package com.phaos.cert;

import com.phaos.ASN1.ASN1BitString;
import com.phaos.ASN1.ASN1ConstructedInputStream;
import com.phaos.ASN1.ASN1Date;
import com.phaos.ASN1.ASN1GenericConstructed;
import com.phaos.ASN1.ASN1Integer;
import com.phaos.ASN1.ASN1Object;
import com.phaos.ASN1.ASN1ObjectID;
import com.phaos.ASN1.ASN1Sequence;
import com.phaos.ASN1.ASN1SequenceInputStream;
import com.phaos.crypto.AlgorithmIdentifier;
import com.phaos.crypto.AlgorithmIdentifierException;
import com.phaos.crypto.AuthenticationException;
import com.phaos.crypto.InvalidKeyException;
import com.phaos.crypto.PrivateKey;
import com.phaos.crypto.PublicKey;
import com.phaos.crypto.RandomBitsSource;
import com.phaos.crypto.Signature;
import com.phaos.crypto.SignatureException;
import com.phaos.utils.CryptoUtils;
import com.phaos.utils.OutputGenerationException;
import com.phaos.utils.StreamableOutputException;
import com.phaos.utils.Utils;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.net.URL;
import java.util.Calendar;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;

/* loaded from: input_file:com/phaos/cert/CRL.class */
public class CRL implements ASN1Object {
    private ASN1Sequence g;
    private PrivateKey h;
    private PublicKey i;
    private Vector j;
    private ASN1Sequence k;
    private Date l;
    private X509ExtensionSet m;
    private Date n;
    private X500Name o;
    private AlgorithmIdentifier p;
    private X509 q;
    private Hashtable r;
    private byte[] s;

    public boolean verify() throws AuthenticationException {
        return !hasUnrecognizedCriticalExtension() && verifyDate() && verifySignature();
    }

    public void sign() throws SignatureException {
        sign(RandomBitsSource.getDefault());
    }

    private void a(ASN1Sequence aSN1Sequence) throws IOException {
        input(Utils.toStream(aSN1Sequence));
    }

    public X509Extension getExtension(ASN1ObjectID aSN1ObjectID) {
        if (this.m != null) {
            return this.m.getExtension(aSN1ObjectID);
        }
        return null;
    }

    public void setPrivateKey(PrivateKey privateKey, AlgorithmIdentifier algorithmIdentifier) {
        this.h = privateKey;
        setSigAlgID(algorithmIdentifier);
    }

    public void setRevokedCertificates(Vector vector) {
        if (vector == null || vector.size() <= 0) {
            return;
        }
        this.r = new Hashtable();
        this.j = new Vector();
        Enumeration elements = vector.elements();
        while (elements.hasMoreElements()) {
            RevokedCertificate revokedCertificate = (RevokedCertificate) elements.nextElement();
            if (this.r.put(revokedCertificate.getSerialNo(), revokedCertificate) != null) {
                this.j.removeElement(revokedCertificate.getSerialNo());
            }
            this.j.addElement(revokedCertificate.getSerialNo());
        }
        f();
    }

    public CRL(X509 x509, File file) throws FileNotFoundException, IOException {
        this(x509);
        FileInputStream fileInputStream = new FileInputStream(file);
        input(fileInputStream);
        fileInputStream.close();
    }

    public Date revocationDate(BigInteger bigInteger) {
        RevokedCertificate revokedCertificate = getRevokedCertificate(bigInteger);
        if (revokedCertificate != null) {
            return revokedCertificate.getRevocationDate();
        }
        return null;
    }

    public void setPublicKey(PublicKey publicKey) {
        this.i = publicKey;
    }

    @Override // com.phaos.utils.Streamable
    public void output(OutputStream outputStream) throws IOException {
        try {
            d().output(outputStream);
        } catch (SignatureException e) {
            throw new OutputGenerationException(e.toString());
        }
    }

    public CRL(X509 x509, ASN1Sequence aSN1Sequence) throws IOException {
        this(x509);
        a(aSN1Sequence);
    }

    public boolean verifyDate() {
        Date date = new Date();
        if (date.before(this.n)) {
            return false;
        }
        return this.l == null || !date.after(this.l);
    }

    public void addExtension(X509Extension x509Extension) {
        if (this.m == null) {
            this.m = new X509ExtensionSet();
        }
        this.m.addExtension(x509Extension);
        f();
    }

    @Override // com.phaos.utils.Streamable
    public void input(InputStream inputStream) throws IOException {
        f();
        ASN1SequenceInputStream aSN1SequenceInputStream = new ASN1SequenceInputStream(inputStream);
        this.k = new ASN1Sequence(aSN1SequenceInputStream);
        this.p = new AlgorithmIdentifier(aSN1SequenceInputStream);
        this.s = ASN1BitString.inputValue(aSN1SequenceInputStream);
        aSN1SequenceInputStream.terminate();
        ASN1SequenceInputStream aSN1SequenceInputStream2 = new ASN1SequenceInputStream(Utils.toStream(this.k));
        if (aSN1SequenceInputStream2.getCurrentTag() == 2) {
            ASN1Integer.inputValue(aSN1SequenceInputStream2);
        }
        if (!new AlgorithmIdentifier(aSN1SequenceInputStream2).equals(this.p)) {
            throw new IOException("Inconsistent signature algorithm IDs");
        }
        X500Name x500Name = new X500Name(aSN1SequenceInputStream2);
        if (this.o == null) {
            this.o = x500Name;
        } else if (!this.o.equals(x500Name)) {
            throw new IOException(new StringBuffer().append("Expected issuer {").append(this.o).append("}, got issuer {").append(x500Name).append("}").toString());
        }
        this.n = ASN1Date.inputValue(aSN1SequenceInputStream2);
        if (aSN1SequenceInputStream2.getCurrentTag() == 23 || aSN1SequenceInputStream2.getCurrentTag() == 24) {
            this.l = ASN1Date.inputValue(aSN1SequenceInputStream2);
        } else {
            this.l = null;
        }
        if (aSN1SequenceInputStream2.getCurrentTag() == 16) {
            ASN1SequenceInputStream aSN1SequenceInputStream3 = new ASN1SequenceInputStream(aSN1SequenceInputStream2);
            this.r = new Hashtable();
            this.j = new Vector();
            while (aSN1SequenceInputStream3.hasMoreData()) {
                RevokedCertificate revokedCertificate = new RevokedCertificate(aSN1SequenceInputStream3);
                if (this.r.put(revokedCertificate.getSerialNo(), revokedCertificate) != null) {
                    this.j.removeElement(revokedCertificate.getSerialNo());
                }
                this.j.addElement(revokedCertificate.getSerialNo());
            }
            aSN1SequenceInputStream3.terminate();
        } else {
            this.r = null;
            this.j = null;
        }
        if (aSN1SequenceInputStream2.getCurrentTag() == 0) {
            ASN1ConstructedInputStream aSN1ConstructedInputStream = new ASN1ConstructedInputStream(aSN1SequenceInputStream2);
            this.m = new X509ExtensionSet(aSN1ConstructedInputStream);
            aSN1ConstructedInputStream.terminate();
        } else {
            this.m = null;
        }
        aSN1SequenceInputStream2.terminate();
    }

    public CRL() {
        this.k = null;
        this.p = null;
        this.s = null;
        this.n = new Date();
        this.l = null;
        this.r = null;
        this.j = null;
        this.m = null;
        this.g = null;
    }

    public CRL(ASN1Sequence aSN1Sequence) throws IOException {
        this.k = null;
        this.p = null;
        this.s = null;
        this.n = new Date();
        this.l = null;
        this.r = null;
        this.j = null;
        this.m = null;
        this.g = null;
        a(aSN1Sequence);
    }

    public X509ExtensionSet getExtensionSet() {
        return this.m;
    }

    public CRL(URL url) throws IOException {
        this(url.openStream());
    }

    private ASN1Sequence b() {
        if (this.k == null) {
            ASN1Sequence aSN1Sequence = new ASN1Sequence();
            if (this.m != null && this.m.size() > 0) {
                aSN1Sequence.addElement(new ASN1Integer(1L));
            } else if (this.r != null && this.r.size() > 0) {
                Enumeration elements = this.j.elements();
                while (true) {
                    if (!elements.hasMoreElements()) {
                        break;
                    }
                    RevokedCertificate revokedCertificate = (RevokedCertificate) this.r.get(elements.nextElement());
                    if (revokedCertificate.getExtensions() != null && revokedCertificate.getExtensions().size() > 0) {
                        aSN1Sequence.addElement(new ASN1Integer(1L));
                        break;
                    }
                }
            }
            if (this.p == null) {
                try {
                    this.p = Signature.getInstance(this.h).getAlgID();
                } catch (SignatureException e) {
                    throw new IllegalStateException(e.toString());
                } catch (NullPointerException e2) {
                    throw new IllegalStateException("Issuer signing key must be set befor output");
                }
            }
            aSN1Sequence.addElement(this.p);
            aSN1Sequence.addElement(this.o);
            Calendar calendar = Calendar.getInstance();
            calendar.setTime(this.n);
            aSN1Sequence.addElement(new ASN1Date(this.n, calendar.get(1) > 2049));
            if (this.l != null) {
                Calendar calendar2 = Calendar.getInstance();
                calendar2.setTime(this.l);
                aSN1Sequence.addElement(new ASN1Date(this.l, calendar2.get(1) > 2049));
            }
            if (this.r != null && this.r.size() > 0) {
                ASN1Sequence aSN1Sequence2 = new ASN1Sequence();
                Enumeration elements2 = this.j.elements();
                while (elements2.hasMoreElements()) {
                    aSN1Sequence2.addElement((RevokedCertificate) this.r.get(elements2.nextElement()));
                }
                aSN1Sequence.addElement(aSN1Sequence2);
            }
            if (this.m != null && this.m.size() > 0) {
                aSN1Sequence.addElement(new ASN1GenericConstructed(this.m, 0));
            }
            this.k = aSN1Sequence;
        }
        return this.k;
    }

    public boolean isRevoked(BigInteger bigInteger) {
        return getRevokedCertificate(bigInteger) != null;
    }

    public Enumeration revokedSerialNos() {
        return this.j != null ? this.j.elements() : new Vector().elements();
    }

    public Vector getExtensions() {
        if (this.m != null) {
            return this.m.getExtensions();
        }
        return null;
    }

    public boolean equals(Object obj) {
        if (obj == null || !(obj instanceof CRL)) {
            return false;
        }
        return e((CRL) obj);
    }

    public void addCertificate(BigInteger bigInteger, Date date) {
        addCertificate(new RevokedCertificate(bigInteger, date));
    }

    public boolean hasUnrecognizedCriticalExtension() {
        X509ExtensionSet extensionSet;
        if (this.m != null && this.m.hasUnrecognizedCriticalExtension()) {
            return true;
        }
        if (this.r == null) {
            return false;
        }
        Enumeration revokedSerialNos = revokedSerialNos();
        while (revokedSerialNos.hasMoreElements()) {
            RevokedCertificate revokedCertificate = getRevokedCertificate((BigInteger) revokedSerialNos.nextElement());
            if (revokedCertificate != null && (extensionSet = revokedCertificate.getExtensionSet()) != null && extensionSet.hasUnrecognizedCriticalExtension()) {
                return true;
            }
        }
        return false;
    }

    public void setSigAlgID(AlgorithmIdentifier algorithmIdentifier) {
        this.p = algorithmIdentifier;
        f();
    }

    public Vector getRevokedCertificates() {
        Vector vector = null;
        if (this.r != null) {
            vector = new Vector();
            Enumeration elements = this.j.elements();
            while (elements.hasMoreElements()) {
                vector.addElement(this.r.get(elements.nextElement()));
            }
        }
        return vector;
    }

    public CRL(X509 x509, URL url) throws IOException {
        this(x509);
        InputStream openStream = url.openStream();
        input(openStream);
        openStream.close();
    }

    private void c() {
        this.g = null;
    }

    public CRL(InputStream inputStream) throws IOException {
        this();
        input(inputStream);
    }

    public void sign(RandomBitsSource randomBitsSource) throws SignatureException {
        ASN1Sequence b = b();
        try {
            try {
                Signature signature = Signature.getInstance(this.p);
                signature.setPrivateKey(this.h);
                signature.setRandomBitsSource(randomBitsSource);
                signature.setDocument(Utils.toBytes(b));
                this.s = signature.sign();
                c();
            } catch (AlgorithmIdentifierException e) {
                throw new SignatureException(e.toString());
            } catch (InvalidKeyException e2) {
                throw new SignatureException(e2.toString());
            }
        } catch (Throwable th) {
            c();
            throw th;
        }
    }

    private ASN1Sequence d() throws SignatureException {
        if (this.g == null) {
            ASN1Sequence aSN1Sequence = new ASN1Sequence();
            aSN1Sequence.addElement(b());
            aSN1Sequence.addElement(this.p);
            aSN1Sequence.addElement(new ASN1BitString(getSigBytes()));
            this.g = aSN1Sequence;
        }
        return this.g;
    }

    public ASN1Sequence outputASN1() throws IOException {
        try {
            return d();
        } catch (SignatureException e) {
            throw new OutputGenerationException(e.toString());
        }
    }

    public byte[] getEncoded() {
        try {
            return Utils.toBytes(d());
        } catch (SignatureException e) {
            throw new StreamableOutputException(e.toString());
        }
    }

    private boolean e(CRL crl) {
        return Utils.areEqual(Utils.toBytes(this), Utils.toBytes(crl));
    }

    public void setPrivateKey(PrivateKey privateKey) {
        setPrivateKey(privateKey, null);
    }

    public void setDate(Date date) {
        this.n = date;
        f();
    }

    public void setExtensions(Vector vector) {
        setExtensions(new X509ExtensionSet(vector));
    }

    public CRL(X500Name x500Name, PrivateKey privateKey, int i) {
        this(x500Name, privateKey);
        if (i > 0) {
            setDates(i);
        }
    }

    public void addCertificate(RevokedCertificate revokedCertificate) {
        if (this.r == null) {
            this.r = new Hashtable();
            this.j = new Vector();
        }
        if (this.r.put(revokedCertificate.getSerialNo(), revokedCertificate) != null) {
            this.j.removeElement(revokedCertificate.getSerialNo());
        }
        this.j.addElement(revokedCertificate.getSerialNo());
        f();
    }

    public CRL(X509 x509) {
        this.k = null;
        this.p = null;
        this.s = null;
        this.n = new Date();
        this.l = null;
        this.r = null;
        this.j = null;
        this.m = null;
        this.g = null;
        setIssuer(x509.getSubject());
        setPublicKey(x509.getPublicKey());
    }

    public void setAttributes(X509Attributes x509Attributes) {
        X509ExtensionSet x509ExtensionSet = this.m;
        X509ExtensionSet extensionSet = X509Attributes.toExtensionSet(x509Attributes);
        if (x509ExtensionSet != null) {
            Vector extensions = x509ExtensionSet.getExtensions();
            int size = extensions.size();
            for (int i = 0; i < size; i++) {
                extensionSet.addExtension((X509Extension) extensions.elementAt(i));
            }
        }
        setExtensions(extensionSet);
    }

    public CRL(X509 x509, InputStream inputStream) throws IOException {
        this(x509);
        input(inputStream);
    }

    public CRL(X500Name x500Name, PrivateKey privateKey) {
        this.k = null;
        this.p = null;
        this.s = null;
        this.n = new Date();
        this.l = null;
        this.r = null;
        this.j = null;
        this.m = null;
        this.g = null;
        setIssuer(x500Name);
        setPrivateKey(privateKey);
    }

    private void f() {
        c();
        this.k = null;
        this.s = null;
    }

    @Override // com.phaos.utils.Streamable
    public int length() {
        try {
            return d().length();
        } catch (SignatureException e) {
            throw new StreamableOutputException(e.toString());
        }
    }

    public boolean verifySignature() throws AuthenticationException {
        try {
            return CryptoUtils.verifySignedASN1(d(), this.i);
        } catch (SignatureException e) {
            throw new AuthenticationException(e.toString());
        }
    }

    public void setIssuerCertificate(X509 x509) {
        this.q = x509;
        if (this.o == null) {
            this.o = x509.getSubject();
        }
        setPublicKey(x509.getPublicKey());
    }

    public CRL(X500Name x500Name, PrivateKey privateKey, Date date, Date date2, Vector vector) {
        this(x500Name, privateKey);
        setDates(date, date2);
        setRevokedCertificates(vector);
    }

    public Date getDate() {
        return this.n;
    }

    public void addCertificate(BigInteger bigInteger) {
        addCertificate(bigInteger, new Date());
    }

    public String toString() {
        String stringBuffer = new StringBuffer().append("issuer = ").append(this.o).append(", thisUpdate = ").append(this.n).toString();
        if (this.l != null) {
            stringBuffer = new StringBuffer().append(stringBuffer).append(", nextUpdate = ").append(this.l).toString();
        }
        String stringBuffer2 = new StringBuffer().append(stringBuffer).append(", revokedCertificates = {").toString();
        Enumeration elements = this.j.elements();
        while (elements.hasMoreElements()) {
            stringBuffer2 = new StringBuffer().append(stringBuffer2).append("(").append((RevokedCertificate) this.r.get(elements.nextElement())).append(")").toString();
            if (elements.hasMoreElements()) {
                stringBuffer2 = new StringBuffer().append(stringBuffer2).append(", ").toString();
            }
        }
        String stringBuffer3 = new StringBuffer().append(stringBuffer2).append("}").toString();
        if (this.m != null && this.m.size() > 0) {
            stringBuffer3 = new StringBuffer().append(stringBuffer3).append(", extensions = ").append(this.m).toString();
        }
        return stringBuffer3;
    }

    public CRL(File file) throws IOException {
        this(new FileInputStream(file));
    }

    public byte[] getSigBytes() throws SignatureException {
        if (this.s == null) {
            sign();
        }
        return this.s;
    }

    public void setDates(int i) {
        setDates(new Date(), Utils.daysFromNow(i));
    }

    public void setIssuer(X500Name x500Name) {
        this.o = x500Name;
        f();
    }

    public X500Name getIssuer() {
        return this.o;
    }

    public void setDates(Date date, Date date2) {
        this.n = date;
        this.l = date2;
        f();
    }

    public Date getNextDate() {
        return this.l;
    }

    public void setExtensions(X509ExtensionSet x509ExtensionSet) {
        this.m = x509ExtensionSet;
        f();
    }

    public RevokedCertificate getRevokedCertificate(BigInteger bigInteger) {
        if (this.r != null) {
            return (RevokedCertificate) this.r.get(bigInteger);
        }
        return null;
    }
}
