package eu.europa.esig.dss.service.crl;

import eu.europa.esig.dss.crl.CRLBinary;
import eu.europa.esig.dss.crl.CRLValidity;
import eu.europa.esig.dss.enumerations.RevocationOrigin;
import eu.europa.esig.dss.enumerations.SignatureAlgorithm;
import eu.europa.esig.dss.model.x509.CertificateToken;
import eu.europa.esig.dss.spi.DSSRevocationUtils;
import eu.europa.esig.dss.spi.DSSUtils;
import eu.europa.esig.dss.spi.x509.revocation.JdbcRevocationSource;
import eu.europa.esig.dss.spi.x509.revocation.RevocationException;
import eu.europa.esig.dss.spi.x509.revocation.crl.CRLSource;
import eu.europa.esig.dss.spi.x509.revocation.crl.CRLToken;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.util.Collections;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/service/crl/JdbcCacheCRLSource.class */
public class JdbcCacheCRLSource extends JdbcRevocationSource<CRLToken> implements CRLSource {
    private static final long serialVersionUID = 3007740140330998336L;
    private static final Logger LOG = LoggerFactory.getLogger(JdbcCacheCRLSource.class);
    private static final String SQL_INIT_CHECK_EXISTENCE = "SELECT COUNT(*) FROM CACHED_CRL";
    private static final String SQL_INIT_CREATE_TABLE = "CREATE TABLE CACHED_CRL (ID CHAR(40), DATA BLOB, SIGNATURE_ALGORITHM VARCHAR(20), THIS_UPDATE TIMESTAMP, NEXT_UPDATE TIMESTAMP, EXPIRED_CERTS_ON_CRL TIMESTAMP, ISSUER LONGVARBINARY, ISSUER_PRINCIPAL_MATCH BOOLEAN, SIGNATURE_INTACT BOOLEAN, CRL_SIGN_KEY_USAGE BOOLEAN, UNKNOWN_CRITICAL_EXTENSION BOOLEAN, SIGNATURE_INVALID_REASON VARCHAR(256))";
    private static final String SQL_FIND_QUERY = "SELECT * FROM CACHED_CRL WHERE ID = ?";
    private static final String SQL_FIND_QUERY_ID = "ID";
    private static final String SQL_FIND_QUERY_DATA = "DATA";
    private static final String SQL_FIND_QUERY_ISSUER = "ISSUER";
    private static final String SQL_FIND_QUERY_THIS_UPDATE = "THIS_UPDATE";
    private static final String SQL_FIND_QUERY_NEXT_UPDATE = "NEXT_UPDATE";
    private static final String SQL_FIND_QUERY_EXPIRED_CERTS_ON_CRL = "EXPIRED_CERTS_ON_CRL";
    private static final String SQL_FIND_QUERY_SIGNATURE_ALGO = "SIGNATURE_ALGORITHM";
    private static final String SQL_FIND_QUERY_ISSUER_PRINCIPAL_MATCH = "ISSUER_PRINCIPAL_MATCH";
    private static final String SQL_FIND_QUERY_SIGNATURE_INTACT = "SIGNATURE_INTACT";
    private static final String SQL_FIND_QUERY_CRL_SIGN_KEY_USAGE = "CRL_SIGN_KEY_USAGE";
    private static final String SQL_FIND_QUERY_UNKNOWN_CRITICAL_EXTENSION = "UNKNOWN_CRITICAL_EXTENSION";
    private static final String SQL_FIND_QUERY_SIGNATURE_INVALID_REASON = "SIGNATURE_INVALID_REASON";
    private static final String SQL_FIND_INSERT = "INSERT INTO CACHED_CRL (ID, DATA, SIGNATURE_ALGORITHM, THIS_UPDATE, NEXT_UPDATE, EXPIRED_CERTS_ON_CRL, ISSUER, ISSUER_PRINCIPAL_MATCH, SIGNATURE_INTACT, CRL_SIGN_KEY_USAGE, UNKNOWN_CRITICAL_EXTENSION, SIGNATURE_INVALID_REASON) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
    private static final String SQL_FIND_UPDATE = "UPDATE CACHED_CRL SET DATA = ?, SIGNATURE_ALGORITHM = ?, THIS_UPDATE = ?, NEXT_UPDATE = ?, EXPIRED_CERTS_ON_CRL = ?, ISSUER = ?, ISSUER_PRINCIPAL_MATCH = ?, SIGNATURE_INTACT = ?, CRL_SIGN_KEY_USAGE = ?, UNKNOWN_CRITICAL_EXTENSION = ?, SIGNATURE_INVALID_REASON = ?  WHERE ID = ?";
    private static final String SQL_FIND_REMOVE = "DELETE FROM CACHED_CRL WHERE ID = ?";
    private static final String SQL_DROP_TABLE = "DROP TABLE CACHED_CRL";

    protected String getCreateTableQuery() {
        return SQL_INIT_CREATE_TABLE;
    }

    protected String getTableExistenceQuery() {
        return SQL_INIT_CHECK_EXISTENCE;
    }

    protected String getFindRevocationQuery() {
        return SQL_FIND_QUERY;
    }

    protected String getRemoveRevocationTokenEntryQuery() {
        return SQL_FIND_REMOVE;
    }

    protected String getDeleteTableQuery() {
        return SQL_DROP_TABLE;
    }

    public List<String> initRevocationTokenKey(CertificateToken certificateToken) {
        return DSSRevocationUtils.getCRLRevocationTokenKeys(certificateToken);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* renamed from: buildRevocationTokenFromResult, reason: merged with bridge method [inline-methods] */
    public CRLToken m1buildRevocationTokenFromResult(ResultSet resultSet, CertificateToken certificateToken, CertificateToken certificateToken2) {
        try {
            CRLValidity cRLValidity = new CRLValidity(new CRLBinary(resultSet.getBytes(SQL_FIND_QUERY_DATA)));
            cRLValidity.setKey(resultSet.getString(SQL_FIND_QUERY_ID));
            cRLValidity.setSignatureAlgorithm(SignatureAlgorithm.valueOf(resultSet.getString(SQL_FIND_QUERY_SIGNATURE_ALGO)));
            cRLValidity.setThisUpdate(resultSet.getTimestamp(SQL_FIND_QUERY_THIS_UPDATE));
            cRLValidity.setNextUpdate(resultSet.getTimestamp(SQL_FIND_QUERY_NEXT_UPDATE));
            cRLValidity.setExpiredCertsOnCRL(resultSet.getTimestamp(SQL_FIND_QUERY_EXPIRED_CERTS_ON_CRL));
            cRLValidity.setIssuerToken(DSSUtils.loadCertificate(resultSet.getBytes(SQL_FIND_QUERY_ISSUER)));
            cRLValidity.setCrlSignKeyUsage(resultSet.getBoolean(SQL_FIND_QUERY_CRL_SIGN_KEY_USAGE));
            cRLValidity.setUnknownCriticalExtension(resultSet.getBoolean(SQL_FIND_QUERY_UNKNOWN_CRITICAL_EXTENSION));
            cRLValidity.setIssuerX509PrincipalMatches(resultSet.getBoolean(SQL_FIND_QUERY_ISSUER_PRINCIPAL_MATCH));
            cRLValidity.setSignatureIntact(resultSet.getBoolean(SQL_FIND_QUERY_SIGNATURE_INTACT));
            cRLValidity.setSignatureInvalidityReason(resultSet.getString(SQL_FIND_QUERY_SIGNATURE_INVALID_REASON));
            CRLToken cRLToken = new CRLToken(certificateToken, cRLValidity);
            cRLToken.setOrigins(Collections.singleton(RevocationOrigin.CACHED));
            return cRLToken;
        } catch (SQLException e) {
            throw new RevocationException("An error occurred during an attempt to get a revocation token");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void insertRevocation(CRLToken cRLToken) {
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        CRLValidity crlValidity = cRLToken.getCrlValidity();
        try {
            try {
                connection = this.dataSource.getConnection();
                preparedStatement = connection.prepareStatement(SQL_FIND_INSERT);
                preparedStatement.setString(1, cRLToken.getRevocationTokenKey());
                preparedStatement.setBytes(2, crlValidity.getCrlEncoded());
                preparedStatement.setString(3, crlValidity.getSignatureAlgorithm().name());
                if (crlValidity.getThisUpdate() != null) {
                    preparedStatement.setTimestamp(4, new Timestamp(crlValidity.getThisUpdate().getTime()));
                } else {
                    preparedStatement.setNull(4, 93);
                }
                if (crlValidity.getNextUpdate() != null) {
                    preparedStatement.setTimestamp(5, new Timestamp(crlValidity.getNextUpdate().getTime()));
                } else {
                    preparedStatement.setNull(5, 93);
                }
                if (crlValidity.getExpiredCertsOnCRL() != null) {
                    preparedStatement.setTimestamp(6, new Timestamp(crlValidity.getExpiredCertsOnCRL().getTime()));
                } else {
                    preparedStatement.setNull(6, 93);
                }
                preparedStatement.setBytes(7, crlValidity.getIssuerToken().getEncoded());
                preparedStatement.setBoolean(8, crlValidity.isIssuerX509PrincipalMatches());
                preparedStatement.setBoolean(9, crlValidity.isSignatureIntact());
                preparedStatement.setBoolean(10, crlValidity.isCrlSignKeyUsage());
                preparedStatement.setBoolean(11, crlValidity.isUnknownCriticalExtension());
                preparedStatement.setString(12, crlValidity.getSignatureInvalidityReason());
                preparedStatement.executeUpdate();
                connection.commit();
                LOG.debug("CRL token with key '{}' successfully inserted in DB", cRLToken.getRevocationTokenKey());
                closeQuietly(connection, preparedStatement, null);
            } catch (SQLException e) {
                LOG.error("Unable to insert CRL in the DB", e);
                rollback(connection);
                closeQuietly(connection, preparedStatement, null);
            }
        } catch (Throwable th) {
            closeQuietly(connection, preparedStatement, null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void updateRevocation(CRLToken cRLToken) {
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        CRLValidity crlValidity = cRLToken.getCrlValidity();
        try {
            try {
                connection = this.dataSource.getConnection();
                preparedStatement = connection.prepareStatement(SQL_FIND_UPDATE);
                preparedStatement.setBytes(1, crlValidity.getCrlEncoded());
                preparedStatement.setString(2, crlValidity.getSignatureAlgorithm().name());
                if (crlValidity.getThisUpdate() != null) {
                    preparedStatement.setTimestamp(3, new Timestamp(crlValidity.getThisUpdate().getTime()));
                } else {
                    preparedStatement.setNull(3, 93);
                }
                if (crlValidity.getNextUpdate() != null) {
                    preparedStatement.setTimestamp(4, new Timestamp(crlValidity.getNextUpdate().getTime()));
                } else {
                    preparedStatement.setNull(4, 93);
                }
                if (crlValidity.getExpiredCertsOnCRL() != null) {
                    preparedStatement.setTimestamp(5, new Timestamp(crlValidity.getExpiredCertsOnCRL().getTime()));
                } else {
                    preparedStatement.setNull(5, 93);
                }
                preparedStatement.setBytes(6, crlValidity.getIssuerToken().getEncoded());
                preparedStatement.setBoolean(7, crlValidity.isIssuerX509PrincipalMatches());
                preparedStatement.setBoolean(8, crlValidity.isSignatureIntact());
                preparedStatement.setBoolean(9, crlValidity.isCrlSignKeyUsage());
                preparedStatement.setBoolean(10, crlValidity.isUnknownCriticalExtension());
                preparedStatement.setString(11, crlValidity.getSignatureInvalidityReason());
                preparedStatement.setString(12, cRLToken.getRevocationTokenKey());
                preparedStatement.executeUpdate();
                connection.commit();
                LOG.debug("CRL token with key '{}' successfully updated in DB", cRLToken.getRevocationTokenKey());
                closeQuietly(connection, preparedStatement, null);
            } catch (SQLException e) {
                LOG.error("Unable to update CRL in the DB", e);
                rollback(connection);
                closeQuietly(connection, preparedStatement, null);
            }
        } catch (Throwable th) {
            closeQuietly(connection, preparedStatement, null);
            throw th;
        }
    }
}
