package net.savignano.snotify.jira.mailer;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.EnumSet;
import java.util.Objects;
import java.util.function.Function;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.Session;
import javax.mail.internet.MimeMessage;
import net.savignano.snotify.atlassian.common.enums.ECryptographyType;
import net.savignano.snotify.atlassian.common.enums.EKeyValidity;
import net.savignano.snotify.atlassian.common.enums.EValidationType;
import net.savignano.snotify.atlassian.common.security.ClassLoaderEnforcer;
import net.savignano.snotify.atlassian.common.security.key.publicly.ISnotifyPublicKey;
import net.savignano.snotify.atlassian.common.util.MessageUtil;
import net.savignano.snotify.atlassian.mailer.SnotifyMimeMessage;
import net.savignano.snotify.atlassian.mailer.expose.AMailHeaderExposer;
import net.savignano.snotify.atlassian.mailer.expose.PgpMailHeaderExposer;
import net.savignano.snotify.atlassian.mailer.expose.SmimeMailHeaderExposer;
import net.savignano.snotify.atlassian.mailer.visitor.DetectCryptographyVisitor;
import net.savignano.snotify.atlassian.mailer.visitor.InlineSignatureConverter;
import net.savignano.snotify.atlassian.mailer.visitor.OpaqueSignatureConverter;
import net.savignano.snotify.atlassian.mailer.visitor.SignatureRemover;
import net.savignano.snotify.jira.mailer.decorator.CryptographyDecoration;
import net.savignano.snotify.jira.mailer.decorator.EIconDecorator;
import net.savignano.snotify.jira.mailer.decorator.MessageDecoratorHelper;
import net.savignano.snotify.jira.mailer.decrypt.IComposedMailDecryptor;
import net.savignano.snotify.jira.mailer.validate.IComposedMailValidator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/savignano/snotify/jira/mailer/MessageStoreTransformer.class */
public class MessageStoreTransformer<T extends Message> {
    private static final Logger log = LoggerFactory.getLogger(MessageStoreTransformer.class);
    private final MessageStoreTransformerConfiguration configuration;
    private Session cachedSession;
    private IComposedMailDecryptor cachedDecryptor;
    private IComposedMailValidator cachedValidator;
    private MessageDecoratorHelper decoHelper;

    public MessageStoreTransformer(MessageStoreTransformerConfiguration messageStoreTransformerConfiguration) {
        this.configuration = messageStoreTransformerConfiguration;
        if (messageStoreTransformerConfiguration == null) {
            throw new IllegalArgumentException("Configuration must not be null.");
        }
        if (messageStoreTransformerConfiguration.getDecoratorData() != null) {
            this.decoHelper = new MessageDecoratorHelper(messageStoreTransformerConfiguration.getDecoratorData());
        }
    }

    public Message[] transformMessages(Message[] messageArr) {
        if (messageArr == null) {
            log.warn("Cannot transform messages, null parameter received.");
            return null;
        }
        log.debug("Using configuration: {}", this.configuration);
        log.debug("Getting {} message(s).", Integer.valueOf(messageArr.length));
        return (messageArr.length == 0 || !sanityCheckSnotify()) ? messageArr : (Message[]) runWithThisClassLoaderContext(this::transformMsgsUnsafe, messageArr);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private Message[] transformMsgsUnsafe(Message[] messageArr) {
        Message[] messageArr2 = new Message[messageArr.length];
        for (int i = 0; i < messageArr.length; i++) {
            Message message = messageArr[i];
            int messageNumber = message == null ? -1 : message.getMessageNumber();
            if (sanityCheckMessage(message)) {
                log.debug("Getting message (index {}) with number {}.", Integer.valueOf(i), Integer.valueOf(messageNumber));
                messageArr2[i] = transformMsgUnsafe(message);
                log.debug("Gotten message (index {}) with number {}.", Integer.valueOf(i), Integer.valueOf(messageNumber));
            } else {
                log.debug("Using message (index {}) with number {} as is.", Integer.valueOf(i), Integer.valueOf(messageNumber));
                messageArr2[i] = message;
            }
        }
        return messageArr2;
    }

    public Message transformMessage(Message message) {
        log.debug("Using configuration: {}", this.configuration);
        return (sanityCheckSnotify() && sanityCheckMessage(message)) ? (Message) runWithThisClassLoaderContext(this::transformMsgUnsafe, message) : message;
    }

    private Message transformMsgUnsafe(T t) {
        try {
            MimeMessage loadMessage = loadMessage(t);
            String messageId = MessageUtil.getMessageId(loadMessage);
            try {
                if (log.isTraceEnabled()) {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    loadMessage.writeTo(byteArrayOutputStream);
                    log.trace("Loaded email:\n{}\n", byteArrayOutputStream.toString());
                }
                if (this.decoHelper != null) {
                    this.decoHelper.add(EIconDecorator.MESSAGE);
                }
                ECryptographyType detectCryptography = detectCryptography(loadMessage, messageId);
                if (this.decoHelper != null) {
                    this.decoHelper.add(new CryptographyDecoration(detectCryptography));
                }
                try {
                    MimeMessage wrap = wrap(applyDecorations(handleProtectedHeaders(handleSignatures(handleDecryption(handleSignatures(loadMessage, messageId), messageId), messageId), detectCryptography, messageId), messageId), t);
                    if (log.isTraceEnabled()) {
                        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                        wrap.writeTo(byteArrayOutputStream2);
                        log.trace("Processed email:\n{}\n", byteArrayOutputStream2.toString());
                    }
                    return wrap;
                } catch (Exception e) {
                    log.error("Could not bind processed email to original email. Message ID \"" + messageId + "\". Error message: " + e.getMessage(), e);
                    return t;
                }
            } catch (Exception e2) {
                log.error(e2.getMessage(), e2);
                return recoverFromException(t);
            }
        } catch (Exception e3) {
            log.error("Could not load message. Error message: " + e3.getMessage(), e3);
            return t;
        }
    }

    private Message recoverFromException(T t) {
        if (this.decoHelper == null) {
            return t;
        }
        try {
            MimeMessage loadMessage = loadMessage(t);
            this.decoHelper.apply(loadMessage);
            this.decoHelper.clear();
            return wrap(loadMessage, t);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            return t;
        }
    }

    protected boolean sanityCheckSnotify() {
        if (this.configuration.isDisabled()) {
            log.info("S/Notify is disabled. Emails will not be decrypted.");
            return false;
        }
        if (this.configuration.isFrozen()) {
            log.error("Could not decrypt email due to licensing error in S/Notify.");
            return false;
        }
        if (!this.configuration.isLite()) {
            return true;
        }
        log.info("Lite version for S/Notify detected, no decryption will happen.");
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean sanityCheckMessage(Message message) {
        if (message != null) {
            return true;
        }
        log.warn("Sanity check failed. Cannot check message, null parameter encountered.");
        return false;
    }

    private <S, R> R runWithThisClassLoaderContext(Function<S, R> function, S s) {
        return (R) new ClassLoaderEnforcer(getClass().getClassLoader()).run((Function<Function<S, R>, R>) function, (Function<S, R>) s);
    }

    private ECryptographyType detectCryptography(MimeMessage mimeMessage, String str) {
        try {
            DetectCryptographyVisitor detectCryptographyVisitor = new DetectCryptographyVisitor();
            detectCryptographyVisitor.setCheckInline(this.configuration.isCheckPgpInline());
            detectCryptographyVisitor.visit(mimeMessage);
            return detectCryptographyVisitor.getType();
        } catch (Exception e) {
            log.warn("Failed to detect cryptography of email with ID \"" + str + "\". Error message: " + e.getMessage(), e);
            return ECryptographyType.NONE;
        }
    }

    private MimeMessage safetyCopy(MimeMessage mimeMessage, String str) {
        try {
            return new SnotifyMimeMessage(mimeMessage.getSession(), mimeMessage);
        } catch (Exception e) {
            log.warn("Could not copy email with ID \"" + str + "\". Error message: " + e.getMessage());
            return mimeMessage;
        }
    }

    private MimeMessage applyDecorations(MimeMessage mimeMessage, String str) {
        if (this.decoHelper == null) {
            return mimeMessage;
        }
        MimeMessage safetyCopy = safetyCopy(mimeMessage, str);
        try {
            this.decoHelper.apply(mimeMessage);
            this.decoHelper.clear();
            return mimeMessage;
        } catch (Exception e) {
            log.warn("Could not apply decorations to email with ID \"" + str + "\". Error message: " + e.getMessage(), e);
            return safetyCopy;
        }
    }

    private MimeMessage handleDecryption(MimeMessage mimeMessage, String str) {
        log.debug("Checking message with ID \"{}\" for encryption.", str);
        IComposedMailDecryptor mailDecryptor = getMailDecryptor(mimeMessage.getSession());
        if (mailDecryptor == null) {
            log.error("Cannot handle decryption. No decryptor available.");
            return mimeMessage;
        }
        if (!mailDecryptor.isEncrypted(mimeMessage)) {
            log.debug("Message with ID \"{}\" is not encrypted.", str);
            if (this.decoHelper != null) {
                this.decoHelper.add(EIconDecorator.UNENCRYPTED);
            }
            return mimeMessage;
        }
        MimeMessage safetyCopy = safetyCopy(mimeMessage, str);
        try {
            mailDecryptor.decrypt(mimeMessage);
            if (this.decoHelper != null) {
                this.decoHelper.add(EIconDecorator.ENCRYPTED);
            }
            return mimeMessage;
        } catch (Exception e) {
            log.warn("Could not decrype email with ID \"" + str + "\". Error message: " + e.getMessage(), e);
            if (this.decoHelper != null) {
                if (isMissigKeyException(e)) {
                    this.decoHelper.add(EIconDecorator.ENCRYPTED_UNKNOWN);
                } else {
                    this.decoHelper.add(EIconDecorator.ENCRYPTED_FAILURE);
                }
            }
            return safetyCopy;
        }
    }

    private boolean isMissigKeyException(Throwable th) {
        if (th == null) {
            return false;
        }
        String message = th.getMessage();
        if (message == null || !message.startsWith("Found no private key")) {
            return isMissigKeyException(th.getCause());
        }
        return true;
    }

    private MimeMessage handleSignatures(MimeMessage mimeMessage, String str) {
        IComposedMailValidator mailValidator = getMailValidator();
        if (mailValidator == null) {
            log.error("Cannot handle signaturs. No validator available.");
            return mimeMessage;
        }
        MimeMessage safetyCopy = safetyCopy(mimeMessage, str);
        boolean z = false;
        try {
            z = checkSignature(mimeMessage, mailValidator, str);
        } catch (Exception e) {
            log.warn("Unexpected error when checking signature for message with ID \"" + str + "\". Error message: " + e.getMessage(), e);
            if (this.decoHelper != null) {
                this.decoHelper.add(EIconDecorator.SIGNED_UNVERIFIED);
            }
        }
        if (z && this.configuration.isExtractPublicKey()) {
            try {
                extractKey(mimeMessage, mailValidator, str);
            } catch (Exception e2) {
                log.warn("Unexpected error when extracing key for message with ID \"" + str + "\". Error message: " + e2.getMessage(), e2);
            }
        }
        try {
            if (this.configuration.isRemoveSignature()) {
                removeSignatures(mimeMessage, str);
            } else {
                convertOpaqueSignature(mimeMessage, str);
            }
            return mimeMessage;
        } catch (Exception e3) {
            log.warn("Could not remove signature for message with ID \"" + str + "\". Error message: " + e3.getMessage(), e3);
            return safetyCopy;
        }
    }

    private boolean checkSignature(MimeMessage mimeMessage, IComposedMailValidator iComposedMailValidator, String str) {
        EIconDecorator eIconDecorator;
        boolean z;
        log.debug("Checking message with ID \"{}\" for signature.", str);
        if (!iComposedMailValidator.isSigned(mimeMessage)) {
            log.debug("Message with ID \"{}\" is not signed.", str);
            eIconDecorator = EIconDecorator.UNSIGNED;
            z = false;
        } else if (iComposedMailValidator.validate(mimeMessage)) {
            log.debug("Message with ID \"{}\" is correctly signed.", str);
            eIconDecorator = EIconDecorator.SIGNED;
            z = true;
        } else if (!iComposedMailValidator.validate(mimeMessage, EnumSet.of(EValidationType.CAN_VALIDATE))) {
            log.debug("Message with ID \"{}\" has an unknown sender, cannot verify.");
            eIconDecorator = EIconDecorator.SIGNED_UNKNOWN;
            z = false;
        } else if (!iComposedMailValidator.validate(mimeMessage, EnumSet.of(EValidationType.SIGNATURE))) {
            log.warn("Validity of message with ID \"{}\" could not be verified. Message was probably tampered with.", str);
            eIconDecorator = EIconDecorator.SIGNED_MISMATCH;
            z = false;
        } else if (iComposedMailValidator.validate(mimeMessage, EnumSet.of(EValidationType.TRUST))) {
            log.warn("Unknown problem with signature for message with ID \"{}\".", str);
            eIconDecorator = EIconDecorator.SIGNED_MISMATCH;
            z = false;
        } else if (this.configuration.isCheckOnlySignature()) {
            log.debug("Trust of signer not relevant for message with ID \"{}\".", str);
            eIconDecorator = EIconDecorator.SIGNED;
            z = true;
        } else {
            log.warn("Trust of signer of message with ID \"{}\" could not be verified.", str);
            eIconDecorator = EIconDecorator.SIGNED_UNVERIFIED;
            z = false;
        }
        if (this.decoHelper != null) {
            this.decoHelper.add(eIconDecorator);
        }
        return z;
    }

    private void extractKey(MimeMessage mimeMessage, IComposedMailValidator iComposedMailValidator, String str) {
        if (this.configuration.getPublicKeyConsumer() == null) {
            log.debug("No consumer for public key available. Skipping extraction.");
            return;
        }
        log.debug("Checking message with ID \"{}\" for public key.", str);
        ISnotifyPublicKey<?> extractPublicKey = iComposedMailValidator.extractPublicKey(mimeMessage);
        if (extractPublicKey.getKeyValidity() != EKeyValidity.NOT_FOUND) {
            log.info("Found public key in message with ID \"{}\": {}", str, extractPublicKey);
            this.configuration.getPublicKeyConsumer().accept(extractPublicKey, MessageUtil.getFromEmail(mimeMessage).get());
        }
    }

    private void removeSignatures(MimeMessage mimeMessage, String str) throws MessagingException {
        log.debug("Checking message with ID \"{}\" for signatures to remove.", str);
        if (this.configuration.isCheckPgpInline()) {
            InlineSignatureConverter inlineSignatureConverter = new InlineSignatureConverter();
            try {
                inlineSignatureConverter.visit(mimeMessage);
                if (inlineSignatureConverter.isChanged()) {
                    log.debug("Converted all inline signatures from message with ID \"{}\".", str);
                } else {
                    log.debug("No inline signature found.");
                }
            } catch (Exception e) {
                throw new MessagingException("Could not remove inline signatures from MIME message with ID \"" + str + "\". Error message: " + e.getMessage(), e);
            }
        }
        SignatureRemover signatureRemover = new SignatureRemover();
        try {
            signatureRemover.visit(mimeMessage);
            if (signatureRemover.isChanged()) {
                log.debug("Removed all signatures from message with ID \"{}\".", str);
            } else {
                log.debug("No signature found.");
            }
        } catch (Exception e2) {
            throw new MessagingException("Could not remove signatures from MIME message with ID \"" + str + "\". Error message: " + e2.getMessage(), e2);
        }
    }

    private void convertOpaqueSignature(MimeMessage mimeMessage, String str) throws MessagingException {
        log.debug("Checking message with ID \"{}\" for opaque signatures to convert.", str);
        OpaqueSignatureConverter opaqueSignatureConverter = new OpaqueSignatureConverter();
        try {
            opaqueSignatureConverter.visit(mimeMessage);
            if (opaqueSignatureConverter.isChanged()) {
                log.debug("Converted all signatures from message with ID \"{}\".", str);
            } else {
                log.debug("No signature found.");
            }
        } catch (Exception e) {
            throw new MessagingException("Could not convert opaque signatures from MIME message with ID \"" + str + "\". Error message: " + e.getMessage(), e);
        }
    }

    private IComposedMailDecryptor getMailDecryptor(Session session) {
        if (session == null) {
            log.error("Can't get mail decryptor as no session object has been given.");
            return null;
        }
        if (!Objects.equals(session, this.cachedSession)) {
            log.debug("Session object changed. Invalidating cached mail decryptor.");
            this.cachedSession = session;
            this.cachedDecryptor = null;
        }
        if (this.cachedDecryptor == null) {
            this.cachedDecryptor = this.configuration.getDecryptorFunction().apply(session);
        }
        return this.cachedDecryptor;
    }

    private MimeMessage handleProtectedHeaders(MimeMessage mimeMessage, ECryptographyType eCryptographyType, String str) {
        AMailHeaderExposer aMailHeaderExposer;
        switch (eCryptographyType) {
            case PGP:
                aMailHeaderExposer = new PgpMailHeaderExposer();
                break;
            case SMIME:
                aMailHeaderExposer = new SmimeMailHeaderExposer();
                break;
            default:
                aMailHeaderExposer = null;
                break;
        }
        if (aMailHeaderExposer != null) {
            MimeMessage safetyCopy = safetyCopy(mimeMessage, str);
            try {
                aMailHeaderExposer.exposeHeaders(mimeMessage);
            } catch (Exception e) {
                log.warn("Could not expose protected headers of email with ID \"" + str + "\". Error message: " + e.getMessage(), e);
                return safetyCopy;
            }
        }
        return mimeMessage;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public MimeMessage loadMessage(T t) throws MessagingException {
        log.debug("Loading message {}.", Integer.valueOf(t.getMessageNumber()));
        if (t instanceof MimeMessage) {
            return new SnotifyMimeMessage(t.getSession(), (MimeMessage) t);
        }
        log.warn("Did not encounter a MIME message. Found message of type: {}.", t.getClass());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(1024);
        try {
            t.writeTo(byteArrayOutputStream);
            return new SnotifyMimeMessage(t.getSession(), new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        } catch (IOException e) {
            throw new MessagingException("Could not read message with number: " + t.getMessageNumber(), e);
        }
    }

    protected MimeMessage wrap(MimeMessage mimeMessage, T t) throws MessagingException {
        return mimeMessage;
    }

    public Message[] unwrap(Message[] messageArr) throws MessagingException {
        if (messageArr == null) {
            log.warn("Cannot unwrap messages, null parameter received.");
            return null;
        }
        log.debug("Unwrapping {} message(s).", Integer.valueOf(messageArr.length));
        Message[] messageArr2 = new Message[messageArr.length];
        for (int i = 0; i < messageArr2.length; i++) {
            int messageNumber = messageArr[i] == null ? -1 : messageArr[i].getMessageNumber();
            log.debug("Unwrapping message (index {}) with number {}.", Integer.valueOf(i), Integer.valueOf(messageNumber));
            messageArr2[i] = unwrap(messageArr[i]);
            log.debug("Unwrapped message (index {}) with number {}.", Integer.valueOf(i), Integer.valueOf(messageNumber));
        }
        return messageArr2;
    }

    public Message unwrap(Message message) throws MessagingException {
        return message;
    }

    private IComposedMailValidator getMailValidator() {
        if (this.cachedValidator == null) {
            this.cachedValidator = this.configuration.getValidatorFunction().get();
        }
        return this.cachedValidator;
    }
}
