package eu.emi.security.authn.x509.helpers.ocsp;

import eu.emi.security.authn.x509.X509Credential;
import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.security.cert.X509Certificate;
import org.bouncycastle.cert.ocsp.OCSPException;
import org.bouncycastle.cert.ocsp.OCSPReq;
import org.bouncycastle.cert.ocsp.SingleResp;

/* loaded from: input_file:eu/emi/security/authn/x509/helpers/ocsp/OCSPCachingClient.class */
public class OCSPCachingClient {
    private final long maxTtl;
    private OCSPRespondersCache respondersCache;
    private OCSPResponsesCache responsesCache;

    public OCSPCachingClient(long j, File file, String str) {
        this.maxTtl = j;
        this.responsesCache = new OCSPResponsesCache(j, file, str);
        this.respondersCache = new OCSPRespondersCache(j, file, str);
    }

    public OCSPResult queryForCertificate(URL url, X509Certificate x509Certificate, X509Certificate x509Certificate2, X509Credential x509Credential, boolean z, int i) throws IOException, OCSPException {
        return queryForCertificate(url, x509Certificate, x509Certificate2, x509Credential, z, i, new OCSPClientImpl());
    }

    public OCSPResult queryForCertificate(URL url, X509Certificate x509Certificate, X509Certificate x509Certificate2, X509Credential x509Credential, boolean z, int i, OCSPClientImpl oCSPClientImpl) throws IOException, OCSPException {
        if (this.maxTtl < 0) {
            return oCSPClientImpl.queryForCertificate(url, x509Certificate, x509Certificate2, x509Credential, z, i);
        }
        String createResponderKey = this.respondersCache.createResponderKey(x509Certificate2);
        this.respondersCache.checkCachedError(createResponderKey);
        String createResponseKey = this.responsesCache.createResponseKey(x509Certificate, x509Certificate2);
        SingleResp cachedResp = this.responsesCache.getCachedResp(createResponseKey, oCSPClientImpl, x509Certificate, x509Certificate2);
        if (cachedResp != null) {
            return new OCSPResult(cachedResp);
        }
        OCSPReq createRequest = oCSPClientImpl.createRequest(x509Certificate, x509Certificate2, x509Credential, z);
        try {
            OCSPResponseStructure send = oCSPClientImpl.send(url, createRequest, i);
            SingleResp verifyResponse = oCSPClientImpl.verifyResponse(send.getResponse(), x509Certificate, x509Certificate2, OCSPClientImpl.extractNonce(createRequest));
            this.responsesCache.addToCache(createResponseKey, send, verifyResponse);
            return new OCSPResult(verifyResponse);
        } catch (IOException e) {
            this.respondersCache.addToCache(createResponderKey, e);
            throw e;
        }
    }

    public void clearMemoryCache() {
        this.responsesCache.clearMemoryCache();
        this.respondersCache.clearMemoryCache();
    }
}
