package iaik.pki.store.revocation.j15;

import iaik.asn1.ObjectID;
import iaik.asn1.structures.Name;
import iaik.logging.TransactionId;
import iaik.logging.impl.TransactionIdImpl;
import iaik.pki.store.certstore.database.DBStoreException;
import iaik.pki.store.revocation.CRLRevocationSourceImpl;
import iaik.pki.store.revocation.DBCRLRevocationSource;
import iaik.pki.store.revocation.RevocationStoreException;
import iaik.pki.store.revocation.dbcrl.DBRevCertStoreParameters;
import iaik.pki.store.revocation.dbcrl.RevCertDBStore;
import iaik.pki.store.revocation.dbcrl.RevCertDBStoreFactory;
import iaik.pki.store.revocation.dbcrl.util.RevCertCRLDBEntry;
import iaik.pki.store.revocation.dbcrl.util.RevokedCertificateDBEntry;
import iaik.pki.utils.CertUtil;
import iaik.pki.utils.Constants;
import iaik.pki.utils.UtilsException;
import iaik.x509.V3Extension;
import iaik.x509.X509Certificate;
import iaik.x509.extensions.IssuingDistributionPoint;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.PublicKey;
import java.sql.Timestamp;
import java.util.Date;

/* loaded from: classes.dex */
class A extends CRLRevocationSourceImpl implements DBCRLRevocationSource {
    private RevCertCRLDBEntry K;
    private RevCertDBStore L;
    private TransactionId M;
    private RevokedCertificateDBEntry N;

    /* JADX INFO: Access modifiers changed from: package-private */
    public A(String str) {
        super(DBCRLRevocationSource.TYPE, str);
        this.L = null;
        this.M = new TransactionIdImpl(Constants.MODULE_NAME);
        DBRevCertStoreParameters dBRevCertStoreParameters = new DBRevCertStoreParameters(str);
        try {
            this.L = (RevCertDBStore) RevCertDBStoreFactory.getInstance(dBRevCertStoreParameters.getJDBCUrl(), dBRevCertStoreParameters.getDBTables(), this.M);
        } catch (DBStoreException e) {
            C.error(this.M, "could not instantiate database crl revocation source ", e.getCause());
        }
    }

    @Override // iaik.pki.store.revocation.DBCRLRevocationSource
    public RevokedCertificateDBEntry containsCertificate(X509Certificate x509Certificate) {
        return this.N;
    }

    @Override // iaik.pki.store.revocation.CRLRevocationSourceImpl, iaik.pki.store.revocation.F
    public boolean equals(Object obj) {
        return super.equals(obj) && (obj instanceof A);
    }

    @Override // iaik.pki.store.revocation.DBCRLRevocationSource
    public InputStream getCRL() {
        try {
            return new FileInputStream(new File(this.K.getFileName()));
        } catch (FileNotFoundException e) {
            C.error(this.M, "error while opening CRL file with filename taken from DB (file not found).", e.getCause());
            return null;
        }
    }

    @Override // iaik.pki.store.revocation.CRLRevocationSource
    public V3Extension getExtension(ObjectID objectID) {
        if (objectID.equals(IssuingDistributionPoint.oid)) {
            return this.K.getIssuingDistributionPoint();
        }
        throw new RevocationStoreException(objectID.toString() + " extension is not available, only IssuingDistributionPoint is in DB ", null, ":1");
    }

    @Override // iaik.pki.store.revocation.DBCRLRevocationSource
    public X509Certificate getIssuerCert() {
        return this.K.getIssuerCertificate();
    }

    @Override // iaik.pki.store.revocation.CRLRevocationSource
    public boolean hasUnsupportedCriticalExtensions() {
        return this.K.getHasUnsupportedCriticalCrlExtension();
    }

    @Override // iaik.pki.store.revocation.DBCRLRevocationSource
    public void init(String str, Date date, X509Certificate x509Certificate, Name name) {
        C.debug(this.M, "initializing revocation source from DB.", null);
        if (name == null) {
            try {
                name = (Name) x509Certificate.getIssuerDN();
            } catch (DBStoreException e) {
                C.error(this.M, "error while initializing revocation source from DB.", e.getCause());
                throw new RevocationStoreException("error while initializing revocation source from DB.", e.getCause(), ":1");
            } catch (UtilsException e2) {
                C.error(this.M, "error while initializing revocation source from DB.", e2.getCause());
                throw new RevocationStoreException("error while initializing revocation source from DB.", e2.getCause(), ":2");
            }
        }
        this.N = this.L.getRevokedCertificateEntry(x509Certificate.getSerialNumber(), x509Certificate.getIssuerDN().getName(), this.M);
        if (this.N != null) {
            this.K = this.L.getCLREntry(this.N.getCRLIdentityHash(), this.M);
        } else {
            int checkValidity = CertUtil.checkValidity(x509Certificate, date, this.M);
            if (checkValidity == 0) {
                this.K = this.L.getMostRecentCRL(str, name.getName(), this.M);
            } else if (checkValidity == -1) {
                this.K = this.L.getNewestCRLInTimeInterval(new Timestamp(date.getTime()), new Timestamp(this.K.getLifeCycleTime() + x509Certificate.getNotAfter().getTime()), name.getName(), str, this.M);
            } else {
                C.debug(this.M, "trying to verify cert in the future.", null);
            }
        }
        if (this.K == null) {
            throw new DBStoreException("problem initializing, no entry found in database", null, ":0");
        }
        this.nextUpdate_ = new Date(this.K.getNextUpdate().getTime());
        this.H = new Date(this.K.getThisUpdate().getTime());
        if (this.nextUpdate_ == null) {
            this.E = -1L;
        } else {
            this.E = this.nextUpdate_.getTime() - this.H.getTime();
        }
        C.debug(this.M, "calculated lifeCycleTime for crl, lifeCycleTime " + this.E, null);
        this.G = this.K.getIssuerCertificate();
        this.issuerName_ = (Name) this.G.getSubjectDN();
        this.version_ = this.K.getVersion();
        this.F = new Date(this.K.getSignatureVerificationDate().getTime());
    }

    @Override // iaik.pki.store.revocation.F, iaik.pki.store.revocation.RevocationSource
    public void readFrom(InputStream inputStream, TransactionId transactionId) {
    }

    @Override // iaik.pki.store.revocation.DBCRLRevocationSource
    public boolean removeRevokedCertificateEntry(BigInteger bigInteger, String str) {
        try {
            return this.L.removeRevocedCertificatEntry(bigInteger, str, this.M);
        } catch (DBStoreException e) {
            C.error(this.M, "error removing revoked certificate entry from DB.", e.getCause());
            return false;
        }
    }

    @Override // iaik.pki.store.revocation.F, iaik.pki.store.revocation.RevocationSource
    public byte[] toByteArray() {
        FileInputStream fileInputStream;
        File file = new File(this.K.getFileName());
        try {
            fileInputStream = new FileInputStream(file);
        } catch (FileNotFoundException e) {
            C.error(this.M, "error while opening CRL file with filename taken from DB (file not found).", e.getCause());
            fileInputStream = null;
        }
        int length = (int) file.length();
        byte[] bArr = new byte[length];
        try {
            try {
                for (int read = fileInputStream.read(bArr); read < length; read += fileInputStream.read(bArr)) {
                }
            } catch (IOException e2) {
                C.error(this.M, "error while reading CRL file with filename taken from DB.", e2.getCause());
                try {
                    fileInputStream.close();
                } catch (IOException e3) {
                    C.error(this.M, "error closing file stream after reading CRL file with filename taken from DB.", e3.getCause());
                }
            }
            return bArr;
        } finally {
            try {
                fileInputStream.close();
            } catch (IOException e4) {
                C.error(this.M, "error closing file stream after reading CRL file with filename taken from DB.", e4.getCause());
            }
        }
    }

    @Override // iaik.pki.store.revocation.CRLRevocationSource
    public void verify(PublicKey publicKey, X509Certificate x509Certificate) {
        if (!x509Certificate.equals(this.K.getIssuerCertificate()) || !this.K.isSignatureOk()) {
            throw new RevocationStoreException("could not verify the signature of the crl with this issuer certificate", null, ":2");
        }
    }
}
