package org.eclipse.kura.core.keystore.util;

import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URLConnection;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Optional;
import java.util.Set;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ExecutorService;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.DERIA5String;
import org.bouncycastle.asn1.x509.CRLDistPoint;
import org.bouncycastle.asn1.x509.DistributionPoint;
import org.bouncycastle.asn1.x509.DistributionPointName;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/kura/core/keystore/util/CRLUtil.class */
public class CRLUtil {
    private static final Logger logger = LoggerFactory.getLogger(CRLUtil.class);

    private CRLUtil() {
    }

    public static Set<URI> getCrlURIs(X509Certificate x509Certificate) throws IOException {
        byte[] extensionValue = x509Certificate.getExtensionValue(Extension.cRLDistributionPoints.getId());
        if (extensionValue == null) {
            return Collections.emptySet();
        }
        Throwable th = null;
        try {
            ASN1InputStream aSN1InputStream = new ASN1InputStream(extensionValue);
            try {
                aSN1InputStream = new ASN1InputStream(aSN1InputStream.readObject().getOctets());
                try {
                    DistributionPoint[] distributionPoints = CRLDistPoint.getInstance(aSN1InputStream.readObject()).getDistributionPoints();
                    if (distributionPoints == null) {
                        Set<URI> emptySet = Collections.emptySet();
                        if (aSN1InputStream != null) {
                            aSN1InputStream.close();
                        }
                        return emptySet;
                    }
                    HashSet hashSet = new HashSet();
                    for (DistributionPoint distributionPoint : distributionPoints) {
                        DistributionPointName distributionPoint2 = distributionPoint.getDistributionPoint();
                        if (distributionPoint2 == null || distributionPoint2.getType() != 0) {
                            logger.warn("failed to get distribution point name");
                        } else {
                            for (GeneralName generalName : GeneralNames.getInstance(distributionPoint2.getName()).getNames()) {
                                if (generalName.getTagNo() == 6) {
                                    Optional<URI> parseURI = parseURI(DERIA5String.getInstance(generalName.getName()).getString());
                                    hashSet.getClass();
                                    parseURI.ifPresent((v1) -> {
                                        r1.add(v1);
                                    });
                                }
                            }
                        }
                    }
                    if (aSN1InputStream != null) {
                        aSN1InputStream.close();
                    }
                    if (aSN1InputStream != null) {
                        aSN1InputStream.close();
                    }
                    return hashSet;
                } finally {
                    if (aSN1InputStream != null) {
                        aSN1InputStream.close();
                    }
                }
            } catch (Throwable th2) {
                if (0 == 0) {
                    th = th2;
                } else if (null != th2) {
                    th.addSuppressed(th2);
                }
                if (aSN1InputStream != null) {
                    aSN1InputStream.close();
                }
                throw th;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }

    public static CompletableFuture<X509CRL> fetchCRL(Set<URI> set, ExecutorService executorService) {
        CompletableFuture<X509CRL> completableFuture = new CompletableFuture<>();
        executorService.execute(() -> {
            Iterator it = set.iterator();
            while (it.hasNext()) {
                URI uri = (URI) it.next();
                logger.info("fetching CRL from: {}...", uri);
                Throwable th = null;
                try {
                    try {
                        InputStream openConnection = openConnection(uri);
                        try {
                            X509CRL x509crl = (X509CRL) CertificateFactory.getInstance("X.509").generateCRL(openConnection);
                            logger.info("fetching CRL from: {}...done", uri);
                            completableFuture.complete(x509crl);
                            if (openConnection != null) {
                                openConnection.close();
                                return;
                            }
                            return;
                        } catch (Throwable th2) {
                            if (openConnection != null) {
                                openConnection.close();
                            }
                            throw th2;
                        }
                    } catch (Throwable th3) {
                        if (0 == 0) {
                            th = th3;
                        } else if (null != th3) {
                            th.addSuppressed(th3);
                        }
                        throw th;
                    }
                } catch (Exception e) {
                    logger.warn("failed to fetch CRL from {}", uri, e);
                    if (Thread.interrupted()) {
                        logger.warn("interrupted");
                        completableFuture.completeExceptionally(new InterruptedException());
                        return;
                    }
                }
            }
            completableFuture.completeExceptionally(new IOException("failed to download CRL from: " + set));
        });
        return completableFuture;
    }

    private static InputStream openConnection(URI uri) throws IOException {
        URLConnection openConnection = uri.toURL().openConnection();
        if (openConnection instanceof HttpURLConnection) {
            ((HttpURLConnection) openConnection).setRequestProperty("Accept", "*/*");
            ((HttpURLConnection) openConnection).setRequestProperty("Connection", "Close");
        }
        return openConnection.getInputStream();
    }

    private static Optional<URI> parseURI(String str) {
        try {
            return Optional.of(new URI(str));
        } catch (Exception e) {
            logger.warn("failed to parse distribution point URL", e);
            return Optional.empty();
        }
    }
}
