package eu.europa.esig.dss.tsl.service;

import eu.europa.esig.dss.DSSException;
import eu.europa.esig.dss.DSSUtils;
import eu.europa.esig.dss.DigestAlgorithm;
import eu.europa.esig.dss.tsl.Condition;
import eu.europa.esig.dss.tsl.ServiceInfo;
import eu.europa.esig.dss.tsl.ServiceInfoStatus;
import eu.europa.esig.dss.tsl.TLInfo;
import eu.europa.esig.dss.tsl.TSLConditionsForQualifiers;
import eu.europa.esig.dss.tsl.TSLLoaderResult;
import eu.europa.esig.dss.tsl.TSLParserResult;
import eu.europa.esig.dss.tsl.TSLService;
import eu.europa.esig.dss.tsl.TSLServiceProvider;
import eu.europa.esig.dss.tsl.TSLServiceStatusAndInformationExtensions;
import eu.europa.esig.dss.tsl.TSLValidationModel;
import eu.europa.esig.dss.tsl.TSLValidationResult;
import eu.europa.esig.dss.tsl.TrustedListsCertificateSource;
import eu.europa.esig.dss.util.MutableTimeDependentValues;
import eu.europa.esig.dss.util.TimeDependentValues;
import eu.europa.esig.dss.utils.Utils;
import eu.europa.esig.dss.x509.CertificateToken;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import javax.xml.bind.DatatypeConverter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/tsl/service/TSLRepository.class */
public class TSLRepository {
    private static final Logger LOG = LoggerFactory.getLogger(TSLRepository.class);
    private String cacheDirectoryPath = System.getProperty("java.io.tmpdir") + File.separator + "dss-cache-tsl" + File.separator;
    private Map<String, TSLValidationModel> tsls = new HashMap();
    private Map<String, TSLValidationModel> pivots = new HashMap();
    private TrustedListsCertificateSource trustedListsCertificateSource;

    public void setCacheDirectoryPath(String str) {
        this.cacheDirectoryPath = str;
    }

    public String getCacheDirectoryPath() {
        return this.cacheDirectoryPath;
    }

    public void setTrustedListsCertificateSource(TrustedListsCertificateSource trustedListsCertificateSource) {
        this.trustedListsCertificateSource = trustedListsCertificateSource;
    }

    public TSLValidationModel getByCountry(String str) {
        return this.tsls.get(str);
    }

    public TSLValidationModel getPivotByUrl(String str) {
        return this.pivots.get(str);
    }

    public Map<String, TSLValidationModel> getAllMapTSLValidationModels() {
        return Collections.unmodifiableMap(new TreeMap(this.tsls));
    }

    public void clearRepository() throws IOException {
        Utils.cleanDirectory(new File(this.cacheDirectoryPath));
        this.tsls.clear();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isLastCountryVersion(TSLLoaderResult tSLLoaderResult) {
        return isLastVersion(getByCountry(tSLLoaderResult.getCountryCode()), tSLLoaderResult);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isLastPivotVersion(TSLLoaderResult tSLLoaderResult) {
        return isLastVersion(getPivotByUrl(tSLLoaderResult.getUrl()), tSLLoaderResult);
    }

    private boolean isLastVersion(TSLValidationModel tSLValidationModel, TSLLoaderResult tSLLoaderResult) {
        if (tSLValidationModel == null) {
            return false;
        }
        if (Utils.isArrayEmpty(tSLLoaderResult.getContent())) {
            return true;
        }
        tSLValidationModel.setUrl(tSLLoaderResult.getUrl());
        tSLValidationModel.setLoadedDate(new Date());
        return Utils.areStringsEqual(getSHA256(tSLLoaderResult.getContent()), tSLValidationModel.getSha256FileContent());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void updateParseResult(TSLParserResult tSLParserResult) {
        TSLValidationModel byCountry = getByCountry(tSLParserResult.getTerritory());
        if (byCountry != null) {
            byCountry.setParseResult(tSLParserResult);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void updateValidationResult(TSLValidationResult tSLValidationResult) {
        TSLValidationModel byCountry = getByCountry(tSLValidationResult.getCountryCode());
        if (byCountry != null) {
            byCountry.setValidationResult(tSLValidationResult);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public TSLValidationModel storeInCache(TSLLoaderResult tSLLoaderResult) {
        TSLValidationModel tSLValidationModel = new TSLValidationModel();
        tSLValidationModel.setUrl(tSLLoaderResult.getUrl());
        if (Utils.isArrayNotEmpty(tSLLoaderResult.getContent())) {
            tSLValidationModel.setCertificateSourceSynchronized(false);
            tSLValidationModel.setLoadedDate(new Date());
            tSLValidationModel.setSha256FileContent(getSHA256(tSLLoaderResult.getContent()));
            tSLValidationModel.setFilepath(storeOnFileSystem(tSLLoaderResult.getCountryCode(), tSLLoaderResult));
            LOG.info("New version of {} TSL is stored in cache", tSLLoaderResult.getCountryCode());
        }
        this.tsls.put(tSLLoaderResult.getCountryCode(), tSLValidationModel);
        return tSLValidationModel;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public TSLValidationModel storePivotInCache(TSLLoaderResult tSLLoaderResult) {
        TSLValidationModel tSLValidationModel = new TSLValidationModel();
        tSLValidationModel.setUrl(tSLLoaderResult.getUrl());
        if (Utils.isArrayNotEmpty(tSLLoaderResult.getContent())) {
            tSLValidationModel.setSha256FileContent(getSHA256(tSLLoaderResult.getContent()));
            tSLValidationModel.setLoadedDate(new Date());
            tSLValidationModel.setFilepath(storeOnFileSystem(tSLLoaderResult.getUrl().replaceAll("\\W", "_"), tSLLoaderResult));
            LOG.info("New version of the pivot LOTL '{}' is stored in cache", tSLLoaderResult.getUrl());
        }
        this.pivots.put(tSLLoaderResult.getUrl(), tSLValidationModel);
        return tSLValidationModel;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addParsedResultFromCacheToMap(TSLParserResult tSLParserResult) {
        TSLValidationModel tSLValidationModel = new TSLValidationModel();
        String territory = tSLParserResult.getTerritory();
        String filePath = getFilePath(territory);
        tSLValidationModel.setFilepath(filePath);
        try {
            FileInputStream fileInputStream = new FileInputStream(filePath);
            Throwable th = null;
            try {
                try {
                    tSLValidationModel.setSha256FileContent(getSHA256(Utils.toByteArray(fileInputStream)));
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                } finally {
                }
            } finally {
            }
        } catch (Exception e) {
            LOG.error("Unable to read '{}' : {}", filePath, e.getMessage());
        }
        tSLValidationModel.setParseResult(tSLParserResult);
        tSLValidationModel.setCertificateSourceSynchronized(false);
        this.tsls.put(territory, tSLValidationModel);
    }

    private String storeOnFileSystem(String str, TSLLoaderResult tSLLoaderResult) {
        ensureCacheDirectoryExists();
        String filePath = getFilePath(str);
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(new File(filePath));
            Throwable th = null;
            try {
                try {
                    Utils.write(tSLLoaderResult.getContent(), fileOutputStream);
                    if (fileOutputStream != null) {
                        if (0 != 0) {
                            try {
                                fileOutputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileOutputStream.close();
                        }
                    }
                    return filePath;
                } finally {
                }
            } finally {
            }
        } catch (Exception e) {
            throw new DSSException("Cannot create file in cache : " + e.getMessage(), e);
        }
    }

    private void ensureCacheDirectoryExists() {
        File file = new File(this.cacheDirectoryPath);
        if (file.exists() && file.isDirectory()) {
            return;
        }
        file.mkdirs();
    }

    private String getFilePath(String str) {
        return this.cacheDirectoryPath + str + ".xml";
    }

    private String getSHA256(byte[] bArr) {
        return DatatypeConverter.printBase64Binary(DSSUtils.digest(DigestAlgorithm.SHA256, bArr));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<File> getStoredFiles() {
        ensureCacheDirectoryExists();
        return Arrays.asList(new File(this.cacheDirectoryPath).listFiles(new IgnorePivotFilenameFilter()));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void synchronize() {
        if (this.trustedListsCertificateSource != null) {
            Map<String, TSLValidationModel> allMapTSLValidationModels = getAllMapTSLValidationModels();
            if (isRefreshRequired()) {
                LOG.info("Synchronizing the trustedListsCertificateSource...");
                Map<CertificateToken, List<ServiceInfo>> servicesByCert = getServicesByCert(allMapTSLValidationModels.values());
                this.trustedListsCertificateSource.reinit();
                for (Map.Entry<CertificateToken, List<ServiceInfo>> entry : servicesByCert.entrySet()) {
                    this.trustedListsCertificateSource.addCertificate(entry.getKey(), entry.getValue());
                }
                for (Map.Entry<String, TSLValidationModel> entry2 : allMapTSLValidationModels.entrySet()) {
                    String key = entry2.getKey();
                    TSLValidationModel value = entry2.getValue();
                    value.setCertificateSourceSynchronized(true);
                    this.trustedListsCertificateSource.updateTlInfo(key, getTlInfo(key, value));
                }
                Iterator<TSLValidationModel> it = this.pivots.values().iterator();
                while (it.hasNext()) {
                    it.next().setCertificateSourceSynchronized(true);
                }
                LOG.info("Synchronization of the trustedListsCertificateSource : done");
            }
            LOG.info("Nb of loaded trusted lists : {}/{}", Integer.valueOf(getNbParsed(allMapTSLValidationModels.values())), Integer.valueOf(allMapTSLValidationModels.size()));
            LOG.info("Nb of trusted certificates : {}", Integer.valueOf(this.trustedListsCertificateSource.getNumberOfCertificates()));
            LOG.info("Nb of trusted public keys : {}", Integer.valueOf(this.trustedListsCertificateSource.getNumberOfTrustedPublicKeys()));
        }
    }

    private int getNbParsed(Collection<TSLValidationModel> collection) {
        int i = 0;
        Iterator<TSLValidationModel> it = collection.iterator();
        while (it.hasNext()) {
            if (it.next().getParseResult() != null) {
                i++;
            }
        }
        return i;
    }

    private boolean isRefreshRequired() {
        Iterator<TSLValidationModel> it = this.tsls.values().iterator();
        while (it.hasNext()) {
            if (!it.next().isCertificateSourceSynchronized()) {
                return true;
            }
        }
        Iterator<TSLValidationModel> it2 = this.pivots.values().iterator();
        while (it2.hasNext()) {
            if (!it2.next().isCertificateSourceSynchronized()) {
                return true;
            }
        }
        return false;
    }

    private Map<CertificateToken, List<ServiceInfo>> getServicesByCert(Collection<TSLValidationModel> collection) {
        HashMap hashMap = new HashMap();
        for (TSLValidationModel tSLValidationModel : collection) {
            TSLParserResult parseResult = tSLValidationModel.getParseResult();
            if (parseResult != null) {
                List<TSLServiceProvider> serviceProviders = parseResult.getServiceProviders();
                String territory = parseResult.getTerritory();
                for (TSLServiceProvider tSLServiceProvider : serviceProviders) {
                    for (TSLService tSLService : tSLServiceProvider.getServices()) {
                        ServiceInfo serviceInfo = getServiceInfo(tSLServiceProvider, tSLService, territory);
                        for (CertificateToken certificateToken : tSLService.getCertificates()) {
                            List list = (List) hashMap.get(certificateToken);
                            if (list == null) {
                                list = new ArrayList();
                                hashMap.put(certificateToken, list);
                            }
                            list.add(serviceInfo);
                        }
                    }
                }
            } else {
                LOG.warn("Url '{}' is not synchronized", tSLValidationModel.getUrl());
            }
        }
        return hashMap;
    }

    private TLInfo getTlInfo(String str, TSLValidationModel tSLValidationModel) {
        TLInfo tLInfo = new TLInfo();
        tLInfo.setCountryCode(str);
        tLInfo.setUrl(tSLValidationModel.getUrl());
        tLInfo.setLastLoading(tSLValidationModel.getLoadedDate());
        tLInfo.setLotl(tSLValidationModel.isLotl());
        TSLParserResult parseResult = tSLValidationModel.getParseResult();
        if (parseResult != null) {
            tLInfo.setIssueDate(parseResult.getIssueDate());
            tLInfo.setNextUpdate(parseResult.getNextUpdateDate());
            tLInfo.setSequenceNumber(parseResult.getSequenceNumber());
            tLInfo.setVersion(parseResult.getVersion());
            int i = 0;
            int i2 = 0;
            int i3 = 0;
            List<TSLServiceProvider> serviceProviders = parseResult.getServiceProviders();
            if (serviceProviders != null) {
                i = serviceProviders.size();
                Iterator<TSLServiceProvider> it = serviceProviders.iterator();
                while (it.hasNext()) {
                    List<TSLService> services = it.next().getServices();
                    if (services != null) {
                        i2 += services.size();
                        Iterator<TSLService> it2 = services.iterator();
                        while (it2.hasNext()) {
                            i3 += Utils.collectionSize(it2.next().getCertificates());
                        }
                    }
                }
            }
            tLInfo.setNbServiceProviders(i);
            tLInfo.setNbServices(i2);
            tLInfo.setNbCertificates(i3);
        }
        TSLValidationResult validationResult = tSLValidationModel.getValidationResult();
        if (validationResult != null) {
            tLInfo.setWellSigned(validationResult.isValid());
        }
        return tLInfo;
    }

    private ServiceInfo getServiceInfo(TSLServiceProvider tSLServiceProvider, TSLService tSLService, String str) {
        ServiceInfo serviceInfo = new ServiceInfo();
        serviceInfo.setTspName(tSLServiceProvider.getName());
        serviceInfo.setTspTradeName(tSLServiceProvider.getTradeName());
        serviceInfo.setTspRegistrationIdentifier(tSLServiceProvider.getRegistrationIdentifier());
        serviceInfo.setTspPostalAddress(tSLServiceProvider.getPostalAddress());
        serviceInfo.setTspElectronicAddress(tSLServiceProvider.getElectronicAddress());
        MutableTimeDependentValues mutableTimeDependentValues = new MutableTimeDependentValues();
        TimeDependentValues<TSLServiceStatusAndInformationExtensions> statusAndInformationExtensions = tSLService.getStatusAndInformationExtensions();
        if (statusAndInformationExtensions != null) {
            Iterator it = statusAndInformationExtensions.iterator();
            while (it.hasNext()) {
                TSLServiceStatusAndInformationExtensions tSLServiceStatusAndInformationExtensions = (TSLServiceStatusAndInformationExtensions) it.next();
                mutableTimeDependentValues.addOldest(new ServiceInfoStatus(tSLServiceStatusAndInformationExtensions.getName(), tSLServiceStatusAndInformationExtensions.getType(), tSLServiceStatusAndInformationExtensions.getStatus(), getMapConditionsByQualifier(tSLServiceStatusAndInformationExtensions), tSLServiceStatusAndInformationExtensions.getAdditionalServiceInfoUris(), tSLServiceStatusAndInformationExtensions.getServiceSupplyPoints(), tSLServiceStatusAndInformationExtensions.getExpiredCertsRevocationInfo(), tSLServiceStatusAndInformationExtensions.getStartDate(), tSLServiceStatusAndInformationExtensions.getEndDate()));
            }
        }
        serviceInfo.setStatus(mutableTimeDependentValues);
        serviceInfo.setTlCountryCode(str);
        return serviceInfo;
    }

    private Map<String, List<Condition>> getMapConditionsByQualifier(TSLServiceStatusAndInformationExtensions tSLServiceStatusAndInformationExtensions) {
        List<TSLConditionsForQualifiers> conditionsForQualifiers = tSLServiceStatusAndInformationExtensions.getConditionsForQualifiers();
        HashMap hashMap = new HashMap();
        if (conditionsForQualifiers != null) {
            for (TSLConditionsForQualifiers tSLConditionsForQualifiers : conditionsForQualifiers) {
                Condition condition = tSLConditionsForQualifiers.getCondition();
                for (String str : tSLConditionsForQualifiers.getQualifiers()) {
                    List list = (List) hashMap.get(str);
                    if (list == null) {
                        list = new ArrayList();
                        hashMap.put(str, list);
                    }
                    list.add(condition);
                }
            }
        }
        return hashMap;
    }

    public Map<String, TLInfo> getSummary() {
        return this.trustedListsCertificateSource != null ? Collections.unmodifiableMap(new TreeMap(this.trustedListsCertificateSource.getSummary())) : Collections.emptyMap();
    }
}
