package org.xipki.ca.dbtool.port.ocsp;

import java.io.File;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.util.Iterator;
import java.util.StringTokenizer;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.zip.ZipFile;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.asn1.x509.TBSCertificate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.ca.dbtool.jaxb.ocsp.CertStoreType;
import org.xipki.ca.dbtool.jaxb.ocsp.IssuerType;
import org.xipki.ca.dbtool.port.DbPortFileNameIterator;
import org.xipki.ca.dbtool.port.DbPorter;
import org.xipki.ca.dbtool.xmlio.ocsp.OcspCertType;
import org.xipki.ca.dbtool.xmlio.ocsp.OcspCertsReader;
import org.xipki.common.ProcessLog;
import org.xipki.common.util.Base64;
import org.xipki.common.util.IoUtil;
import org.xipki.common.util.ParamUtil;
import org.xipki.common.util.XmlUtil;
import org.xipki.datasource.DataSourceWrapper;
import org.xipki.datasource.springframework.dao.DataAccessException;
import org.xipki.security.util.X509Util;

/* loaded from: input_file:org/xipki/ca/dbtool/port/ocsp/OcspCertStoreDbImporter.class */
class OcspCertStoreDbImporter extends AbstractOcspCertStoreDbImporter {
    private static final Logger LOG = LoggerFactory.getLogger(OcspCertStoreDbImporter.class);
    private final Unmarshaller unmarshaller;
    private final boolean resume;
    private final int numCertsPerCommit;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OcspCertStoreDbImporter(DataSourceWrapper dataSourceWrapper, Unmarshaller unmarshaller, String str, int i, boolean z, AtomicBoolean atomicBoolean, boolean z2) throws Exception {
        super(dataSourceWrapper, str, atomicBoolean, z2);
        this.unmarshaller = (Unmarshaller) ParamUtil.requireNonNull("unmarshaller", unmarshaller);
        this.numCertsPerCommit = ParamUtil.requireMin("numCertsPerCommit", i, 1);
        File file = new File(this.baseDir, DbPorter.IMPORT_PROCESS_LOG_FILENAME);
        if (z) {
            if (!file.exists()) {
                throw new Exception("could not process with '--resume' option");
            }
        } else if (file.exists()) {
            throw new Exception("please either specify '--resume' option or delete the file " + file.getPath() + " first");
        }
        this.resume = z;
    }

    public void importToDb() throws Exception {
        try {
            CertStoreType certStoreType = (CertStoreType) ((JAXBElement) this.unmarshaller.unmarshal(new File(this.baseDir + File.separator + DbPorter.FILENAME_OCSP_CERTSTORE))).getValue();
            if (certStoreType.getVersion() > 1) {
                throw new Exception("could not import CertStore greater than 1: " + certStoreType.getVersion());
            }
            File file = new File(this.baseDir, DbPorter.IMPORT_PROCESS_LOG_FILENAME);
            System.out.println("importing OCSP certstore to database");
            try {
                if (!this.resume) {
                    dropIndexes();
                    importIssuer(certStoreType.getIssuers());
                }
                importCert(certStoreType, file);
                recoverIndexes();
                file.delete();
                System.out.println(" imported OCSP certstore to database");
            } catch (Exception e) {
                System.err.println("could not import OCSP certstore to database");
                throw e;
            }
        } catch (JAXBException e2) {
            throw XmlUtil.convert(e2);
        }
    }

    private void importIssuer(CertStoreType.Issuers issuers) throws DataAccessException, CertificateException, IOException {
        System.out.println("importing table ISSUER");
        PreparedStatement prepareStatement = prepareStatement("INSERT INTO ISSUER (ID,SUBJECT,NBEFORE,NAFTER,S1C,REV,RR,RT,RIT,CERT) VALUES (?,?,?,?,?,?,?,?,?,?)");
        try {
            Iterator<IssuerType> it = issuers.getIssuer().iterator();
            while (it.hasNext()) {
                importIssuer0(it.next(), prepareStatement);
            }
            System.out.println(" imported table ISSUER");
        } finally {
            releaseResources(prepareStatement, null);
        }
    }

    private void importIssuer0(IssuerType issuerType, PreparedStatement preparedStatement) throws DataAccessException, CertificateException, IOException {
        try {
            String str = new String(IoUtil.read(new File(this.baseDir, issuerType.getCertFile())));
            byte[] decode = Base64.decode(str);
            try {
                Certificate certificate = Certificate.getInstance(decode);
                int i = 1 + 1;
                preparedStatement.setInt(1, issuerType.getId());
                int i2 = i + 1;
                preparedStatement.setString(i, X509Util.cutX500Name(certificate.getSubject(), this.maxX500nameLen));
                int i3 = i2 + 1;
                preparedStatement.setLong(i2, certificate.getTBSCertificate().getStartDate().getDate().getTime() / 1000);
                int i4 = i3 + 1;
                preparedStatement.setLong(i3, certificate.getTBSCertificate().getEndDate().getDate().getTime() / 1000);
                int i5 = i4 + 1;
                preparedStatement.setString(i4, sha1(decode));
                int i6 = i5 + 1;
                setBoolean(preparedStatement, i5, issuerType.isRevoked());
                int i7 = i6 + 1;
                setInt(preparedStatement, i6, issuerType.getRevReason());
                int i8 = i7 + 1;
                setLong(preparedStatement, i7, issuerType.getRevTime());
                int i9 = i8 + 1;
                setLong(preparedStatement, i8, issuerType.getRevInvTime());
                int i10 = i9 + 1;
                preparedStatement.setString(i9, str);
                preparedStatement.execute();
            } catch (Exception e) {
                LOG.error("could not parse certificate of issuer {}", Integer.valueOf(issuerType.getId()));
                LOG.debug("could not parse certificate of issuer " + issuerType.getId(), e);
                if (!(e instanceof CertificateException)) {
                    throw new CertificateException(e.getMessage(), e);
                }
                throw ((CertificateException) e);
            }
        } catch (CertificateException e2) {
            System.err.println("could not import issuer with id=" + issuerType.getId());
            throw e2;
        } catch (SQLException e3) {
            System.err.println("could not import issuer with id=" + issuerType.getId());
            throw translate("INSERT INTO ISSUER (ID,SUBJECT,NBEFORE,NAFTER,S1C,REV,RR,RT,RIT,CERT) VALUES (?,?,?,?,?,?,?,?,?,?)", e3);
        }
    }

    private void importCert(CertStoreType certStoreType, File file) throws Exception {
        byte[] read;
        int i = 0;
        long j = 1;
        if (file.exists() && (read = IoUtil.read(file)) != null && read.length > 2) {
            String str = new String(read);
            if (str.trim().equalsIgnoreCase("certs.finished")) {
                return;
            }
            StringTokenizer stringTokenizer = new StringTokenizer(str, ":");
            i = Integer.parseInt(stringTokenizer.nextToken());
            j = Long.parseLong(stringTokenizer.nextToken()) + 1;
        }
        deleteCertGreatherThan(j - 1, LOG);
        ProcessLog processLog = new ProcessLog(certStoreType.getCountCerts() - i);
        System.out.println(importingText() + "certificates from ID " + j);
        processLog.printHeader();
        PreparedStatement prepareStatement = prepareStatement("INSERT INTO CERT (ID,IID,SN,LUPDATE,NBEFORE,NAFTER,REV,RR,RT,RIT,PN) VALUES (?,?,?,?,?,?,?,?,?,?,?)");
        PreparedStatement prepareStatement2 = prepareStatement("INSERT INTO CHASH (CID,S1,S224,S256,S384,S512) VALUES (?,?,?,?,?,?)");
        PreparedStatement prepareStatement3 = prepareStatement("INSERT INTO CRAW (CID,SUBJECT,CERT) VALUES (?,?,?)");
        DbPorter.OcspDbEntryType ocspDbEntryType = DbPorter.OcspDbEntryType.CERT;
        DbPortFileNameIterator dbPortFileNameIterator = new DbPortFileNameIterator(this.baseDir + File.separator + ocspDbEntryType.dirName() + ".mf");
        while (dbPortFileNameIterator.hasNext()) {
            try {
                String str2 = this.baseDir + File.separator + ocspDbEntryType.dirName() + File.separator + dbPortFileNameIterator.next();
                int indexOf = str2.indexOf(45);
                int indexOf2 = str2.indexOf(".zip");
                try {
                    if (indexOf == -1 || indexOf2 == -1) {
                        LOG.warn("invalid file name '{}', but will still be processed", str2);
                    } else {
                        try {
                        } catch (Exception e) {
                            LOG.warn("invalid file name '{}', but will still be processed", str2);
                        }
                        if (Long.parseLong(str2.substring(indexOf + 1, indexOf2)) < j) {
                        }
                    }
                    j = importCert0(prepareStatement, prepareStatement2, prepareStatement3, str2, j, file, processLog, i) + 1;
                } catch (Exception e2) {
                    System.err.println("\ncould not import certificates from file " + str2 + ".\nplease continue with the option '--resume'");
                    LOG.error("Exception", e2);
                    throw e2;
                }
            } finally {
                releaseResources(prepareStatement, null);
                releaseResources(prepareStatement2, null);
                releaseResources(prepareStatement3, null);
                dbPortFileNameIterator.close();
            }
        }
        processLog.printTrailer();
        echoToFile("certs.finished", file);
        System.out.println(importedText() + processLog.numProcessed() + " certificates");
    }

    private long importCert0(PreparedStatement preparedStatement, PreparedStatement preparedStatement2, PreparedStatement preparedStatement3, String str, long j, File file, ProcessLog processLog, int i) throws Exception {
        ZipFile zipFile = new ZipFile(new File(str));
        try {
            OcspCertsReader ocspCertsReader = new OcspCertsReader(zipFile.getInputStream(zipFile.getEntry("certs.xml")));
            disableAutoCommit();
            int i2 = 0;
            long j2 = 0;
            while (ocspCertsReader.hasNext()) {
                try {
                    if (this.stopMe.get()) {
                        throw new InterruptedException("interrupted by the user");
                    }
                    OcspCertType ocspCertType = (OcspCertType) ocspCertsReader.next();
                    long longValue = ocspCertType.id().longValue();
                    if (longValue >= j) {
                        i2++;
                        String file2 = ocspCertType.file();
                        byte[] read = IoUtil.read(zipFile.getInputStream(zipFile.getEntry(file2)));
                        try {
                            TBSCertificate tBSCertificate = Certificate.getInstance(read).getTBSCertificate();
                            try {
                                int i3 = 1 + 1;
                                preparedStatement.setLong(1, longValue);
                                int i4 = i3 + 1;
                                preparedStatement.setInt(i3, ocspCertType.iid().intValue());
                                int i5 = i4 + 1;
                                preparedStatement.setString(i4, tBSCertificate.getSerialNumber().getPositiveValue().toString(16));
                                int i6 = i5 + 1;
                                preparedStatement.setLong(i5, ocspCertType.update().longValue());
                                int i7 = i6 + 1;
                                preparedStatement.setLong(i6, tBSCertificate.getStartDate().getDate().getTime() / 1000);
                                int i8 = i7 + 1;
                                preparedStatement.setLong(i7, tBSCertificate.getEndDate().getDate().getTime() / 1000);
                                int i9 = i8 + 1;
                                setBoolean(preparedStatement, i8, ocspCertType.rev().booleanValue());
                                int i10 = i9 + 1;
                                setInt(preparedStatement, i9, ocspCertType.rr());
                                int i11 = i10 + 1;
                                setLong(preparedStatement, i10, ocspCertType.rt());
                                int i12 = i11 + 1;
                                setLong(preparedStatement, i11, ocspCertType.rit());
                                int i13 = i12 + 1;
                                preparedStatement.setString(i12, ocspCertType.profile());
                                preparedStatement.addBatch();
                                try {
                                    int i14 = 1 + 1;
                                    preparedStatement2.setLong(1, ocspCertType.id().longValue());
                                    int i15 = i14 + 1;
                                    preparedStatement2.setString(i14, sha1(read));
                                    int i16 = i15 + 1;
                                    preparedStatement2.setString(i15, sha224(read));
                                    int i17 = i16 + 1;
                                    preparedStatement2.setString(i16, sha256(read));
                                    int i18 = i17 + 1;
                                    preparedStatement2.setString(i17, sha384(read));
                                    int i19 = i18 + 1;
                                    preparedStatement2.setString(i18, sha512(read));
                                    preparedStatement2.addBatch();
                                    try {
                                        int i20 = 1 + 1;
                                        preparedStatement3.setLong(1, ocspCertType.id().longValue());
                                        int i21 = i20 + 1;
                                        preparedStatement3.setString(i20, X509Util.cutX500Name(tBSCertificate.getSubject(), this.maxX500nameLen));
                                        int i22 = i21 + 1;
                                        preparedStatement3.setString(i21, Base64.encodeToString(read));
                                        preparedStatement3.addBatch();
                                        boolean z = !ocspCertsReader.hasNext();
                                        if (i2 > 0 && (i2 % this.numCertsPerCommit == 0 || z)) {
                                            if (this.evaulateOnly) {
                                                preparedStatement.clearBatch();
                                                preparedStatement2.clearBatch();
                                                preparedStatement3.clearBatch();
                                            } else {
                                                String str2 = null;
                                                try {
                                                    preparedStatement.executeBatch();
                                                    preparedStatement2.executeBatch();
                                                    preparedStatement3.executeBatch();
                                                    str2 = null;
                                                    commit("(commit import cert to OCSP)");
                                                } catch (Throwable th) {
                                                    rollback();
                                                    deleteCertGreatherThan(j2, LOG);
                                                    if (th instanceof SQLException) {
                                                        throw translate(str2, (SQLException) th);
                                                    }
                                                    if (th instanceof Exception) {
                                                        throw ((Exception) th);
                                                    }
                                                    throw new Exception(th);
                                                }
                                            }
                                            j2 = longValue;
                                            processLog.addNumProcessed(i2);
                                            i2 = 0;
                                            echoToFile((i + processLog.numProcessed()) + ":" + j2, file);
                                            processLog.printStatus();
                                        }
                                    } catch (SQLException e) {
                                        throw translate("INSERT INTO CRAW (CID,SUBJECT,CERT) VALUES (?,?,?)", e);
                                    }
                                } catch (SQLException e2) {
                                    throw translate("INSERT INTO CHASH (CID,S1,S224,S256,S384,S512) VALUES (?,?,?,?,?,?)", e2);
                                }
                            } catch (SQLException e3) {
                                throw translate("INSERT INTO CERT (ID,IID,SN,LUPDATE,NBEFORE,NAFTER,REV,RR,RT,RIT,PN) VALUES (?,?,?,?,?,?,?,?,?,?,?)", e3);
                            }
                        } catch (RuntimeException e4) {
                            LOG.error("could not parse certificate in file {}", file2);
                            LOG.debug("could not parse certificate in file " + file2, e4);
                            throw new CertificateException(e4.getMessage(), e4);
                        }
                    }
                } finally {
                    recoverAutoCommit();
                    zipFile.close();
                }
            }
            return j2;
        } catch (Exception e5) {
            try {
                zipFile.close();
            } catch (Exception e6) {
                LOG.error("could not close ZIP file {}: {}", str, e6.getMessage());
                LOG.debug("could not close ZIP file " + str, e6);
            }
            throw e5;
        }
    }
}
