package eu.emi.security.authn.x509.helpers.crl;

import eu.emi.security.authn.x509.StoreUpdateListener;
import eu.emi.security.authn.x509.helpers.ObserversHandler;
import eu.emi.security.authn.x509.helpers.WeakTimerTask;
import eu.emi.security.authn.x509.helpers.pkipath.PlainStoreUtils;
import eu.emi.security.authn.x509.impl.CRLParameters;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.lang.ref.SoftReference;
import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLConnection;
import java.security.InvalidAlgorithmParameterException;
import java.security.cert.CRLException;
import java.security.cert.X509CRL;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.Timer;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:eu/emi/security/authn/x509/helpers/crl/PlainCRLStoreSpi.class */
public class PlainCRLStoreSpi extends AbstractCRLStoreSPI {
    private final PlainStoreUtils utils;
    private Timer timer;
    private Object intervalLock;
    private Map<X500Principal, Set<URL>> ca2location;
    private Map<URL, SoftReference<X509CRL>> loadedCRLs;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:eu/emi/security/authn/x509/helpers/crl/PlainCRLStoreSpi$CRLAsyncUpdateTask.class */
    public static class CRLAsyncUpdateTask extends WeakTimerTask<PlainCRLStoreSpi> {
        public CRLAsyncUpdateTask(PlainCRLStoreSpi plainCRLStoreSpi) {
            super(plainCRLStoreSpi);
        }

        @Override // java.util.TimerTask, java.lang.Runnable
        public void run() {
            PlainCRLStoreSpi plainCRLStoreSpi = (PlainCRLStoreSpi) this.partnerRef.get();
            if (plainCRLStoreSpi == null) {
                return;
            }
            try {
                if (plainCRLStoreSpi.getUpdateInterval() > 0) {
                    plainCRLStoreSpi.update();
                }
                plainCRLStoreSpi.scheduleUpdate();
            } catch (RuntimeException e) {
                e.printStackTrace();
            }
        }
    }

    public PlainCRLStoreSpi(CRLParameters cRLParameters, Timer timer, ObserversHandler observersHandler) throws InvalidAlgorithmParameterException {
        super(cRLParameters, observersHandler);
        this.intervalLock = new Object();
        this.loadedCRLs = new HashMap();
        this.ca2location = new HashMap();
        this.utils = new PlainStoreUtils(this.params.getDiskCachePath(), "-crl", this.params.getCrls());
        this.timer = timer;
    }

    public void start() {
        update();
        scheduleUpdate();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public X509CRL loadCRL(URL url) throws IOException, CRLException, URISyntaxException {
        boolean z = false;
        if (url.getProtocol().equalsIgnoreCase("file")) {
            z = true;
        }
        try {
            URLConnection openConnection = url.openConnection();
            if (!z) {
                openConnection.setConnectTimeout(this.params.getRemoteConnectionTimeout());
                openConnection.setReadTimeout(this.params.getRemoteConnectionTimeout());
            }
            X509CRL loadCrlWrapper = loadCrlWrapper(new BufferedInputStream(openConnection.getInputStream()));
            if (!z) {
                this.utils.saveCacheFile(loadCrlWrapper.getEncoded(), url);
            }
            return loadCrlWrapper;
        } catch (IOException e) {
            if (z || this.params.getDiskCachePath() == null) {
                throw e;
            }
            File cacheFile = this.utils.getCacheFile(url);
            if (!cacheFile.exists()) {
                throw e;
            }
            X509CRL loadCrlWrapper2 = loadCrlWrapper(new BufferedInputStream(new FileInputStream(cacheFile)));
            notifyObservers(url.toExternalForm(), StoreUpdateListener.Severity.WARNING, new IOException("Warning: CRL was not loaded from its URL, but its previously cached copy was loaded from disk file " + cacheFile.getPath(), e));
            return loadCrlWrapper2;
        }
    }

    private X509CRL loadCrlWrapper(InputStream inputStream) throws IOException, CRLException {
        X509CRL x509crl = (X509CRL) this.factory.generateCRL(inputStream);
        if (x509crl == null) {
            throw new CRLException("Unknown problem when parsing/loading the CRL");
        }
        inputStream.close();
        return x509crl;
    }

    public List<String> getLocations() {
        return this.utils.getLocations();
    }

    @Override // eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
    public void setUpdateInterval(long j) {
        synchronized (this.intervalLock) {
            long j2 = this.updateInterval;
            this.updateInterval = j;
            if (j2 <= 0) {
                scheduleUpdate();
            }
        }
    }

    public long getUpdateInterval() {
        long j;
        synchronized (this.intervalLock) {
            j = this.updateInterval;
        }
        return j;
    }

    private synchronized void removeStaleIssuerMapping() {
        Iterator<Map.Entry<X500Principal, Set<URL>>> it = this.ca2location.entrySet().iterator();
        while (it.hasNext()) {
            Iterator<URL> it2 = it.next().getValue().iterator();
            while (it2.hasNext()) {
                URL next = it2.next();
                if (!this.utils.isPresent(next)) {
                    it2.remove();
                    this.loadedCRLs.remove(next);
                }
            }
        }
    }

    private void reloadCRLs(Collection<URL> collection) {
        Iterator<URL> it = collection.iterator();
        while (it.hasNext()) {
            reloadCRL(it.next());
        }
    }

    protected X509CRL reloadCRL(URL url) {
        try {
            X509CRL loadCRL = loadCRL(url);
            notifyObservers(url.toExternalForm(), StoreUpdateListener.Severity.NOTIFICATION, null);
            addCRL(loadCRL, url);
            return loadCRL;
        } catch (Exception e) {
            notifyObservers(url.toExternalForm(), StoreUpdateListener.Severity.ERROR, e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized void addCRL(X509CRL x509crl, URL url) {
        Set<URL> set = this.ca2location.get(x509crl.getIssuerX500Principal());
        if (set == null) {
            set = new HashSet();
            this.ca2location.put(x509crl.getIssuerX500Principal(), set);
        }
        set.add(url);
        this.loadedCRLs.put(url, new SoftReference<>(x509crl));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void update() {
        this.utils.establishWildcardsLocations();
        removeStaleIssuerMapping();
        reloadCRLs(this.utils.getURLLocations());
        reloadCRLs(this.utils.getResolvedWildcards());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void scheduleUpdate() {
        long updateInterval = getUpdateInterval();
        if (updateInterval > 0) {
            this.timer.schedule(new CRLAsyncUpdateTask(this), updateInterval);
        }
    }

    private X509CRL getOrLoadCRL(URL url) {
        X509CRL x509crl = this.loadedCRLs.get(url).get();
        return x509crl != null ? x509crl : reloadCRL(url);
    }

    @Override // eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
    protected synchronized Collection<X509CRL> getCRLForIssuer(X500Principal x500Principal) {
        Set<URL> set = this.ca2location.get(x500Principal);
        if (set == null) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList(set.size());
        Iterator<URL> it = set.iterator();
        while (it.hasNext()) {
            arrayList.add(getOrLoadCRL(it.next()));
        }
        return arrayList;
    }

    @Override // eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
    public void dispose() {
        setUpdateInterval(-1L);
    }
}
