package net.savignano.snotify.jira.mailer.security;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.KeyException;
import java.security.KeyManagementException;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPPublicKey;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPPublicKeyRing;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPSignature;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/savignano/snotify/jira/mailer/security/SnotifyPgpKey.class */
public class SnotifyPgpKey {
    private static final Logger log = LoggerFactory.getLogger(SnotifyPgpKey.class);
    private final PGPPublicKeyRing ring;
    private final PGPPublicKey masterKey;
    private PGPPublicKey encryptionKey;

    public SnotifyPgpKey(PGPPublicKeyRingCollection pGPPublicKeyRingCollection, String str) throws KeyException {
        if (pGPPublicKeyRingCollection == null) {
            throw new IllegalArgumentException("Key ring collection must not be null.");
        }
        if (str == null) {
            throw new IllegalArgumentException("Email address must not be null.");
        }
        log.debug("Looking up key ring for email {}.", str);
        PGPPublicKeyRing pGPPublicKeyRing = null;
        Iterator<PGPPublicKeyRing> it = pGPPublicKeyRingCollection.iterator();
        while (it.hasNext() && pGPPublicKeyRing == null) {
            PGPPublicKeyRing next = it.next();
            Iterator<PGPPublicKey> it2 = next.iterator();
            while (true) {
                if (it2.hasNext()) {
                    PGPPublicKey next2 = it2.next();
                    if (next2.isMasterKey()) {
                        String upperCase = Long.toHexString(next2.getKeyID()).toUpperCase();
                        Iterator<String> userIDs = next2.getUserIDs();
                        while (true) {
                            if (!userIDs.hasNext()) {
                                break;
                            }
                            if (userIDs.next().toLowerCase().contains(str)) {
                                log.debug("Master key (ID: {}) is valid for email {}.", upperCase, str);
                                pGPPublicKeyRing = next;
                                break;
                            }
                        }
                        if (pGPPublicKeyRing == null && log.isDebugEnabled()) {
                            ArrayList arrayList = new ArrayList();
                            Iterator<String> userIDs2 = next2.getUserIDs();
                            while (userIDs2.hasNext()) {
                                arrayList.add(userIDs2.next());
                            }
                            if (arrayList.isEmpty()) {
                                log.debug("Key with ID {} does not contain any user IDs.", upperCase);
                            } else {
                                log.debug("Key with ID {} had the following user IDs: {}", upperCase, arrayList);
                            }
                        }
                    }
                }
            }
        }
        if (pGPPublicKeyRing == null) {
            throw new KeyManagementException("No matching PGP public key found for email adress: " + str);
        }
        this.ring = pGPPublicKeyRing;
        this.masterKey = findMasterKey();
    }

    public SnotifyPgpKey(PGPPublicKeyRing pGPPublicKeyRing) {
        if (pGPPublicKeyRing == null) {
            throw new IllegalArgumentException("Key ring must not be null.");
        }
        this.ring = pGPPublicKeyRing;
        this.masterKey = findMasterKey();
    }

    private PGPPublicKey findMasterKey() {
        Iterator<PGPPublicKey> it = this.ring.iterator();
        while (it.hasNext()) {
            PGPPublicKey next = it.next();
            if (next.isMasterKey()) {
                log.debug("Master key ID: {}", Long.toHexString(next.getKeyID()).toUpperCase());
                return next;
            }
        }
        throw new IllegalStateException("No master key found in public ring.");
    }

    public PGPPublicKey getMasterKey() {
        return this.masterKey;
    }

    public PGPPublicKey getEncryptionKey() {
        if (this.encryptionKey != null) {
            return this.encryptionKey;
        }
        ArrayList<PGPPublicKey> arrayList = new ArrayList();
        Iterator<PGPPublicKey> it = this.ring.iterator();
        while (it.hasNext()) {
            PGPPublicKey next = it.next();
            if (isValidEncryptionKey(next)) {
                arrayList.add(next);
            }
        }
        PGPPublicKey pGPPublicKey = null;
        for (PGPPublicKey pGPPublicKey2 : arrayList) {
            if (pGPPublicKey == null || pGPPublicKey.getCreationTime().before(pGPPublicKey2.getCreationTime())) {
                pGPPublicKey = pGPPublicKey2;
            }
        }
        if (log.isDebugEnabled()) {
            if (pGPPublicKey == null) {
                log.debug("No key found that can be used for encryption. Master key ID: {}", Long.toHexString(getMasterKey().getKeyID()).toUpperCase());
            } else {
                log.debug("Using key with ID {}. Creation time: {}", Long.toHexString(pGPPublicKey.getKeyID()).toUpperCase(), pGPPublicKey.getCreationTime());
            }
        }
        this.encryptionKey = pGPPublicKey;
        return pGPPublicKey;
    }

    private boolean isValidEncryptionKey(PGPPublicKey pGPPublicKey) {
        String upperCase = Long.toHexString(pGPPublicKey.getKeyID()).toUpperCase();
        if (!pGPPublicKey.isEncryptionKey()) {
            log.debug("Algorithm for key with ID {} can not be used for encryption.", upperCase);
            return false;
        }
        boolean z = false;
        boolean z2 = false;
        Iterator signatures = pGPPublicKey.getSignatures();
        while (true) {
            if (!signatures.hasNext()) {
                break;
            }
            PGPSignatureSubpacketVector hashedSubPackets = ((PGPSignature) signatures.next()).getHashedSubPackets();
            if (hashedSubPackets != null) {
                int keyFlags = hashedSubPackets.getKeyFlags();
                z = z || keyFlags != 0;
                if ((keyFlags & 4) != 0) {
                    z2 = true;
                    break;
                }
            }
        }
        if (!z2 && z) {
            log.debug("Key with ID {} has not the necessary flags for an encryption key.", upperCase);
            return false;
        }
        if (pGPPublicKey.hasRevocation()) {
            log.debug("Key with ID {} has been revoked.", upperCase);
            return false;
        }
        long validSeconds = pGPPublicKey.getValidSeconds();
        if (validSeconds == 0 || (validSeconds * 1000) + pGPPublicKey.getCreationTime().getTime() >= System.currentTimeMillis()) {
            log.debug("Key with ID {} can be used for encryption.", upperCase);
            return true;
        }
        log.debug("Key with ID {} is no loger valid. Expired: {}", upperCase, new Date((validSeconds * 1000) + pGPPublicKey.getCreationTime().getTime()));
        return false;
    }

    public PGPPublicKey getKey(long j) {
        return this.ring.getPublicKey(j);
    }

    public byte[] getEncoded() throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(1024);
        this.ring.encode(byteArrayOutputStream, true);
        return byteArrayOutputStream.toByteArray();
    }
}
