package com.formosoft.jpki.x509.store;

import com.formosoft.jpki.InvalidFormatException;
import com.formosoft.jpki.asn1.ASN1ParseException;
import com.formosoft.jpki.asn1.DERInputStream;
import com.formosoft.jpki.extensions.CRLDistributionPoint;
import com.formosoft.jpki.pkcs7.PKCS7;
import com.formosoft.jpki.util.PEMReaders;
import com.formosoft.jpki.x500.X500Name;
import com.formosoft.jpki.x509.SequenceOfX509GeneralName;
import com.formosoft.jpki.x509.X509CRL;
import com.formosoft.jpki.x509.X509Certificate;
import com.formosoft.jpki.x509.X509Extension;
import formosoft.util.codec.DecoderException;
import java.io.FileInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.net.URL;
import java.net.URLConnection;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Set;

/* loaded from: input_file:com/formosoft/jpki/x509/store/X509Store.class */
public class X509Store {
    protected X509CertStore certStore;
    protected X509CRLStore crlStore;
    protected boolean enableCRLD;

    public X509Store() {
        this.enableCRLD = false;
        this.certStore = new X509CertStore();
        this.crlStore = new X509CRLStore();
    }

    public X509Store(Collection collection, Collection collection2) {
        this();
        if (collection != null) {
            this.certStore.add(collection);
        }
        if (collection2 != null) {
            this.crlStore.add(collection2);
        }
    }

    public X509Store(FileInputStream fileInputStream) throws InvalidFormatException, ASN1ParseException, IOException, DecoderException {
        this();
        PEMReaders pEMReaders = new PEMReaders(fileInputStream);
        while (pEMReaders.next()) {
            if (pEMReaders.getHeader().equals("CERTIFICATE")) {
                this.certStore.add(new X509Certificate(pEMReaders.getEncoded()));
            } else if (pEMReaders.getHeader().equals("X509 CRL")) {
                this.crlStore.add(new X509CRL(pEMReaders.getEncoded()));
            } else if (pEMReaders.getHeader().equals("PKCS7")) {
                PKCS7 pkcs7 = new PKCS7(pEMReaders.getEncoded());
                List certificates = pkcs7.getCertificates();
                List cRLs = pkcs7.getCRLs();
                if (certificates != null) {
                    Iterator it = certificates.iterator();
                    while (it.hasNext()) {
                        this.certStore.add((X509Certificate) it.next());
                    }
                }
                if (cRLs != null) {
                    Iterator it2 = cRLs.iterator();
                    while (it2.hasNext()) {
                        this.crlStore.add((X509CRL) it2.next());
                    }
                }
            }
        }
    }

    public void add(X509Store x509Store) {
        this.certStore.add(x509Store.certStore);
        this.crlStore.add(x509Store.crlStore);
    }

    public void add(X509Certificate x509Certificate) {
        this.certStore.add(x509Certificate);
    }

    public void add(X509CRL x509crl) {
        this.crlStore.add(x509crl);
    }

    public Collection getCertificates() {
        return this.certStore.getCertificates();
    }

    public Set getCertificates(X500Name x500Name) {
        return this.certStore.getCertificates(x500Name);
    }

    public Set getCertificatesByIssuer(X500Name x500Name) {
        return this.certStore.getCertificatesByIssuer(x500Name);
    }

    public Set getCertificatesByIssuerAndSerialNumber(X500Name x500Name, BigInteger bigInteger) {
        return this.certStore.getCertificatesByIssuerAndSerialNumber(x500Name, bigInteger);
    }

    public X509Certificate getIssuer(X509Certificate x509Certificate) {
        return getIssuer(x509Certificate, null);
    }

    public X509Certificate getIssuer(X509Certificate x509Certificate, Date date) {
        return this.certStore.getIssuer(x509Certificate, date);
    }

    public X509CRL getCRLByCert(X509Certificate x509Certificate) {
        return getCRLByCert(x509Certificate, null);
    }

    private X509CRL getCRLFromCRLD(CRLDistributionPoint cRLDistributionPoint) throws IOException, ASN1ParseException {
        for (int i = 0; i < cRLDistributionPoint.size(); i++) {
            SequenceOfX509GeneralName fullName = cRLDistributionPoint.getDistributionPoint(i).getDistributionPointName().getFullName();
            if (fullName != null) {
                for (int i2 = 0; i2 < fullName.size(); i2++) {
                    String uri = fullName.getGeneralName(i2).getURI();
                    if (uri != null) {
                        String str = "http";
                        int indexOf = uri.indexOf("://");
                        if (indexOf <= 0) {
                            uri = new StringBuffer().append("http://").append(uri).toString();
                        } else {
                            str = uri.substring(0, indexOf);
                        }
                        if (str.equalsIgnoreCase("http") || str.equalsIgnoreCase("https")) {
                            URLConnection openConnection = new URL(uri).openConnection();
                            openConnection.setDoInput(true);
                            return new X509CRL(new DERInputStream(openConnection.getInputStream()));
                        }
                    }
                }
            }
        }
        return null;
    }

    public void enableCRLD(boolean z) {
        this.enableCRLD = z;
    }

    public boolean enableCRLD() {
        return this.enableCRLD;
    }

    public X509CRL getCRLByCert(X509Certificate x509Certificate, Date date) {
        Set<X509CRL> cRLs;
        X509Certificate issuer = getIssuer(x509Certificate);
        X509CRL cRLByIssuer = issuer != null ? getCRLByIssuer(issuer, date) : this.crlStore.getCRL(x509Certificate.getIssuer(), date);
        if (cRLByIssuer == null && this.enableCRLD) {
            if (date != null && (cRLs = this.crlStore.getCRLs(x509Certificate.getIssuer())) != null) {
                for (X509CRL x509crl : cRLs) {
                    if (x509crl.isValid() && x509crl.getThisUpdate().compareTo(date) > 0) {
                        return null;
                    }
                }
            }
            X509Extension extension = x509Certificate.getExtensions().getExtension(CRLDistributionPoint.getOID());
            if (extension != null) {
                try {
                    X509CRL cRLFromCRLD = getCRLFromCRLD(new CRLDistributionPoint(extension));
                    if (cRLFromCRLD != null) {
                        cRLFromCRLD.createIndex();
                        add(cRLFromCRLD);
                        cRLByIssuer = issuer != null ? getCRLByIssuer(issuer, date) : this.crlStore.getCRL(x509Certificate.getIssuer(), date);
                    }
                } catch (ASN1ParseException e) {
                } catch (IOException e2) {
                }
            }
        }
        return cRLByIssuer;
    }

    public X509CRL getCRLByIssuer(X509Certificate x509Certificate) {
        return getCRLByIssuer(x509Certificate, null);
    }

    public X509CRL getCRLByIssuer(X509Certificate x509Certificate, Date date) {
        return this.crlStore.getCRLByIssuer(x509Certificate, date);
    }

    public List getCertPath(X500Name x500Name) {
        return getCertPath(x500Name, (Date) null);
    }

    public List getCertPath(X500Name x500Name, Date date) {
        Set<X509Certificate> certificates = getCertificates(x500Name);
        if (certificates == null) {
            return null;
        }
        for (X509Certificate x509Certificate : certificates) {
            if (date == null || (x509Certificate.getNotBefore().compareTo(date) <= 0 && x509Certificate.getNotAfter().compareTo(date) >= 0)) {
                return getCertPath(x509Certificate, date);
            }
        }
        return null;
    }

    public List getCertPath(X509Certificate x509Certificate) {
        return getCertPath(x509Certificate, (Date) null);
    }

    public List getCertPath(X509Certificate x509Certificate, Date date) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(x509Certificate);
        do {
            x509Certificate = getIssuer(x509Certificate, date);
            if (x509Certificate == null) {
                x509Certificate = getIssuer(x509Certificate, null);
                if (x509Certificate == null) {
                    break;
                }
            }
            arrayList.add(0, x509Certificate);
        } while (!x509Certificate.getIssuer().equals(x509Certificate.getSubject()));
        return arrayList;
    }
}
