package iaik.pki.revocation;

import iaik.logging.Log;
import iaik.logging.LogFactory;
import iaik.logging.TransactionId;
import iaik.pki.PKIRuntimeException;
import iaik.pki.store.revocation.RevocationSourceStore;
import iaik.pki.store.revocation.SupplementalRevocationSources;
import iaik.pki.utils.Constants;
import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionException;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_pki-2.00-MOA-MOCCA.jar:iaik/pki/revocation/D.class */
public class D implements CertificateStatusChecker {
    protected static Log E = LogFactory.getLog(Constants.MODULE_NAME);
    protected RevocationConfiguration F;
    protected Map<String, CertificateStatusChecker> G = new HashMap();

    public D() throws StatusCheckingException {
        A("crl", new J());
        A(RevocationSourceTypes.OCSP, new I());
    }

    @Override // iaik.pki.revocation.CertificateStatusChecker
    public void setRevocationSourceStore(RevocationSourceStore revocationSourceStore) {
        Iterator<CertificateStatusChecker> it = this.G.values().iterator();
        while (it.hasNext()) {
            it.next().setRevocationSourceStore(revocationSourceStore);
        }
    }

    @Override // iaik.pki.revocation.CertificateStatusChecker
    public synchronized void configure(RevocationConfiguration revocationConfiguration) throws StatusCheckingException {
        if (revocationConfiguration == null) {
            throw new NullPointerException("Can't configure with null");
        }
        if (this.F != null) {
            throw new StatusCheckingException("Same object mustn't be configured twice", null, getClass().getName() + ":1");
        }
        this.F = revocationConfiguration;
        Iterator<CertificateStatusChecker> it = this.G.values().iterator();
        while (it.hasNext()) {
            it.next().configure(revocationConfiguration);
        }
    }

    @Override // iaik.pki.revocation.CertificateStatusChecker
    public RevocationStatus getCertificateStatus(X509Certificate x509Certificate, boolean z, X509Certificate x509Certificate2, PublicKey publicKey, Date date, String str, SupplementalRevocationSources supplementalRevocationSources, RevocationTrustProfile revocationTrustProfile, RevocationProfile revocationProfile, TransactionId transactionId) throws X509ExtensionException, StatusCheckingException {
        if (this.F == null) {
            throw new StatusCheckingException("Status checking not yet configured", null, getClass().getName() + ":2");
        }
        if (revocationProfile == null) {
            throw new NullPointerException("profile mustn't be null");
        }
        RevocationStatus revocationStatus = null;
        String[] preferredServiceOrder = revocationProfile.getPreferredServiceOrder(x509Certificate);
        ArrayList arrayList = new ArrayList(2);
        for (int i = 0; i < preferredServiceOrder.length; i++) {
            CertificateStatusChecker certificateStatusChecker = this.G.get(preferredServiceOrder[i]);
            if (certificateStatusChecker != null) {
                arrayList.add(certificateStatusChecker);
            } else {
                E.warn(transactionId, "No serivce configured for " + preferredServiceOrder[i] + ", ... ignored", null);
            }
        }
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            try {
                revocationStatus = ((CertificateStatusChecker) it.next()).getCertificateStatus(x509Certificate, z, x509Certificate2, publicKey, date, str, supplementalRevocationSources, revocationTrustProfile, revocationProfile, transactionId);
            } catch (StatusCheckingException e) {
                E.error(transactionId, "Error getting certificate status (" + e.getMessage() + "). Trying next service.", null);
            }
            if (revocationStatus.getStatusCode() == RevocationStatus.VALID || revocationStatus.getStatusCode() == RevocationStatus.REVOKED) {
                E.debug(transactionId, "Revocation status checked", null);
            } else if (revocationStatus.getStatusCode() == RevocationStatus.UNKNOWN && ((RevocationStatusUnknown) revocationStatus).getUnknownReason() == "CertificateOnHold") {
                E.debug(transactionId, "Revocation status checked", null);
            }
        }
        if (revocationStatus == null) {
            revocationStatus = new H(date, RevocationStatusUnknown.UNKNOWN_REASON_NO_SERVICE_CONFIGURED);
        }
        return revocationStatus;
    }

    public void A(String str, CertificateStatusChecker certificateStatusChecker) {
        if (!RevocationSourceTypes.ALL.contains(str)) {
            throw new PKIRuntimeException("Illegal revocation source type " + str, null, getClass().getName() + ":1");
        }
        this.G.put(str, certificateStatusChecker);
    }
}
