package eu.emi.security.authn.x509.helpers.crl;

import eu.emi.security.authn.x509.StoreUpdateListener;
import eu.emi.security.authn.x509.helpers.CachedElement;
import eu.emi.security.authn.x509.helpers.ObserversHandler;
import eu.emi.security.authn.x509.helpers.trust.OpensslTruststoreHelper;
import eu.emi.security.authn.x509.impl.CRLParameters;
import eu.emi.security.authn.x509.impl.X500NameUtils;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.URISyntaxException;
import java.security.InvalidAlgorithmParameterException;
import java.security.cert.CRLException;
import java.security.cert.CRLSelector;
import java.security.cert.X509CRL;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.WeakHashMap;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:eu/emi/security/authn/x509/helpers/crl/LazyOpensslCRLStoreSpi.class */
public class LazyOpensslCRLStoreSpi extends AbstractCRLStoreSPI {
    private static final String SUFFIX = "\\.r[0-9]+";
    private final File directory;
    private final boolean openssl1Mode;
    private Map<String, CachedElement<List<X509CRL>>> cachedCRLsByHash;

    public LazyOpensslCRLStoreSpi(String str, long j, ObserversHandler observersHandler, boolean z) throws InvalidAlgorithmParameterException {
        super(new CRLParameters(Collections.singletonList(str), j, 0, null), observersHandler);
        this.directory = new File(str);
        this.openssl1Mode = z;
        this.cachedCRLsByHash = new WeakHashMap();
    }

    protected X509CRL loadCRL(File file) throws IOException, CRLException, URISyntaxException {
        BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
        try {
            X509CRL x509crl = (X509CRL) this.factory.generateCRL(bufferedInputStream);
            if (x509crl == null) {
                throw new CRLException("Unknown problem when parsing/loading the CRL");
            }
            return x509crl;
        } finally {
            bufferedInputStream.close();
        }
    }

    @Override // eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
    public synchronized void setUpdateInterval(long j) {
        this.updateInterval = j;
    }

    public synchronized long getUpdateInterval() {
        return this.updateInterval;
    }

    @Override // eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
    public void dispose() {
    }

    protected X509CRL reloadCRL(File file) {
        try {
            X509CRL loadCRL = loadCRL(file);
            notifyObservers(file.getAbsolutePath(), StoreUpdateListener.Severity.NOTIFICATION, null);
            return loadCRL;
        } catch (Exception e) {
            notifyObservers(file.getAbsolutePath(), StoreUpdateListener.Severity.ERROR, e);
            return null;
        }
    }

    private Collection<X509CRL> filterByIssuer(X500Principal x500Principal, Collection<X509CRL> collection) {
        ArrayList arrayList = new ArrayList(collection.size());
        for (X509CRL x509crl : collection) {
            if (X500NameUtils.rfc3280Equal(x500Principal, x509crl.getIssuerX500Principal())) {
                arrayList.add(x509crl);
            }
        }
        return arrayList;
    }

    @Override // eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
    protected synchronized Collection<X509CRL> getCRLForIssuer(X500Principal x500Principal) {
        String openSSLCAHash = OpensslTruststoreHelper.getOpenSSLCAHash(x500Principal, this.openssl1Mode);
        CachedElement<List<X509CRL>> cachedElement = this.cachedCRLsByHash.get(openSSLCAHash);
        if (cachedElement != null && !cachedElement.isExpired(this.updateInterval)) {
            return filterByIssuer(x500Principal, cachedElement.getElement());
        }
        Collection<File> filesWithRegexp = OpensslTruststoreHelper.getFilesWithRegexp(openSSLCAHash + SUFFIX, this.directory);
        ArrayList arrayList = new ArrayList(filesWithRegexp.size());
        Iterator<File> it = filesWithRegexp.iterator();
        while (it.hasNext()) {
            X509CRL reloadCRL = reloadCRL(it.next());
            if (reloadCRL != null) {
                arrayList.add(reloadCRL);
            }
        }
        this.cachedCRLsByHash.put(openSSLCAHash, new CachedElement<>(arrayList));
        return filterByIssuer(x500Principal, arrayList);
    }

    @Override // eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
    protected synchronized Collection<X509CRL> getCRLWithMatcher(CRLSelector cRLSelector) {
        Collection<File> filesWithRegexp = OpensslTruststoreHelper.getFilesWithRegexp(".*\\.r[0-9]+", this.directory);
        ArrayList arrayList = new ArrayList();
        Iterator<File> it = filesWithRegexp.iterator();
        while (it.hasNext()) {
            X509CRL reloadCRL = reloadCRL(it.next());
            if (reloadCRL != null && cRLSelector.match(reloadCRL)) {
                arrayList.add(reloadCRL);
            }
        }
        return arrayList;
    }
}
