package iaik.pki;

import iaik.logging.Log;
import iaik.logging.LogFactory;
import iaik.logging.TransactionId;
import iaik.pki.pathconstruction.PathConstructionFactory;
import iaik.pki.pathvalidation.ValidationConfiguration;
import iaik.pki.pathvalidation.ValidationFactory;
import iaik.pki.revocation.CertificateStatusCheckerFactory;
import iaik.pki.revocation.RevocationConfiguration;
import iaik.pki.revocation.dbcrl.config.DBCrlConfig;
import iaik.pki.revocation.dbcrl.config.DBCrlConfigEntry;
import iaik.pki.store.certinfo.CertInfoStore;
import iaik.pki.store.certinfo.CertInfoStoreFactory;
import iaik.pki.store.certstore.CertStore;
import iaik.pki.store.certstore.CertStoreConfiguration;
import iaik.pki.store.certstore.CertStoreFactory;
import iaik.pki.store.certstore.CertStoreParameters;
import iaik.pki.store.revocation.RevocationFactory;
import iaik.pki.store.revocation.archive.Archive;
import iaik.pki.store.revocation.archive.ArchiveConfiguration;
import iaik.pki.store.revocation.archive.ArchiveFactory;
import iaik.pki.utils.Constants;
import java.util.Map;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_pki-2.00-MOA-MOCCA.jar:iaik/pki/PKIFactory.class */
public class PKIFactory {
    protected CertInfoStore certInfoStore_;
    protected ValidationFactory validationFactory_;
    protected PathConstructionFactory pathConstructionFactory_;
    protected boolean configured_ = false;
    protected static Log log_ = LogFactory.getLog(Constants.MODULE_NAME);
    protected static int connectTimeout_ = 60000;
    protected static int readTimeout_ = 60000;
    protected static PKIFactory instance_ = null;

    protected PKIFactory() {
    }

    public synchronized PKIModule getPKIModule(PKIProfile pKIProfile) throws PKIException {
        if (pKIProfile == null) {
            throw new NullPointerException("PKI profile must not be null.");
        }
        if (!this.configured_) {
            throw new PKIException("PKI module not yet configured.", null, getClass().getName() + ":1");
        }
        C c = new C(pKIProfile);
        c.setDefaultCertInfoStore(this.certInfoStore_);
        c.setPathConstructor(PathConstructionFactory.getInstance().getCertPathConstructor());
        c.setValidationFactory(this.validationFactory_);
        return c;
    }

    public CertificateFinder getCertificateFinder() throws PKIException {
        if (this.configured_) {
            return new CertificateFinder(this.certInfoStore_);
        }
        throw new PKIException("PKI factory not yet configured.", null, getClass().getName() + ":4");
    }

    public static PKIFactory getInstance() {
        if (instance_ == null) {
            synchronized (PKIFactory.class) {
                if (instance_ == null) {
                    instance_ = new PKIFactory();
                }
            }
        }
        return instance_;
    }

    public synchronized void configure(PKIConfiguration pKIConfiguration, TransactionId transactionId) throws PKIException {
        log_.debug(transactionId, "Configuring pki module.", null);
        if (pKIConfiguration == null) {
            log_.error(transactionId, "Configuration must not be null.", null);
            throw new NullPointerException("Config must not be null.");
        }
        CertStoreConfiguration certStoreConfiguration = pKIConfiguration.getCertStoreConfiguration();
        if (certStoreConfiguration == null) {
            log_.error(transactionId, "Certstore configuration must not be null.", null);
            throw new NullPointerException("Certstore configuration must not be null.");
        }
        CertStoreParameters[] parameters = certStoreConfiguration.getParameters();
        if (parameters == null) {
            log_.error(transactionId, "Certstore parameters must not be null.", null);
            throw new NullPointerException("Certstore parameters must not be null.");
        }
        log_.debug(transactionId, "Setting up the certstore(s).", null);
        if (parameters.length == 0) {
            log_.warn(transactionId, "No certstores specified.", null);
        }
        CertStore[] certStoreArr = new CertStore[parameters.length];
        for (int i = 0; i < certStoreArr.length; i++) {
            certStoreArr[i] = CertStoreFactory.getInstance(parameters[i], transactionId);
        }
        log_.debug(transactionId, "Setting up the cert info store(s).", null);
        this.certInfoStore_ = CertInfoStoreFactory.getInstance(certStoreArr);
        log_.debug(transactionId, "Setting up the archive.", null);
        ArchiveConfiguration archiveConfiguration = pKIConfiguration.getArchiveConfiguration();
        Archive archive = null;
        if (archiveConfiguration != null) {
            ArchiveFactory.getInstance().configure(archiveConfiguration, transactionId);
            archive = ArchiveFactory.getInstance().getArchive();
        }
        log_.debug(transactionId, "Setting up the revocation source store.", null);
        RevocationConfiguration revocationConfiguration = pKIConfiguration.getRevocationConfiguration();
        if (revocationConfiguration == null) {
            log_.error(transactionId, "Revocation configuration must not be null.", null);
            throw new NullPointerException("Revocation configuration must not be null.");
        }
        connectTimeout_ = pKIConfiguration.getConnectTimeout();
        if (connectTimeout_ < 0) {
            throw new PKIException("Connect timeout specified within PKI configuration must not be negative.", null, getClass().getName() + ":2");
        }
        readTimeout_ = pKIConfiguration.getReadTimeout();
        if (readTimeout_ < 0) {
            throw new PKIException("Read timeout specified within PKI configuration must not be negative.", null, getClass().getName() + ":9");
        }
        RevocationFactory.getInstance(transactionId, A(revocationConfiguration.getDataBaseCRLConfig())).configure(revocationConfiguration, archive, connectTimeout_, readTimeout_, transactionId);
        log_.debug(transactionId, "Setting up certificate status checking module.", null);
        CertificateStatusCheckerFactory.getInstance().configure(revocationConfiguration, RevocationFactory.getInstance(transactionId).getRevocationSourceStore());
        log_.debug(transactionId, "Setting up certificate path validation module.", null);
        ValidationConfiguration validationConfiguration = pKIConfiguration.getValidationConfiguration();
        if (validationConfiguration == null) {
            log_.error(transactionId, "Validation configuration must not be null.", null);
            throw new NullPointerException("Validation configuration must not be null.");
        }
        this.validationFactory_ = ValidationFactory.getInstance();
        this.validationFactory_.configure(validationConfiguration, CertificateStatusCheckerFactory.getInstance(), transactionId);
        this.pathConstructionFactory_ = PathConstructionFactory.getInstance();
        this.pathConstructionFactory_.configure(validationConfiguration, connectTimeout_, readTimeout_, transactionId);
        log_.info(transactionId, "PKI module successfully configured.", null);
        this.configured_ = true;
    }

    public synchronized CertInfoStore getCertInfoStore() throws PKIException {
        if (this.certInfoStore_ == null) {
            throw new PKIException("PKI Module not yet configured.", null, getClass().getName() + ":3");
        }
        return this.certInfoStore_;
    }

    public boolean isAlreadyConfigured() {
        return this.configured_;
    }

    private boolean A(DBCrlConfig dBCrlConfig) throws PKIException {
        if (dBCrlConfig == null) {
            return true;
        }
        String dBUrl = dBCrlConfig.getDBUrl();
        if (dBUrl == null) {
            throw new PKIException("No database url specified in database crl config.", null, getClass().getName() + ":4");
        }
        if (dBUrl.length() == 0) {
            throw new PKIException("Database url specified in database crl config is empty.", null, getClass().getName() + ":5");
        }
        String crlRootDirectory = dBCrlConfig.getCrlRootDirectory();
        if (crlRootDirectory == null) {
            throw new PKIException("No crl directory specified in database crl config.", null, getClass().getName() + ":6");
        }
        if (crlRootDirectory.length() == 0) {
            throw new PKIException("crl directory specified pecified in database crl config is an empty string.", null, getClass().getName() + ":7");
        }
        Map<String, DBCrlConfigEntry> allEntries = dBCrlConfig.getAllEntries();
        if (allEntries == null || allEntries.isEmpty()) {
            throw new PKIException("No database crls configured in database crl config.", null, getClass().getName() + ":8");
        }
        return true;
    }
}
