package iaik.pki.revocation.dbcrl.crl;

import iaik.asn1.structures.AlgorithmID;
import iaik.asn1.structures.Name;
import iaik.logging.Log;
import iaik.logging.LogFactory;
import iaik.logging.TransactionId;
import iaik.pki.store.certstore.CertStoreException;
import iaik.pki.store.certstore.database.DBStoreException;
import iaik.pki.store.certstore.utils.IssuerSerialIndexer;
import iaik.pki.store.revocation.dbcrl.RevCertDBStore;
import iaik.pki.store.revocation.dbcrl.util.RevCertCRLDBEntry;
import iaik.pki.store.revocation.dbcrl.util.RevCertCRLIndexer;
import iaik.pki.store.revocation.dbcrl.util.RevokedCertificateDBEntry;
import iaik.pki.utils.NameUtils;
import iaik.pki.utils.UtilsException;
import iaik.utils.Util;
import iaik.x509.RevokedCertificate;
import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionException;
import iaik.x509.X509ExtensionInitException;
import iaik.x509.X509Extensions;
import iaik.x509.extensions.CRLNumber;
import iaik.x509.extensions.IssuingDistributionPoint;
import iaik.x509.extensions.ReasonCode;
import iaik.x509.stream.RevokedCertificatesCRLListener;
import java.io.File;
import java.security.MessageDigest;
import java.security.cert.CRLException;
import java.sql.Timestamp;
import java.util.Date;
import java.util.HashSet;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_pki-2.00-MOA-MOCCA.jar:iaik/pki/revocation/dbcrl/crl/DBEntrysCRLListener.class */
public class DBEntrysCRLListener extends RevokedCertificatesCRLListener {
    private RevCertDBStore Q;
    private TransactionId I;
    private HashSet<RevokedCertificateDBEntry> O;
    private String R;
    private String N;
    private int P;
    private int J;
    private String D;
    private File A;
    private String F;
    private String G;
    private int L;
    private Date M;
    private Date K;
    private String E;
    private X509Certificate T;
    private final IssuerSerialIndexer H;
    private final RevCertCRLIndexer C;
    public static final int WRITE_TO_DB_THRESHOLD = 2000;
    private static final String B = "";
    protected final Log log_;
    private static final String S = "SHA-1";
    public static final boolean BUFFER_ALL_ENTRIES = false;

    public DBEntrysCRLListener(X509Certificate x509Certificate, RevCertDBStore revCertDBStore, String str, File file, String str2, TransactionId transactionId) {
        super(new X509Certificate[0], x509Certificate.getPublicKey());
        this.R = null;
        this.log_ = LogFactory.getLog(getClass());
        this.Q = revCertDBStore;
        this.I = transactionId;
        this.O = new HashSet<>(2000);
        this.N = str;
        this.E = str2;
        this.H = IssuerSerialIndexer.getInstance();
        this.C = RevCertCRLIndexer.getInstance();
        this.A = file;
        this.T = x509Certificate;
    }

    @Override // iaik.x509.stream.RevokedCertificatesCRLListener, iaik.x509.stream.CRLListener
    public void header(int i, Name name, Date date, Date date2) {
        super.header(i, name, date, date2);
        try {
            this.L = i + 1;
            this.M = date;
            this.K = date2;
            this.G = name.getName();
            this.F = date.getTime() + "-" + date2.getTime() + ".clr";
            Timestamp timestamp = new Timestamp(this.M.getTime());
            this.D = this.C.getCRLIndex(name, timestamp, this.N);
            this.Q.storeCRLEntry(new RevCertCRLDBEntry(this.N, this.L, name.getName(), timestamp, new Timestamp(this.K.getTime()), this.D), this.I);
        } catch (DBStoreException e) {
        } catch (UtilsException e2) {
            this.log_.error(this.I, "Error calclculating the primary key hash for the CRL table.", e2);
        }
    }

    @Override // iaik.x509.stream.RevokedCertificatesCRLListener, iaik.x509.stream.CRLListener
    public void revokedCertificate(RevokedCertificate revokedCertificate) throws CRLException, X509ExtensionException {
        X500Principal certificateIssuer = revokedCertificate.getCertificateIssuer();
        String str = null;
        if (certificateIssuer != null) {
            str = certificateIssuer.getName();
        }
        try {
            if (this.R == null && str == null) {
                this.R = getIssuer().getName();
            } else if (str != null && !str.equals(this.R)) {
                this.R = str;
            }
            this.O.add(new RevokedCertificateDBEntry(this.H.getIssuerSerialIndex(this.R, false, revokedCertificate.getSerialNumber()), A(revokedCertificate), new Timestamp(revokedCertificate.getRevocationDate().getTime()), revokedCertificate.hasUnsupportedCriticalExtension(), this.P, this.J, this.D));
            if (this.O.size() == 2000) {
                A();
            }
        } catch (DBStoreException e) {
            this.log_.error(this.I, "Error while writing a CRL entry into the database.", e);
            throw new CRLException("error while writing a CRL entry into the database: " + e);
        } catch (CertStoreException e2) {
            this.log_.error(this.I, "Error could not calculate a serial/issuer hash for a CRL entry, while writing to a CRL entry to DB.", e2);
            throw new CRLException("Could generate a issuer serial number hash", e2);
        } catch (UtilsException e3) {
            this.log_.error(this.I, "Error normalizing the issuer name while writing a CRL entry to DB.", e3);
            throw new CRLException("Could normalize issuer name", e3);
        }
    }

    @Override // iaik.x509.stream.RevokedCertificatesCRLListener, iaik.x509.stream.CRLListener
    public void signature(AlgorithmID algorithmID, byte[] bArr, boolean z) throws CRLException {
        super.signature(algorithmID, bArr, z);
        Timestamp timestamp = new Timestamp(new Date().getTime());
        X509Extensions extensions = getExtensions();
        try {
            int intValue = ((CRLNumber) extensions.getExtension(CRLNumber.oid)).getCRLNumber().intValue();
            this.F = intValue + "-" + this.F;
            this.F = new StringBuilder().append(B()).append(this.F).toString();
            this.Q.updateCRLEntry(new RevCertCRLDBEntry(timestamp, getSignatureValue(), this.F, this.D, isVerified(), getSignature().toString(), extensions.hasUnsupportedCriticalExtension(), intValue, (IssuingDistributionPoint) extensions.getExtension(IssuingDistributionPoint.oid), this.T, this.L, new Timestamp(this.M.getTime()), new Timestamp(this.K.getTime())), this.I);
        } catch (DBStoreException e) {
            this.log_.fatal(this.I, "Error could not update a CRL entry.", e);
        } catch (UtilsException e2) {
            this.log_.fatal(this.I, "Error could not calcualte the folder prefix add the correct filepath of a CRL entry in the DB.", e2);
        } catch (X509ExtensionInitException e3) {
            this.log_.fatal(this.I, "Error could not get the CRL number for a CRL .", e3);
        }
        try {
            A();
            A(this.G);
        } catch (DBStoreException e4) {
            this.log_.fatal(this.I, "Error could not flush CRL entries to DB. Now CRL and DB do NOT have the same entries.", e4);
        } catch (UtilsException e5) {
            this.log_.error(this.I, "Error could not properly rename the tmp CRL file.", e5);
        }
    }

    private String B() throws UtilsException {
        return this.E + C() + System.getProperty("file.separator");
    }

    private String C() throws UtilsException {
        try {
            return Util.toString(MessageDigest.getInstance(S).digest(NameUtils.getNormalizedName(this.G).getBytes()), "");
        } catch (Exception e) {
            this.log_.error(this.I, "Error could not compute the CRL files parrent directory from the issuerDN.", e);
            throw new UtilsException("Error computing directory name from issuerDN:" + this.G + ".", e, getClass().getName() + ":1");
        }
    }

    private int A(RevokedCertificate revokedCertificate) throws X509ExtensionInitException {
        ReasonCode reasonCode = (ReasonCode) revokedCertificate.getExtension(ReasonCode.oid);
        if (reasonCode != null) {
            return reasonCode.getReasonCode();
        }
        return 0;
    }

    private void A() throws DBStoreException {
        this.Q.storeRevokedCertificateEntryBatch(this.O, this.I);
        this.O = new HashSet<>(2000);
    }

    private void A(String str) throws DBStoreException, UtilsException {
        new File(B()).mkdir();
        this.A.renameTo(new File(this.F));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setFileOffsetAndSize(int i, int i2) {
        this.P = i - 1;
        this.J = i2;
    }
}
