package org.xipki.ca.mgmt.db.port;

import java.io.File;
import java.math.BigInteger;
import java.nio.file.Paths;
import java.security.cert.CRLException;
import java.security.cert.CertificateException;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.util.List;
import java.util.StringTokenizer;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.zip.ZipEntry;
import java.util.zip.ZipFile;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.Extensions;
import org.bouncycastle.asn1.x509.TBSCertificate;
import org.bouncycastle.cert.X509CRLHolder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.ca.api.mgmt.CaJson;
import org.xipki.ca.mgmt.db.port.CaCertstore;
import org.xipki.ca.mgmt.db.port.DbPorter;
import org.xipki.datasource.DataAccessException;
import org.xipki.datasource.DataSourceWrapper;
import org.xipki.security.FpIdCalculator;
import org.xipki.security.HashAlgo;
import org.xipki.security.X509Cert;
import org.xipki.security.util.X509Util;
import org.xipki.util.Args;
import org.xipki.util.Base64;
import org.xipki.util.DateUtil;
import org.xipki.util.IoUtil;
import org.xipki.util.ProcessLog;
import org.xipki.util.SqlUtil;
import org.xipki.util.StringUtil;

/* loaded from: input_file:org/xipki/ca/mgmt/db/port/CaCertstoreDbImporter.class */
class CaCertstoreDbImporter extends DbPorter {
    private static final Logger LOG = LoggerFactory.getLogger(CaCertstoreDbImporter.class);
    private static final String SQL_ADD_CERT = SqlUtil.buildInsertSql("CERT", "ID,LUPDATE,SN,SUBJECT,FP_S,FP_RS,FP_SAN,NBEFORE,NAFTER,REV,RR,RT,RIT,PID,CA_ID,RID,EE,TID,SHA1,REQ_SUBJECT,CRL_SCOPE,CERT,PRIVATE_KEY");
    private static final String SQL_ADD_CRL = SqlUtil.buildInsertSql("CRL", "ID,CA_ID,CRL_NO,THISUPDATE,NEXTUPDATE,DELTACRL,BASECRL_NO,CRL_SCOPE,SHA1,CRL");
    private final int numCertsPerCommit;

    /* JADX INFO: Access modifiers changed from: package-private */
    public CaCertstoreDbImporter(DataSourceWrapper dataSourceWrapper, String str, int i, boolean z, AtomicBoolean atomicBoolean) throws Exception {
        super(dataSourceWrapper, str, atomicBoolean);
        this.numCertsPerCommit = Args.positive(i, "numCertsPerCommit");
        File file = new File(this.baseDir, DbPorter.IMPORT_PROCESS_LOG_FILENAME);
        if (z) {
            if (!file.exists()) {
                throw new Exception("could not process with '--resume' option");
            }
        } else if (file.exists()) {
            throw new Exception("please either specify '--resume' option or delete the file " + file.getPath() + " first");
        }
    }

    private void importRequestorOrProfile(List<CaCertstore.IdName> list, String str) throws DataAccessException {
        System.out.print("    importing table " + str + " ... ");
        String buildInsertSql = SqlUtil.buildInsertSql(str, "ID,NAME");
        PreparedStatement preparedStatement = null;
        try {
            preparedStatement = prepareStatement(buildInsertSql);
            for (CaCertstore.IdName idName : list) {
                try {
                    preparedStatement.setInt(1, idName.getId());
                    preparedStatement.setString(2, idName.getName());
                    preparedStatement.executeUpdate();
                } catch (SQLException e) {
                    System.err.println("could not import " + str + " with NAME=" + idName.getName());
                    throw translate(buildInsertSql, e);
                }
            }
            releaseResources(preparedStatement, null);
            System.out.println(1 != 0 ? "SUCCESSFUL" : "FAILED");
        } catch (Throwable th) {
            releaseResources(preparedStatement, null);
            System.out.println(0 != 0 ? "SUCCESSFUL" : "FAILED");
            throw th;
        }
    }

    private void importCa(List<CaCertstore.Ca> list) throws DataAccessException, CertificateException {
        System.out.print("    importing table CA ... ");
        String buildInsertSql = SqlUtil.buildInsertSql("CA", "ID,NAME,SUBJECT,REV_INFO,CERT");
        PreparedStatement preparedStatement = null;
        try {
            preparedStatement = prepareStatement(buildInsertSql);
            for (CaCertstore.Ca ca : list) {
                try {
                    try {
                        X509Cert parseCert = X509Util.parseCert(ca.getCert());
                        int i = 1 + 1;
                        preparedStatement.setInt(1, ca.getId());
                        int i2 = i + 1;
                        preparedStatement.setString(i, ca.getName().toLowerCase());
                        int i3 = i2 + 1;
                        preparedStatement.setString(i2, X509Util.cutX500Name(parseCert.getSubject(), this.maxX500nameLen));
                        preparedStatement.setString(i3, ca.getRevInfo());
                        preparedStatement.setString(i3 + 1, Base64.encodeToString(ca.getCert()));
                        preparedStatement.executeUpdate();
                    } catch (CertificateException e) {
                        System.err.println("could not import CA with NAME=" + ca.getName());
                        throw e;
                    }
                } catch (SQLException e2) {
                    System.err.println("could not import CA with NAME=" + ca.getName());
                    throw translate(buildInsertSql, e2);
                }
            }
            releaseResources(preparedStatement, null);
            System.out.println(1 != 0 ? "SUCCESSFUL" : "FAILED");
        } catch (Throwable th) {
            releaseResources(preparedStatement, null);
            System.out.println(0 != 0 ? "SUCCESSFUL" : "FAILED");
            throw th;
        }
    }

    public void importToDb() throws Exception {
        CaCertstore caCertstore = (CaCertstore) CaJson.parseObject(Paths.get(this.baseDir, DbPorter.FILENAME_CA_CERTSTORE), CaCertstore.class);
        caCertstore.validate();
        if (caCertstore.getVersion() > 2) {
            throw new Exception("could not import Certstore greater than 2: " + caCertstore.getVersion());
        }
        importRequestorOrProfile(caCertstore.getProfiles(), "PROFILE");
        importRequestorOrProfile(caCertstore.getRequestors(), "REQUESTOR");
        importCa(caCertstore.getCas());
        File file = new File(this.baseDir, DbPorter.IMPORT_PROCESS_LOG_FILENAME);
        System.out.println("importing CA certstore to database");
        try {
            DbPorter.CaDbEntryType caDbEntryType = null;
            Integer num = null;
            Long l = null;
            if (file.exists()) {
                byte[] read = IoUtil.read(file);
                if (read.length > 5) {
                    StringTokenizer stringTokenizer = new StringTokenizer(StringUtil.toUtf8String(read), ":");
                    caDbEntryType = DbPorter.CaDbEntryType.valueOf(stringTokenizer.nextToken());
                    num = Integer.valueOf(Integer.parseInt(stringTokenizer.nextToken()));
                    l = Long.valueOf(Long.parseLong(stringTokenizer.nextToken()));
                }
            }
            boolean z = false;
            if (caDbEntryType != null && l.longValue() == -1) {
                num = 0;
                l = 0L;
                if (caDbEntryType == DbPorter.CaDbEntryType.CRL) {
                    caDbEntryType = DbPorter.CaDbEntryType.CERT;
                } else {
                    if (caDbEntryType != DbPorter.CaDbEntryType.CERT) {
                        throw new IllegalStateException("unsupported CaDbEntryType " + caDbEntryType);
                    }
                    z = true;
                }
            }
            if (!z) {
                Exception exc = null;
                if (DbPorter.CaDbEntryType.CRL == caDbEntryType || caDbEntryType == null) {
                    exc = importEntries(DbPorter.CaDbEntryType.CRL, caCertstore, file, num, l);
                    caDbEntryType = null;
                    num = null;
                    l = null;
                }
                for (DbPorter.CaDbEntryType caDbEntryType2 : new DbPorter.CaDbEntryType[]{DbPorter.CaDbEntryType.CERT}) {
                    if (exc == null && (caDbEntryType2 == caDbEntryType || caDbEntryType == null)) {
                        exc = importEntries(caDbEntryType2, caCertstore, file, num, l);
                    }
                }
                if (exc != null) {
                    throw exc;
                }
            }
            IoUtil.deleteFile0(file);
            System.out.println(" imported CA certstore to database");
        } catch (Exception e) {
            System.err.println("could not import CA certstore to database");
            throw e;
        }
    }

    private Exception importEntries(DbPorter.CaDbEntryType caDbEntryType, CaCertstore caCertstore, File file, Integer num, Long l) {
        long countCrls;
        String str;
        String str2 = "table " + caDbEntryType.getTableName();
        int i = 0;
        long j = 1;
        if (l != null) {
            try {
                j = l.longValue() + 1;
                i = num.intValue();
            } catch (Exception e) {
                System.err.println("\nimporting " + str2 + " has been cancelled due to error,\nplease continue with the option '--resume'");
                LOG.error("Exception", e);
                return e;
            }
        }
        deleteFromTableWithLargerId(caDbEntryType.getTableName(), "ID", j - 1, LOG);
        if (caDbEntryType == DbPorter.CaDbEntryType.CERT) {
            countCrls = caCertstore.getCountCerts();
            str = SQL_ADD_CERT;
        } else {
            if (caDbEntryType != DbPorter.CaDbEntryType.CRL) {
                throw new IllegalStateException("unsupported DbEntryType " + caDbEntryType);
            }
            countCrls = caCertstore.getCountCrls();
            str = SQL_ADD_CRL;
        }
        ProcessLog processLog = new ProcessLog(countCrls - i);
        System.out.println("importing entries to " + str2 + " from ID " + j);
        processLog.printHeader();
        try {
            DbPorter.DbPortFileNameIterator dbPortFileNameIterator = new DbPorter.DbPortFileNameIterator(this.baseDir + File.separator + caDbEntryType.getDirName() + ".mf");
            try {
                PreparedStatement prepareStatement = prepareStatement(str);
                while (dbPortFileNameIterator.hasNext()) {
                    String str3 = this.baseDir + File.separator + caDbEntryType.getDirName() + File.separator + dbPortFileNameIterator.next();
                    int indexOf = str3.indexOf(45);
                    int indexOf2 = str3.indexOf(".zip");
                    try {
                        if (indexOf == -1 || indexOf2 == -1) {
                            LOG.warn("invalid file name '{}', but will still be processed", str3);
                        } else {
                            try {
                            } catch (Exception e2) {
                                LOG.warn("invalid file name '{}', but will still be processed", str3);
                            }
                            if (Integer.parseInt(str3.substring(indexOf + 1, indexOf2)) < j) {
                            }
                        }
                        j = (caDbEntryType == DbPorter.CaDbEntryType.CERT ? importCerts(str3, j, file, processLog, i, prepareStatement, str) : importCrls(str3, j, file, processLog, i, prepareStatement, str)) + 1;
                    } catch (Exception e3) {
                        System.err.println("\ncould not import entries from file " + str3 + ".\nplease continue with the option '--resume'");
                        LOG.error("Exception", e3);
                        dbPortFileNameIterator.close();
                        releaseResources(prepareStatement, null);
                        return e3;
                    }
                }
                dbPortFileNameIterator.close();
                releaseResources(prepareStatement, null);
                processLog.printTrailer();
                echoToFile(caDbEntryType + ":" + (i + processLog.numProcessed()) + ":-1", file);
                System.out.println(" imported " + processLog.numProcessed() + " entries");
                return null;
            } catch (Throwable th) {
                try {
                    dbPortFileNameIterator.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } catch (Throwable th3) {
            releaseResources(null, null);
            throw th3;
        }
    }

    /* JADX WARN: Type inference failed for: r1v22, types: [byte[], byte[][]] */
    private long importCerts(String str, long j, File file, ProcessLog processLog, int i, PreparedStatement preparedStatement, String str2) throws Exception {
        int i2;
        int i3;
        ZipEntry entry;
        DbPorter.CaDbEntryType caDbEntryType = DbPorter.CaDbEntryType.CERT;
        int max = Math.max(1, Math.round(caDbEntryType.getSqlBatchFactor() * this.numCertsPerCommit));
        ZipFile zipFile = new ZipFile(new File(str));
        try {
            CaCertstore.Certs certs = (CaCertstore.Certs) CaJson.parseObjectAndClose(zipFile.getInputStream(zipFile.getEntry("overview.json")), CaCertstore.Certs.class);
            certs.validate();
            disableAutoCommit();
            try {
                int i4 = 0;
                long j2 = 0;
                List<CaCertstore.Cert> certs2 = certs.getCerts();
                int size = certs2.size();
                int i5 = 0;
                while (i5 < size) {
                    CaCertstore.Cert cert = certs2.get(i5);
                    if (this.stopMe.get()) {
                        throw new InterruptedException("interrupted by the user");
                    }
                    long longValue = cert.getId().longValue();
                    if (longValue >= j) {
                        i4++;
                        String file2 = cert.getFile();
                        byte[] readAllBytesAndClose = IoUtil.readAllBytesAndClose(zipFile.getInputStream(zipFile.getEntry(file2)));
                        try {
                            TBSCertificate tBSCertificate = Certificate.getInstance(readAllBytesAndClose).getTBSCertificate();
                            String base64Hash = HashAlgo.SHA1.base64Hash((byte[][]) new byte[]{readAllBytesAndClose});
                            String cutX500Name = X509Util.cutX500Name(tBSCertificate.getSubject(), this.maxX500nameLen);
                            String str3 = null;
                            if (cert.getPrivateKeyFile() != null && (entry = zipFile.getEntry(cert.getPrivateKeyFile())) != null) {
                                str3 = new String(IoUtil.readAllBytesAndClose(zipFile.getInputStream(entry)));
                            }
                            try {
                                int i6 = 1 + 1;
                                preparedStatement.setLong(1, longValue);
                                int i7 = i6 + 1;
                                preparedStatement.setLong(i6, cert.getUpdate().longValue());
                                int i8 = i7 + 1;
                                preparedStatement.setString(i7, tBSCertificate.getSerialNumber().getPositiveValue().toString(16));
                                int i9 = i8 + 1;
                                preparedStatement.setString(i8, cutX500Name);
                                int i10 = i9 + 1;
                                preparedStatement.setLong(i9, X509Util.fpCanonicalizedName(tBSCertificate.getSubject()));
                                if (cert.getFpRs() != null) {
                                    i2 = i10 + 1;
                                    preparedStatement.setLong(i10, cert.getFpRs().longValue());
                                } else {
                                    i2 = i10 + 1;
                                    preparedStatement.setNull(i10, -5);
                                }
                                byte[] coreExtValue = X509Util.getCoreExtValue(tBSCertificate.getExtensions(), Extension.subjectAlternativeName);
                                if (coreExtValue != null) {
                                    int i11 = i2;
                                    i3 = i2 + 1;
                                    preparedStatement.setLong(i11, FpIdCalculator.hash(coreExtValue));
                                } else {
                                    int i12 = i2;
                                    i3 = i2 + 1;
                                    preparedStatement.setNull(i12, -5);
                                }
                                int i13 = i3;
                                int i14 = i3 + 1;
                                preparedStatement.setLong(i13, DateUtil.toEpochSecond(tBSCertificate.getStartDate().getDate()));
                                int i15 = i14 + 1;
                                preparedStatement.setLong(i14, DateUtil.toEpochSecond(tBSCertificate.getEndDate().getDate()));
                                int i16 = i15 + 1;
                                setInt(preparedStatement, i15, cert.getRev());
                                int i17 = i16 + 1;
                                setInt(preparedStatement, i16, cert.getRr());
                                int i18 = i17 + 1;
                                setLong(preparedStatement, i17, cert.getRt());
                                int i19 = i18 + 1;
                                setLong(preparedStatement, i18, cert.getRit());
                                int i20 = i19 + 1;
                                setInt(preparedStatement, i19, cert.getPid());
                                int i21 = i20 + 1;
                                setInt(preparedStatement, i20, cert.getCaId());
                                int i22 = i21 + 1;
                                setInt(preparedStatement, i21, cert.getRid());
                                Extension extension = tBSCertificate.getExtensions().getExtension(Extension.basicConstraints);
                                boolean z = true;
                                if (extension != null) {
                                    z = !BasicConstraints.getInstance(extension.getParsedValue()).isCA();
                                }
                                int i23 = i22 + 1;
                                preparedStatement.setInt(i22, z ? 1 : 0);
                                String str4 = null;
                                if (cert.getTid() != null) {
                                    str4 = cert.getTid();
                                }
                                int i24 = i23 + 1;
                                preparedStatement.setString(i23, str4);
                                int i25 = i24 + 1;
                                preparedStatement.setString(i24, base64Hash);
                                int i26 = i25 + 1;
                                preparedStatement.setString(i25, cert.getRs());
                                int i27 = i26 + 1;
                                preparedStatement.setInt(i26, cert.getCrlScope().intValue());
                                preparedStatement.setString(i27, Base64.encodeToString(readAllBytesAndClose));
                                preparedStatement.setString(i27 + 1, str3);
                                preparedStatement.addBatch();
                                boolean z2 = i5 == size - 1;
                                if (i4 > 0 && (i4 % max == 0 || z2)) {
                                    try {
                                        preparedStatement.executeBatch();
                                        commit("(commit import to CA)");
                                        j2 = longValue;
                                        processLog.addNumProcessed(i4);
                                        i4 = 0;
                                        echoToFile(caDbEntryType + ":" + (i + processLog.numProcessed()) + ":" + caDbEntryType, file);
                                        processLog.printStatus();
                                    } catch (Throwable th) {
                                        rollback();
                                        deleteFromTableWithLargerId(caDbEntryType.getTableName(), "ID", longValue, LOG);
                                        if (th instanceof SQLException) {
                                            throw translate(str2, (SQLException) th);
                                        }
                                        if (th instanceof Exception) {
                                            throw ((Exception) th);
                                        }
                                        throw new Exception(th);
                                    }
                                }
                            } catch (SQLException e) {
                                throw translate(str2, e);
                            }
                        } catch (RuntimeException e2) {
                            LOG.error("could not parse certificate in file {}", file2);
                            LOG.debug("could not parse certificate in file " + file2, e2);
                            throw new CertificateException(e2.getMessage(), e2);
                        }
                    }
                    i5++;
                }
                return j2;
            } finally {
                recoverAutoCommit();
                zipFile.close();
            }
        } catch (Exception e3) {
            try {
                zipFile.close();
            } catch (Exception e4) {
                LOG.error("could not close ZIP file {}: {}", str, e4.getMessage());
                LOG.debug("could not close ZIP file " + str, e4);
            }
            throw e3;
        }
    }

    /* JADX WARN: Type inference failed for: r1v17, types: [byte[], byte[][]] */
    private long importCrls(String str, long j, File file, ProcessLog processLog, int i, PreparedStatement preparedStatement, String str2) throws Exception {
        int i2;
        int i3;
        DbPorter.CaDbEntryType caDbEntryType = DbPorter.CaDbEntryType.CRL;
        int max = Math.max(1, Math.round(caDbEntryType.getSqlBatchFactor() * this.numCertsPerCommit));
        ZipFile zipFile = new ZipFile(new File(str));
        try {
            CaCertstore.Crls crls = (CaCertstore.Crls) CaJson.parseObjectAndClose(zipFile.getInputStream(zipFile.getEntry("overview.json")), CaCertstore.Crls.class);
            crls.validate();
            disableAutoCommit();
            try {
                int i4 = 0;
                long j2 = 0;
                List<CaCertstore.Crl> crls2 = crls.getCrls();
                int size = crls2.size();
                int i5 = 0;
                while (i5 < size) {
                    CaCertstore.Crl crl = crls2.get(i5);
                    long longValue = crl.getId().longValue();
                    if (longValue >= j) {
                        i4++;
                        String file2 = crl.getFile();
                        byte[] readAllBytesAndClose = IoUtil.readAllBytesAndClose(zipFile.getInputStream(zipFile.getEntry(file2)));
                        String base64Hash = HashAlgo.SHA1.base64Hash((byte[][]) new byte[]{readAllBytesAndClose});
                        try {
                            X509CRLHolder parseCrl = X509Util.parseCrl(readAllBytesAndClose);
                            try {
                                Extensions extensions = parseCrl.getExtensions();
                                byte[] coreExtValue = X509Util.getCoreExtValue(extensions, Extension.cRLNumber);
                                if (coreExtValue == null) {
                                    LOG.warn("CRL without CRL number, ignore it");
                                } else {
                                    BigInteger positiveValue = ASN1Integer.getInstance(coreExtValue).getPositiveValue();
                                    byte[] coreExtValue2 = X509Util.getCoreExtValue(extensions, Extension.deltaCRLIndicator);
                                    BigInteger positiveValue2 = coreExtValue2 == null ? null : ASN1Integer.getInstance(coreExtValue2).getPositiveValue();
                                    int i6 = 1 + 1;
                                    preparedStatement.setLong(1, crl.getId().longValue());
                                    int i7 = i6 + 1;
                                    preparedStatement.setInt(i6, crl.getCaId().intValue());
                                    int i8 = i7 + 1;
                                    preparedStatement.setLong(i7, positiveValue.longValue());
                                    int i9 = i8 + 1;
                                    preparedStatement.setLong(i8, DateUtil.toEpochSecond(parseCrl.getThisUpdate()));
                                    if (parseCrl.getNextUpdate() != null) {
                                        i2 = i9 + 1;
                                        preparedStatement.setLong(i9, DateUtil.toEpochSecond(parseCrl.getNextUpdate()));
                                    } else {
                                        i2 = i9 + 1;
                                        preparedStatement.setNull(i9, 4);
                                    }
                                    if (positiveValue2 == null) {
                                        int i10 = i2;
                                        int i11 = i2 + 1;
                                        setBoolean(preparedStatement, i10, false);
                                        i3 = i11 + 1;
                                        preparedStatement.setNull(i11, -5);
                                    } else {
                                        int i12 = i2;
                                        int i13 = i2 + 1;
                                        setBoolean(preparedStatement, i12, true);
                                        i3 = i13 + 1;
                                        preparedStatement.setLong(i13, positiveValue2.longValue());
                                    }
                                    int i14 = i3;
                                    int i15 = i3 + 1;
                                    preparedStatement.setInt(i14, crl.getCrlScope().intValue());
                                    preparedStatement.setString(i15, base64Hash);
                                    preparedStatement.setString(i15 + 1, Base64.encodeToString(readAllBytesAndClose));
                                    preparedStatement.addBatch();
                                    boolean z = i5 == size - 1;
                                    if (i4 > 0 && (i4 % max == 0 || z)) {
                                        try {
                                            preparedStatement.executeBatch();
                                            commit("(commit import to CA)");
                                            j2 = longValue;
                                            processLog.addNumProcessed(i4);
                                            i4 = 0;
                                            echoToFile(caDbEntryType + ":" + (i + processLog.numProcessed()) + ":" + caDbEntryType, file);
                                            processLog.printStatus();
                                        } catch (Throwable th) {
                                            rollback();
                                            deleteFromTableWithLargerId(caDbEntryType.getTableName(), "ID", longValue, LOG);
                                            if (th instanceof SQLException) {
                                                throw translate(str2, (SQLException) th);
                                            }
                                            if (th instanceof Exception) {
                                                throw ((Exception) th);
                                            }
                                            throw new Exception(th);
                                        }
                                    }
                                }
                            } catch (SQLException e) {
                                System.err.println("could not import CRL with ID=" + crl.getId() + ", message: " + e.getMessage());
                                throw e;
                            }
                        } catch (Exception e2) {
                            LOG.error("could not parse CRL in file {}", file2);
                            LOG.debug("could not parse CRL in file " + file2, e2);
                            if (e2 instanceof CRLException) {
                                throw e2;
                            }
                            throw new CRLException(e2.getMessage(), e2);
                        }
                    }
                    i5++;
                }
                return j2;
            } finally {
                recoverAutoCommit();
                zipFile.close();
            }
        } catch (Exception e3) {
            try {
                zipFile.close();
            } catch (Exception e4) {
                LOG.error("could not close ZIP file {}: {}", str, e4.getMessage());
                LOG.debug("could not close ZIP file " + str, e4);
            }
            throw e3;
        }
    }
}
