package com.itrus.cvm;

import com.itrus.cert.Names;
import com.itrus.cert.X509CRL;
import com.itrus.cert.X509Certificate;
import com.itrus.util.Semaphore;
import com.umeng.socialize.common.SocializeConstants;
import java.io.IOException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: classes.dex */
public class CRLContext {
    private static Log log = LogFactory.getLog("ITRUS-CVM");
    private String m_AccountHash;
    private String m_CAFilePath;
    private String m_CaAlias;
    private X509Certificate m_CaCert;
    private String m_CrlFilePath;
    private String m_CrlUrl;
    private int[] m_RetryPolicy;
    private boolean m_TimingDownload;
    private X509CRL m_X509CRL;
    private boolean m_isNotCheckCRL;
    private String m_UserCrlUrl = null;
    private Semaphore m_semaphore = new Semaphore();
    private int m_status = 0;

    public CRLContext(CRLContextConfInfo cRLContextConfInfo) throws IOException, CertificateException, NoSuchProviderException {
        this.m_X509CRL = null;
        this.m_CaCert = null;
        this.m_CAFilePath = null;
        this.m_CrlUrl = null;
        this.m_CrlFilePath = null;
        this.m_AccountHash = null;
        this.m_RetryPolicy = null;
        this.m_isNotCheckCRL = false;
        this.m_TimingDownload = false;
        this.m_CaCert = X509Certificate.getInstanceFromFile(cRLContextConfInfo.getCAFilePath());
        this.m_CAFilePath = cRLContextConfInfo.getCAFilePath();
        this.m_CrlFilePath = cRLContextConfInfo.getCRLFilePath();
        this.m_CrlUrl = cRLContextConfInfo.getCRLUrl();
        this.m_RetryPolicy = cRLContextConfInfo.getRetryPolicy();
        Names subjectNames = this.m_CaCert.getSubjectNames();
        this.m_CaAlias = subjectNames.getItem("CN") != null ? subjectNames.getItem("CN") : (String) subjectNames.getItems((String) subjectNames.keys().nextElement()).elementAt(0);
        this.m_isNotCheckCRL = cRLContextConfInfo.isNotCheckCRL();
        this.m_AccountHash = cRLContextConfInfo.getAccountHash();
        this.m_TimingDownload = cRLContextConfInfo.isTimingDownload();
        try {
            this.m_X509CRL = X509CRL.getInstanceFromFile(this.m_CrlFilePath);
            if (!this.m_isNotCheckCRL && !isCRLIssuedByLegalCA(this.m_X509CRL, this.m_CaCert)) {
                log.warn(SocializeConstants.OP_OPEN_PAREN + this.m_CaAlias + ")下载到的CRL不是由指定CA颁发的。");
                this.m_X509CRL = null;
            }
            log.info("加载CRL成功(" + this.m_CaAlias + "),(CrlFilePath:" + this.m_CrlFilePath + ")。");
        } catch (Exception e) {
            log.warn(SocializeConstants.OP_OPEN_PAREN + this.m_CaAlias + ")读取CRL文件错误：[" + e.getMessage() + "]" + this.m_CrlFilePath);
        }
        getX509CRL();
    }

    public void cancelTimingDownload() {
        this.m_TimingDownload = false;
    }

    public String getAccountHash() {
        return this.m_AccountHash;
    }

    public String getCAFilePath() {
        return this.m_CAFilePath;
    }

    public String getCaAlias() {
        return this.m_CaAlias;
    }

    public X509Certificate getCaCert() {
        return this.m_CaCert;
    }

    public String getCrlFilePath() {
        return this.m_CrlFilePath;
    }

    public String getCrlUrl() {
        return this.m_CrlUrl;
    }

    public int[] getRetryPolicy() {
        return this.m_RetryPolicy;
    }

    public int getStatus() {
        return this.m_status;
    }

    public String getUserCrlUrl() {
        return this.m_UserCrlUrl;
    }

    public X509CRL getX509CRL() {
        try {
            this.m_semaphore.waitReadSemaphore();
            if (this.m_X509CRL == null || this.m_TimingDownload) {
                if (this.m_CrlUrl == null && this.m_UserCrlUrl == null) {
                    log.error(SocializeConstants.OP_OPEN_PAREN + this.m_CaAlias + SocializeConstants.OP_CLOSE_PAREN + "无法从配置文件或用户证书中取得CRL下载地址。");
                } else {
                    if (this.m_status == 0) {
                        synchronized (this) {
                            new CRLDownloadThread(this).start();
                        }
                    }
                    log.info(SocializeConstants.OP_OPEN_PAREN + this.m_CaAlias + SocializeConstants.OP_CLOSE_PAREN + "已经启动了下载线程，退出……");
                }
            }
        } catch (InterruptedException e) {
            e.printStackTrace();
        } finally {
            this.m_semaphore.releaseReadSemaphore();
        }
        return this.m_X509CRL;
    }

    public X509CRL getX509CRL(String str) {
        this.m_UserCrlUrl = str;
        return getX509CRL();
    }

    public boolean isCRLIssuedByLegalCA(X509CRL x509crl, X509Certificate x509Certificate) {
        try {
            x509crl.verify(x509Certificate.getPublicKey());
            return true;
        } catch (Exception e) {
            log.debug(e.getMessage());
            return false;
        }
    }

    public boolean isNotCheckCRL() {
        return this.m_isNotCheckCRL;
    }

    public boolean isTimingDownload() {
        return this.m_TimingDownload;
    }

    public void setCrlUrl(String str) {
        this.m_CrlUrl = str;
    }

    public void setDownloaded() {
        this.m_status = 0;
    }

    public void setDownloading() {
        this.m_status = 1;
    }

    public void setX509CRL(X509CRL x509crl) {
        try {
            this.m_semaphore.lock();
            this.m_X509CRL = x509crl;
            this.m_status = 0;
        } catch (InterruptedException e) {
        } finally {
            this.m_semaphore.unlock();
        }
    }
}
