package iaik.pki.store.certstore.utils;

import iaik.asn1.ObjectID;
import iaik.asn1.structures.Name;
import iaik.logging.Log;
import iaik.logging.LogFactory;
import iaik.logging.TransactionId;
import iaik.logging.impl.TransactionIdImpl;
import iaik.pki.store.certstore.CertStore;
import iaik.pki.store.certstore.CertStoreException;
import iaik.pki.store.certstore.CertStoreFactory;
import iaik.pki.store.certstore.SupportedStores;
import iaik.pki.store.certstore.directory.DefaultDirectoryCertStoreParameters;
import iaik.pki.store.certstore.directory.DirectoryStoreException;
import iaik.pki.utils.Constants;
import iaik.utils.PasswordGenerator;
import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionInitException;
import iaik.x509.extensions.BasicConstraints;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_pki-2.00-MOA-MOCCA.jar:iaik/pki/store/certstore/utils/DirectoryCertStoreConverter.class */
public class DirectoryCertStoreConverter {
    protected static final String R_DELIM = "======================================================";
    protected static final String R_DELIM1 = "------------------------------------------------------";
    protected static final Integer READ_PERMISSION_ERROR = new Integer(0);
    protected static final Integer CERTIFICATE_CREATION_ERROR = new Integer(1);
    protected static final Integer FILE_NOT_FOUND_ERROR = new Integer(2);
    protected static final Integer FILE_READ_ERROR = new Integer(3);
    protected static final Integer CERT_STORE_ERROR = new Integer(4);
    protected static final Integer NO_DIRECTORY_ERROR = new Integer(5);
    protected static final Integer DIRECTORY_NOT_EXIST_ERROR = new Integer(6);
    protected static final Integer DIRECTORY_ERROR = new Integer(7);
    protected static Map<Integer, String> errorHeaderMap_ = new HashMap();

    public void convert(String str, String str2, boolean z, boolean z2, Log log, TransactionId transactionId) throws DirectoryStoreException {
        File file = new File(str);
        checkSourceDirectory(file, str);
        File file2 = new File(str2);
        checkTargetDirectory(file2, str2);
        File[] listFiles = file.listFiles();
        if (listFiles.length == 0) {
            throw new DirectoryStoreException("Could not convert directory cert store. Input directory \"" + str + "\" is empty.", null, getClass().getName() + ":7");
        }
        if (log == null) {
            log = LogFactory.getLog("DirectoryStoreConverter");
        }
        if (transactionId == null) {
            transactionId = new TransactionIdImpl("DirectoryStoreConverter");
        }
        HashMap hashMap = new HashMap();
        try {
            CertStore certStoreFactory = CertStoreFactory.getInstance(new DefaultDirectoryCertStoreParameters(getStoreId(), str2, true, false), transactionId);
            int i = 0;
            int i2 = 0;
            int i3 = 0;
            int i4 = 0;
            int i5 = 0;
            int i6 = 0;
            for (File file3 : listFiles) {
                String name = file3.getName();
                if (!file3.exists()) {
                    log.debug(transactionId, "Directory \"" + name + "\", does not exist.", null);
                    A(DIRECTORY_NOT_EXIST_ERROR, name, hashMap);
                } else if (!file3.isDirectory()) {
                    log.debug(transactionId, "Ignoring \"" + name + "\", because it is not a directory.", null);
                    A(NO_DIRECTORY_ERROR, name, hashMap);
                } else if (!SupportedStores.ALL.contains(name) && !name.equals(Constants.TO_BE_REMOVED_DIRECTORY)) {
                    if (file3.canRead()) {
                        for (File file4 : file3.listFiles()) {
                            if (file4.isDirectory()) {
                                A(DIRECTORY_ERROR, file4.getParentFile().getName() + "/" + file4.getName(), hashMap);
                            } else {
                                FileInputStream fileInputStream = null;
                                boolean z3 = false;
                                try {
                                    try {
                                        try {
                                            fileInputStream = new FileInputStream(file4);
                                            X509Certificate x509Certificate = new X509Certificate(fileInputStream);
                                            boolean z4 = !z;
                                            if (z) {
                                                try {
                                                    if (isCACertificate(x509Certificate)) {
                                                        z4 = true;
                                                    } else {
                                                        log.debug(transactionId, "Ignoring certificate (SubjectDN: \"" + ((Name) x509Certificate.getSubjectDN()).getName() + "\", IssuerDN: " + ((Name) x509Certificate.getIssuerDN()).getName() + "\", SerialNumber: " + x509Certificate.getSerialNumber() + "), because no CA certificate.", null);
                                                        z3 = true;
                                                        i2++;
                                                    }
                                                } catch (X509ExtensionInitException e) {
                                                    z4 = true;
                                                    log.warn(transactionId, "Could not check if certificate is a CA certificate. Converting it, anyway.", null);
                                                }
                                            }
                                            if (z4) {
                                                log.debug(transactionId, "Converting certificate (SubjectDN: \"" + ((Name) x509Certificate.getSubjectDN()).getName() + "\", IssuerDN: \"" + ((Name) x509Certificate.getIssuerDN()).getName() + "\" SerialNumber: " + x509Certificate.getSerialNumber() + ").", null);
                                                certStoreFactory.storeCertificate(x509Certificate, transactionId);
                                                z3 = true;
                                                i++;
                                            }
                                            if (fileInputStream != null) {
                                                try {
                                                    fileInputStream.close();
                                                } catch (IOException e2) {
                                                }
                                            }
                                        } catch (Throwable th) {
                                            if (fileInputStream != null) {
                                                try {
                                                    fileInputStream.close();
                                                } catch (IOException e3) {
                                                }
                                            }
                                            throw th;
                                        }
                                    } catch (CertStoreException e4) {
                                        String str3 = file4.getParentFile().getName() + "/" + file4.getName();
                                        log.debug(transactionId, "Could not store certificate from file \"" + str3 + "\": " + e4.getMessage() + ".", null);
                                        A(CERT_STORE_ERROR, str3, hashMap);
                                        if (fileInputStream != null) {
                                            try {
                                                fileInputStream.close();
                                            } catch (IOException e5) {
                                            }
                                        }
                                    } catch (CertificateException e6) {
                                        String str4 = file4.getParentFile().getName() + "/" + file4.getName();
                                        log.debug(transactionId, "Error creating certificate from file \"" + str4 + "\": " + e6.getMessage() + ".", null);
                                        A(CERTIFICATE_CREATION_ERROR, str4, hashMap);
                                        if (fileInputStream != null) {
                                            try {
                                                fileInputStream.close();
                                            } catch (IOException e7) {
                                            }
                                        }
                                    }
                                } catch (FileNotFoundException e8) {
                                    String str5 = file4.getParentFile().getName() + "/" + file4.getName();
                                    log.debug(transactionId, "Could not find certificate file \"" + str5 + "\".", null);
                                    A(FILE_NOT_FOUND_ERROR, str5, hashMap);
                                    if (fileInputStream != null) {
                                        try {
                                            fileInputStream.close();
                                        } catch (IOException e9) {
                                        }
                                    }
                                } catch (IOException e10) {
                                    String str6 = file4.getParentFile().getName() + "/" + file4.getName();
                                    log.debug(transactionId, "Error reading certificate file \"" + str6 + "\".", null);
                                    A(FILE_READ_ERROR, str6, hashMap);
                                    if (fileInputStream != null) {
                                        try {
                                            fileInputStream.close();
                                        } catch (IOException e11) {
                                        }
                                    }
                                }
                                if (z2 && z3) {
                                    if (file4.delete()) {
                                        i3++;
                                    } else {
                                        log.warn(transactionId, "Could not delete file \"" + file4.getName() + "\".", null);
                                        i6++;
                                    }
                                }
                            }
                        }
                    } else {
                        log.warn(transactionId, "Ignoring directory \"" + name + "\" No read permission.", null);
                        A(READ_PERMISSION_ERROR, name, hashMap);
                    }
                }
                if (z2 && file3.exists() && file3.isDirectory() && file3.listFiles().length == 0) {
                    if (file3.delete()) {
                        i4++;
                    } else {
                        log.warn(transactionId, "Could not delete directory \"" + file3.getName() + "\".", null);
                        i5++;
                    }
                }
            }
            printReport(i, i2, i3, i6, i4, i5, removeFromToBeRemovedDir(certStoreFactory, file, file2, log, transactionId), hashMap, log, transactionId);
        } catch (CertStoreException e12) {
            throw new DirectoryStoreException("Could not create directory cert store.", e12, getClass().getName() + ":8");
        }
    }

    protected boolean isCACertificate(X509Certificate x509Certificate) throws X509ExtensionInitException {
        boolean z = false;
        BasicConstraints basicConstraints = (BasicConstraints) x509Certificate.getExtension(ObjectID.getObjectID(BasicConstraints.oid.getID()));
        if (basicConstraints != null && basicConstraints.ca()) {
            z = true;
        }
        return z;
    }

    protected int removeFromToBeRemovedDir(CertStore certStore, File file, File file2, Log log, TransactionId transactionId) {
        int i = 0;
        File file3 = new File(file, Constants.TO_BE_REMOVED_DIRECTORY);
        if (file3.exists() && file3.isDirectory()) {
            if (file3.canRead()) {
                File[] listFiles = file3.listFiles();
                int i2 = 0;
                if (listFiles.length > 0) {
                    ArrayList arrayList = new ArrayList();
                    for (File file4 : listFiles) {
                        if (!file4.isDirectory()) {
                            FileInputStream fileInputStream = null;
                            try {
                                try {
                                    fileInputStream = new FileInputStream(file4);
                                    arrayList.add(new X509Certificate(fileInputStream));
                                    i2++;
                                    if (fileInputStream != null) {
                                        try {
                                            fileInputStream.close();
                                        } catch (IOException e) {
                                        }
                                    }
                                } catch (Throwable th) {
                                    if (fileInputStream != null) {
                                        try {
                                            fileInputStream.close();
                                        } catch (IOException e2) {
                                        }
                                    }
                                    throw th;
                                }
                            } catch (FileNotFoundException e3) {
                                log.warn(transactionId, "Could not remove \"" + file4.getName() + "\" from certstore. Could not find file.", null);
                                if (fileInputStream != null) {
                                    try {
                                        fileInputStream.close();
                                    } catch (IOException e4) {
                                    }
                                }
                            } catch (IOException e5) {
                                log.warn(transactionId, "Could not remove \"" + file4.getName() + "\" from certstore. Error reading file.", null);
                                if (fileInputStream != null) {
                                    try {
                                        fileInputStream.close();
                                    } catch (IOException e6) {
                                    }
                                }
                            } catch (CertificateException e7) {
                                log.warn(transactionId, "Could not remove \"" + file4.getName() + "\" from certstore. File may contain no certificate.", null);
                                if (fileInputStream != null) {
                                    try {
                                        fileInputStream.close();
                                    } catch (IOException e8) {
                                    }
                                }
                            }
                        }
                    }
                    if (arrayList.size() > 0) {
                        i = certStore.removeCertificate((X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]), transactionId).length;
                        if (i == 0 && file.getAbsolutePath().equalsIgnoreCase(file2.getAbsolutePath())) {
                            for (File file5 : listFiles) {
                                file5.delete();
                            }
                        }
                    }
                }
            } else {
                log.warn(transactionId, "Could remove certificates from directory \"" + file3.getAbsolutePath() + "\" from cert store. No read permission.", null);
            }
        }
        return i;
    }

    protected String getStoreId() {
        return "DCS-Converter-" + new String(new PasswordGenerator().generate(5, 4)) + "-" + System.currentTimeMillis();
    }

    protected void checkSourceDirectory(File file, String str) throws DirectoryStoreException {
        if (!file.exists()) {
            throw new DirectoryStoreException("Could not convert directory cert store. Input directory \"" + str + "\" does not exist.", null, getClass().getName() + ":1");
        }
        if (!file.isDirectory()) {
            throw new DirectoryStoreException("Could not convert directory cert store. Input directory \"" + str + "\" is not a directory.", null, getClass().getName() + ":2");
        }
        if (!file.canRead()) {
            throw new DirectoryStoreException("Could not convert directory cert store. No permission to read input directory \"" + str + "\".", null, getClass().getName() + ":3");
        }
    }

    protected void checkTargetDirectory(File file, String str) throws DirectoryStoreException {
        if (!file.exists() && !file.mkdirs()) {
            throw new DirectoryStoreException("Could not convert directory cert store. Target directory \"" + str + "\" does not exist and could not be created, too.", null, getClass().getName() + ":4");
        }
        if (!file.isDirectory()) {
            throw new DirectoryStoreException("Could not convert directory cert store. Taget directory \"" + str + "\" is not a directory.", null, getClass().getName() + ":5");
        }
        if (!file.canWrite()) {
            throw new DirectoryStoreException("Could not convert directory cert store. No permission to write to target directory \"" + str + "\".", null, getClass().getName() + ":6");
        }
    }

    private void A(Integer num, String str, Map<Integer, Set<String>> map) {
        Set<String> set = map.get(num);
        if (set == null) {
            set = new HashSet();
            map.put(num, set);
        }
        set.add(str);
    }

    protected void printReport(int i, int i2, int i3, int i4, int i5, int i6, int i7, Map<Integer, Set<String>> map, Log log, TransactionId transactionId) {
        log.info(transactionId, R_DELIM, null);
        log.info(transactionId, "Ready converting directory certstore.", null);
        log.info(transactionId, "Number of certificates converted: " + i, null);
        if (i3 > 0) {
            log.info(transactionId, "Number of certificates deleted: " + i3, null);
            if (i4 > 0) {
                log.info(transactionId, "Number of certificates that could not be deleted: " + i4, null);
            }
            log.info(transactionId, "Number of (certificate) directories deleted: " + i5, null);
            if (i6 > 0) {
                log.info(transactionId, "Number of (certificate) directories that could not be deleted: " + i6, null);
            }
        }
        if (i2 > 0) {
            log.info(transactionId, "Number of certificates ignored, because they are no CA certificates: " + i2, null);
        }
        if (map.isEmpty() && i7 == 0) {
            log.info(transactionId, "No erros during conversion.", null);
            log.info(transactionId, R_DELIM, null);
            return;
        }
        log.info(transactionId, R_DELIM, null);
        log.info(transactionId, "Erros occured during conversion:", null);
        if (i7 > 0) {
            log.info(transactionId, i7 + " certificates from the \"" + Constants.TO_BE_REMOVED_DIRECTORY + "\" could not be removed from the converted certstore.", null);
        }
        if (map.isEmpty()) {
            return;
        }
        for (Integer num : errorHeaderMap_.keySet()) {
            if (map.containsKey(num)) {
                log.info(transactionId, R_DELIM1, null);
                log.debug(transactionId, errorHeaderMap_.get(num), null);
                Iterator<String> it = map.get(num).iterator();
                while (it.hasNext()) {
                    log.info(transactionId, it.next(), null);
                }
            }
        }
        log.info(transactionId, R_DELIM, null);
    }

    static {
        errorHeaderMap_.put(READ_PERMISSION_ERROR, "Read permission errors for the following directories:");
        errorHeaderMap_.put(CERTIFICATE_CREATION_ERROR, "Certificate creation errors for the following files (no certificates?):");
        errorHeaderMap_.put(FILE_NOT_FOUND_ERROR, "File Not Found errors for the following files:");
        errorHeaderMap_.put(FILE_READ_ERROR, "File read errors:");
        errorHeaderMap_.put(CERT_STORE_ERROR, "CertStore failures during storing the certificates read from the follwing files:");
        errorHeaderMap_.put(NO_DIRECTORY_ERROR, "The follwong files are no (certificate) directories:");
        errorHeaderMap_.put(DIRECTORY_NOT_EXIST_ERROR, "The follwong directories do not exist:");
        errorHeaderMap_.put(DIRECTORY_ERROR, "The follwong directories are ignored in certificate directory:");
    }
}
