package org.apache.synapse.transport.certificatevalidation.ocsp;

import java.math.BigInteger;
import java.util.Date;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.commons.jmx.MBeanRegistrar;
import org.apache.synapse.transport.certificatevalidation.CertificateVerificationException;
import org.apache.synapse.transport.certificatevalidation.cache.CacheController;
import org.apache.synapse.transport.certificatevalidation.cache.CacheManager;
import org.apache.synapse.transport.certificatevalidation.cache.ManageableCache;
import org.apache.synapse.transport.certificatevalidation.cache.ManageableCacheValue;
import org.bouncycastle.cert.ocsp.BasicOCSPResp;
import org.bouncycastle.cert.ocsp.OCSPReq;
import org.bouncycastle.cert.ocsp.OCSPResp;
import org.bouncycastle.cert.ocsp.SingleResp;

/* loaded from: input_file:WEB-INF/lib/synapse-nhttp-transport-2.1.3-wso2v7.jar:org/apache/synapse/transport/certificatevalidation/ocsp/OCSPCache.class */
public class OCSPCache implements ManageableCache {
    private static volatile OCSPCache cache;
    private static volatile CacheManager cacheManager;
    private static volatile Map<BigInteger, OCSPCacheValue> hashMap = new ConcurrentHashMap();
    private static volatile Iterator<Map.Entry<BigInteger, OCSPCacheValue>> iterator = hashMap.entrySet().iterator();
    private static OCSPVerifier ocspVerifier = new OCSPVerifier(null);
    private static final Log log = LogFactory.getLog(OCSPCache.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/synapse-nhttp-transport-2.1.3-wso2v7.jar:org/apache/synapse/transport/certificatevalidation/ocsp/OCSPCache$OCSPCacheValue.class */
    public class OCSPCacheValue implements ManageableCacheValue {
        private BigInteger serialNumber;
        private SingleResp singleResp;
        private OCSPReq request;
        private String serviceUrl;
        private long timeStamp = System.currentTimeMillis();

        public OCSPCacheValue(BigInteger bigInteger, SingleResp singleResp, OCSPReq oCSPReq, String str) {
            this.serialNumber = bigInteger;
            this.singleResp = singleResp;
            this.request = oCSPReq;
            this.serviceUrl = str;
        }

        public BigInteger getKey() {
            return this.serialNumber;
        }

        public SingleResp getValue() {
            this.timeStamp = System.currentTimeMillis();
            return this.singleResp;
        }

        @Override // org.apache.synapse.transport.certificatevalidation.cache.ManageableCacheValue
        public boolean isValid() {
            Date date = new Date();
            Date nextUpdate = this.singleResp.getNextUpdate();
            return nextUpdate != null && nextUpdate.after(date);
        }

        @Override // org.apache.synapse.transport.certificatevalidation.cache.ManageableCacheValue
        public long getTimeStamp() {
            return this.timeStamp;
        }

        @Override // org.apache.synapse.transport.certificatevalidation.cache.ManageableCacheValue
        public void removeThisCacheValue() {
            OCSPCache.this.removeCacheValue(this.serialNumber);
        }

        @Override // org.apache.synapse.transport.certificatevalidation.cache.ManageableCacheValue
        public void updateCacheWithNewValue() {
            OCSPCache.this.replaceNewCacheValue(this);
        }
    }

    private OCSPCache() {
    }

    public static OCSPCache getCache() {
        if (cache == null) {
            synchronized (OCSPCache.class) {
                if (cache == null) {
                    cache = new OCSPCache();
                }
            }
        }
        return cache;
    }

    public void init(int i, int i2) {
        if (cacheManager == null) {
            synchronized (OCSPCache.class) {
                if (cacheManager == null) {
                    cacheManager = new CacheManager(cache, i, i2);
                    MBeanRegistrar.getInstance().registerMBean(new CacheController(cache, cacheManager), "CacheController", "OCSPCacheController");
                }
            }
        }
    }

    @Override // org.apache.synapse.transport.certificatevalidation.cache.ManageableCache
    public ManageableCacheValue getNextCacheValue() {
        if (iterator.hasNext()) {
            return hashMap.get(iterator.next().getKey());
        }
        resetIterator();
        return null;
    }

    @Override // org.apache.synapse.transport.certificatevalidation.cache.ManageableCache
    public int getCacheSize() {
        return hashMap.size();
    }

    @Override // org.apache.synapse.transport.certificatevalidation.cache.ManageableCache
    public void resetIterator() {
        iterator = hashMap.entrySet().iterator();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void replaceNewCacheValue(OCSPCacheValue oCSPCacheValue) {
        if (oCSPCacheValue.isValid()) {
            return;
        }
        try {
            String str = oCSPCacheValue.serviceUrl;
            OCSPReq oCSPReq = oCSPCacheValue.request;
            OCSPResp oCSPResponce = ocspVerifier.getOCSPResponce(str, oCSPReq);
            if (0 != oCSPResponce.getStatus()) {
                throw new CertificateVerificationException("OCSP response status not SUCCESSFUL");
            }
            BasicOCSPResp basicOCSPResp = (BasicOCSPResp) oCSPResponce.getResponseObject();
            SingleResp[] responses = basicOCSPResp == null ? null : basicOCSPResp.getResponses();
            if (responses == null) {
                throw new CertificateVerificationException("Cant get OCSP response");
            }
            setCacheValue(oCSPCacheValue.serialNumber, responses[0], oCSPReq, str);
        } catch (Exception e) {
            log.info("Cant replace old CacheValue with new CacheValue. So remove", e);
            oCSPCacheValue.removeThisCacheValue();
        }
    }

    public synchronized SingleResp getCacheValue(BigInteger bigInteger) {
        OCSPCacheValue oCSPCacheValue = hashMap.get(bigInteger);
        if (oCSPCacheValue == null) {
            return null;
        }
        if (oCSPCacheValue.isValid()) {
            return oCSPCacheValue.getValue();
        }
        oCSPCacheValue.updateCacheWithNewValue();
        OCSPCacheValue oCSPCacheValue2 = hashMap.get(bigInteger);
        if (oCSPCacheValue2 != null) {
            return oCSPCacheValue2.getValue();
        }
        return null;
    }

    public synchronized void setCacheValue(BigInteger bigInteger, SingleResp singleResp, OCSPReq oCSPReq, String str) {
        OCSPCacheValue oCSPCacheValue = new OCSPCacheValue(bigInteger, singleResp, oCSPReq, str);
        log.info("Before set - HashMap size " + hashMap.size());
        hashMap.put(bigInteger, oCSPCacheValue);
        log.info("After set - HashMap size " + hashMap.size());
    }

    public synchronized void removeCacheValue(BigInteger bigInteger) {
        log.info("Before remove - HashMap size " + hashMap.size());
        hashMap.remove(bigInteger);
        log.info("After remove - HashMap size " + hashMap.size());
    }
}
