package org.nhindirect.config.store;

import java.io.ByteArrayInputStream;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Locale;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.Lob;
import javax.persistence.ManyToOne;
import javax.persistence.Table;
import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import javax.xml.bind.annotation.XmlTransient;

@Table(name = "trustbundleanchor")
@Entity
/* loaded from: input_file:WEB-INF/lib/config-store-1.6.jar:org/nhindirect/config/store/TrustBundleAnchor.class */
public class TrustBundleAnchor {
    private long id;
    private TrustBundle trustBundle;
    private byte[] anchorData;
    private String thumbprint;
    private Calendar validStartDate;
    private Calendar validEndDate;

    @Id
    @Column(name = "id", nullable = false)
    @GeneratedValue(strategy = GenerationType.AUTO)
    public long getId() {
        return this.id;
    }

    public void setId(long j) {
        this.id = j;
    }

    @Column(name = "thumbprint", nullable = false)
    public String getThumbprint() {
        return this.thumbprint;
    }

    public void setThumbprint(String str) {
        this.thumbprint = str;
    }

    @ManyToOne(optional = false, fetch = FetchType.EAGER)
    @JoinColumn(name = "trustBundleId")
    @XmlTransient
    public TrustBundle getTrustBundle() {
        return this.trustBundle;
    }

    public void setTrustBundle(TrustBundle trustBundle) {
        this.trustBundle = trustBundle;
    }

    @Column(name = "anchorData", length = 4096, nullable = false)
    @Lob
    public byte[] getData() {
        return this.anchorData;
    }

    public void setData(byte[] bArr) throws CertificateException {
        this.anchorData = bArr;
        if (bArr == Certificate.NULL_CERT) {
            setThumbprint("");
        } else {
            loadCertFromData();
        }
    }

    @Temporal(TemporalType.TIMESTAMP)
    @Column(name = "validStartDate", nullable = false)
    public Calendar getValidStartDate() {
        return this.validStartDate;
    }

    public void setValidStartDate(Calendar calendar) {
        this.validStartDate = calendar;
    }

    @Temporal(TemporalType.TIMESTAMP)
    @Column(name = "validEndDate", nullable = false)
    public Calendar getValidEndDate() {
        return this.validEndDate;
    }

    public void setValidEndDate(Calendar calendar) {
        this.validEndDate = calendar;
    }

    private X509Certificate loadCertFromData() throws CertificateException {
        try {
            validate();
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.anchorData);
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
            setThumbprint(Thumbprint.toThumbprint(x509Certificate).toString());
            Calendar calendar = Calendar.getInstance(Locale.getDefault());
            calendar.setTime(x509Certificate.getNotAfter());
            Calendar calendar2 = Calendar.getInstance(Locale.getDefault());
            calendar2.setTime(x509Certificate.getNotBefore());
            setValidEndDate(calendar);
            setValidStartDate(calendar2);
            byteArrayInputStream.close();
            return x509Certificate;
        } catch (Exception e) {
            setData(Certificate.NULL_CERT);
            throw new CertificateException("Data cannot be converted to a valid X.509 Certificate", e);
        }
    }

    public X509Certificate toCertificate() throws CertificateException {
        try {
            validate();
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.anchorData);
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
            byteArrayInputStream.close();
            return x509Certificate;
        } catch (Exception e) {
            throw new CertificateException("Data cannot be converted to a valid X.509 Certificate", e);
        }
    }

    private boolean hasData() {
        return (this.anchorData == null || this.anchorData.equals(Certificate.NULL_CERT)) ? false : true;
    }

    public void validate() throws CertificateException {
        if (!hasData()) {
            throw new CertificateException("Invalid Certificate: no certificate data exists");
        }
    }
}
