package com.rsa.certj.provider.db;

import com.novell.ldap.LDAPAttribute;
import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPEntry;
import com.novell.ldap.LDAPException;
import com.novell.ldap.LDAPSearchConstraints;
import com.novell.ldap.LDAPSearchResults;
import com.rsa.certj.CertJ;
import com.rsa.certj.CertJUtils;
import com.rsa.certj.InvalidParameterException;
import com.rsa.certj.NotSupportedException;
import com.rsa.certj.Provider;
import com.rsa.certj.ProviderImplementation;
import com.rsa.certj.ProviderManagementException;
import com.rsa.certj.cert.AttributeValueAssertion;
import com.rsa.certj.cert.CRL;
import com.rsa.certj.cert.Certificate;
import com.rsa.certj.cert.NameException;
import com.rsa.certj.cert.X500Name;
import com.rsa.certj.cert.X509CRL;
import com.rsa.certj.cert.X509Certificate;
import com.rsa.certj.cert.X509V3Extensions;
import com.rsa.certj.spi.db.DatabaseException;
import com.rsa.certj.spi.db.DatabaseInterface;
import com.rsa.jsafe.JSAFE_PrivateKey;
import com.rsa.jsafe.JSAFE_PublicKey;
import java.util.Date;
import java.util.Enumeration;
import java.util.StringTokenizer;
import java.util.Vector;

/* loaded from: input_file:com/rsa/certj/provider/db/LDAPDatabase.class */
public final class LDAPDatabase extends Provider {
    private static final int CERT_TYPE = 0;
    private static final int CRL_TYPE = 1;
    private LDAPConfiguration configuration;
    private String userDN;
    private String password;
    private String[] certAttrs;
    private String[] crlAttrs;
    private String certAttrFilter;
    private String crlAttrFilter;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/rsa/certj/provider/db/LDAPDatabase$b.class */
    public final class b extends ProviderImplementation implements DatabaseInterface {
        private LDAPConnection b;
        private a c;
        private a d;
        private final Object e;
        private final Object f;

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: input_file:com/rsa/certj/provider/db/LDAPDatabase$b$a.class */
        public final class a implements Enumeration {
            private int b;
            private Vector c;

            private a(String str, String str2, String[] strArr, int i) throws DatabaseException {
                if (str == null) {
                    throw new DatabaseException("LDAPDatabase$Iterator.Iterator: searchRoot can not be null to perform iteration operations.");
                }
                this.c = LDAPDatabase.this.exhaustiveSearch(b.this.b, str2, strArr, i);
                this.b = 0;
            }

            @Override // java.util.Enumeration
            public boolean hasMoreElements() {
                return this.b < this.c.size();
            }

            @Override // java.util.Enumeration
            public Object nextElement() {
                if (!hasMoreElements()) {
                    return null;
                }
                Vector vector = this.c;
                int i = this.b;
                this.b = i + 1;
                return vector.elementAt(i);
            }
        }

        private b(CertJ certJ, String str) throws InvalidParameterException {
            super(certJ, str);
            this.e = new Object();
            this.f = new Object();
            this.c = null;
            this.d = null;
            this.b = new LDAPConnection();
        }

        @Override // com.rsa.certj.ProviderImplementation
        public void unregister() {
            try {
                b();
            } catch (Exception e) {
            }
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public void insertCertificate(Certificate certificate) throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.insertCertificate: LDAP database is read-only.");
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public void insertCRL(CRL crl) throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.insertCRL: LDAP database is read-only.");
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public void insertPrivateKeyByCertificate(Certificate certificate, JSAFE_PrivateKey jSAFE_PrivateKey) throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.insertPrivateKeyByCertificate: LDAP database does not store privateKeys.");
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public void insertPrivateKeyByPublicKey(JSAFE_PublicKey jSAFE_PublicKey, JSAFE_PrivateKey jSAFE_PrivateKey) throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.insertPrivateKeyByPublicKey: LDAP database does not store privateKeys.");
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public int selectCertificateByIssuerAndSerialNumber(X500Name x500Name, byte[] bArr, Vector vector) throws DatabaseException {
            if (x500Name == null || bArr == null) {
                throw new DatabaseException("LDAPDatabase$Implementation.selectCertificateByIssuerAndSerialNumber: neither issuerName nor serialNumber should be null.");
            }
            a();
            try {
                if (LDAPDatabase.this.configuration.getSearchRoot() == null) {
                    throw new DatabaseException("LDAPDatabase$Implementation.selectCertificateByIssuerAndSerialNumber: searchRoot can not be null to perform this search.");
                }
                Vector exhaustiveSearch = LDAPDatabase.this.exhaustiveSearch(this.b, LDAPDatabase.this.certAttrFilter, LDAPDatabase.this.certAttrs, 0);
                int i = 0;
                for (int i2 = 0; i2 < exhaustiveSearch.size(); i2++) {
                    X509Certificate x509Certificate = (X509Certificate) exhaustiveSearch.elementAt(i2);
                    if (x500Name.equals(x509Certificate.getIssuerName()) && CertJUtils.byteArraysEqual(bArr, x509Certificate.getSerialNumber())) {
                        i++;
                        if (!vector.contains(x509Certificate)) {
                            vector.addElement(x509Certificate);
                        }
                    }
                }
                return i;
            } finally {
                if (LDAPDatabase.this.configuration.getDisconnectBeforeConnect()) {
                    b();
                }
            }
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public int selectCertificateBySubject(X500Name x500Name, Vector vector) throws DatabaseException {
            if (x500Name == null) {
                throw new DatabaseException("LDAPDatabase$Implementation.selectCertificateBySubject: subjectName should not be null.");
            }
            a();
            try {
                Vector retrieve = LDAPDatabase.this.retrieve(this.b, x500Name, true, LDAPDatabase.this.certAttrFilter, LDAPDatabase.this.certAttrs, 0);
                if (retrieve == null) {
                    return 0;
                }
                int i = 0;
                for (int i2 = 0; i2 < retrieve.size(); i2++) {
                    X509Certificate x509Certificate = (X509Certificate) retrieve.elementAt(i2);
                    if (x500Name.equals(x509Certificate.getSubjectName())) {
                        if (!vector.contains(x509Certificate)) {
                            vector.addElement(x509Certificate);
                        }
                        i++;
                    }
                }
                int i3 = i;
                if (LDAPDatabase.this.configuration.getDisconnectBeforeConnect()) {
                    b();
                }
                return i3;
            } finally {
                if (LDAPDatabase.this.configuration.getDisconnectBeforeConnect()) {
                    b();
                }
            }
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public int selectCertificateByExtensions(X500Name x500Name, X509V3Extensions x509V3Extensions, Vector vector) throws DatabaseException {
            if (x500Name == null) {
                throw new DatabaseException("LDAPDatabase.selectCertificateByExtensions: baseName should not be null.");
            }
            a();
            try {
                Vector retrieve = LDAPDatabase.this.retrieve(this.b, x500Name, false, LDAPDatabase.this.certAttrFilter, LDAPDatabase.this.certAttrs, 0);
                if (retrieve == null) {
                    return 0;
                }
                int i = 0;
                for (int i2 = 0; i2 < retrieve.size(); i2++) {
                    X509Certificate x509Certificate = (X509Certificate) retrieve.elementAt(i2);
                    if (x509Certificate.getSubjectName().contains(x500Name) && CertJUtils.compareExtensions(x509V3Extensions, x509Certificate.getExtensions())) {
                        if (!vector.contains(x509Certificate)) {
                            vector.addElement(x509Certificate);
                        }
                        i++;
                    }
                }
                int i3 = i;
                if (LDAPDatabase.this.configuration.getDisconnectBeforeConnect()) {
                    b();
                }
                return i3;
            } finally {
                if (LDAPDatabase.this.configuration.getDisconnectBeforeConnect()) {
                    b();
                }
            }
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public boolean isCertificateIteratorSetup() {
            boolean z;
            synchronized (this.e) {
                z = this.c != null;
            }
            return z;
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public void setupCertificateIterator() throws DatabaseException {
            a();
            try {
                synchronized (this.e) {
                    this.c = new a(LDAPDatabase.this.configuration.getSearchRoot(), LDAPDatabase.this.certAttrFilter, LDAPDatabase.this.certAttrs, 0);
                }
            } finally {
                if (LDAPDatabase.this.configuration.getDisconnectBeforeConnect()) {
                    b();
                }
            }
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public Certificate firstCertificate() throws DatabaseException {
            Certificate nextCertificate;
            synchronized (this.e) {
                setupCertificateIterator();
                nextCertificate = nextCertificate();
            }
            return nextCertificate;
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public Certificate nextCertificate() throws DatabaseException {
            synchronized (this.e) {
                if (!isCertificateIteratorSetup()) {
                    setupCertificateIterator();
                }
                if (hasMoreCertificates()) {
                    return (Certificate) this.c.nextElement();
                }
                this.c = null;
                return null;
            }
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public boolean hasMoreCertificates() throws DatabaseException {
            boolean hasMoreElements;
            synchronized (this.e) {
                if (!isCertificateIteratorSetup()) {
                    setupCertificateIterator();
                }
                hasMoreElements = this.c.hasMoreElements();
            }
            return hasMoreElements;
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public int selectCRLByIssuerAndTime(X500Name x500Name, Date date, Vector vector) throws DatabaseException {
            if (x500Name == null || date == null) {
                throw new DatabaseException("LDAPDatabase$Implementation.selectCRLByIssuerAndTime: neither issuerName nor time should be null.");
            }
            a();
            try {
                Vector retrieve = LDAPDatabase.this.retrieve(this.b, x500Name, true, LDAPDatabase.this.crlAttrFilter, LDAPDatabase.this.crlAttrs, 1);
                if (retrieve == null) {
                    return 0;
                }
                Date date2 = new Date(0L);
                X509CRL x509crl = null;
                int i = 0;
                for (int i2 = 0; i2 < retrieve.size(); i2++) {
                    X509CRL x509crl2 = (X509CRL) retrieve.elementAt(i2);
                    if (x500Name.equals(x509crl2.getIssuerName())) {
                        Date thisUpdate = x509crl2.getThisUpdate();
                        if (!thisUpdate.after(date) && thisUpdate.after(date2)) {
                            date2 = thisUpdate;
                            x509crl = x509crl2;
                        }
                    }
                }
                if (x509crl != null) {
                    if (!vector.contains(x509crl)) {
                        vector.addElement(x509crl);
                    }
                    i = 1;
                }
                int i3 = i;
                if (LDAPDatabase.this.configuration.getDisconnectBeforeConnect()) {
                    b();
                }
                return i3;
            } finally {
                if (LDAPDatabase.this.configuration.getDisconnectBeforeConnect()) {
                    b();
                }
            }
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public boolean isCRLIteratorSetup() {
            boolean z;
            synchronized (this.f) {
                z = this.d != null;
            }
            return z;
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public void setupCRLIterator() throws DatabaseException {
            a();
            try {
                synchronized (this.f) {
                    this.d = new a(LDAPDatabase.this.configuration.getSearchRoot(), LDAPDatabase.this.crlAttrFilter, LDAPDatabase.this.crlAttrs, 1);
                }
            } finally {
                if (LDAPDatabase.this.configuration.getDisconnectBeforeConnect()) {
                    b();
                }
            }
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public CRL firstCRL() throws DatabaseException {
            setupCRLIterator();
            return nextCRL();
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public CRL nextCRL() throws DatabaseException {
            synchronized (this.f) {
                if (!isCRLIteratorSetup()) {
                    setupCRLIterator();
                }
                if (hasMoreCRLs()) {
                    return (CRL) this.d.nextElement();
                }
                this.d = null;
                return null;
            }
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public boolean hasMoreCRLs() throws DatabaseException {
            boolean hasMoreElements;
            synchronized (this.f) {
                if (!isCRLIteratorSetup()) {
                    setupCRLIterator();
                }
                hasMoreElements = this.d.hasMoreElements();
            }
            return hasMoreElements;
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public JSAFE_PrivateKey selectPrivateKeyByCertificate(Certificate certificate) throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.selectPrivateKeyByCertificate:  LDAP database does not store keys.");
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public JSAFE_PrivateKey selectPrivateKeyByPublicKey(JSAFE_PublicKey jSAFE_PublicKey) throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.selectPrivateKeyByPublicKey:  LDAP database does not store keys.");
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public boolean isPrivateKeyIteratorSetup() throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.isPrivateKeyIteratorSetup: LDAP database does not store keys.");
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public void setupPrivateKeyIterator() throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.setupPrivateKeyIterator: LDAP database does not store keys.");
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public JSAFE_PrivateKey firstPrivateKey() throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.firstPrivateKey: LDAP database does not store keys.");
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public JSAFE_PrivateKey nextPrivateKey() throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.nextPrivateKey: LDAP database does not store keys.");
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public boolean hasMorePrivateKeys() throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.hasMorePrivateKeys: LDAP database does not store keys.");
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public void deleteCertificate(X500Name x500Name, byte[] bArr) throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.deleteCertificate: LDAP database is read-only.");
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public void deleteCRL(X500Name x500Name, Date date) throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.deleteCRL: LDAP database is read-only.");
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public void deletePrivateKeyByCertificate(Certificate certificate) throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.deletePrivateKeyByCertificate: LDAP database does not store keys.");
        }

        @Override // com.rsa.certj.spi.db.DatabaseInterface
        public void deletePrivateKeyByPublicKey(JSAFE_PublicKey jSAFE_PublicKey) throws NotSupportedException {
            throw new NotSupportedException("LDAPDatabase$Implementation.deletePrivateKeyByPublicKey: LDAP database does not store keys.");
        }

        private void a() throws DatabaseException {
            if (this.b.isConnected()) {
                return;
            }
            try {
                this.b.connect(LDAPDatabase.this.configuration.getNetworkAddress().getHostName(), LDAPDatabase.this.configuration.getPortNumber());
                LDAPSearchConstraints lDAPSearchConstraints = new LDAPSearchConstraints();
                lDAPSearchConstraints.setTimeLimit(LDAPDatabase.this.configuration.getTimeLimit());
                lDAPSearchConstraints.setMaxResults(LDAPDatabase.this.configuration.getSizeLimit());
                this.b.setConstraints(lDAPSearchConstraints);
                try {
                    if (LDAPDatabase.this.configuration.getAuthType() == 1) {
                        this.b.bind(3, LDAPDatabase.this.userDN, LDAPDatabase.this.password.getBytes());
                    }
                } catch (LDAPException e) {
                    throw new DatabaseException("LDAPDatabase$Implementation.connect: LDAP authenticate call failed.", e);
                }
            } catch (LDAPException e2) {
                throw new DatabaseException("LDAPDatabase$Implementation.connect: LDAP connect call failed.", e2);
            }
        }

        private void b() throws DatabaseException {
            if (this.b.isConnected()) {
                try {
                    this.b.disconnect();
                } catch (LDAPException e) {
                    throw new DatabaseException("LDAPDatabase$Implementation.disconnect: LDAP disconnect call failed.", e);
                }
            }
        }

        @Override // com.rsa.certj.ProviderImplementation
        public String toString() {
            return "LDAP database provider named: " + super.getName();
        }
    }

    public LDAPDatabase(String str, LDAPConfiguration lDAPConfiguration, String str2, String str3) throws InvalidParameterException {
        super(1, str);
        if (lDAPConfiguration == null) {
            throw new InvalidParameterException("LDAPDatabase.LDAPDatabase: configuration should not be null.");
        }
        if (lDAPConfiguration.getAuthType() == 1 && (str2 == null || str3 == null)) {
            throw new InvalidParameterException("LDAPDatabase.LDAPDatabase: neither userDN nor password can be null if configuration.authType is LDAP_AUTH_SIMPLE.");
        }
        this.configuration = lDAPConfiguration;
        this.userDN = str2;
        this.password = str3;
        this.certAttrs = buildCertCRLAttrList(lDAPConfiguration.getCertificateAttrs());
        this.crlAttrs = buildCertCRLAttrList(lDAPConfiguration.getCertificateRevocationAttrs());
        this.certAttrFilter = buildAttrFilter(this.certAttrs);
        this.crlAttrFilter = buildAttrFilter(this.crlAttrs);
    }

    @Override // com.rsa.certj.Provider
    public ProviderImplementation instantiate(CertJ certJ) throws ProviderManagementException {
        try {
            return new b(certJ, getName());
        } catch (InvalidParameterException e) {
            throw new ProviderManagementException("LDAPDatabase.instantiate.", e);
        }
    }

    private String[] buildCertCRLAttrList(String str) {
        if (str == null || str.equals("")) {
            return null;
        }
        String[] split = str.split(",");
        for (int i = 0; i < split.length; i++) {
            split[i] = split[i].trim();
        }
        return split;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Vector retrieve(LDAPConnection lDAPConnection, X500Name x500Name, boolean z, String str, String[] strArr, int i) throws DatabaseException {
        DatabaseException databaseException = null;
        LDAPSearchResults lDAPSearchResults = null;
        if (z) {
            try {
                Vector attributeSearch = attributeSearch(lDAPConnection, x500Name.toString(true), 0, str, strArr, i);
                if (attributeSearch != null) {
                    if (!attributeSearch.isEmpty()) {
                        return attributeSearch;
                    }
                }
            } catch (DatabaseException e) {
                databaseException = e;
            }
        }
        if (this.configuration.getSearchScope() == 1) {
            return null;
        }
        String buildBaseDN = buildBaseDN(this.configuration.getBaseDNAttrs(), x500Name);
        String buildFilter = buildFilter(this.configuration.getSearchFilterAttrs(), x500Name);
        if (!buildBaseDN.equals("") && !buildFilter.equals("")) {
            try {
                lDAPSearchResults = lDAPConnection.search(buildBaseDN, 2, buildFilter, strArr, false);
            } catch (LDAPException e2) {
                databaseException = new DatabaseException("LDAPDatabase.retrieve: baseDN filter search failed.", e2);
            }
            if (lDAPSearchResults != null) {
                try {
                    Vector processResults = processResults(lDAPSearchResults, strArr, i);
                    databaseException = null;
                    if (processResults != null) {
                        if (!processResults.isEmpty()) {
                            return processResults;
                        }
                    }
                } catch (DatabaseException e3) {
                    databaseException = e3;
                }
            }
        }
        if (this.configuration.getSearchScope() == 2) {
            return null;
        }
        if (this.configuration.getSearchRoot() != null && !buildFilter.equals("")) {
            try {
                lDAPSearchResults = lDAPConnection.search(this.configuration.getSearchRoot(), 2, buildFilter, strArr, false);
            } catch (LDAPException e4) {
                databaseException = new DatabaseException("LDAPDatabase.retrieve: subtree filter search failed.", e4);
            }
            if (lDAPSearchResults != null) {
                try {
                    Vector processResults2 = processResults(lDAPSearchResults, strArr, i);
                    databaseException = null;
                    if (processResults2 != null) {
                        if (!processResults2.isEmpty()) {
                            return processResults2;
                        }
                    }
                } catch (DatabaseException e5) {
                    databaseException = e5;
                }
            }
        }
        if (this.configuration.getSearchScope() == 3) {
            return null;
        }
        if (this.configuration.getSearchRoot() != null) {
            return exhaustiveSearch(lDAPConnection, str, strArr, i);
        }
        if (databaseException != null) {
            throw databaseException;
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Vector exhaustiveSearch(LDAPConnection lDAPConnection, String str, String[] strArr, int i) throws DatabaseException {
        return attributeSearch(lDAPConnection, this.configuration.getSearchRoot(), 2, str, strArr, i);
    }

    private Vector attributeSearch(LDAPConnection lDAPConnection, String str, int i, String str2, String[] strArr, int i2) throws DatabaseException {
        try {
            return processResults(lDAPConnection.search(str, i, str2, strArr, false), strArr, i2);
        } catch (LDAPException e) {
            throw new DatabaseException("LDAPDatabase.attributeSearch.", e);
        }
    }

    private String buildAttrFilter(String[] strArr) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("(|");
        for (String str : strArr) {
            stringBuffer.append('(');
            stringBuffer.append(str);
            stringBuffer.append("=*)");
        }
        stringBuffer.append(')');
        return new String(stringBuffer);
    }

    private String buildBaseDN(String str, X500Name x500Name) throws DatabaseException {
        StringBuffer stringBuffer = new StringBuffer();
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        int countTokens = stringTokenizer.countTokens();
        for (int i = 0; i < countTokens; i++) {
            String nameValueForAttribute = getNameValueForAttribute(stringTokenizer.nextToken().trim(), x500Name);
            if (nameValueForAttribute != null) {
                if (stringBuffer.length() != 0) {
                    stringBuffer.append(",");
                }
                stringBuffer.append(nameValueForAttribute);
            }
        }
        return stringBuffer.toString();
    }

    private String buildFilter(String str, X500Name x500Name) throws DatabaseException {
        Vector vector = new Vector();
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        int countTokens = stringTokenizer.countTokens();
        for (int i = 0; i < countTokens; i++) {
            String nameValueForAttribute = getNameValueForAttribute(stringTokenizer.nextToken().trim(), x500Name);
            if (nameValueForAttribute != null) {
                vector.addElement(nameValueForAttribute);
            }
        }
        if (vector.isEmpty()) {
            return "";
        }
        StringBuffer stringBuffer = new StringBuffer();
        if (vector.size() == 1) {
            stringBuffer.append('(');
            stringBuffer.append((String) vector.elementAt(0));
            stringBuffer.append(')');
        } else {
            stringBuffer.append("(&");
            for (int i2 = 0; i2 < vector.size(); i2++) {
                stringBuffer.append('(');
                stringBuffer.append((String) vector.elementAt(i2));
                stringBuffer.append(')');
            }
            stringBuffer.append(')');
        }
        return stringBuffer.toString();
    }

    private String getNameValueForAttribute(String str, X500Name x500Name) throws DatabaseException {
        int findAttributeType = AttributeValueAssertion.findAttributeType(str);
        if (findAttributeType == -1) {
            throw new DatabaseException("Attribute type string " + str + " not recognized.");
        }
        AttributeValueAssertion attribute = x500Name.getAttribute(findAttributeType);
        if (attribute == null) {
            return null;
        }
        try {
            return str + "=" + attribute.getStringAttribute();
        } catch (NameException e) {
            throw new DatabaseException("Could not get value for attribute " + str);
        }
    }

    private Vector processResults(LDAPSearchResults lDAPSearchResults, String[] strArr, int i) throws DatabaseException {
        Enumeration byteValues;
        if (lDAPSearchResults == null) {
            return null;
        }
        Vector vector = new Vector();
        while (lDAPSearchResults.hasMore()) {
            try {
                LDAPEntry next = lDAPSearchResults.next();
                if (next instanceof LDAPEntry) {
                    LDAPEntry lDAPEntry = next;
                    for (String str : strArr) {
                        LDAPAttribute attribute = lDAPEntry.getAttribute(str);
                        if (attribute != null && (byteValues = attribute.getByteValues()) != null) {
                            while (byteValues.hasMoreElements()) {
                                byte[] bArr = (byte[]) byteValues.nextElement();
                                if (bArr != null) {
                                    if (i == 0) {
                                        try {
                                            vector.addElement(new X509Certificate(bArr, 0, 0));
                                        } catch (Exception e) {
                                        }
                                    } else if (i == 1) {
                                        try {
                                            vector.addElement(new X509CRL(bArr, 0, 0));
                                        } catch (Exception e2) {
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            } catch (LDAPException e3) {
                switch (e3.getResultCode()) {
                    case 3:
                        throw new DatabaseException("LDAPDatabase.processResults: time limit exceeded.", e3);
                    case 4:
                        throw new DatabaseException("LDAPDatabase.processResults: size limit exceeded.", e3);
                    case 11:
                        throw new DatabaseException("LDAPDatabase.processResults: admin limit exceeded.", e3);
                }
            }
        }
        return vector;
    }
}
