package com.yessign.fido.jce.provider;

import com.yessign.fido.asn1.ASN1Sequence;
import com.yessign.fido.asn1.DEREnumerated;
import com.yessign.fido.asn1.DERInteger;
import com.yessign.fido.asn1.DERObject;
import com.yessign.fido.asn1.DERObjectIdentifier;
import com.yessign.fido.asn1.DEROutputStream;
import com.yessign.fido.asn1.x509.AuthorityKeyIdentifier;
import com.yessign.fido.asn1.x509.CRLEntry;
import com.yessign.fido.asn1.x509.CRLNumber;
import com.yessign.fido.asn1.x509.CRLReason;
import com.yessign.fido.asn1.x509.CertificateList;
import com.yessign.fido.asn1.x509.GeneralNames;
import com.yessign.fido.asn1.x509.IssuingDistributionPoint;
import com.yessign.fido.asn1.x509.X509Extension;
import com.yessign.fido.asn1.x509.X509Extensions;
import com.yessign.fido.jce.X509Principal;
import com.yessign.fido.util.ASN1Dump;
import com.yessign.fido.util.Hex;
import com.yessign.fido.util.Strings;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import m8.b;

/* loaded from: classes.dex */
public class X509CRLObject extends X509CRL {

    /* renamed from: a, reason: collision with root package name */
    private CertificateList f4384a;

    public X509CRLObject(CertificateList certificateList) {
        this.f4384a = certificateList;
    }

    private Set a(boolean z10) {
        if (getVersion() != 2) {
            return null;
        }
        HashSet hashSet = new HashSet();
        X509Extensions extensions = this.f4384a.getTBSCertList().getExtensions();
        Enumeration oids = extensions.oids();
        while (oids.hasMoreElements()) {
            DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) oids.nextElement();
            if (z10 == extensions.getExtension(dERObjectIdentifier).isCritical()) {
                hashSet.add(dERObjectIdentifier.getId());
            }
        }
        return hashSet;
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        return a(true);
    }

    @Override // java.security.cert.X509CRL
    public byte[] getEncoded() throws CRLException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
        try {
            dEROutputStream.writeObject(this.f4384a);
            dEROutputStream.flush();
            dEROutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e2) {
            throw new CRLException(e2.toString());
        }
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        X509Extension extension;
        X509Extensions extensions = this.f4384a.getTBSCertList().getExtensions();
        if (extensions == null || (extension = extensions.getExtension(new DERObjectIdentifier(str))) == null) {
            return null;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
        try {
            dEROutputStream.writeObject(extension.getValue());
            dEROutputStream.flush();
            dEROutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e2) {
            throw new RuntimeException(b.t(e2, new StringBuilder("error encoding ")));
        }
    }

    @Override // java.security.cert.X509CRL
    public Principal getIssuerDN() {
        return new X509Principal(this.f4384a.getIssuer());
    }

    @Override // java.security.cert.X509CRL
    public X500Principal getIssuerX500Principal() {
        try {
            return new X500Principal(this.f4384a.getIssuer().getEncoded());
        } catch (IOException e2) {
            throw new RuntimeException(e2);
        }
    }

    @Override // java.security.cert.X509CRL
    public Date getNextUpdate() {
        if (this.f4384a.getNextUpdate() != null) {
            return this.f4384a.getNextUpdate().getDate();
        }
        return null;
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        return a(false);
    }

    @Override // java.security.cert.X509CRL
    public X509CRLEntry getRevokedCertificate(BigInteger bigInteger) {
        CRLEntry[] revokedCertificates = this.f4384a.getRevokedCertificates();
        if (revokedCertificates == null) {
            return null;
        }
        for (int i2 = 0; i2 < revokedCertificates.length; i2++) {
            if (revokedCertificates[i2].getUserCertificate().getValue().equals(bigInteger)) {
                return new X509CRLEntryObject(revokedCertificates[i2]);
            }
        }
        return null;
    }

    @Override // java.security.cert.X509CRL
    public Set getRevokedCertificates() {
        CRLEntry[] revokedCertificates = this.f4384a.getRevokedCertificates();
        if (revokedCertificates == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        for (CRLEntry cRLEntry : revokedCertificates) {
            hashSet.add(new X509CRLEntryObject(cRLEntry));
        }
        return hashSet;
    }

    @Override // java.security.cert.X509CRL
    public String getSigAlgName() {
        String property = Security.getProvider(yessignProvider.PROVIDER).getProperty("Alg.Alias.Signature." + getSigAlgOID());
        if (property != null) {
            return property;
        }
        Provider[] providers = Security.getProviders();
        for (int i2 = 0; i2 != providers.length; i2++) {
            String property2 = providers[i2].getProperty("Alg.Alias.Signature." + getSigAlgOID());
            if (property2 != null) {
                return property2;
            }
        }
        return getSigAlgOID();
    }

    @Override // java.security.cert.X509CRL
    public String getSigAlgOID() {
        return this.f4384a.getSignatureAlgorithm().getObjectId().getId();
    }

    @Override // java.security.cert.X509CRL
    public byte[] getSigAlgParams() {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        if (this.f4384a.getSignatureAlgorithm().getParameters() == null) {
            return null;
        }
        try {
            DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
            dEROutputStream.writeObject(this.f4384a.getSignatureAlgorithm().getParameters());
            dEROutputStream.flush();
            dEROutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e2) {
            throw new RuntimeException("exception getting sig parameters " + e2);
        }
    }

    @Override // java.security.cert.X509CRL
    public byte[] getSignature() {
        return this.f4384a.getSignature().getBytes();
    }

    @Override // java.security.cert.X509CRL
    public byte[] getTBSCertList() throws CRLException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
        try {
            dEROutputStream.writeObject(this.f4384a.getTBSCertList());
            dEROutputStream.flush();
            dEROutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e2) {
            throw new CRLException(e2.toString());
        }
    }

    @Override // java.security.cert.X509CRL
    public Date getThisUpdate() {
        return this.f4384a.getThisUpdate().getDate();
    }

    @Override // java.security.cert.X509CRL
    public int getVersion() {
        return this.f4384a.getVersion();
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        Set criticalExtensionOIDs = getCriticalExtensionOIDs();
        return (criticalExtensionOIDs == null || criticalExtensionOIDs.isEmpty()) ? false : true;
    }

    @Override // java.security.cert.CRL
    public boolean isRevoked(Certificate certificate) {
        if (!certificate.getType().equals("X.509")) {
            throw new RuntimeException("X.509 CRL used with non X.509 Cert");
        }
        CRLEntry[] revokedCertificates = this.f4384a.getRevokedCertificates();
        if (revokedCertificates != null) {
            BigInteger serialNumber = ((X509Certificate) certificate).getSerialNumber();
            for (CRLEntry cRLEntry : revokedCertificates) {
                if (cRLEntry.getUserCertificate().getValue().equals(serialNumber)) {
                    return true;
                }
            }
        }
        return false;
    }

    @Override // java.security.cert.CRL
    public String toString() {
        StringBuilder sb2;
        String str;
        StringBuilder sb3;
        String str2;
        StringBuilder sb4;
        StringBuilder sb5 = new StringBuilder("==== X.509 CRL ====");
        String str3 = Strings.NL;
        sb5.append(str3);
        StringBuffer stringBuffer = new StringBuffer(sb5.toString());
        stringBuffer.append("            <Version>: " + getVersion() + str3);
        stringBuffer.append("<Signature Algorithm>: " + getSigAlgName() + str3);
        stringBuffer.append("           <IssuerDN>: " + getIssuerDN() + str3);
        stringBuffer.append("   <This Update Date>: " + getThisUpdate() + str3);
        stringBuffer.append("   <Next Update Date>: " + getNextUpdate() + str3);
        StringBuilder sb6 = new StringBuilder("   <<폐지된 인증서 목록>>  ");
        sb6.append(str3);
        stringBuffer.append(sb6.toString());
        CRLEntry[] revokedCertificates = this.f4384a.getRevokedCertificates();
        if (revokedCertificates != null) {
            int i2 = 0;
            while (i2 < revokedCertificates.length) {
                StringBuilder sb7 = new StringBuilder();
                int i6 = i2 + 1;
                sb7.append(i6);
                sb7.append(" 번째 폐지 인증서");
                String str4 = Strings.NL;
                sb7.append(str4);
                stringBuffer.append(sb7.toString());
                stringBuffer.append("- 인증서 serial : " + revokedCertificates[i2].getUserCertificate().getValue().intValue() + str4);
                stringBuffer.append("- 폐지 날짜     : " + revokedCertificates[i2].getRevocationDate().getDate() + str4);
                StringBuilder sb8 = new StringBuilder("- CRL Entry 확장 : ");
                sb8.append(str4);
                stringBuffer.append(sb8.toString());
                X509Extensions extensions = revokedCertificates[i2].getExtensions();
                if (extensions != null) {
                    Enumeration oids = extensions.oids();
                    while (oids.hasMoreElements()) {
                        DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) oids.nextElement();
                        X509Extension extension = extensions.getExtension(dERObjectIdentifier);
                        if (extension.getValue() != null) {
                            byte[] octets = extension.getValue().getOctets();
                            stringBuffer.append("    - critical(" + extension.isCritical() + ") ");
                            try {
                                DERObject dERObject = DERObject.getInstance(octets);
                                if (dERObjectIdentifier.equals(X509Extensions.ReasonCode)) {
                                    sb4 = new StringBuilder();
                                    sb4.append(new CRLReason((DEREnumerated) dERObject));
                                    sb4.append(Strings.NL);
                                } else if (dERObjectIdentifier.equals(X509Extensions.CertificateIssuer)) {
                                    StringBuilder sb9 = new StringBuilder("joint-iso-itu-t(2) ds(5) certificateExtension(29) certificateIssuer(21): ");
                                    String str5 = Strings.NL;
                                    sb9.append(str5);
                                    stringBuffer.append(sb9.toString());
                                    sb4 = new StringBuilder();
                                    sb4.append(new GeneralNames((ASN1Sequence) dERObject));
                                    sb4.append(str5);
                                } else {
                                    StringBuilder sb10 = new StringBuilder();
                                    sb10.append(dERObjectIdentifier.getId());
                                    String str6 = Strings.NL;
                                    sb10.append(str6);
                                    stringBuffer.append(sb10.toString());
                                    sb4 = new StringBuilder("                 - value = ");
                                    sb4.append(str6);
                                    sb4.append(ASN1Dump.dumpAsString(dERObject));
                                    sb4.append(str6);
                                }
                                stringBuffer.append(sb4.toString());
                            } catch (IOException unused) {
                                StringBuilder sb11 = new StringBuilder();
                                sb11.append(dERObjectIdentifier.getId());
                                String str7 = Strings.NL;
                                sb11.append(str7);
                                stringBuffer.append(sb11.toString());
                                str2 = "                 - value = IOException 발생" + str7;
                            }
                        } else {
                            str2 = Strings.NL;
                        }
                        stringBuffer.append(str2);
                    }
                }
                i2 = i6;
            }
        }
        X509Extensions extensions2 = this.f4384a.getTBSCertList().getExtensions();
        if (extensions2 != null) {
            Enumeration oids2 = extensions2.oids();
            if (oids2.hasMoreElements()) {
                stringBuffer.append("   << Extensions >>: " + Strings.NL);
            }
            while (oids2.hasMoreElements()) {
                DERObjectIdentifier dERObjectIdentifier2 = (DERObjectIdentifier) oids2.nextElement();
                X509Extension extension2 = extensions2.getExtension(dERObjectIdentifier2);
                if (extension2.getValue() != null) {
                    byte[] octets2 = extension2.getValue().getOctets();
                    stringBuffer.append("                 - critical(" + extension2.isCritical() + ") ");
                    try {
                        DERObject dERObject2 = DERObject.getInstance(octets2);
                        if (dERObjectIdentifier2.equals(X509Extensions.AuthorityKeyIdentifier)) {
                            sb3 = new StringBuilder();
                            sb3.append(new AuthorityKeyIdentifier((ASN1Sequence) dERObject2));
                            sb3.append(Strings.NL);
                        } else if (dERObjectIdentifier2.equals(X509Extensions.IssuerAlternativeName)) {
                            StringBuilder sb12 = new StringBuilder("joint-iso-itu-t(2) ds(5) certificateExtension(29) issuerAltName(18): ");
                            String str8 = Strings.NL;
                            sb12.append(str8);
                            stringBuffer.append(sb12.toString());
                            sb3 = new StringBuilder();
                            sb3.append(ASN1Dump.dumpAsString(dERObject2));
                            sb3.append(str8);
                        } else if (dERObjectIdentifier2.equals(X509Extensions.CRLNumber)) {
                            sb3 = new StringBuilder();
                            sb3.append(new CRLNumber(((DERInteger) dERObject2).getPositiveValue()));
                            sb3.append(Strings.NL);
                        } else if (dERObjectIdentifier2.equals(X509Extensions.DeltaCRLIndicator)) {
                            StringBuilder sb13 = new StringBuilder("joint-iso-itu-t(2) ds(5) certificateExtension(29) deltaCRLIndicator(27): ");
                            String str9 = Strings.NL;
                            sb13.append(str9);
                            stringBuffer.append(sb13.toString());
                            sb3 = new StringBuilder();
                            sb3.append(ASN1Dump.dumpAsString(dERObject2));
                            sb3.append(str9);
                        } else if (dERObjectIdentifier2.equals(X509Extensions.IssuingDistributionPoint)) {
                            sb3 = new StringBuilder();
                            sb3.append(new IssuingDistributionPoint((ASN1Sequence) dERObject2));
                            sb3.append(Strings.NL);
                        } else if (dERObjectIdentifier2.equals(X509Extensions.FreshestCRL)) {
                            StringBuilder sb14 = new StringBuilder("joint-iso-itu-t(2) ds(5) certificateExtension(29) FreshestCRL(46): ");
                            String str10 = Strings.NL;
                            sb14.append(str10);
                            stringBuffer.append(sb14.toString());
                            sb3 = new StringBuilder();
                            sb3.append(ASN1Dump.dumpAsString(dERObject2));
                            sb3.append(str10);
                        } else {
                            StringBuilder sb15 = new StringBuilder();
                            sb15.append(dERObjectIdentifier2.getId());
                            String str11 = Strings.NL;
                            sb15.append(str11);
                            stringBuffer.append(sb15.toString());
                            sb3 = new StringBuilder("                 - value = ");
                            sb3.append(str11);
                            sb3.append(ASN1Dump.dumpAsString(dERObject2));
                            sb3.append(str11);
                        }
                        stringBuffer.append(sb3.toString());
                    } catch (IOException unused2) {
                        StringBuilder sb16 = new StringBuilder();
                        sb16.append(dERObjectIdentifier2.getId());
                        String str12 = Strings.NL;
                        sb16.append(str12);
                        stringBuffer.append(sb16.toString());
                        stringBuffer.append("                 - value = IOException 발생" + str12);
                    }
                } else {
                    stringBuffer.append(Strings.NL);
                }
            }
        }
        StringBuilder sb17 = new StringBuilder("<Signature Algorithm>: ");
        sb17.append(getSigAlgName());
        String str13 = Strings.NL;
        sb17.append(str13);
        stringBuffer.append(sb17.toString());
        byte[] signature = getSignature();
        stringBuffer.append("          <Signature>: " + new String(Hex.encode(signature, 0, 20)) + str13);
        for (int i7 = 20; i7 < signature.length; i7 += 20) {
            if (i7 < signature.length - 20) {
                sb2 = new StringBuilder("                       ");
                str = new String(Hex.encode(signature, i7, 20));
            } else {
                sb2 = new StringBuilder("                       ");
                str = new String(Hex.encode(signature, i7, signature.length - i7));
            }
            sb2.append(str);
            sb2.append(Strings.NL);
            stringBuffer.append(sb2.toString());
        }
        return stringBuffer.toString();
    }

    @Override // java.security.cert.X509CRL
    public void verify(PublicKey publicKey) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        verify(publicKey, yessignProvider.PROVIDER);
    }

    @Override // java.security.cert.X509CRL
    public void verify(PublicKey publicKey, String str) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        if (!this.f4384a.getSignatureAlgorithm().equals(this.f4384a.getTBSCertList().getSignature())) {
            throw new CRLException("Signature algorithm on CertifcateList does not match TBSCertList.");
        }
        Signature signature = Signature.getInstance(getSigAlgName(), str);
        signature.initVerify(publicKey);
        signature.update(getTBSCertList());
        if (!signature.verify(getSignature())) {
            throw new SignatureException("CRL does not verify with supplied public key.");
        }
    }
}
