package net.savignano.snotify.atlassian.gui.keysource.verification.smime;

import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.LinkedHashSet;
import java.util.Optional;
import java.util.Set;
import net.savignano.snotify.atlassian.common.Constants;
import net.savignano.snotify.atlassian.common.ISnotifyI18n;
import net.savignano.snotify.atlassian.common.security.key.publicly.SnotifySmimePublicKey;
import net.savignano.snotify.atlassian.common.util.KeyStoreContentFetcher;
import net.savignano.snotify.atlassian.common.util.SmimeUtil;
import net.savignano.snotify.atlassian.gui.keysource.verification.AKeySourceVerification;
import net.savignano.snotify.atlassian.gui.keysource.verification.EVerificationStatus;
import net.savignano.thirdparty.org.bouncycastle.cert.X509CertificateHolder;
import net.savignano.thirdparty.org.bouncycastle.cms.CMSSignedData;
import net.savignano.thirdparty.org.bouncycastle.util.Store;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/savignano/snotify/atlassian/gui/keysource/verification/smime/SmimeP7bVerification.class */
public class SmimeP7bVerification extends AKeySourceVerification {
    private static final Logger log = LoggerFactory.getLogger(SmimeP7bVerification.class);
    private final String location;
    private final Set<String> emails;

    public SmimeP7bVerification(String str, ISnotifyI18n iSnotifyI18n) {
        super(iSnotifyI18n);
        this.emails = new LinkedHashSet();
        if (str == null) {
            throw new IllegalArgumentException("Location must not be null.");
        }
        this.location = str;
        getBuilder().title("net.savignano.snotify.smime-p7b-verification.title", new Object[0]);
    }

    @Override // net.savignano.snotify.atlassian.gui.keysource.verification.AKeySourceVerification
    protected void doVerify() throws Exception {
        canReadLocation();
    }

    private void canReadLocation() {
        SecurityException securityException = null;
        boolean z = false;
        try {
            z = new File(this.location).canRead();
            log.debug("Can access key store at location {}: {}", this.location, Boolean.valueOf(z));
        } catch (SecurityException e) {
            securityException = e;
            log.debug("Cannot access key store location: " + this.location, securityException);
        }
        if (z) {
            getBuilder().status(EVerificationStatus.SUCCESS);
            getBuilder().subTitle("net.savignano.snotify.smime-p7b-verification.canRead.success.title", new Object[0]);
            getBuilder().message("net.savignano.snotify.smime-p7b-verification.canRead.success.message", this.location);
            build();
            loadKeyStore();
            return;
        }
        if (securityException != null) {
            getBuilder().status(EVerificationStatus.ERROR);
            getBuilder().subTitle("net.savignano.snotify.smime-p7b-verification.canRead.exception.title", new Object[0]);
            getBuilder().message("net.savignano.snotify.smime-p7b-verification.canRead.exception.message", this.location, securityException.getClass().getSimpleName(), securityException.getLocalizedMessage());
            build();
            return;
        }
        getBuilder().status(EVerificationStatus.ERROR);
        getBuilder().subTitle("net.savignano.snotify.smime-p7b-verification.canRead.failure.title", new Object[0]);
        getBuilder().message("net.savignano.snotify.smime-p7b-verification.canRead.failure.message", this.location);
        build();
    }

    private void loadKeyStore() {
        Exception exc = null;
        KeyStore keyStore = null;
        int i = 0;
        try {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(this.location));
            Throwable th = null;
            try {
                try {
                    CMSSignedData cMSSignedData = new CMSSignedData(bufferedInputStream);
                    if (bufferedInputStream != null) {
                        if (0 != 0) {
                            try {
                                bufferedInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            bufferedInputStream.close();
                        }
                    }
                    Store<X509CertificateHolder> certificates = cMSSignedData.getCertificates();
                    log.debug("Loaded key store from location: {}", this.location);
                    keyStore = SmimeUtil.convertToKeyStore(certificates, Constants.BOUNCY_CASTLE_KEYSTORE_TYPE, null);
                    i = keyStore.size();
                    log.debug("Found {} entries inside key store.", Integer.valueOf(i));
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } finally {
            }
        } catch (Exception e) {
            exc = e;
            log.debug("Could not load key store from location: " + this.location, exc);
        }
        if (exc != null) {
            getBuilder().status(EVerificationStatus.ERROR);
            getBuilder().subTitle("net.savignano.snotify.smime-p7b-verification.loadKeyStore.exception.title", new Object[0]);
            getBuilder().message("net.savignano.snotify.smime-p7b-verification.loadKeyStore.exception.message", exc.getClass().getSimpleName(), exc.getLocalizedMessage());
            build();
            return;
        }
        if (i == 0) {
            getBuilder().status(EVerificationStatus.ERROR);
            getBuilder().subTitle("net.savignano.snotify.smime-p7b-verification.loadKeyStore.empty.title", new Object[0]);
            getBuilder().message("net.savignano.snotify.smime-p7b-verification.loadKeyStore.empty.message", new Object[0]);
        } else {
            getBuilder().status(EVerificationStatus.SUCCESS);
            getBuilder().subTitle("net.savignano.snotify.smime-p7b-verification.loadKeyStore.success.title", new Object[0]);
            getBuilder().message("net.savignano.snotify.smime-p7b-verification.loadKeyStore.success.message", Integer.valueOf(i));
            build();
            checkEmails(keyStore);
        }
    }

    private void checkEmails(KeyStore keyStore) {
        if (keyStore == null) {
            return;
        }
        if (getEmails().isEmpty()) {
            log.debug("No email address was given, so can't check if a certificate was found for it.");
            getBuilder().status(EVerificationStatus.INFO);
            getBuilder().subTitle("net.savignano.snotify.smime-p7b-verification.checkEmail.noEmail.title", new Object[0]);
            getBuilder().message("net.savignano.snotify.smime-p7b-verification.checkEmail.noEmail.message", new Object[0]);
            build();
            return;
        }
        for (String str : getEmails()) {
            try {
                Optional<X509Certificate> certFor = new KeyStoreContentFetcher(keyStore).getCertFor(SmimeUtil.createPredicateForEmail(str));
                if (certFor.isPresent()) {
                    log.debug("Certificate for email <{}> was found in key store.", str);
                    getBuilder().status(EVerificationStatus.SUCCESS);
                    getBuilder().subTitle("net.savignano.snotify.smime-p7b-verification.checkEmail.success.title", new Object[0]);
                    getBuilder().message("net.savignano.snotify.smime-p7b-verification.checkEmail.success.message", str);
                    build();
                    verifyKey(new SnotifySmimePublicKey(certFor.get(), str));
                } else {
                    log.debug("No certificate for email <{}> was found in key store.", str);
                    getBuilder().status(EVerificationStatus.WARNING);
                    getBuilder().subTitle("net.savignano.snotify.smime-p7b-verification.checkEmail.failure.title", new Object[0]);
                    getBuilder().message("net.savignano.snotify.smime-p7b-verification.checkEmail.failure.message", str);
                    build();
                }
            } catch (Exception e) {
                log.debug("Could not look up email <" + str + "> in keystore \"" + keyStore + "\".", e);
                getBuilder().status(EVerificationStatus.ERROR);
                getBuilder().subTitle("net.savignano.snotify.smime-p7b-verification.checkEmail.exception.title", new Object[0]);
                getBuilder().message("net.savignano.snotify.smime-p7b-verification.checkEmail.exception.message", str, e.getClass().getSimpleName(), e.getLocalizedMessage());
                build();
                return;
            }
        }
    }

    public Set<String> getEmails() {
        return this.emails;
    }
}
