyType.PGP) {
            return false;
        }
        switch (getTypePriority()) {
            case SMIME_ONLY:
            case SMIME_PREFERED:
                return true;
            case PGP_ONLY:
            case PGP_PREFERED:
                return false;
            default:
                log.error("Type priority not yet implemented: {}", getTypePriority());
                return false;
        }
    }

    public boolean isPgpSelected(ECryptographyType eCryptographyType) {
        if (eCryptographyType == ECryptographyType.PGP) {
            return true;
        }
        if (eCryptographyType == ECryptographyType.SMIME) {
            return false;
        }
        switch (getTypePriority()) {
            case SMIME_ONLY:
            case SMIME_PREFERED:
                return false;
            case PGP_ONLY:
            case PGP_PREFERED:
                return true;
            default:
                log.error("Type priority not yet implemented: {}", getTypePriority());
                return false;
        }
    }
}
