package org.xipki.ca.mgmt.db.port;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.parser.Feature;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.cert.CertificateException;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.util.List;
import java.util.StringTokenizer;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.zip.ZipFile;
import org.bouncycastle.asn1.x509.Certificate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.ca.mgmt.db.port.DbPorter;
import org.xipki.ca.mgmt.db.port.OcspCertstore;
import org.xipki.datasource.DataAccessException;
import org.xipki.datasource.DataSourceWrapper;
import org.xipki.security.util.X509Util;
import org.xipki.util.Args;
import org.xipki.util.Base64;
import org.xipki.util.IoUtil;
import org.xipki.util.ProcessLog;

/* loaded from: input_file:org/xipki/ca/mgmt/db/port/OcspCertstoreDbImporter.class */
class OcspCertstoreDbImporter extends AbstractOcspCertstoreDbImporter {
    private static final Logger LOG = LoggerFactory.getLogger(OcspCertstoreDbImporter.class);
    private final boolean resume;
    private final int numCertsPerCommit;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OcspCertstoreDbImporter(DataSourceWrapper dataSourceWrapper, String str, int i, boolean z, AtomicBoolean atomicBoolean) throws Exception {
        super(dataSourceWrapper, str, atomicBoolean);
        this.numCertsPerCommit = Args.positive(i, "numCertsPerCommit");
        File file = new File(this.baseDir, DbPorter.IMPORT_PROCESS_LOG_FILENAME);
        if (z) {
            if (!file.exists()) {
                throw new Exception("could not process with '--resume' option");
            }
        } else if (file.exists()) {
            throw new Exception("please either specify '--resume' option or delete the file " + file.getPath() + " first");
        }
        this.resume = z;
    }

    public void importToDb() throws Exception {
        InputStream newInputStream = Files.newInputStream(Paths.get(this.baseDir, DbPorter.FILENAME_OCSP_CERTSTORE), new OpenOption[0]);
        Throwable th = null;
        try {
            OcspCertstore ocspCertstore = (OcspCertstore) JSON.parseObject(newInputStream, OcspCertstore.class, new Feature[0]);
            if (newInputStream != null) {
                if (0 != 0) {
                    try {
                        newInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    newInputStream.close();
                }
            }
            ocspCertstore.validate();
            if (ocspCertstore.getVersion() > 1) {
                throw new Exception("could not import Certstore greater than 1: " + ocspCertstore.getVersion());
            }
            File file = new File(this.baseDir, DbPorter.IMPORT_PROCESS_LOG_FILENAME);
            System.out.println("importing OCSP certstore to database");
            try {
                if (!this.resume) {
                    dropIndexes();
                    importCertHashAlgo(ocspCertstore.getCerthashAlgo());
                    importIssuer(ocspCertstore.getIssuers());
                }
                importCert(ocspCertstore, file);
                recoverIndexes();
                file.delete();
                System.out.println(" imported OCSP certstore to database");
            } catch (Exception e) {
                System.err.println("could not import OCSP certstore to database");
                throw e;
            }
        } catch (Throwable th3) {
            if (newInputStream != null) {
                if (0 != 0) {
                    try {
                        newInputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    newInputStream.close();
                }
            }
            throw th3;
        }
    }

    private void importCertHashAlgo(String str) throws DataAccessException {
        PreparedStatement prepareStatement = prepareStatement("UPDATE DBSCHEMA SET VALUE2=? WHERE NAME='CERTHASH_ALGO'");
        try {
            try {
                prepareStatement.setString(1, str);
                prepareStatement.executeUpdate();
                this.dbSchemaInfo.setVariable("CERTHASH_ALGO", str);
                releaseResources(prepareStatement, null);
            } catch (SQLException e) {
                System.err.println("could not import DBSCHEMA");
                throw translate("UPDATE DBSCHEMA SET VALUE2=? WHERE NAME='CERTHASH_ALGO'", e);
            }
        } catch (Throwable th) {
            releaseResources(prepareStatement, null);
            throw th;
        }
    }

    private void importIssuer(List<OcspCertstore.Issuer> list) throws DataAccessException, CertificateException, IOException {
        System.out.println("importing table ISSUER");
        PreparedStatement prepareStatement = prepareStatement("INSERT INTO ISSUER (ID,SUBJECT,NBEFORE,NAFTER,S1C,REV_INFO,CERT) VALUES (?,?,?,?,?,?,?)");
        try {
            for (OcspCertstore.Issuer issuer : list) {
                try {
                    String str = new String(IoUtil.read(new File(this.baseDir, issuer.getCertFile())));
                    byte[] decode = Base64.decode(str);
                    try {
                        Certificate certificate = Certificate.getInstance(decode);
                        int i = 1 + 1;
                        prepareStatement.setInt(1, issuer.getId());
                        int i2 = i + 1;
                        prepareStatement.setString(i, X509Util.cutX500Name(certificate.getSubject(), this.maxX500nameLen));
                        int i3 = i2 + 1;
                        prepareStatement.setLong(i2, certificate.getTBSCertificate().getStartDate().getDate().getTime() / 1000);
                        int i4 = i3 + 1;
                        prepareStatement.setLong(i3, certificate.getTBSCertificate().getEndDate().getDate().getTime() / 1000);
                        int i5 = i4 + 1;
                        prepareStatement.setString(i4, sha1(decode));
                        int i6 = i5 + 1;
                        prepareStatement.setString(i5, issuer.getRevInfo());
                        int i7 = i6 + 1;
                        prepareStatement.setString(i6, str);
                        prepareStatement.execute();
                    } catch (RuntimeException e) {
                        LOG.error("could not parse certificate of issuer {}", Integer.valueOf(issuer.getId()));
                        LOG.debug("could not parse certificate of issuer " + issuer.getId(), e);
                        throw new CertificateException(e.getMessage(), e);
                    }
                } catch (CertificateException e2) {
                    System.err.println("could not import issuer with id=" + issuer.getId());
                    throw e2;
                } catch (SQLException e3) {
                    System.err.println("could not import issuer with id=" + issuer.getId());
                    throw translate("INSERT INTO ISSUER (ID,SUBJECT,NBEFORE,NAFTER,S1C,REV_INFO,CERT) VALUES (?,?,?,?,?,?,?)", e3);
                }
            }
            System.out.println(" imported table ISSUER");
        } finally {
            releaseResources(prepareStatement, null);
        }
    }

    private void importCert(OcspCertstore ocspCertstore, File file) throws Exception {
        byte[] read;
        int i = 0;
        long j = 1;
        if (file.exists() && (read = IoUtil.read(file)) != null && read.length > 2) {
            String str = new String(read);
            if (str.trim().equalsIgnoreCase("certs.finished")) {
                return;
            }
            StringTokenizer stringTokenizer = new StringTokenizer(str, ":");
            i = Integer.parseInt(stringTokenizer.nextToken());
            j = Long.parseLong(stringTokenizer.nextToken()) + 1;
        }
        deleteCertGreatherThan(j - 1, LOG);
        ProcessLog processLog = new ProcessLog(ocspCertstore.getCountCerts() - i);
        System.out.println("importing certificates from ID " + j);
        processLog.printHeader();
        PreparedStatement prepareStatement = prepareStatement("INSERT INTO CERT (ID,IID,SN,LUPDATE,NBEFORE,NAFTER,REV,RR,RT,RIT,HASH,SUBJECT) VALUES (?,?,?,?,?,?,?,?,?,?,?,?)");
        DbPorter.OcspDbEntryType ocspDbEntryType = DbPorter.OcspDbEntryType.CERT;
        DbPorter.DbPortFileNameIterator dbPortFileNameIterator = new DbPorter.DbPortFileNameIterator(this.baseDir + File.separator + ocspDbEntryType.getDirName() + ".mf");
        while (dbPortFileNameIterator.hasNext()) {
            try {
                String str2 = this.baseDir + File.separator + ocspDbEntryType.getDirName() + File.separator + dbPortFileNameIterator.next();
                int indexOf = str2.indexOf(45);
                int indexOf2 = str2.indexOf(".zip");
                try {
                    if (indexOf == -1 || indexOf2 == -1) {
                        LOG.warn("invalid file name '{}', but will still be processed", str2);
                    } else {
                        try {
                        } catch (Exception e) {
                            LOG.warn("invalid file name '{}', but will still be processed", str2);
                        }
                        if (Long.parseLong(str2.substring(indexOf + 1, indexOf2)) < j) {
                        }
                    }
                    j = importCert0(prepareStatement, str2, j, file, processLog, i) + 1;
                } catch (Exception e2) {
                    System.err.println("\ncould not import certificates from file " + str2 + ".\nplease continue with the option '--resume'");
                    LOG.error("Exception", e2);
                    throw e2;
                }
            } finally {
                releaseResources(prepareStatement, null);
                dbPortFileNameIterator.close();
            }
        }
        processLog.printTrailer();
        echoToFile("certs.finished", file);
        System.out.println(" imported " + processLog.numProcessed() + " certificates");
    }

    private long importCert0(PreparedStatement preparedStatement, String str, long j, File file, ProcessLog processLog, int i) throws Exception {
        ZipFile zipFile = new ZipFile(new File(str));
        try {
            OcspCertstore.Certs certs = (OcspCertstore.Certs) JSON.parseObject(zipFile.getInputStream(zipFile.getEntry("certs.json")), Charset.forName("UTF-8"), OcspCertstore.Certs.class, new Feature[0]);
            certs.validate();
            disableAutoCommit();
            try {
                int i2 = 0;
                long j2 = 0;
                List<OcspCertstore.Cert> certs2 = certs.getCerts();
                int size = certs2.size();
                int i3 = 0;
                while (i3 < size) {
                    if (this.stopMe.get()) {
                        throw new InterruptedException("interrupted by the user");
                    }
                    OcspCertstore.Cert cert = certs2.get(i3);
                    long longValue = cert.getId().longValue();
                    if (longValue >= j) {
                        i2++;
                        try {
                            int i4 = 1 + 1;
                            preparedStatement.setLong(1, longValue);
                            int i5 = i4 + 1;
                            preparedStatement.setInt(i4, cert.getIid().intValue());
                            int i6 = i5 + 1;
                            preparedStatement.setString(i5, cert.getSn());
                            int i7 = i6 + 1;
                            preparedStatement.setLong(i6, cert.getUpdate().longValue());
                            int i8 = i7 + 1;
                            preparedStatement.setLong(i7, cert.getNbefore().longValue());
                            int i9 = i8 + 1;
                            preparedStatement.setLong(i8, cert.getNafter().longValue());
                            int i10 = i9 + 1;
                            setBoolean(preparedStatement, i9, cert.getRev().booleanValue());
                            int i11 = i10 + 1;
                            setInt(preparedStatement, i10, cert.getRr());
                            int i12 = i11 + 1;
                            setLong(preparedStatement, i11, cert.getRt());
                            int i13 = i12 + 1;
                            setLong(preparedStatement, i12, cert.getRit());
                            int i14 = i13 + 1;
                            preparedStatement.setString(i13, cert.getHash());
                            int i15 = i14 + 1;
                            preparedStatement.setString(i14, cert.getSubject());
                            preparedStatement.addBatch();
                            boolean z = i3 == size - 1;
                            if (i2 > 0 && (i2 % this.numCertsPerCommit == 0 || z)) {
                                try {
                                    preparedStatement.executeBatch();
                                    commit("(commit import cert to OCSP)");
                                    j2 = longValue;
                                    processLog.addNumProcessed(i2);
                                    i2 = 0;
                                    echoToFile((i + processLog.numProcessed()) + ":" + j2, file);
                                    processLog.printStatus();
                                } catch (Throwable th) {
                                    rollback();
                                    deleteCertGreatherThan(j2, LOG);
                                    if (th instanceof SQLException) {
                                        throw translate("INSERT INTO CERT (ID,IID,SN,LUPDATE,NBEFORE,NAFTER,REV,RR,RT,RIT,HASH,SUBJECT) VALUES (?,?,?,?,?,?,?,?,?,?,?,?)", (SQLException) th);
                                    }
                                    if (th instanceof Exception) {
                                        throw ((Exception) th);
                                    }
                                    throw new Exception(th);
                                }
                            }
                        } catch (SQLException e) {
                            throw translate("INSERT INTO CERT (ID,IID,SN,LUPDATE,NBEFORE,NAFTER,REV,RR,RT,RIT,HASH,SUBJECT) VALUES (?,?,?,?,?,?,?,?,?,?,?,?)", e);
                        }
                    }
                    i3++;
                }
                return j2;
            } finally {
                recoverAutoCommit();
                zipFile.close();
            }
        } catch (Exception e2) {
            try {
                zipFile.close();
            } catch (Exception e3) {
                LOG.error("could not close ZIP file {}: {}", str, e3.getMessage());
                LOG.debug("could not close ZIP file " + str, e3);
            }
            throw e2;
        }
    }
}
