package com.formosoft.va.fedi;

import com.formosoft.crypto.FSCryptException;
import com.formosoft.jpki.util.PEMReader;
import com.formosoft.pyramid.Global;
import com.formosoft.servlet.util.CRLEntry;
import com.formosoft.servlet.util.CrlSet;
import com.formosoft.util.db.DatabaseManager;
import com.formosoft.util.io.FileUtils;
import com.formosoft.va.stub.ErrorCode;
import eoi.common.RevokeCert;
import java.io.File;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.Calendar;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.StringTokenizer;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/formosoft/va/fedi/FEDICrlSet.class */
public class FEDICrlSet extends CrlSet {
    private static Logger logger = Logger.getLogger(FEDICrlSet.class);
    private String issuer;
    private String issuerO;
    private String issuerCN;

    public void run() {
        Thread currentThread = Thread.currentThread();
        this.blinker = currentThread;
        while (this.blinker == currentThread) {
            Date date = new Date();
            this.isUpdated = false;
            try {
                if (this.crlSet == null) {
                    this.crlSet = Collections.synchronizedMap(new HashMap());
                    if (this.url != null && this.url.length() > 0) {
                        this.filenameCRL = Global.getContext().getRealPath(this.path) + File.separator + this.name + "_" + this.id + ".crl";
                        this.dateNextUpdate = new Date();
                        this.isUpdated = rebuildCRLSet();
                        Thread.sleep(1000L);
                    }
                }
                try {
                    fetchCRL(this.url);
                    this.dateNextUpdate = new Date();
                    this.isUpdated = rebuildCRLSet();
                    if (this.isUpdated) {
                        logger.info(this.name + " CRL is updated. TIME: " + date + " SIZE: " + this.crlSet.size());
                        refreshUpdateSchedule();
                        Thread.sleep(getSleepTime());
                    } else {
                        int i = this.waitTime * 2;
                        if (i < 86400000) {
                            this.waitTime = i;
                        } else {
                            this.waitTime = 86400000;
                        }
                        Thread.sleep(this.waitTime);
                    }
                } catch (FSCryptException e) {
                    logger.error("Failed to download CRL. CRLNAME: " + this.name, e);
                    int i2 = this.waitTime * 2;
                    if (i2 < 86400000) {
                        this.waitTime = i2;
                    } else {
                        this.waitTime = 86400000;
                    }
                    Thread.sleep(this.waitTime);
                }
            } catch (InterruptedException e2) {
                logger.debug("Thread is interrupted. CRLNAME: " + this.name);
                return;
            }
        }
    }

    public boolean rebuildCRLSet() {
        boolean z = false;
        try {
            if (!"".equals(this.filenameCRL)) {
                RevokeCert revokeCert = new RevokeCert(FileUtils.readFileToByteArray(this.filenameCRL));
                if (!revokeCert.verify(new PEMReader(Global.getContext().certmngr.getCertByName(this.name.substring(0, this.name.length() - 4)).getCertPEM()).getEncoded())) {
                    return false;
                }
                while (revokeCert.nextRowHex()) {
                    this.crlSet.put(new CRLEntry(revokeCert.getCSN().getBytes()), "");
                }
                z = true;
            }
            return z;
        } catch (Exception e) {
            logger.error(this.name + " CRL file parsing error. ", e);
            return false;
        }
    }

    private void refreshUpdateSchedule() {
        Date date = new Date();
        Calendar calendar = Calendar.getInstance();
        if (this.updateTime == null || this.updateFreq == 0) {
            this.nextUpdateTime = new Date(this.dateNextUpdate.getTime() + 1200000);
            return;
        }
        calendar.setTime(date);
        Calendar calendar2 = Calendar.getInstance();
        calendar2.setTime(this.updateTime);
        calendar.add(5, this.updateFreq);
        calendar.set(11, calendar2.get(11));
        calendar.set(12, calendar2.get(12));
        calendar.set(13, calendar2.get(13));
        this.nextUpdateTime = calendar.getTime();
    }

    private long getSleepTime() {
        long j;
        Date date = new Date();
        if (this.nextUpdateTime != null) {
            logger.info(this.name + " thread will sleep util " + this.nextUpdateTime + ".");
            j = this.nextUpdateTime.getTime() - date.getTime();
        } else {
            logger.error(this.name + " CRL has no update time. Thread will be stopped after 5 seconds.");
            release();
            j = 5000;
        }
        if (j < 0) {
            int i = this.waitTime * 2;
            if (i < 86400000) {
                this.waitTime = i;
            } else {
                this.waitTime = 86400000;
            }
            j = this.waitTime;
            logger.debug("the updatetime is earlier then now. we will update in " + (this.waitTime / 60000) + " min. nextUpdateTime: " + this.nextUpdateTime);
        } else {
            this.waitTime = 30000;
        }
        return j;
    }

    protected boolean verifyCRL(byte[] bArr) {
        return true;
    }

    public void getIssuer() throws Exception {
        if (this.issuer != null) {
            return;
        }
        Statement statement = DatabaseManager.getStatement();
        ResultSet executeQuery = statement.executeQuery("select CERT from CERT where CERTNAME='" + this.name.substring(0, this.name.length() - 4) + "'");
        while (executeQuery.next()) {
            this.issuer = new FSParseFEDICert(executeQuery.getString("CERT")).subject;
        }
        executeQuery.close();
        statement.close();
        StringTokenizer stringTokenizer = new StringTokenizer(this.issuer, ", ");
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (nextToken.startsWith("O=")) {
                this.issuerO = nextToken.substring(nextToken.indexOf("O=") + 2);
            } else if (nextToken.startsWith("CN=")) {
                this.issuerCN = nextToken.substring(nextToken.indexOf("CN=") + 3);
            }
        }
    }

    protected void fetchCRL(String str) throws FSCryptException {
        try {
            getIssuer();
            RevokeCert revokeCert = new RevokeCert();
            String crl = revokeCert.getCRL(str, this.issuerO, this.issuerCN);
            if (crl == null) {
                revokeCert.getErrorMsg();
                logger.warn("Fail to fetch CRL. CRLNAME: " + this.name + ", reason: " + revokeCert.getErrorMsg());
                throw new FSCryptException(ErrorCode.SERVER_RTN_CRL_DOWN_FAIL, "Fail to fetch CRL. " + str);
            }
            byte[] transCRLFromPEMToDer = transCRLFromPEMToDer(crl.getBytes());
            logger.info(this.name + " CRL Verify Success.");
            storeCRL(str, transCRLFromPEMToDer);
        } catch (Exception e) {
            logger.warn("Fail to fetch CRL. CRLNAME: " + this.name, e);
            throw new FSCryptException(ErrorCode.SERVER_RTN_CRL_DOWN_FAIL, "Fail to fetch CRL. can't find issuer " + str);
        }
    }
}
