package eu.europa.esig.dss.spi.x509;

import eu.europa.esig.dss.enumerations.CertificateSourceType;
import eu.europa.esig.dss.model.Digest;
import eu.europa.esig.dss.model.identifier.EntityIdentifier;
import eu.europa.esig.dss.model.x509.CertificateToken;
import eu.europa.esig.dss.model.x509.X500PrincipalHelper;
import eu.europa.esig.dss.spi.DSSASN1Utils;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/spi/x509/CommonCertificateSource.class */
public class CommonCertificateSource implements CertificateSource {
    private static final long serialVersionUID = -5031898106342793626L;
    private static final Logger LOG = LoggerFactory.getLogger(CommonCertificateSource.class);
    protected final transient CertificateTokenRefMatcher certificateMatcher = new CertificateTokenRefMatcher();
    private Map<EntityIdentifier, CertificateSourceEntity> entriesByPublicKeyHash = new HashMap();
    private Map<Map<String, String>, Set<CertificateToken>> tokensBySubject = new HashMap();

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public CertificateToken addCertificate(CertificateToken certificateToken) {
        Objects.requireNonNull(certificateToken, "The certificate must be filled");
        if (LOG.isTraceEnabled()) {
            LOG.trace("Certificate to add: {} | {}", certificateToken.getIssuerX500Principal(), certificateToken.getSerialNumber());
        }
        synchronized (this.entriesByPublicKeyHash) {
            EntityIdentifier entityKey = certificateToken.getEntityKey();
            CertificateSourceEntity certificateSourceEntity = this.entriesByPublicKeyHash.get(entityKey);
            if (certificateSourceEntity == null) {
                LOG.trace("Public key {} is not in the pool", entityKey);
                this.entriesByPublicKeyHash.put(entityKey, new CertificateSourceEntity(certificateToken));
            } else {
                LOG.trace("Public key {} is already in the pool", entityKey);
                certificateSourceEntity.addEquivalentCertificate(certificateToken);
            }
        }
        synchronized (this.tokensBySubject) {
            this.tokensBySubject.computeIfAbsent(DSSASN1Utils.get(certificateToken.getSubject().getPrincipal()), map -> {
                return new HashSet();
            }).add(certificateToken);
        }
        return certificateToken;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void reset() {
        this.entriesByPublicKeyHash = new HashMap();
        this.tokensBySubject = new HashMap();
    }

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public boolean isKnown(CertificateToken certificateToken) {
        return this.entriesByPublicKeyHash.get(certificateToken.getEntityKey()) != null;
    }

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public List<CertificateToken> getCertificates() {
        ArrayList arrayList = new ArrayList();
        Iterator<CertificateSourceEntity> it = this.entriesByPublicKeyHash.values().iterator();
        while (it.hasNext()) {
            arrayList.addAll(it.next().getEquivalentCertificates());
        }
        return Collections.unmodifiableList(arrayList);
    }

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public List<CertificateSourceEntity> getEntities() {
        return new ArrayList(this.entriesByPublicKeyHash.values());
    }

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public Set<CertificateToken> getByPublicKey(PublicKey publicKey) {
        CertificateSourceEntity certificateSourceEntity = this.entriesByPublicKeyHash.get(new EntityIdentifier(publicKey));
        return certificateSourceEntity != null ? certificateSourceEntity.getEquivalentCertificates() : Collections.emptySet();
    }

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public Set<CertificateToken> getBySki(byte[] bArr) {
        for (CertificateSourceEntity certificateSourceEntity : this.entriesByPublicKeyHash.values()) {
            if (Arrays.equals(certificateSourceEntity.getSki(), bArr)) {
                return certificateSourceEntity.getEquivalentCertificates();
            }
        }
        return Collections.emptySet();
    }

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public Set<CertificateToken> getBySubject(X500PrincipalHelper x500PrincipalHelper) {
        Set<CertificateToken> set = this.tokensBySubject.get(DSSASN1Utils.get(x500PrincipalHelper.getPrincipal()));
        return set != null ? set : Collections.emptySet();
    }

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public Set<CertificateToken> getBySignerIdentifier(SignerIdentifier signerIdentifier) {
        HashSet hashSet = new HashSet();
        Iterator<CertificateSourceEntity> it = this.entriesByPublicKeyHash.values().iterator();
        while (it.hasNext()) {
            for (CertificateToken certificateToken : it.next().getEquivalentCertificates()) {
                if (signerIdentifier.isRelatedToCertificate(certificateToken)) {
                    hashSet.add(certificateToken);
                }
            }
        }
        return hashSet;
    }

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public Set<CertificateToken> getByCertificateDigest(Digest digest) {
        HashSet hashSet = new HashSet();
        Iterator<CertificateSourceEntity> it = this.entriesByPublicKeyHash.values().iterator();
        while (it.hasNext()) {
            for (CertificateToken certificateToken : it.next().getEquivalentCertificates()) {
                if (Arrays.equals(digest.getValue(), certificateToken.getDigest(digest.getAlgorithm()))) {
                    hashSet.add(certificateToken);
                }
            }
        }
        return hashSet;
    }

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public Set<CertificateToken> findTokensFromCertRef(CertificateRef certificateRef) {
        HashSet hashSet = new HashSet();
        Iterator<CertificateSourceEntity> it = this.entriesByPublicKeyHash.values().iterator();
        while (it.hasNext()) {
            for (CertificateToken certificateToken : it.next().getEquivalentCertificates()) {
                if (this.certificateMatcher.match(certificateToken, certificateRef)) {
                    hashSet.add(certificateToken);
                }
            }
        }
        return hashSet;
    }

    public int getNumberOfCertificates() {
        return getCertificates().size();
    }

    public int getNumberOfEntities() {
        return this.entriesByPublicKeyHash.size();
    }

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public CertificateSourceType getCertificateSourceType() {
        return CertificateSourceType.OTHER;
    }

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public boolean isTrusted(CertificateToken certificateToken) {
        return false;
    }

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public boolean isAllSelfSigned() {
        Iterator<CertificateToken> it = getCertificates().iterator();
        while (it.hasNext()) {
            if (!it.next().isSelfSigned()) {
                return false;
            }
        }
        return true;
    }

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public boolean isCertificateSourceEqual(CertificateSource certificateSource) {
        return new HashSet(getCertificates()).equals(new HashSet(certificateSource.getCertificates()));
    }

    @Override // eu.europa.esig.dss.spi.x509.CertificateSource
    public boolean isCertificateSourceEquivalent(CertificateSource certificateSource) {
        return new HashSet(getEntities()).equals(new HashSet(certificateSource.getEntities()));
    }
}
