package iaik.pki.store.certstore.directory;

import iaik.asn1.structures.Name;
import iaik.logging.TransactionId;
import iaik.pki.store.certstore.AbstractCertStore;
import iaik.pki.store.certstore.CertStore;
import iaik.pki.store.certstore.CertStoreException;
import iaik.pki.store.certstore.CertStoreParameters;
import iaik.pki.store.certstore.SupportedStores;
import iaik.pki.store.certstore.selector.CertSelector;
import iaik.pki.store.certstore.selector.DefaultCertSelector;
import iaik.pki.store.certstore.selector.email.DefaultEmailCertSelector;
import iaik.pki.store.certstore.selector.email.EmailCertSelectorFactory;
import iaik.pki.store.certstore.selector.is.DefaultIssuerSerialCertSelector;
import iaik.pki.store.certstore.selector.is.IssuerSerialCertSelectorFactory;
import iaik.pki.store.certstore.selector.kv.DefaultKeyValueCertSelector;
import iaik.pki.store.certstore.selector.kv.KeyValueCertSelectorFactory;
import iaik.pki.store.certstore.selector.sdn.DefaultSubjectDNCertSelector;
import iaik.pki.store.certstore.selector.ski.DefaultSubjectKeyIdentifierCertSelector;
import iaik.pki.store.certstore.selector.ski.SubjectKeyIdentifierCertSelectorFactory;
import iaik.pki.utils.CertUtil;
import iaik.pki.utils.Constants;
import iaik.x509.X509Certificate;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.Set;
import java.util.Vector;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_pki-2.00-MOA-MOCCA.jar:iaik/pki/store/certstore/directory/C.class */
public class C extends AbstractCertStore implements CertStore {
    protected A E;
    protected boolean A;
    protected DirectoryCertStoreParameters F;
    protected File I;
    protected File C;
    protected boolean D = false;
    protected boolean B = false;
    protected File H;
    protected File G;

    /* JADX INFO: Access modifiers changed from: package-private */
    public C(DirectoryCertStoreParameters directoryCertStoreParameters, TransactionId transactionId) throws DirectoryStoreException {
        if (directoryCertStoreParameters == null) {
            throw new NullPointerException("Directory store parameters mustn't be null");
        }
        if (directoryCertStoreParameters.getRootDirectory() == null) {
            throw new NullPointerException("Root directory mustn't be null");
        }
        if (!directoryCertStoreParameters.getType().equals("directory")) {
            throw new DirectoryStoreException("Parameters not suitable for this type of certstore", null, getClass().getName() + ":1");
        }
        this.F = directoryCertStoreParameters;
        this.A = directoryCertStoreParameters.isReadOnly();
        this.I = new File(directoryCertStoreParameters.getRootDirectory());
        this.C = new File(this.I, SupportedStores.SUBJECT_DN);
        if (this.C.exists()) {
            if (directoryCertStoreParameters.createNew()) {
                log_.debug(transactionId, "Directory \"" + this.C + "\" already exists.", null);
            }
        } else {
            if (!directoryCertStoreParameters.createNew()) {
                throw new DirectoryStoreException("CertStore sub directory (\"" + this.C.toString() + "\") doesn't exist.", null, getClass().getName() + ":2");
            }
            if (this.A) {
                throw new DirectoryStoreException("Can't create a NEW read only directory: " + this.C.toString(), null, getClass().getName() + ":3");
            }
            log_.debug(null, "Creating new directory archive: " + this.C.toString(), null);
            if (!this.C.mkdirs()) {
                throw new DirectoryStoreException("Can't create directory: " + this.C.toString(), null, getClass().getName() + ":4");
            }
        }
        if (!this.I.canRead()) {
            throw new DirectoryStoreException("Can't read from directory: " + this.I.toString(), null, getClass().getName() + ":5");
        }
        if (!this.A && !this.I.canWrite()) {
            throw new DirectoryStoreException("Can't write to directory: " + this.I.toString(), null, getClass().getName() + ":6");
        }
        this.E = new A(this.F.getRootDirectory(), this.F.getVirtualStores(), transactionId);
        if (isReadOnly()) {
            log_.debug(transactionId, "Certstore read only; toBeAdded directory not used", null);
        } else {
            C(transactionId);
        }
        if (this.D) {
            A(transactionId);
        }
        if (this.B) {
            B(transactionId);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String A(X509Certificate x509Certificate) {
        return CertUtil.getFingerPrintSHA(x509Certificate);
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore, iaik.pki.store.certstore.CertStore
    public CertStoreParameters getParameters() {
        return this.F;
    }

    /* JADX WARN: Finally extract failed */
    @Override // iaik.pki.store.certstore.CertStore
    public synchronized X509Certificate[] getCertificates(CertSelector certSelector, TransactionId transactionId) throws CertStoreException {
        log_.debug(transactionId, "Trying to get certificate from directory cert store.", null);
        if (this.D) {
            log_.debug(transactionId, "Checking for new certificates to be added", null);
            A(transactionId);
        }
        if (this.B) {
            log_.debug(transactionId, "Checking for new certificates to be removed", null);
            B(transactionId);
        }
        try {
            if (!(certSelector instanceof DefaultSubjectDNCertSelector)) {
                if (!(certSelector instanceof DefaultCertSelector)) {
                    throw new DirectoryStoreException("Unknown selector type: " + certSelector.toString(), null, getClass().getName() + ":8");
                }
                DirectoryCertSelector directoryCertSelector = (DirectoryCertSelector) A(certSelector, transactionId);
                if (directoryCertSelector == null) {
                    throw new DirectoryStoreException("Cert selector \"" + certSelector.getClass().getName() + "\" not supported by DirectoryCertStore.", null, getClass().getName() + ":7");
                }
                String index = directoryCertSelector.getIndex();
                VirtualCertStore A = this.E.A(directoryCertSelector.getSelectorName());
                Set<X509Certificate> A2 = A == null ? this.E.A(index, transactionId) : A.B(index, transactionId);
                if (A2 == null || A2.isEmpty()) {
                    return new X509Certificate[0];
                }
                return (X509Certificate[]) A2.toArray(new X509Certificate[A2.size()]);
            }
            File file = new File(this.C, DirectoryNameFormatter.getInstance().getDirectoryName(((DefaultSubjectDNCertSelector) certSelector).getSubjectDN()));
            if (file == null || !file.exists()) {
                log_.debug(transactionId, "No matching certificate found", null);
                return new X509Certificate[0];
            }
            Vector vector = new Vector();
            String[] list = file.list();
            if (list != null) {
                for (String str : list) {
                    FileInputStream fileInputStream = null;
                    try {
                        try {
                            fileInputStream = new FileInputStream(file.getPath() + Constants.FILE_SEPARATOR + str);
                            X509Certificate x509Certificate = new X509Certificate(fileInputStream);
                            fileInputStream.close();
                            if (certSelector.matches(x509Certificate, transactionId)) {
                                vector.add(x509Certificate);
                            }
                            if (fileInputStream != null) {
                                try {
                                    fileInputStream.close();
                                } catch (IOException e) {
                                    log_.error(transactionId, "Error while closing file", e);
                                }
                            }
                        } catch (Throwable th) {
                            if (fileInputStream != null) {
                                try {
                                    fileInputStream.close();
                                } catch (IOException e2) {
                                    log_.error(transactionId, "Error while closing file", e2);
                                }
                            }
                            throw th;
                        }
                    } catch (Exception e3) {
                        log_.error(transactionId, "Can't load certifcate file from store", e3);
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (IOException e4) {
                                log_.error(transactionId, "Error while closing file", e4);
                            }
                        }
                    }
                }
            }
            X509Certificate[] x509CertificateArr = new X509Certificate[vector.size()];
            log_.debug(transactionId, "Found " + x509CertificateArr.length + " certificates in the directory cert store", null);
            return (X509Certificate[]) vector.toArray(x509CertificateArr);
        } catch (ClassCastException e5) {
            throw new DirectoryStoreException("Error during converting classes.", e5, getClass().getName() + ":9");
        }
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore, iaik.pki.store.certstore.CertStore
    public synchronized void storeCertificate(X509Certificate x509Certificate, TransactionId transactionId) throws CertStoreException {
        if (x509Certificate == null) {
            throw new NullPointerException("Argument \"cert\" must not be null.");
        }
        if (this.A) {
            throw new CertStoreException("Can't store certificate to read only store", null, getClass().getName() + ":10");
        }
        try {
            String directoryName = DirectoryNameFormatter.getInstance().getDirectoryName((Name) x509Certificate.getSubjectDN());
            File file = new File(this.C, directoryName);
            if (!file.exists() && !file.mkdirs()) {
                throw new CertStoreException("Can't create directory " + file.toString(), null, getClass().getName() + ":12");
            }
            FileOutputStream fileOutputStream = null;
            String A = A(x509Certificate);
            String str = directoryName + A;
            boolean z = false;
            try {
                if (this.E.A(x509Certificate, str, transactionId)) {
                    try {
                        File file2 = new File(file, A);
                        if (log_.isDebugEnabled()) {
                            log_.debug(transactionId, "storing cert \"" + x509Certificate.getSubjectDN() + "\" to: " + file2.getAbsoluteFile(), null);
                        }
                        fileOutputStream = new FileOutputStream(file2);
                        x509Certificate.writeTo(fileOutputStream);
                        z = true;
                        if (fileOutputStream != null) {
                            try {
                                fileOutputStream.flush();
                                fileOutputStream.close();
                            } catch (IOException e) {
                            }
                        }
                    } catch (IOException e2) {
                        log_.warn(transactionId, "Error when writing to file.", e2);
                        if (fileOutputStream != null) {
                            try {
                                fileOutputStream.flush();
                                fileOutputStream.close();
                            } catch (IOException e3) {
                            }
                        }
                    }
                }
                if (z) {
                    return;
                }
                log_.warn(transactionId, "Could not add certificate to directory cert store.", null);
                this.E.B(x509Certificate, str, transactionId);
                if (file.exists() && file.listFiles().length == 0) {
                    file.delete();
                }
                throw new CertStoreException("Could not store certificate.", null, getClass().getName() + ":14");
            } catch (Throwable th) {
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.flush();
                        fileOutputStream.close();
                    } catch (IOException e4) {
                    }
                }
                throw th;
            }
        } catch (DirectoryStoreException e5) {
            throw new CertStoreException("Can't store certificate", e5, getClass().getName() + ":11");
        }
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore, iaik.pki.store.certstore.CertStore
    public String getUniqueID() {
        return this.F.getId();
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore, iaik.pki.store.certstore.CertStore
    public boolean isReadOnly() {
        return this.A;
    }

    public String A() {
        return "directory";
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore
    protected synchronized boolean removeCertificate(X509Certificate x509Certificate, TransactionId transactionId) throws CertStoreException {
        if (x509Certificate == null) {
            throw new NullPointerException("Can't remove null.");
        }
        try {
            String directoryName = DirectoryNameFormatter.getInstance().getDirectoryName((Name) x509Certificate.getSubjectDN());
            String A = A(x509Certificate);
            File file = new File(this.C, directoryName);
            File file2 = new File(file, A);
            String str = directoryName + A;
            if (!file2.exists()) {
                log_.debug(transactionId, "Directory cert store does not contain certificate.", null);
                return true;
            }
            boolean z = false;
            if (this.E.B(x509Certificate, str, transactionId)) {
                if (file2.delete()) {
                    if (file.list().length == 0 && !file.delete()) {
                        log_.info(transactionId, "Can't remove directory.", null);
                    }
                    z = true;
                } else {
                    log_.warn(transactionId, "Cannot delete file " + file2 + "from directory cert store.", null);
                }
            }
            if (z) {
                log_.debug(transactionId, "Successfully removed certificte from directory store.", null);
                return true;
            }
            this.E.A(x509Certificate, str, transactionId);
            return false;
        } catch (DirectoryStoreException e) {
            throw new CertStoreException("Can't remove certificate from directory store", e, getClass().getName() + ":13");
        }
    }

    private CertSelector A(CertSelector certSelector, TransactionId transactionId) throws CertStoreException {
        if (certSelector == null) {
            throw new NullPointerException("CertSelector must not be null.");
        }
        if (certSelector instanceof DirectoryCertSelector) {
            return certSelector;
        }
        if (certSelector instanceof DefaultCertSelector) {
            if (certSelector instanceof DefaultEmailCertSelector) {
                log_.debug(transactionId, "Converting default DefaultEmailCertSelector to directory MailCertSelector.", null);
                return EmailCertSelectorFactory.createCertSelector(((DefaultEmailCertSelector) certSelector).getEmailAddress(), "directory");
            }
            if (certSelector instanceof DefaultIssuerSerialCertSelector) {
                log_.debug(transactionId, "Converting default DefaultIssuerCertSelector to directory IssuerCertSelector.", null);
                DefaultIssuerSerialCertSelector defaultIssuerSerialCertSelector = (DefaultIssuerSerialCertSelector) certSelector;
                return IssuerSerialCertSelectorFactory.createCertSelector(defaultIssuerSerialCertSelector.getNormalizedIssuer(), true, defaultIssuerSerialCertSelector.getSerialNumber(), "directory");
            }
            if (certSelector instanceof DefaultKeyValueCertSelector) {
                log_.debug(transactionId, "Converting default DefaultKeyValueCertSelector to directory KeyValueCertSelector.", null);
                return KeyValueCertSelectorFactory.createCertSelector(((DefaultKeyValueCertSelector) certSelector).getPublicKey(), "directory");
            }
            if (certSelector instanceof DefaultSubjectKeyIdentifierCertSelector) {
                log_.debug(transactionId, "Converting default DefaultKeyValueCertSelector to directory KeyValueCertSelector.", null);
                return SubjectKeyIdentifierCertSelectorFactory.createCertSelector(((DefaultSubjectKeyIdentifierCertSelector) certSelector).getSubjectKeyIdentifier(), "directory");
            }
        }
        log_.debug(transactionId, "Unknown cert selector type.", null);
        return null;
    }

    protected void C(TransactionId transactionId) {
        this.H = new File(this.I, Constants.TO_BE_ADDED_DIRECTORY);
        this.D = this.H.exists();
        log_.debug(transactionId, "Checking for certificates to be added : " + this.D, null);
        this.G = new File(this.I, Constants.TO_BE_REMOVED_DIRECTORY);
        this.B = this.G.exists();
        log_.debug(transactionId, "Checking for certificates to be removed : " + this.B, null);
    }

    protected synchronized void A(TransactionId transactionId) {
        File[] listFiles = this.H.listFiles();
        if (listFiles != null) {
            for (int i = 0; i < listFiles.length; i++) {
                File file = listFiles[i];
                try {
                    FileInputStream fileInputStream = new FileInputStream(file);
                    X509Certificate x509Certificate = new X509Certificate(fileInputStream);
                    fileInputStream.close();
                    storeCertificate(x509Certificate, transactionId);
                    if (!listFiles[i].delete()) {
                        log_.warn(transactionId, "Cannot delete certificate " + file.getAbsolutePath() + ".", null);
                    }
                } catch (Exception e) {
                    log_.warn(transactionId, "Could not add certificate \"" + file.getName() + "\", ignoring. Reason: " + e.getMessage(), null);
                }
            }
        }
    }

    protected synchronized void B(TransactionId transactionId) throws DirectoryStoreException {
        try {
            File[] listFiles = this.G.listFiles();
            if (listFiles != null) {
                for (int i = 0; i < listFiles.length; i++) {
                    FileInputStream fileInputStream = new FileInputStream(listFiles[i]);
                    X509Certificate x509Certificate = new X509Certificate(fileInputStream);
                    if (log_.isDebugEnabled()) {
                        log_.debug(transactionId, "Trying to remove certificate (subjectDN: \"" + ((Name) x509Certificate.getSubjectDN()).getName() + "\", serial number: \"" + x509Certificate.getSerialNumber() + "\") from directory cert store.", null);
                    }
                    fileInputStream.close();
                    if (!removeCertificate(x509Certificate, transactionId)) {
                        throw new DirectoryStoreException("Could not delete certificate from directory cert store.", null, getClass().getName() + ":15");
                    }
                    if (!listFiles[i].delete()) {
                        log_.warn(transactionId, "Could not delete certificate " + listFiles[i].getAbsolutePath(), null);
                    }
                }
            }
        } catch (Exception e) {
            throw new DirectoryStoreException("Could not delete all certificates from directory cert store.", e, getClass().getName() + ":16");
        }
    }
}
