package org.mule.extras.pgp.filters;

import cryptix.message.LiteralMessage;
import cryptix.message.Message;
import cryptix.message.MessageFactory;
import cryptix.message.SignedMessage;
import java.io.ByteArrayInputStream;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.mule.MuleManager;
import org.mule.config.i18n.CoreMessages;
import org.mule.extras.pgp.PGPAuthentication;
import org.mule.extras.pgp.PGPCryptInfo;
import org.mule.extras.pgp.PGPKeyRing;
import org.mule.extras.pgp.i18n.PGPMessages;
import org.mule.impl.MuleMessage;
import org.mule.impl.RequestContext;
import org.mule.impl.security.AbstractEndpointSecurityFilter;
import org.mule.umo.UMOEncryptionStrategy;
import org.mule.umo.UMOEvent;
import org.mule.umo.UMOMessage;
import org.mule.umo.lifecycle.InitialisationException;
import org.mule.umo.security.UMOAuthentication;
import org.mule.umo.security.UMOSecurityContext;
import org.mule.umo.security.UnauthorisedException;
import org.mule.umo.security.UnknownAuthenticationTypeException;

/* loaded from: input_file:org/mule/extras/pgp/filters/PGPSecurityFilter.class */
public class PGPSecurityFilter extends AbstractEndpointSecurityFilter {
    protected static final Log logger;
    private UMOEncryptionStrategy strategy;
    private String strategyName;
    private boolean signRequired;
    private PGPKeyRing keyManager;
    static Class class$org$mule$extras$pgp$filters$PGPSecurityFilter;

    protected void authenticateInbound(UMOEvent uMOEvent) throws SecurityException, UnauthorisedException, UnknownAuthenticationTypeException {
        UMOMessage message = uMOEvent.getMessage();
        String str = (String) getCredentialsAccessor().getCredentials(uMOEvent);
        try {
            try {
                try {
                    UMOAuthentication authenticate = getSecurityManager().authenticate(new PGPAuthentication(str, decodeMsgRaw(this.strategy.decrypt(message.getPayloadAsBytes(), (Object) null))));
                    if (logger.isDebugEnabled()) {
                        logger.debug(new StringBuffer().append("Authentication success: ").append(authenticate.toString()).toString());
                    }
                    UMOSecurityContext createSecurityContext = getSecurityManager().createSecurityContext(authenticate);
                    uMOEvent.getSession().setSecurityContext(createSecurityContext);
                    try {
                        RequestContext.rewriteEvent(new MuleMessage(getUnencryptedMessageWithoutSignature((PGPAuthentication) authenticate)));
                    } catch (Exception e) {
                        throw new UnauthorisedException(uMOEvent.getMessage(), createSecurityContext, uMOEvent.getEndpoint(), this);
                    }
                } catch (Exception e2) {
                    if (logger.isDebugEnabled()) {
                        logger.debug(new StringBuffer().append("Authentication request for user: ").append(str).append(" failed: ").append(e2.toString()).toString());
                    }
                    throw new UnauthorisedException(CoreMessages.authFailedForUser(str), uMOEvent.getMessage(), e2);
                }
            } catch (Exception e3) {
                throw new UnauthorisedException(CoreMessages.failedToReadPayload(), uMOEvent.getMessage(), e3);
            }
        } catch (Exception e4) {
            throw new UnauthorisedException(CoreMessages.failedToReadPayload(), uMOEvent.getMessage(), e4);
        }
    }

    private Message decodeMsgRaw(byte[] bArr) throws Exception {
        return (Message) MessageFactory.getInstance("OpenPGP").generateMessages(new ByteArrayInputStream(bArr)).iterator().next();
    }

    private String getUnencryptedMessageWithoutSignature(PGPAuthentication pGPAuthentication) throws Exception {
        Message message = (Message) pGPAuthentication.getCredentials();
        if (message instanceof SignedMessage) {
            message = ((SignedMessage) message).getContents();
        }
        if (message instanceof LiteralMessage) {
            return ((LiteralMessage) message).getTextData();
        }
        throw new Exception("Wrong data");
    }

    protected void authenticateOutbound(UMOEvent uMOEvent) throws SecurityException, UnauthorisedException {
        logger.debug(new StringBuffer().append("authenticateOutbound:").append(uMOEvent.getId()).toString());
        if (isAuthenticate()) {
            UMOMessage message = uMOEvent.getMessage();
            PGPCryptInfo pGPCryptInfo = new PGPCryptInfo(this.keyManager.getKeyBundle((String) getCredentialsAccessor().getCredentials(uMOEvent)), this.signRequired);
            try {
                try {
                    String str = new String(this.strategy.encrypt(message.getPayloadAsBytes(), pGPCryptInfo));
                    RequestContext.rewriteEvent(new MuleMessage(str));
                    logger.debug(new StringBuffer().append("Message:").append(str).toString());
                } catch (Exception e) {
                    throw new UnauthorisedException(uMOEvent.getMessage(), uMOEvent.getSession().getSecurityContext(), uMOEvent.getEndpoint(), this);
                }
            } catch (Exception e2) {
                throw new UnauthorisedException(CoreMessages.failedToReadPayload(), uMOEvent.getMessage(), e2);
            }
        }
    }

    protected void doInitialise() throws InitialisationException {
        if (this.strategyName != null) {
            this.strategy = MuleManager.getInstance().getSecurityManager().getEncryptionStrategy(this.strategyName);
        }
        if (this.strategy == null) {
            throw new InitialisationException(PGPMessages.encryptionStrategyNotSet(), this);
        }
    }

    public UMOEncryptionStrategy getStrategy() {
        return this.strategy;
    }

    public void setStrategy(UMOEncryptionStrategy uMOEncryptionStrategy) {
        this.strategy = uMOEncryptionStrategy;
    }

    public void setStrategyName(String str) {
        this.strategyName = str;
    }

    public boolean isSignRequired() {
        return this.signRequired;
    }

    public void setSignRequired(boolean z) {
        this.signRequired = z;
    }

    public PGPKeyRing getKeyManager() {
        return this.keyManager;
    }

    public void setKeyManager(PGPKeyRing pGPKeyRing) {
        this.keyManager = pGPKeyRing;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$mule$extras$pgp$filters$PGPSecurityFilter == null) {
            cls = class$("org.mule.extras.pgp.filters.PGPSecurityFilter");
            class$org$mule$extras$pgp$filters$PGPSecurityFilter = cls;
        } else {
            cls = class$org$mule$extras$pgp$filters$PGPSecurityFilter;
        }
        logger = LogFactory.getLog(cls);
    }
}
