package eu.europa.esig.dss.tsl.service;

import eu.europa.esig.dss.DSSException;
import eu.europa.esig.dss.DSSUtils;
import eu.europa.esig.dss.DigestAlgorithm;
import eu.europa.esig.dss.tsl.Condition;
import eu.europa.esig.dss.tsl.ServiceInfo;
import eu.europa.esig.dss.tsl.ServiceInfoStatus;
import eu.europa.esig.dss.tsl.TSLConditionsForQualifiers;
import eu.europa.esig.dss.tsl.TSLLoaderResult;
import eu.europa.esig.dss.tsl.TSLParserResult;
import eu.europa.esig.dss.tsl.TSLService;
import eu.europa.esig.dss.tsl.TSLServiceExtension;
import eu.europa.esig.dss.tsl.TSLServiceProvider;
import eu.europa.esig.dss.tsl.TSLServiceStatus;
import eu.europa.esig.dss.tsl.TSLValidationModel;
import eu.europa.esig.dss.tsl.TSLValidationResult;
import eu.europa.esig.dss.tsl.TSLValidationSummary;
import eu.europa.esig.dss.tsl.TrustedListsCertificateSource;
import eu.europa.esig.dss.x509.CertificateToken;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import javax.xml.bind.DatatypeConverter;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/tsl/service/TSLRepository.class */
public class TSLRepository {
    private static final Logger logger = LoggerFactory.getLogger(TSLRepository.class);
    private String cacheDirectoryPath = System.getProperty("java.io.tmpdir") + File.separator + "dss-cache-tsl" + File.separator;
    private boolean allowExpiredTSLs = false;
    private boolean allowInvalidSignatures = false;
    private boolean allowIndeterminateSignatures = false;
    private Map<String, TSLValidationModel> tsls = new HashMap();
    private TrustedListsCertificateSource trustedListsCertificateSource;

    public void setCacheDirectoryPath(String str) {
        this.cacheDirectoryPath = str;
    }

    public void setAllowExpiredTSLs(boolean z) {
        this.allowExpiredTSLs = z;
    }

    public void setAllowInvalidSignatures(boolean z) {
        this.allowInvalidSignatures = z;
    }

    public void setAllowIndeterminateSignatures(boolean z) {
        this.allowIndeterminateSignatures = z;
    }

    public void setTrustedListsCertificateSource(TrustedListsCertificateSource trustedListsCertificateSource) {
        this.trustedListsCertificateSource = trustedListsCertificateSource;
    }

    public TSLValidationModel getByCountry(String str) {
        return this.tsls.get(str);
    }

    public List<TSLValidationModel> getTSLValidationModels() {
        TSLValidationResult validationResult;
        TSLValidationResult validationResult2;
        TSLParserResult parseResult;
        ArrayList arrayList = new ArrayList();
        Date date = new Date();
        for (TSLValidationModel tSLValidationModel : this.tsls.values()) {
            if (this.allowExpiredTSLs || (parseResult = tSLValidationModel.getParseResult()) == null || (parseResult.getNextUpdateDate() != null && !date.after(parseResult.getNextUpdateDate()))) {
                if (this.allowInvalidSignatures || (validationResult2 = tSLValidationModel.getValidationResult()) == null || !validationResult2.isInvalid()) {
                    if (this.allowIndeterminateSignatures || (validationResult = tSLValidationModel.getValidationResult()) == null || !validationResult.isIndeterminate()) {
                        arrayList.add(tSLValidationModel);
                    }
                }
            }
        }
        return Collections.unmodifiableList(arrayList);
    }

    private List<TSLValidationModel> getSkippedTSLValidationModels() {
        List<TSLValidationModel> tSLValidationModels = getTSLValidationModels();
        Map<String, TSLValidationModel> allMapTSLValidationModels = getAllMapTSLValidationModels();
        ArrayList arrayList = new ArrayList();
        for (Map.Entry<String, TSLValidationModel> entry : allMapTSLValidationModels.entrySet()) {
            boolean z = false;
            Iterator<TSLValidationModel> it = tSLValidationModels.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                TSLValidationModel next = it.next();
                if (next.getParseResult() != null && entry.getKey().equals(next.getParseResult().getTerritory())) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                arrayList.add(entry.getValue());
            }
        }
        return arrayList;
    }

    public Map<String, TSLValidationModel> getAllMapTSLValidationModels() {
        return Collections.unmodifiableMap(new TreeMap(this.tsls));
    }

    public void clearRepository() {
        try {
            FileUtils.cleanDirectory(new File(this.cacheDirectoryPath));
            this.tsls.clear();
        } catch (IOException e) {
            logger.error("Unable to clean cache directory : " + e.getMessage(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isLastVersion(TSLLoaderResult tSLLoaderResult) {
        TSLValidationModel byCountry = getByCountry(tSLLoaderResult.getCountryCode());
        if (byCountry == null) {
            return false;
        }
        if (ArrayUtils.isEmpty(tSLLoaderResult.getContent())) {
            return true;
        }
        byCountry.setUrl(tSLLoaderResult.getUrl());
        byCountry.setLoadedDate(new Date());
        return StringUtils.equals(getSHA256(tSLLoaderResult.getContent()), byCountry.getSha256FileContent());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void updateParseResult(TSLParserResult tSLParserResult) {
        TSLValidationModel byCountry = getByCountry(tSLParserResult.getTerritory());
        if (byCountry != null) {
            byCountry.setParseResult(tSLParserResult);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void updateValidationResult(TSLValidationResult tSLValidationResult) {
        TSLValidationModel byCountry = getByCountry(tSLValidationResult.getCountryCode());
        if (byCountry != null) {
            byCountry.setValidationResult(tSLValidationResult);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public TSLValidationModel storeInCache(TSLLoaderResult tSLLoaderResult) {
        TSLValidationModel tSLValidationModel = new TSLValidationModel();
        tSLValidationModel.setUrl(tSLLoaderResult.getUrl());
        tSLValidationModel.setSha256FileContent(getSHA256(tSLLoaderResult.getContent()));
        tSLValidationModel.setFilepath(storeOnFileSystem(tSLLoaderResult.getCountryCode(), tSLLoaderResult));
        tSLValidationModel.setLoadedDate(new Date());
        tSLValidationModel.setCertificateSourceSynchronized(false);
        add(tSLLoaderResult.getCountryCode(), tSLValidationModel);
        logger.info("New version of " + tSLLoaderResult.getCountryCode() + " TSL is stored in cache");
        return tSLValidationModel;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addParsedResultFromCacheToMap(TSLParserResult tSLParserResult) {
        TSLValidationModel tSLValidationModel = new TSLValidationModel();
        String territory = tSLParserResult.getTerritory();
        String filePath = getFilePath(territory);
        tSLValidationModel.setFilepath(filePath);
        FileInputStream fileInputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(filePath);
                tSLValidationModel.setSha256FileContent(getSHA256(IOUtils.toByteArray(fileInputStream)));
                IOUtils.closeQuietly(fileInputStream);
            } catch (Exception e) {
                logger.error("Unable to read '" + filePath + "' : " + e.getMessage());
                IOUtils.closeQuietly(fileInputStream);
            }
            tSLValidationModel.setParseResult(tSLParserResult);
            tSLValidationModel.setCertificateSourceSynchronized(false);
            add(territory, tSLValidationModel);
        } catch (Throwable th) {
            IOUtils.closeQuietly(fileInputStream);
            throw th;
        }
    }

    private void add(String str, TSLValidationModel tSLValidationModel) {
        this.tsls.put(str, tSLValidationModel);
    }

    private String storeOnFileSystem(String str, TSLLoaderResult tSLLoaderResult) {
        ensureCacheDirectoryExists();
        String filePath = getFilePath(str);
        FileOutputStream fileOutputStream = null;
        try {
            try {
                fileOutputStream = new FileOutputStream(new File(filePath));
                IOUtils.write(tSLLoaderResult.getContent(), fileOutputStream);
                IOUtils.closeQuietly(fileOutputStream);
                return filePath;
            } catch (Exception e) {
                throw new DSSException("Cannot create file in cache : " + e.getMessage(), e);
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(fileOutputStream);
            throw th;
        }
    }

    private void ensureCacheDirectoryExists() {
        File file = new File(this.cacheDirectoryPath);
        if (file.exists() && file.isDirectory()) {
            return;
        }
        file.mkdirs();
    }

    private String getFilePath(String str) {
        return this.cacheDirectoryPath + str + ".xml";
    }

    private String getSHA256(byte[] bArr) {
        return DatatypeConverter.printBase64Binary(DSSUtils.digest(DigestAlgorithm.SHA256, bArr));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<File> getStoredFiles() {
        ensureCacheDirectoryExists();
        return Arrays.asList(new File(this.cacheDirectoryPath).listFiles());
    }

    public boolean isOk() {
        return getTSLValidationModels().size() == getAllMapTSLValidationModels().size();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void synchronize() {
        if (this.trustedListsCertificateSource != null) {
            List<TSLValidationModel> tSLValidationModels = getTSLValidationModels();
            for (TSLValidationModel tSLValidationModel : tSLValidationModels) {
                if (!tSLValidationModel.isCertificateSourceSynchronized()) {
                    boolean z = false;
                    TSLValidationResult validationResult = tSLValidationModel.getValidationResult();
                    if (validationResult != null && validationResult.isValid()) {
                        z = true;
                    }
                    TSLParserResult parseResult = tSLValidationModel.getParseResult();
                    if (parseResult != null) {
                        for (TSLServiceProvider tSLServiceProvider : parseResult.getServiceProviders()) {
                            for (TSLService tSLService : tSLServiceProvider.getServices()) {
                                Iterator<CertificateToken> it = tSLService.getCertificates().iterator();
                                while (it.hasNext()) {
                                    this.trustedListsCertificateSource.addCertificate(it.next(), getServiceInfo(tSLServiceProvider, tSLService, z));
                                }
                            }
                        }
                    }
                    tSLValidationModel.setCertificateSourceSynchronized(true);
                }
            }
            List<TSLValidationModel> skippedTSLValidationModels = getSkippedTSLValidationModels();
            for (TSLValidationModel tSLValidationModel2 : skippedTSLValidationModels) {
                if (!tSLValidationModel2.isCertificateSourceSynchronized()) {
                    TSLParserResult parseResult2 = tSLValidationModel2.getParseResult();
                    if (parseResult2 != null) {
                        Iterator<TSLServiceProvider> it2 = parseResult2.getServiceProviders().iterator();
                        while (it2.hasNext()) {
                            Iterator<TSLService> it3 = it2.next().getServices().iterator();
                            while (it3.hasNext()) {
                                for (CertificateToken certificateToken : it3.next().getCertificates()) {
                                    if (this.trustedListsCertificateSource.removeCertificate(certificateToken)) {
                                        logger.info(certificateToken.getAbbreviation() + " is removed from trusted certificates");
                                    }
                                }
                            }
                        }
                    }
                    tSLValidationModel2.setCertificateSourceSynchronized(true);
                }
            }
            logger.info("Nb of loaded trusted lists : " + tSLValidationModels.size());
            logger.info("Nb of trusted certificates : " + this.trustedListsCertificateSource.getNumberOfTrustedCertificates());
            logger.info("Nb of skipped trusted lists : " + skippedTSLValidationModels.size());
            if (CollectionUtils.isNotEmpty(skippedTSLValidationModels)) {
                Iterator<TSLValidationModel> it4 = skippedTSLValidationModels.iterator();
                while (it4.hasNext()) {
                    logger.info(it4.next().getUrl() + " is skipped");
                }
            }
        }
    }

    private ServiceInfo getServiceInfo(TSLServiceProvider tSLServiceProvider, TSLService tSLService, boolean z) {
        ServiceInfo serviceInfo = new ServiceInfo();
        serviceInfo.setTspName(tSLServiceProvider.getName());
        serviceInfo.setTspTradeName(tSLServiceProvider.getTradeName());
        serviceInfo.setTspPostalAddress(tSLServiceProvider.getPostalAddress());
        serviceInfo.setTspElectronicAddress(tSLServiceProvider.getElectronicAddress());
        serviceInfo.setServiceName(tSLService.getName());
        serviceInfo.setType(tSLService.getType());
        ArrayList arrayList = new ArrayList();
        List<TSLServiceStatus> status = tSLService.getStatus();
        if (CollectionUtils.isNotEmpty(status)) {
            for (TSLServiceStatus tSLServiceStatus : status) {
                arrayList.add(new ServiceInfoStatus(tSLServiceStatus.getStatus(), tSLServiceStatus.getStartDate(), tSLServiceStatus.getEndDate()));
            }
        }
        serviceInfo.setStatus(arrayList);
        List<TSLServiceExtension> extensions = tSLService.getExtensions();
        if (CollectionUtils.isNotEmpty(extensions)) {
            Iterator<TSLServiceExtension> it = extensions.iterator();
            while (it.hasNext()) {
                for (TSLConditionsForQualifiers tSLConditionsForQualifiers : it.next().getConditionsForQualifiers()) {
                    Condition condition = tSLConditionsForQualifiers.getCondition();
                    Iterator<String> it2 = tSLConditionsForQualifiers.getQualifiers().iterator();
                    while (it2.hasNext()) {
                        serviceInfo.addQualifierAndCondition(it2.next(), condition);
                    }
                }
            }
        }
        serviceInfo.setTlWellSigned(z);
        return serviceInfo;
    }

    public List<TSLValidationSummary> getSummary() {
        Map<String, TSLValidationModel> allMapTSLValidationModels = getAllMapTSLValidationModels();
        ArrayList arrayList = new ArrayList();
        for (Map.Entry<String, TSLValidationModel> entry : allMapTSLValidationModels.entrySet()) {
            String key = entry.getKey();
            TSLValidationModel value = entry.getValue();
            TSLValidationSummary tSLValidationSummary = new TSLValidationSummary();
            tSLValidationSummary.setCountry(key);
            tSLValidationSummary.setLoadedDate(value.getLoadedDate());
            tSLValidationSummary.setTslUrl(value.getUrl());
            TSLParserResult parseResult = value.getParseResult();
            if (parseResult != null) {
                tSLValidationSummary.setSequenceNumber(parseResult.getSequenceNumber());
                tSLValidationSummary.setIssueDate(parseResult.getIssueDate());
                tSLValidationSummary.setNextUpdateDate(parseResult.getNextUpdateDate());
                int i = 0;
                int i2 = 0;
                int i3 = 0;
                List<TSLServiceProvider> serviceProviders = parseResult.getServiceProviders();
                if (serviceProviders != null) {
                    i = serviceProviders.size();
                    Iterator<TSLServiceProvider> it = serviceProviders.iterator();
                    while (it.hasNext()) {
                        List<TSLService> services = it.next().getServices();
                        if (services != null) {
                            i2 += services.size();
                            Iterator<TSLService> it2 = services.iterator();
                            while (it2.hasNext()) {
                                i3 += CollectionUtils.size(it2.next().getCertificates());
                            }
                        }
                    }
                }
                tSLValidationSummary.setNbServiceProviders(i);
                tSLValidationSummary.setNbServices(i2);
                tSLValidationSummary.setNbCertificatesAndX500Principals(i3);
            }
            TSLValidationResult validationResult = value.getValidationResult();
            if (validationResult != null) {
                tSLValidationSummary.setIndication(validationResult.getIndication());
            }
            arrayList.add(tSLValidationSummary);
        }
        return arrayList;
    }
}
