package oracle.security.crypto.cert;

import java.io.Externalizable;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInput;
import java.io.ObjectOutput;
import java.io.OutputStream;
import java.math.BigInteger;
import java.net.URL;
import java.util.Calendar;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import oracle.security.crypto.asn1.ASN1BitString;
import oracle.security.crypto.asn1.ASN1ConstructedInputStream;
import oracle.security.crypto.asn1.ASN1Date;
import oracle.security.crypto.asn1.ASN1GenericConstructed;
import oracle.security.crypto.asn1.ASN1Integer;
import oracle.security.crypto.asn1.ASN1Object;
import oracle.security.crypto.asn1.ASN1ObjectID;
import oracle.security.crypto.asn1.ASN1Sequence;
import oracle.security.crypto.asn1.ASN1SequenceInputStream;
import oracle.security.crypto.core.AlgorithmIdentifier;
import oracle.security.crypto.core.AlgorithmIdentifierException;
import oracle.security.crypto.core.AuthenticationException;
import oracle.security.crypto.core.InvalidKeyException;
import oracle.security.crypto.core.PrivateKey;
import oracle.security.crypto.core.PublicKey;
import oracle.security.crypto.core.RandomBitsSource;
import oracle.security.crypto.core.Signature;
import oracle.security.crypto.core.SignatureException;
import oracle.security.crypto.util.CryptoUtils;
import oracle.security.crypto.util.InvalidInputException;
import oracle.security.crypto.util.OutputGenerationException;
import oracle.security.crypto.util.StreamableOutputException;
import oracle.security.crypto.util.UnsyncByteArrayInputStream;
import oracle.security.crypto.util.Utils;

/* loaded from: input_file:oracle/security/crypto/cert/CRL.class */
public class CRL implements ASN1Object, Externalizable {
    private ASN1Sequence tbsCertList;
    private AlgorithmIdentifier sigAlgID;
    private byte[] sigBytes;
    private X500Name issuer;
    private Date thisUpdate;
    private Date nextUpdate;
    private Hashtable revokedCertificates;
    private Vector serialNo;
    private X509ExtensionSet extensions;
    private PrivateKey privKey;
    private PublicKey pubKey;
    private X509 issuerCert;
    private ASN1Sequence contents;

    public CRL() {
        this.tbsCertList = null;
        this.sigAlgID = null;
        this.sigBytes = null;
        this.thisUpdate = new Date();
        this.nextUpdate = null;
        this.revokedCertificates = null;
        this.serialNo = null;
        this.extensions = null;
        this.contents = null;
    }

    public CRL(InputStream inputStream) throws IOException {
        this();
        input(inputStream);
    }

    public CRL(File file) throws IOException {
        this(new FileInputStream(file));
    }

    public CRL(URL url) throws IOException {
        this(url.openStream());
    }

    public CRL(X509 x509) {
        this.tbsCertList = null;
        this.sigAlgID = null;
        this.sigBytes = null;
        this.thisUpdate = new Date();
        this.nextUpdate = null;
        this.revokedCertificates = null;
        this.serialNo = null;
        this.extensions = null;
        this.contents = null;
        setIssuer(x509.getSubject());
        setPublicKey(x509.getPublicKey());
    }

    public CRL(X509 x509, InputStream inputStream) throws IOException {
        this(x509);
        input(inputStream);
    }

    public CRL(X509 x509, File file) throws FileNotFoundException, IOException {
        this(x509);
        FileInputStream fileInputStream = new FileInputStream(file);
        input(fileInputStream);
        fileInputStream.close();
    }

    public CRL(X509 x509, URL url) throws IOException {
        this(x509);
        InputStream openStream = url.openStream();
        input(openStream);
        openStream.close();
    }

    public CRL(X500Name x500Name, PrivateKey privateKey, Date date, Date date2, Vector vector) {
        this(x500Name, privateKey);
        setDates(date, date2);
        setRevokedCertificates(vector);
    }

    public CRL(X500Name x500Name, PrivateKey privateKey, int i) {
        this(x500Name, privateKey);
        if (i > 0) {
            setDates(i);
        }
    }

    public CRL(X500Name x500Name, PrivateKey privateKey, int i, AlgorithmIdentifier algorithmIdentifier) {
        this(x500Name, privateKey, i);
        setSigAlgID(algorithmIdentifier);
    }

    public CRL(X500Name x500Name, PrivateKey privateKey) {
        this.tbsCertList = null;
        this.sigAlgID = null;
        this.sigBytes = null;
        this.thisUpdate = new Date();
        this.nextUpdate = null;
        this.revokedCertificates = null;
        this.serialNo = null;
        this.extensions = null;
        this.contents = null;
        setIssuer(x500Name);
        setPrivateKey(privateKey);
    }

    public void setIssuer(X500Name x500Name) {
        this.issuer = x500Name;
        reset();
    }

    public void setIssuerCertificate(X509 x509) {
        this.issuerCert = x509;
        if (this.issuer == null) {
            this.issuer = x509.getSubject();
        }
        setPublicKey(x509.getPublicKey());
    }

    public X500Name getIssuer() {
        return this.issuer;
    }

    public void setPublicKey(PublicKey publicKey) {
        this.pubKey = publicKey;
    }

    public void setPrivateKey(PrivateKey privateKey) {
        setPrivateKey(privateKey, null);
    }

    public void setPrivateKey(PrivateKey privateKey, AlgorithmIdentifier algorithmIdentifier) {
        this.privKey = privateKey;
        setSigAlgID(algorithmIdentifier);
    }

    public void setSigAlgID(AlgorithmIdentifier algorithmIdentifier) {
        this.sigAlgID = algorithmIdentifier;
        reset();
    }

    public Date getDate() {
        return this.thisUpdate;
    }

    public Date getNextDate() {
        return this.nextUpdate;
    }

    public Vector getRevokedCertificates() {
        Vector vector = null;
        if (this.revokedCertificates != null) {
            vector = new Vector();
            Enumeration elements = this.serialNo.elements();
            while (elements.hasMoreElements()) {
                vector.addElement(this.revokedCertificates.get(elements.nextElement()));
            }
        }
        return vector;
    }

    public Enumeration revokedSerialNos() {
        return this.serialNo != null ? this.serialNo.elements() : new Vector().elements();
    }

    public void setRevokedCertificates(Vector vector) {
        if (vector == null || vector.size() <= 0) {
            return;
        }
        this.revokedCertificates = new Hashtable();
        this.serialNo = new Vector();
        Enumeration elements = vector.elements();
        while (elements.hasMoreElements()) {
            RevokedCertificate revokedCertificate = (RevokedCertificate) elements.nextElement();
            if (this.revokedCertificates.put(revokedCertificate.getSerialNo(), revokedCertificate) != null) {
                this.serialNo.removeElement(revokedCertificate.getSerialNo());
            }
            this.serialNo.addElement(revokedCertificate.getSerialNo());
        }
        reset();
    }

    public void setDate(Date date) {
        this.thisUpdate = date;
        reset();
    }

    public void setDates(Date date, Date date2) {
        this.thisUpdate = date;
        this.nextUpdate = date2;
        reset();
    }

    public void setDates(int i) {
        setDates(new Date(), Utils.daysFromNow(i));
    }

    public void addCertificate(BigInteger bigInteger) {
        addCertificate(bigInteger, new Date());
    }

    public void addCertificate(BigInteger bigInteger, Date date) {
        addCertificate(new RevokedCertificate(bigInteger, date));
    }

    public void addCertificate(RevokedCertificate revokedCertificate) {
        if (this.revokedCertificates == null) {
            this.revokedCertificates = new Hashtable();
            this.serialNo = new Vector();
        }
        if (this.revokedCertificates.put(revokedCertificate.getSerialNo(), revokedCertificate) != null) {
            this.serialNo.removeElement(revokedCertificate.getSerialNo());
        }
        this.serialNo.addElement(revokedCertificate.getSerialNo());
        reset();
    }

    public X509ExtensionSet getExtensionSet() {
        return this.extensions;
    }

    public X509Extension getExtension(ASN1ObjectID aSN1ObjectID) {
        if (this.extensions != null) {
            return this.extensions.getExtension(aSN1ObjectID);
        }
        return null;
    }

    public void setExtensions(X509ExtensionSet x509ExtensionSet) {
        this.extensions = x509ExtensionSet;
        reset();
    }

    public void addExtension(X509Extension x509Extension) {
        if (this.extensions == null) {
            this.extensions = new X509ExtensionSet();
        }
        this.extensions.addExtension(x509Extension);
        reset();
    }

    public RevokedCertificate getRevokedCertificate(BigInteger bigInteger) {
        if (this.revokedCertificates != null) {
            return (RevokedCertificate) this.revokedCertificates.get(bigInteger);
        }
        return null;
    }

    public Date revocationDate(BigInteger bigInteger) {
        RevokedCertificate revokedCertificate = getRevokedCertificate(bigInteger);
        if (revokedCertificate != null) {
            return revokedCertificate.getRevocationDate();
        }
        return null;
    }

    public boolean isRevoked(BigInteger bigInteger) {
        return getRevokedCertificate(bigInteger) != null;
    }

    public boolean hasUnrecognizedCriticalExtension() {
        X509ExtensionSet extensionSet;
        if (this.extensions != null && this.extensions.hasUnrecognizedCriticalExtension()) {
            return true;
        }
        if (this.revokedCertificates == null) {
            return false;
        }
        Enumeration revokedSerialNos = revokedSerialNos();
        while (revokedSerialNos.hasMoreElements()) {
            RevokedCertificate revokedCertificate = getRevokedCertificate((BigInteger) revokedSerialNos.nextElement());
            if (revokedCertificate != null && (extensionSet = revokedCertificate.getExtensionSet()) != null && extensionSet.hasUnrecognizedCriticalExtension()) {
                return true;
            }
        }
        return false;
    }

    public boolean verify() throws AuthenticationException {
        return !hasUnrecognizedCriticalExtension() && verifyDate() && verifySignature();
    }

    public boolean verifyDate() {
        Date date = new Date();
        if (date.before(this.thisUpdate)) {
            return false;
        }
        return this.nextUpdate == null || !date.after(this.nextUpdate);
    }

    public boolean verifySignature() throws AuthenticationException {
        try {
            return CryptoUtils.verifySignedASN1(toASN1Sequence(), this.pubKey);
        } catch (SignatureException e) {
            throw new AuthenticationException(e.toString());
        }
    }

    public void sign() throws SignatureException {
        sign(RandomBitsSource.getDefault());
    }

    public void sign(RandomBitsSource randomBitsSource) throws SignatureException {
        ASN1Sequence tBSCertList = getTBSCertList();
        try {
            try {
                Signature signature = Signature.getInstance(this.sigAlgID);
                signature.setPrivateKey(this.privKey);
                signature.setRandomBitsSource(randomBitsSource);
                signature.setDocument(Utils.toBytes(tBSCertList));
                this.sigBytes = signature.sign();
                resetContents();
            } catch (AlgorithmIdentifierException e) {
                throw new SignatureException(e.toString());
            } catch (InvalidKeyException e2) {
                throw new SignatureException(e2.toString());
            }
        } catch (Throwable th) {
            resetContents();
            throw th;
        }
    }

    public byte[] getSigBytes() throws SignatureException {
        if (this.sigBytes == null) {
            sign();
        }
        return this.sigBytes;
    }

    private ASN1Sequence getTBSCertList() {
        if (this.tbsCertList == null) {
            ASN1Sequence aSN1Sequence = new ASN1Sequence();
            if (this.extensions != null && this.extensions.size() > 0) {
                aSN1Sequence.addElement(new ASN1Integer(1L));
            } else if (this.revokedCertificates != null && this.revokedCertificates.size() > 0) {
                Enumeration elements = this.serialNo.elements();
                while (true) {
                    if (!elements.hasMoreElements()) {
                        break;
                    }
                    RevokedCertificate revokedCertificate = (RevokedCertificate) this.revokedCertificates.get(elements.nextElement());
                    if (revokedCertificate.getExtensions() != null && revokedCertificate.getExtensions().size() > 0) {
                        aSN1Sequence.addElement(new ASN1Integer(1L));
                        break;
                    }
                }
            }
            if (this.sigAlgID == null) {
                try {
                    this.sigAlgID = Signature.getInstance(this.privKey).getAlgID();
                } catch (NullPointerException e) {
                    throw new IllegalStateException("Issuer signing key must be set befor output");
                } catch (SignatureException e2) {
                    throw new IllegalStateException(e2.toString());
                }
            }
            aSN1Sequence.addElement(this.sigAlgID);
            aSN1Sequence.addElement(this.issuer);
            Calendar calendar = Calendar.getInstance();
            calendar.setTime(this.thisUpdate);
            aSN1Sequence.addElement(new ASN1Date(this.thisUpdate, calendar.get(1) > 2049));
            if (this.nextUpdate != null) {
                Calendar calendar2 = Calendar.getInstance();
                calendar2.setTime(this.nextUpdate);
                aSN1Sequence.addElement(new ASN1Date(this.nextUpdate, calendar2.get(1) > 2049));
            }
            if (this.revokedCertificates != null && this.revokedCertificates.size() > 0) {
                ASN1Sequence aSN1Sequence2 = new ASN1Sequence();
                Enumeration elements2 = this.serialNo.elements();
                while (elements2.hasMoreElements()) {
                    aSN1Sequence2.addElement((RevokedCertificate) this.revokedCertificates.get(elements2.nextElement()));
                }
                aSN1Sequence.addElement(aSN1Sequence2);
            }
            if (this.extensions != null && this.extensions.size() > 0) {
                aSN1Sequence.addElement(new ASN1GenericConstructed(this.extensions, 0));
            }
            this.tbsCertList = aSN1Sequence;
        }
        return this.tbsCertList;
    }

    private ASN1Sequence toASN1Sequence() throws SignatureException {
        if (this.contents == null) {
            ASN1Sequence aSN1Sequence = new ASN1Sequence();
            aSN1Sequence.addElement(getTBSCertList());
            aSN1Sequence.addElement(this.sigAlgID);
            aSN1Sequence.addElement(new ASN1BitString(getSigBytes()));
            this.contents = aSN1Sequence;
        }
        return this.contents;
    }

    public void output(OutputStream outputStream) throws IOException {
        try {
            toASN1Sequence().output(outputStream);
        } catch (SignatureException e) {
            throw new OutputGenerationException(e.toString());
        }
    }

    public void input(InputStream inputStream) throws IOException {
        reset();
        ASN1SequenceInputStream aSN1SequenceInputStream = new ASN1SequenceInputStream(inputStream);
        this.tbsCertList = new ASN1Sequence(aSN1SequenceInputStream);
        this.sigAlgID = new AlgorithmIdentifier(aSN1SequenceInputStream);
        this.sigBytes = ASN1BitString.inputValue(aSN1SequenceInputStream);
        aSN1SequenceInputStream.terminate();
        ASN1SequenceInputStream aSN1SequenceInputStream2 = new ASN1SequenceInputStream(Utils.toStream(this.tbsCertList));
        if (aSN1SequenceInputStream2.getCurrentTag() == 2) {
            ASN1Integer.inputValue(aSN1SequenceInputStream2);
        }
        if (!new AlgorithmIdentifier(aSN1SequenceInputStream2).equals(this.sigAlgID)) {
            throw new IOException("Inconsistent signature algorithm IDs");
        }
        X500Name x500Name = new X500Name((InputStream) aSN1SequenceInputStream2);
        if (this.issuer == null) {
            this.issuer = x500Name;
        } else if (!this.issuer.equals(x500Name)) {
            throw new IOException(new StringBuffer().append("Expected issuer {").append(this.issuer).append("}, got issuer {").append(x500Name).append("}").toString());
        }
        this.thisUpdate = ASN1Date.inputValue(aSN1SequenceInputStream2);
        if (aSN1SequenceInputStream2.getCurrentTag() == 23 || aSN1SequenceInputStream2.getCurrentTag() == 24) {
            this.nextUpdate = ASN1Date.inputValue(aSN1SequenceInputStream2);
        } else {
            this.nextUpdate = null;
        }
        if (aSN1SequenceInputStream2.getCurrentTag() == 16) {
            ASN1SequenceInputStream aSN1SequenceInputStream3 = new ASN1SequenceInputStream(aSN1SequenceInputStream2);
            this.revokedCertificates = new Hashtable();
            this.serialNo = new Vector();
            while (aSN1SequenceInputStream3.hasMoreData()) {
                RevokedCertificate revokedCertificate = new RevokedCertificate(aSN1SequenceInputStream3);
                if (this.revokedCertificates.put(revokedCertificate.getSerialNo(), revokedCertificate) != null) {
                    this.serialNo.removeElement(revokedCertificate.getSerialNo());
                }
                this.serialNo.addElement(revokedCertificate.getSerialNo());
            }
            aSN1SequenceInputStream3.terminate();
        } else {
            this.revokedCertificates = null;
            this.serialNo = null;
        }
        if (aSN1SequenceInputStream2.getCurrentTag() == 0) {
            ASN1ConstructedInputStream aSN1ConstructedInputStream = new ASN1ConstructedInputStream(aSN1SequenceInputStream2);
            this.extensions = new X509ExtensionSet((InputStream) aSN1ConstructedInputStream);
            aSN1ConstructedInputStream.terminate();
        } else {
            this.extensions = null;
        }
        aSN1SequenceInputStream2.terminate();
    }

    private void reset() {
        resetContents();
        this.tbsCertList = null;
        this.sigBytes = null;
    }

    private void resetContents() {
        this.contents = null;
    }

    public int length() {
        try {
            return toASN1Sequence().length();
        } catch (SignatureException e) {
            throw new StreamableOutputException(e.toString());
        }
    }

    public boolean equals(Object obj) {
        if (obj == null || !(obj instanceof CRL)) {
            return false;
        }
        return equals((CRL) obj);
    }

    private boolean equals(CRL crl) {
        return Utils.areEqual(Utils.toBytes(this), Utils.toBytes(crl));
    }

    public String toString() {
        String stringBuffer = new StringBuffer().append("issuer = ").append(this.issuer).append(", thisUpdate = ").append(this.thisUpdate).toString();
        if (this.nextUpdate != null) {
            stringBuffer = new StringBuffer().append(stringBuffer).append(", nextUpdate = ").append(this.nextUpdate).toString();
        }
        String stringBuffer2 = new StringBuffer().append(stringBuffer).append(", revokedCertificates = {").toString();
        Enumeration elements = this.serialNo.elements();
        while (elements.hasMoreElements()) {
            stringBuffer2 = new StringBuffer().append(stringBuffer2).append("(").append((RevokedCertificate) this.revokedCertificates.get(elements.nextElement())).append(")").toString();
            if (elements.hasMoreElements()) {
                stringBuffer2 = new StringBuffer().append(stringBuffer2).append(", ").toString();
            }
        }
        String stringBuffer3 = new StringBuffer().append(stringBuffer2).append("}").toString();
        if (this.extensions != null && this.extensions.size() > 0) {
            stringBuffer3 = new StringBuffer().append(stringBuffer3).append(", extensions = ").append(this.extensions).toString();
        }
        return stringBuffer3;
    }

    public byte[] getEncoded() {
        try {
            return Utils.toBytes(toASN1Sequence());
        } catch (SignatureException e) {
            throw new StreamableOutputException(e.toString());
        }
    }

    @Override // java.io.Externalizable
    public void writeExternal(ObjectOutput objectOutput) throws IOException {
        objectOutput.writeObject(Utils.toBytes(this));
    }

    @Override // java.io.Externalizable
    public void readExternal(ObjectInput objectInput) throws IOException, ClassNotFoundException {
        try {
            input(new UnsyncByteArrayInputStream((byte[]) objectInput.readObject()));
        } catch (ClassCastException e) {
            throw new InvalidInputException(e);
        }
    }
}
