package eu.emi.security.authn.x509.helpers.ocsp;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
import java.util.Map;
import org.bouncycastle.cert.ocsp.OCSPResp;
import org.bouncycastle.cert.ocsp.SingleResp;

/* loaded from: input_file:eu/emi/security/authn/x509/helpers/ocsp/OCSPResponsesCache.class */
public class OCSPResponsesCache extends OCSPCacheBase {
    private Map<String, ResponseCacheEntry> responsesCache;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:eu/emi/security/authn/x509/helpers/ocsp/OCSPResponsesCache$ResponseCacheEntry.class */
    public static class ResponseCacheEntry {
        private Date cacheDate;
        private Date maxValidity;
        private SingleResp response;

        public ResponseCacheEntry(Date date, Date date2, SingleResp singleResp) {
            this.cacheDate = date;
            this.maxValidity = date2;
            this.response = singleResp;
        }
    }

    public OCSPResponsesCache(long j, File file, String str) {
        super(j, file, str);
        this.responsesCache = Collections.synchronizedMap(new BoundedSizeLruMap(100));
    }

    public SingleResp getCachedResp(String str, OCSPClientImpl oCSPClientImpl, X509Certificate x509Certificate, X509Certificate x509Certificate2) throws IOException {
        ResponseCacheEntry responseCacheEntry = this.responsesCache.get(str);
        if (responseCacheEntry == null && this.diskPath != null) {
            File file = new File(this.diskPath, this.prefix + str);
            if (file.exists()) {
                responseCacheEntry = loadResponseFromDisk(file, oCSPClientImpl, x509Certificate, x509Certificate2);
            }
        }
        if (responseCacheEntry == null) {
            return null;
        }
        Date nextUpdate = responseCacheEntry.response != null ? responseCacheEntry.response.getNextUpdate() : null;
        Date date = new Date(responseCacheEntry.cacheDate.getTime() + this.maxTtl);
        if (nextUpdate != null && date.after(nextUpdate)) {
            date = nextUpdate;
        }
        if (date.after(responseCacheEntry.maxValidity)) {
            date = responseCacheEntry.maxValidity;
        }
        if (!new Date().after(date)) {
            return responseCacheEntry.response;
        }
        this.responsesCache.remove(str);
        if (this.diskPath == null) {
            return null;
        }
        new File(this.diskPath, this.prefix + str).delete();
        return null;
    }

    public String createResponseKey(X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            PublicKey publicKey = x509Certificate2.getPublicKey();
            messageDigest.update(x509Certificate2.getSubjectX500Principal().getEncoded());
            messageDigest.update(publicKey.getEncoded());
            messageDigest.update(x509Certificate.getSerialNumber().toByteArray());
            return encodeDigest(messageDigest);
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("JDK problem: SHA-1 hash not supported by any provider!", e);
        }
    }

    public void addToCache(String str, OCSPResponseStructure oCSPResponseStructure, SingleResp singleResp) throws IOException {
        if (oCSPResponseStructure.getMaxCache() == null) {
            oCSPResponseStructure.setMaxCache(singleResp.getNextUpdate());
        }
        this.responsesCache.put(str, new ResponseCacheEntry(new Date(), oCSPResponseStructure.getMaxCache(), singleResp));
        if (this.diskPath != null) {
            storeResponseToDisk(new File(this.diskPath, this.prefix + str), oCSPResponseStructure);
        }
    }

    public void clearMemoryCache() {
        this.responsesCache.clear();
    }

    private void storeResponseToDisk(File file, OCSPResponseStructure oCSPResponseStructure) throws IOException {
        if (file.exists()) {
            file.delete();
        }
        Date maxCache = oCSPResponseStructure.getMaxCache();
        ObjectOutputStream objectOutputStream = new ObjectOutputStream(new FileOutputStream(file));
        try {
            objectOutputStream.writeObject(maxCache);
            objectOutputStream.writeObject(oCSPResponseStructure.getResponse().getEncoded());
            objectOutputStream.close();
        } catch (Throwable th) {
            objectOutputStream.close();
            throw th;
        }
    }

    private ResponseCacheEntry loadResponseFromDisk(File file, OCSPClientImpl oCSPClientImpl, X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        ObjectInputStream objectInputStream = null;
        try {
            try {
                objectInputStream = new ObjectInputStream(new FileInputStream(file));
                ResponseCacheEntry responseCacheEntry = new ResponseCacheEntry(new Date(file.lastModified()), (Date) objectInputStream.readObject(), oCSPClientImpl.verifyResponse(new OCSPResp((byte[]) objectInputStream.readObject()), x509Certificate, x509Certificate2, null));
                if (objectInputStream != null) {
                    try {
                        objectInputStream.close();
                    } catch (IOException e) {
                    }
                }
                return responseCacheEntry;
            } catch (Throwable th) {
                if (objectInputStream != null) {
                    try {
                        objectInputStream.close();
                    } catch (IOException e2) {
                    }
                }
                throw th;
            }
        } catch (Exception e3) {
            file.delete();
            if (objectInputStream != null) {
                try {
                    objectInputStream.close();
                } catch (IOException e4) {
                }
            }
            return null;
        }
    }
}
