package net.savignano.snotify.atlassian.mailer.validate;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.EnumSet;
import java.util.Set;
import java.util.function.Function;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.internet.ContentType;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;
import javax.mail.internet.MimePart;
import net.savignano.snotify.atlassian.common.Constants;
import net.savignano.snotify.atlassian.common.enums.EKeySource;
import net.savignano.snotify.atlassian.common.enums.EKeyValidity;
import net.savignano.snotify.atlassian.common.enums.EValidationType;
import net.savignano.snotify.atlassian.common.security.key.publicly.SnotifyPgpPublicKey;
import net.savignano.snotify.atlassian.common.util.PgpUtil;
import net.savignano.snotify.atlassian.mailer.visitor.BaseMessageVisitor;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/savignano/snotify/atlassian/mailer/validate/PgpMailValidator.class */
public class PgpMailValidator extends AMailValidator<SnotifyPgpPublicKey> {
    private static final Logger log = LoggerFactory.getLogger(PgpMailValidator.class);
    private Function<String, SnotifyPgpPublicKey> publicKeyRetriever;
    private boolean checkInline;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/savignano/snotify/atlassian/mailer/validate/PgpMailValidator$ExtractVisitor.class */
    public static final class ExtractVisitor extends BaseMessageVisitor {
        private final String email;
        private PGPPublicKeyRing ring;

        public ExtractVisitor(String str) {
            this.email = str;
        }

        @Override // net.savignano.snotify.atlassian.mailer.visitor.BaseMessageVisitor, net.savignano.snotify.atlassian.mailer.visitor.IMessageVisitor
        public void visit(MimePart mimePart) throws Exception {
            super.visit(mimePart);
            ContentType contentType = new ContentType(mimePart.getContentType());
            PgpMailValidator.log.trace("MIME type: {}", contentType);
            if (contentType.match(Constants.MIME_CONTENT_TYPE_PGP_KEYS) || isKeyAttachment(mimePart)) {
                PgpMailValidator.log.debug("Extracting public key for email: {}", this.email);
                this.ring = PgpUtil.getKeysForEmail(PgpUtil.loadPublicKeys(mimePart.getInputStream()), this.email);
            }
        }

        private boolean isKeyAttachment(MimePart mimePart) throws MessagingException {
            String fileName;
            String disposition = mimePart.getDisposition();
            return (disposition == null || !disposition.equalsIgnoreCase("attachment") || (fileName = mimePart.getFileName()) == null || !fileName.endsWith(".asc") || mimePart.isMimeType(Constants.MIME_CONTENT_TYPE_PGP_ENCRYPTED) || mimePart.isMimeType(Constants.MIME_CONTENT_TYPE_PGP_SIGNED)) ? false : true;
        }

        public PGPPublicKeyRing getKeyRing() {
            return this.ring;
        }
    }

    /* loaded from: input_file:net/savignano/snotify/atlassian/mailer/validate/PgpMailValidator$ValidateVisitor.class */
    private static final class ValidateVisitor extends BaseMessageVisitor {
        private final Set<EValidationType> validations;
        private final String email;
        private final boolean checkInline;
        private PGPPublicKeyRing ring;
        private boolean valid = false;

        public ValidateVisitor(Set<EValidationType> set, String str, PGPPublicKeyRing pGPPublicKeyRing, boolean z) {
            this.validations = set;
            this.email = str;
            this.ring = pGPPublicKeyRing;
            this.checkInline = z;
        }

        @Override // net.savignano.snotify.atlassian.mailer.visitor.BaseMessageVisitor
        public void visit(MimeMessage mimeMessage) throws Exception {
            PgpMailValidator.log.debug("Validation types desired: {}", this.validations);
            if (this.ring == null) {
                ExtractVisitor extractVisitor = new ExtractVisitor(this.email);
                extractVisitor.visit(mimeMessage);
                this.ring = extractVisitor.getKeyRing();
            }
            if (this.validations.contains(EValidationType.CAN_VALIDATE) && this.validations.size() == 1) {
                this.valid = this.ring != null;
            } else if (this.ring == null) {
                PgpMailValidator.log.warn("Cannot verify PGP signature, as no public key was available.");
            } else {
                super.visit(mimeMessage);
            }
        }

        @Override // net.savignano.snotify.atlassian.mailer.visitor.BaseMessageVisitor, net.savignano.snotify.atlassian.mailer.visitor.IMessageVisitor
        public void visit(MimeMultipart mimeMultipart) throws Exception {
            if (this.validations.contains(EValidationType.SIGNATURE)) {
                ContentType contentType = new ContentType(mimeMultipart.getContentType());
                PgpMailValidator.log.trace("MIME type: {}", contentType);
                if (contentType.match(Constants.MIME_CONTENT_TYPE_SIGNED) && Constants.MIME_CONTENT_TYPE_PGP_SIGNED.equalsIgnoreCase(contentType.getParameter("protocol"))) {
                    PgpMailValidator.log.debug("Found '{}' content.", contentType);
                    if (sanityCheck(mimeMultipart)) {
                        this.valid = validate(mimeMultipart);
                    } else {
                        this.valid = false;
                    }
                }
            }
            super.visit(mimeMultipart);
        }

        @Override // net.savignano.snotify.atlassian.mailer.visitor.BaseMessageVisitor, net.savignano.snotify.atlassian.mailer.visitor.IMessageVisitor
        public void visit(MimePart mimePart) throws Exception {
            if (this.checkInline && this.validations.contains(EValidationType.SIGNATURE) && mimePart.isMimeType("text/plain")) {
                Object content = mimePart.getContent();
                if ((content instanceof String) && ((String) content).startsWith("-----BEGIN PGP SIGNED MESSAGE-----")) {
                    this.valid = validate(mimePart);
                }
            }
            super.visit(mimePart);
        }

        private boolean sanityCheck(MimeMultipart mimeMultipart) throws MessagingException {
            if (mimeMultipart.getCount() != 2) {
                PgpMailValidator.log.warn("PGP signature does not have expected part count. Two expected, but found: {}", Integer.valueOf(mimeMultipart.getCount()));
                return false;
            }
            if (mimeMultipart.getBodyPart(1).isMimeType(Constants.MIME_CONTENT_TYPE_PGP_SIGNED)) {
                PgpMailValidator.log.debug("Sanity check of PGP signature successful.");
                return true;
            }
            PgpMailValidator.log.warn("PGP signature does not have expected content type. Found: {}", mimeMultipart.getBodyPart(1).getContentType());
            return false;
        }

        private boolean validate(MimeMultipart mimeMultipart) throws Exception {
            PgpMailValidator.log.debug("Validating message.");
            MimeBodyPart bodyPart = mimeMultipart.getBodyPart(0);
            MimeBodyPart bodyPart2 = mimeMultipart.getBodyPart(1);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            bodyPart.writeTo(byteArrayOutputStream);
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            byteArrayOutputStream.reset();
            bodyPart2.writeTo(byteArrayOutputStream);
            return PgpUtil.verify(byteArray, byteArrayOutputStream.toByteArray(), this.ring.getPublicKey());
        }

        private boolean validate(MimePart mimePart) throws Exception {
            PgpMailValidator.log.debug("Validating inline message.");
            String str = (String) mimePart.getContent();
            String signature = getSignature(str);
            if (PgpUtil.verify(getTextRemoveHeaders(str).getBytes(), signature.getBytes(), this.ring.getPublicKey())) {
                return true;
            }
            return PgpUtil.verify(getText(str).getBytes(), signature.getBytes(), this.ring.getPublicKey());
        }

        private String getText(String str) {
            return removeLinebreaks(str.substring("-----BEGIN PGP SIGNED MESSAGE-----".length(), str.indexOf("-----BEGIN PGP SIGNATURE-----")));
        }

        private String getTextRemoveHeaders(String str) throws MessagingException, IOException {
            StringBuilder sb = new StringBuilder(str.length());
            ContentType contentType = new ContentType("text/plain");
            contentType.setParameter("charset", Constants.UTF8);
            sb.append(Constants.MIME_HEADER_CONTENT_TYPE);
            sb.append(": ");
            sb.append(contentType.toString());
            sb.append("\r\n");
            sb.append(getText(str));
            return (String) new MimeBodyPart(new ByteArrayInputStream(sb.toString().getBytes(Constants.UTF8_CHARSET))).getContent();
        }

        private String getSignature(String str) {
            return str.substring(str.indexOf("-----BEGIN PGP SIGNATURE-----"));
        }

        private String removeLinebreaks(String str) {
            if (str == null || str.length() == 0) {
                return str;
            }
            return str.substring(str.startsWith("\r\n") ? 2 : (str.charAt(0) == '\r' || str.charAt(0) == '\n') ? 1 : 0, str.endsWith("\r\n") ? str.length() - 2 : (str.charAt(str.length() - 1) == '\r' || str.charAt(str.length() - 1) == '\n') ? str.length() - 1 : str.length());
        }

        public boolean isValid() {
            return this.valid;
        }
    }

    public static final boolean isMessageSigned(Message message) {
        if (message instanceof MimeMessage) {
            return isSigned((MimePart) message);
        }
        log.debug("Message is not a MIME message, so can't be PGP signed. Encountered message class: {}", message.getClass());
        return false;
    }

    private static final boolean isSigned(MimePart mimePart) {
        String parameter;
        try {
            ContentType contentType = new ContentType(mimePart.getContentType());
            if (contentType.match(Constants.MIME_CONTENT_TYPE_SIGNED) && (parameter = contentType.getParameter("protocol")) != null) {
                if (parameter.equalsIgnoreCase(Constants.MIME_CONTENT_TYPE_PGP_SIGNED)) {
                    return true;
                }
            }
            return false;
        } catch (MessagingException e) {
            log.error(e.getMessage(), e);
            return false;
        }
    }

    public static final boolean isMessageSignedInline(Message message) {
        if (!(message instanceof MimeMessage)) {
            log.debug("Message is not a MIME message, so can't be PGP signed. Encountered message class: {}", message.getClass());
            return false;
        }
        final boolean[] zArr = new boolean[1];
        try {
            new BaseMessageVisitor() { // from class: net.savignano.snotify.atlassian.mailer.validate.PgpMailValidator.1
                @Override // net.savignano.snotify.atlassian.mailer.visitor.BaseMessageVisitor, net.savignano.snotify.atlassian.mailer.visitor.IMessageVisitor
                public void visit(MimePart mimePart) throws Exception {
                    if (zArr[0]) {
                        return;
                    }
                    if (!mimePart.isMimeType("text/plain")) {
                        super.visit(mimePart);
                    } else {
                        Object content = mimePart.getContent();
                        zArr[0] = (content instanceof String) && ((String) content).startsWith("-----BEGIN PGP SIGNED MESSAGE-----");
                    }
                }
            }.visit((MimeMessage) message);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
        }
        return zArr[0];
    }

    @Override // net.savignano.snotify.atlassian.mailer.validate.IMailValidator
    public Set<EValidationType> getValidationCapability() {
        return EnumSet.of(EValidationType.CAN_VALIDATE, EValidationType.SIGNATURE);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Can't rename method to resolve collision */
    @Override // net.savignano.snotify.atlassian.mailer.validate.AMailValidator
    public SnotifyPgpPublicKey getValidityKey(EKeyValidity eKeyValidity) {
        return new SnotifyPgpPublicKey(eKeyValidity, EKeySource.EMAIL);
    }

    @Override // net.savignano.snotify.atlassian.mailer.validate.AMailValidator
    protected boolean isSigned(MimeMessage mimeMessage) {
        return isMessageSigned(mimeMessage) || (isCheckInline() && isMessageSignedInline(mimeMessage));
    }

    @Override // net.savignano.snotify.atlassian.mailer.validate.AMailValidator
    protected boolean validate(MimeMessage mimeMessage, Set<EValidationType> set, String str) throws Exception {
        SnotifyPgpPublicKey apply = getPublicKeyRetriever().apply(str);
        ValidateVisitor validateVisitor = new ValidateVisitor(set, str, apply.isValid() ? apply.getKeyRing() : null, isCheckInline());
        validateVisitor.visit(mimeMessage);
        return validateVisitor.isValid();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Can't rename method to resolve collision */
    @Override // net.savignano.snotify.atlassian.mailer.validate.AMailValidator
    public SnotifyPgpPublicKey extract(MimeMessage mimeMessage, String str) throws Exception {
        ExtractVisitor extractVisitor = new ExtractVisitor(str);
        extractVisitor.visit(mimeMessage);
        PGPPublicKeyRing keyRing = extractVisitor.getKeyRing();
        if (keyRing == null) {
            return getValidityKey(EKeyValidity.NOT_FOUND);
        }
        SnotifyPgpPublicKey snotifyPgpPublicKey = new SnotifyPgpPublicKey(keyRing, str);
        snotifyPgpPublicKey.setKeySource(EKeySource.EMAIL);
        return snotifyPgpPublicKey;
    }

    public Function<String, SnotifyPgpPublicKey> getPublicKeyRetriever() {
        return this.publicKeyRetriever == null ? str -> {
            return new SnotifyPgpPublicKey(EKeyValidity.NOT_FOUND);
        } : this.publicKeyRetriever;
    }

    public void setPublicKeyRetriever(Function<String, SnotifyPgpPublicKey> function) {
        this.publicKeyRetriever = function;
    }

    public boolean isCheckInline() {
        return this.checkInline;
    }

    public void setCheckInline(boolean z) {
        this.checkInline = z;
    }
}
