package org.esteid.sk;

import java.io.ByteArrayInputStream;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Map;
import java.util.Set;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/esteid/sk/LDAP.class */
public final class LDAP {
    private static final Logger logger = LoggerFactory.getLogger(LDAP.class);
    private static final String server = "ldaps://esteid.ldap.sk.ee:636";

    public static Map<String, X509Certificate> query(String str) throws NamingException, CertificateException {
        logger.trace("Querying LDAP for " + str);
        HashMap hashMap = new HashMap();
        hashMap.putAll(queryServer("PNOEE-" + str, server));
        logger.trace("Returning " + hashMap.size() + " certificates for " + str);
        return hashMap;
    }

    private static Map<String, X509Certificate> queryServer(String str, String str2) throws NamingException, CertificateException {
        HashMap hashMap = new HashMap();
        LdapContext ldapContext = null;
        try {
            Hashtable hashtable = new Hashtable();
            hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
            hashtable.put("java.naming.provider.url", str2);
            ldapContext = new InitialLdapContext(hashtable, (Control[]) null);
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            NamingEnumeration search = ldapContext.search("'c=EE'", "(serialNumber=" + str + ")", searchControls);
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
            while (search.hasMoreElements()) {
                SearchResult searchResult = (SearchResult) search.nextElement();
                logger.trace("{} has {}", str, searchResult.getName());
                Attribute attribute = searchResult.getAttributes().get("userCertificate;binary");
                if (attribute == null) {
                    throw new NamingException("Result does not contain a certificate!?");
                }
                hashMap.put(searchResult.getName(), (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream((byte[]) attribute.get())));
            }
            if (ldapContext != null) {
                ldapContext.close();
            }
            return hashMap;
        } catch (Throwable th) {
            if (ldapContext != null) {
                ldapContext.close();
            }
            throw th;
        }
    }

    public static Set<X509Certificate> fetch(String str) throws CertificateException, NamingException {
        HashSet hashSet = new HashSet();
        hashSet.addAll(query(str).values());
        return hashSet;
    }
}
