package net.savignano.snotify.atlassian.mailer;

import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.util.HashMap;
import java.util.Map;
import javax.mail.Address;
import javax.mail.Message;
import javax.mail.Session;
import javax.mail.internet.MimeMessage;
import net.savignano.snotify.atlassian.common.Constants;
import net.savignano.snotify.atlassian.common.ISnotifyAppProperties;
import net.savignano.snotify.atlassian.common.ISnotifyProjectProperties;
import net.savignano.snotify.atlassian.common.ISnotifyUserProperties;
import net.savignano.snotify.atlassian.common.IUser;
import net.savignano.snotify.atlassian.common.enums.EEncryptionFailureBehavior;
import net.savignano.snotify.atlassian.common.enums.EEncryptionTypePriority;
import net.savignano.snotify.atlassian.common.enums.EKeyPurpose;
import net.savignano.snotify.atlassian.common.enums.EKeySource;
import net.savignano.snotify.atlassian.common.enums.EKeyValidity;
import net.savignano.snotify.atlassian.common.security.key.secret.SnotifyPgpSignKey;
import net.savignano.snotify.atlassian.common.security.key.secret.SnotifySmimeSecretKey;
import net.savignano.snotify.atlassian.common.util.MessageUtil;
import net.savignano.snotify.atlassian.common.util.PgpUtil;
import net.savignano.snotify.atlassian.common.util.SecurityUtil;
import net.savignano.snotify.atlassian.mailer.keysource.pgp.PgpSignKeyStoreLoader;
import net.savignano.snotify.atlassian.mailer.keysource.smime.SmimePrivateKeyStoreLoader;
import net.savignano.snotify.atlassian.mailer.sign.PgpMailSigner;
import net.savignano.snotify.atlassian.mailer.sign.SmimeMailSigner;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPException;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/savignano/snotify/atlassian/mailer/AAtlassianMailer.class */
public abstract class AAtlassianMailer<T extends IUser<?>> extends AMailer {
    private static final Logger log = LoggerFactory.getLogger(AAtlassianMailer.class);
    private final ISnotifyAppProperties appProps;
    private final ISnotifyUserProperties userProps;
    private final ISnotifyProjectProperties projectProps;
    private boolean cachedEncryptionDesired;
    private Message lastCheckedMessage;
    private Boolean signingEnabled;
    private Boolean projectSpecificEncryption;
    private Boolean defaultProjectEncryption;
    private Boolean ambiguousProjectEncryption;
    private final Map<Address, T> address2UserMap;
    private String fromEmail;
    private SmimeMailSigner smimeSigner;
    private PgpMailSigner pgpSigner;

    public AAtlassianMailer(Session session, ISnotifyAppProperties iSnotifyAppProperties, ISnotifyUserProperties iSnotifyUserProperties, ISnotifyProjectProperties iSnotifyProjectProperties) {
        super(session);
        this.address2UserMap = new HashMap();
        this.appProps = iSnotifyAppProperties;
        this.userProps = iSnotifyUserProperties;
        this.projectProps = iSnotifyProjectProperties;
        if (iSnotifyAppProperties == null) {
            throw new IllegalArgumentException("Application Properties must not be null.");
        }
        if (iSnotifyUserProperties == null) {
            throw new IllegalArgumentException("User Properties must not be null.");
        }
        if (iSnotifyProjectProperties == null) {
            throw new IllegalArgumentException("Project Properties must not be null.");
        }
        iSnotifyAppProperties.setString(Constants.MAILER_VERSION_PROP, getVersion());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.savignano.snotify.atlassian.mailer.AMailer
    public boolean isEncryptionDesired(MessageAndAddress messageAndAddress) {
        if (!isProjectSpecificEncryption()) {
            return super.isEncryptionDesired(messageAndAddress);
        }
        if (this.lastCheckedMessage != messageAndAddress.message) {
            String extractProjectKey = extractProjectKey(messageAndAddress.message);
            if (extractProjectKey == null) {
                this.cachedEncryptionDesired = isAmbiguousProjectEncryption();
            } else {
                this.cachedEncryptionDesired = getProjectProps().getBoolean(Constants.PROJECT_ENABLE_ENCRYPTION_PROP, isDefaultProjectEncryption(), extractProjectKey);
            }
        }
        return this.cachedEncryptionDesired;
    }

    @Override // net.savignano.snotify.atlassian.mailer.AMailer
    protected boolean isSigningDesired(MessageAndAddress messageAndAddress) {
        return isSigningEnabled();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.savignano.snotify.atlassian.mailer.AMailer
    public SmimeMailSigner getSmimeSigner(Address address) {
        String email = MessageUtil.getEmail(address);
        if (!StringUtils.equals(email, this.fromEmail)) {
            this.smimeSigner = null;
            this.pgpSigner = null;
            this.fromEmail = email;
        }
        if (this.smimeSigner == null) {
            this.smimeSigner = new SmimeMailSigner(getSession(), getSmimeSignKey(email));
        }
        return this.smimeSigner;
    }

    private SnotifySmimeSecretKey getSmimeSignKey(String str) {
        if (str == null) {
            log.error("Null email address for 'from' encountered.");
            return new SnotifySmimeSecretKey(EKeyValidity.ERROR, EKeySource.UNKNOWN);
        }
        String string = getAppProps().getString(Constants.PRIVATE_SMIME_KEYSTORE_LOCATION_PROP);
        if (string == null) {
            log.debug("No S/MIME key store given for signing.");
            return new SnotifySmimeSecretKey(EKeyValidity.NOT_FOUND, EKeySource.KEYSTORE);
        }
        char[] password = getAppProps().getPassword(Constants.PRIVATE_SMIME_KEY_PASSWORD_PROP);
        if (password == null && getAppProps().hasKey(Constants.PRIVATE_SMIME_KEY_PASSWORD_PROP)) {
            log.error("Error retrieving password for S/MIME private key.");
            return new SnotifySmimeSecretKey(EKeyValidity.ERROR, EKeySource.KEYSTORE);
        }
        log.debug("Loading S/MIME keystore from location: {}", string);
        try {
            KeyStore keyStore = KeyStore.getInstance(Constants.P12_KEYSTORE_TYPE, SecurityUtil.getProvider());
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(string));
            Throwable th = null;
            try {
                try {
                    keyStore.load(bufferedInputStream, password);
                    if (bufferedInputStream != null) {
                        if (0 != 0) {
                            try {
                                bufferedInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            bufferedInputStream.close();
                        }
                    }
                    SmimePrivateKeyStoreLoader smimePrivateKeyStoreLoader = new SmimePrivateKeyStoreLoader(keyStore, password, str);
                    smimePrivateKeyStoreLoader.setKeyPurpose(EKeyPurpose.SIGNING);
                    return smimePrivateKeyStoreLoader.loadKey();
                } finally {
                }
            } finally {
            }
        } catch (Exception e) {
            log.error("Could not load secret key. Error message: " + e.getMessage(), e);
            return new SnotifySmimeSecretKey(EKeyValidity.ERROR, EKeySource.KEYSTORE);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.savignano.snotify.atlassian.mailer.AMailer
    public PgpMailSigner getPgpSigner(Address address) {
        String email = MessageUtil.getEmail(address);
        if (!StringUtils.equals(email, this.fromEmail)) {
            this.smimeSigner = null;
            this.pgpSigner = null;
            this.fromEmail = email;
        }
        if (this.pgpSigner == null) {
            this.pgpSigner = new PgpMailSigner(getSession(), getPgpSignKey(email));
        }
        return this.pgpSigner;
    }

    private SnotifyPgpSignKey getPgpSignKey(String str) {
        if (str == null) {
            log.error("Null email address for 'from' encountered.");
            return new SnotifyPgpSignKey(EKeyValidity.ERROR, EKeySource.UNKNOWN);
        }
        String string = getAppProps().getString(Constants.PRIVATE_PGP_KEYSTORE_LOCATION_PROP);
        if (string == null) {
            log.debug("No PGP keystore given for decryption.");
            return new SnotifyPgpSignKey(EKeyValidity.NOT_FOUND, EKeySource.KEYSTORE);
        }
        char[] password = getAppProps().getPassword(Constants.PRIVATE_PGP_KEY_PASSWORD_PROP);
        if (password == null && getAppProps().hasKey(Constants.PRIVATE_PGP_KEY_PASSWORD_PROP)) {
            log.error("Error retrieving password for PGP private key.");
            return new SnotifyPgpSignKey(EKeyValidity.ERROR, EKeySource.KEYSTORE);
        }
        log.debug("Loading PGP keystore from location: {}", string);
        try {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(string));
            Throwable th = null;
            try {
                try {
                    PGPSecretKeyRingCollection loadSecretKeys = PgpUtil.loadSecretKeys(bufferedInputStream);
                    if (bufferedInputStream != null) {
                        if (0 != 0) {
                            try {
                                bufferedInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            bufferedInputStream.close();
                        }
                    }
                    return new PgpSignKeyStoreLoader(loadSecretKeys, password, str).loadKey();
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            log.error("Could not read PGP key store from location " + string + ". Error message: " + e.getMessage(), e);
            return new SnotifyPgpSignKey(EKeyValidity.ERROR, EKeySource.KEYSTORE);
        } catch (PGPException e2) {
            log.error("Error reading PGP keystore. Error message: " + e2.getMessage(), e2);
            return new SnotifyPgpSignKey(EKeyValidity.ERROR, EKeySource.KEYSTORE);
        }
    }

    protected abstract String extractProjectKey(MimeMessage mimeMessage);

    public ISnotifyAppProperties getAppProps() {
        return this.appProps;
    }

    public ISnotifyUserProperties getUserProps() {
        return this.userProps;
    }

    public ISnotifyProjectProperties getProjectProps() {
        return this.projectProps;
    }

    public T getUser(Address address) {
        if (address == null) {
            return null;
        }
        T t = this.address2UserMap.get(address);
        if (t == null && !this.address2UserMap.containsKey(address)) {
            t = loadUser(address);
            this.address2UserMap.put(address, t);
        }
        return t;
    }

    protected abstract T loadUser(Address address);

    public boolean isProjectSpecificEncryption() {
        if (this.projectSpecificEncryption == null) {
            this.projectSpecificEncryption = Boolean.valueOf(loadProjectSpecificEncryption());
        }
        return this.projectSpecificEncryption.booleanValue();
    }

    protected boolean loadProjectSpecificEncryption() {
        return getAppProps().getBoolean(Constants.ENABLE_PROJECT_SPECIFIC_ENCRYPTION_PROP);
    }

    public boolean isDefaultProjectEncryption() {
        if (this.defaultProjectEncryption == null) {
            this.defaultProjectEncryption = Boolean.valueOf(loadDefaultProjectEncryption());
        }
        return this.defaultProjectEncryption.booleanValue();
    }

    protected boolean loadDefaultProjectEncryption() {
        return getAppProps().getBoolean(Constants.DEFAULT_PROJECT_ENCRYPTION_STATE_PROP, true);
    }

    public boolean isAmbiguousProjectEncryption() {
        if (this.ambiguousProjectEncryption == null) {
            this.ambiguousProjectEncryption = Boolean.valueOf(loadAmbiguousProjectEncryption());
        }
        return this.ambiguousProjectEncryption.booleanValue();
    }

    protected boolean loadAmbiguousProjectEncryption() {
        return getAppProps().getBoolean(Constants.AMBIGUOUS_PROJECT_ENCRYPTION_STATE_PROP, true);
    }

    public boolean isSigningEnabled() {
        if (this.signingEnabled == null) {
            this.signingEnabled = Boolean.valueOf(loadSigningEnabled());
        }
        return this.signingEnabled.booleanValue();
    }

    protected boolean loadSigningEnabled() {
        return getAppProps().getBoolean(Constants.SIGNING_ENABLED_PROP, true);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.savignano.snotify.atlassian.mailer.AMailer
    public boolean loadAdditionalSigningPgp() {
        return getAppProps().getBoolean(Constants.TWEAK_PGP_ADDITIONAL_SIGN, super.loadAdditionalSigningPgp());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.savignano.snotify.atlassian.mailer.AMailer
    public boolean loadAdditionalSigningSmime() {
        return getAppProps().getBoolean(Constants.TWEAK_SMIME_ADDITIONAL_SIGN, super.loadAdditionalSigningSmime());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.savignano.snotify.atlassian.mailer.AMailer
    public boolean loadDisabled() {
        return getAppProps().getBoolean(Constants.DISABLE_SNOTIFY_PROP, super.loadDisabled());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.savignano.snotify.atlassian.mailer.AMailer
    public EEncryptionFailureBehavior loadFailureBehavior() {
        EEncryptionFailureBehavior eEncryptionFailureBehavior = (EEncryptionFailureBehavior) getAppProps().getEnum(Constants.ENCRYPTION_FAILURE_BEHAVIOR_PROP, EEncryptionFailureBehavior.class);
        return eEncryptionFailureBehavior == null ? super.loadFailureBehavior() : eEncryptionFailureBehavior;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.savignano.snotify.atlassian.mailer.AMailer
    public boolean loadFrozen() {
        return getAppProps().getBoolean(Constants.FREEZE_SNOTIFY_PROP, super.loadFrozen());
    }

    @Override // net.savignano.snotify.atlassian.mailer.AMailer
    protected boolean loadDryRun() {
        return getAppProps().getBoolean(Constants.TWEAK_DRY_RUN_MAILER, super.loadFrozen());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.savignano.snotify.atlassian.mailer.AMailer
    public EEncryptionTypePriority loadTypePriority() {
        EEncryptionTypePriority eEncryptionTypePriority = (EEncryptionTypePriority) getAppProps().getEnum(Constants.ENCRYPTION_TYPE_PRIORITY_PROP, EEncryptionTypePriority.class);
        return eEncryptionTypePriority == null ? super.loadTypePriority() : eEncryptionTypePriority;
    }
}
