package com.appiancorp.security.dkim;

import com.appiancorp.common.crypto.CryptographerProvider;
import com.appiancorp.suiteapi.common.exceptions.AppianRuntimeException;
import com.appiancorp.suiteapi.common.exceptions.ErrorCode;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.text.SimpleDateFormat;
import java.util.Base64;
import java.util.Date;
import java.util.TimeZone;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/appiancorp/security/dkim/DkimConfigurationFactory.class */
public class DkimConfigurationFactory {
    private static Logger LOG = Logger.getLogger(DkimConfigurationFactory.class);
    private final String DEFAULT_KEY_PAIR_GENERATOR_ALGORITHM = "RSA";
    private final int DEFAULT_KEY_SIZE = 2048;
    private final String DEFAULT_VERSION = "1";
    private final String DEFAULT_SIGNING_ALGORITHM = "rsa-sha256";
    private final String DEFAULT_MESSAGE_CANONICALIZATION = "relaxed/relaxed";
    private final boolean DEFAULT_VERIFICATION_STATUS = false;
    private final Long DEFAULT_LAST_VERIFICATION_TIME = null;
    private CryptographerProvider systemCryptographerProvider;
    private String domain;
    private String selector;
    private String privateKey;
    private String publicKey;

    public DkimConfigurationFactory(String str, CryptographerProvider cryptographerProvider) {
        this.domain = str;
        this.systemCryptographerProvider = cryptographerProvider;
    }

    private void generateKeyPair() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            PrivateKey privateKey = generateKeyPair.getPrivate();
            PublicKey publicKey = generateKeyPair.getPublic();
            this.privateKey = encryptPrivateKey(convertKeyToString(privateKey));
            this.publicKey = convertKeyToString(publicKey);
        } catch (Exception e) {
            throw new AppianRuntimeException(e, ErrorCode.DKIM_INVALID_KEY_PAIR_GENERATION, new Object[0]);
        }
    }

    String convertKeyToString(Key key) {
        return Base64.getEncoder().encodeToString(key.getEncoded());
    }

    String encryptPrivateKey(String str) throws Exception {
        return this.systemCryptographerProvider.get().encrypt(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PrivateKey convertEncryptedStringToPrivateKey(String str) {
        try {
            return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(this.systemCryptographerProvider.get().decrypt(str))));
        } catch (Exception e) {
            throw new AppianRuntimeException(e, ErrorCode.DKIM_INVALID_PRIVATE_KEY, new Object[0]);
        }
    }

    PublicKey convertStringToPublicKey(String str) {
        try {
            return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(str)));
        } catch (Exception e) {
            throw new AppianRuntimeException(e, ErrorCode.DKIM_INVALID_PUBLIC_KEY, new Object[0]);
        }
    }

    private void generateSelector() {
        Date date = new Date();
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmss");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
        this.selector = generateSelectorOnDate(date, simpleDateFormat);
    }

    String generateSelectorOnDate(Date date, SimpleDateFormat simpleDateFormat) {
        return "appian" + simpleDateFormat.format(date);
    }

    public DKIMConfigurationData buildDkimConfigurationData() {
        DKIMConfigurationData dKIMConfigurationData = new DKIMConfigurationData();
        try {
            generateKeyPair();
            generateSelector();
            dKIMConfigurationData.setDomain(this.domain);
            dKIMConfigurationData.setSelector(this.selector);
            dKIMConfigurationData.setKeySize(2048);
            dKIMConfigurationData.setPublicKey(this.publicKey);
            dKIMConfigurationData.setPrivateKey(this.privateKey);
            dKIMConfigurationData.setVersion("1");
            dKIMConfigurationData.setSigningAlgorithm("rsa-sha256");
            dKIMConfigurationData.setMessageCanonicalization("relaxed/relaxed");
            dKIMConfigurationData.setIsVerified(false);
            dKIMConfigurationData.setLastVerificationTime(this.DEFAULT_LAST_VERIFICATION_TIME);
            return dKIMConfigurationData;
        } catch (Exception e) {
            throw new AppianRuntimeException(e, ErrorCode.DKIM_CONFIGURATION_ERROR, new Object[0]);
        }
    }
}
