package oracle.security.crypto.jce.cert;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Set;
import oracle.security.crypto.asn1.ASN1BitString;
import oracle.security.crypto.asn1.ASN1Boolean;
import oracle.security.crypto.asn1.ASN1ConstructedInputStream;
import oracle.security.crypto.asn1.ASN1Date;
import oracle.security.crypto.asn1.ASN1Integer;
import oracle.security.crypto.asn1.ASN1Object;
import oracle.security.crypto.asn1.ASN1ObjectID;
import oracle.security.crypto.asn1.ASN1OctetString;
import oracle.security.crypto.asn1.ASN1Sequence;
import oracle.security.crypto.asn1.ASN1SequenceInputStream;
import oracle.security.crypto.core.AlgID;
import oracle.security.crypto.core.AlgorithmIdentifier;
import oracle.security.crypto.util.UnsyncByteArrayInputStream;
import oracle.security.crypto.util.Utils;

/* loaded from: input_file:oracle/security/crypto/jce/cert/CRLImpl.class */
public class CRLImpl extends X509CRL implements ASN1Object {
    private ASN1Sequence tbsCertList;
    private ASN1Sequence contents;
    private AlgorithmIdentifier sigAlgID;
    private byte[] sigBytes;
    private Hashtable revokedCertificatesTable;
    private Set revokedCertificates;
    private int version;
    private PublicKey pubKey;
    private X500Name issuer;
    private Date thisUpdate;
    private Date nextUpdate;
    private Hashtable extensions;
    private Set criticalOIDs;
    private Set nonCriticalOIDs;
    private boolean unsupportedCriticalExtension;
    protected boolean decoded;

    public CRLImpl() {
    }

    public CRLImpl(InputStream inputStream) throws IOException {
        input(inputStream);
    }

    @Override // java.security.cert.CRL
    public boolean isRevoked(Certificate certificate) {
        if (!certificate.getType().equals("X.509") || this.revokedCertificatesTable == null) {
            return false;
        }
        try {
            return this.revokedCertificatesTable.containsKey(new X509Impl(new UnsyncByteArrayInputStream(certificate.getEncoded())).getSerialNumber());
        } catch (IOException e) {
            throw new RuntimeException(e.toString());
        } catch (CertificateEncodingException e2) {
            throw new RuntimeException(e2.toString());
        }
    }

    @Override // java.security.cert.X509CRL
    public X509CRLEntry getRevokedCertificate(BigInteger bigInteger) {
        if (this.revokedCertificatesTable == null) {
            return null;
        }
        return (X509CRLEntry) this.revokedCertificatesTable.get(bigInteger);
    }

    @Override // java.security.cert.X509CRL
    public Set getRevokedCertificates() {
        if (this.revokedCertificatesTable == null) {
            return null;
        }
        if (this.revokedCertificates != null) {
            return this.revokedCertificates;
        }
        this.revokedCertificates = new HashSet();
        if (this.revokedCertificatesTable != null) {
            Enumeration elements = this.revokedCertificatesTable.elements();
            while (elements.hasMoreElements()) {
                this.revokedCertificates.add(elements.nextElement());
            }
        }
        return this.revokedCertificates;
    }

    public void input(InputStream inputStream) throws IOException {
        this.contents = new ASN1Sequence(inputStream);
        ASN1SequenceInputStream aSN1SequenceInputStream = new ASN1SequenceInputStream(Utils.toStream(this.contents));
        this.tbsCertList = new ASN1Sequence(aSN1SequenceInputStream);
        this.sigAlgID = new AlgorithmIdentifier(aSN1SequenceInputStream);
        this.sigBytes = ASN1BitString.inputValue(aSN1SequenceInputStream);
        aSN1SequenceInputStream.terminate();
        ASN1SequenceInputStream aSN1SequenceInputStream2 = new ASN1SequenceInputStream(Utils.toStream(this.tbsCertList));
        if (aSN1SequenceInputStream2.getCurrentTag() == 2) {
            ASN1Integer.inputValue(aSN1SequenceInputStream2);
        }
        if (!new AlgorithmIdentifier(aSN1SequenceInputStream2).getOID().equals(this.sigAlgID.getOID())) {
            throw new IOException("Inconsistent signature algorithm IDs");
        }
        X500Name x500Name = new X500Name(aSN1SequenceInputStream2);
        if (this.issuer == null) {
            this.issuer = x500Name;
        } else if (!this.issuer.equals(x500Name)) {
            throw new IOException("Expected issuer {" + this.issuer + "}, got issuer {" + x500Name + "}");
        }
        this.thisUpdate = ASN1Date.inputValue(aSN1SequenceInputStream2);
        if (aSN1SequenceInputStream2.getCurrentTag() == 23 || aSN1SequenceInputStream2.getCurrentTag() == 24) {
            this.nextUpdate = ASN1Date.inputValue(aSN1SequenceInputStream2);
        } else {
            this.nextUpdate = null;
        }
        if (aSN1SequenceInputStream2.getCurrentTag() == 16) {
            ASN1SequenceInputStream aSN1SequenceInputStream3 = new ASN1SequenceInputStream(aSN1SequenceInputStream2);
            this.revokedCertificatesTable = new Hashtable();
            while (aSN1SequenceInputStream3.hasMoreData()) {
                X509CRLEntryImpl x509CRLEntryImpl = new X509CRLEntryImpl(aSN1SequenceInputStream3);
                this.revokedCertificatesTable.put(x509CRLEntryImpl.getSerialNumber(), x509CRLEntryImpl);
            }
            aSN1SequenceInputStream3.terminate();
        } else {
            this.revokedCertificatesTable = null;
        }
        this.unsupportedCriticalExtension = false;
        if (aSN1SequenceInputStream2.getCurrentTag() == 0) {
            ASN1ConstructedInputStream aSN1ConstructedInputStream = new ASN1ConstructedInputStream(aSN1SequenceInputStream2);
            ASN1SequenceInputStream aSN1SequenceInputStream4 = new ASN1SequenceInputStream(aSN1ConstructedInputStream);
            this.extensions = new Hashtable();
            this.criticalOIDs = new HashSet();
            this.nonCriticalOIDs = new HashSet();
            while (aSN1SequenceInputStream4.hasMoreData()) {
                ASN1SequenceInputStream aSN1SequenceInputStream5 = new ASN1SequenceInputStream(aSN1SequenceInputStream4);
                String stringCompact = new ASN1ObjectID(aSN1SequenceInputStream5).toStringCompact();
                boolean z = false;
                if (aSN1SequenceInputStream5.getCurrentTag() == 1) {
                    z = ASN1Boolean.inputValue(aSN1SequenceInputStream5);
                }
                if (z) {
                    this.criticalOIDs.add(stringCompact);
                    this.unsupportedCriticalExtension = true;
                } else {
                    this.nonCriticalOIDs.add(stringCompact);
                }
                this.extensions.put(stringCompact, ASN1OctetString.inputValue(aSN1SequenceInputStream5));
                aSN1SequenceInputStream5.terminate();
            }
            aSN1SequenceInputStream4.terminate();
            aSN1ConstructedInputStream.terminate();
        } else {
            this.extensions = null;
            this.criticalOIDs = null;
        }
        aSN1SequenceInputStream2.terminate();
    }

    public void output(OutputStream outputStream) throws IOException {
        this.contents.output(outputStream);
    }

    public int length() {
        return this.contents.length();
    }

    @Override // java.security.cert.X509CRL
    public byte[] getEncoded() {
        return Utils.toBytes(this.contents);
    }

    @Override // java.security.cert.X509CRL
    public byte[] getTBSCertList() {
        return Utils.toBytes(this.tbsCertList);
    }

    @Override // java.security.cert.X509CRL
    public byte[] getSignature() {
        return this.sigBytes;
    }

    @Override // java.security.cert.X509CRL
    public void verify(PublicKey publicKey, String str) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        Signature signature = str != null ? Signature.getInstance(getSigAlgName(), str) : Signature.getInstance(getSigAlgName());
        signature.initVerify(publicKey);
        signature.update(getTBSCertList());
        signature.verify(getSignature());
    }

    @Override // java.security.cert.X509CRL
    public void verify(PublicKey publicKey) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        verify(publicKey, (String) null);
    }

    @Override // java.security.cert.X509CRL
    public Date getThisUpdate() {
        return this.thisUpdate;
    }

    @Override // java.security.cert.X509CRL
    public Date getNextUpdate() {
        return this.nextUpdate;
    }

    @Override // java.security.cert.X509CRL
    public Principal getIssuerDN() {
        return this.issuer;
    }

    @Override // java.security.cert.X509CRL
    public String getSigAlgOID() {
        return this.sigAlgID.getOID().toStringCompact();
    }

    @Override // java.security.cert.X509CRL
    public String getSigAlgName() {
        ASN1ObjectID oid = this.sigAlgID.getOID();
        return oid.equals(AlgID.md5WithRSAEncryption.getOID()) ? "MD5withRSA" : oid.equals(AlgID.md2WithRSAEncryption.getOID()) ? "MD2withRSA" : oid.equals(AlgID.sha_1WithRSAEncryption.getOID()) ? "SHA1withRSA" : (oid.equals(AlgID.dsaWithSHA1.getOID()) || oid.equals(AlgID.dsaWithSHA.getOID()) || oid.equals(AlgID.dsaWithSHA1Old.getOID())) ? "SHA1withDSA" : "";
    }

    @Override // java.security.cert.X509CRL
    public byte[] getSigAlgParams() {
        return Utils.toBytes(this.sigAlgID.getParameters());
    }

    @Override // java.security.cert.X509CRL
    public int getVersion() {
        return this.version;
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        return this.criticalOIDs;
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        return this.nonCriticalOIDs;
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        if (this.extensions == null) {
            return null;
        }
        return (byte[]) this.extensions.get(str);
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        return this.unsupportedCriticalExtension;
    }

    @Override // java.security.cert.X509CRL
    public boolean equals(Object obj) {
        if (obj == null) {
            return false;
        }
        try {
            if (obj instanceof X509CRL) {
                return Utils.areEqual(getEncoded(), ((X509CRL) obj).getEncoded());
            }
            return false;
        } catch (CRLException e) {
            return false;
        }
    }

    @Override // java.security.cert.X509CRL
    public int hashCode() {
        return new String(getEncoded()).hashCode();
    }

    @Override // java.security.cert.CRL
    public String toString() {
        return (((("{ thisUpdate = " + this.thisUpdate) + ", nextUpdate = " + this.nextUpdate) + ", issuer = " + this.issuer) + ", sigAlgOID = " + getSigAlgOID()) + " }";
    }
}
