package com.appiancorp.security.dkim;

import com.appiancorp.common.crypto.CryptographerProvider;
import com.appiancorp.common.monitoring.ProductMetricsAggregatedDataCollector;
import com.appiancorp.suite.cfg.adminconsole.AdminConsoleAuditLogger;
import java.security.PrivateKey;
import java.util.ArrayList;
import java.util.List;
import org.apache.log4j.Logger;
import org.springframework.transaction.annotation.Transactional;
import org.xbill.DNS.Cache;
import org.xbill.DNS.Lookup;
import org.xbill.DNS.TXTRecord;

/* loaded from: input_file:com/appiancorp/security/dkim/DkimServiceImpl.class */
public class DkimServiceImpl implements DkimService {
    private static final String AUDIT_NAMESPACE = "conf.email";
    private static final String AUDIT_PROPERTY_KEY = "dkim";
    private static final String AUDIT_CREATE_PREVIOUS_VALUE = "<created>";
    private static final String AUDIT_DELETE_NEW_VALUE = "<deleted>";
    public static final String DKIM_PRODUCT_METRICS_PREFIX = "email.dkim.";
    public static final String DKIM_PRODUCT_METRICS_DOMAINS = "domains";
    public static final String DKIM_PRODUCT_METRICS_VERIFIED_DOMAINS = "verifiedDomains";
    public static final String DKIM_PRODUCT_METRICS_DELETED_DOMAINS = "deletedDomains";
    protected final DkimConfigurationDataDao dkimDataDao;
    protected final CryptographerProvider systemCryptographerProvider;
    protected final AdminConsoleAuditLogger adminConsoleAuditLogger;
    private static final String DEFAULT_RECORD_TYPE = "TXT";
    private static final String RECORD_NOT_FOUND = "";
    private static Logger LOG = Logger.getLogger(DkimServiceImpl.class);
    private static final String VERIFICATION_UNKNOWN_EXCEPTION = null;

    public DkimServiceImpl(DkimConfigurationDataDao dkimConfigurationDataDao, CryptographerProvider cryptographerProvider, AdminConsoleAuditLogger adminConsoleAuditLogger) {
        this.dkimDataDao = dkimConfigurationDataDao;
        this.systemCryptographerProvider = cryptographerProvider;
        this.adminConsoleAuditLogger = adminConsoleAuditLogger;
    }

    @Override // com.appiancorp.security.dkim.DkimService
    @Transactional
    public DKIMConfigurationData saveDkimConfigurationData(String str) {
        if (getDkimConfigurationDataForDomain(str) != null) {
            return null;
        }
        DKIMConfigurationData saveDkimConfigurationData = saveDkimConfigurationData(new DkimConfigurationFactory(str, this.systemCryptographerProvider).buildDkimConfigurationData());
        this.adminConsoleAuditLogger.forProperty(AUDIT_NAMESPACE, AUDIT_PROPERTY_KEY).log(str, AUDIT_CREATE_PREVIOUS_VALUE);
        ProductMetricsAggregatedDataCollector.recordData("email.dkim.domains");
        return saveDkimConfigurationData;
    }

    @Override // com.appiancorp.security.dkim.DkimService
    @Transactional
    public DKIMConfigurationData saveDkimConfigurationData(DKIMConfigurationData dKIMConfigurationData) {
        return (DKIMConfigurationData) this.dkimDataDao.createOrUpdate(dKIMConfigurationData);
    }

    @Override // com.appiancorp.security.dkim.DkimService
    @Transactional
    public DKIMConfigurationData getDkimConfigurationDataForDomain(String str) {
        return this.dkimDataDao.getConfigurationDataForDomain(str);
    }

    @Override // com.appiancorp.security.dkim.DkimService
    @Transactional
    public List<DKIMConfigurationData> getAll() {
        return this.dkimDataDao.getAllDkimConfigurationData();
    }

    @Override // com.appiancorp.security.dkim.DkimService
    @Transactional
    public List<String> getAllDomains() {
        return this.dkimDataDao.getAllDomains();
    }

    @Override // com.appiancorp.security.dkim.DkimService
    @Transactional
    public void deleteDkimConfigurationForDomain(String str) {
        DKIMConfigurationData configurationDataForDomain = this.dkimDataDao.getConfigurationDataForDomain(str);
        if (configurationDataForDomain == null) {
            return;
        }
        this.dkimDataDao.delete(configurationDataForDomain.m4070getId());
        this.adminConsoleAuditLogger.forProperty(AUDIT_NAMESPACE, AUDIT_PROPERTY_KEY).log(str, AUDIT_DELETE_NEW_VALUE);
        ProductMetricsAggregatedDataCollector.recordData("email.dkim.deletedDomains");
    }

    @Override // com.appiancorp.security.dkim.DkimService
    @Transactional
    public void deleteAll() {
        this.dkimDataDao.deleteAll();
    }

    @Override // com.appiancorp.security.dkim.DkimService
    public String getDNSRecordType() {
        return DEFAULT_RECORD_TYPE;
    }

    @Override // com.appiancorp.security.dkim.DkimService
    @Transactional
    public String getDNSRecordName(String str) {
        return String.format("%s._domainkey.%s", this.dkimDataDao.getConfigurationDataForDomain(str).getSelector(), str);
    }

    @Override // com.appiancorp.security.dkim.DkimService
    @Transactional
    public String getDNSRecordValue(String str) {
        return String.format("v=DKIM1; p=%s", this.dkimDataDao.getConfigurationDataForDomain(str).getPublicKey());
    }

    @Override // com.appiancorp.security.dkim.DkimService
    @Transactional
    public void updateVerificationStatusForDomain(String str, boolean z) {
        String str2 = z ? "<verification_successful>" : "<verification_failed>";
        DKIMConfigurationData configurationDataForDomain = this.dkimDataDao.getConfigurationDataForDomain(str);
        if (z != configurationDataForDomain.getIsVerified()) {
            configurationDataForDomain.setIsVerified(z);
            saveDkimConfigurationData(configurationDataForDomain);
            if (z) {
                ProductMetricsAggregatedDataCollector.recordData("email.dkim.verifiedDomains");
            }
        }
        this.adminConsoleAuditLogger.forProperty(AUDIT_NAMESPACE, AUDIT_PROPERTY_KEY).log(str, str2);
    }

    @Override // com.appiancorp.security.dkim.DkimService
    public String getTXTRecordDataForRecordName(String str) {
        List<String> strings;
        try {
            Lookup lookup = new Lookup(str + '.', 16);
            Lookup.getDefaultResolver().setEDNS(0, 4096, 0, new ArrayList());
            lookup.setCache((Cache) null);
            TXTRecord[] run = lookup.run();
            if (lookup.getResult() != 0 || run == null) {
                return "";
            }
            for (TXTRecord tXTRecord : run) {
                if ((tXTRecord instanceof TXTRecord) && (strings = tXTRecord.getStrings()) != null && strings.size() > 0) {
                    StringBuilder sb = new StringBuilder();
                    for (String str2 : strings) {
                        if (str2.length() > 0) {
                            sb.append(str2);
                        }
                    }
                    return sb.toString();
                }
            }
            return "";
        } catch (Exception e) {
            LOG.error("Unknown error occurred during DKIM DNS record verification for recordName: " + str, e);
            return VERIFICATION_UNKNOWN_EXCEPTION;
        }
    }

    @Override // com.appiancorp.security.dkim.DkimService
    public PrivateKey convertEncryptedStringToPrivateKey(String str, String str2) {
        return new DkimConfigurationFactory(str, this.systemCryptographerProvider).convertEncryptedStringToPrivateKey(str2);
    }
}
