package dev.dsf.bpe.spring.config;

import de.rwh.utils.crypto.CertificateHelper;
import de.rwh.utils.crypto.io.CertificateReader;
import de.rwh.utils.crypto.io.PemIo;
import dev.dsf.bpe.mail.LoggingMailService;
import dev.dsf.bpe.mail.SmtpMailService;
import dev.dsf.bpe.v1.service.MailService;
import dev.dsf.tools.build.BuildInfoReader;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.time.ZoneId;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import java.util.List;
import java.util.UUID;
import org.apache.logging.log4j.Level;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.core.Filter;
import org.apache.logging.log4j.core.filter.ThresholdFilter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.pkcs.PKCSException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.event.ContextRefreshedEvent;
import org.springframework.context.event.EventListener;

@Configuration
/* loaded from: input_file:dev/dsf/bpe/spring/config/MailConfig.class */
public class MailConfig implements InitializingBean {
    private static final Logger logger = LoggerFactory.getLogger(MailConfig.class);
    private static final BouncyCastleProvider provider = new BouncyCastleProvider();

    @Autowired
    private PropertiesConfig propertiesConfig;

    @Autowired
    BuildInfoReaderConfig buildInfoReaderConfig;

    @Bean
    public MailService mailService() {
        if (!isConfigured()) {
            return new LoggingMailService();
        }
        try {
            return newSmptMailService();
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException | PKCSException e) {
            throw new RuntimeException(e);
        }
    }

    private boolean isConfigured() {
        return this.propertiesConfig.getMailServerHostname() != null && this.propertiesConfig.getMailServerPort() > 0;
    }

    private MailService newSmptMailService() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException, PKCSException {
        String mailFromAddress = this.propertiesConfig.getMailFromAddress();
        List<String> mailToAddresses = this.propertiesConfig.getMailToAddresses();
        List<String> mailToAddressesCc = this.propertiesConfig.getMailToAddressesCc();
        List<String> mailReplyToAddresses = this.propertiesConfig.getMailReplyToAddresses();
        boolean mailUseSmtps = this.propertiesConfig.getMailUseSmtps();
        String mailServerHostname = this.propertiesConfig.getMailServerHostname();
        int mailServerPort = this.propertiesConfig.getMailServerPort();
        String mailServerUsername = this.propertiesConfig.getMailServerUsername();
        char[] mailServerPassword = this.propertiesConfig.getMailServerPassword();
        KeyStore trustStore = toTrustStore(this.propertiesConfig.getMailServerTrustStoreFile());
        char[] charArray = UUID.randomUUID().toString().toCharArray();
        return new SmtpMailService(mailFromAddress, mailToAddresses, mailToAddressesCc, mailReplyToAddresses, mailUseSmtps, mailServerHostname, mailServerPort, mailServerUsername, mailServerPassword, trustStore, toKeyStore(this.propertiesConfig.getMailServerClientCertificateFile(), this.propertiesConfig.getMailServerClientCertificatePrivateKeyFile(), this.propertiesConfig.getMailServerClientCertificatePrivateKeyFilePassword(), charArray), charArray, toSmimeSigningStore(this.propertiesConfig.getMailSmimeSigingKeyStoreFile(), this.propertiesConfig.getMailSmimeSigingKeyStorePassword()), this.propertiesConfig.getMailSmimeSigingKeyStorePassword(), this.propertiesConfig.getSendMailOnErrorLogEvent(), this.propertiesConfig.getMailOnErrorLogEventBufferSize(), this.propertiesConfig.getMailOnErrorLogEventDebugLogLocation());
    }

    private KeyStore toTrustStore(String str) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException {
        if (str == null) {
            return null;
        }
        Path path = Paths.get(str, new String[0]);
        if (Files.isReadable(path)) {
            return CertificateReader.allFromCer(path);
        }
        throw new IOException("Mail server trust store file '" + path.toString() + "' not readable");
    }

    private KeyStore toKeyStore(String str, String str2, char[] cArr, char[] cArr2) throws IOException, CertificateException, PKCSException, KeyStoreException, NoSuchAlgorithmException {
        if (str == null && str2 == null) {
            return null;
        }
        Path path = Paths.get(str, new String[0]);
        Path path2 = Paths.get(str2, new String[0]);
        if (!Files.isReadable(path)) {
            throw new IOException("Mail server client certificate file '" + path.toString() + "' not readable");
        }
        if (!Files.isReadable(path)) {
            throw new IOException("Mail server client certificate private key file '" + path2.toString() + "' not readable");
        }
        X509Certificate readX509CertificateFromPem = PemIo.readX509CertificateFromPem(path);
        return CertificateHelper.toJksKeyStore(PemIo.readPrivateKeyFromPem(provider, path2, cArr), new Certificate[]{readX509CertificateFromPem}, CertificateHelper.getSubjectCommonName(readX509CertificateFromPem), cArr2);
    }

    private KeyStore toSmimeSigningStore(String str, char[] cArr) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException {
        if (str == null) {
            return null;
        }
        Path path = Paths.get(str, new String[0]);
        if (Files.isReadable(path)) {
            return CertificateReader.fromPkcs12(path, cArr);
        }
        throw new IOException("S/MIME mail signing certificate file '" + path.toString() + "' not readable");
    }

    public void afterPropertiesSet() throws Exception {
        SmtpMailService.Log4jAppender log4jAppender;
        if (isConfigured()) {
            Logger logger2 = logger;
            Object[] objArr = new Object[19];
            objArr[0] = this.propertiesConfig.getMailFromAddress();
            objArr[1] = this.propertiesConfig.getMailToAddresses();
            objArr[2] = this.propertiesConfig.getMailToAddressesCc();
            objArr[3] = this.propertiesConfig.getMailReplyToAddresses();
            objArr[4] = Boolean.valueOf(this.propertiesConfig.getMailUseSmtps());
            objArr[5] = this.propertiesConfig.getMailServerHostname();
            objArr[6] = Integer.valueOf(this.propertiesConfig.getMailServerPort());
            objArr[7] = this.propertiesConfig.getMailServerUsername();
            objArr[8] = this.propertiesConfig.getMailServerPassword() != null ? "***" : "null";
            objArr[9] = this.propertiesConfig.getMailServerTrustStoreFile();
            objArr[10] = this.propertiesConfig.getMailServerClientCertificateFile();
            objArr[11] = this.propertiesConfig.getMailServerClientCertificatePrivateKeyFile();
            objArr[12] = this.propertiesConfig.getMailServerClientCertificatePrivateKeyFilePassword() != null ? "***" : "null";
            objArr[13] = this.propertiesConfig.getMailSmimeSigingKeyStoreFile();
            objArr[14] = this.propertiesConfig.getMailSmimeSigingKeyStorePassword() != null ? "***" : "null";
            objArr[15] = Boolean.valueOf(this.propertiesConfig.getSendTestMailOnStartup());
            objArr[16] = Boolean.valueOf(this.propertiesConfig.getSendMailOnErrorLogEvent());
            objArr[17] = Integer.valueOf(this.propertiesConfig.getMailOnErrorLogEventBufferSize());
            objArr[18] = this.propertiesConfig.getMailOnErrorLogEventDebugLogLocation();
            logger2.info("Mail client config: {fromAddress: {}, toAddresses: {}, toAddressesCc: {}, replyToAddresses: {}, useSmtps: {}, mailServerHostname: {}, mailServerPort: {}, mailServerUsername: {}, mailServerPassword: {}, trustStore: {}, clientCertificate: {}, clientCertificatePrivateKey: {}, clientCertificatePrivateKeyPassword: {}, smimeSigingKeyStore: {}, smimeSigingKeyStorePassword: {}, sendTestMailOnStartup: {}, sendMailOnErrorLogEvent: {}, mailOnErrorLogEventBufferSize: {}, mailOnErrorLogEventDebugLogLocation: {}}", objArr);
        } else {
            logger.info("Mail client config: SMTP client not configured, sending mails to debug log, configure at least SMTP server host and port");
        }
        if (!isConfigured() || (log4jAppender = ((SmtpMailService) mailService()).getLog4jAppender()) == null) {
            return;
        }
        log4jAppender.start();
        LogManager.getContext(false).getConfiguration().getRootLogger().addAppender(log4jAppender, Level.INFO, ThresholdFilter.createFilter(Level.INFO, Filter.Result.ACCEPT, Filter.Result.DENY));
    }

    /* JADX WARN: Type inference failed for: r4v2, types: [java.time.ZonedDateTime] */
    /* JADX WARN: Type inference failed for: r7v1, types: [java.time.ZonedDateTime] */
    @EventListener({ContextRefreshedEvent.class})
    public void onContextRefreshedEvent(ContextRefreshedEvent contextRefreshedEvent) throws IOException {
        if (this.propertiesConfig.getSendTestMailOnStartup()) {
            DateTimeFormatter dateTimeFormatter = DateTimeFormatter.ISO_OFFSET_DATE_TIME;
            BuildInfoReader buildInfoReader = this.buildInfoReaderConfig.buildInfoReader();
            mailService().send("DSF BPE Test Mail", "BPE startup test mail\n\nArtifact: " + buildInfoReader.getProjectArtifact() + "\nVersion: " + buildInfoReader.getProjectVersion() + "\nBuild: " + buildInfoReader.getBuildDate().withZoneSameInstant(ZoneId.systemDefault()).format(dateTimeFormatter) + "\nBranch: " + buildInfoReader.getBuildBranch() + "\nCommit: " + buildInfoReader.getBuildNumber() + "\n\nSend on " + ZonedDateTime.now().withZoneSameInstant(ZoneId.systemDefault()).format(dateTimeFormatter));
        }
    }
}
