package org.xipki.ca.server;

import java.io.IOException;
import java.security.cert.CertPathBuilderException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.sql.Timestamp;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.ca.api.CaUris;
import org.xipki.ca.api.NameId;
import org.xipki.ca.api.OperationException;
import org.xipki.ca.api.mgmt.CaMgmtException;
import org.xipki.ca.api.mgmt.CaStatus;
import org.xipki.ca.api.mgmt.CmpControl;
import org.xipki.ca.api.mgmt.CrlControl;
import org.xipki.ca.api.mgmt.CtlogControl;
import org.xipki.ca.api.mgmt.MgmtEntry;
import org.xipki.ca.api.mgmt.ProtocolSupport;
import org.xipki.ca.api.mgmt.RevokeSuspendedControl;
import org.xipki.ca.api.mgmt.ScepControl;
import org.xipki.ca.api.mgmt.ValidityMode;
import org.xipki.ca.server.CaAuditConstants;
import org.xipki.datasource.DataAccessException;
import org.xipki.datasource.DataSourceWrapper;
import org.xipki.password.PasswordResolver;
import org.xipki.password.PasswordResolverException;
import org.xipki.security.CertRevocationInfo;
import org.xipki.security.SecurityFactory;
import org.xipki.security.SignerConf;
import org.xipki.security.XiSecurityException;
import org.xipki.security.util.X509Util;
import org.xipki.util.Args;
import org.xipki.util.Base64;
import org.xipki.util.CollectionUtil;
import org.xipki.util.ConfPairs;
import org.xipki.util.InvalidConfException;
import org.xipki.util.ObjectCreationException;
import org.xipki.util.StringUtil;
import org.xipki.util.Validity;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/xipki/ca/server/CaManagerQueryExecutor.class */
public class CaManagerQueryExecutor {
    private static final Logger LOG = LoggerFactory.getLogger(CaManagerQueryExecutor.class);
    private static final ColumnType INT = ColumnType.INT;
    private static final ColumnType BOOL = ColumnType.BOOL;
    private static final ColumnType STRING = ColumnType.STRING;
    private final DataSourceWrapper datasource;
    private final String sqlSelectProfileId = buildSelectFirstSql("ID FROM PROFILE WHERE NAME=?");
    private final String sqlSelectProfile = buildSelectFirstSql("ID,TYPE,CONF FROM PROFILE WHERE NAME=?");
    private final String sqlSelectPublisherId = buildSelectFirstSql("ID FROM PUBLISHER WHERE NAME=?");
    private final String sqlSelectPublisher = buildSelectFirstSql("ID,TYPE,CONF FROM PUBLISHER WHERE NAME=?");
    private final String sqlSelectRequestorId = buildSelectFirstSql("ID FROM REQUESTOR WHERE NAME=?");
    private final String sqlSelectRequestor = buildSelectFirstSql("ID,TYPE,CONF FROM REQUESTOR WHERE NAME=?");
    private final String sqlSelectSigner = buildSelectFirstSql("TYPE,CERT,CONF FROM SIGNER WHERE NAME=?");
    private final String sqlSelectCaId = buildSelectFirstSql("ID FROM CA WHERE NAME=?");
    private final String sqlSelectCa = buildSelectFirstSql("ID,SN_SIZE,NEXT_CRLNO,STATUS,MAX_VALIDITY,CERT,CERTCHAIN,SIGNER_TYPE,CMP_RESPONDER_NAME,SCEP_RESPONDER_NAME,CRL_SIGNER_NAME,CMP_CONTROL,CRL_CONTROL,SCEP_CONTROL,CTLOG_CONTROL,DUPLICATE_KEY,DUPLICATE_SUBJECT,PROTOCOL_SUPPORT,SAVE_REQ,PERMISSION,NUM_CRLS,KEEP_EXPIRED_CERT_DAYS,EXPIRATION_PERIOD,REV_INFO,VALIDITY_MODE,CA_URIS,EXTRA_CONTROL,SIGNER_CONF,DHPOC_CONTROL,REVOKE_SUSPENDED_CONTROL FROM CA WHERE NAME=?");
    private final String sqlNextSelectCrlNo = buildSelectFirstSql("NEXT_CRLNO FROM CA WHERE ID=?");
    private final String sqlSelectSystemEvent = buildSelectFirstSql("EVENT_TIME,EVENT_OWNER FROM SYSTEM_EVENT WHERE NAME=?");
    private final String sqlSelectUserId = buildSelectFirstSql("ID FROM TUSER WHERE NAME=?");
    private final String sqlSelectUser = buildSelectFirstSql("ID,ACTIVE,PASSWORD FROM TUSER WHERE NAME=?");

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/xipki/ca/server/CaManagerQueryExecutor$ColumnType.class */
    public enum ColumnType {
        INT,
        STRING,
        BOOL
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/xipki/ca/server/CaManagerQueryExecutor$SqlColumn.class */
    public static class SqlColumn {
        private ColumnType type;
        private String name;
        private Object value;
        private boolean sensitive;
        private boolean signerConf;

        public SqlColumn(ColumnType columnType, String str, Object obj) {
            this(columnType, str, obj, false, false);
        }

        public SqlColumn(ColumnType columnType, String str, Object obj, boolean z, boolean z2) {
            this.type = (ColumnType) Args.notNull(columnType, "type");
            this.name = (String) Args.notNull(str, CaAuditConstants.Scep.NAME_name);
            this.value = obj;
            this.sensitive = z;
            this.signerConf = z2;
        }

        public ColumnType getType() {
            return this.type;
        }

        public String getName() {
            return this.name;
        }

        public Object getValue() {
            return this.value;
        }

        public boolean isSensitive() {
            return this.sensitive;
        }

        public boolean isSignerConf() {
            return this.signerConf;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/xipki/ca/server/CaManagerQueryExecutor$SystemEvent.class */
    public static class SystemEvent {
        private final String name;
        private final String owner;
        private final long eventTime;

        /* JADX INFO: Access modifiers changed from: package-private */
        public SystemEvent(String str, String str2, long j) {
            this.name = Args.notBlank(str, CaAuditConstants.Scep.NAME_name);
            this.owner = Args.notBlank(str2, "owner");
            this.eventTime = j;
        }

        public String getName() {
            return this.name;
        }

        public String getOwner() {
            return this.owner;
        }

        public long getEventTime() {
            return this.eventTime;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CaManagerQueryExecutor(DataSourceWrapper dataSourceWrapper) {
        this.datasource = (DataSourceWrapper) Args.notNull(dataSourceWrapper, "datasource");
    }

    private String buildSelectFirstSql(String str) {
        return this.datasource.buildSelectFirstSql(1, str);
    }

    private X509Certificate generateCert(String str) throws CaMgmtException {
        if (str == null) {
            return null;
        }
        return parseCert(Base64.decode(str));
    }

    private List<X509Certificate> generateCertchain(String str) throws CaMgmtException {
        if (StringUtil.isBlank(str)) {
            return null;
        }
        try {
            List<X509Certificate> listCertificates = X509Util.listCertificates(str);
            if (CollectionUtil.isEmpty(listCertificates)) {
                return null;
            }
            return listCertificates;
        } catch (IOException | CertificateException e) {
            throw new CaMgmtException(e);
        }
    }

    private Statement createStatement() throws CaMgmtException {
        try {
            return this.datasource.createStatement();
        } catch (DataAccessException e) {
            throw new CaMgmtException(e);
        }
    }

    private PreparedStatement prepareStatement(String str) throws CaMgmtException {
        try {
            return this.datasource.prepareStatement(str);
        } catch (DataAccessException e) {
            throw new CaMgmtException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SystemEvent getSystemEvent(String str) throws CaMgmtException {
        String str2 = this.sqlSelectSystemEvent;
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = prepareStatement(str2);
                preparedStatement.setString(1, str);
                resultSet = preparedStatement.executeQuery();
                if (!resultSet.next()) {
                    this.datasource.releaseResources(preparedStatement, resultSet);
                    return null;
                }
                SystemEvent systemEvent = new SystemEvent(str, resultSet.getString("EVENT_OWNER"), resultSet.getLong("EVENT_TIME"));
                this.datasource.releaseResources(preparedStatement, resultSet);
                return systemEvent;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate(str2, e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, resultSet);
            throw th;
        }
    }

    private void deleteSystemEvent(String str) throws CaMgmtException {
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = prepareStatement("DELETE FROM SYSTEM_EVENT WHERE NAME=?");
                preparedStatement.setString(1, str);
                preparedStatement.executeUpdate();
                this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("DELETE FROM SYSTEM_EVENT WHERE NAME=?", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            throw th;
        }
    }

    private void addSystemEvent(SystemEvent systemEvent) throws CaMgmtException {
        try {
            try {
                PreparedStatement prepareStatement = prepareStatement("INSERT INTO SYSTEM_EVENT (NAME,EVENT_TIME,EVENT_TIME2,EVENT_OWNER) VALUES (?,?,?,?)");
                prepareStatement.setString(1, systemEvent.getName());
                prepareStatement.setLong(2, systemEvent.getEventTime());
                prepareStatement.setTimestamp(3, new Timestamp(systemEvent.getEventTime() * 1000));
                prepareStatement.setString(4, systemEvent.getOwner());
                if (prepareStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not add system event " + systemEvent.getName());
                }
                LOG.info("added system event {}", systemEvent.getName());
                this.datasource.releaseResources(prepareStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("INSERT INTO SYSTEM_EVENT (NAME,EVENT_TIME,EVENT_TIME2,EVENT_OWNER) VALUES (?,?,?,?)", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources((Statement) null, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void changeSystemEvent(SystemEvent systemEvent) throws CaMgmtException {
        deleteSystemEvent(systemEvent.getName());
        addSystemEvent(systemEvent);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Map<String, Integer> createCaAliases() throws CaMgmtException {
        HashMap hashMap = new HashMap();
        Statement statement = null;
        ResultSet resultSet = null;
        try {
            try {
                statement = createStatement();
                resultSet = statement.executeQuery("SELECT NAME,CA_ID FROM CAALIAS");
                while (resultSet.next()) {
                    hashMap.put(resultSet.getString("NAME"), Integer.valueOf(resultSet.getInt("CA_ID")));
                }
                this.datasource.releaseResources(statement, resultSet);
                return hashMap;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("SELECT NAME,CA_ID FROM CAALIAS", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(statement, resultSet);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public MgmtEntry.Certprofile createCertprofile(String str) throws CaMgmtException {
        String str2 = this.sqlSelectProfile;
        try {
            try {
                PreparedStatement prepareStatement = prepareStatement(str2);
                prepareStatement.setString(1, str);
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (!executeQuery.next()) {
                    throw new CaMgmtException("unknown CA " + str);
                }
                MgmtEntry.Certprofile certprofile = new MgmtEntry.Certprofile(new NameId(Integer.valueOf(executeQuery.getInt("ID")), str), executeQuery.getString("TYPE"), executeQuery.getString("CONF"));
                this.datasource.releaseResources(prepareStatement, executeQuery);
                return certprofile;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate(str2, e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources((Statement) null, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<String> namesFromTable(String str) throws CaMgmtException {
        return namesFromTable(str, "NAME");
    }

    private List<String> namesFromTable(String str, String str2) throws CaMgmtException {
        String concat = concat("SELECT ", str2, " FROM ", str);
        Statement statement = null;
        ResultSet resultSet = null;
        try {
            try {
                statement = createStatement();
                resultSet = statement.executeQuery(concat);
                LinkedList linkedList = new LinkedList();
                while (resultSet.next()) {
                    String string = resultSet.getString(str2);
                    if (StringUtil.isNotBlank(string)) {
                        linkedList.add(string);
                    }
                }
                this.datasource.releaseResources(statement, resultSet);
                return linkedList;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate(concat, e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(statement, resultSet);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public MgmtEntry.Publisher createPublisher(String str) throws CaMgmtException {
        String str2 = this.sqlSelectPublisher;
        try {
            try {
                PreparedStatement prepareStatement = prepareStatement(str2);
                prepareStatement.setString(1, str);
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (!executeQuery.next()) {
                    throw new CaMgmtException("unkown Publisher " + str);
                }
                MgmtEntry.Publisher publisher = new MgmtEntry.Publisher(new NameId(Integer.valueOf(executeQuery.getInt("ID")), str), executeQuery.getString("TYPE"), executeQuery.getString("CONF"));
                this.datasource.releaseResources(prepareStatement, executeQuery);
                return publisher;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate(str2, e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources((Statement) null, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Integer getRequestorId(String str) throws CaMgmtException {
        String str2 = this.sqlSelectRequestorId;
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = prepareStatement(str2);
                preparedStatement.setString(1, str);
                resultSet = preparedStatement.executeQuery();
                if (!resultSet.next()) {
                    this.datasource.releaseResources(preparedStatement, resultSet);
                    return null;
                }
                Integer valueOf = Integer.valueOf(resultSet.getInt("ID"));
                this.datasource.releaseResources(preparedStatement, resultSet);
                return valueOf;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate(str2, e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, resultSet);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public MgmtEntry.Requestor createRequestor(String str) throws CaMgmtException {
        String str2 = this.sqlSelectRequestor;
        try {
            try {
                PreparedStatement prepareStatement = prepareStatement(str2);
                prepareStatement.setString(1, str);
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (!executeQuery.next()) {
                    throw new CaMgmtException("unknown Requestor " + str);
                }
                MgmtEntry.Requestor requestor = new MgmtEntry.Requestor(new NameId(Integer.valueOf(executeQuery.getInt("ID")), str), executeQuery.getString("TYPE"), executeQuery.getString("CONF"));
                this.datasource.releaseResources(prepareStatement, executeQuery);
                return requestor;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate(str2, e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources((Statement) null, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public MgmtEntry.Signer createSigner(String str) throws CaMgmtException {
        String str2 = this.sqlSelectSigner;
        try {
            try {
                PreparedStatement prepareStatement = prepareStatement(str2);
                prepareStatement.setString(1, str);
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (!executeQuery.next()) {
                    throw new CaMgmtException("unknown signer " + str);
                }
                MgmtEntry.Signer signer = new MgmtEntry.Signer(str, executeQuery.getString("TYPE"), executeQuery.getString("CONF"), executeQuery.getString("CERT"));
                this.datasource.releaseResources(prepareStatement, executeQuery);
                return signer;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate(str2, e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources((Statement) null, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CaInfo createCaInfo(String str, boolean z, CertStore certStore) throws CaMgmtException {
        String str2 = this.sqlSelectCa;
        try {
            try {
                PreparedStatement prepareStatement = prepareStatement(str2);
                prepareStatement.setString(1, str);
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (!executeQuery.next()) {
                    throw new CaMgmtException("uknown CA " + str);
                }
                String string = executeQuery.getString("CA_URIS");
                MgmtEntry.Ca ca = new MgmtEntry.Ca(new NameId(Integer.valueOf(executeQuery.getInt("ID")), str), executeQuery.getInt("SN_SIZE"), executeQuery.getLong("NEXT_CRLNO"), executeQuery.getString("SIGNER_TYPE"), executeQuery.getString("SIGNER_CONF"), string == null ? null : CaUris.decode(string), executeQuery.getInt("NUM_CRLS"), executeQuery.getInt("EXPIRATION_PERIOD"));
                ca.setCert(generateCert(executeQuery.getString("CERT")));
                ca.setDhpocControl(executeQuery.getString("DHPOC_CONTROL"));
                String string2 = executeQuery.getString("REVOKE_SUSPENDED_CONTROL");
                ca.setRevokeSuspendedControl(string2 == null ? new RevokeSuspendedControl(false) : new RevokeSuspendedControl(string2));
                List<X509Certificate> generateCertchain = generateCertchain(executeQuery.getString("CERTCHAIN"));
                if (CollectionUtil.isNotEmpty(generateCertchain)) {
                    buildCertChain(ca.getCert(), generateCertchain);
                    ca.setCertchain(generateCertchain);
                }
                ca.setStatus(CaStatus.forName(executeQuery.getString("STATUS")));
                ca.setMaxValidity(Validity.getInstance(executeQuery.getString("MAX_VALIDITY")));
                ca.setKeepExpiredCertInDays(executeQuery.getInt("KEEP_EXPIRED_CERT_DAYS"));
                String string3 = executeQuery.getString("CRL_SIGNER_NAME");
                if (StringUtil.isNotBlank(string3)) {
                    ca.setCrlSignerName(string3);
                }
                String string4 = executeQuery.getString("CMP_RESPONDER_NAME");
                if (StringUtil.isNotBlank(string4)) {
                    ca.setCmpResponderName(string4);
                }
                String string5 = executeQuery.getString("SCEP_RESPONDER_NAME");
                if (StringUtil.isNotBlank(string5)) {
                    ca.setScepResponderName(string5);
                }
                String string6 = executeQuery.getString("EXTRA_CONTROL");
                if (StringUtil.isNotBlank(string6)) {
                    ca.setExtraControl(new ConfPairs(string6).unmodifiable());
                }
                String string7 = executeQuery.getString("CMP_CONTROL");
                try {
                    ca.setCmpControl(new CmpControl(string7));
                    String string8 = executeQuery.getString("CRL_CONTROL");
                    if (StringUtil.isNotBlank(string8)) {
                        try {
                            ca.setCrlControl(new CrlControl(string8));
                        } catch (InvalidConfException e) {
                            throw new CaMgmtException("invalid CRL_CONTROL: " + string8, e);
                        }
                    }
                    String string9 = executeQuery.getString("SCEP_CONTROL");
                    try {
                        ca.setScepControl(new ScepControl(string9));
                        String string10 = executeQuery.getString("CTLOG_CONTROL");
                        if (StringUtil.isNotBlank(string10)) {
                            try {
                                ca.setCtlogControl(new CtlogControl(string10));
                            } catch (InvalidConfException e2) {
                                throw new CaMgmtException("invalid CTLOG_CONTROL: " + string9, e2);
                            }
                        }
                        ca.setDuplicateKeyPermitted(executeQuery.getInt("DUPLICATE_KEY") != 0);
                        ca.setDuplicateSubjectPermitted(executeQuery.getInt("DUPLICATE_SUBJECT") != 0);
                        ca.setProtocolSupport(new ProtocolSupport(executeQuery.getString("PROTOCOL_SUPPORT")));
                        ca.setSaveRequest(executeQuery.getInt("SAVE_REQ") != 0);
                        ca.setPermission(executeQuery.getInt("PERMISSION"));
                        String string11 = executeQuery.getString("REV_INFO");
                        ca.setRevocationInfo(string11 == null ? null : CertRevocationInfo.fromEncoded(string11));
                        String string12 = executeQuery.getString("VALIDITY_MODE");
                        ca.setValidityMode(string12 == null ? ValidityMode.STRICT : ValidityMode.forName(string12));
                        try {
                            CaInfo caInfo = new CaInfo(ca, certStore);
                            this.datasource.releaseResources(prepareStatement, executeQuery);
                            return caInfo;
                        } catch (OperationException e3) {
                            throw new CaMgmtException(e3);
                        }
                    } catch (InvalidConfException e4) {
                        throw new CaMgmtException("invalid SCEP_CONTROL: " + string9, e4);
                    }
                } catch (InvalidConfException e5) {
                    throw new CaMgmtException("invalid CMP_CONTROL: " + string7);
                }
            } catch (SQLException e6) {
                throw new CaMgmtException(this.datasource.translate(str2, e6));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources((Statement) null, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Set<MgmtEntry.CaHasRequestor> createCaHasRequestors(NameId nameId) throws CaMgmtException {
        Map<Integer, String> idNameMap = getIdNameMap("REQUESTOR");
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = prepareStatement("SELECT REQUESTOR_ID,RA,PERMISSION,PROFILES FROM CA_HAS_REQUESTOR WHERE CA_ID=?");
                preparedStatement.setInt(1, nameId.getId().intValue());
                resultSet = preparedStatement.executeQuery();
                HashSet hashSet = new HashSet();
                while (resultSet.next()) {
                    int i = resultSet.getInt("REQUESTOR_ID");
                    String str = idNameMap.get(Integer.valueOf(i));
                    List split = StringUtil.split(resultSet.getString("PROFILES"), ",");
                    HashSet hashSet2 = split == null ? null : new HashSet(split);
                    MgmtEntry.CaHasRequestor caHasRequestor = new MgmtEntry.CaHasRequestor(new NameId(Integer.valueOf(i), str));
                    caHasRequestor.setRa(resultSet.getBoolean("RA"));
                    caHasRequestor.setPermission(resultSet.getInt("PERMISSION"));
                    caHasRequestor.setProfiles(hashSet2);
                    hashSet.add(caHasRequestor);
                }
                this.datasource.releaseResources(preparedStatement, resultSet);
                return hashSet;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("SELECT REQUESTOR_ID,RA,PERMISSION,PROFILES FROM CA_HAS_REQUESTOR WHERE CA_ID=?", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, resultSet);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Set<Integer> createCaHasProfiles(NameId nameId) throws CaMgmtException {
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = prepareStatement("SELECT PROFILE_ID FROM CA_HAS_PROFILE WHERE CA_ID=?");
                preparedStatement.setInt(1, nameId.getId().intValue());
                resultSet = preparedStatement.executeQuery();
                HashSet hashSet = new HashSet();
                while (resultSet.next()) {
                    hashSet.add(Integer.valueOf(resultSet.getInt("PROFILE_ID")));
                }
                this.datasource.releaseResources(preparedStatement, resultSet);
                return hashSet;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("SELECT PROFILE_ID FROM CA_HAS_PROFILE WHERE CA_ID=?", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, resultSet);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Set<Integer> createCaHasPublishers(NameId nameId) throws CaMgmtException {
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = prepareStatement("SELECT PUBLISHER_ID FROM CA_HAS_PUBLISHER WHERE CA_ID=?");
                preparedStatement.setInt(1, nameId.getId().intValue());
                resultSet = preparedStatement.executeQuery();
                HashSet hashSet = new HashSet();
                while (resultSet.next()) {
                    hashSet.add(Integer.valueOf(resultSet.getInt("PUBLISHER_ID")));
                }
                this.datasource.releaseResources(preparedStatement, resultSet);
                return hashSet;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("SELECT PUBLISHER_ID FROM CA_HAS_PUBLISHER WHERE CA_ID=?", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, resultSet);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean deleteRowWithName(String str, String str2) throws CaMgmtException {
        return deleteRowWithName(str, str2, false);
    }

    private boolean deleteRowWithName(String str, String str2, boolean z) throws CaMgmtException {
        String concat = concat("DELETE FROM ", str2, " WHERE NAME=?");
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = prepareStatement(concat);
                preparedStatement.setString(1, str);
                boolean z2 = preparedStatement.executeUpdate() > 0;
                this.datasource.releaseResources(preparedStatement, (ResultSet) null);
                return z2;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate(concat, e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addCa(MgmtEntry.Ca ca) throws CaMgmtException {
        int i;
        Args.notNull(ca, "caEntry");
        try {
            ca.getIdent().setId(Integer.valueOf(((int) this.datasource.getMax((Connection) null, "CA", "ID")) + 1));
            try {
                try {
                    PreparedStatement prepareStatement = prepareStatement("INSERT INTO CA (ID,NAME,SUBJECT,SN_SIZE,NEXT_CRLNO,STATUS,CA_URIS,MAX_VALIDITY,CERT,CERTCHAIN,SIGNER_TYPE,CRL_SIGNER_NAME,CMP_RESPONDER_NAME,SCEP_RESPONDER_NAME,CRL_CONTROL,CMP_CONTROL,SCEP_CONTROL,CTLOG_CONTROL,DUPLICATE_KEY,DUPLICATE_SUBJECT,PROTOCOL_SUPPORT,SAVE_REQ,PERMISSION,NUM_CRLS,EXPIRATION_PERIOD,KEEP_EXPIRED_CERT_DAYS,VALIDITY_MODE,EXTRA_CONTROL,SIGNER_CONF,DHPOC_CONTROL,REVOKE_SUSPENDED_CONTROL) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");
                    int i2 = 1 + 1;
                    prepareStatement.setInt(1, ca.getIdent().getId().intValue());
                    int i3 = i2 + 1;
                    prepareStatement.setString(i2, ca.getIdent().getName());
                    int i4 = i3 + 1;
                    prepareStatement.setString(i3, ca.getSubject());
                    int i5 = i4 + 1;
                    prepareStatement.setInt(i4, ca.getSerialNoBitLen());
                    int i6 = i5 + 1;
                    prepareStatement.setLong(i5, ca.getNextCrlNumber());
                    int i7 = i6 + 1;
                    prepareStatement.setString(i6, ca.getStatus().getStatus());
                    int i8 = i7 + 1;
                    prepareStatement.setString(i7, ca.getCaUris() == null ? null : ca.getCaUris().getEncoded());
                    int i9 = i8 + 1;
                    prepareStatement.setString(i8, ca.getMaxValidity().toString());
                    int i10 = i9 + 1;
                    prepareStatement.setString(i9, Base64.encodeToString(ca.getCert().getEncoded()));
                    List certchain = ca.getCertchain();
                    if (CollectionUtil.isEmpty(certchain)) {
                        i = i10 + 1;
                        prepareStatement.setString(i10, null);
                    } else {
                        i = i10 + 1;
                        prepareStatement.setString(i10, encodeCertchain(buildCertChain(ca.getCert(), certchain)));
                    }
                    int i11 = i;
                    int i12 = i + 1;
                    prepareStatement.setString(i11, ca.getSignerType());
                    int i13 = i12 + 1;
                    prepareStatement.setString(i12, ca.getCrlSignerName());
                    int i14 = i13 + 1;
                    prepareStatement.setString(i13, ca.getCmpResponderName());
                    int i15 = i14 + 1;
                    prepareStatement.setString(i14, ca.getScepResponderName());
                    CrlControl crlControl = ca.getCrlControl();
                    int i16 = i15 + 1;
                    prepareStatement.setString(i15, crlControl == null ? null : crlControl.getConf());
                    CmpControl cmpControl = ca.getCmpControl();
                    int i17 = i16 + 1;
                    prepareStatement.setString(i16, cmpControl == null ? null : cmpControl.getConf());
                    ScepControl scepControl = ca.getScepControl();
                    int i18 = i17 + 1;
                    prepareStatement.setString(i17, scepControl == null ? null : scepControl.getConf());
                    CtlogControl ctlogControl = ca.getCtlogControl();
                    int i19 = i18 + 1;
                    prepareStatement.setString(i18, ctlogControl == null ? null : ctlogControl.getConf());
                    int i20 = i19 + 1;
                    setBoolean(prepareStatement, i19, ca.isDuplicateKeyPermitted());
                    int i21 = i20 + 1;
                    setBoolean(prepareStatement, i20, ca.isDuplicateSubjectPermitted());
                    ProtocolSupport protocoSupport = ca.getProtocoSupport();
                    int i22 = i21 + 1;
                    prepareStatement.setString(i21, protocoSupport == null ? null : protocoSupport.getEncoded());
                    int i23 = i22 + 1;
                    setBoolean(prepareStatement, i22, ca.isSaveRequest());
                    int i24 = i23 + 1;
                    prepareStatement.setInt(i23, ca.getPermission());
                    int i25 = i24 + 1;
                    prepareStatement.setInt(i24, ca.getNumCrls());
                    int i26 = i25 + 1;
                    prepareStatement.setInt(i25, ca.getExpirationPeriod());
                    int i27 = i26 + 1;
                    prepareStatement.setInt(i26, ca.getKeepExpiredCertInDays());
                    int i28 = i27 + 1;
                    prepareStatement.setString(i27, ca.getValidityMode().name());
                    ConfPairs extraControl = ca.getExtraControl();
                    String encoded = extraControl == null ? null : extraControl.getEncoded();
                    int i29 = i28 + 1;
                    prepareStatement.setString(i28, StringUtil.isBlank(encoded) ? null : encoded);
                    int i30 = i29 + 1;
                    prepareStatement.setString(i29, ca.getSignerConf());
                    int i31 = i30 + 1;
                    prepareStatement.setString(i30, ca.getDhpocControl());
                    RevokeSuspendedControl revokeSuspendedControl = ca.getRevokeSuspendedControl();
                    int i32 = i31 + 1;
                    prepareStatement.setString(i31, revokeSuspendedControl == null ? null : revokeSuspendedControl.getConf());
                    if (prepareStatement.executeUpdate() == 0) {
                        throw new CaMgmtException("could not add CA " + ca.getIdent());
                    }
                    if (LOG.isInfoEnabled()) {
                        LOG.info("add CA '{}': {}", ca.getIdent(), ca.toString(false, true));
                    }
                    this.datasource.releaseResources(prepareStatement, (ResultSet) null);
                } catch (Throwable th) {
                    this.datasource.releaseResources((Statement) null, (ResultSet) null);
                    throw th;
                }
            } catch (CertificateException e) {
                throw new CaMgmtException(e);
            } catch (SQLException e2) {
                throw new CaMgmtException(this.datasource.translate("INSERT INTO CA (ID,NAME,SUBJECT,SN_SIZE,NEXT_CRLNO,STATUS,CA_URIS,MAX_VALIDITY,CERT,CERTCHAIN,SIGNER_TYPE,CRL_SIGNER_NAME,CMP_RESPONDER_NAME,SCEP_RESPONDER_NAME,CRL_CONTROL,CMP_CONTROL,SCEP_CONTROL,CTLOG_CONTROL,DUPLICATE_KEY,DUPLICATE_SUBJECT,PROTOCOL_SUPPORT,SAVE_REQ,PERMISSION,NUM_CRLS,EXPIRATION_PERIOD,KEEP_EXPIRED_CERT_DAYS,VALIDITY_MODE,EXTRA_CONTROL,SIGNER_CONF,DHPOC_CONTROL,REVOKE_SUSPENDED_CONTROL) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)", e2));
            }
        } catch (DataAccessException e3) {
            throw new CaMgmtException(e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addCaAlias(String str, NameId nameId) throws CaMgmtException {
        Args.notNull(str, "aliasName");
        Args.notNull(nameId, "ca");
        try {
            try {
                PreparedStatement prepareStatement = prepareStatement("INSERT INTO CAALIAS (NAME,CA_ID) VALUES (?,?)");
                prepareStatement.setString(1, str);
                prepareStatement.setInt(2, nameId.getId().intValue());
                if (prepareStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not add CA alias " + str);
                }
                LOG.info("added CA alias '{}' for CA '{}'", str, nameId);
                this.datasource.releaseResources(prepareStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("INSERT INTO CAALIAS (NAME,CA_ID) VALUES (?,?)", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources((Statement) null, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addCertprofile(MgmtEntry.Certprofile certprofile) throws CaMgmtException {
        Args.notNull(certprofile, "dbEntry");
        try {
            certprofile.getIdent().setId(Integer.valueOf(((int) this.datasource.getMax((Connection) null, "PROFILE", "ID")) + 1));
            try {
                try {
                    PreparedStatement prepareStatement = prepareStatement("INSERT INTO PROFILE (ID,NAME,TYPE,CONF) VALUES (?,?,?,?)");
                    int i = 1 + 1;
                    prepareStatement.setInt(1, certprofile.getIdent().getId().intValue());
                    int i2 = i + 1;
                    prepareStatement.setString(i, certprofile.getIdent().getName());
                    int i3 = i2 + 1;
                    prepareStatement.setString(i2, certprofile.getType());
                    int i4 = i3 + 1;
                    prepareStatement.setString(i3, certprofile.getConf());
                    if (prepareStatement.executeUpdate() == 0) {
                        throw new CaMgmtException("could not add certprofile " + certprofile.getIdent());
                    }
                    LOG.info("added profile '{}': {}", certprofile.getIdent(), certprofile);
                    this.datasource.releaseResources(prepareStatement, (ResultSet) null);
                } catch (SQLException e) {
                    throw new CaMgmtException(this.datasource.translate("INSERT INTO PROFILE (ID,NAME,TYPE,CONF) VALUES (?,?,?,?)", e));
                }
            } catch (Throwable th) {
                this.datasource.releaseResources((Statement) null, (ResultSet) null);
                throw th;
            }
        } catch (DataAccessException e2) {
            throw new CaMgmtException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addCertprofileToCa(NameId nameId, NameId nameId2) throws CaMgmtException {
        Args.notNull(nameId, "profile");
        Args.notNull(nameId2, "ca");
        try {
            try {
                PreparedStatement prepareStatement = prepareStatement("INSERT INTO CA_HAS_PROFILE (CA_ID,PROFILE_ID) VALUES (?,?)");
                prepareStatement.setInt(1, nameId2.getId().intValue());
                prepareStatement.setInt(2, nameId.getId().intValue());
                if (prepareStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not add profile " + nameId + " to CA " + nameId2);
                }
                LOG.info("added profile '{}' to CA '{}'", nameId, nameId2);
                this.datasource.releaseResources(prepareStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("INSERT INTO CA_HAS_PROFILE (CA_ID,PROFILE_ID) VALUES (?,?)", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources((Statement) null, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addRequestor(MgmtEntry.Requestor requestor) throws CaMgmtException {
        Args.notNull(requestor, "dbEntry");
        try {
            requestor.getIdent().setId(Integer.valueOf(((int) this.datasource.getMax((Connection) null, "REQUESTOR", "ID")) + 1));
            try {
                try {
                    PreparedStatement prepareStatement = prepareStatement("INSERT INTO REQUESTOR (ID,NAME,TYPE,CONF) VALUES (?,?,?,?)");
                    prepareStatement.setInt(1, requestor.getIdent().getId().intValue());
                    prepareStatement.setString(2, requestor.getIdent().getName());
                    prepareStatement.setString(3, requestor.getType());
                    prepareStatement.setString(4, requestor.getConf());
                    if (prepareStatement.executeUpdate() == 0) {
                        throw new CaMgmtException("could not add requestor " + requestor.getIdent());
                    }
                    if (LOG.isInfoEnabled()) {
                        LOG.info("added requestor '{}': {}", requestor.getIdent(), requestor.toString(false));
                    }
                    this.datasource.releaseResources(prepareStatement, (ResultSet) null);
                } catch (SQLException e) {
                    throw new CaMgmtException(this.datasource.translate("INSERT INTO REQUESTOR (ID,NAME,TYPE,CONF) VALUES (?,?,?,?)", e));
                }
            } catch (Throwable th) {
                this.datasource.releaseResources((Statement) null, (ResultSet) null);
                throw th;
            }
        } catch (DataAccessException e2) {
            throw new CaMgmtException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addRequestorIfNeeded(String str) throws CaMgmtException {
        String str2 = this.sqlSelectRequestorId;
        ResultSet resultSet = null;
        PreparedStatement preparedStatement = null;
        try {
            try {
                PreparedStatement prepareStatement = prepareStatement(str2);
                prepareStatement.setString(1, str);
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (executeQuery.next()) {
                    this.datasource.releaseResources(prepareStatement, executeQuery);
                    return;
                }
                this.datasource.releaseResources(prepareStatement, executeQuery);
                resultSet = null;
                int max = (int) this.datasource.getMax((Connection) null, "REQUESTOR", "ID");
                str2 = "INSERT INTO REQUESTOR (ID,NAME,TYPE,CONF) VALUES (?,?,?,?)";
                preparedStatement = prepareStatement(str2);
                preparedStatement.setInt(1, max + 1);
                preparedStatement.setString(2, str);
                preparedStatement.setString(3, "EMBEDDED");
                preparedStatement.setString(4, "DEFAULT");
                preparedStatement.executeUpdate();
                LOG.info("added requestor '{}'", str);
                this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate(str2, e));
            } catch (DataAccessException e2) {
                throw new CaMgmtException(e2);
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, resultSet);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addRequestorToCa(MgmtEntry.CaHasRequestor caHasRequestor, NameId nameId) throws CaMgmtException {
        Args.notNull(caHasRequestor, CaAuditConstants.NAME_requestor);
        Args.notNull(nameId, "ca");
        NameId requestorIdent = caHasRequestor.getRequestorIdent();
        try {
            try {
                PreparedStatement prepareStatement = prepareStatement("INSERT INTO CA_HAS_REQUESTOR (CA_ID,REQUESTOR_ID,RA, PERMISSION,PROFILES) VALUES (?,?,?,?,?)");
                int i = 1 + 1;
                prepareStatement.setInt(1, nameId.getId().intValue());
                int i2 = i + 1;
                prepareStatement.setInt(i, requestorIdent.getId().intValue());
                int i3 = i2 + 1;
                setBoolean(prepareStatement, i2, caHasRequestor.isRa());
                int i4 = i3 + 1;
                prepareStatement.setInt(i3, caHasRequestor.getPermission());
                String collectionAsString = StringUtil.collectionAsString(caHasRequestor.getProfiles(), ",");
                int i5 = i4 + 1;
                prepareStatement.setString(i4, collectionAsString);
                if (prepareStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not add requestor " + requestorIdent + " to CA " + nameId);
                }
                LOG.info("added requestor '{}' to CA '{}': ra: {}; permission: {}; profile: {}", new Object[]{requestorIdent, nameId, Boolean.valueOf(caHasRequestor.isRa()), Integer.valueOf(caHasRequestor.getPermission()), collectionAsString});
                this.datasource.releaseResources(prepareStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("INSERT INTO CA_HAS_REQUESTOR (CA_ID,REQUESTOR_ID,RA, PERMISSION,PROFILES) VALUES (?,?,?,?,?)", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources((Statement) null, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addPublisher(MgmtEntry.Publisher publisher) throws CaMgmtException {
        Args.notNull(publisher, "dbEntry");
        try {
            publisher.getIdent().setId(Integer.valueOf(((int) this.datasource.getMax((Connection) null, "PUBLISHER", "ID")) + 1));
            String name = publisher.getIdent().getName();
            try {
                try {
                    PreparedStatement prepareStatement = prepareStatement("INSERT INTO PUBLISHER (ID,NAME,TYPE,CONF) VALUES (?,?,?,?)");
                    int i = 1 + 1;
                    prepareStatement.setInt(1, publisher.getIdent().getId().intValue());
                    int i2 = i + 1;
                    prepareStatement.setString(i, name);
                    int i3 = i2 + 1;
                    prepareStatement.setString(i2, publisher.getType());
                    int i4 = i3 + 1;
                    prepareStatement.setString(i3, publisher.getConf());
                    if (prepareStatement.executeUpdate() == 0) {
                        throw new CaMgmtException("could not add publisher " + publisher.getIdent());
                    }
                    LOG.info("added publisher '{}': {}", publisher.getIdent(), publisher);
                    this.datasource.releaseResources(prepareStatement, (ResultSet) null);
                } catch (SQLException e) {
                    throw new CaMgmtException(this.datasource.translate("INSERT INTO PUBLISHER (ID,NAME,TYPE,CONF) VALUES (?,?,?,?)", e));
                }
            } catch (Throwable th) {
                this.datasource.releaseResources((Statement) null, (ResultSet) null);
                throw th;
            }
        } catch (DataAccessException e2) {
            throw new CaMgmtException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addPublisherToCa(NameId nameId, NameId nameId2) throws CaMgmtException {
        try {
            try {
                PreparedStatement prepareStatement = prepareStatement("INSERT INTO CA_HAS_PUBLISHER (CA_ID,PUBLISHER_ID) VALUES (?,?)");
                prepareStatement.setInt(1, nameId2.getId().intValue());
                prepareStatement.setInt(2, nameId.getId().intValue());
                if (prepareStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not add publisher " + nameId + " to CA " + nameId2);
                }
                LOG.info("added publisher '{}' to CA '{}'", nameId, nameId2);
                this.datasource.releaseResources(prepareStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("INSERT INTO CA_HAS_PUBLISHER (CA_ID,PUBLISHER_ID) VALUES (?,?)", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources((Statement) null, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void changeCa(MgmtEntry.ChangeCa changeCa, MgmtEntry.Ca ca, SecurityFactory securityFactory) throws CaMgmtException {
        Args.notNull(changeCa, "changeCaEntry");
        Args.notNull(securityFactory, "securityFactory");
        byte[] encodedCert = changeCa.getEncodedCert();
        if (encodedCert != null) {
            try {
                if (this.datasource.columnExists((Connection) null, "CERT", "CA_ID", changeCa.getIdent().getId())) {
                    throw new CaMgmtException("Cannot change certificate of CA which has issued certificates");
                }
            } catch (DataAccessException e) {
                throw new CaMgmtException(e);
            }
        }
        String signerType = changeCa.getSignerType();
        String signerConf = changeCa.getSignerConf();
        X509Certificate x509Certificate = null;
        if (signerType != null || signerConf != null || encodedCert != null || CollectionUtil.isNotEmpty(changeCa.getEncodedCertchain())) {
            if (encodedCert != null) {
                x509Certificate = parseCert(encodedCert);
            } else {
                try {
                    try {
                        PreparedStatement prepareStatement = prepareStatement("SELECT CERT FROM CA WHERE ID=?");
                        prepareStatement.setInt(1, changeCa.getIdent().getId().intValue());
                        ResultSet executeQuery = prepareStatement.executeQuery();
                        if (!executeQuery.next()) {
                            throw new CaMgmtException("unknown CA '" + changeCa.getIdent());
                        }
                        x509Certificate = parseCert(Base64.decode(executeQuery.getString("CERT")));
                        this.datasource.releaseResources(prepareStatement, executeQuery);
                    } catch (SQLException e2) {
                        throw new CaMgmtException(this.datasource.translate("SELECT CERT FROM CA WHERE ID=?", e2));
                    }
                } catch (Throwable th) {
                    this.datasource.releaseResources((Statement) null, (ResultSet) null);
                    throw th;
                }
            }
            if (signerType != null || signerConf != null || encodedCert != null) {
                try {
                    try {
                        PreparedStatement prepareStatement2 = prepareStatement("SELECT SIGNER_TYPE,SIGNER_CONF FROM CA WHERE ID=?");
                        prepareStatement2.setInt(1, changeCa.getIdent().getId().intValue());
                        ResultSet executeQuery2 = prepareStatement2.executeQuery();
                        if (!executeQuery2.next()) {
                            throw new CaMgmtException("unknown CA '" + changeCa.getIdent());
                        }
                        if (signerType == null) {
                            signerType = executeQuery2.getString("SIGNER_TYPE");
                        }
                        signerConf = signerConf == null ? executeQuery2.getString("SIGNER_CONF") : CaManagerImpl.canonicalizeSignerConf(signerType, signerConf, null, securityFactory);
                        try {
                            Iterator it = MgmtEntry.Ca.splitCaSignerConfs(signerConf).iterator();
                            while (it.hasNext()) {
                                securityFactory.createSigner(signerType, new SignerConf(((String[]) it.next())[1]), x509Certificate);
                            }
                            this.datasource.releaseResources(prepareStatement2, executeQuery2);
                        } catch (XiSecurityException | ObjectCreationException e3) {
                            throw new CaMgmtException("could not create signer for CA '" + changeCa.getIdent() + "'" + e3.getMessage(), e3);
                        }
                    } catch (SQLException e4) {
                        throw new CaMgmtException(this.datasource.translate("SELECT SIGNER_TYPE,SIGNER_CONF FROM CA WHERE ID=?", e4));
                    }
                } catch (Throwable th2) {
                    this.datasource.releaseResources((Statement) null, (ResultSet) null);
                    throw th2;
                }
            }
        }
        String str = null;
        String str2 = null;
        if (encodedCert != null) {
            try {
                str = X509Util.getRfc4519Name(X509Util.parseBcCert(encodedCert).getSubject());
                str2 = Base64.encodeToString(encodedCert);
            } catch (CertificateException e5) {
                throw new CaMgmtException("could not parse the certificate", e5);
            }
        }
        String name = changeCa.getStatus() == null ? null : changeCa.getStatus().name();
        String validity = changeCa.getMaxValidity() == null ? null : changeCa.getMaxValidity().toString();
        String encoded = changeCa.getExtraControl() == null ? null : changeCa.getExtraControl().getEncoded();
        String name2 = changeCa.getValidityMode() == null ? null : changeCa.getValidityMode().name();
        String str3 = null;
        CaUris caUris = changeCa.getCaUris();
        if (caUris != null && (caUris.getCacertUris() != null || caUris.getCrlUris() != null || caUris.getDeltaCrlUris() != null || caUris.getOcspUris() != null)) {
            CaUris caUris2 = ca.getCaUris();
            List cacertUris = caUris.getCacertUris();
            List cacertUris2 = cacertUris == null ? caUris2.getCacertUris() : cacertUris;
            List ocspUris = caUris.getOcspUris();
            List ocspUris2 = ocspUris == null ? caUris2.getOcspUris() : ocspUris;
            List crlUris = caUris.getCrlUris();
            List crlUris2 = crlUris == null ? caUris2.getCrlUris() : crlUris;
            List deltaCrlUris = caUris.getDeltaCrlUris();
            str3 = new CaUris(cacertUris2, ocspUris2, crlUris2, deltaCrlUris == null ? caUris2.getDeltaCrlUris() : deltaCrlUris).getEncoded();
            if (str3.isEmpty()) {
                str3 = "null";
            }
        }
        String str4 = null;
        Boolean supportCmp = changeCa.getSupportCmp();
        Boolean supportRest = changeCa.getSupportRest();
        Boolean supportScep = changeCa.getSupportScep();
        if (supportCmp != null || supportRest != null || supportScep != null) {
            ProtocolSupport protocoSupport = ca.getProtocoSupport();
            ProtocolSupport protocolSupport = new ProtocolSupport(protocoSupport.isCmp(), protocoSupport.isRest(), protocoSupport.isScep());
            if (supportCmp != null) {
                protocolSupport.setCmp(supportCmp.booleanValue());
            }
            if (supportRest != null) {
                protocolSupport.setRest(supportRest.booleanValue());
            }
            if (supportScep != null) {
                protocolSupport.setScep(supportScep.booleanValue());
            }
            str4 = protocolSupport.getEncoded();
        }
        String str5 = null;
        if (changeCa.getEncodedCertchain() != null) {
            if (changeCa.getEncodedCertchain().size() == 0) {
                str5 = "null";
            } else {
                LinkedList linkedList = new LinkedList();
                Iterator it2 = changeCa.getEncodedCertchain().iterator();
                while (it2.hasNext()) {
                    linkedList.add(parseCert((byte[]) it2.next()));
                }
                str5 = encodeCertchain(buildCertChain(x509Certificate, linkedList));
            }
        }
        changeIfNotNull("CA", col(INT, "ID", changeCa.getIdent().getId()), col(INT, "SN_SIZE", changeCa.getSerialNoBitLen()), col(STRING, "STATUS", name), col(STRING, "SUBJECT", str), col(STRING, "CERT", str2), col(STRING, "CERTCHAIN", str5), col(STRING, "CA_URIS", str3), col(STRING, "MAX_VALIDITY", validity), col(STRING, "SIGNER_TYPE", signerType), col(STRING, "CRL_SIGNER_NAME", changeCa.getCrlSignerName()), col(STRING, "CMP_RESPONDER_NAME", changeCa.getCmpResponderName()), col(STRING, "SCEP_RESPONDER_NAME", changeCa.getScepResponderName()), col(STRING, "CMP_CONTROL", changeCa.getCmpControl()), col(STRING, "CRL_CONTROL", changeCa.getCrlControl()), col(STRING, "SCEP_CONTROL", changeCa.getScepControl()), col(STRING, "CTLOG_CONTROL", changeCa.getCtlogControl()), col(BOOL, "DUPLICATE_KEY", changeCa.getDuplicateKeyPermitted()), col(BOOL, "DUPLICATE_SUBJECT", changeCa.getDuplicateSubjectPermitted()), col(STRING, "PROTOCOL_SUPPORT", str4), col(BOOL, "SAVE_REQ", changeCa.getSaveRequest()), col(INT, "PERMISSION", changeCa.getPermission()), col(INT, "NUM_CRLS", changeCa.getNumCrls()), col(INT, "EXPIRATION_PERIOD", changeCa.getExpirationPeriod()), col(INT, "KEEP_EXPIRED_CERT_DAYS", changeCa.getKeepExpiredCertInDays()), col(STRING, "VALIDITY_MODE", name2), col(STRING, "EXTRA_CONTROL", encoded), col(STRING, "SIGNER_CONF", signerConf, false, true), col(STRING, "DHPOC_CONTROL", changeCa.getDhpocControl(), false, true), col(STRING, "REVOKE_SUSPENDED_CONTROL", changeCa.getRevokeSuspendedControl()));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void commitNextCrlNoIfLess(NameId nameId, long j) throws CaMgmtException {
        PreparedStatement preparedStatement = null;
        try {
            String str = this.sqlNextSelectCrlNo;
            try {
                try {
                    preparedStatement = prepareStatement(str);
                    preparedStatement.setInt(1, nameId.getId().intValue());
                    ResultSet executeQuery = preparedStatement.executeQuery();
                    executeQuery.next();
                    long j2 = executeQuery.getLong("NEXT_CRLNO");
                    this.datasource.releaseResources(preparedStatement, executeQuery);
                    if (j2 < j) {
                        try {
                            preparedStatement = prepareStatement("UPDATE CA SET NEXT_CRLNO=? WHERE ID=?");
                            preparedStatement.setLong(1, j);
                            preparedStatement.setInt(2, nameId.getId().intValue());
                            preparedStatement.executeUpdate();
                        } catch (SQLException e) {
                            throw new CaMgmtException(this.datasource.translate(str, e));
                        }
                    }
                } catch (Throwable th) {
                    this.datasource.releaseResources((Statement) null, (ResultSet) null);
                    throw th;
                }
            } catch (SQLException e2) {
                throw new CaMgmtException(this.datasource.translate(str, e2));
            }
        } finally {
            this.datasource.releaseResources(preparedStatement, (ResultSet) null);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public IdentifiedCertprofile changeCertprofile(NameId nameId, String str, String str2, CaManagerImpl caManagerImpl) throws CaMgmtException {
        MgmtEntry.Certprofile createCertprofile = createCertprofile(nameId.getName());
        IdentifiedCertprofile createCertprofile2 = caManagerImpl.createCertprofile(new MgmtEntry.Certprofile(createCertprofile.getIdent(), str(str, createCertprofile.getType()), str(str2, createCertprofile.getConf())));
        if (createCertprofile2 == null) {
            throw new CaMgmtException("could not create certprofile object");
        }
        boolean z = true;
        try {
            changeIfNotNull("PROFILE", col(INT, "ID", nameId.getId()), col(STRING, "TYPE", str), col(STRING, "CONF", str2));
            z = false;
            if (0 != 0) {
                createCertprofile2.close();
            }
            return createCertprofile2;
        } catch (Throwable th) {
            if (z) {
                createCertprofile2.close();
            }
            throw th;
        }
    }

    private static SqlColumn col(ColumnType columnType, String str, Object obj) {
        return new SqlColumn(columnType, str, obj);
    }

    private static SqlColumn col(ColumnType columnType, String str, Object obj, boolean z, boolean z2) {
        return new SqlColumn(columnType, str, obj, z, z2);
    }

    private static String str(String str, String str2) {
        return str != null ? getRealString(str) : str2;
    }

    private void changeIfNotNull(String str, SqlColumn sqlColumn, SqlColumn... sqlColumnArr) throws CaMgmtException {
        StringBuilder sb = new StringBuilder("UPDATE ");
        sb.append(str).append(" SET ");
        boolean z = true;
        for (SqlColumn sqlColumn2 : sqlColumnArr) {
            if (sqlColumn2.getValue() != null) {
                z = false;
                sb.append(sqlColumn2.getName()).append("=?,");
            }
        }
        if (z) {
            throw new IllegalArgumentException("nothing to change");
        }
        sb.deleteCharAt(sb.length() - 1);
        sb.append(" WHERE ").append(sqlColumn.getName()).append("=?");
        String sb2 = sb.toString();
        try {
            try {
                PreparedStatement prepareStatement = prepareStatement(sb2);
                HashMap hashMap = new HashMap();
                int i = 1;
                for (SqlColumn sqlColumn3 : sqlColumnArr) {
                    if (sqlColumn3.getValue() != null) {
                        setColumn(hashMap, prepareStatement, i, sqlColumn3);
                        i++;
                    }
                }
                setColumn(null, prepareStatement, i, sqlColumn);
                if (prepareStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not update table " + str);
                }
                LOG.info("updated table {} WHERE {}={}: {}", new Object[]{str, sqlColumn.getName(), sqlColumn.getValue(), hashMap});
                this.datasource.releaseResources(prepareStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate(sb2, e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources((Statement) null, (ResultSet) null);
            throw th;
        }
    }

    private void setColumn(Map<String, String> map, PreparedStatement preparedStatement, int i, SqlColumn sqlColumn) throws SQLException {
        String num;
        String name = sqlColumn.getName();
        ColumnType type = sqlColumn.getType();
        Object value = sqlColumn.getValue();
        boolean isSensitive = sqlColumn.isSensitive();
        if (type == STRING) {
            String realString = getRealString((String) value);
            preparedStatement.setString(i, realString);
            num = realString;
            if (realString != null && sqlColumn.isSignerConf()) {
                num = SignerConf.eraseSensitiveData(num);
                if (num.length() > 100) {
                    num = StringUtil.concat(num.substring(0, 97), new String[]{"..."});
                }
            }
        } else if (type == ColumnType.INT) {
            if (value == null) {
                preparedStatement.setNull(i, 4);
                num = "null";
            } else {
                int intValue = ((Integer) value).intValue();
                preparedStatement.setInt(i, intValue);
                num = Integer.toString(intValue);
            }
        } else {
            if (type != ColumnType.BOOL) {
                throw new IllegalStateException("should not reach here, unknown type " + sqlColumn.getType());
            }
            if (value == null) {
                preparedStatement.setNull(i, 4);
                num = "null";
            } else {
                int i2 = ((Boolean) value).booleanValue() ? 1 : 0;
                preparedStatement.setInt(i, i2);
                num = Integer.toString(i2);
            }
        }
        if (map != null) {
            map.put(name, isSensitive ? "*****" : num);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RequestorEntryWrapper changeRequestor(NameId nameId, String str, String str2, PasswordResolver passwordResolver) throws CaMgmtException {
        Args.notNull(nameId, "nameId");
        RequestorEntryWrapper requestorEntryWrapper = new RequestorEntryWrapper();
        if ("pbm".equalsIgnoreCase(str) && !StringUtil.startsWithIgnoreCase(str2, "PBE:")) {
            try {
                str2 = passwordResolver.protectPassword("PBE", str2.toCharArray());
            } catch (PasswordResolverException e) {
                throw new CaMgmtException("could not encrypt requestor " + nameId.getName(), e);
            }
        }
        requestorEntryWrapper.setDbEntry(new MgmtEntry.Requestor(nameId, str, str2), passwordResolver);
        if (requestorEntryWrapper.getDbEntry().isFaulty()) {
            throw new CaMgmtException("invalid requestor configuration");
        }
        changeIfNotNull("REQUESTOR", col(INT, "ID", nameId.getId()), col(STRING, "TYPE", str), col(STRING, "CONF", str2));
        return requestorEntryWrapper;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignerEntryWrapper changeSigner(String str, String str2, String str3, String str4, CaManagerImpl caManagerImpl, SecurityFactory securityFactory) throws CaMgmtException {
        Args.notBlank(str, CaAuditConstants.Scep.NAME_name);
        Args.notNull(caManagerImpl, "caManager");
        MgmtEntry.Signer createSigner = createSigner(str);
        String type = str2 == null ? createSigner.getType() : str2;
        if (str3 != null) {
            str3 = CaManagerImpl.canonicalizeSignerConf(type, str3, null, securityFactory);
        }
        SignerEntryWrapper createSigner2 = caManagerImpl.createSigner(new MgmtEntry.Signer(str, type, str3 == null ? createSigner.getConf() : str3, str4 == null ? createSigner.getBase64Cert() : str4));
        changeIfNotNull("SIGNER", col(STRING, "NAME", str), col(STRING, "TYPE", str2), col(STRING, "CERT", str4), col(STRING, "CONF", str3, false, true));
        return createSigner2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public IdentifiedCertPublisher changePublisher(String str, String str2, String str3, CaManagerImpl caManagerImpl) throws CaMgmtException {
        Args.notBlank(str, CaAuditConstants.Scep.NAME_name);
        Args.notNull(caManagerImpl, "caManager");
        MgmtEntry.Publisher createPublisher = createPublisher(str);
        IdentifiedCertPublisher createPublisher2 = caManagerImpl.createPublisher(new MgmtEntry.Publisher(createPublisher.getIdent(), str2 == null ? createPublisher.getType() : str2, str3 == null ? createPublisher.getConf() : str3));
        changeIfNotNull("PUBLISHER", col(STRING, "NAME", str), col(STRING, "TYPE", str2), col(STRING, "CONF", str3));
        return createPublisher2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void removeCa(String str) throws CaMgmtException {
        Args.notBlank(str, "caName");
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = prepareStatement("DELETE FROM CA WHERE NAME=?");
                preparedStatement.setString(1, str);
                if (preparedStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not delelted CA " + str);
                }
                this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("DELETE FROM CA WHERE NAME=?", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void removeCaAlias(String str) throws CaMgmtException {
        Args.notBlank(str, "aliasName");
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = prepareStatement("DELETE FROM CAALIAS WHERE NAME=?");
                preparedStatement.setString(1, str);
                if (preparedStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not remove CA Alias " + str);
                }
                this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("DELETE FROM CAALIAS WHERE NAME=?", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void removeCertprofileFromCa(String str, String str2) throws CaMgmtException {
        Args.notBlank(str, "profileName");
        Args.notBlank(str2, "caName");
        int nonNullIdForName = getNonNullIdForName(this.sqlSelectCaId, str2);
        int nonNullIdForName2 = getNonNullIdForName(this.sqlSelectProfileId, str);
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = prepareStatement("DELETE FROM CA_HAS_PROFILE WHERE CA_ID=? AND PROFILE_ID=?");
                preparedStatement.setInt(1, nonNullIdForName);
                preparedStatement.setInt(2, nonNullIdForName2);
                if (preparedStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not remove profile " + str + " from CA " + str2);
                }
                this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("DELETE FROM CA_HAS_PROFILE WHERE CA_ID=? AND PROFILE_ID=?", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void removeRequestorFromCa(String str, String str2) throws CaMgmtException {
        Args.notBlank(str, "requestorName");
        Args.notBlank(str2, "caName");
        int nonNullIdForName = getNonNullIdForName(this.sqlSelectCaId, str2);
        int nonNullIdForName2 = getNonNullIdForName(this.sqlSelectRequestorId, str);
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = prepareStatement("DELETE FROM CA_HAS_REQUESTOR WHERE CA_ID=? AND REQUESTOR_ID=?");
                preparedStatement.setInt(1, nonNullIdForName);
                preparedStatement.setInt(2, nonNullIdForName2);
                if (preparedStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not remove requestor " + str + " from CA " + str2);
                }
                this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("DELETE FROM CA_HAS_REQUESTOR WHERE CA_ID=? AND REQUESTOR_ID=?", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void removePublisherFromCa(String str, String str2) throws CaMgmtException {
        Args.notBlank(str, "publisherName");
        Args.notBlank(str2, "caName");
        int nonNullIdForName = getNonNullIdForName(this.sqlSelectCaId, str2);
        int nonNullIdForName2 = getNonNullIdForName(this.sqlSelectPublisherId, str);
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = prepareStatement("DELETE FROM CA_HAS_PUBLISHER WHERE CA_ID=? AND PUBLISHER_ID=?");
                preparedStatement.setInt(1, nonNullIdForName);
                preparedStatement.setInt(2, nonNullIdForName2);
                if (preparedStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not remove publisher " + str + " from CA " + str2);
                }
                this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("DELETE FROM CA_HAS_PUBLISHER WHERE CA_ID=? AND PUBLISHER_ID=?", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void revokeCa(String str, CertRevocationInfo certRevocationInfo) throws CaMgmtException {
        Args.notBlank(str, "caName");
        Args.notNull(certRevocationInfo, "revocationInfo");
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = prepareStatement("UPDATE CA SET REV_INFO=? WHERE NAME=?");
                preparedStatement.setString(1, certRevocationInfo.getEncoded());
                preparedStatement.setString(2, str);
                if (preparedStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not revoke CA " + str);
                }
                this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("UPDATE CA SET REV_INFO=? WHERE NAME=?", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addSigner(MgmtEntry.Signer signer) throws CaMgmtException {
        Args.notNull(signer, "dbEntry");
        try {
            try {
                PreparedStatement prepareStatement = prepareStatement("INSERT INTO SIGNER (NAME,TYPE,CERT,CONF) VALUES (?,?,?,?)");
                int i = 1 + 1;
                prepareStatement.setString(1, signer.getName());
                int i2 = i + 1;
                prepareStatement.setString(i, signer.getType());
                int i3 = i2 + 1;
                prepareStatement.setString(i2, signer.getBase64Cert());
                int i4 = i3 + 1;
                prepareStatement.setString(i3, signer.getConf());
                if (prepareStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not add signer " + signer.getName());
                }
                LOG.info("added signer: {}", signer.toString(false, true));
                this.datasource.releaseResources(prepareStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("INSERT INTO SIGNER (NAME,TYPE,CERT,CONF) VALUES (?,?,?,?)", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources((Statement) null, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void unlockCa() throws CaMgmtException {
        Statement statement = null;
        try {
            try {
                statement = createStatement();
                statement.execute("DELETE FROM SYSTEM_EVENT WHERE NAME='LOCK'");
                if (statement.getUpdateCount() == 0) {
                    throw new CaMgmtException("could not unlock CA");
                }
                this.datasource.releaseResources(statement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("DELETE FROM SYSTEM_EVENT WHERE NAME='LOCK'", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(statement, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void unrevokeCa(String str) throws CaMgmtException {
        Args.notBlank(str, "caName");
        LOG.info("Unrevoking of CA '{}'", str);
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = prepareStatement("UPDATE CA SET REV_INFO=? WHERE NAME=?");
                preparedStatement.setNull(1, 12);
                preparedStatement.setString(2, str);
                if (preparedStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not unrevoke CA " + str);
                }
                this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("UPDATE CA SET REV_INFO=? WHERE NAME=?", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addUser(MgmtEntry.AddUser addUser) throws CaMgmtException {
        Args.notNull(addUser, "userEntry");
        addUser(addUser.getIdent().getName(), addUser.isActive(), PasswordHash.createHash(addUser.getPassword()));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addUser(MgmtEntry.User user) throws CaMgmtException {
        Args.notNull(user, "userEntry");
        addUser(user.getIdent().getName(), user.isActive(), user.getHashedPassword());
    }

    private void addUser(String str, boolean z, String str2) throws CaMgmtException {
        if (getIdForName(this.sqlSelectUserId, str) != null) {
            throw new CaMgmtException(concat("user named '", str, " ' already exists"));
        }
        try {
            long max = this.datasource.getMax((Connection) null, "TUSER", "ID") + 1;
            PreparedStatement preparedStatement = null;
            try {
                try {
                    preparedStatement = prepareStatement("INSERT INTO TUSER (ID,NAME,ACTIVE,PASSWORD) VALUES (?,?,?,?)");
                    int i = 1 + 1;
                    preparedStatement.setLong(1, max);
                    int i2 = i + 1;
                    preparedStatement.setString(i, str);
                    int i3 = i2 + 1;
                    setBoolean(preparedStatement, i2, z);
                    int i4 = i3 + 1;
                    preparedStatement.setString(i3, str2);
                    if (preparedStatement.executeUpdate() == 0) {
                        throw new CaMgmtException("could not add user " + str);
                    }
                    this.datasource.releaseResources(preparedStatement, (ResultSet) null);
                    LOG.info("added user '{}'", str);
                } catch (SQLException e) {
                    throw new CaMgmtException(this.datasource.translate("INSERT INTO TUSER (ID,NAME,ACTIVE,PASSWORD) VALUES (?,?,?,?)", e));
                }
            } catch (Throwable th) {
                this.datasource.releaseResources(preparedStatement, (ResultSet) null);
                throw th;
            }
        } catch (DataAccessException e2) {
            throw new CaMgmtException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void changeUser(MgmtEntry.ChangeUser changeUser) throws CaMgmtException {
        String name = changeUser.getIdent().getName();
        Integer idForName = getIdForName(this.sqlSelectUserId, name);
        if (idForName == null) {
            throw new CaMgmtException(concat("user '", name, " ' does not exist"));
        }
        changeUser.getIdent().setId(idForName);
        String password = changeUser.getPassword();
        String str = null;
        if (password != null) {
            str = PasswordHash.createHash(password);
        }
        changeIfNotNull("TUSER", col(INT, "ID", idForName), col(BOOL, "ACTIVE", changeUser.getActive()), col(STRING, "PASSWORD", str, true, false));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void removeUserFromCa(String str, String str2) throws CaMgmtException {
        Integer idForName = getIdForName(this.sqlSelectUserId, str);
        if (idForName == null) {
            throw new CaMgmtException("unknown user " + str);
        }
        int nonNullIdForName = getNonNullIdForName(this.sqlSelectCaId, str2);
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = prepareStatement("DELETE FROM CA_HAS_USER WHERE CA_ID=? AND USER_ID=?");
                preparedStatement.setInt(1, nonNullIdForName);
                preparedStatement.setInt(2, idForName.intValue());
                if (preparedStatement.executeUpdate() == 0) {
                    throw new CaMgmtException("could not remove user " + str + " from CA " + str2);
                }
                this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("DELETE FROM CA_HAS_USER WHERE CA_ID=? AND USER_ID=?", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, (ResultSet) null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addUserToCa(MgmtEntry.CaHasUser caHasUser, NameId nameId) throws CaMgmtException {
        Args.notNull(caHasUser, CaAuditConstants.NAME_user);
        Args.notNull(nameId, "ca");
        NameId userIdent = caHasUser.getUserIdent();
        Integer idForName = getIdForName(this.sqlSelectUserId, userIdent.getName());
        if (idForName == null) {
            throw new CaMgmtException(concat("user '", userIdent.getName(), " ' does not exist"));
        }
        userIdent.setId(idForName);
        try {
            long max = this.datasource.getMax((Connection) null, "CA_HAS_USER", "ID");
            try {
                try {
                    PreparedStatement prepareStatement = prepareStatement("INSERT INTO CA_HAS_USER (ID,CA_ID,USER_ID, PERMISSION,PROFILES) VALUES (?,?,?,?,?)");
                    int i = 1 + 1;
                    prepareStatement.setLong(1, max + 1);
                    int i2 = i + 1;
                    prepareStatement.setInt(i, nameId.getId().intValue());
                    int i3 = i2 + 1;
                    prepareStatement.setInt(i2, userIdent.getId().intValue());
                    int i4 = i3 + 1;
                    prepareStatement.setInt(i3, caHasUser.getPermission());
                    String collectionAsString = StringUtil.collectionAsString(caHasUser.getProfiles(), ",");
                    int i5 = i4 + 1;
                    prepareStatement.setString(i4, collectionAsString);
                    if (prepareStatement.executeUpdate() == 0) {
                        throw new CaMgmtException("could not add user " + userIdent + " to CA " + nameId);
                    }
                    LOG.info("added user '{}' to CA '{}': permission: {}; profile: {}", new Object[]{userIdent, nameId, Integer.valueOf(caHasUser.getPermission()), collectionAsString});
                    this.datasource.releaseResources(prepareStatement, (ResultSet) null);
                } catch (SQLException e) {
                    throw new CaMgmtException(this.datasource.translate("INSERT INTO CA_HAS_USER (ID,CA_ID,USER_ID, PERMISSION,PROFILES) VALUES (?,?,?,?,?)", e));
                }
            } catch (Throwable th) {
                this.datasource.releaseResources((Statement) null, (ResultSet) null);
                throw th;
            }
        } catch (DataAccessException e2) {
            throw new CaMgmtException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Map<String, MgmtEntry.CaHasUser> getCaHasUsersForUser(String str, CaIdNameMap caIdNameMap) throws CaMgmtException {
        Integer idForName = getIdForName(this.sqlSelectUserId, str);
        if (idForName == null) {
            throw new CaMgmtException(concat("user '", str, " ' does not exist"));
        }
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = prepareStatement("SELECT CA_ID,PERMISSION,PROFILES FROM CA_HAS_USER WHERE USER_ID=?");
                preparedStatement.setInt(1, idForName.intValue());
                resultSet = preparedStatement.executeQuery();
                HashMap hashMap = new HashMap();
                while (resultSet.next()) {
                    List split = StringUtil.split(resultSet.getString("PROFILES"), ",");
                    HashSet hashSet = split == null ? null : new HashSet(split);
                    MgmtEntry.CaHasUser caHasUser = new MgmtEntry.CaHasUser(new NameId(idForName, str));
                    caHasUser.setPermission(resultSet.getInt("PERMISSION"));
                    caHasUser.setProfiles(hashSet);
                    hashMap.put(caIdNameMap.getCaName(resultSet.getInt("CA_ID")), caHasUser);
                }
                this.datasource.releaseResources(preparedStatement, resultSet);
                return hashMap;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("SELECT CA_ID,PERMISSION,PROFILES FROM CA_HAS_USER WHERE USER_ID=?", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, resultSet);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<MgmtEntry.CaHasUser> getCaHasUsersForCa(String str, CaIdNameMap caIdNameMap) throws CaMgmtException {
        NameId ca = caIdNameMap.getCa(str);
        if (ca == null) {
            throw new CaMgmtException("unknown CA " + str);
        }
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = prepareStatement("SELECT NAME,PERMISSION,PROFILES FROM CA_HAS_USER INNER JOIN TUSER ON CA_ID=? AND TUSER.ID=CA_HAS_USER.USER_ID");
                preparedStatement.setInt(1, ca.getId().intValue());
                resultSet = preparedStatement.executeQuery();
                LinkedList linkedList = new LinkedList();
                while (resultSet.next()) {
                    List split = StringUtil.split(resultSet.getString("PROFILES"), ",");
                    HashSet hashSet = split == null ? null : new HashSet(split);
                    MgmtEntry.CaHasUser caHasUser = new MgmtEntry.CaHasUser(new NameId((Integer) null, resultSet.getString("NAME")));
                    caHasUser.setPermission(resultSet.getInt("PERMISSION"));
                    caHasUser.setProfiles(hashSet);
                    linkedList.add(caHasUser);
                }
                this.datasource.releaseResources(preparedStatement, resultSet);
                return linkedList;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate("SELECT NAME,PERMISSION,PROFILES FROM CA_HAS_USER INNER JOIN TUSER ON CA_ID=? AND TUSER.ID=CA_HAS_USER.USER_ID", e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, resultSet);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public MgmtEntry.User getUser(String str) throws CaMgmtException {
        return getUser(str, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public MgmtEntry.User getUser(String str, boolean z) throws CaMgmtException {
        Args.notBlank(str, "username");
        NameId nameId = new NameId((Integer) null, str);
        String str2 = this.sqlSelectUser;
        try {
            try {
                PreparedStatement prepareStatement = prepareStatement(str2);
                int i = 1 + 1;
                prepareStatement.setString(1, nameId.getName());
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (executeQuery.next()) {
                    nameId.setId(Integer.valueOf(executeQuery.getInt("ID")));
                    MgmtEntry.User user = new MgmtEntry.User(nameId, executeQuery.getBoolean("ACTIVE"), executeQuery.getString("PASSWORD"));
                    this.datasource.releaseResources(prepareStatement, executeQuery);
                    return user;
                }
                if (!z) {
                    throw new CaMgmtException("unknown user " + str);
                }
                this.datasource.releaseResources(prepareStatement, executeQuery);
                return null;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate(str2, e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources((Statement) null, (ResultSet) null);
            throw th;
        }
    }

    private static void setBoolean(PreparedStatement preparedStatement, int i, boolean z) throws SQLException {
        preparedStatement.setInt(i, z ? 1 : 0);
    }

    private static String getRealString(String str) {
        if ("null".equalsIgnoreCase(str)) {
            return null;
        }
        return str;
    }

    private static String encodeCertchain(List<X509Certificate> list) throws CaMgmtException {
        try {
            return X509Util.encodeCertificates((X509Certificate[]) list.toArray(new X509Certificate[0]));
        } catch (IOException | CertificateException e) {
            throw new CaMgmtException(e);
        }
    }

    private static List<X509Certificate> buildCertChain(X509Certificate x509Certificate, List<X509Certificate> list) throws CaMgmtException {
        try {
            X509Certificate[] buildCertPath = X509Util.buildCertPath(x509Certificate, list, false);
            if (buildCertPath == null || list.size() != buildCertPath.length) {
                throw new CaMgmtException("could not build certchain containing all specified certs");
            }
            return Arrays.asList(buildCertPath);
        } catch (CertPathBuilderException e) {
            throw new CaMgmtException(e);
        }
    }

    private static X509Certificate parseCert(byte[] bArr) throws CaMgmtException {
        try {
            return X509Util.parseCert(bArr);
        } catch (CertificateException e) {
            throw new CaMgmtException("could not parse certificate", e);
        }
    }

    private int getNonNullIdForName(String str, String str2) throws CaMgmtException {
        Integer idForName = getIdForName(str, str2);
        if (idForName != null) {
            return idForName.intValue();
        }
        throw new CaMgmtException(concat("Found no entry named ", str2));
    }

    private Integer getIdForName(String str, String str2) throws CaMgmtException {
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = prepareStatement(str);
                preparedStatement.setString(1, str2);
                resultSet = preparedStatement.executeQuery();
                if (!resultSet.next()) {
                    this.datasource.releaseResources(preparedStatement, resultSet);
                    return null;
                }
                Integer valueOf = Integer.valueOf(resultSet.getInt("ID"));
                this.datasource.releaseResources(preparedStatement, resultSet);
                return valueOf;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate(str, e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(preparedStatement, resultSet);
            throw th;
        }
    }

    private Map<Integer, String> getIdNameMap(String str) throws CaMgmtException {
        String concat = concat("SELECT ID,NAME FROM ", str);
        Statement statement = null;
        ResultSet resultSet = null;
        HashMap hashMap = new HashMap();
        try {
            try {
                statement = createStatement();
                resultSet = statement.executeQuery(concat);
                while (resultSet.next()) {
                    hashMap.put(Integer.valueOf(resultSet.getInt("ID")), resultSet.getString("NAME"));
                }
                this.datasource.releaseResources(statement, resultSet);
                return hashMap;
            } catch (SQLException e) {
                throw new CaMgmtException(this.datasource.translate(concat, e));
            }
        } catch (Throwable th) {
            this.datasource.releaseResources(statement, resultSet);
            throw th;
        }
    }

    private static String concat(String str, String... strArr) {
        return StringUtil.concat(str, strArr);
    }
}
