package org.cesecore.certificates.certificate;

import java.io.Serializable;
import java.math.BigInteger;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.util.Collection;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import javax.persistence.ColumnResult;
import javax.persistence.Entity;
import javax.persistence.EntityManager;
import javax.persistence.PostLoad;
import javax.persistence.PrePersist;
import javax.persistence.PreUpdate;
import javax.persistence.Query;
import javax.persistence.SqlResultSetMapping;
import javax.persistence.SqlResultSetMappings;
import javax.persistence.Table;
import javax.persistence.Transient;
import org.apache.log4j.Logger;
import org.cesecore.certificates.crl.RevokedCertInfo;
import org.cesecore.config.CesecoreConfiguration;
import org.cesecore.dbprotection.ProtectedData;
import org.cesecore.dbprotection.ProtectionStringBuilder;
import org.cesecore.keys.util.KeyTools;
import org.cesecore.util.Base64;
import org.cesecore.util.CertTools;
import org.cesecore.util.CompressedCollection;
import org.cesecore.util.QueryResultWrapper;
import org.cesecore.util.StringTools;
import org.cesecore.util.ValueExtractor;

@Table(name = "CertificateData")
@Entity
@SqlResultSetMappings({@SqlResultSetMapping(name = "RevokedCertInfoSubset", columns = {@ColumnResult(name = "fingerprint"), @ColumnResult(name = "serialNumber"), @ColumnResult(name = "expireDate"), @ColumnResult(name = "revocationDate"), @ColumnResult(name = "revocationReason")}), @SqlResultSetMapping(name = "CertificateInfoSubset", columns = {@ColumnResult(name = "issuerDN"), @ColumnResult(name = "subjectDN"), @ColumnResult(name = "cAFingerprint"), @ColumnResult(name = "status"), @ColumnResult(name = "type"), @ColumnResult(name = "serialNumber"), @ColumnResult(name = "expireDate"), @ColumnResult(name = "revocationDate"), @ColumnResult(name = "revocationReason"), @ColumnResult(name = "username"), @ColumnResult(name = "tag"), @ColumnResult(name = "certificateProfileId"), @ColumnResult(name = "updateTime"), @ColumnResult(name = "subjectKeyId")}), @SqlResultSetMapping(name = "CertificateInfoSubset2", columns = {@ColumnResult(name = "fingerprint"), @ColumnResult(name = "subjectDN"), @ColumnResult(name = "cAFingerprint"), @ColumnResult(name = "status"), @ColumnResult(name = "type"), @ColumnResult(name = "expireDate"), @ColumnResult(name = "revocationDate"), @ColumnResult(name = "revocationReason"), @ColumnResult(name = "username"), @ColumnResult(name = "tag"), @ColumnResult(name = "certificateProfileId"), @ColumnResult(name = "updateTime"), @ColumnResult(name = "subjectKeyId")}), @SqlResultSetMapping(name = "FingerprintUsernameSubset", columns = {@ColumnResult(name = "fingerprint"), @ColumnResult(name = "username")})})
/* loaded from: input_file:org/cesecore/certificates/certificate/CertificateData.class */
public class CertificateData extends ProtectedData implements Serializable {
    private static final long serialVersionUID = -8493105317760641442L;
    private static final Logger log = Logger.getLogger(CertificateData.class);
    private String issuerDN;
    private String subjectDN;
    private String cAFingerprint;
    private String serialNumber;
    private String base64Cert;
    private String username;
    private String tag;
    private Integer certificateProfileId;
    private String subjectKeyId;
    private String rowProtection;
    private String fingerprint = "";
    private int status = 0;
    private int type = 0;
    private long expireDate = 0;
    private long revocationDate = 0;
    private int revocationReason = 0;
    private long updateTime = 0;
    private int rowVersion = 0;

    public CertificateData(Certificate certificate, PublicKey publicKey, String str, String str2, int i, int i2, int i3, String str3, long j, boolean z) {
        if (!z) {
            try {
                setBase64Cert(new String(Base64.encode(certificate.getEncoded())));
            } catch (CertificateEncodingException e) {
                log.error("Can't extract DER encoded certificate information.", e);
                throw new RuntimeException("Can't extract DER encoded certificate information.");
            }
        }
        String fingerprintAsString = CertTools.getFingerprintAsString(certificate);
        setFingerprint(fingerprintAsString);
        setSubjectDN(CertTools.getSubjectDN(certificate));
        setIssuerDN(CertTools.getIssuerDN(certificate));
        if (log.isDebugEnabled()) {
            log.debug("Creating certdata, subject=" + getSubjectDN() + ", issuer=" + getIssuerDN() + ", fingerprint=" + fingerprintAsString);
        }
        setSerialNumber(CertTools.getSerialNumber(certificate).toString());
        setUsername(str);
        setStatus(i);
        setType(i2);
        setCaFingerprint(str2);
        setExpireDate(CertTools.getNotAfter(certificate));
        setRevocationDate(-1L);
        setRevocationReason(-1);
        setUpdateTime(Long.valueOf(j));
        setCertificateProfileId(Integer.valueOf(i3));
        String str4 = null;
        try {
            str4 = new String(Base64.encode(KeyTools.createSubjectKeyId(publicKey != null ? publicKey : certificate.getPublicKey()).getKeyIdentifier(), false));
        } catch (Exception e2) {
            log.warn("Error creating subjectKeyId for certificate with fingerprint '" + fingerprintAsString + ": ", e2);
        }
        setSubjectKeyId(str4);
        setTag(str3);
    }

    public CertificateData() {
    }

    public String getFingerprint() {
        return this.fingerprint;
    }

    public void setFingerprint(String str) {
        this.fingerprint = str;
    }

    public String getIssuerDN() {
        return this.issuerDN;
    }

    public void setIssuerDN(String str) {
        this.issuerDN = str;
    }

    public String getSubjectDN() {
        return this.subjectDN;
    }

    public void setSubjectDN(String str) {
        this.subjectDN = str;
    }

    public String getCaFingerprint() {
        return this.cAFingerprint;
    }

    public void setCaFingerprint(String str) {
        this.cAFingerprint = str;
    }

    public int getStatus() {
        return this.status;
    }

    public void setStatus(int i) {
        this.status = i;
    }

    public int getType() {
        return this.type;
    }

    public void setType(int i) {
        this.type = i;
    }

    public String getSerialNumber() {
        return this.serialNumber;
    }

    public void setSerialNumber(String str) {
        this.serialNumber = str;
    }

    public long getExpireDate() {
        return this.expireDate;
    }

    public void setExpireDate(long j) {
        this.expireDate = j;
    }

    public long getRevocationDate() {
        return this.revocationDate;
    }

    public void setRevocationDate(long j) {
        this.revocationDate = j;
    }

    public int getRevocationReason() {
        return this.revocationReason;
    }

    public void setRevocationReason(int i) {
        this.revocationReason = i;
    }

    public String getBase64Cert() {
        return this.base64Cert;
    }

    public void setBase64Cert(String str) {
        this.base64Cert = str;
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = StringTools.stripUsername(str);
    }

    public String getTag() {
        return this.tag;
    }

    public void setTag(String str) {
        this.tag = str;
    }

    public Integer getCertificateProfileId() {
        return this.certificateProfileId;
    }

    public void setCertificateProfileId(Integer num) {
        this.certificateProfileId = num;
    }

    public Long getUpdateTime() {
        return Long.valueOf(this.updateTime);
    }

    public void setUpdateTime(Long l) {
        this.updateTime = l == null ? this.updateTime : l.longValue();
    }

    public String getSubjectKeyId() {
        return this.subjectKeyId;
    }

    public void setSubjectKeyId(String str) {
        this.subjectKeyId = str;
    }

    public int getRowVersion() {
        return this.rowVersion;
    }

    public void setRowVersion(int i) {
        this.rowVersion = i;
    }

    @Override // org.cesecore.dbprotection.ProtectedData
    public String getRowProtection() {
        return this.rowProtection;
    }

    @Override // org.cesecore.dbprotection.ProtectedData
    public void setRowProtection(String str) {
        this.rowProtection = str;
    }

    private String getBase64Cert(EntityManager entityManager) {
        if (this.base64Cert != null && this.base64Cert.length() > 0) {
            return this.base64Cert;
        }
        Base64CertData findByFingerprint = Base64CertData.findByFingerprint(entityManager, this.fingerprint);
        if (findByFingerprint != null) {
            return findByFingerprint.getBase64Cert();
        }
        log.info("No certificate found with fingerprint " + this.fingerprint + " for '" + this.subjectDN + "' issued by '" + this.issuerDN + "'.");
        return null;
    }

    @Transient
    public Certificate getCertificate(EntityManager entityManager) {
        try {
            String base64Cert = getBase64Cert(entityManager);
            if (base64Cert != null && !base64Cert.isEmpty()) {
                return CertTools.getCertfromByteArray(Base64.decode(base64Cert.getBytes()));
            }
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug("Certificate data was null or empty. Fingerprint of certificate: " + this.fingerprint);
            return null;
        } catch (CertificateException e) {
            log.error("Can't decode certificate.", e);
            return null;
        }
    }

    public void setIssuer(String str) {
        setIssuerDN(CertTools.stringToBCDNString(str));
    }

    public void setSubject(String str) {
        setSubjectDN(CertTools.stringToBCDNString(str));
    }

    public void setExpireDate(Date date) {
        if (date == null) {
            setExpireDate(-1L);
        } else {
            setExpireDate(date.getTime());
        }
    }

    public void setRevocationDate(Date date) {
        if (date == null) {
            setRevocationDate(-1L);
        } else {
            setRevocationDate(date.getTime());
        }
    }

    public boolean equals(Object obj) {
        if (obj instanceof CertificateData) {
            return equals((CertificateData) obj, true);
        }
        return false;
    }

    public boolean equals(CertificateData certificateData, boolean z, boolean z2) {
        return z ? equalsNonSensitive(certificateData, z2) : equals(certificateData, z2);
    }

    private boolean equals(CertificateData certificateData, boolean z) {
        if (!equalsNonSensitive(certificateData, z)) {
            return false;
        }
        if (this.base64Cert == null && certificateData.base64Cert == null) {
            return true;
        }
        return (this.base64Cert == null || certificateData.base64Cert == null || !this.base64Cert.equals(certificateData.base64Cert)) ? false : true;
    }

    private boolean equalsNonSensitive(CertificateData certificateData, boolean z) {
        if (!this.issuerDN.equals(certificateData.issuerDN) || !this.subjectDN.equals(certificateData.subjectDN) || !this.fingerprint.equals(certificateData.fingerprint) || !this.cAFingerprint.equals(certificateData.cAFingerprint) || !equalsStatus(certificateData, z) || this.type != certificateData.type || !this.serialNumber.equals(certificateData.serialNumber) || this.expireDate != certificateData.expireDate || this.revocationDate != certificateData.revocationDate || this.revocationReason != certificateData.revocationReason || !this.username.equals(certificateData.username)) {
            return false;
        }
        if (this.tag == null && certificateData.tag != null) {
            return false;
        }
        if (this.tag != null && !this.tag.equals(certificateData.tag)) {
            return false;
        }
        if (this.certificateProfileId != null || certificateData.certificateProfileId == null) {
            return (this.certificateProfileId == null || this.certificateProfileId.equals(certificateData.certificateProfileId)) && this.updateTime == certificateData.updateTime;
        }
        return false;
    }

    public boolean equalsStatus(CertificateData certificateData, boolean z) {
        if (z) {
            return this.status == certificateData.status;
        }
        if (this.status == certificateData.status) {
            return true;
        }
        if ((this.status == 20 || this.status == 21) && (certificateData.status == 20 || certificateData.status == 21)) {
            return true;
        }
        if (this.status == 40 || this.status == 60) {
            return certificateData.status == 40 || certificateData.status == 60;
        }
        return false;
    }

    public void updateWith(CertificateData certificateData, boolean z) {
        this.issuerDN = certificateData.issuerDN;
        this.subjectDN = certificateData.subjectDN;
        this.fingerprint = certificateData.fingerprint;
        this.cAFingerprint = certificateData.cAFingerprint;
        this.status = certificateData.status;
        this.type = certificateData.type;
        this.serialNumber = certificateData.serialNumber;
        this.expireDate = certificateData.expireDate;
        this.revocationDate = certificateData.revocationDate;
        this.revocationReason = certificateData.revocationReason;
        setUsername(certificateData.username);
        this.tag = certificateData.tag;
        this.certificateProfileId = certificateData.certificateProfileId;
        this.updateTime = certificateData.updateTime;
        this.base64Cert = z ? null : certificateData.base64Cert;
    }

    public static CertificateData findByFingerprint(EntityManager entityManager, String str) {
        return (CertificateData) entityManager.find(CertificateData.class, str);
    }

    public static List<CertificateData> findBySubjectDNAndIssuerDN(EntityManager entityManager, String str, String str2) {
        Query createQuery = entityManager.createQuery("SELECT a FROM CertificateData a WHERE a.subjectDN=:subjectDN AND a.issuerDN=:issuerDN");
        createQuery.setParameter("subjectDN", str);
        createQuery.setParameter("issuerDN", str2);
        return createQuery.getResultList();
    }

    public static Set<String> findUsernamesBySubjectDNAndIssuerDN(EntityManager entityManager, String str, String str2) {
        Query createQuery = entityManager.createQuery("SELECT a.username FROM CertificateData a WHERE a.subjectDN=:subjectDN AND a.issuerDN=:issuerDN");
        createQuery.setParameter("subjectDN", str);
        createQuery.setParameter("issuerDN", str2);
        return new HashSet(createQuery.getResultList());
    }

    public static List<CertificateData> findBySubjectDN(EntityManager entityManager, String str) {
        Query createQuery = entityManager.createQuery("SELECT a FROM CertificateData a WHERE a.subjectDN=:subjectDN");
        createQuery.setParameter("subjectDN", str);
        return createQuery.getResultList();
    }

    public static List<CertificateData> findBySerialNumber(EntityManager entityManager, String str) {
        Query createQuery = entityManager.createQuery("SELECT a FROM CertificateData a WHERE a.serialNumber=:serialNumber");
        createQuery.setParameter("serialNumber", str);
        return createQuery.getResultList();
    }

    public static List<CertificateData> findByIssuerDNSerialNumber(EntityManager entityManager, String str, String str2) {
        Query createQuery = entityManager.createQuery("SELECT a FROM CertificateData a WHERE a.issuerDN=:issuerDN AND a.serialNumber=:serialNumber");
        createQuery.setParameter("issuerDN", str);
        createQuery.setParameter("serialNumber", str2);
        return createQuery.getResultList();
    }

    public static CertificateInfo findFirstCertificateInfo(EntityManager entityManager, String str, String str2) {
        CertificateInfo certificateInfo = null;
        Query createNativeQuery = entityManager.createNativeQuery("SELECT a.fingerprint, a.subjectDN, a.cAFingerprint, a.status, a.type, a.serialNumber, a.expireDate, a.revocationDate, a.revocationReason, a.username, a.tag, a.certificateProfileId, a.updateTime, a.subjectKeyId FROM CertificateData a WHERE a.issuerDN=:issuerDN AND a.serialNumber=:serialNumber", "CertificateInfoSubset2");
        createNativeQuery.setParameter("issuerDN", str);
        createNativeQuery.setParameter("serialNumber", str2);
        createNativeQuery.setMaxResults(1);
        List resultList = createNativeQuery.getResultList();
        if (!resultList.isEmpty()) {
            Object[] objArr = (Object[]) resultList.get(0);
            certificateInfo = new CertificateInfo((String) objArr[0], (String) objArr[2], str2, str, (String) objArr[1], ValueExtractor.extractIntValue(objArr[3]), ValueExtractor.extractIntValue(objArr[4]), ValueExtractor.extractLongValue(objArr[5]), ValueExtractor.extractLongValue(objArr[6]), ValueExtractor.extractIntValue(objArr[7]), (String) objArr[8], (String) objArr[9], ValueExtractor.extractIntValue(objArr[10]), objArr[11] == null ? 0L : ValueExtractor.extractLongValue(objArr[11]), (String) objArr[12]);
        }
        return certificateInfo;
    }

    public static String findLastUsernameByIssuerDNSerialNumber(EntityManager entityManager, String str, String str2) {
        Query createQuery = entityManager.createQuery("SELECT a.username FROM CertificateData a WHERE a.issuerDN=:issuerDN AND a.serialNumber=:serialNumber");
        createQuery.setParameter("issuerDN", str);
        createQuery.setParameter("serialNumber", str2);
        return (String) QueryResultWrapper.getLastResult(createQuery);
    }

    public static List<CertificateData> findByUsernameOrdered(EntityManager entityManager, String str) {
        Query createQuery = entityManager.createQuery("SELECT a FROM CertificateData a WHERE a.username=:username ORDER BY a.expireDate DESC, a.serialNumber DESC");
        createQuery.setParameter("username", str);
        return createQuery.getResultList();
    }

    public static List<CertificateData> findByUsernameAndStatus(EntityManager entityManager, String str, int i) {
        Query createQuery = entityManager.createQuery("SELECT a FROM CertificateData a WHERE a.username=:username AND a.status=:status ORDER BY a.expireDate DESC, a.serialNumber DESC");
        createQuery.setParameter("username", str);
        createQuery.setParameter("status", Integer.valueOf(i));
        return createQuery.getResultList();
    }

    public static Set<String> findUsernamesByIssuerDNAndSubjectKeyId(EntityManager entityManager, String str, String str2) {
        Query createQuery = entityManager.createQuery("SELECT a.username FROM CertificateData a WHERE a.issuerDN=:issuerDN AND a.subjectKeyId=:subjectKeyId");
        createQuery.setParameter("issuerDN", str);
        createQuery.setParameter("subjectKeyId", str2);
        return new HashSet(createQuery.getResultList());
    }

    public static final String findUsernameByIssuerDnAndSerialNumber(EntityManager entityManager, String str, String str2) {
        Query createQuery = entityManager.createQuery("SELECT a.username FROM CertificateData a WHERE a.issuerDN=:issuerDN AND a.serialNumber=:serialNumber");
        createQuery.setParameter("issuerDN", str);
        createQuery.setParameter("serialNumber", str2);
        return (String) createQuery.getSingleResult();
    }

    public static Set<String> findUsernamesBySubjectKeyIdOrDnAndIssuer(EntityManager entityManager, String str, String str2, String str3) {
        Query createQuery = entityManager.createQuery("SELECT a.username FROM CertificateData a WHERE (a.subjectKeyId=:subjectKeyId OR a.subjectDN=:subjectDN) AND a.issuerDN=:issuerDN");
        createQuery.setParameter("issuerDN", str);
        createQuery.setParameter("subjectKeyId", str2);
        createQuery.setParameter("subjectDN", str3);
        return new HashSet(createQuery.getResultList());
    }

    public static List<String> findFingerprintsByIssuerDN(EntityManager entityManager, String str) {
        Query createQuery = entityManager.createQuery("SELECT a.fingerprint FROM CertificateData a WHERE a.issuerDN=:issuerDN");
        createQuery.setParameter("issuerDN", str);
        return createQuery.getResultList();
    }

    public static List<CertificateData> getNextBatch(EntityManager entityManager, int i, String str, int i2) {
        Query createQuery = entityManager.createQuery("SELECT a FROM CertificateData a WHERE a.fingerprint>:currentFingerprint AND a.certificateProfileId=:certificateProfileId ORDER BY a.fingerprint ASC");
        createQuery.setParameter("certificateProfileId", Integer.valueOf(i));
        createQuery.setParameter("currentFingerprint", str);
        createQuery.setMaxResults(i2);
        return createQuery.getResultList();
    }

    public static List<CertificateData> getNextBatch(EntityManager entityManager, String str, int i) {
        Query createQuery = entityManager.createQuery("SELECT a FROM CertificateData a WHERE a.fingerprint>:currentFingerprint ORDER BY a.fingerprint ASC");
        createQuery.setParameter("currentFingerprint", str);
        createQuery.setMaxResults(i);
        return createQuery.getResultList();
    }

    public static long getCount(EntityManager entityManager, int i) {
        Query createQuery = entityManager.createQuery("SELECT COUNT(a) FROM CertificateData a WHERE a.certificateProfileId=:certificateProfileId");
        createQuery.setParameter("certificateProfileId", Integer.valueOf(i));
        return ((Long) createQuery.getSingleResult()).longValue();
    }

    public static long getCount(EntityManager entityManager) {
        return ((Long) entityManager.createQuery("SELECT COUNT(a) FROM CertificateData a").getSingleResult()).longValue();
    }

    public static List<Integer> getUsedCertificateProfileIds(EntityManager entityManager) {
        return entityManager.createQuery("SELECT DISTINCT a.certificateProfileId FROM CertificateData a ORDER BY a.certificateProfileId").getResultList();
    }

    public static Collection<RevokedCertInfo> getRevokedCertInfos(EntityManager entityManager, String str, long j) {
        Query createNativeQuery;
        if (j > 0) {
            createNativeQuery = entityManager.createNativeQuery("SELECT a.fingerprint, a.serialNumber, a.expireDate, a.revocationDate, a.revocationReason FROM CertificateData a WHERE a.issuerDN=:issuerDN AND a.revocationDate>:revocationDate AND (a.status=:status1 OR (a.status=:status2 AND a.revocationReason=:revocationReason))", "RevokedCertInfoSubset");
            createNativeQuery.setParameter("issuerDN", str);
            createNativeQuery.setParameter("revocationDate", Long.valueOf(j));
            createNativeQuery.setParameter("status1", 40);
            createNativeQuery.setParameter("status2", 20);
            createNativeQuery.setParameter("revocationReason", 8);
        } else {
            createNativeQuery = entityManager.createNativeQuery("SELECT a.fingerprint, a.serialNumber, a.expireDate, a.revocationDate, a.revocationReason FROM CertificateData a WHERE a.issuerDN=:issuerDN AND a.status=:status", "RevokedCertInfoSubset");
            createNativeQuery.setParameter("issuerDN", str);
            createNativeQuery.setParameter("status", 40);
        }
        int databaseRevokedCertInfoFetchSize = CesecoreConfiguration.getDatabaseRevokedCertInfoFetchSize();
        createNativeQuery.setMaxResults(databaseRevokedCertInfoFetchSize);
        int i = 0;
        CompressedCollection compressedCollection = new CompressedCollection();
        while (true) {
            createNativeQuery.setFirstResult(i);
            List<Object[]> resultList = createNativeQuery.getResultList();
            if (resultList.size() == 0) {
                compressedCollection.closeForWrite();
                return compressedCollection;
            }
            if (log.isDebugEnabled()) {
                log.debug("Read batch of " + resultList.size() + " RevokedCertInfo.");
            }
            for (Object[] objArr : resultList) {
                compressedCollection.add(new RevokedCertInfo(((String) objArr[0]).getBytes(), new BigInteger((String) objArr[1]).toByteArray(), ValueExtractor.extractLongValue(objArr[3]), ValueExtractor.extractIntValue(objArr[4]), ValueExtractor.extractLongValue(objArr[2])));
            }
            i += databaseRevokedCertInfoFetchSize;
        }
    }

    public static List<CertificateData> findByExpireDateWithLimit(EntityManager entityManager, long j) {
        Query createQuery = entityManager.createQuery("SELECT a FROM CertificateData a WHERE a.expireDate<:expireDate AND (a.status=:status1 OR a.status=:status2)");
        createQuery.setParameter("expireDate", Long.valueOf(j));
        createQuery.setParameter("status1", 20);
        createQuery.setParameter("status2", 21);
        createQuery.setMaxResults(500);
        return createQuery.getResultList();
    }

    public static List<String> findUsernamesByExpireTimeWithLimit(EntityManager entityManager, long j, long j2) {
        Query createQuery = entityManager.createQuery("SELECT DISTINCT a.username FROM CertificateData a WHERE a.expireDate>=:minExpireTime AND a.expireDate<:maxExpireTime AND (a.status=:status1 OR a.status=:status2) AND a.username IS NOT NULL");
        createQuery.setParameter("minExpireTime", Long.valueOf(j));
        createQuery.setParameter("maxExpireTime", Long.valueOf(j2));
        createQuery.setParameter("status1", 20);
        createQuery.setParameter("status2", 21);
        createQuery.setMaxResults(500);
        return createQuery.getResultList();
    }

    public static List<Certificate> getCertificateList(List<CertificateData> list, EntityManager entityManager) {
        LinkedList linkedList = new LinkedList();
        Iterator<CertificateData> it = list.iterator();
        while (it.hasNext()) {
            Certificate certificate = it.next().getCertificate(entityManager);
            if (certificate != null) {
                linkedList.add(certificate);
            }
        }
        return linkedList;
    }

    public static List<Certificate> findCertificatesByIssuerDnAndSerialNumbers(EntityManager entityManager, String str, Collection<BigInteger> collection) {
        StringBuilder sb = new StringBuilder();
        for (BigInteger bigInteger : collection) {
            sb.append(", '");
            sb.append(bigInteger.toString());
            sb.append("'");
        }
        sb.delete(0, ", ".length());
        Query createQuery = entityManager.createQuery("SELECT a FROM CertificateData a WHERE a.issuerDN=:issuerDN AND a.serialNumber IN (" + sb.toString() + ")");
        createQuery.setParameter("issuerDN", str);
        return getCertificateList(createQuery.getResultList(), entityManager);
    }

    public static CertificateInfo getCertificateInfo(EntityManager entityManager, String str) {
        CertificateInfo certificateInfo = null;
        Query createNativeQuery = entityManager.createNativeQuery("SELECT a.issuerDN, a.subjectDN, a.cAFingerprint, a.status, a.type, a.serialNumber, a.expireDate, a.revocationDate, a.revocationReason, a.username, a.tag, a.certificateProfileId, a.updateTime, a.subjectKeyId FROM CertificateData a WHERE a.fingerprint=:fingerprint", "CertificateInfoSubset");
        createNativeQuery.setParameter("fingerprint", str);
        List resultList = createNativeQuery.getResultList();
        if (!resultList.isEmpty()) {
            Object[] objArr = (Object[]) resultList.get(0);
            String str2 = (String) objArr[0];
            String str3 = (String) objArr[1];
            certificateInfo = new CertificateInfo(str, (String) objArr[2], (String) objArr[5], str2, str3, ValueExtractor.extractIntValue(objArr[3]), ValueExtractor.extractIntValue(objArr[4]), ValueExtractor.extractLongValue(objArr[6]), ValueExtractor.extractLongValue(objArr[7]), ValueExtractor.extractIntValue(objArr[8]), (String) objArr[9], (String) objArr[10], ValueExtractor.extractIntValue(objArr[11]), objArr[12] == null ? 0L : ValueExtractor.extractLongValue(objArr[12]), (String) objArr[13]);
        }
        return certificateInfo;
    }

    public static List<CertificateData> findAllNonRevokedCertificates(EntityManager entityManager, String str, int i, int i2) {
        Query createQuery = entityManager.createQuery("SELECT a FROM CertificateData a WHERE a.issuerDN=:issuerDN AND a.status <> :status");
        createQuery.setParameter("issuerDN", str);
        createQuery.setParameter("status", 40);
        createQuery.setFirstResult(i);
        createQuery.setMaxResults(i2);
        return createQuery.getResultList();
    }

    public static List<Certificate> findActiveCertificatesByType(EntityManager entityManager, Collection<Integer> collection) {
        Query createQuery = entityManager.createQuery("SELECT a FROM CertificateData a WHERE (a.status=:status1 or a.status=:status2) AND a.type IN (:ctypes)");
        createQuery.setParameter("status1", 20);
        createQuery.setParameter("status2", 21);
        createQuery.setParameter("ctypes", collection);
        return getCertificateList(createQuery.getResultList(), entityManager);
    }

    public static List<Certificate> findActiveCertificatesByTypeAndIssuer(EntityManager entityManager, Collection<Integer> collection, String str) {
        Query createQuery = entityManager.createQuery("SELECT a FROM CertificateData a WHERE (a.status=:status1 or a.status=:status2) AND a.type IN (:ctypes) AND a.issuerDN=:issuerDN");
        createQuery.setParameter("ctypes", collection);
        createQuery.setParameter("status1", 20);
        createQuery.setParameter("status2", 21);
        createQuery.setParameter("issuerDN", str);
        return getCertificateList(createQuery.getResultList(), entityManager);
    }

    public static List<Object[]> findExpirationInfo(EntityManager entityManager, Collection<String> collection, Collection<Integer> collection2, long j, long j2, long j3) {
        Query createNativeQuery = entityManager.createNativeQuery("SELECT DISTINCT fingerprint, username FROM CertificateData WHERE issuerDN IN (:cas) AND " + (!collection2.isEmpty() ? "certificateProfileId IN (:certificateProfiles) AND" : "") + "(expireDate>:activeNotifiedExpireDateMin) AND (expireDate<:activeNotifiedExpireDateMax) AND (status=:status1 OR status=:status2) AND (expireDate>=:activeExpireDateMin OR status=:status3)", "FingerprintUsernameSubset");
        createNativeQuery.setParameter("cas", collection);
        if (!collection2.isEmpty()) {
            createNativeQuery.setParameter("certificateProfiles", collection2);
        }
        createNativeQuery.setParameter("activeNotifiedExpireDateMin", Long.valueOf(j));
        createNativeQuery.setParameter("activeNotifiedExpireDateMax", Long.valueOf(j2));
        createNativeQuery.setParameter("status1", 20);
        createNativeQuery.setParameter("status2", 21);
        createNativeQuery.setParameter("activeExpireDateMin", Long.valueOf(j3));
        createNativeQuery.setParameter("status3", 20);
        return createNativeQuery.getResultList();
    }

    @Override // org.cesecore.dbprotection.ProtectedData
    @Transient
    protected String getProtectString(int i) {
        ProtectionStringBuilder protectionStringBuilder = new ProtectionStringBuilder(3000);
        protectionStringBuilder.append(getFingerprint()).append(getIssuerDN()).append(getSubjectDN()).append(getCaFingerprint()).append(Integer.valueOf(getStatus())).append(Integer.valueOf(getType())).append(getSerialNumber()).append(Long.valueOf(getExpireDate())).append(Long.valueOf(getRevocationDate())).append(Integer.valueOf(getRevocationReason())).append(getBase64Cert()).append(getUsername()).append(getTag()).append(getCertificateProfileId()).append(getUpdateTime()).append(getSubjectKeyId());
        if (log.isDebugEnabled() && protectionStringBuilder.length() > 3000) {
            log.debug("CertificateData.getProtectString gives size: " + protectionStringBuilder.length());
        }
        return protectionStringBuilder.toString();
    }

    @Override // org.cesecore.dbprotection.ProtectedData
    @Transient
    protected int getProtectVersion() {
        return 1;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.cesecore.dbprotection.ProtectedData
    @PreUpdate
    @PrePersist
    public void protectData() {
        super.protectData();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.cesecore.dbprotection.ProtectedData
    @PostLoad
    public void verifyData() {
        super.verifyData();
    }

    @Override // org.cesecore.dbprotection.ProtectedData
    @Transient
    protected String getRowId() {
        return getFingerprint();
    }
}
