package org.globus.gsi;

import java.io.File;
import java.security.cert.CRL;
import java.security.cert.CertStore;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLSelector;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.ListIterator;
import java.util.Map;
import java.util.StringTokenizer;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.globus.common.CoGProperties;
import org.globus.gsi.provider.GlobusProvider;
import org.globus.gsi.stores.ResourceCertStoreParameters;

/* loaded from: input_file:org/globus/gsi/CertificateRevocationLists.class */
public class CertificateRevocationLists {
    private static Log logger;
    private static String prevCaCertLocations;
    private static String defaultCrlLocations;
    private static CertificateRevocationLists defaultCrl;
    private volatile Map<String, X509CRL> crlIssuerDNMap;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/globus/gsi/CertificateRevocationLists$DefaultCertificateRevocationLists.class */
    public static class DefaultCertificateRevocationLists extends CertificateRevocationLists {
        private final long lifetime;
        private long lastRefresh;

        public DefaultCertificateRevocationLists() {
            super();
            this.lifetime = CoGProperties.getDefault().getCertCacheLifetime();
        }

        @Override // org.globus.gsi.CertificateRevocationLists
        public void refresh() {
            long currentTimeMillis = System.currentTimeMillis();
            if (this.lastRefresh + this.lifetime <= currentTimeMillis) {
                reload(getDefaultCRLLocations());
                this.lastRefresh = currentTimeMillis;
            }
        }

        private static synchronized String getDefaultCRLLocations() {
            String str;
            String caCertLocations = CoGProperties.getDefault().getCaCertLocations();
            if (CertificateRevocationLists.prevCaCertLocations == null || !CertificateRevocationLists.prevCaCertLocations.equals(caCertLocations)) {
                if (caCertLocations == null) {
                    CertificateRevocationLists.logger.debug("No CA cert locations specified");
                    String unused = CertificateRevocationLists.prevCaCertLocations = null;
                    String unused2 = CertificateRevocationLists.defaultCrlLocations = null;
                } else {
                    StringTokenizer stringTokenizer = new StringTokenizer(caCertLocations, ",");
                    LinkedList linkedList = new LinkedList();
                    while (stringTokenizer.hasMoreTokens()) {
                        String trim = stringTokenizer.nextToken().toString().trim();
                        File file = new File(trim);
                        if (!file.isDirectory()) {
                            if (file.isFile()) {
                                trim = file.getParent();
                            }
                        }
                        if (trim != null && !linkedList.contains(trim)) {
                            linkedList.add(trim);
                        }
                    }
                    ListIterator listIterator = linkedList.listIterator(0);
                    String str2 = null;
                    while (true) {
                        str = str2;
                        if (!listIterator.hasNext()) {
                            break;
                        }
                        str2 = str == null ? (String) listIterator.next() : str + "," + ((String) listIterator.next());
                    }
                    String unused3 = CertificateRevocationLists.prevCaCertLocations = caCertLocations;
                    String unused4 = CertificateRevocationLists.defaultCrlLocations = str;
                }
            }
            return CertificateRevocationLists.defaultCrlLocations;
        }
    }

    private CertificateRevocationLists() {
    }

    public X509CRL[] getCrls() {
        if (this.crlIssuerDNMap == null) {
            return null;
        }
        Collection<X509CRL> values = this.crlIssuerDNMap.values();
        return (X509CRL[]) values.toArray(new X509CRL[values.size()]);
    }

    public Collection<X509CRL> getCRLs(X509CRLSelector x509CRLSelector) {
        Collection<X500Principal> issuers = x509CRLSelector.getIssuers();
        ArrayList arrayList = new ArrayList(issuers.size());
        Map<String, X509CRL> map = this.crlIssuerDNMap;
        if (map == null) {
            return arrayList;
        }
        Iterator<X500Principal> it = issuers.iterator();
        while (it.hasNext()) {
            X509CRL x509crl = map.get(it.next().getName());
            if (x509crl != null) {
                arrayList.add(x509crl);
            }
        }
        return arrayList;
    }

    public X509CRL getCrl(String str) {
        if (this.crlIssuerDNMap == null) {
            return null;
        }
        return this.crlIssuerDNMap.get(str);
    }

    public void refresh() {
        reload(null);
    }

    public synchronized void reload(String str) {
        if (str == null) {
            return;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        HashMap hashMap = new HashMap();
        while (stringTokenizer.hasMoreTokens()) {
            try {
                Iterator<? extends CRL> it = CertStore.getInstance(GlobusProvider.CERTSTORE_TYPE, new ResourceCertStoreParameters(null, "file:" + stringTokenizer.nextToken().toString().trim() + "/*.r*")).getCRLs(new X509CRLSelector()).iterator();
                while (it.hasNext()) {
                    X509CRL x509crl = (X509CRL) it.next();
                    hashMap.put(x509crl.getIssuerX500Principal().getName(), x509crl);
                }
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        this.crlIssuerDNMap = hashMap;
    }

    public static CertificateRevocationLists getCertificateRevocationLists(String str) {
        CertificateRevocationLists certificateRevocationLists = new CertificateRevocationLists();
        certificateRevocationLists.reload(str);
        return certificateRevocationLists;
    }

    public static synchronized CertificateRevocationLists getDefaultCertificateRevocationLists() {
        return getDefault();
    }

    public static void setDefaultCertificateRevocationList(CertificateRevocationLists certificateRevocationLists) {
        defaultCrl = certificateRevocationLists;
    }

    public static synchronized CertificateRevocationLists getDefault() {
        if (defaultCrl == null) {
            defaultCrl = new DefaultCertificateRevocationLists();
        }
        defaultCrl.refresh();
        return defaultCrl;
    }

    public String toString() {
        return this.crlIssuerDNMap == null ? "crl list is empty" : this.crlIssuerDNMap.toString();
    }

    static {
        new ProviderLoader();
        logger = LogFactory.getLog(CertificateRevocationLists.class.getName());
        prevCaCertLocations = null;
        defaultCrlLocations = null;
        defaultCrl = null;
    }
}
