package org.xipki.ca.dbtool.diffdb;

import java.io.File;
import java.math.BigInteger;
import java.security.cert.X509Certificate;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.atomic.AtomicBoolean;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.ca.dbtool.DbToolBase;
import org.xipki.ca.dbtool.IdRange;
import org.xipki.ca.dbtool.diffdb.io.CaEntry;
import org.xipki.ca.dbtool.diffdb.io.CaEntryContainer;
import org.xipki.ca.dbtool.diffdb.io.DbDigestEntry;
import org.xipki.ca.dbtool.diffdb.io.DbSchemaType;
import org.xipki.ca.dbtool.diffdb.io.EjbcaCaCertExtractor;
import org.xipki.ca.dbtool.diffdb.io.EjbcaCaInfo;
import org.xipki.ca.dbtool.diffdb.io.EjbcaDigestExportReader;
import org.xipki.ca.dbtool.diffdb.io.IdentifiedDbDigestEntry;
import org.xipki.ca.dbtool.xmlio.IdentifidDbObjectType;
import org.xipki.common.ProcessLog;
import org.xipki.common.util.Base64;
import org.xipki.common.util.IoUtil;
import org.xipki.common.util.ParamUtil;
import org.xipki.datasource.DataSourceWrapper;
import org.xipki.security.util.X509Util;

/* loaded from: input_file:org/xipki/ca/dbtool/diffdb/EjbcaDigestExporter.class */
public class EjbcaDigestExporter extends DbToolBase implements DbDigestExporter {
    private static final Logger LOG = LoggerFactory.getLogger(EjbcaDigestExporter.class);
    private final int numCertsPerSelect;
    private final boolean tblCertHasId;
    private final String sql;
    private final String certSql;
    private final int numThreads;

    public EjbcaDigestExporter(DataSourceWrapper dataSourceWrapper, String str, AtomicBoolean atomicBoolean, int i, DbSchemaType dbSchemaType, int i2) throws Exception {
        super(dataSourceWrapper, str, atomicBoolean);
        this.numCertsPerSelect = ParamUtil.requireMin("numCertsPerSelect", i, 1);
        if (dbSchemaType != DbSchemaType.EJBCA_CA_v3) {
            throw new IllegalArgumentException("unsupported DbSchemaType " + dbSchemaType);
        }
        if (dataSourceWrapper.tableHasColumn(this.connection, "CertificateData", IdentifidDbObjectType.TAG_ID)) {
            this.tblCertHasId = true;
            this.sql = null;
            this.certSql = null;
            this.numThreads = Math.min(i2, dataSourceWrapper.maximumPoolSize() - 1);
        } else {
            String str2 = System.getenv("LANG");
            if (str2 == null) {
                throw new Exception("no environment LANG is set");
            }
            String lowerCase = str2.toLowerCase();
            if (!lowerCase.startsWith("en_") || !lowerCase.endsWith(".utf-8")) {
                throw new Exception(String.format("The environment LANG does not satisfy the pattern 'en_*.UTF-8': '%s'", str2));
            }
            String property = System.getProperty("os.name");
            if (!property.toLowerCase().contains("linux")) {
                throw new Exception(String.format("Exporting EJBCA database is only possible in Linux, but not '%s'", property));
            }
            this.tblCertHasId = false;
            this.sql = dataSourceWrapper.buildSelectFirstSql(i, "fingerprint ASC", "fingerprint,serialNumber,cAFingerprint,status,revocationReason, revocationDate FROM CertificateData WHERE fingerprint>?");
            this.certSql = "SELECT base64Cert FROM CertificateData WHERE fingerprint=?";
            this.numThreads = 1;
        }
        if (this.numThreads != i2) {
            LOG.info("adapted the numThreads from {} to {}", Integer.valueOf(i2), Integer.valueOf(this.numThreads));
        }
    }

    @Override // org.xipki.ca.dbtool.diffdb.DbDigestExporter
    public void digest() throws Exception {
        System.out.println("digesting database");
        ProcessLog processLog = new ProcessLog(count("CertificateData"));
        Map<String, EjbcaCaInfo> cas = getCas();
        HashSet hashSet = new HashSet(cas.size());
        for (EjbcaCaInfo ejbcaCaInfo : cas.values()) {
            hashSet.add(new CaEntry(ejbcaCaInfo.caId(), this.baseDir + File.separator + ejbcaCaInfo.caDirname()));
        }
        CaEntryContainer caEntryContainer = new CaEntryContainer(hashSet);
        Exception exc = null;
        try {
            try {
                if (this.tblCertHasId) {
                    digestWithTableId(new EjbcaDigestExportReader(this.datasource, cas, this.numThreads), processLog, caEntryContainer, cas);
                } else {
                    digestNoTableId(processLog, caEntryContainer, cas);
                }
                caEntryContainer.close();
            } catch (Exception e) {
                deleteTmpFiles(this.baseDir, "tmp-");
                System.err.println("\ndigesting process has been cancelled due to error");
                LOG.error("Exception", e);
                exc = e;
                caEntryContainer.close();
            }
            if (exc != null) {
                throw exc;
            }
            System.out.println(" digested database");
        } catch (Throwable th) {
            caEntryContainer.close();
            throw th;
        }
    }

    private Map<String, EjbcaCaInfo> getCas() throws Exception {
        HashMap hashMap = new HashMap();
        Statement statement = null;
        ResultSet resultSet = null;
        try {
            try {
                statement = createStatement();
                resultSet = statement.executeQuery("SELECT NAME,DATA FROM CAData");
                int i = 0;
                while (resultSet.next()) {
                    String string = resultSet.getString("NAME");
                    String string2 = resultSet.getString("DATA");
                    if (string != null && !string.isEmpty()) {
                        X509Certificate extractCaCert = EjbcaCaCertExtractor.extractCaCert(string2);
                        String asciiFilename = XipkiDigestExporter.toAsciiFilename("ca-" + X509Util.getCommonName(extractCaCert.getSubjectX500Principal()));
                        File file = new File(this.baseDir, asciiFilename);
                        int i2 = 2;
                        while (file.exists()) {
                            int i3 = i2;
                            i2++;
                            file = new File(this.baseDir, asciiFilename + "." + i3);
                        }
                        i++;
                        File file2 = new File(file, "ca.der");
                        file.mkdirs();
                        byte[] encoded = extractCaCert.getEncoded();
                        IoUtil.save(file2, encoded);
                        EjbcaCaInfo ejbcaCaInfo = new EjbcaCaInfo(i, encoded, file.getName());
                        hashMap.put(ejbcaCaInfo.hexSha1(), ejbcaCaInfo);
                    }
                }
                releaseResources(statement, resultSet);
                return hashMap;
            } catch (SQLException e) {
                throw translate("SELECT NAME,DATA FROM CAData", e);
            }
        } catch (Throwable th) {
            releaseResources(statement, resultSet);
            throw th;
        }
    }

    private void digestNoTableId(ProcessLog processLog, CaEntryContainer caEntryContainer, Map<String, EjbcaCaInfo> map) throws Exception {
        int i = 0;
        String hexString = Hex.toHexString(new byte[20]);
        System.out.println("digesting certificates from fingerprint (exclusive)\n\t" + hexString);
        PreparedStatement prepareStatement = prepareStatement(this.sql);
        PreparedStatement prepareStatement2 = prepareStatement(this.certSql);
        processLog.printHeader();
        int i2 = 0;
        try {
            boolean z = false;
            String str = hexString;
            while (true) {
                try {
                    if (this.stopMe.get()) {
                        z = true;
                        break;
                    }
                    prepareStatement.setString(1, str);
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    int i3 = 0;
                    while (executeQuery.next()) {
                        i2++;
                        i3++;
                        String string = executeQuery.getString("cAFingerprint");
                        str = executeQuery.getString("fingerprint");
                        EjbcaCaInfo ejbcaCaInfo = null;
                        if (!string.equals(str)) {
                            ejbcaCaInfo = map.get(string);
                        }
                        if (ejbcaCaInfo == null) {
                            LOG.debug("Found no CA by cAFingerprint, try to resolve by issuer");
                            prepareStatement2.setString(1, str);
                            ResultSet executeQuery2 = prepareStatement2.executeQuery();
                            if (executeQuery2.next()) {
                                Certificate certificate = Certificate.getInstance(Base64.decode(executeQuery2.getString("base64Cert")));
                                Iterator<EjbcaCaInfo> it = map.values().iterator();
                                while (true) {
                                    if (!it.hasNext()) {
                                        break;
                                    }
                                    EjbcaCaInfo next = it.next();
                                    if (next.subject().equals(certificate.getIssuer())) {
                                        ejbcaCaInfo = next;
                                        break;
                                    }
                                }
                            }
                            executeQuery2.close();
                        }
                        if (ejbcaCaInfo == null) {
                            LOG.error("found no CA for Cert with fingerprint '{}'", str);
                            i++;
                            processLog.addNumProcessed(1L);
                        } else {
                            String encodeToString = Base64.encodeToString(Hex.decode(str));
                            BigInteger bigInteger = new BigInteger(executeQuery.getString("serialNumber"));
                            int i4 = executeQuery.getInt("status");
                            boolean z2 = i4 == 40 || i4 == 30;
                            Integer num = null;
                            Long l = null;
                            if (z2) {
                                num = Integer.valueOf(executeQuery.getInt("revocationReason"));
                                l = Long.valueOf(executeQuery.getLong("revocationDate") / 1000);
                            }
                            caEntryContainer.addDigestEntry(ejbcaCaInfo.caId(), i2, new DbDigestEntry(bigInteger, z2, num, l, null, encodeToString));
                            processLog.addNumProcessed(1L);
                            processLog.printStatus();
                        }
                    }
                    executeQuery.close();
                    if (i3 == 0) {
                        break;
                    }
                } catch (SQLException e) {
                    throw translate(null, e);
                }
            }
            if (z) {
                throw new InterruptedException("interrupted by the user");
            }
            processLog.printTrailer();
            StringBuilder sb = new StringBuilder(200);
            sb.append(" digested ").append(processLog.numProcessed() - i).append(" certificates");
            if (i > 0) {
                sb.append(", ignored ").append(i).append(" certificates (see log for details)");
            }
            System.out.println(sb.toString());
        } finally {
            releaseResources(prepareStatement, null);
            releaseResources(prepareStatement2, null);
        }
    }

    private void digestWithTableId(EjbcaDigestExportReader ejbcaDigestExportReader, ProcessLog processLog, CaEntryContainer caEntryContainer, Map<String, EjbcaCaInfo> map) throws Exception {
        int min = (int) min("CertificateData", IdentifidDbObjectType.TAG_ID);
        int max = (int) max("CertificateData", IdentifidDbObjectType.TAG_ID);
        System.out.println("digesting certificates from id " + min);
        processLog.printHeader();
        ArrayList arrayList = new ArrayList(this.numThreads);
        int i = min;
        while (i <= max && !this.stopMe.get()) {
            arrayList.clear();
            for (int i2 = 0; i2 < this.numThreads; i2++) {
                int i3 = (i + this.numCertsPerSelect) - 1;
                arrayList.add(new IdRange(i, i3));
                i = i3 + 1;
                if (i > max) {
                    break;
                }
            }
            for (IdentifiedDbDigestEntry identifiedDbDigestEntry : ejbcaDigestExportReader.readCerts(arrayList)) {
                caEntryContainer.addDigestEntry(identifiedDbDigestEntry.caId().intValue(), identifiedDbDigestEntry.id(), identifiedDbDigestEntry.content());
            }
            processLog.addNumProcessed(r0.size());
            processLog.printStatus();
            if (0 != 0) {
                throw new InterruptedException("interrupted by the user");
            }
        }
        processLog.printTrailer();
        StringBuilder sb = new StringBuilder(200);
        sb.append(" digested ").append(processLog.numProcessed()).append(" certificates");
        int numSkippedCerts = ejbcaDigestExportReader.numSkippedCerts();
        if (numSkippedCerts > 0) {
            sb.append(", ignored ").append(numSkippedCerts).append(" certificates (see log for details)");
        }
        System.out.println(sb.toString());
    }
}
