package org.glite.voms;

import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.Hashtable;
import java.util.List;
import java.util.Timer;
import java.util.TimerTask;
import java.util.Vector;
import javax.security.auth.x500.X500Principal;
import org.apache.log4j.Logger;
import org.glite.voms.ac.ACTrustStore;

/* loaded from: input_file:org/glite/voms/BasicVOMSTrustStore.class */
public final class BasicVOMSTrustStore implements ACTrustStore {
    static Logger log = Logger.getLogger(BasicVOMSTrustStore.class);
    public static final String DEFAULT_TRUST_STORE_LISTING = PKIStore.DEFAULT_VOMSDIR;
    String trustedDirList;
    private Hashtable issuerCerts;
    private long refreshPeriod;
    private Timer theTimer;

    /* loaded from: input_file:org/glite/voms/BasicVOMSTrustStore$Refreshener.class */
    private class Refreshener extends TimerTask {
        private Refreshener() {
        }

        @Override // java.util.TimerTask, java.lang.Runnable
        public void run() {
            BasicVOMSTrustStore.this.refresh();
        }
    }

    public BasicVOMSTrustStore() {
        this(DEFAULT_TRUST_STORE_LISTING, 300000L);
    }

    public BasicVOMSTrustStore(String str, long j) {
        List list;
        this.trustedDirList = null;
        this.issuerCerts = new Hashtable();
        this.refreshPeriod = -1L;
        this.theTimer = null;
        if (j < 0) {
            throw new IllegalArgumentException("refreshPeriod is negative");
        }
        try {
            list = new DirectoryList(str).getListing();
        } catch (IOException e) {
            list = null;
        }
        if (list == null || list.isEmpty()) {
            String str2 = "VOMS trust anchors " + str + " does not appear to exist";
            log.fatal(str2);
            throw new IllegalArgumentException(str2);
        }
        this.trustedDirList = str;
        this.refreshPeriod = j;
        if (j == 0) {
            refresh();
        }
        if (j > 0) {
            this.theTimer = new Timer(true);
            this.theTimer.scheduleAtFixedRate(new Refreshener(), 0L, j);
        }
    }

    public String getDirList() {
        return this.trustedDirList;
    }

    public void stopRefresh() {
        if (this.theTimer != null) {
            this.theTimer.cancel();
        }
        this.theTimer = null;
    }

    public void refresh() {
        try {
            if (log.isDebugEnabled()) {
                log.debug("Refreshing in-memory VOMS issuer cache from " + this.trustedDirList);
            }
            Hashtable hashtable = new Hashtable();
            Vector<X509Certificate> readCerts = new FileCertReader().readCerts(this.trustedDirList);
            for (X509Certificate x509Certificate : readCerts) {
                X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
                List list = (List) hashtable.get(subjectX500Principal);
                if (list == null) {
                    list = new Vector();
                }
                list.add(x509Certificate);
                hashtable.put(subjectX500Principal, list);
            }
            this.issuerCerts = hashtable;
            if (log.isDebugEnabled()) {
                log.debug("Refreshing of in-memory VOMS issuer cache done. Read " + readCerts.size() + " certs");
            }
        } catch (Exception e) {
            log.error("Unexpected error while refreshing in-memory VOMS issuer cache from " + this.trustedDirList + " : " + e.getMessage());
        }
    }

    @Override // org.glite.voms.ac.ACTrustStore
    public X509Certificate[] getAACandidate(X500Principal x500Principal) {
        if (this.refreshPeriod < 0) {
            refresh();
        }
        List list = (List) this.issuerCerts.get(x500Principal);
        if (list != null) {
            return (X509Certificate[]) list.toArray(new X509Certificate[list.size()]);
        }
        return null;
    }
}
