package iaik.pki.store.revocation;

import iaik.asn1.structures.Name;
import iaik.logging.TransactionId;
import iaik.pki.revocation.CRLDistributionPointInfo;
import iaik.pki.revocation.RevocationSourceTypes;
import iaik.pki.revocation.dbcrl.config.DBCrlConfig;
import iaik.pki.store.revocation.archive.Archive;
import iaik.pki.store.revocation.archive.ArchiveException;
import iaik.pki.utils.Constants;
import iaik.x509.X509Certificate;
import java.io.InputStream;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_pki-2.00-MOA-MOCCA.jar:iaik/pki/store/revocation/L.class */
public class L extends C {
    protected Archive M;
    protected Map<String, RevocationInfoRetriever> N = Collections.synchronizedMap(new Hashtable());

    @Override // iaik.pki.store.revocation.RevocationSourceStore
    public synchronized void setArchive(Archive archive) {
        this.M = archive;
    }

    @Override // iaik.pki.store.revocation.RevocationSourceStore
    public synchronized void setRetriever(RevocationInfoRetriever revocationInfoRetriever, String str) throws RevocationStoreException {
        if (revocationInfoRetriever == null) {
            throw new NullPointerException("Retriever mustn't be null");
        }
        if (!RevocationSourceTypes.ALL.contains(str)) {
            throw new RevocationStoreException("Invalid revocation source type (" + str + "). Must be one of \"crl\" or \"" + RevocationSourceTypes.OCSP + "\".", null, getClass().getName() + ":1");
        }
        this.N.put(str, revocationInfoRetriever);
    }

    @Override // iaik.pki.store.revocation.RevocationSourceStore
    public RevocationInfoRetriever getRetriever(String str) throws RevocationStoreException {
        if (RevocationSourceTypes.ALL.contains(str)) {
            return this.N.get(str);
        }
        throw new RevocationStoreException("Invalid revocation source type (" + str + "). Must be one of \"crl\" or \"" + RevocationSourceTypes.OCSP + "\".", null, getClass().getName() + ":2");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void A(String str, String str2, RevocationSource revocationSource, Collection<Object> collection, TransactionId transactionId) throws ArchiveException {
        if (str2 == null) {
            A.info(transactionId, "Cannot archive revocation source. URI is null.", null);
            return;
        }
        if (str2.equals(Constants.DUMMY_URI)) {
            return;
        }
        if (!this.E.archiveRevocationInfo(str, str2)) {
            A.debug(transactionId, "Archiving disabled.", null);
            return;
        }
        if (this.M == null) {
            A.info(transactionId, "No " + str + " archive available.", null);
            return;
        }
        A.info(transactionId, "Archiving revocation information", null);
        if (!"crl".equals(str)) {
            A.warn(transactionId, "Archiving of " + str + " not supported", null);
            return;
        }
        try {
            this.M.add(str, str2, revocationSource.toByteArray(), revocationSource.getTime(), collection, transactionId);
        } catch (ArchiveException e) {
            A.error(transactionId, "Error on adding CRL revocation source to archive", e);
        } catch (RevocationStoreException e2) {
            A.error(transactionId, "Error on adding CRL revocation source to archive", e2);
        }
    }

    @Override // iaik.pki.store.revocation.RevocationSourceStore
    public RevocationSource getRevocationSource(String str, String str2, Date date, long j, X509Certificate x509Certificate, RevocationSource revocationSource, boolean z, Collection<Object> collection, TransactionId transactionId) throws RevocationStoreException {
        List<String> uRLs;
        if (this.E == null) {
            throw new RevocationStoreException("Revocation source store not yet configured", null, getClass().getName() + ":6");
        }
        if (!RevocationSourceTypes.ALL.contains(str2)) {
            throw new RevocationStoreException("Unknown revocation source type " + str2, null, getClass().getName() + ":7");
        }
        Date A = A();
        Date notAfter = x509Certificate.getNotAfter();
        if (A(date, A) > 0) {
            A.warn(transactionId, "Trying to download revocation information from the future (please synchronize system times)", null);
        }
        DBCrlConfig dataBaseCRLConfig = this.E.getDataBaseCRLConfig();
        if (dataBaseCRLConfig != null && dataBaseCRLConfig.getAllEntries().keySet().contains(str)) {
            return !collection.isEmpty() ? A(dataBaseCRLConfig.getDBUrl(), str, ((CRLDistributionPointInfo) collection.toArray()[0]).getIssuerDN(), date, A, notAfter, j, x509Certificate, transactionId) : A(dataBaseCRLConfig.getDBUrl(), str, (Name) x509Certificate.getIssuerDN(), date, A, notAfter, j, x509Certificate, transactionId);
        }
        RevocationSource createRevocationSource = RevocationFactory.getInstance(transactionId).createRevocationSource(str, str2);
        RevocationInfoRetriever revocationInfoRetriever = this.N.get(str2);
        if (revocationInfoRetriever == null) {
            throw new RevocationStoreException("Revocation Source Type " + str2 + "not supported", null, getClass().getName() + ":2");
        }
        String uri = createRevocationSource.getUri();
        boolean A2 = A(revocationInfoRetriever, createRevocationSource, collection, transactionId);
        if (!A2 && str2.equals("crl")) {
            if (collection != null && !collection.isEmpty() && (uRLs = ((CRLDistributionPointInfo) collection.iterator().next()).getURLs()) != null) {
                Iterator<String> it = uRLs.iterator();
                int i = 0;
                while (it.hasNext() && !A2) {
                    String next = it.next();
                    if (i == 0 && !str.equals(next)) {
                        break;
                    }
                    if (i > 0) {
                        createRevocationSource.setUri(next);
                        A.debug(transactionId, "CRL download failed. Trying next uniform resource identifier ...", null);
                        A2 = A(revocationInfoRetriever, createRevocationSource, collection, transactionId);
                    }
                    i++;
                }
            }
            createRevocationSource.setUri(uri);
        }
        String A3 = A("crl", str, collection);
        if (A2) {
            if (A(createRevocationSource, date, notAfter, j, transactionId)) {
                try {
                    A(str2, A3, createRevocationSource, collection, transactionId);
                } catch (ArchiveException e) {
                    A.error(transactionId, "Error archiving crl.", e);
                }
                return createRevocationSource;
            }
            if (A(A, notAfter) <= 0) {
                return null;
            }
        }
        A.info(transactionId, "Cannot get revocation information from url, trying from archive", null);
        A.debug(transactionId, "Trying to get revocation info from archive.", null);
        if (this.M == null) {
            A.info(transactionId, "Archiving disabled.", null);
            return null;
        }
        Date notBefore = x509Certificate.getNotBefore();
        if (A(createRevocationSource, str2, A3, date, notBefore, notAfter, transactionId)) {
            return createRevocationSource;
        }
        if (A3.equals(str) || !A(createRevocationSource, str2, str, date, notBefore, notAfter, transactionId)) {
            return null;
        }
        return createRevocationSource;
    }

    private RevocationSource A(String str, String str2, Name name, Date date, Date date2, Date date3, long j, X509Certificate x509Certificate, TransactionId transactionId) throws RevocationStoreException {
        DBCRLRevocationSource dBCRLRevocationSource = (DBCRLRevocationSource) RevocationFactory.getInstance(transactionId).createRevocationSource(str, DBCRLRevocationSource.TYPE);
        dBCRLRevocationSource.init(str2, date, x509Certificate, name);
        if (A(dBCRLRevocationSource, date, date3, j, transactionId) || C.A(date2, date3) > 0) {
            return dBCRLRevocationSource;
        }
        return null;
    }

    private boolean A(RevocationSource revocationSource, String str, String str2, Date date, Date date2, Date date3, TransactionId transactionId) throws RevocationStoreException {
        return B(revocationSource, str, str2, date, date3, null, transactionId) || B(revocationSource, str, str2, date, date, date3, transactionId) || B(revocationSource, str, str2, date, date2, date3, transactionId);
    }

    private boolean B(RevocationSource revocationSource, String str, String str2, Date date, Date date2, Date date3, TransactionId transactionId) throws RevocationStoreException {
        Date date4 = date3 == null ? date2 : date3;
        InputStream inputStream = this.M.get(str, str2, date2, date3, transactionId);
        if (inputStream == null) {
            return false;
        }
        revocationSource.readFrom(inputStream, transactionId);
        revocationSource.setDownloadTime(revocationSource.getTime());
        return A(revocationSource, date, date4, 0L, transactionId);
    }

    private boolean A(RevocationInfoRetriever revocationInfoRetriever, RevocationSource revocationSource, Collection<Object> collection, TransactionId transactionId) {
        try {
            revocationInfoRetriever.update(revocationSource, collection, transactionId);
            return true;
        } catch (RevocationStoreException e) {
            return false;
        }
    }
}
