package net.savignano.snotify.atlassian.common.security.key.publicly;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import net.savignano.snotify.atlassian.common.enums.EKeyPurpose;
import net.savignano.snotify.atlassian.common.enums.EKeySource;
import net.savignano.snotify.atlassian.common.enums.EKeyValidity;
import net.savignano.snotify.atlassian.common.security.key.ASnotifyKey;
import net.savignano.snotify.atlassian.common.util.PgpUtil;
import net.savignano.thirdparty.org.bouncycastle.asn1.x509.DisplayText;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPPublicKey;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPPublicKeyRing;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPSignature;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/savignano/snotify/atlassian/common/security/key/publicly/SnotifyPgpPublicKey.class */
public class SnotifyPgpPublicKey extends ASnotifyKey<PGPPublicKey> implements ISnotifyPublicKey<PGPPublicKey> {
    private static final Logger log = LoggerFactory.getLogger(SnotifyPgpPublicKey.class);
    private final PGPPublicKeyRing ring;
    private final PGPPublicKey masterKey;
    private final PGPPublicKey encryptionKey;

    private static PGPPublicKey findEncryptionKey(PGPPublicKeyRing pGPPublicKeyRing) {
        ArrayList<PGPPublicKey> arrayList = new ArrayList();
        Iterator<PGPPublicKey> it = pGPPublicKeyRing.iterator();
        while (it.hasNext()) {
            PGPPublicKey next = it.next();
            if (isValidEncryptionKey(next)) {
                arrayList.add(next);
            }
        }
        PGPPublicKey pGPPublicKey = null;
        for (PGPPublicKey pGPPublicKey2 : arrayList) {
            if (pGPPublicKey == null || pGPPublicKey.getCreationTime().before(pGPPublicKey2.getCreationTime())) {
                pGPPublicKey = pGPPublicKey2;
            }
        }
        if (log.isDebugEnabled()) {
            if (pGPPublicKey == null) {
                log.debug("No key found that can be used for encryption. Master key ID: {}", PgpUtil.getPrettyId(pGPPublicKeyRing.getPublicKey()));
            } else {
                log.debug("Using key with ID {}. Creation time: {}", Long.toHexString(pGPPublicKey.getKeyID()).toUpperCase(), pGPPublicKey.getCreationTime());
            }
        }
        return pGPPublicKey;
    }

    private static boolean isValidEncryptionKey(PGPPublicKey pGPPublicKey) {
        String prettyId = PgpUtil.getPrettyId(pGPPublicKey);
        if (!pGPPublicKey.isEncryptionKey()) {
            log.debug("Algorithm for key with ID {} can not be used for encryption.", prettyId);
            return false;
        }
        boolean z = false;
        boolean z2 = false;
        Iterator signatures = pGPPublicKey.getSignatures();
        while (true) {
            if (!signatures.hasNext()) {
                break;
            }
            PGPSignatureSubpacketVector hashedSubPackets = ((PGPSignature) signatures.next()).getHashedSubPackets();
            if (hashedSubPackets != null) {
                int keyFlags = hashedSubPackets.getKeyFlags();
                z = z || keyFlags != 0;
                if ((keyFlags & 4) != 0) {
                    z2 = true;
                    break;
                }
            }
        }
        if (!z2 && z) {
            log.debug("Key with ID {} has not the necessary flags for an encryption key.", prettyId);
            return false;
        }
        if (pGPPublicKey.hasRevocation()) {
            log.warn("Key with ID {} has been revoked.", prettyId);
            return false;
        }
        long validSeconds = pGPPublicKey.getValidSeconds();
        if (validSeconds == 0 || (validSeconds * 1000) + pGPPublicKey.getCreationTime().getTime() >= System.currentTimeMillis()) {
            log.debug("Key with ID {} can be used for encryption.", prettyId);
            return true;
        }
        log.warn("Key with ID {} is no loger valid. Expired: {}", prettyId, new Date((validSeconds * 1000) + pGPPublicKey.getCreationTime().getTime()));
        return false;
    }

    public SnotifyPgpPublicKey(PGPPublicKeyRing pGPPublicKeyRing) {
        this(pGPPublicKeyRing, (String) null);
    }

    public SnotifyPgpPublicKey(PGPPublicKeyRing pGPPublicKeyRing, String str) {
        super(EKeyPurpose.ENCRYPTION);
        this.ring = pGPPublicKeyRing;
        if (pGPPublicKeyRing == null) {
            log.warn("Key ring was <null>.");
            this.masterKey = null;
            this.encryptionKey = null;
            setKeyValidity(EKeyValidity.INVALID);
            return;
        }
        this.masterKey = pGPPublicKeyRing.getPublicKey();
        this.encryptionKey = findEncryptionKey(pGPPublicKeyRing);
        if (this.masterKey == null || !this.masterKey.isMasterKey()) {
            log.warn("Passed key ring has no master key. Maybe key ring is corrupt.");
            setKeyValidity(EKeyValidity.INVALID);
        } else if (this.encryptionKey == null) {
            log.warn("No valid encryption key was found to encrypt emails. Corresponding master key ID: {}", PgpUtil.getPrettyId(this.masterKey));
            setKeyValidity(EKeyValidity.INVALID);
        } else {
            if (str == null || PgpUtil.isKeyForEmail(this.masterKey, str)) {
                return;
            }
            log.warn("Key ring is no match for email address: {}", str);
            setKeyValidity(EKeyValidity.INVALID);
        }
    }

    public SnotifyPgpPublicKey(EKeyValidity eKeyValidity) {
        this(eKeyValidity, EKeySource.UNKNOWN);
    }

    public SnotifyPgpPublicKey(EKeyValidity eKeyValidity, EKeySource eKeySource) {
        super(EKeyPurpose.ENCRYPTION);
        this.ring = null;
        this.masterKey = null;
        this.encryptionKey = null;
        setKeyValidity(eKeyValidity);
        setKeySource(eKeySource);
    }

    @Override // net.savignano.snotify.atlassian.common.security.key.publicly.ISnotifyPublicKey
    public byte[] getEncoded() throws IOException {
        if (this.ring == null) {
            return null;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(1024);
        this.ring.encode(byteArrayOutputStream, true);
        return byteArrayOutputStream.toByteArray();
    }

    public PGPPublicKey getMasterKey() {
        return this.masterKey;
    }

    @Override // net.savignano.snotify.atlassian.common.security.key.ISnotifyKey
    public PGPPublicKey getKey() {
        return this.encryptionKey;
    }

    public PGPPublicKey getKey(long j) {
        if (this.ring == null) {
            return null;
        }
        return this.ring.getPublicKey(j);
    }

    @Override // net.savignano.snotify.atlassian.common.security.key.ASnotifyKey
    public String toString() {
        StringBuilder sb = new StringBuilder(DisplayText.DISPLAY_TEXT_MAXIMUM_SIZE);
        sb.append("PGP Public Key. ");
        sb.append("Key Validity: ");
        sb.append(getKeyValidity());
        sb.append("; Key Purpose: ");
        sb.append(getKeyPurpose());
        sb.append("; Key Source: ");
        sb.append(getKeySource());
        sb.append("; Encryption Key ID: ");
        sb.append(PgpUtil.getPrettyId(getKey()));
        sb.append("; Master Key ID: ");
        sb.append(PgpUtil.getPrettyId(getMasterKey()));
        return sb.toString();
    }
}
