package net.savignano.snotify.atlassian.mailer.encryptor;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import javax.mail.Address;
import javax.mail.MessagingException;
import javax.mail.Session;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import net.savignano.snotify.atlassian.common.Constants;
import net.savignano.snotify.atlassian.common.ISnotifyAppProperties;
import net.savignano.snotify.atlassian.common.ISnotifyUserProperties;
import net.savignano.snotify.atlassian.common.enums.EncryptionKeySource;
import net.savignano.snotify.atlassian.common.security.key.EKeyValidity;
import net.savignano.snotify.atlassian.common.security.key.SnotifySmimeKey;
import net.savignano.snotify.atlassian.common.util.CertUtil;
import net.savignano.snotify.atlassian.mailer.SnotifyMimeMessage;
import net.savignano.snotify.atlassian.mailer.encryptor.AMailEncryptor;
import net.savignano.snotify.atlassian.mailer.keysource.IKeyLoader;
import net.savignano.snotify.atlassian.mailer.keysource.smime.SmimeKeyStoreLoader;
import net.savignano.thirdparty.org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
import net.savignano.thirdparty.org.bouncycastle.cms.CMSAlgorithm;
import net.savignano.thirdparty.org.bouncycastle.cms.CMSException;
import net.savignano.thirdparty.org.bouncycastle.cms.bc.BcCMSContentEncryptorBuilder;
import net.savignano.thirdparty.org.bouncycastle.cms.bc.BcRSAKeyTransRecipientInfoGenerator;
import net.savignano.thirdparty.org.bouncycastle.mail.smime.SMIMEEnvelopedGenerator;
import net.savignano.thirdparty.org.bouncycastle.mail.smime.SMIMEException;
import net.savignano.thirdparty.org.bouncycastle.operator.OutputEncryptor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/savignano/snotify/atlassian/mailer/encryptor/ASmimeMailEncryptor.class */
public abstract class ASmimeMailEncryptor extends AMailEncryptor<SnotifySmimeKey> {
    private static final Logger log = LoggerFactory.getLogger(ASmimeMailEncryptor.class);
    private static final String XENCRPYTED_MAIL_VALUE = "by S/Notify at {0} using S/MIME encryption with {1}";
    private KeyStore keyStore;

    public ASmimeMailEncryptor(Session session, MimeMessage mimeMessage, Address address) {
        super(session, mimeMessage, address);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Can't rename method to resolve collision */
    @Override // net.savignano.snotify.atlassian.mailer.encryptor.AMailEncryptor
    public SnotifySmimeKey getValidityKey(EKeyValidity eKeyValidity, EncryptionKeySource encryptionKeySource) {
        return new SnotifySmimeKey(eKeyValidity, encryptionKeySource);
    }

    @Override // net.savignano.snotify.atlassian.mailer.encryptor.AMailEncryptor
    protected MimeMessage encrypt() throws IOException, MessagingException {
        String str;
        OutputEncryptor build;
        log.debug("Encrypting email to \"{}\" with certificate: {}", getAddress(), getPublicKey().getEncryptionKey());
        if (log.isTraceEnabled()) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            getMessage().writeTo(byteArrayOutputStream);
            log.trace("Original email:\n{}\n", byteArrayOutputStream.toString());
        }
        SnotifyMimeMessage snotifyMimeMessage = new SnotifyMimeMessage(getMessage());
        snotifyMimeMessage.getContent();
        SnotifyMimeMessage snotifyMimeMessage2 = new SnotifyMimeMessage(getSession());
        Enumeration allHeaderLines = snotifyMimeMessage.getAllHeaderLines();
        while (allHeaderLines.hasMoreElements()) {
            snotifyMimeMessage2.addHeaderLine((String) allHeaderLines.nextElement());
        }
        try {
            SMIMEEnvelopedGenerator sMIMEEnvelopedGenerator = new SMIMEEnvelopedGenerator();
            sMIMEEnvelopedGenerator.addRecipientInfoGenerator(new BcRSAKeyTransRecipientInfoGenerator(new JcaX509CertificateHolder(getPublicKey().getEncryptionKey())));
            try {
                log.debug("Using AES256_CBC algorithm for encryption.");
                str = "AES256_CBC";
                build = new BcCMSContentEncryptorBuilder(CMSAlgorithm.AES256_CBC).build();
            } catch (CMSException e) {
                if (!e.getMessage().contains("Illegal key size")) {
                    throw e;
                }
                log.debug(e.getMessage(), e);
                log.warn("\"Java Cryptography Extension (JCE) Unlimited Strength\" is not installed on this machine. AES256_CBC encryption standard can not be used. Using fallback AES128_CBC encryption algorithm.");
                str = "AES128_CBC";
                build = new BcCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).build();
            }
            MimeBodyPart generate = sMIMEEnvelopedGenerator.generate(snotifyMimeMessage, build);
            if (log.isTraceEnabled()) {
                ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                generate.writeTo(byteArrayOutputStream2);
                log.trace("Encrypted body:\n{}\n", byteArrayOutputStream2.toString());
            }
            snotifyMimeMessage2.setContent(generate.getContent(), generate.getContentType());
            snotifyMimeMessage2.addHeader(AMailEncryptor.XENCRPYTED_MAIL_PROPERTY, getXencryptedMailValue(str));
            snotifyMimeMessage2.saveChanges();
            if (log.isTraceEnabled()) {
                ByteArrayOutputStream byteArrayOutputStream3 = new ByteArrayOutputStream();
                snotifyMimeMessage2.writeTo(byteArrayOutputStream3);
                log.trace("Final email:\n{}\n", byteArrayOutputStream3.toString());
            }
            log.debug("Encrypting email to \"{}\" succesfully finished.", getAddress());
            return snotifyMimeMessage2;
        } catch (CertificateEncodingException | CMSException | SMIMEException e2) {
            throw new MessagingException(e2.getLocalizedMessage(), e2);
        }
    }

    @Override // net.savignano.snotify.atlassian.mailer.encryptor.AMailEncryptor
    /* renamed from: getKeyLoaders */
    protected Collection<IKeyLoader<SnotifySmimeKey>> getKeyLoaders2() {
        ArrayList arrayList = new ArrayList();
        IKeyLoader<SnotifySmimeKey> createLdapLoader = createLdapLoader();
        if (createLdapLoader != null) {
            arrayList.add(createLdapLoader);
        }
        IKeyLoader<SnotifySmimeKey> createKeyStoreLoader = createKeyStoreLoader();
        if (createKeyStoreLoader != null) {
            arrayList.add(createKeyStoreLoader);
        }
        return arrayList;
    }

    protected IKeyLoader<SnotifySmimeKey> createKeyStoreLoader() {
        if (getKeyStore() != null) {
            return new SmimeKeyStoreLoader(getKeyStore(), getAddress().toString());
        }
        log.debug("No key store specified. Can't get certificate from key store.");
        return null;
    }

    protected abstract IKeyLoader<SnotifySmimeKey> createLdapLoader();

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Can't rename method to resolve collision */
    @Override // net.savignano.snotify.atlassian.mailer.encryptor.AMailEncryptor
    public SnotifySmimeKey getUserPublicKey() {
        byte[] bytes = getUserProperties().getBytes(Constants.EMAIL_SMIME_CERT_PROP, getUser());
        if (bytes == null) {
            log.debug("User {} has no public certificate stored.", getUser());
            return getValidityKey(EKeyValidity.NOT_FOUND, EncryptionKeySource.USER);
        }
        log.debug("Using certificate of user {} for encrypting email to \"{}\".", getUser(), getAddress());
        try {
            SnotifySmimeKey snotifySmimeKey = new SnotifySmimeKey(CertUtil.createCertificate(bytes));
            snotifySmimeKey.setKeySource(EncryptionKeySource.USER);
            return snotifySmimeKey;
        } catch (CertificateException e) {
            log.error("Could not parse certificate stored for user: " + getUser(), e);
            return getValidityKey(EKeyValidity.ERROR, EncryptionKeySource.USER);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.savignano.snotify.atlassian.mailer.encryptor.AMailEncryptor
    public void storePublicKey(SnotifySmimeKey snotifySmimeKey) throws IOException {
        log.debug("Storing new S/MIME certificate to user properties: {}", snotifySmimeKey.getEncryptionKey());
        getUserProperties().setBytes(Constants.EMAIL_SMIME_CERT_PROP, snotifySmimeKey.getEncoded(), getUser());
        getUserProperties().setLong(Constants.EMAIL_SMIME_TIME_STAMP_PROP, Long.valueOf(System.currentTimeMillis()), getUser());
        getUserProperties().setEnum(Constants.EMAIL_SMIME_KEY_SOURCE_PROP, snotifySmimeKey.getKeySource(), getUser());
    }

    @Override // net.savignano.snotify.atlassian.mailer.encryptor.AMailEncryptor
    protected AMailEncryptor.EncryptorData loadEncryptorData() {
        AMailEncryptor.EncryptorData encryptorData = new AMailEncryptor.EncryptorData();
        encryptorData.allowCustomUserKey = getAppProperties().getBoolean(Constants.ALLOW_SMIME_CERTIFICATE_OVERWRITE_PROP, true);
        encryptorData.expireTimeStamp = getAppProperties().getLong(Constants.EXPIRE_KEYS_TIMESTAMP);
        encryptorData.keySource = (EncryptionKeySource) getUserProperties().getEnum(Constants.EMAIL_SMIME_KEY_SOURCE_PROP, EncryptionKeySource.class, getUser());
        encryptorData.timeStamp = getUserProperties().getLong(Constants.EMAIL_SMIME_TIME_STAMP_PROP, getUser());
        encryptorData.isLiteVersion = getAppProperties().getBoolean(Constants.LITE_MODE_PROP);
        return encryptorData;
    }

    protected String getXencryptedMailValue(String str) {
        return MessageFormat.format(XENCRPYTED_MAIL_VALUE, getHostName(), str);
    }

    public KeyStore getKeyStore() {
        return this.keyStore;
    }

    public void setKeyStore(KeyStore keyStore) {
        this.keyStore = keyStore;
    }

    protected abstract ISnotifyAppProperties getAppProperties();

    protected abstract ISnotifyUserProperties getUserProperties();
}
