package iaik.pki.utils;

import iaik.asn1.structures.Name;
import iaik.logging.Log;
import iaik.logging.LogFactory;
import iaik.logging.TransactionId;
import iaik.pki.PKIException;
import iaik.pki.revocation.CRLDistributionPointImpl;
import iaik.pki.revocation.DistributionPoint;
import iaik.pki.revocation.OCSPDistributionPointImpl;
import iaik.x509.X509CRL;
import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionInitException;
import iaik.x509.extensions.IssuingDistributionPoint;
import iaik.x509.ocsp.BasicOCSPResponse;
import iaik.x509.ocsp.CertID;
import iaik.x509.ocsp.OCSPResponse;
import iaik.x509.ocsp.SingleResponse;
import java.io.File;
import java.io.FileFilter;
import java.io.FileInputStream;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_pki-2.00-MOA-MOCCA.jar:iaik/pki/utils/AlternativeDistributionPointBuilder.class */
public class AlternativeDistributionPointBuilder {
    static final String A = "iaik.pki.utils.AlternativeDistributionPointBuilder";
    protected static Log log_ = LogFactory.getLog(Constants.MODULE_NAME);

    /* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_pki-2.00-MOA-MOCCA.jar:iaik/pki/utils/AlternativeDistributionPointBuilder$DirectoryFileFilter.class */
    public static class DirectoryFileFilter implements FileFilter {
        @Override // java.io.FileFilter
        public boolean accept(File file) {
            return file.isDirectory();
        }
    }

    public static Set<DistributionPoint> buildCrlDistributionPoints(File file, TransactionId transactionId) throws PKIException {
        if (file == null) {
            throw new NullPointerException("Argument \"crlDirectory\" must not be null.");
        }
        File[] listFiles = file.listFiles(new CRLFileFilter());
        HashSet hashSet = new HashSet(listFiles.length);
        for (File file2 : listFiles) {
            try {
                X509CRL x509crl = new X509CRL(new FileInputStream(file2));
                String absolutePath = file2.getAbsolutePath();
                String replace = (!absolutePath.startsWith("/") ? "file:///" + absolutePath : "file://" + absolutePath).replace('\\', '/');
                int i = -1;
                Name name = null;
                try {
                    IssuingDistributionPoint issuingDistributionPoint = (IssuingDistributionPoint) x509crl.getExtension(IssuingDistributionPoint.oid);
                    if (issuingDistributionPoint != null) {
                        i = issuingDistributionPoint.getReasonFlags();
                        if (issuingDistributionPoint.getIndirectCRL()) {
                            name = (Name) x509crl.getIssuerDN();
                        }
                    }
                    CRLDistributionPointImpl cRLDistributionPointImpl = new CRLDistributionPointImpl(i, replace, name);
                    log_.debug(transactionId, "Adding alternative " + cRLDistributionPointImpl, null);
                    hashSet.add(cRLDistributionPointImpl);
                } catch (X509ExtensionInitException e) {
                    throw new PKIException("Error when trying to read Issuing distribution point extension of crl \"" + file2.getAbsolutePath() + "\".", null, "iaik.pki.utils.AlternativeDistributionPointBuilder:2");
                }
            } catch (Exception e2) {
                throw new PKIException("Error reading crl \"" + file2.getAbsolutePath() + "\".", null, "iaik.pki.utils.AlternativeDistributionPointBuilder:1");
            }
        }
        return hashSet;
    }

    public static Set<DistributionPoint> buildOcspDistributionPoints(File file, TransactionId transactionId) throws PKIException {
        File[] listFiles = file.listFiles(new OCSPFileFilter());
        HashSet hashSet = new HashSet(listFiles.length);
        for (File file2 : listFiles) {
            try {
                new OCSPResponse(new FileInputStream(file2));
                String absolutePath = file2.getAbsolutePath();
                OCSPDistributionPointImpl oCSPDistributionPointImpl = new OCSPDistributionPointImpl((!absolutePath.startsWith("/") ? "file:///" + absolutePath : "file://" + absolutePath).replace('\\', '/'));
                log_.debug(transactionId, "Adding alternative " + oCSPDistributionPointImpl, null);
                hashSet.add(oCSPDistributionPointImpl);
            } catch (Exception e) {
                throw new PKIException("Error reading ocsp \"" + file2.getAbsolutePath() + "\".", null, "iaik.pki.utils.AlternativeDistributionPointBuilder:3");
            }
        }
        return hashSet;
    }

    public static Map<String, Set<DistributionPoint>> buildCrlDistributionPointMap(String str, TransactionId transactionId) throws PKIException {
        File[] listFiles = new File(str).listFiles(new CRLFileFilter());
        HashMap hashMap = new HashMap(listFiles.length);
        for (File file : listFiles) {
            try {
                X509CRL x509crl = new X509CRL(new FileInputStream(file));
                String absolutePath = file.getAbsolutePath();
                String replace = (!absolutePath.startsWith("/") ? "file:///" + absolutePath : "file://" + absolutePath).replace('\\', '/');
                int i = -1;
                Name name = null;
                try {
                    IssuingDistributionPoint issuingDistributionPoint = (IssuingDistributionPoint) x509crl.getExtension(IssuingDistributionPoint.oid);
                    if (issuingDistributionPoint != null) {
                        i = issuingDistributionPoint.getReasonFlags();
                        if (issuingDistributionPoint.getIndirectCRL()) {
                            name = (Name) x509crl.getIssuerDN();
                        }
                    }
                    CRLDistributionPointImpl cRLDistributionPointImpl = new CRLDistributionPointImpl(i, replace, name);
                    String normalizedName = NameUtils.getNormalizedName((Name) x509crl.getIssuerDN());
                    Set set = (Set) hashMap.get(normalizedName);
                    if (set == null) {
                        set = new HashSet();
                        hashMap.put(normalizedName, set);
                    }
                    log_.debug(transactionId, "Adding alternative " + cRLDistributionPointImpl, null);
                    set.add(cRLDistributionPointImpl);
                } catch (X509ExtensionInitException e) {
                    throw new PKIException("Error when trying to read Issuing distribution point extension of crl \"" + file.getAbsolutePath() + "\".", null, "iaik.pki.utils.AlternativeDistributionPointBuilder:5");
                }
            } catch (Exception e2) {
                throw new PKIException("Error reading crl \"" + file.getAbsolutePath() + "\".", null, "iaik.pki.utils.AlternativeDistributionPointBuilder:4");
            }
        }
        return hashMap;
    }

    public static Map<CertID, Set<DistributionPoint>> buildOcspDistributionPointMap(String str, TransactionId transactionId) throws PKIException {
        File[] listFiles = new File(str).listFiles(new OCSPFileFilter());
        HashMap hashMap = new HashMap(listFiles.length);
        for (File file : listFiles) {
            try {
                OCSPResponse oCSPResponse = new OCSPResponse(new FileInputStream(file));
                String absolutePath = file.getAbsolutePath();
                String replace = (!absolutePath.startsWith("/") ? "file:///" + absolutePath : "file://" + absolutePath).replace('\\', '/');
                for (SingleResponse singleResponse : ((BasicOCSPResponse) oCSPResponse.getResponse()).getSingleResponses()) {
                    CertID certID = (CertID) singleResponse.getReqCert().getReqCert();
                    Set set = (Set) hashMap.get(certID);
                    if (set == null) {
                        set = new HashSet();
                        hashMap.put(certID, set);
                    }
                    OCSPDistributionPointImpl oCSPDistributionPointImpl = new OCSPDistributionPointImpl(replace);
                    log_.debug(transactionId, "Adding alternative " + oCSPDistributionPointImpl, null);
                    set.add(oCSPDistributionPointImpl);
                }
            } catch (Exception e) {
                throw new PKIException("Error reading ocsp \"" + file.getAbsolutePath() + "\".", null, "iaik.pki.utils.AlternativeDistributionPointBuilder:6");
            }
        }
        return hashMap;
    }

    protected static Map<String, Set<DistributionPoint>> buildCrlDistributionPointMap(X509Certificate x509Certificate, String str, TransactionId transactionId) throws PKIException {
        if (x509Certificate == null) {
            throw new NullPointerException("Argument \"cert\" must not be null.");
        }
        if (str == null) {
            throw new NullPointerException("Argument \"crlDirectory\" must not be null.");
        }
        HashMap hashMap = new HashMap();
        hashMap.put(CertUtil.getFingerPrintSHA(x509Certificate), buildCrlDistributionPoints(new File(str), transactionId));
        return hashMap;
    }

    protected static Map<String, Set<DistributionPoint>> buildOcspDistributionPointMap(X509Certificate x509Certificate, String str, TransactionId transactionId) throws PKIException {
        if (x509Certificate == null) {
            throw new NullPointerException("Argument \"cert\" must not be null.");
        }
        if (str == null) {
            throw new NullPointerException("Argument \"ocspDirectory\" must not be null.");
        }
        HashMap hashMap = new HashMap(1);
        hashMap.put(CertUtil.getFingerPrintSHA(x509Certificate), buildOcspDistributionPoints(new File(str), transactionId));
        return hashMap;
    }

    public static Map<String, Set<DistributionPoint>> buildDistributionPointMap(X509Certificate x509Certificate, String str, TransactionId transactionId) throws PKIException {
        if (x509Certificate == null) {
            throw new NullPointerException("Argument \"cert\" must not be null.");
        }
        if (str == null) {
            throw new NullPointerException("Argument \"directory\" must not be null.");
        }
        HashMap hashMap = new HashMap();
        File file = new File(str);
        Set<DistributionPoint> buildCrlDistributionPoints = buildCrlDistributionPoints(file, transactionId);
        buildCrlDistributionPoints.addAll(buildOcspDistributionPoints(file, transactionId));
        hashMap.put(CertUtil.getFingerPrintSHA(x509Certificate), buildCrlDistributionPoints);
        return hashMap;
    }

    public static Map<String, Set<DistributionPoint>> buildDistributionPointMap(String str, TransactionId transactionId) throws PKIException {
        return buildDistributionPointMap(str, new DirectoryFileFilter(), new CertificateFileFilter(), transactionId);
    }

    public static Map<String, Set<DistributionPoint>> buildDistributionPointMap(String str, FileFilter fileFilter, FileFilter fileFilter2, TransactionId transactionId) throws PKIException {
        if (str == null) {
            throw new NullPointerException("Argument \"baseDirectory\" must not be null.");
        }
        if (fileFilter == null) {
            fileFilter = new DirectoryFileFilter();
        }
        if (fileFilter2 == null) {
            fileFilter2 = new CertificateFileFilter();
        }
        HashMap hashMap = new HashMap();
        File file = new File(str);
        if (!file.exists()) {
            throw new PKIException("Could not build alternative distribution point map: directory \"" + str + "\" does not exist.", null, "iaik.pki.utils.AlternativeDistributionPointBuilder7");
        }
        File[] listFiles = file.listFiles(fileFilter);
        if (listFiles.length == 0) {
            throw new PKIException("Could not build alternative distribution point map: base directory \"" + str + "\" is empty.", null, "iaik.pki.utils.AlternativeDistributionPointBuilder8");
        }
        for (File file2 : listFiles) {
            if (file2.isDirectory()) {
                File[] listFiles2 = file2.listFiles(fileFilter2);
                if (listFiles2.length != 1) {
                    throw new PKIException("Could not uniquely match distribution points to a certificate: " + listFiles2.length + " certificates located in directory \"" + file2.getAbsolutePath() + "\".", null, "iaik.pki.utils.AlternativeDistributionPointBuilder:9");
                }
                try {
                    String fingerPrintSHA = CertUtil.getFingerPrintSHA(new X509Certificate(new FileInputStream(listFiles2[0])));
                    Set set = (Set) hashMap.get(fingerPrintSHA);
                    if (set == null) {
                        set = new HashSet();
                        hashMap.put(fingerPrintSHA, set);
                    }
                    set.addAll(buildCrlDistributionPoints(file2, transactionId));
                    set.addAll(buildOcspDistributionPoints(file2, transactionId));
                } catch (Exception e) {
                    throw new PKIException("Error reading certificate \"" + listFiles2[0].getAbsolutePath() + "\".", null, "iaik.pki.utils.AlternativeDistributionPointBuilder:10");
                }
            } else {
                log_.debug(transactionId, "\"" + file2.getAbsolutePath() + "\" is not a directory. Skipping.", null);
            }
        }
        return hashMap;
    }
}
