package org.openoces.ooapi.validation;

import java.io.ByteArrayInputStream;
import java.security.cert.CRLException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import org.openoces.ooapi.environment.Environments;
import org.openoces.ooapi.ldap.LDAPFactory;
import org.openoces.ooapi.utils.X509CertificateFactory;

/* loaded from: input_file:org/openoces/ooapi/validation/LdapCrlDownloader.class */
public class LdapCrlDownloader {
    private static final String CERTIFICATE_REVOCATION_LIST_BINARY = "certificateRevocationList;binary";
    private static final String CACERTIFICATE_BINARY = "cACertificate;binary";

    public CRL download(Environments.Environment environment, String str) {
        DirContext createLdapContext = LDAPFactory.createLdapContext(environment, CERTIFICATE_REVOCATION_LIST_BINARY);
        try {
            CRL downloadCrl = downloadCrl(createLdapContext, str);
            close(createLdapContext);
            return downloadCrl;
        } catch (Throwable th) {
            close(createLdapContext);
            throw th;
        }
    }

    public CRL download(String str, String str2) {
        InitialDirContext createLdapContext = LDAPFactory.createLdapContext(str, CERTIFICATE_REVOCATION_LIST_BINARY);
        try {
            CRL downloadCrl = downloadCrl(createLdapContext, str2);
            close(createLdapContext);
            return downloadCrl;
        } catch (Throwable th) {
            close(createLdapContext);
            throw th;
        }
    }

    public X509Certificate downloadCertificate(String str, String str2) {
        InitialDirContext createLdapContext = LDAPFactory.createLdapContext(str, CACERTIFICATE_BINARY);
        try {
            X509Certificate downloadCaCertificate = downloadCaCertificate(createLdapContext, str2);
            close(createLdapContext);
            return downloadCaCertificate;
        } catch (Throwable th) {
            close(createLdapContext);
            throw th;
        }
    }

    private void close(DirContext dirContext) {
        try {
            dirContext.close();
        } catch (NamingException e) {
            throw new IllegalStateException((Throwable) e);
        }
    }

    private CRL downloadCrl(DirContext dirContext, String str) {
        try {
            return new CRL(X509CertificateFactory.getInstance().generateCRL(downloadAttribute(dirContext, str, CERTIFICATE_REVOCATION_LIST_BINARY)));
        } catch (CRLException e) {
            throw new IllegalStateException(e);
        } catch (NamingException e2) {
            throw new IllegalStateException((Throwable) e2);
        }
    }

    private X509Certificate downloadCaCertificate(DirContext dirContext, String str) {
        try {
            return X509CertificateFactory.getInstance().generateCertificate(downloadAttribute(dirContext, str, CACERTIFICATE_BINARY));
        } catch (NamingException e) {
            throw new IllegalStateException((Throwable) e);
        } catch (CertificateException e2) {
            throw new IllegalStateException(e2);
        }
    }

    private ByteArrayInputStream downloadAttribute(DirContext dirContext, String str, String str2) throws NamingException {
        Attribute attribute = dirContext.getAttributes(str, new String[]{str2}).get(str2);
        if (attribute == null) {
            throw new IllegalStateException("Cannot lookup: " + str2 + " in directory context: " + dirContext);
        }
        return new ByteArrayInputStream((byte[]) attribute.get());
    }
}
