package com.appiancorp.ap2.mail;

import com.appiancorp.common.config.ApplicationContextHolder;
import com.appiancorp.common.monitoring.ProductMetricsAggregatedDataCollector;
import com.appiancorp.security.dkim.DKIMConfigurationData;
import com.appiancorp.security.dkim.DkimService;
import com.appiancorp.type.external.config.PersistedEntity;
import jakarta.mail.MessagingException;
import jakarta.mail.internet.InternetAddress;
import jakarta.mail.internet.MimeMessage;
import java.security.PrivateKey;
import java.security.interfaces.RSAPrivateKey;
import org.apache.log4j.Logger;
import org.simplejavamail.utils.mail.dkim.Canonicalization;
import org.simplejavamail.utils.mail.dkim.DkimMessage;
import org.simplejavamail.utils.mail.dkim.DkimSigner;
import org.simplejavamail.utils.mail.dkim.SigningAlgorithm;

/* loaded from: input_file:com/appiancorp/ap2/mail/MailSigner.class */
public class MailSigner {
    private static final Logger LOG = Logger.getLogger(MailSigner.class);
    private DkimService dkimService;
    public static final String DKIM_PRODUCT_METRICS_PREFIX = "email.dkim.";
    public static final String DKIM_PRODUCT_METRICS_SIGNED_MESSAGES = "signedMessages";

    public MailSigner() {
        this.dkimService = (DkimService) ApplicationContextHolder.getBean(DkimService.class);
    }

    public MailSigner(DkimService dkimService) {
        this.dkimService = dkimService;
    }

    public MimeMessage dkimSignMessage(MimeMessage mimeMessage) {
        String fromDomainFromMessage = getFromDomainFromMessage(mimeMessage);
        DKIMConfigurationData dkimConfigurationDataForDomain = this.dkimService.getDkimConfigurationDataForDomain(fromDomainFromMessage);
        return (dkimConfigurationDataForDomain == null || !dkimConfigurationDataForDomain.getIsVerified()) ? mimeMessage : dkimSignMessage(mimeMessage, fromDomainFromMessage, dkimConfigurationDataForDomain.getSelector(), this.dkimService.convertEncryptedStringToPrivateKey(fromDomainFromMessage, dkimConfigurationDataForDomain.getPrivateKey()));
    }

    private MimeMessage dkimSignMessage(MimeMessage mimeMessage, String str, String str2, PrivateKey privateKey) {
        DkimSigner dkimSigner = new DkimSigner(str, str2, (RSAPrivateKey) privateKey);
        dkimSigner.setSigningAlgorithm(SigningAlgorithm.SHA256_WITH_RSA);
        dkimSigner.setHeaderCanonicalization(Canonicalization.RELAXED);
        dkimSigner.setBodyCanonicalization(Canonicalization.RELAXED);
        dkimSigner.setCheckDomainKey(false);
        dkimSigner.setCopyHeaderFields(false);
        dkimSigner.setLengthParam(false);
        try {
            ProductMetricsAggregatedDataCollector.recordData("email.dkim.signedMessages");
            return new DkimMessage(mimeMessage, dkimSigner);
        } catch (MessagingException e) {
            LOG.error("Unable to add DKIM signature to message from: " + str, e);
            return mimeMessage;
        }
    }

    public String getFromDomainFromMessage(MimeMessage mimeMessage) {
        InternetAddress[] from;
        String str = "";
        try {
            from = mimeMessage.getFrom();
        } catch (Exception e) {
            LOG.error("Unable to get FROM address from MimeMessage", e);
        }
        if (from == null || from.length == 0) {
            throw new MessagingException("Message failed RFC-2822 validation: No Sender");
        }
        str = from[0].getAddress().split(PersistedEntity.ENTITY_COMPOSITE_ID_SEPARATOR)[1];
        return str;
    }
}
