package org.globus.gsi.stores;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertStore;
import java.security.cert.CertificateException;
import java.util.HashMap;
import org.globus.common.CoGProperties;
import org.globus.gsi.provider.GlobusProvider;
import org.globus.gsi.provider.KeyStoreParametersFactory;

/* loaded from: input_file:org/globus/gsi/stores/Stores.class */
public class Stores {
    private static String defaultCAFilesPattern = "*.0";
    private static String defaultCRLFilesPattern = "*.r*";
    private static String defaultSigningPolicyFilesPattern = "*.signing_policy";
    private static final HashMap<String, ReloadableTrustStore> TRUST_STORES = new HashMap<>();
    private static final HashMap<String, ReloadableCrlStore> CRL_STORES = new HashMap<>();
    private static final HashMap<String, ReloadableCaCertStore> CA_CERT_STORES = new HashMap<>();
    private static final HashMap<String, ResourceSigningPolicyStore> SIGNING_POLICY_STORES = new HashMap<>();
    private static final long CACHE_TIME_MILLIS = 3600000;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/globus/gsi/stores/Stores$ReloadableCaCertStore.class */
    public static class ReloadableCaCertStore {
        private final String casLocationPattern;
        private CertStore certStore;
        private long lastUpdateTime;

        protected ReloadableCaCertStore(String str) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
            this.casLocationPattern = str;
            load();
        }

        private void load() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
            this.certStore = CertStore.getInstance(GlobusProvider.CERTSTORE_TYPE, new ResourceCertStoreParameters(this.casLocationPattern, null));
            this.lastUpdateTime = System.currentTimeMillis();
        }

        protected boolean isStillValid() {
            return this.lastUpdateTime + Stores.CACHE_TIME_MILLIS > System.currentTimeMillis();
        }

        protected CertStore getCaCertStore() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
            if (!isStillValid()) {
                load();
            }
            return this.certStore;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/globus/gsi/stores/Stores$ReloadableCrlStore.class */
    public static class ReloadableCrlStore {
        private final String crlsLocationPattern;
        private CertStore certStore;
        private long lastUpdateTime;

        protected ReloadableCrlStore(String str) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
            this.crlsLocationPattern = str;
            load();
        }

        private void load() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
            this.certStore = CertStore.getInstance(GlobusProvider.CERTSTORE_TYPE, new ResourceCertStoreParameters(null, this.crlsLocationPattern));
            this.lastUpdateTime = System.currentTimeMillis();
        }

        protected boolean isStillValid() {
            return this.lastUpdateTime + Stores.CACHE_TIME_MILLIS > System.currentTimeMillis();
        }

        protected CertStore getCrlStore() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
            if (!isStillValid()) {
                load();
            }
            return this.certStore;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/globus/gsi/stores/Stores$ReloadableTrustStore.class */
    public static class ReloadableTrustStore {
        private final String casLocationPattern;
        private final KeyStore keyStore = KeyStore.getInstance(GlobusProvider.KEYSTORE_TYPE, GlobusProvider.PROVIDER_NAME);
        private long lastUpdateTime;

        protected ReloadableTrustStore(String str) throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, IOException {
            this.casLocationPattern = str;
            reload();
        }

        private void reload() throws NoSuchAlgorithmException, CertificateException, IOException {
            this.keyStore.load(KeyStoreParametersFactory.createTrustStoreParameters(this.casLocationPattern));
            this.lastUpdateTime = System.currentTimeMillis();
        }

        protected boolean isStillValid() {
            return this.lastUpdateTime + Stores.CACHE_TIME_MILLIS > System.currentTimeMillis();
        }

        protected KeyStore getTrustStore() throws NoSuchAlgorithmException, CertificateException, IOException {
            if (!isStillValid()) {
                reload();
            }
            return this.keyStore;
        }
    }

    public static KeyStore getDefaultTrustStore() throws GeneralSecurityException, IOException {
        return getTrustStore("file:" + CoGProperties.getDefault().getCaCertLocations() + "/" + defaultCAFilesPattern);
    }

    public static KeyStore getTrustStore(String str) throws GeneralSecurityException, IOException {
        synchronized (TRUST_STORES) {
            ReloadableTrustStore reloadableTrustStore = TRUST_STORES.get(str);
            if (reloadableTrustStore != null) {
                return reloadableTrustStore.getTrustStore();
            }
            ReloadableTrustStore reloadableTrustStore2 = new ReloadableTrustStore(str);
            TRUST_STORES.put(str, reloadableTrustStore2);
            return reloadableTrustStore2.getTrustStore();
        }
    }

    public static CertStore getDefaultCACertStore() throws GeneralSecurityException, NoSuchAlgorithmException {
        return getCACertStore("file:" + CoGProperties.getDefault().getCaCertLocations() + "/" + defaultCAFilesPattern);
    }

    public static CertStore getCACertStore(String str) throws GeneralSecurityException, NoSuchAlgorithmException {
        CertStore caCertStore;
        synchronized (CA_CERT_STORES) {
            ReloadableCaCertStore reloadableCaCertStore = CA_CERT_STORES.get(str);
            if (reloadableCaCertStore == null) {
                reloadableCaCertStore = new ReloadableCaCertStore(str);
                CA_CERT_STORES.put(str, reloadableCaCertStore);
            }
            caCertStore = reloadableCaCertStore.getCaCertStore();
        }
        return caCertStore;
    }

    public static CertStore getDefaultCRLStore() throws GeneralSecurityException, NoSuchAlgorithmException {
        return getCRLStore("file:" + CoGProperties.getDefault().getCaCertLocations() + "/" + defaultCRLFilesPattern);
    }

    public static CertStore getCRLStore(String str) throws GeneralSecurityException, NoSuchAlgorithmException {
        CertStore crlStore;
        synchronized (CRL_STORES) {
            ReloadableCrlStore reloadableCrlStore = CRL_STORES.get(str);
            if (reloadableCrlStore == null) {
                reloadableCrlStore = new ReloadableCrlStore(str);
                CRL_STORES.put(str, reloadableCrlStore);
            }
            crlStore = reloadableCrlStore.getCrlStore();
        }
        return crlStore;
    }

    public static ResourceSigningPolicyStore getDefaultSigningPolicyStore() throws GeneralSecurityException {
        return getSigningPolicyStore("file:" + CoGProperties.getDefault().getCaCertLocations() + "/" + defaultSigningPolicyFilesPattern);
    }

    public static ResourceSigningPolicyStore getSigningPolicyStore(String str) throws GeneralSecurityException {
        ResourceSigningPolicyStore resourceSigningPolicyStore;
        synchronized (SIGNING_POLICY_STORES) {
            ResourceSigningPolicyStore resourceSigningPolicyStore2 = SIGNING_POLICY_STORES.get(str);
            if (resourceSigningPolicyStore2 == null) {
                resourceSigningPolicyStore2 = new ResourceSigningPolicyStore(new ResourceSigningPolicyStoreParameters(str));
                SIGNING_POLICY_STORES.put(str, resourceSigningPolicyStore2);
            }
            resourceSigningPolicyStore = resourceSigningPolicyStore2;
        }
        return resourceSigningPolicyStore;
    }

    public static String getDefaultCAFilesPattern() {
        return defaultCAFilesPattern;
    }

    public static void setDefaultCAFilesPattern(String str) {
        synchronized (TRUST_STORES) {
            synchronized (CA_CERT_STORES) {
                if (str != null) {
                    if (!defaultCAFilesPattern.equals(str)) {
                        defaultCAFilesPattern = str;
                        TRUST_STORES.clear();
                        CA_CERT_STORES.clear();
                    }
                }
            }
        }
    }

    public static String getDefaultCRLFilesPattern() {
        return defaultCRLFilesPattern;
    }

    public static void setDefaultCRLFilesPattern(String str) {
        synchronized (CRL_STORES) {
            if (str != null) {
                if (!defaultCRLFilesPattern.equals(str)) {
                    defaultCRLFilesPattern = str;
                    CRL_STORES.clear();
                }
            }
        }
    }

    public static String getDefaultSigningPolicyFilesPattern() {
        return defaultSigningPolicyFilesPattern;
    }

    public static void setDefaultSigningPolicyFilesPattern(String str) {
        synchronized (SIGNING_POLICY_STORES) {
            if (str != null) {
                if (!defaultSigningPolicyFilesPattern.equals(str)) {
                    defaultSigningPolicyFilesPattern = str;
                    SIGNING_POLICY_STORES.clear();
                }
            }
        }
    }
}
