package com.ftc.gss;

import com.ftc.tools.Cfg;
import com.ftc.tools.Syslog;
import java.util.Hashtable;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.TimeLimitExceededException;
import javax.naming.directory.Attribute;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

/* loaded from: input_file:com/ftc/gss/SKSRetriever.class */
public class SKSRetriever {
    private static String URL = "ldap://ca.ftc.ru:389/ou=CAs,o=CFT,c=RU";

    public static Hashtable getCRL(String str) {
        Syslog.dbg(5, new StringBuffer().append("SKSRetriever::getCRL <- issuer=").append(str).append(":").toString());
        Hashtable hashtable = new Hashtable();
        Hashtable hashtable2 = new Hashtable(11);
        hashtable2.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable2.put("java.naming.provider.url", new StringBuffer().append(Cfg.getProperty("ldapURL", URL)).append(str).toString());
        hashtable2.put("java.naming.security.authentication", "simple");
        hashtable2.put("java.naming.security.principal", Cfg.getProperty("ldapUser"));
        hashtable2.put("java.naming.security.credentials", Cfg.getProperty("ldapPassword"));
        try {
            InitialDirContext initialDirContext = new InitialDirContext(hashtable2);
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(0);
            int i = 5000;
            try {
                i = Integer.parseInt(Cfg.getProperty("ldap_timeout", "5")) * 1000;
            } catch (NumberFormatException e) {
            }
            searchControls.setTimeLimit(i);
            searchControls.setReturningAttributes(new String[]{"crlsignature", "certificaterevocationlist"});
            NamingEnumeration search = initialDirContext.search("", "(objectClass={0})", new String[]{"certificationAuthority"}, searchControls);
            if (!search.hasMore()) {
                return hashtable;
            }
            NamingEnumeration all = ((SearchResult) search.next()).getAttributes().getAll();
            while (all.hasMore()) {
                Attribute attribute = (Attribute) all.next();
                if (attribute.getID().equals("crlsignature")) {
                    Object obj = attribute.get();
                    if (obj instanceof String) {
                        Syslog.dbg(6, "SKSRetriever::getCRL:crlsig=STRING");
                        hashtable.put("crlsignature", ((String) obj).getBytes());
                    }
                    if (attribute.get() instanceof byte[]) {
                        Syslog.dbg(6, "SKSRetriever::getCRL:crlsig=ARRAY");
                        hashtable.put("crlsignature", obj);
                    }
                }
                if (attribute.getID().equals("certificaterevocationlist")) {
                    Syslog.dbg(6, new StringBuffer().append("SKSRetriever::getCRL:Found ").append(attribute.size()).append(" values.").toString());
                    String[] strArr = new String[attribute.size()];
                    int i2 = 0;
                    NamingEnumeration all2 = attribute.getAll();
                    while (all2.hasMore()) {
                        Object next = all2.next();
                        if (next instanceof String) {
                            strArr[i2] = (String) next;
                            Syslog.dbg(6, new StringBuffer().append("SKSRetriever::getCRL:crl=STRING:").append(strArr[i2]).toString());
                        }
                        if (next instanceof byte[]) {
                            strArr[i2] = new String((byte[]) next);
                            Syslog.dbg(6, new StringBuffer().append("SKSRetriever::getCRL:crl=ARRAY:").append(strArr[i2]).toString());
                        }
                        i2++;
                    }
                    hashtable.put("certificaterevocationlist", strArr);
                }
            }
            initialDirContext.close();
            return hashtable;
        } catch (NamingException e2) {
            Syslog.err(new StringBuffer().append("SKSRetriever::getCRL: SECURITY ALERT !!!:Can't get CRL: ").append(e2).toString());
            e2.printStackTrace();
            return hashtable;
        } catch (TimeLimitExceededException e3) {
            Syslog.wrn("SKSRetriever::getCRL:time limit exceeded.");
            return hashtable;
        }
    }
}
