package org.spongycastle.jce.provider;

import java.io.IOException;
import java.math.BigInteger;
import java.security.Principal;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.DERInteger;
import org.spongycastle.asn1.util.ASN1Dump;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x509.CRLDistPoint;
import org.spongycastle.asn1.x509.CRLNumber;
import org.spongycastle.asn1.x509.CertificateList;
import org.spongycastle.asn1.x509.Extension;
import org.spongycastle.asn1.x509.Extensions;
import org.spongycastle.asn1.x509.GeneralNames;
import org.spongycastle.asn1.x509.IssuingDistributionPoint;
import org.spongycastle.asn1.x509.TBSCertList;
import org.spongycastle.jce.X509Principal;
import org.spongycastle.util.encoders.Hex;
import org.spongycastle.x509.extension.X509ExtensionUtil;

/* loaded from: classes.dex */
public class X509CRLObject extends X509CRL {

    /* renamed from: a, reason: collision with root package name */
    private CertificateList f5310a;

    /* renamed from: b, reason: collision with root package name */
    private String f5311b;
    private byte[] c;
    private boolean d;

    public X509CRLObject(CertificateList certificateList) {
        this.f5310a = certificateList;
        try {
            this.f5311b = m.a(certificateList.g());
            if (certificateList.g().f() != null) {
                this.c = certificateList.g().f().a().a("DER");
            } else {
                this.c = null;
            }
            this.d = a(this);
        } catch (Exception e) {
            throw new CRLException("CRL contents invalid: " + e);
        }
    }

    private Set a(boolean z) {
        Extensions k;
        if (getVersion() != 2 || (k = this.f5310a.d().k()) == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        Enumeration d = k.d();
        while (d.hasMoreElements()) {
            ASN1ObjectIdentifier aSN1ObjectIdentifier = (ASN1ObjectIdentifier) d.nextElement();
            if (z == k.a(aSN1ObjectIdentifier).a()) {
                hashSet.add(aSN1ObjectIdentifier.d());
            }
        }
        return hashSet;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean a(X509CRL x509crl) {
        try {
            byte[] extensionValue = x509crl.getExtensionValue(Extension.m.d());
            if (extensionValue != null) {
                if (IssuingDistributionPoint.a(X509ExtensionUtil.a(extensionValue)).f()) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            throw new d("Exception reading IssuingDistributionPoint", e);
        }
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        return a(true);
    }

    @Override // java.security.cert.X509CRL
    public byte[] getEncoded() {
        try {
            return this.f5310a.a("DER");
        } catch (IOException e) {
            throw new CRLException(e.toString());
        }
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        Extension a2;
        Extensions k = this.f5310a.d().k();
        if (k == null || (a2 = k.a(new ASN1ObjectIdentifier(str))) == null) {
            return null;
        }
        try {
            return a2.b().b();
        } catch (Exception e) {
            throw new IllegalStateException("error parsing " + e.toString());
        }
    }

    @Override // java.security.cert.X509CRL
    public Principal getIssuerDN() {
        return new X509Principal(X500Name.a(this.f5310a.j().a()));
    }

    @Override // java.security.cert.X509CRL
    public X500Principal getIssuerX500Principal() {
        try {
            return new X500Principal(this.f5310a.j().b());
        } catch (IOException e) {
            throw new IllegalStateException("can't encode issuer DN");
        }
    }

    @Override // java.security.cert.X509CRL
    public Date getNextUpdate() {
        if (this.f5310a.l() != null) {
            return this.f5310a.l().e();
        }
        return null;
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        return a(false);
    }

    @Override // java.security.cert.X509CRL
    public X509CRLEntry getRevokedCertificate(BigInteger bigInteger) {
        Extension a2;
        Enumeration f = this.f5310a.f();
        X500Name x500Name = null;
        while (f.hasMoreElements()) {
            TBSCertList.CRLEntry cRLEntry = (TBSCertList.CRLEntry) f.nextElement();
            if (bigInteger.equals(cRLEntry.d().d())) {
                return new X509CRLEntryObject(cRLEntry, this.d, x500Name);
            }
            x500Name = (this.d && cRLEntry.g() && (a2 = cRLEntry.f().a(Extension.n)) != null) ? X500Name.a(GeneralNames.a(a2.c()).d()[0].e()) : x500Name;
        }
        return null;
    }

    @Override // java.security.cert.X509CRL
    public Set getRevokedCertificates() {
        Extension a2;
        HashSet hashSet = new HashSet();
        Enumeration f = this.f5310a.f();
        X500Name x500Name = null;
        while (f.hasMoreElements()) {
            TBSCertList.CRLEntry cRLEntry = (TBSCertList.CRLEntry) f.nextElement();
            hashSet.add(new X509CRLEntryObject(cRLEntry, this.d, x500Name));
            x500Name = (this.d && cRLEntry.g() && (a2 = cRLEntry.f().a(Extension.n)) != null) ? X500Name.a(GeneralNames.a(a2.c()).d()[0].e()) : x500Name;
        }
        if (hashSet.isEmpty()) {
            return null;
        }
        return Collections.unmodifiableSet(hashSet);
    }

    @Override // java.security.cert.X509CRL
    public String getSigAlgName() {
        return this.f5311b;
    }

    @Override // java.security.cert.X509CRL
    public String getSigAlgOID() {
        return this.f5310a.g().e().d();
    }

    @Override // java.security.cert.X509CRL
    public byte[] getSigAlgParams() {
        if (this.c == null) {
            return null;
        }
        byte[] bArr = new byte[this.c.length];
        System.arraycopy(this.c, 0, bArr, 0, bArr.length);
        return bArr;
    }

    @Override // java.security.cert.X509CRL
    public byte[] getSignature() {
        return this.f5310a.h().d();
    }

    @Override // java.security.cert.X509CRL
    public byte[] getTBSCertList() {
        try {
            return this.f5310a.d().a("DER");
        } catch (IOException e) {
            throw new CRLException(e.toString());
        }
    }

    @Override // java.security.cert.X509CRL
    public Date getThisUpdate() {
        return this.f5310a.k().e();
    }

    @Override // java.security.cert.X509CRL
    public int getVersion() {
        return this.f5310a.i();
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        Set criticalExtensionOIDs = getCriticalExtensionOIDs();
        if (criticalExtensionOIDs == null) {
            return false;
        }
        criticalExtensionOIDs.remove(RFC3280CertPathUtilities.d);
        criticalExtensionOIDs.remove(RFC3280CertPathUtilities.f);
        return !criticalExtensionOIDs.isEmpty();
    }

    @Override // java.security.cert.CRL
    public boolean isRevoked(Certificate certificate) {
        X500Name d;
        Extension a2;
        if (!certificate.getType().equals("X.509")) {
            throw new RuntimeException("X.509 CRL used with non X.509 Cert");
        }
        TBSCertList.CRLEntry[] e = this.f5310a.e();
        X500Name j = this.f5310a.j();
        if (e == null) {
            return false;
        }
        BigInteger serialNumber = ((X509Certificate) certificate).getSerialNumber();
        for (int i = 0; i < e.length; i++) {
            if (this.d && e[i].g() && (a2 = e[i].f().a(Extension.n)) != null) {
                j = X500Name.a(GeneralNames.a(a2.c()).d()[0].e());
            }
            if (e[i].d().d().equals(serialNumber)) {
                if (certificate instanceof X509Certificate) {
                    d = X500Name.a(((X509Certificate) certificate).getIssuerX500Principal().getEncoded());
                } else {
                    try {
                        d = org.spongycastle.asn1.x509.Certificate.a(certificate.getEncoded()).d();
                    } catch (CertificateEncodingException e2) {
                        throw new RuntimeException("Cannot process certificate");
                    }
                }
                return j.equals(d);
            }
        }
        return false;
    }

    @Override // java.security.cert.CRL
    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        String property = System.getProperty("line.separator");
        stringBuffer.append("              Version: ").append(getVersion()).append(property);
        stringBuffer.append("             IssuerDN: ").append(getIssuerDN()).append(property);
        stringBuffer.append("          This update: ").append(getThisUpdate()).append(property);
        stringBuffer.append("          Next update: ").append(getNextUpdate()).append(property);
        stringBuffer.append("  Signature Algorithm: ").append(getSigAlgName()).append(property);
        byte[] signature = getSignature();
        stringBuffer.append("            Signature: ").append(new String(Hex.a(signature, 0, 20))).append(property);
        for (int i = 20; i < signature.length; i += 20) {
            if (i < signature.length - 20) {
                stringBuffer.append("                       ").append(new String(Hex.a(signature, i, 20))).append(property);
            } else {
                stringBuffer.append("                       ").append(new String(Hex.a(signature, i, signature.length - i))).append(property);
            }
        }
        Extensions k = this.f5310a.d().k();
        if (k != null) {
            Enumeration d = k.d();
            if (d.hasMoreElements()) {
                stringBuffer.append("           Extensions: ").append(property);
            }
            while (d.hasMoreElements()) {
                ASN1ObjectIdentifier aSN1ObjectIdentifier = (ASN1ObjectIdentifier) d.nextElement();
                Extension a2 = k.a(aSN1ObjectIdentifier);
                if (a2.b() != null) {
                    ASN1InputStream aSN1InputStream = new ASN1InputStream(a2.b().e());
                    stringBuffer.append("                       critical(").append(a2.a()).append(") ");
                    try {
                        if (aSN1ObjectIdentifier.equals(Extension.h)) {
                            stringBuffer.append(new CRLNumber(DERInteger.a((Object) aSN1InputStream.b()).e())).append(property);
                        } else if (aSN1ObjectIdentifier.equals(Extension.l)) {
                            stringBuffer.append("Base CRL: " + new CRLNumber(DERInteger.a((Object) aSN1InputStream.b()).e())).append(property);
                        } else if (aSN1ObjectIdentifier.equals(Extension.m)) {
                            stringBuffer.append(IssuingDistributionPoint.a(aSN1InputStream.b())).append(property);
                        } else if (aSN1ObjectIdentifier.equals(Extension.p)) {
                            stringBuffer.append(CRLDistPoint.a(aSN1InputStream.b())).append(property);
                        } else if (aSN1ObjectIdentifier.equals(Extension.v)) {
                            stringBuffer.append(CRLDistPoint.a(aSN1InputStream.b())).append(property);
                        } else {
                            stringBuffer.append(aSN1ObjectIdentifier.d());
                            stringBuffer.append(" value = ").append(ASN1Dump.a(aSN1InputStream.b())).append(property);
                        }
                    } catch (Exception e) {
                        stringBuffer.append(aSN1ObjectIdentifier.d());
                        stringBuffer.append(" value = *****").append(property);
                    }
                } else {
                    stringBuffer.append(property);
                }
            }
        }
        Set revokedCertificates = getRevokedCertificates();
        if (revokedCertificates != null) {
            Iterator it = revokedCertificates.iterator();
            while (it.hasNext()) {
                stringBuffer.append(it.next());
                stringBuffer.append(property);
            }
        }
        return stringBuffer.toString();
    }

    @Override // java.security.cert.X509CRL
    public void verify(PublicKey publicKey) {
        verify(publicKey, BouncyCastleProvider.f5249a);
    }

    @Override // java.security.cert.X509CRL
    public void verify(PublicKey publicKey, String str) {
        if (!this.f5310a.g().equals(this.f5310a.d().e())) {
            throw new CRLException("Signature algorithm on CertificateList does not match TBSCertList.");
        }
        Signature signature = str != null ? Signature.getInstance(getSigAlgName(), str) : Signature.getInstance(getSigAlgName());
        signature.initVerify(publicKey);
        signature.update(getTBSCertList());
        if (!signature.verify(getSignature())) {
            throw new SignatureException("CRL does not verify with supplied public key.");
        }
    }
}
