package org.cesecore.config;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.apache.commons.configuration.Configuration;
import org.apache.commons.configuration.ConversionException;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.cesecore.certificates.certificateprofile.CertificateProfile;
import org.cesecore.certificates.certificateprofile.CertificateProfileConstants;
import org.cesecore.util.CertTools;

/* loaded from: input_file:org/cesecore/config/OcspConfiguration.class */
public class OcspConfiguration {

    @Deprecated
    public static final String DEFAULT_RESPONDER = "ocsp.defaultresponder";
    public static final String SIGNING_CERTD_VALID_TIME = "ocsp.signingCertsValidTime";
    public static final String SIGNING_TRUSTSTORE_VALID_TIME = "ocsp.signtrustvalidtime";
    public static final String SIGNATUREREQUIRED = "ocsp.signaturerequired";
    public static final String CARD_PASSWORD = "ocsp.keys.cardPassword";
    public static final String REKEYING_WSURL = "ocsp.rekeying.wsurl";
    public static final String WARNING_BEFORE_EXPERATION_TIME = "ocsp.warningBeforeExpirationTime";
    public static final String NONE_EXISTING_IS_GOOD = "ocsp.nonexistingisgood";
    public static final String NONE_EXISTING_IS_GOOD_URI = "ocsp.nonexistingisgood.uri.";
    public static final String NONE_EXISTING_IS_BAD_URI = "ocsp.nonexistingisbad.uri.";
    public static final String NONE_EXISTING_IS_REVOKED = "ocsp.nonexistingisrevoked";
    public static final String NONE_EXISTING_IS_REVOKED_URI = "ocsp.nonexistingisrevoked.uri.";
    public static final String REKEYING_TRIGGERING_HOSTS = "ocsp.rekeying.trigging.hosts";
    public static final String REKEYING_TRIGGERING_PASSWORD = "ocsp.rekeying.trigging.password";
    public static final String REKEYING_UPDATE_TIME_IN_SECONDS = "ocsp.rekeying.update.time.in.seconds";
    public static final String REKEYING_SAFETY_MARGIN_IN_SECONDS = "ocsp.rekeying.safety.margin.in.seconds";
    public static final String EXPIREDCERT_RETENTIONPERIOD = "ocsp.expiredcert.retentionperiod";
    public static final String UNTIL_NEXT_UPDATE = "ocsp.untilNextUpdate";
    public static final String REVOKED_UNTIL_NEXT_UPDATE = "ocsp.revoked.untilNextUpdate";
    public static final String MAX_AGE = "ocsp.maxAge";
    public static final String REVOKED_MAX_AGE = "ocsp.revoked.maxAge";
    public static final String INCLUDE_SIGNING_CERT = "ocsp.includesignercert";
    public static final String INCLUDE_CERT_CHAIN = "ocsp.includecertchain";
    public static final String RESPONDER_ID_TYPE = "ocsp.responderidtype";

    @Deprecated
    public static final int RESTRICTONISSUER = 0;

    @Deprecated
    public static final int RESTRICTONSIGNER = 1;
    public static final int RESPONDERIDTYPE_NAME = 1;
    public static final int RESPONDERIDTYPE_KEYHASH = 2;
    private static final Logger log = Logger.getLogger(OcspConfiguration.class);
    public static Set<String> acceptedSignatureAlgorithms = new HashSet();

    public static String getSignatureAlgorithm() {
        return ConfigurationHolder.getString("ocsp.signaturealgorithm");
    }

    public static boolean isAcceptedSignatureAlgorithm(String str) {
        if (acceptedSignatureAlgorithms.size() == 0) {
            for (String str2 : getSignatureAlgorithm().split(";")) {
                acceptedSignatureAlgorithms.add(str2);
            }
        }
        return acceptedSignatureAlgorithms.contains(str);
    }

    public static long getRekeyingUpdateTimeInSeconds() {
        return Long.parseLong(ConfigurationHolder.getString(REKEYING_UPDATE_TIME_IN_SECONDS));
    }

    public static long getRekeyingSafetyMarginInSeconds() {
        return Long.parseLong(ConfigurationHolder.getString(REKEYING_SAFETY_MARGIN_IN_SECONDS));
    }

    public static int getSigningCertsValidTimeInMilliseconds() {
        int i;
        try {
            i = Integer.parseInt(ConfigurationHolder.getString(SIGNING_CERTD_VALID_TIME));
        } catch (NumberFormatException e) {
            i = 300;
            log.warn("ocsp.signingCertsValidTime is not a decimal integer. Using default 5 minutes");
        }
        return i * CertificateProfileConstants.FIXED_CERTIFICATEPROFILE_BOUNDRY;
    }

    public static boolean getEnforceRequestSigning() {
        String string = ConfigurationHolder.getString(SIGNATUREREQUIRED);
        return CertificateProfile.TRUE.equalsIgnoreCase(string) || "yes".equalsIgnoreCase(string);
    }

    @Deprecated
    public static boolean getRestrictSignatures() {
        String string = ConfigurationHolder.getString("ocsp.restrictsignatures");
        return CertificateProfile.TRUE.equalsIgnoreCase(string) || "yes".equalsIgnoreCase(string);
    }

    @Deprecated
    public static int getRestrictSignaturesByMethod() {
        return "signer".equalsIgnoreCase(ConfigurationHolder.getString("ocsp.restrictsignaturesbymethod")) ? 1 : 0;
    }

    @Deprecated
    public static String getSignTrustDir() {
        return ConfigurationHolder.getString("ocsp.signtrustdir");
    }

    public static boolean getIncludeCertChain() {
        String string = ConfigurationHolder.getString(INCLUDE_CERT_CHAIN);
        return CertificateProfile.TRUE.equalsIgnoreCase(string) || "yes".equalsIgnoreCase(string);
    }

    public static boolean getIncludeSignCert() {
        String string = ConfigurationHolder.getString(INCLUDE_SIGNING_CERT);
        return CertificateProfile.TRUE.equalsIgnoreCase(string) || "yes".equalsIgnoreCase(string);
    }

    public static int getResponderIdType() {
        return "name".equalsIgnoreCase(ConfigurationHolder.getString(RESPONDER_ID_TYPE)) ? 1 : 2;
    }

    public static boolean getNonExistingIsGood() {
        String string = ConfigurationHolder.getString(NONE_EXISTING_IS_GOOD);
        return CertificateProfile.TRUE.equalsIgnoreCase(string) || "yes".equalsIgnoreCase(string);
    }

    public static boolean getNonExistingIsRevoked() {
        String string = ConfigurationHolder.getString(NONE_EXISTING_IS_REVOKED);
        return CertificateProfile.TRUE.equalsIgnoreCase(string) || "yes".equalsIgnoreCase(string);
    }

    private static String getRegex(String str) {
        int i = 1;
        StringBuffer stringBuffer = new StringBuffer();
        while (true) {
            String string = ConfigurationHolder.getString(str + i);
            if (string == null) {
                break;
            }
            if (i > 1) {
                stringBuffer.append('|');
            }
            stringBuffer.append('(');
            stringBuffer.append(string);
            stringBuffer.append(')');
            i++;
        }
        if (stringBuffer.length() < 1) {
            return null;
        }
        return stringBuffer.toString();
    }

    public static String getNonExistingIsGoodOverideRegex() {
        return getRegex(NONE_EXISTING_IS_GOOD_URI);
    }

    public static String getNonExistingIsBadOverideRegex() {
        return getRegex(NONE_EXISTING_IS_BAD_URI);
    }

    public static String getNonExistingIsRevokedOverideRegex() {
        return getRegex(NONE_EXISTING_IS_REVOKED_URI);
    }

    @Deprecated
    public static String getDefaultResponderId() {
        String expandedString = ConfigurationHolder.getExpandedString(DEFAULT_RESPONDER);
        return expandedString != null ? CertTools.stringToBCDNString(expandedString) : expandedString;
    }

    public static List<String> getExtensionOids() {
        String string = ConfigurationHolder.getString("ocsp.extensionoid");
        return "".equals(string) ? new ArrayList() : Arrays.asList(string.split(";"));
    }

    public static List<String> getExtensionClasses() {
        String string = ConfigurationHolder.getString("ocsp.extensionclass");
        return "".equals(string) ? new ArrayList() : Arrays.asList(string.split(";"));
    }

    public static String getUnidDataSource() {
        return ConfigurationHolder.getString("ocsp.uniddatsource");
    }

    public static String getUnidTrustDir() {
        return ConfigurationHolder.getString("ocsp.unidtrustdir");
    }

    public static String getUnidCaCert() {
        return ConfigurationHolder.getString("ocsp.unidcacert");
    }

    public static boolean getAuditLog() {
        String string = ConfigurationHolder.getString("ocsp.audit-log");
        return CertificateProfile.TRUE.equalsIgnoreCase(string) || "yes".equalsIgnoreCase(string);
    }

    public static String getLogDateFormat() {
        return ConfigurationHolder.getString("ocsp.log-date");
    }

    public static String getLogTimeZone() {
        return ConfigurationHolder.getString("ocsp.log-timezone");
    }

    public static boolean getLogSafer() {
        String string = ConfigurationHolder.getString("ocsp.log-safer");
        return CertificateProfile.TRUE.equalsIgnoreCase(string) || "yes".equalsIgnoreCase(string);
    }

    public static String getAuditLogPattern() {
        return ConfigurationHolder.getString("ocsp.audit-log-pattern");
    }

    public static String getAuditLogOrder() {
        return ConfigurationHolder.getString("ocsp.audit-log-order").replace("\\\"", "\"");
    }

    public static boolean getHealthCheckSignTest() {
        return ConfigurationHolder.getString("ocsphealthcheck.signtest").toLowerCase().indexOf(CertificateProfile.FALSE) < 0;
    }

    public static boolean getHealthCheckCertificateValidity() {
        return ConfigurationHolder.getString("ocsphealthcheck.checkSigningCertificateValidity").toLowerCase().indexOf(CertificateProfile.FALSE) < 0;
    }

    public static boolean getTransactionLog() {
        String string = ConfigurationHolder.getString("ocsp.trx-log");
        return CertificateProfile.TRUE.equalsIgnoreCase(string) || "yes".equalsIgnoreCase(string);
    }

    public static String getTransactionLogPattern() {
        return ConfigurationHolder.getString("ocsp.trx-log-pattern");
    }

    public static String getTransactionLogOrder() {
        return ConfigurationHolder.getString("ocsp.trx-log-order").replace("\\\"", "\"");
    }

    public static long getExpiredArchiveCutoff() {
        Configuration instance = ConfigurationHolder.instance();
        if (StringUtils.equals(instance.getString(EXPIREDCERT_RETENTIONPERIOD), "-1")) {
            return -1L;
        }
        long j = 31536000;
        try {
            j = instance.getLong(EXPIREDCERT_RETENTIONPERIOD, 31536000L) * 1000;
        } catch (ConversionException e) {
            log.warn("\"ocsp.expiredcert.retentionperiod\" is not a decimal integer. Using default value: " + j);
        }
        return j;
    }

    public static long getUntilNextUpdate(int i) {
        long j = 0;
        Configuration instance = ConfigurationHolder.instance();
        String str = "ocsp." + i + ".untilNextUpdate";
        if (i == 0 || !instance.containsKey(str)) {
            str = UNTIL_NEXT_UPDATE;
        }
        try {
            j = instance.getLong(str, 0L) * 1000;
        } catch (ConversionException e) {
            log.warn("\"ocsp.untilNextUpdate\" is not a decimal integer. Using default value: " + j);
        }
        return j;
    }

    public static boolean isUntilNextUpdateConfigured(int i) {
        return i == 0 ? ConfigurationHolder.instance().containsKey(UNTIL_NEXT_UPDATE) : ConfigurationHolder.instance().containsKey("ocsp." + i + ".untilNextUpdate");
    }

    public static long getRevokedUntilNextUpdate(int i) {
        long j = 0;
        Configuration instance = ConfigurationHolder.instance();
        String str = "ocsp." + i + ".revoked.untilNextUpdate";
        if (i == 0 || !instance.containsKey(str)) {
            str = REVOKED_UNTIL_NEXT_UPDATE;
        }
        try {
            j = instance.getLong(str, 0L) * 1000;
        } catch (ConversionException e) {
            log.warn("\"ocsp.revoked.untilNextUpdate\" is not a decimal integer. Using default value: " + j);
        }
        return j;
    }

    public static boolean isRevokedUntilNextUpdateConfigured(int i) {
        return i == 0 ? ConfigurationHolder.instance().containsKey(REVOKED_UNTIL_NEXT_UPDATE) : ConfigurationHolder.instance().containsKey("ocsp." + i + ".revoked.untilNextUpdate");
    }

    public static long getMaxAge(int i) {
        long j = 30;
        Configuration instance = ConfigurationHolder.instance();
        String str = "ocsp." + i + ".maxAge";
        if (i == 0 || !instance.containsKey(str)) {
            str = MAX_AGE;
        }
        try {
            j = instance.getLong(str, 30L) * 1000;
        } catch (ConversionException e) {
            j *= 1000;
            log.warn("\"ocsp.maxAge\" is not a decimal integer. Using default value: " + j);
        }
        return j;
    }

    public static boolean isMaxAgeConfigured(int i) {
        return i == 0 ? ConfigurationHolder.instance().containsKey(MAX_AGE) : ConfigurationHolder.instance().containsKey("ocsp." + i + ".maxAge");
    }

    public static long getRevokedMaxAge(int i) {
        long j = 30;
        Configuration instance = ConfigurationHolder.instance();
        String str = "ocsp." + i + ".revoked.maxAge";
        if (i == 0 || !instance.containsKey(str)) {
            str = REVOKED_MAX_AGE;
        }
        try {
            j = instance.getLong(str, 30L) * 1000;
        } catch (ConversionException e) {
            j *= 1000;
            log.warn("\"ocsp.revoked.maxAge\" is not a decimal integer. Using default value: " + j);
        }
        return j;
    }

    public static boolean isRevokedMaxAgeConfigured(int i) {
        return i == 0 ? ConfigurationHolder.instance().containsKey(REVOKED_MAX_AGE) : ConfigurationHolder.instance().containsKey("ocsp." + i + ".revoked.maxAge");
    }

    @Deprecated
    public static String getSoftKeyDirectoryName() {
        return ConfigurationHolder.getString("ocsp.keys.dir");
    }

    @Deprecated
    public static String getKeyPassword() {
        String string = ConfigurationHolder.getString("ocsp.keys.keyPassword");
        return string != null ? string : getStorePassword();
    }

    @Deprecated
    public static String getStorePassword() {
        return ConfigurationHolder.getString("ocsp.keys.storePassword");
    }

    public static String getCardPassword() {
        return ConfigurationHolder.getString(CARD_PASSWORD);
    }

    public static String getHardTokenClassName() {
        return ConfigurationHolder.getString("ocsp.hardToken.className");
    }

    @Deprecated
    public static String getSunP11ConfigurationFile() {
        return ConfigurationHolder.getString("ocsp.p11.sunConfigurationFile");
    }

    public static Set<String> getRekeyingTriggingHosts() {
        String string = ConfigurationHolder.getString(REKEYING_TRIGGERING_HOSTS);
        return string == null ? new HashSet() : new HashSet(Arrays.asList(StringUtils.split(string.trim(), ';')));
    }

    public static String getRekeyingTriggingPassword() {
        return ConfigurationHolder.getString(REKEYING_TRIGGERING_PASSWORD);
    }

    public static String getEjbcawsracliUrl() {
        return ConfigurationHolder.getString(REKEYING_WSURL);
    }

    @Deprecated
    public static String getP11SharedLibrary() {
        return ConfigurationHolder.getString("ocsp.p11.sharedLibrary");
    }

    @Deprecated
    public static String getP11Password() {
        return ConfigurationHolder.getString("ocsp.p11.p11password");
    }

    @Deprecated
    public static String getP11SlotIndex() {
        return ConfigurationHolder.getString("ocsp.p11.slot");
    }

    @Deprecated
    public static boolean getDoNotStorePasswordsInMemory() {
        String string = ConfigurationHolder.getString("ocsp.activation.doNotStorePasswordsInMemory");
        return string != null && string.toLowerCase().indexOf(CertificateProfile.FALSE) < 0 && string.toLowerCase().indexOf("no") < 0;
    }

    public static long getWarningBeforeExpirationTime() {
        int i;
        try {
            String string = ConfigurationHolder.getString(WARNING_BEFORE_EXPERATION_TIME);
            i = string != null ? Integer.parseInt(string) : 604800;
        } catch (NumberFormatException e) {
            i = 604800;
            log.warn("ocsp.warningBeforeExpirationTime is not a decimal integer. Using default 1 week.");
        }
        return 1000 * i;
    }
}
