package at.gv.egovernment.moa.sig.tsl.engine;

import at.gv.egovernment.moa.sig.tsl.TslConstants;
import at.gv.egovernment.moa.sig.tsl.database.AbstractDBService;
import at.gv.egovernment.moa.sig.tsl.database.IDBService;
import at.gv.egovernment.moa.sig.tsl.database.connection.SqlConnectionWrapper;
import at.gv.egovernment.moa.sig.tsl.engine.data.BinaryHashCache;
import at.gv.egovernment.moa.sig.tsl.engine.data.PointerToNationalTsl;
import at.gv.egovernment.moa.sig.tsl.engine.data.TspProcessingContainter;
import at.gv.egovernment.moa.sig.tsl.exception.TslDatabaseException;
import at.gv.egovernment.moa.sig.tsl.exception.TslProcessingException;
import at.gv.egovernment.moa.sig.tsl.gen.DigitalIdentityType;
import at.gv.egovernment.moa.sig.tsl.gen.ServiceHistoryInstanceType;
import at.gv.egovernment.moa.sig.tsl.gen.TSPServiceInformationType;
import at.gv.egovernment.moa.sig.tsl.gen.TSPServiceType;
import at.gv.egovernment.moa.sig.tsl.gen.TSPServicesListType;
import at.gv.egovernment.moa.sig.tsl.gen.TSPType;
import at.gv.egovernment.moa.sig.tsl.utils.TspServiceParserUtils;
import iaik.asn1.structures.Name;
import iaik.utils.RFC2253NameParserException;
import iaik.utils.Util;
import iaik.x509.X509Certificate;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import org.apache.log4j.Logger;

/* loaded from: input_file:at/gv/egovernment/moa/sig/tsl/engine/TrustServiceProcessingRunner.class */
public class TrustServiceProcessingRunner implements Runnable {
    private static final Logger log = Logger.getLogger(TrustServiceProcessingRunner.class);
    private IDBService dbService;
    private TSPType tsp;
    private PointerToNationalTsl pointer;
    private String tspName;

    public TrustServiceProcessingRunner(IDBService iDBService, TSPType tSPType, PointerToNationalTsl pointerToNationalTsl, String str) {
        this.tsp = tSPType;
        this.pointer = pointerToNationalTsl;
        this.dbService = iDBService;
        this.tspName = str;
    }

    @Override // java.lang.Runnable
    public void run() {
        TSPServicesListType tSPServices;
        try {
            tSPServices = this.tsp.getTSPServices();
        } catch (TslProcessingException e) {
            log.error("Import Trust Service-Provider:" + this.tspName + " from " + this.pointer.getCountryCode() + " FAILED.", e);
            return;
        }
        if (tSPServices != null) {
            for (TSPServiceType tSPServiceType : tSPServices.getTSPService()) {
                ArrayList<TspProcessingContainter> arrayList = new ArrayList();
                ArrayList arrayList2 = new ArrayList();
                TSPServiceInformationType serviceInformation = tSPServiceType.getServiceInformation();
                String trustServiceName = TspServiceParserUtils.getTrustServiceName(serviceInformation, this.pointer.getCountryCode(), this.tspName);
                if (serviceInformation.getServiceDigitalIdentity() != null) {
                    for (DigitalIdentityType digitalIdentityType : serviceInformation.getServiceDigitalIdentity().getDigitalId()) {
                        if (digitalIdentityType.getX509Certificate() != null) {
                            TspServiceParserUtils.processTSPX509CertificateEntry(arrayList, digitalIdentityType.getX509Certificate(), serviceInformation, this.pointer.getCountryCode(), this.tspName, trustServiceName);
                        } else {
                            log.debug("TrustService:" + trustServiceName + " contains a NOT supported 'DigitalID' type. Only " + TslConstants.SERVICEDIGITALIDTYPES.X509Certificate.name() + " is supported.");
                        }
                    }
                }
                if (tSPServiceType.getServiceHistory() != null) {
                    for (ServiceHistoryInstanceType serviceHistoryInstanceType : tSPServiceType.getServiceHistory().getServiceHistoryInstance()) {
                        if (serviceHistoryInstanceType.getServiceDigitalIdentity() != null) {
                            X509Certificate x509Certificate = null;
                            String str = null;
                            String str2 = null;
                            String str3 = null;
                            for (DigitalIdentityType digitalIdentityType2 : serviceHistoryInstanceType.getServiceDigitalIdentity().getDigitalId()) {
                                if (digitalIdentityType2.getX509Certificate() != null) {
                                    try {
                                        x509Certificate = new X509Certificate(digitalIdentityType2.getX509Certificate());
                                        str = Util.toString(x509Certificate.getFingerprint(TslConstants.CERT_HASH_NAME), "");
                                    } catch (NoSuchAlgorithmException | CertificateException e2) {
                                        log.warn("NOT valid X509Certificate in TrustService History:" + trustServiceName, e2);
                                    }
                                } else if (digitalIdentityType2.getX509SKI() != null) {
                                    str2 = Util.toString(digitalIdentityType2.getX509SKI(), "");
                                } else if (digitalIdentityType2.getX509SubjectName() != null) {
                                    try {
                                        str3 = new Name(digitalIdentityType2.getX509SubjectName()).getRFC2253String();
                                    } catch (RFC2253NameParserException e3) {
                                        log.warn("Can not normalize SubjectName:" + digitalIdentityType2.getX509SubjectName() + " Country:" + this.pointer.getCountryCode() + " TrustServiceProvider:" + this.tspName);
                                    }
                                }
                                log.error("Import Trust Service-Provider:" + this.tspName + " from " + this.pointer.getCountryCode() + " FAILED.", e);
                                return;
                            }
                            for (TspProcessingContainter tspProcessingContainter : arrayList) {
                                if (str != null && str.equals(tspProcessingContainter.getCertHash())) {
                                    TspServiceParserUtils.processTSPX509CertificateEntry(arrayList2, x509Certificate, serviceHistoryInstanceType, tspProcessingContainter.getStartDate(), this.pointer.getCountryCode(), this.tspName, trustServiceName);
                                } else if (str2 != null && str2.equals(tspProcessingContainter.getCertSKI()) && str3 == null) {
                                    log.debug("Select cert from history only by SKI");
                                    TspServiceParserUtils.processTSPX509CertificateEntry(arrayList2, tspProcessingContainter.getCertificate(), serviceHistoryInstanceType, tspProcessingContainter.getStartDate(), this.pointer.getCountryCode(), this.tspName, trustServiceName);
                                } else if (str3 != null && str3.equals(tspProcessingContainter.getCertSubDN()) && str2 == null) {
                                    log.debug("Select cert from history only by SubjectName");
                                    TspServiceParserUtils.processTSPX509CertificateEntry(arrayList2, tspProcessingContainter.getCertificate(), serviceHistoryInstanceType, tspProcessingContainter.getStartDate(), this.pointer.getCountryCode(), this.tspName, trustServiceName);
                                } else if (str3 == null || !str3.equals(tspProcessingContainter.getCertSubDN()) || str2 == null || !str2.equals(tspProcessingContainter.getCertSKI())) {
                                    log.info("History contains certificate identifiers, which is not match to a included certificate. History block is skipped");
                                } else {
                                    log.debug("Select cert from history by SubjectName and SKI");
                                    TspServiceParserUtils.processTSPX509CertificateEntry(arrayList2, tspProcessingContainter.getCertificate(), serviceHistoryInstanceType, tspProcessingContainter.getStartDate(), this.pointer.getCountryCode(), this.tspName, trustServiceName);
                                }
                            }
                        } else {
                            log.debug("History information from Trust-Service:" + trustServiceName + " contains no certificate information. History is skipped");
                        }
                    }
                }
                try {
                    SqlConnectionWrapper connectToDatabase = this.dbService.connectToDatabase(AbstractDBService.MODE.AUTO_COMMIT_ON);
                    arrayList.addAll(arrayList2);
                    for (TspProcessingContainter tspProcessingContainter2 : arrayList) {
                        try {
                            BinaryHashCache.getInstance().addCertificateToCache(tspProcessingContainter2.getCertSubDNHash(), tspProcessingContainter2.getCertHash(), tspProcessingContainter2.getCertificate().getEncoded());
                            this.dbService.writeTslCertificateInformation(connectToDatabase, tspProcessingContainter2, this.pointer.getCountryCode(), this.pointer.getUrl().toString(), this.tspName);
                        } catch (TslDatabaseException e4) {
                            log.error("TSL service can not write to database.", e4);
                            throw new TslProcessingException("TSL service can not write to database.", e4);
                        } catch (TslProcessingException e5) {
                            log.warn("TrustService:" + trustServiceName + " contains a NOT valid X509 certificate. Certificate:" + tspProcessingContainter2.getCertificate().getSubjectDN().getName(), e5);
                        } catch (CertificateEncodingException e6) {
                            log.error("Can not process X509Certificate with SubjectName:" + tspProcessingContainter2.getCertSubDN());
                        }
                    }
                    try {
                        connectToDatabase.closeConnection();
                    } catch (TslDatabaseException e7) {
                        log.error("Can not connect to SQL database.", e7);
                        throw new TslProcessingException("Can not disconnect from SQL database", e7);
                    }
                } catch (TslDatabaseException e8) {
                    log.error("Can not connect to SQL database.", e8);
                    throw new TslProcessingException("Can not connect to SQL database", e8);
                }
            }
        }
    }
}
