package com.prosysopc.ua.stack.cert;

import com.prosysopc.ua.stack.transport.security.g;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.CopyOnWriteArraySet;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/prosysopc/ua/stack/cert/d.class */
public class d implements a {
    private static final Logger cMR = LoggerFactory.getLogger((Class<?>) d.class);
    private static final String cMS = ".der";
    private static final String cMT = "0123456789ABCDEF";
    private final Map<String, g> cMU;
    private final Map<String, g> cMV;
    private final Set<X509CRL> cMW;
    private final Map<g, String> cMX;
    private final File cMY;
    private final File cMZ;
    private final File cNa;
    private final File cNb;
    private boolean cNc;
    private final List<b> cNd;

    public d() {
        this("PKI/CA", "certs", "rejected", "crl");
    }

    public d(String str) {
        this(str, "certs", "rejected", "crl");
    }

    public d(String str, String str2, String str3, String str4) {
        this.cMU = new ConcurrentHashMap();
        this.cMV = new ConcurrentHashMap();
        this.cMW = new CopyOnWriteArraySet();
        this.cMX = new ConcurrentHashMap();
        this.cNc = true;
        this.cNd = new ArrayList();
        this.cMY = new File(str);
        this.cNb = new File(str, str2);
        this.cNa = new File(str, str3);
        this.cMZ = new File(str, str4);
        init();
    }

    @Override // com.prosysopc.ua.stack.cert.a
    public void a(ValidationResult validationResult, g gVar) {
        if (validationResult == null) {
            throw new IllegalArgumentException("type cannot be null");
        }
        if (gVar == null) {
            throw new IllegalArgumentException("certificate cannot be null");
        }
        switch (validationResult) {
            case AcceptPermanently:
                g(gVar);
                return;
            case AcceptOnce:
                if (this.cNc) {
                    f(gVar);
                    return;
                }
                return;
            case Reject:
                f(gVar);
                return;
            default:
                throw new IllegalArgumentException("encountered unknown type parameter: " + validationResult);
        }
    }

    public void a(b bVar) {
        if (bVar == null || this.cNd.contains(bVar)) {
            return;
        }
        this.cNd.add(bVar);
    }

    public synchronized void f(g gVar) {
        a(this.cMU, this.cNa, gVar);
        b(this.cMV, this.cNb, gVar);
        cMR.info("Certificate '{}' added to rejected certificates.", k(gVar));
        i(gVar);
    }

    public synchronized void b(X509CRL x509crl) {
        this.cMW.add(x509crl);
        c(x509crl);
    }

    public synchronized void g(g gVar) {
        cMR.debug("addTrustedCertificate");
        a(this.cMV, this.cNb, gVar);
        b(this.cMU, this.cNa, gVar);
        cMR.info("Certificate '{}' added to trusted certificates.", k(gVar));
        j(gVar);
    }

    public synchronized void T(boolean z) {
        if (z) {
            for (File file : this.cNb.listFiles()) {
                file.delete();
            }
            for (File file2 : this.cNa.listFiles()) {
                file2.delete();
            }
            for (File file3 : this.cMZ.listFiles()) {
                file3.delete();
            }
        }
        this.cMV.clear();
        this.cMU.clear();
        this.cMX.clear();
    }

    public File cCg() {
        return this.cMY;
    }

    public File h(g gVar) {
        if (gVar == null) {
            return null;
        }
        if (this.cMV.containsKey(k(gVar))) {
            return a(this.cNb, gVar);
        }
        if (this.cMU.containsKey(k(gVar))) {
            return a(this.cNa, gVar);
        }
        return null;
    }

    @Override // com.prosysopc.ua.stack.cert.a
    public synchronized Set<g> cBY() {
        init();
        HashSet hashSet = new HashSet();
        Iterator<Map.Entry<String, g>> it = this.cMU.entrySet().iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getValue());
        }
        return Collections.unmodifiableSet(hashSet);
    }

    public File cCh() {
        return this.cNa;
    }

    public File cCi() {
        return this.cMZ;
    }

    @Override // com.prosysopc.ua.stack.cert.a
    public synchronized Set<X509CRL> cBZ() {
        init();
        HashSet hashSet = new HashSet();
        Iterator<X509CRL> it = this.cMW.iterator();
        while (it.hasNext()) {
            hashSet.add(it.next());
        }
        return Collections.unmodifiableSet(hashSet);
    }

    @Override // com.prosysopc.ua.stack.cert.a
    public synchronized Set<g> cCa() {
        init();
        HashSet hashSet = new HashSet();
        Iterator<Map.Entry<String, g>> it = this.cMV.entrySet().iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getValue());
        }
        return Collections.unmodifiableSet(hashSet);
    }

    public File cCj() {
        return this.cNb;
    }

    public boolean cCk() {
        return this.cNc;
    }

    public synchronized void cCl() {
        init();
    }

    public void b(b bVar) {
        if (bVar != null) {
            this.cNd.remove(bVar);
        }
    }

    public void U(boolean z) {
        this.cNc = z;
    }

    private void i(g gVar) {
        Iterator<b> it = this.cNd.iterator();
        while (it.hasNext()) {
            it.next().a(gVar);
        }
    }

    private void c(X509CRL x509crl) {
        Iterator<b> it = this.cNd.iterator();
        while (it.hasNext()) {
            it.next().a(x509crl);
        }
    }

    private void j(g gVar) {
        Iterator<b> it = this.cNd.iterator();
        while (it.hasNext()) {
            it.next().b(gVar);
        }
    }

    private String k(g gVar) {
        return e(gVar.fvA());
    }

    private File a(File file, g gVar) {
        String str = this.cMX.get(gVar);
        return str != null ? new File(file, str) : new File(file, k(gVar) + ".der");
    }

    private String e(byte[] bArr) {
        if (bArr == null) {
            return null;
        }
        StringBuilder sb = new StringBuilder(2 * bArr.length);
        for (byte b : bArr) {
            sb.append(cMT.charAt((b & 240) >> 4)).append(cMT.charAt(b & 15));
        }
        return sb.toString();
    }

    private synchronized void init() {
        T(false);
        a(this.cMV, this.cNb, this.cMU);
        a(this.cMU, this.cNa, this.cMV);
        cCm();
    }

    private void a(Map<String, g> map, File file, Map<String, g> map2) {
        if (!file.exists()) {
            file.mkdirs();
        }
        if (file.isDirectory()) {
            for (File file2 : file.listFiles()) {
                try {
                    g c = g.c(file2);
                    this.cMX.put(c, file2.getName());
                    a(map, file, c);
                    cMR.debug("Initialized cert from file: {}", file2);
                    if (map2 != null) {
                        map2.remove(k(c));
                    }
                } catch (IOException e) {
                    cMR.info("File '{}' is not a certificate: {}", file2, e.getMessage());
                } catch (CertificateException e2) {
                    cMR.info("File '{}' is not a valid certificate: {}", file2, e2.getMessage());
                }
            }
        }
    }

    private void b(File file) {
        try {
            X509CRL x509crl = (X509CRL) CertificateFactory.getInstance("X.509").generateCRL(new FileInputStream(file));
            this.cMW.add(x509crl);
            cMR.info("CRL initialized from " + file + ": " + (x509crl.getRevokedCertificates() == null ? "no revoked certificates" : x509crl.getRevokedCertificates().size() + " certificates revoked"));
        } catch (Exception e) {
            cMR.warn("Could not read CRL file {: {}", file, e.getMessage());
        }
    }

    private void cCm() {
        if (!this.cMZ.exists()) {
            this.cMZ.mkdirs();
        }
        if (!this.cMZ.isDirectory()) {
            cMR.warn("revocationDir: {} is not a directory", this.cMZ.getAbsolutePath());
            return;
        }
        for (File file : this.cMZ.listFiles()) {
            if (file.getName().endsWith(".crl")) {
                b(file);
            } else {
                cMR.warn("Revocation folder contains something else than .crl file, found: {}", file.getAbsolutePath());
            }
        }
    }

    private void a(Map<String, g> map, File file, g gVar) {
        String k = k(gVar);
        cMR.debug("listAdd: cert={}; dir={}", k, file);
        if (!map.containsKey(k)) {
            try {
                File a = a(file, gVar);
                if (!a.exists()) {
                    gVar.d(a);
                }
            } catch (IOException e) {
                cMR.error("Cannot write to directory " + file, (Throwable) e);
            }
            map.put(k, gVar);
        }
        cMR.debug("certificates.size()={}", Integer.valueOf(map.size()));
    }

    private void b(Map<String, g> map, File file, g gVar) {
        cMR.debug("removeCertificate: cert={} dir={}", k(gVar), file);
        cMR.debug("certificates.size()={}", Integer.valueOf(map.size()));
        a(file, gVar).delete();
        g remove = map.remove(k(gVar));
        if (cMR.isDebugEnabled()) {
            cMR.debug("c=" + (remove == null ? "null" : remove.fvA()));
            cMR.debug("certificates.size()={}", Integer.valueOf(map.size()));
        }
    }
}
