package org.wso2.transport.http.netty.common.certificatevalidation.ocsp;

import java.math.BigInteger;
import java.util.Date;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.bouncycastle.cert.ocsp.BasicOCSPResp;
import org.bouncycastle.cert.ocsp.OCSPException;
import org.bouncycastle.cert.ocsp.OCSPReq;
import org.bouncycastle.cert.ocsp.OCSPResp;
import org.bouncycastle.cert.ocsp.SingleResp;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.transport.http.netty.common.MBeanRegistrar;
import org.wso2.transport.http.netty.common.certificatevalidation.CertificateVerificationException;
import org.wso2.transport.http.netty.common.certificatevalidation.cache.CacheController;
import org.wso2.transport.http.netty.common.certificatevalidation.cache.CacheManager;
import org.wso2.transport.http.netty.common.certificatevalidation.cache.ManageableCache;
import org.wso2.transport.http.netty.common.certificatevalidation.cache.ManageableCacheValue;

/* loaded from: input_file:org/wso2/transport/http/netty/common/certificatevalidation/ocsp/OCSPCache.class */
public class OCSPCache implements ManageableCache {
    private static volatile OCSPCache cache;
    private volatile Iterator<Map.Entry<BigInteger, OCSPCacheValue>> iterator = hashMap.entrySet().iterator();
    private volatile CacheManager cacheManager;
    private static volatile Map<BigInteger, OCSPCacheValue> hashMap = new ConcurrentHashMap();
    private static final Logger log = LoggerFactory.getLogger(OCSPCache.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/wso2/transport/http/netty/common/certificatevalidation/ocsp/OCSPCache$OCSPCacheValue.class */
    public class OCSPCacheValue implements ManageableCacheValue {
        private BigInteger serialNumber;
        private SingleResp singleResp;
        private OCSPReq request;
        private String serviceUrl;
        private OCSPResp ocspResp;
        private long timeStamp = System.currentTimeMillis();

        public OCSPCacheValue(OCSPResp oCSPResp, BigInteger bigInteger, SingleResp singleResp, OCSPReq oCSPReq, String str) {
            this.serialNumber = bigInteger;
            this.singleResp = singleResp;
            this.request = oCSPReq;
            this.serviceUrl = str;
            this.ocspResp = oCSPResp;
        }

        public BigInteger getKey() {
            return this.serialNumber;
        }

        public SingleResp getValue() {
            this.timeStamp = System.currentTimeMillis();
            return this.singleResp;
        }

        public OCSPResp getOCSPValue() {
            this.timeStamp = System.currentTimeMillis();
            return this.ocspResp;
        }

        @Override // org.wso2.transport.http.netty.common.certificatevalidation.cache.ManageableCacheValue
        public boolean isValid() {
            Date date = new Date();
            Date nextUpdate = this.singleResp.getNextUpdate();
            return nextUpdate != null && nextUpdate.after(date);
        }

        @Override // org.wso2.transport.http.netty.common.certificatevalidation.cache.ManageableCacheValue
        public long getTimeStamp() {
            return this.timeStamp;
        }

        @Override // org.wso2.transport.http.netty.common.certificatevalidation.cache.ManageableCacheValue
        public void removeThisCacheValue() {
            OCSPCache.this.removeCacheValue(this.serialNumber);
        }

        @Override // org.wso2.transport.http.netty.common.certificatevalidation.cache.ManageableCacheValue
        public void updateCacheWithNewValue() {
            replaceNewCacheValue();
        }

        private synchronized void replaceNewCacheValue() {
            if (isValid()) {
                return;
            }
            try {
                OCSPResp oCSPResponce = OCSPVerifier.getOCSPResponce(this.serviceUrl, this.request);
                if (0 != oCSPResponce.getStatus()) {
                    throw new CertificateVerificationException("OCSP response status was not SUCCESSFUL. Found OCSPResponseStatus:" + oCSPResponce.getStatus());
                }
                BasicOCSPResp basicOCSPResp = (BasicOCSPResp) oCSPResponce.getResponseObject();
                SingleResp[] responses = basicOCSPResp == null ? null : basicOCSPResp.getResponses();
                if (responses == null) {
                    throw new CertificateVerificationException("Unable to get OCSP response.");
                }
                OCSPCache.this.setCacheValue(oCSPResponce, this.serialNumber, responses[0], this.request, this.serviceUrl);
            } catch (CertificateVerificationException | OCSPException e) {
                if (OCSPCache.log.isInfoEnabled()) {
                    OCSPCache.log.info("Can not replace old CacheValue with new CacheValue. So removing ocsp cache value", e);
                }
                removeThisCacheValue();
            }
        }
    }

    private OCSPCache() {
    }

    public static OCSPCache getCache() {
        if (cache == null) {
            synchronized (OCSPCache.class) {
                if (cache == null) {
                    cache = new OCSPCache();
                }
            }
        }
        return cache;
    }

    public void init(int i, int i2) {
        if (this.cacheManager == null) {
            synchronized (OCSPCache.class) {
                if (this.cacheManager == null) {
                    this.cacheManager = new CacheManager(cache, i, i2);
                    MBeanRegistrar.getInstance().registerMBean(new CacheController(cache, this.cacheManager), "CacheController", "OCSPCacheController");
                }
            }
        }
    }

    @Override // org.wso2.transport.http.netty.common.certificatevalidation.cache.ManageableCache
    public ManageableCacheValue getNextCacheValue() {
        if (this.iterator.hasNext()) {
            return hashMap.get(this.iterator.next().getKey());
        }
        resetIterator();
        return null;
    }

    @Override // org.wso2.transport.http.netty.common.certificatevalidation.cache.ManageableCache
    public int getCacheSize() {
        return hashMap.size();
    }

    @Override // org.wso2.transport.http.netty.common.certificatevalidation.cache.ManageableCache
    public void resetIterator() {
        this.iterator = hashMap.entrySet().iterator();
    }

    public synchronized SingleResp getCacheValue(BigInteger bigInteger) {
        OCSPCacheValue oCSPCacheValue = hashMap.get(bigInteger);
        if (oCSPCacheValue == null) {
            return null;
        }
        if (oCSPCacheValue.isValid()) {
            return oCSPCacheValue.getValue();
        }
        oCSPCacheValue.updateCacheWithNewValue();
        OCSPCacheValue oCSPCacheValue2 = hashMap.get(bigInteger);
        if (oCSPCacheValue2 != null) {
            return oCSPCacheValue2.getValue();
        }
        return null;
    }

    public synchronized OCSPResp getOCSPCacheValue(BigInteger bigInteger) {
        OCSPCacheValue oCSPCacheValue = hashMap.get(bigInteger);
        if (oCSPCacheValue == null) {
            return null;
        }
        if (oCSPCacheValue.isValid()) {
            return oCSPCacheValue.getOCSPValue();
        }
        oCSPCacheValue.updateCacheWithNewValue();
        OCSPCacheValue oCSPCacheValue2 = hashMap.get(bigInteger);
        if (oCSPCacheValue2 != null) {
            return oCSPCacheValue2.getOCSPValue();
        }
        return null;
    }

    public synchronized void setCacheValue(OCSPResp oCSPResp, BigInteger bigInteger, SingleResp singleResp, OCSPReq oCSPReq, String str) {
        OCSPCacheValue oCSPCacheValue = new OCSPCacheValue(oCSPResp, bigInteger, singleResp, oCSPReq, str);
        if (log.isDebugEnabled()) {
            log.debug("Before setting - HashMap size {}", Integer.valueOf(hashMap.size()));
        }
        hashMap.put(bigInteger, oCSPCacheValue);
        if (log.isDebugEnabled()) {
            log.debug("After setting - HashMap size {}", Integer.valueOf(hashMap.size()));
        }
    }

    public synchronized void removeCacheValue(BigInteger bigInteger) {
        if (log.isDebugEnabled()) {
            log.debug("Before removing - HashMap size {}", Integer.valueOf(hashMap.size()));
        }
        hashMap.remove(bigInteger);
        if (log.isDebugEnabled()) {
            log.debug("After removing - HashMap size {}", Integer.valueOf(hashMap.size()));
        }
    }
}
