package iaik.pki.store.revocation;

import iaik.asn1.structures.Name;
import iaik.logging.TransactionId;
import iaik.pki.revocation.CRLDistributionPointInfo;
import iaik.pki.revocation.RevocationSourceTypes;
import iaik.pki.revocation.dbcrl.config.DBCrlConfig;
import iaik.pki.store.revocation.archive.Archive;
import iaik.pki.store.revocation.archive.ArchiveException;
import iaik.pki.utils.Constants;
import iaik.x509.X509Certificate;
import java.io.InputStream;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class L extends C {
    protected Archive K;
    protected Map L = Collections.synchronizedMap(new Hashtable());

    private RevocationSource A(String str, String str2, Name name, Date date, Date date2, Date date3, long j, X509Certificate x509Certificate, TransactionId transactionId) {
        DBCRLRevocationSource dBCRLRevocationSource = (DBCRLRevocationSource) RevocationFactory.getInstance(transactionId).createRevocationSource(str, DBCRLRevocationSource.TYPE);
        dBCRLRevocationSource.init(str2, date, x509Certificate, name);
        if (A(dBCRLRevocationSource, date, date3, j, transactionId) || C.A(date2, date3) > 0) {
            return dBCRLRevocationSource;
        }
        return null;
    }

    private boolean A(RevocationInfoRetriever revocationInfoRetriever, RevocationSource revocationSource, Collection collection, TransactionId transactionId) {
        try {
            revocationInfoRetriever.update(revocationSource, collection, transactionId);
            return true;
        } catch (RevocationStoreException e) {
            return false;
        }
    }

    private boolean A(RevocationSource revocationSource, String str, String str2, Date date, Date date2, Date date3, TransactionId transactionId) {
        return B(revocationSource, str, str2, date, date3, null, transactionId) || B(revocationSource, str, str2, date, date, date3, transactionId) || B(revocationSource, str, str2, date, date2, date3, transactionId);
    }

    private boolean B(RevocationSource revocationSource, String str, String str2, Date date, Date date2, Date date3, TransactionId transactionId) {
        Date date4 = date3 == null ? date2 : date3;
        InputStream inputStream = this.K.get(str, str2, date2, date3, transactionId);
        if (inputStream == null) {
            return false;
        }
        revocationSource.readFrom(inputStream, transactionId);
        revocationSource.setDownloadTime(revocationSource.getTime());
        return A(revocationSource, date, date4, 0L, transactionId);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void A(String str, String str2, RevocationSource revocationSource, Collection collection, TransactionId transactionId) {
        if (str2 == null) {
            C.A.info(transactionId, "Cannot archive revocation source. URI is null.", null);
            return;
        }
        if (str2.equals(Constants.DUMMY_URI)) {
            return;
        }
        if (!this.E.archiveRevocationInfo(str, str2)) {
            C.A.info(transactionId, "Archiving disabled.", null);
            return;
        }
        if (this.K == null) {
            C.A.info(transactionId, new StringBuffer("No ").append(str).append(" archive available.").toString(), null);
            return;
        }
        C.A.info(transactionId, "Archiving revocation information", null);
        if (!"crl".equals(str)) {
            C.A.warn(transactionId, new StringBuffer("Archiving of ").append(str).append(" not supported").toString(), null);
            return;
        }
        try {
            this.K.add(str, str2, revocationSource.toByteArray(), revocationSource.getTime(), collection, transactionId);
        } catch (ArchiveException e) {
            C.A.error(transactionId, "Error on adding CRL revocation source to archive", e);
        } catch (RevocationStoreException e2) {
            C.A.error(transactionId, "Error on adding CRL revocation source to archive", e2);
        }
    }

    @Override // iaik.pki.store.revocation.RevocationSourceStore
    public RevocationInfoRetriever getRetriever(String str) {
        if (RevocationSourceTypes.ALL.contains(str)) {
            return (RevocationInfoRetriever) this.L.get(str);
        }
        throw new RevocationStoreException(new StringBuffer("Invalid revocation source type (").append(str).append("). Must be one of \"crl\" or \"ocsp\".").toString(), null, new StringBuffer().append(getClass().getName()).append(":2").toString());
    }

    @Override // iaik.pki.store.revocation.RevocationSourceStore
    public RevocationSource getRevocationSource(String str, String str2, Date date, long j, X509Certificate x509Certificate, RevocationSource revocationSource, boolean z, Collection collection, TransactionId transactionId) {
        boolean z2;
        List uRLs;
        if (this.E == null) {
            throw new RevocationStoreException("Revocation source store not yet configured", null, new StringBuffer().append(getClass().getName()).append(":6").toString());
        }
        if (!RevocationSourceTypes.ALL.contains(str2)) {
            throw new RevocationStoreException(new StringBuffer("Unknown revocation source type ").append(str2).toString(), null, new StringBuffer().append(getClass().getName()).append(":7").toString());
        }
        Date A = C.A();
        Date notAfter = x509Certificate.getNotAfter();
        if (C.A(date, A) > 0) {
            C.A.warn(transactionId, "Trying to download revocation information from the future (please synchronize system times)", null);
        }
        DBCrlConfig dataBaseCRLConfig = this.E.getDataBaseCRLConfig();
        if (dataBaseCRLConfig != null && dataBaseCRLConfig.getAllEntries().keySet().contains(str)) {
            return !collection.isEmpty() ? A(dataBaseCRLConfig.getDBUrl(), str, ((CRLDistributionPointInfo) collection.toArray()[0]).getIssuerDN(), date, A, notAfter, j, x509Certificate, transactionId) : A(dataBaseCRLConfig.getDBUrl(), str, (Name) x509Certificate.getIssuerDN(), date, A, notAfter, j, x509Certificate, transactionId);
        }
        RevocationSource createRevocationSource = RevocationFactory.getInstance(transactionId).createRevocationSource(str, str2);
        RevocationInfoRetriever revocationInfoRetriever = (RevocationInfoRetriever) this.L.get(str2);
        if (revocationInfoRetriever == null) {
            throw new RevocationStoreException(new StringBuffer("Revocation Source Type ").append(str2).append("not supported").toString(), null, new StringBuffer().append(getClass().getName()).append(":2").toString());
        }
        String uri = createRevocationSource.getUri();
        boolean A2 = A(revocationInfoRetriever, createRevocationSource, collection, transactionId);
        if (!A2 && str2.equals("crl")) {
            if (collection != null && !collection.isEmpty() && (uRLs = ((CRLDistributionPointInfo) collection.iterator().next()).getURLs()) != null) {
                Iterator it = uRLs.iterator();
                int i = 0;
                z2 = A2;
                while (true) {
                    int i2 = i;
                    if (!it.hasNext() || z2) {
                        break;
                    }
                    String str3 = (String) it.next();
                    if (i2 == 0 && !str.equals(str3)) {
                        break;
                    }
                    if (i2 > 0) {
                        createRevocationSource.setUri(str3);
                        C.A.debug(transactionId, "CRL download failed. Trying next uniform resource identifier ...", null);
                        z2 = A(revocationInfoRetriever, createRevocationSource, collection, transactionId);
                    }
                    i = i2 + 1;
                }
            } else {
                z2 = A2;
            }
            createRevocationSource.setUri(uri);
            A2 = z2;
        }
        String A3 = A("crl", str, collection);
        if (A2) {
            if (A(createRevocationSource, date, notAfter, j, transactionId)) {
                try {
                    A(str2, A3, createRevocationSource, collection, transactionId);
                    return createRevocationSource;
                } catch (ArchiveException e) {
                    C.A.error(transactionId, "Error archiving crl.", e);
                    return createRevocationSource;
                }
            }
            if (C.A(A, notAfter) <= 0) {
                return null;
            }
        }
        C.A.info(transactionId, "Cannot get revocation information from url, trying from archive", null);
        C.A.debug(transactionId, "Trying to get revocation info from archive.", null);
        if (this.K == null) {
            C.A.info(transactionId, "Archiving disabled.", null);
            return null;
        }
        Date notBefore = x509Certificate.getNotBefore();
        if (A(createRevocationSource, str2, A3, date, notBefore, notAfter, transactionId)) {
            return createRevocationSource;
        }
        if (A3.equals(str) || !A(createRevocationSource, str2, str, date, notBefore, notAfter, transactionId)) {
            return null;
        }
        return createRevocationSource;
    }

    @Override // iaik.pki.store.revocation.RevocationSourceStore
    public synchronized void setArchive(Archive archive) {
        this.K = archive;
    }

    @Override // iaik.pki.store.revocation.RevocationSourceStore
    public synchronized void setRetriever(RevocationInfoRetriever revocationInfoRetriever, String str) {
        if (revocationInfoRetriever == null) {
            throw new NullPointerException("Retriever mustn't be null");
        }
        if (!RevocationSourceTypes.ALL.contains(str)) {
            throw new RevocationStoreException(new StringBuffer("Invalid revocation source type (").append(str).append("). Must be one of \"crl\" or \"ocsp\".").toString(), null, new StringBuffer().append(getClass().getName()).append(":1").toString());
        }
        this.L.put(str, revocationInfoRetriever);
    }
}
