package iaik.pki.store.certstore.directory.indexed;

import iaik.logging.TransactionId;
import iaik.pki.store.certstore.AbstractCertStore;
import iaik.pki.store.certstore.CertStore;
import iaik.pki.store.certstore.CertStoreException;
import iaik.pki.store.certstore.CertStoreParameters;
import iaik.pki.store.certstore.CertStoreTypes;
import iaik.pki.store.certstore.directory.DirectoryCertSelector;
import iaik.pki.store.certstore.selector.CertSelector;
import iaik.pki.store.certstore.selector.DefaultCertSelector;
import iaik.pki.store.certstore.selector.email.DefaultEmailCertSelector;
import iaik.pki.store.certstore.selector.email.EmailCertSelectorFactory;
import iaik.pki.store.certstore.selector.is.DefaultIssuerSerialCertSelector;
import iaik.pki.store.certstore.selector.is.IssuerSerialCertSelectorFactory;
import iaik.pki.store.certstore.selector.kv.DefaultKeyValueCertSelector;
import iaik.pki.store.certstore.selector.kv.KeyValueCertSelectorFactory;
import iaik.pki.store.certstore.selector.sdn.DefaultSubjectDNCertSelector;
import iaik.pki.store.certstore.selector.sdn.SubjectDNCertSelectorFactory;
import iaik.pki.store.certstore.selector.ski.DefaultSubjectKeyIdentifierCertSelector;
import iaik.pki.store.certstore.selector.ski.SubjectKeyIdentifierCertSelectorFactory;
import iaik.pki.utils.CertUtil;
import iaik.pki.utils.Constants;
import iaik.x509.X509Certificate;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_pki-2.00-MOA-MOCCA.jar:iaik/pki/store/certstore/directory/indexed/H.class */
public class H extends AbstractCertStore implements CertStore {
    public static final String U = ".der";
    protected static final String S = "Error fecthing certificate from cert store: ";
    protected static final String V = "Error adding certificate to cert store: ";
    protected boolean W;
    protected IndexedDirectoryCertStoreParameters T;
    protected File X;
    protected G R;

    /* JADX INFO: Access modifiers changed from: package-private */
    public H(IndexedDirectoryCertStoreParameters indexedDirectoryCertStoreParameters, TransactionId transactionId) throws IndexedDirectoryStoreException {
        if (indexedDirectoryCertStoreParameters == null) {
            throw new NullPointerException("Argument \"params\" must not be null.");
        }
        if (indexedDirectoryCertStoreParameters.getRootDirectory() == null) {
            throw new NullPointerException("Root directory specified within params must not be null");
        }
        if (!indexedDirectoryCertStoreParameters.getType().equals(CertStoreTypes.INDEXED_DIRECTORY)) {
            throw new IndexedDirectoryStoreException("Parameters not suitable for this type of certstore", null, getClass().getName() + ":1");
        }
        this.T = indexedDirectoryCertStoreParameters;
        this.W = indexedDirectoryCertStoreParameters.isReadOnly();
        this.X = new File(indexedDirectoryCertStoreParameters.getRootDirectory());
        if (!this.X.exists() && indexedDirectoryCertStoreParameters.createNew() && !this.X.mkdirs()) {
            throw new IndexedDirectoryStoreException("Can't create directory: " + this.X.toString(), null, getClass().getName() + ":2");
        }
        if (!this.X.canRead()) {
            throw new IndexedDirectoryStoreException("Can't read from directory: " + this.X.toString(), null, getClass().getName() + ":3");
        }
        if (!this.W && !this.X.canWrite()) {
            throw new IndexedDirectoryStoreException("Can't write to directory: " + this.X.toString(), null, getClass().getName() + ":4");
        }
        this.R = new G(this.T.getRootDirectory(), this.T.getIndexTables(), transactionId);
        D(transactionId);
        F(transactionId);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String C(X509Certificate x509Certificate) {
        return CertUtil.getFingerPrintSHA(x509Certificate);
    }

    protected static String B(X509Certificate x509Certificate) {
        return A(C(x509Certificate));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String A(String str) {
        return str + U;
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore, iaik.pki.store.certstore.CertStore
    public CertStoreParameters getParameters() {
        return this.T;
    }

    @Override // iaik.pki.store.certstore.CertStore
    public synchronized X509Certificate[] getCertificates(CertSelector certSelector, TransactionId transactionId) throws CertStoreException {
        log_.debug(transactionId, "Trying to get certificate from indexed directory cert store.", null);
        DirectoryCertSelector directoryCertSelector = (DirectoryCertSelector) D(certSelector, transactionId);
        if (directoryCertSelector == null) {
            throw new IndexedDirectoryStoreException("Cert selector \"" + certSelector.getClass().getName() + "\" not supported by IndexedDirectoryCertStore.", null, getClass().getName() + ":6");
        }
        String index = directoryCertSelector.getIndex();
        Set<String> A = this.R.A(index, directoryCertSelector.getSelectorName());
        if (A == null) {
            A = this.R.B(index);
        }
        if (A.size() == 0) {
            return new X509Certificate[0];
        }
        HashSet hashSet = new HashSet(A.size());
        Iterator<String> it = A.iterator();
        while (it.hasNext()) {
            File file = new File(this.X, A(it.next()));
            try {
                X509Certificate x509Certificate = new X509Certificate(new FileInputStream(file));
                if (certSelector.matches(x509Certificate, transactionId)) {
                    hashSet.add(x509Certificate);
                }
            } catch (FileNotFoundException e) {
                throw new IndexedDirectoryStoreException("Error fecthing certificate from cert store: Could not read certificate \"" + file.getAbsolutePath() + "\".", null, getClass().getName() + ": 3");
            } catch (IOException e2) {
                throw new IndexedDirectoryStoreException("Error fecthing certificate from cert store: \"" + file.getAbsolutePath() + "\".", null, getClass().getName() + ":5");
            } catch (CertificateException e3) {
                throw new IndexedDirectoryStoreException("Error fecthing certificate from cert store: Could not parse certificate \"" + file.getAbsolutePath() + "\".", null, getClass().getName() + ": 2");
            }
        }
        int size = hashSet.size();
        log_.debug(transactionId, "Found " + size + " certificates in indexed directory cert store.", null);
        return hashSet.size() == 0 ? new X509Certificate[0] : (X509Certificate[]) hashSet.toArray(new X509Certificate[size]);
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore, iaik.pki.store.certstore.CertStore
    public synchronized void storeCertificate(X509Certificate x509Certificate, TransactionId transactionId) throws IndexedDirectoryStoreException {
        if (x509Certificate == null) {
            throw new NullPointerException("Argument \"cert\" must not be null.");
        }
        if (this.W) {
            throw new IndexedDirectoryStoreException("Can't write certificate to read only store", null, getClass().getName() + ":11");
        }
        String C = C(x509Certificate);
        if (this.R.A(x509Certificate, C, transactionId)) {
            String A = A(C);
            FileOutputStream fileOutputStream = null;
            try {
                try {
                    File file = new File(this.X, A);
                    if (log_.isDebugEnabled()) {
                        log_.debug(null, "Writing certificate (serial number: \"" + x509Certificate.getSerialNumber() + "\", subjectDN: \"" + x509Certificate.getSubjectDN() + "\") to: " + file.getAbsoluteFile() + ".", null);
                    }
                    fileOutputStream = new FileOutputStream(file);
                    x509Certificate.writeTo(fileOutputStream);
                    fileOutputStream.close();
                    if (fileOutputStream != null) {
                        try {
                            fileOutputStream.flush();
                            fileOutputStream.close();
                        } catch (IOException e) {
                            log_.debug(transactionId, "Could not close/flush file." + A + ".", e);
                        }
                    }
                } catch (IOException e2) {
                    this.R.A(x509Certificate);
                    throw new IndexedDirectoryStoreException("Error when writing to file", e2, getClass().getName() + ":12");
                }
            } catch (Throwable th) {
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.flush();
                        fileOutputStream.close();
                    } catch (IOException e3) {
                        log_.debug(transactionId, "Could not close/flush file." + A + ".", e3);
                    }
                }
                throw th;
            }
        }
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore, iaik.pki.store.certstore.CertStore
    public String getUniqueID() {
        return D() + this.T.getRootDirectory();
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore, iaik.pki.store.certstore.CertStore
    public boolean isReadOnly() {
        return this.W;
    }

    public String D() {
        return CertStoreTypes.INDEXED_DIRECTORY;
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore
    protected synchronized boolean removeCertificate(X509Certificate x509Certificate, TransactionId transactionId) throws IndexedDirectoryStoreException {
        if (x509Certificate == null) {
            throw new NullPointerException("Parameter \"cert\" must not be null.");
        }
        String A = this.R.A(x509Certificate);
        File file = new File(this.X, A);
        if (!file.exists() || file.delete()) {
            return true;
        }
        log_.warn(transactionId, "Cannot delete file " + A + " from indexed directory cert store.", null);
        this.R.A(x509Certificate, transactionId);
        return false;
    }

    protected synchronized void D(TransactionId transactionId) throws IndexedDirectoryStoreException {
        File file = new File(this.X, Constants.TO_BE_ADDED_DIRECTORY);
        if (file.exists()) {
            log_.debug(transactionId, "Adding certificates from directory \"" + file.getAbsolutePath() + "\" ...", null);
            if (!file.canRead()) {
                throw new IndexedDirectoryStoreException("Error adding certificate to cert store: Can't read from directory \"" + file.toString() + "\".", null, getClass().getName() + ": 1");
            }
            for (File file2 : file.listFiles()) {
                try {
                    FileInputStream fileInputStream = new FileInputStream(file2);
                    X509Certificate x509Certificate = new X509Certificate(fileInputStream);
                    fileInputStream.close();
                    storeCertificate(x509Certificate, transactionId);
                    if (!file2.delete()) {
                        log_.warn(transactionId, "Cannot delete certificate " + file2.getAbsolutePath(), null);
                    }
                } catch (FileNotFoundException e) {
                    log_.warn(transactionId, "Error adding certificate to cert store: Could not read certificate \"" + file2.getAbsolutePath() + "\".", null);
                } catch (IOException e2) {
                    log_.warn(transactionId, "Error adding certificate to cert store: \"" + file2.getAbsolutePath() + "\".", null);
                } catch (CertificateException e3) {
                    log_.warn(transactionId, "Error adding certificate to cert store: Could not parse certificate. Maybe file \"" + file2.getAbsolutePath() + "\" does not contain a certificate.", null);
                }
            }
        }
    }

    protected synchronized void F(TransactionId transactionId) throws IndexedDirectoryStoreException {
        File file = new File(this.X, Constants.TO_BE_REMOVED_DIRECTORY);
        if (file.exists()) {
            log_.debug(transactionId, "Removing certificates located in directory \"" + file.getAbsolutePath() + "\" from certificate store ...", null);
            for (File file2 : file.listFiles()) {
                try {
                    FileInputStream fileInputStream = new FileInputStream(file2);
                    X509Certificate x509Certificate = new X509Certificate(fileInputStream);
                    fileInputStream.close();
                    if (removeCertificate(x509Certificate, transactionId) && !file2.delete()) {
                        log_.warn(transactionId, "Cannot delete certificate " + file2.getAbsolutePath(), null);
                    }
                } catch (FileNotFoundException e) {
                    throw new IndexedDirectoryStoreException("Error removing certificate from cert store: Could not read certificate \"" + file2.getAbsolutePath() + "\".", null, getClass().getName() + ": 3");
                } catch (IOException e2) {
                    throw new IndexedDirectoryStoreException("Error removing certificate from cert store: \"" + file2.getAbsolutePath() + "\".", null, getClass().getName() + ":5");
                } catch (CertificateException e3) {
                    throw new IndexedDirectoryStoreException("Error removing certificate from cert store: Could not parse certificate. Maybe file \"" + file2.getAbsolutePath() + "\" does not contain a certificate.", null, getClass().getName() + ": 2");
                }
            }
        }
    }

    protected synchronized void A(IndexTable indexTable, TransactionId transactionId) throws IndexedDirectoryStoreException {
        this.R.B(indexTable, transactionId);
    }

    protected synchronized void A(String str, TransactionId transactionId) {
        this.R.A(str, transactionId);
    }

    public void E(TransactionId transactionId) throws IndexedDirectoryStoreException {
        this.R.A(true, transactionId);
    }

    protected CertSelector D(CertSelector certSelector, TransactionId transactionId) throws CertStoreException {
        if (certSelector == null) {
            throw new NullPointerException("CertSelector must not be null." + getClass().getName() + ":5");
        }
        if (certSelector instanceof DirectoryCertSelector) {
            return certSelector;
        }
        if (certSelector instanceof DefaultCertSelector) {
            if (certSelector instanceof DefaultSubjectDNCertSelector) {
                log_.debug(transactionId, "Converting default SubjectDNCertSelector to indexed directory SubjectDNCertSelector.", null);
                return SubjectDNCertSelectorFactory.createCertSelector(((DefaultSubjectDNCertSelector) certSelector).getSubjectDN(), CertStoreTypes.INDEXED_DIRECTORY);
            }
            if (certSelector instanceof DefaultIssuerSerialCertSelector) {
                log_.debug(transactionId, "Converting default IssuerSerialCertSelector to indexed directory IssuerSerialCertSelector.", null);
                DefaultIssuerSerialCertSelector defaultIssuerSerialCertSelector = (DefaultIssuerSerialCertSelector) certSelector;
                return IssuerSerialCertSelectorFactory.createCertSelector(defaultIssuerSerialCertSelector.getNormalizedIssuer(), true, defaultIssuerSerialCertSelector.getSerialNumber(), CertStoreTypes.INDEXED_DIRECTORY);
            }
            if (certSelector instanceof DefaultKeyValueCertSelector) {
                log_.debug(transactionId, "Converting default KeyValueCertSelector to indexed directory KeyValueCertSelector.", null);
                return KeyValueCertSelectorFactory.createCertSelector(((DefaultKeyValueCertSelector) certSelector).getPublicKey(), CertStoreTypes.INDEXED_DIRECTORY);
            }
            if (certSelector instanceof DefaultSubjectKeyIdentifierCertSelector) {
                log_.debug(transactionId, "Converting default SubjectKeyIdentifierCertSelector to indexed directory SubjectKeyIdentifierCertSelector.", null);
                return SubjectKeyIdentifierCertSelectorFactory.createCertSelector(((DefaultSubjectKeyIdentifierCertSelector) certSelector).getSubjectKeyIdentifier(), CertStoreTypes.INDEXED_DIRECTORY);
            }
            if (certSelector instanceof DefaultEmailCertSelector) {
                log_.debug(transactionId, "Converting default EmailCertSelector to indexed directory EmailCertSelector.", null);
                return EmailCertSelectorFactory.createCertSelector(((DefaultEmailCertSelector) certSelector).getEmailAddress(), CertStoreTypes.INDEXED_DIRECTORY);
            }
        }
        log_.debug(transactionId, "Unknown cert selector type.", null);
        return null;
    }
}
