package iaik.pki.store.certinfo;

import iaik.asn1.structures.Name;
import iaik.logging.Log;
import iaik.logging.LogFactory;
import iaik.logging.TransactionId;
import iaik.pki.store.certstore.CertStore;
import iaik.pki.store.certstore.CertStoreException;
import iaik.pki.store.certstore.selector.sdn.SubjectDNCertSelectorFactory;
import iaik.pki.utils.CertUtil;
import iaik.pki.utils.Constants;
import iaik.pki.utils.NameUtils;
import iaik.pki.utils.UtilsException;
import iaik.x509.X509Certificate;
import java.lang.ref.SoftReference;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_pki-2.00-MOA-MOCCA.jar:iaik/pki/store/certinfo/A.class */
class A implements CertInfo {
    protected static Log I = LogFactory.getLog(Constants.MODULE_NAME);
    protected C D;
    protected CertInfo C;
    protected CertInfoStore E;
    protected CertStore F;
    protected Name A;
    protected boolean G;
    protected SoftReference<X509Certificate> B;
    protected Set<CertIssuer> H;

    /* JADX INFO: Access modifiers changed from: protected */
    public A(CertInfoStore certInfoStore, X509Certificate x509Certificate, CertStore certStore, TransactionId transactionId) throws CertInfoStoreException {
        String type;
        this.C = null;
        this.H = null;
        if (certInfoStore == null) {
            throw new NullPointerException("Argument \"infoStore\" must not be null.");
        }
        if (x509Certificate == null) {
            throw new NullPointerException("Argument \"cert\" must not be null.");
        }
        if (certStore == null) {
            type = null;
        } else {
            try {
                type = certStore.getParameters().getType();
            } catch (CertStoreException e) {
                throw new CertInfoStoreException("Error while creating CertId", e, getClass().getName() + ":0");
            } catch (UtilsException e2) {
                throw new CertInfoStoreException("Error normalizing subject or issuer.", e2, getClass().getName() + ":1");
            }
        }
        this.D = new C(x509Certificate, SubjectDNCertSelectorFactory.createCertSelector(x509Certificate, type));
        this.E = certInfoStore;
        this.F = certStore;
        this.B = new SoftReference<>(x509Certificate);
        this.A = (Name) x509Certificate.getIssuerDN();
        this.G = NameUtils.getNormalizedName(this.A).equals(NameUtils.getNormalizedName((Name) x509Certificate.getSubjectDN()));
        this.H = new HashSet();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public A(CertInfo certInfo) {
        this.C = null;
        this.H = null;
        if (certInfo == null) {
            throw new NullPointerException("Wrapped CertInfo object mustn't be null");
        }
        this.C = certInfo;
    }

    @Override // iaik.pki.store.certinfo.CertInfo
    public C getCertId(TransactionId transactionId) {
        return this.C != null ? this.C.getCertId(transactionId) : this.D;
    }

    @Override // iaik.pki.store.certinfo.CertInfo
    public CertInfoStore getCertInfoStore() {
        return this.C != null ? this.C.getCertInfoStore() : this.E;
    }

    @Override // iaik.pki.store.certinfo.CertInfo
    public CertStore getCertStore() {
        return this.F;
    }

    @Override // iaik.pki.store.certinfo.CertInfo
    public X509Certificate getCertificate(TransactionId transactionId) throws CertInfoStoreException {
        if (this.C != null) {
            return this.C.getCertificate(transactionId);
        }
        X509Certificate x509Certificate = this.B.get();
        if (x509Certificate != null && (x509Certificate instanceof X509Certificate)) {
            return x509Certificate;
        }
        I.debug(transactionId, "Certificate not found in cache. Trying to load from CertStore", null);
        return A(transactionId);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void A(X509Certificate x509Certificate) {
        this.B = new SoftReference<>(x509Certificate);
    }

    @Override // iaik.pki.store.certinfo.CertInfo
    public synchronized CertIssuer[] getIssuers(TransactionId transactionId, int i, Date date) {
        if (this.C != null) {
            return this.C.getIssuers(transactionId, i, date);
        }
        try {
            switch (i) {
                case 0:
                    CertInfo[] certInfoBySubjectDN = this.E.getCertInfoBySubjectDN(this.A, false, transactionId);
                    if (certInfoBySubjectDN.length > 0) {
                        Set<CertIssuer> checkIssuers = CertUtil.checkIssuers(certInfoBySubjectDN, getCertificate(transactionId), this.G, this.E, date, transactionId);
                        if (!checkIssuers.isEmpty()) {
                            return (CertIssuer[]) checkIssuers.toArray(new CertIssuer[checkIssuers.size()]);
                        }
                    }
                    break;
                case 1:
                    HashSet hashSet = new HashSet();
                    if (date != null) {
                        if (!this.H.isEmpty()) {
                            boolean z = false;
                            for (CertIssuer certIssuer : this.H) {
                                try {
                                    if (certIssuer.getStatus() == 3) {
                                        X509Certificate certificate = certIssuer.getCertificate(transactionId);
                                        if (I.isDebugEnabled()) {
                                            I.debug(transactionId, "Checking " + (date == null ? "" : "validity ") + " for issuer \"" + certificate.getSubjectDN() + " (serial number: " + certificate.getSerialNumber() + ")\".", null);
                                        }
                                        if (CertUtil.checkValidity(certificate, date, transactionId) == 0) {
                                            hashSet.add(certIssuer);
                                            z = true;
                                        }
                                    }
                                } catch (CertInfoStoreException e) {
                                }
                            }
                            if (z) {
                                return (CertIssuer[]) hashSet.toArray(new CertIssuer[hashSet.size()]);
                            }
                        }
                        X509Certificate certificate2 = getCertificate(transactionId);
                        Set<CertIssuer> checkIssuers2 = CertUtil.checkIssuers(this.E.getCertInfoBySubjectDN(this.A, false, transactionId), certificate2, this.G, this.E, date, transactionId);
                        if (!checkIssuers2.isEmpty()) {
                            return (CertIssuer[]) checkIssuers2.toArray(new CertIssuer[checkIssuers2.size()]);
                        }
                        Set<CertIssuer> checkIssuers3 = CertUtil.checkIssuers(this.E.getCertInfoBySubjectDN(this.A, true, transactionId), certificate2, this.G, this.E, date, transactionId);
                        if (!checkIssuers3.isEmpty()) {
                            return (CertIssuer[]) checkIssuers3.toArray(new CertIssuer[checkIssuers3.size()]);
                        }
                    } else {
                        X509Certificate certificate3 = getCertificate(transactionId);
                        Set<CertIssuer> checkIssuers4 = CertUtil.checkIssuers(this.H, certificate3, this.G, null, transactionId);
                        checkIssuers4.addAll(CertUtil.checkIssuers(this.E.getCertInfoBySubjectDN(this.A, false, transactionId), certificate3, this.G, this.E, null, transactionId));
                        if (!checkIssuers4.isEmpty()) {
                            return (CertIssuer[]) checkIssuers4.toArray(new CertIssuer[checkIssuers4.size()]);
                        }
                        checkIssuers4.addAll(CertUtil.checkIssuers(this.E.getCertInfoBySubjectDN(this.A, true, transactionId), certificate3, this.G, this.E, null, transactionId));
                        if (!checkIssuers4.isEmpty()) {
                            return (CertIssuer[]) checkIssuers4.toArray(new CertIssuer[checkIssuers4.size()]);
                        }
                    }
                    break;
                case 2:
                    Set<CertIssuer> checkIssuers5 = CertUtil.checkIssuers(this.E.getCertInfoBySubjectDN(this.A, true, transactionId), getCertificate(transactionId), this.G, this.E, date, transactionId);
                    if (!checkIssuers5.isEmpty()) {
                        return (CertIssuer[]) checkIssuers5.toArray(new CertIssuer[checkIssuers5.size()]);
                    }
                    break;
                default:
                    throw new IllegalArgumentException("Wrong value for \"searchCertStores\" parameter. Must be 0, 1 or 2.");
            }
        } catch (CertInfoStoreException e2) {
            I.info(transactionId, "Error getting certificate from CertInfo.", e2);
        }
        return new CertIssuer[0];
    }

    protected X509Certificate A(TransactionId transactionId) throws CertInfoStoreException {
        if (this.E == null) {
            throw new CertInfoStoreException("No CertStore bound to this CertInfo object", null, getClass().getName() + ":10");
        }
        try {
            Collection<CertStore> certStores = this.E.getCertStores(transactionId);
            if (certStores == null) {
                certStores = Collections.nCopies(1, this.F);
            }
            if (certStores.isEmpty() && this.F != null) {
                certStores.add(this.F);
            }
            Iterator<CertStore> it = certStores.iterator();
            while (it.hasNext()) {
                X509Certificate[] certificates = it.next().getCertificates(this.D.B, transactionId);
                int A = A(certificates, this.D.A());
                if (A != -1) {
                    this.B = new SoftReference<>(certificates[A]);
                    return certificates[A];
                }
            }
            throw new CertInfoStoreException("Certificate could not be retrieved from CertStore", null, getClass().getName() + ":11");
        } catch (CertStoreException e) {
            throw new CertInfoStoreException("Error while retrieving Certificates from CertStore", e, getClass().getName() + ":12");
        }
    }

    protected int A(X509Certificate[] x509CertificateArr, byte[] bArr) {
        int i = -1;
        for (int i2 = 0; i2 < x509CertificateArr.length; i2++) {
            if (Arrays.equals(x509CertificateArr[i2].getFingerprintSHA(), bArr)) {
                i = i2;
            }
        }
        return i;
    }

    @Override // iaik.pki.store.certinfo.CertInfo
    public boolean isSelfIssued() {
        return this.C != null ? this.C.isSelfIssued() : this.G;
    }

    @Override // iaik.pki.store.certinfo.CertInfo
    public boolean equals(Object obj) {
        if (this.C != null) {
            return this.C.equals(obj);
        }
        if (obj != null && (obj instanceof CertInfo)) {
            return this.D.equals(((CertInfo) obj).getCertId(null));
        }
        return false;
    }

    @Override // iaik.pki.store.certinfo.CertInfo
    public int hashCode() {
        return this.C != null ? this.C.hashCode() : this.D.hashCode();
    }

    @Override // iaik.pki.store.certinfo.CertInfo
    public void setCertStore(CertStore certStore) {
        if (certStore == null) {
            throw new NullPointerException("Certstore must not be null");
        }
        this.F = certStore;
    }

    @Override // iaik.pki.store.certinfo.CertInfo
    public void addIssuer(CertIssuer certIssuer, TransactionId transactionId) {
        if (this.C == null) {
            this.H.add(certIssuer);
        } else {
            this.C.addIssuer(certIssuer, transactionId);
        }
    }

    static {
        for (String str : new String[]{"*****************************************************************************", "***                                                                       ***", "***                 Welcome to the IAIK PKI Library                       ***", "***                                                                       ***", "*** This version of IAIK PKI and all included IAIK basic crypto libraries ***", "*** is licensed for use within the MOA SP/SS, MOA ID and/or MOCCA context ***", "*** only. Any other use  of these  libraries is prohibited. For details   ***", "*** please seehttp://jce.iaik.tugraz.at/sales/licences/.                  ***", "***                                                                       ***", "*****************************************************************************", ""}) {
            System.err.println(str);
        }
    }
}
