package net.savignano.snotify.atlassian.common.security.key.publicly;

import java.io.IOException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import net.savignano.snotify.atlassian.common.enums.ECryptographyType;
import net.savignano.snotify.atlassian.common.enums.EKeyPurpose;
import net.savignano.snotify.atlassian.common.enums.EKeySource;
import net.savignano.snotify.atlassian.common.enums.EKeyValidity;
import net.savignano.snotify.atlassian.common.security.key.ASnotifyKey;
import net.savignano.snotify.atlassian.common.util.SmimeUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/savignano/snotify/atlassian/common/security/key/publicly/SnotifySmimePublicKey.class */
public class SnotifySmimePublicKey extends ASnotifyKey<X509Certificate> implements ISnotifyPublicKey<X509Certificate> {
    private static final Logger log = LoggerFactory.getLogger(SnotifySmimePublicKey.class);
    private final X509Certificate certificate;

    public SnotifySmimePublicKey(X509Certificate x509Certificate) {
        this(x509Certificate, (String) null);
    }

    public SnotifySmimePublicKey(X509Certificate x509Certificate, String str) {
        super(EKeyPurpose.ENCRYPTION, ECryptographyType.SMIME);
        this.certificate = x509Certificate;
        if (x509Certificate == null) {
            log.warn("Certificate key was <null>.");
            setKeyValidity(EKeyValidity.INVALID);
            return;
        }
        if (!SmimeUtil.isCertForPurpose(x509Certificate, getKeyPurpose())) {
            log.debug("Certificate cannot be used for encryption.");
            setKeyValidity(EKeyValidity.INVALID);
        }
        if (str != null) {
            try {
                if (!SmimeUtil.isCertForEmail(x509Certificate, str)) {
                    log.debug("Email <{}> does not match emails for certificate.", str);
                    setKeyValidity(EKeyValidity.INVALID);
                }
            } catch (CertificateExpiredException e) {
                log.warn("Certificate with serial number {} is invalid because it expired at: {}", SmimeUtil.getSerialNumber(x509Certificate), x509Certificate.getNotAfter());
                setKeyValidity(EKeyValidity.INVALID);
                return;
            } catch (CertificateNotYetValidException e2) {
                log.warn("Certificate with serial number {} is invalid because it only becomes valid at: {}", SmimeUtil.getSerialNumber(x509Certificate), x509Certificate.getNotBefore());
                setKeyValidity(EKeyValidity.INVALID);
                return;
            } catch (CertificateException e3) {
                log.error("Could not check that email <" + str + "> matches certificate with serial number " + SmimeUtil.getSerialNumber(x509Certificate) + ".", e3);
                setKeyValidity(EKeyValidity.ERROR);
                return;
            }
        }
        x509Certificate.checkValidity();
    }

    public SnotifySmimePublicKey(EKeyValidity eKeyValidity) {
        this(eKeyValidity, EKeySource.UNKNOWN);
    }

    public SnotifySmimePublicKey(EKeyValidity eKeyValidity, EKeySource eKeySource) {
        super(EKeyPurpose.ENCRYPTION, ECryptographyType.SMIME);
        this.certificate = null;
        setKeyValidity(eKeyValidity);
        setKeySource(eKeySource);
    }

    @Override // net.savignano.snotify.atlassian.common.security.key.publicly.ISnotifyPublicKey
    public byte[] getEncoded() throws IOException {
        if (this.certificate == null) {
            return null;
        }
        try {
            return this.certificate.getEncoded();
        } catch (CertificateEncodingException e) {
            throw new IOException(e.getMessage(), e);
        }
    }

    @Override // net.savignano.snotify.atlassian.common.security.key.ISnotifyKey
    public X509Certificate getKey() {
        return this.certificate;
    }

    @Override // net.savignano.snotify.atlassian.common.security.key.ASnotifyKey
    public String toString() {
        StringBuilder sb = new StringBuilder(200);
        sb.append("S/MIME Public Key. ");
        sb.append("Key Validity: ");
        sb.append(getKeyValidity());
        sb.append("; Key Purpose: ");
        sb.append(getKeyPurpose());
        sb.append("; Key Source: ");
        sb.append(getKeySource());
        sb.append("; Certificate ID: ");
        sb.append(getKey() == null ? null : SmimeUtil.getSerialNumber(getKey()));
        return sb.toString();
    }
}
