package sun.security.provider.certpath.ldap;

import com.sun.jndi.ldap.LdapCtx;
import java.net.URI;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CRLSelector;
import java.security.cert.CertSelector;
import java.security.cert.CertStoreException;
import java.security.cert.CertStoreParameters;
import java.security.cert.CertStoreSpi;
import java.security.cert.LDAPCertStoreParameters;
import java.security.cert.URICertStoreParameters;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLSelector;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Locale;
import sun.security.util.Cache;
import sun.security.util.Debug;

/* loaded from: input_file:com/kohlschutter/jdk/home/modules/java.naming/sun/security/provider/certpath/ldap/LDAPCertStore.class */
public final class LDAPCertStore extends CertStoreSpi {
    private String ldapDN;
    private LDAPCertStoreImpl impl;
    private static final Debug debug = Debug.getInstance("certpath");
    private static final Cache<Key, LDAPCertStoreImpl> certStoreCache = Cache.newSoftMemoryCache(185);

    /* loaded from: input_file:com/kohlschutter/jdk/home/modules/java.naming/sun/security/provider/certpath/ldap/LDAPCertStore$Key.class */
    private static class Key {
        volatile int hashCode;
        String serverName;
        int port;

        Key(String str, int i) {
            this.serverName = str;
            this.port = i;
        }

        public boolean equals(Object obj) {
            if (!(obj instanceof Key)) {
                return false;
            }
            Key key = (Key) obj;
            return this.port == key.port && this.serverName.equalsIgnoreCase(key.serverName);
        }

        public int hashCode() {
            if (this.hashCode == 0) {
                this.hashCode = (37 * ((37 * 17) + this.port)) + this.serverName.toLowerCase(Locale.ENGLISH).hashCode();
            }
            return this.hashCode;
        }
    }

    public LDAPCertStore(CertStoreParameters certStoreParameters) throws InvalidAlgorithmParameterException {
        super(certStoreParameters);
        String host;
        int port;
        String str = null;
        if (certStoreParameters == null) {
            throw new InvalidAlgorithmParameterException("Parameters required for LDAP certstore");
        }
        if (certStoreParameters instanceof LDAPCertStoreParameters) {
            LDAPCertStoreParameters lDAPCertStoreParameters = (LDAPCertStoreParameters) certStoreParameters;
            host = lDAPCertStoreParameters.getServerName();
            port = lDAPCertStoreParameters.getPort();
        } else {
            if (!(certStoreParameters instanceof URICertStoreParameters)) {
                throw new InvalidAlgorithmParameterException("Parameters must be either LDAPCertStoreParameters or URICertStoreParameters, but instance of " + certStoreParameters.getClass().getName() + " passed");
            }
            URI uri = ((URICertStoreParameters) certStoreParameters).getURI();
            if (!uri.getScheme().equalsIgnoreCase("ldap")) {
                throw new InvalidAlgorithmParameterException("Unsupported scheme '" + uri.getScheme() + "', only LDAP URIs are supported for LDAP certstore");
            }
            host = uri.getHost();
            host = host == null ? LdapCtx.DEFAULT_HOST : host;
            port = uri.getPort();
            port = port == -1 ? 389 : port;
            str = uri.getPath();
            if (str != null && str.charAt(0) == '/') {
                str = str.substring(1);
            }
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkConnect(host, port);
        }
        Key key = new Key(host, port);
        LDAPCertStoreImpl lDAPCertStoreImpl = certStoreCache.get(key);
        if (lDAPCertStoreImpl == null) {
            this.impl = new LDAPCertStoreImpl(host, port);
            certStoreCache.put(key, this.impl);
        } else {
            this.impl = lDAPCertStoreImpl;
            if (debug != null) {
                debug.println("LDAPCertStore.getInstance: cache hit");
            }
        }
        this.ldapDN = str;
    }

    static synchronized LDAPCertStoreImpl getInstance(LDAPCertStoreParameters lDAPCertStoreParameters) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        String serverName = lDAPCertStoreParameters.getServerName();
        int port = lDAPCertStoreParameters.getPort();
        Key key = new Key(serverName, port);
        LDAPCertStoreImpl lDAPCertStoreImpl = certStoreCache.get(key);
        if (lDAPCertStoreImpl == null) {
            lDAPCertStoreImpl = new LDAPCertStoreImpl(serverName, port);
            certStoreCache.put(key, lDAPCertStoreImpl);
        } else if (debug != null) {
            debug.println("LDAPCertStore.getInstance: cache hit");
        }
        return lDAPCertStoreImpl;
    }

    @Override // java.security.cert.CertStoreSpi
    public synchronized Collection<X509Certificate> engineGetCertificates(CertSelector certSelector) throws CertStoreException {
        if (debug != null) {
            debug.println("LDAPCertStore.engineGetCertificates() selector: " + String.valueOf(certSelector));
        }
        if (certSelector == null) {
            certSelector = new X509CertSelector();
        } else if (!(certSelector instanceof X509CertSelector)) {
            throw new CertStoreException("Need X509CertSelector to find certs, but instance of " + certSelector.getClass().getName() + " passed");
        }
        return this.impl.getCertificates((X509CertSelector) certSelector, this.ldapDN);
    }

    @Override // java.security.cert.CertStoreSpi
    public synchronized Collection<X509CRL> engineGetCRLs(CRLSelector cRLSelector) throws CertStoreException {
        if (debug != null) {
            debug.println("LDAPCertStore.engineGetCRLs() selector: " + cRLSelector);
        }
        if (cRLSelector == null) {
            cRLSelector = new X509CRLSelector();
        } else if (!(cRLSelector instanceof X509CRLSelector)) {
            throw new CertStoreException("Need X509CRLSelector to find CRLs, but instance of " + cRLSelector.getClass().getName() + " passed");
        }
        return this.impl.getCRLs((X509CRLSelector) cRLSelector, this.ldapDN);
    }
}
