package com.aspose.html.utils;

import com.aspose.html.utils.aFK;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.x500.X500Principal;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/aspose/html/utils/baN.class */
public class baN extends X509CRL {
    private final Provider mhe;
    private final aEW mhf;
    private final String mhg;
    private final byte[] mhh;
    private final boolean mhi;
    private volatile boolean isHashCodeSet = false;
    private volatile int hashCodeValue;

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isIndirectCRL(X509CRL x509crl) throws CRLException {
        try {
            byte[] extensionValue = x509crl.getExtensionValue(C1350aFf.kmu.getId());
            if (extensionValue != null) {
                if (C1360aFp.hp(AbstractC3170axa.bK(extensionValue).getOctets()).isIndirectCRL()) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            throw new CRLException("Exception reading IssuingDistributionPoint", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public baN(Provider provider, aEW aew) throws CRLException {
        this.mhe = provider;
        this.mhf = aew;
        try {
            this.mhg = baQ.v(aew.aYn());
            if (aew.aYn().bdx() != null) {
                this.mhh = aew.aYn().bdx().aVV().getEncoded("DER");
            } else {
                this.mhh = null;
            }
            this.mhi = isIndirectCRL(this);
        } catch (Exception e) {
            throw new CRLException("CRL contents invalid: " + e);
        }
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        Set criticalExtensionOIDs = getCriticalExtensionOIDs();
        if (criticalExtensionOIDs == null) {
            return false;
        }
        criticalExtensionOIDs.removeAll(baH.mgY);
        return !criticalExtensionOIDs.isEmpty();
    }

    private Set getExtensionOIDs(boolean z) {
        C1351aFg aZT;
        if (getVersion() != 2 || (aZT = this.mhf.beG().aZT()) == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        Enumeration oids = aZT.oids();
        while (oids.hasMoreElements()) {
            C3116awZ c3116awZ = (C3116awZ) oids.nextElement();
            if (z == aZT.q(c3116awZ).isCritical()) {
                hashSet.add(c3116awZ.getId());
            }
        }
        return hashSet;
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        return getExtensionOIDs(true);
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        return getExtensionOIDs(false);
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        C1350aFf q;
        C1351aFg aZT = this.mhf.beG().aZT();
        if (aZT == null || (q = aZT.q(new C3116awZ(str))) == null) {
            return null;
        }
        try {
            return q.beU().getEncoded();
        } catch (Exception e) {
            throw new IllegalStateException("error parsing " + e.toString());
        }
    }

    @Override // java.security.cert.X509CRL
    public byte[] getEncoded() throws CRLException {
        try {
            return this.mhf.getEncoded("DER");
        } catch (IOException e) {
            throw new CRLException(e.toString());
        }
    }

    @Override // java.security.cert.X509CRL
    public void verify(PublicKey publicKey) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        Signature signature;
        try {
            signature = Signature.getInstance(getSigAlgName(), this.mhe);
        } catch (Exception e) {
            signature = Signature.getInstance(getSigAlgName());
        }
        doVerify(publicKey, signature);
    }

    @Override // java.security.cert.X509CRL
    public void verify(PublicKey publicKey, String str) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        doVerify(publicKey, str != null ? Signature.getInstance(getSigAlgName(), str) : Signature.getInstance(getSigAlgName()));
    }

    @Override // java.security.cert.X509CRL
    public void verify(PublicKey publicKey, Provider provider) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        doVerify(publicKey, provider != null ? Signature.getInstance(getSigAlgName(), provider) : Signature.getInstance(getSigAlgName()));
    }

    private void doVerify(PublicKey publicKey, Signature signature) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        if (!this.mhf.aYn().equals(this.mhf.beG().bew())) {
            throw new CRLException("Signature algorithm on CertificateList does not match TBSCertList.");
        }
        if (this.mhh != null) {
            try {
                baQ.a(signature, AbstractC3174axe.aP(this.mhh));
            } catch (IOException e) {
                throw new SignatureException("cannot decode signature parameters: " + e.getMessage());
            }
        }
        signature.initVerify(publicKey);
        signature.update(getTBSCertList());
        if (!signature.verify(getSignature())) {
            throw new SignatureException("CRL does not verify with supplied public key.");
        }
    }

    @Override // java.security.cert.X509CRL
    public int getVersion() {
        return this.mhf.getVersionNumber();
    }

    @Override // java.security.cert.X509CRL
    public Principal getIssuerDN() {
        return getIssuerX500Principal();
    }

    @Override // java.security.cert.X509CRL
    public X500Principal getIssuerX500Principal() {
        try {
            return new X500Principal(this.mhf.aZN().getEncoded());
        } catch (IOException e) {
            throw new IllegalStateException("can't encode issuer DN");
        }
    }

    @Override // java.security.cert.X509CRL
    public Date getThisUpdate() {
        return this.mhf.beI().getDate();
    }

    @Override // java.security.cert.X509CRL
    public Date getNextUpdate() {
        if (this.mhf.beJ() != null) {
            return this.mhf.beJ().getDate();
        }
        return null;
    }

    private Set loadCRLEntries() {
        C1350aFf q;
        HashSet hashSet = new HashSet();
        Enumeration revokedCertificateEnumeration = this.mhf.getRevokedCertificateEnumeration();
        C1342aEy c1342aEy = null;
        while (revokedCertificateEnumeration.hasMoreElements()) {
            aFK.a aVar = (aFK.a) revokedCertificateEnumeration.nextElement();
            hashSet.add(new baM(aVar, this.mhi, c1342aEy));
            if (this.mhi && aVar.hasExtensions() && (q = aVar.aZT().q(C1350aFf.kmv)) != null) {
                c1342aEy = C1342aEy.gI(C1354aFj.hk(q.beV()).bfa()[0].beR());
            }
        }
        return hashSet;
    }

    @Override // java.security.cert.X509CRL
    public X509CRLEntry getRevokedCertificate(BigInteger bigInteger) {
        C1350aFf q;
        Enumeration revokedCertificateEnumeration = this.mhf.getRevokedCertificateEnumeration();
        C1342aEy c1342aEy = null;
        while (revokedCertificateEnumeration.hasMoreElements()) {
            aFK.a aVar = (aFK.a) revokedCertificateEnumeration.nextElement();
            if (bigInteger.equals(aVar.bfC().getValue())) {
                return new baM(aVar, this.mhi, c1342aEy);
            }
            if (this.mhi && aVar.hasExtensions() && (q = aVar.aZT().q(C1350aFf.kmv)) != null) {
                c1342aEy = C1342aEy.gI(C1354aFj.hk(q.beV()).bfa()[0].beR());
            }
        }
        return null;
    }

    @Override // java.security.cert.X509CRL
    public Set getRevokedCertificates() {
        Set loadCRLEntries = loadCRLEntries();
        if (loadCRLEntries.isEmpty()) {
            return null;
        }
        return Collections.unmodifiableSet(loadCRLEntries);
    }

    @Override // java.security.cert.X509CRL
    public byte[] getTBSCertList() throws CRLException {
        try {
            return this.mhf.beG().getEncoded("DER");
        } catch (IOException e) {
            throw new CRLException(e.toString());
        }
    }

    @Override // java.security.cert.X509CRL
    public byte[] getSignature() {
        return this.mhf.bam().getOctets();
    }

    @Override // java.security.cert.X509CRL
    public String getSigAlgName() {
        return this.mhg;
    }

    @Override // java.security.cert.X509CRL
    public String getSigAlgOID() {
        return this.mhf.aYn().bdw().getId();
    }

    @Override // java.security.cert.X509CRL
    public byte[] getSigAlgParams() {
        if (this.mhh == null) {
            return null;
        }
        byte[] bArr = new byte[this.mhh.length];
        System.arraycopy(this.mhh, 0, bArr, 0, bArr.length);
        return bArr;
    }

    @Override // java.security.cert.CRL
    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        String lineSeparator = C3579bjg.lineSeparator();
        stringBuffer.append("              Version: ").append(getVersion()).append(lineSeparator);
        stringBuffer.append("             IssuerDN: ").append(getIssuerDN()).append(lineSeparator);
        stringBuffer.append("          This update: ").append(getThisUpdate()).append(lineSeparator);
        stringBuffer.append("          Next update: ").append(getNextUpdate()).append(lineSeparator);
        stringBuffer.append("  Signature Algorithm: ").append(getSigAlgName()).append(lineSeparator);
        byte[] signature = getSignature();
        stringBuffer.append("            Signature: ").append(C3579bjg.fromByteArray(C3588bjp.encode(signature, 0, 20))).append(lineSeparator);
        for (int i = 20; i < signature.length; i += 20) {
            if (i < signature.length - 20) {
                stringBuffer.append("                       ").append(C3579bjg.fromByteArray(C3588bjp.encode(signature, i, 20))).append(lineSeparator);
            } else {
                stringBuffer.append("                       ").append(C3579bjg.fromByteArray(C3588bjp.encode(signature, i, signature.length - i))).append(lineSeparator);
            }
        }
        C1351aFg aZT = this.mhf.beG().aZT();
        if (aZT != null) {
            Enumeration oids = aZT.oids();
            if (oids.hasMoreElements()) {
                stringBuffer.append("           Extensions: ").append(lineSeparator);
            }
            while (oids.hasMoreElements()) {
                C3116awZ c3116awZ = (C3116awZ) oids.nextElement();
                C1350aFf q = aZT.q(c3116awZ);
                if (q.beU() != null) {
                    byte[] octets = q.beU().getOctets();
                    stringBuffer.append("                       critical(").append(q.isCritical()).append(") ");
                    try {
                        AbstractC3174axe aP = AbstractC3174axe.aP(octets);
                        if (c3116awZ.equals(C1350aFf.kmp)) {
                            stringBuffer.append(new aES(C3113awW.bH(aP).getPositiveValue())).append(lineSeparator);
                        } else if (c3116awZ.equals(C1350aFf.kmt)) {
                            stringBuffer.append("Base CRL: " + new aES(C3113awW.bH(aP).getPositiveValue())).append(lineSeparator);
                        } else if (c3116awZ.equals(C1350aFf.kmu)) {
                            stringBuffer.append(C1360aFp.hp(aP)).append(lineSeparator);
                        } else if (c3116awZ.equals(C1350aFf.kmx)) {
                            stringBuffer.append(aER.gT(aP)).append(lineSeparator);
                        } else if (c3116awZ.equals(C1350aFf.kmD)) {
                            stringBuffer.append(aER.gT(aP)).append(lineSeparator);
                        } else {
                            stringBuffer.append(c3116awZ.getId());
                            stringBuffer.append(" value = ").append(C1337aEt.dumpAsString(aP)).append(lineSeparator);
                        }
                    } catch (Exception e) {
                        stringBuffer.append(c3116awZ.getId());
                        stringBuffer.append(" value = ").append("*****").append(lineSeparator);
                    }
                } else {
                    stringBuffer.append(lineSeparator);
                }
            }
        }
        Set revokedCertificates = getRevokedCertificates();
        if (revokedCertificates != null) {
            Iterator it = revokedCertificates.iterator();
            while (it.hasNext()) {
                stringBuffer.append(it.next());
                stringBuffer.append(lineSeparator);
            }
        }
        return stringBuffer.toString();
    }

    @Override // java.security.cert.CRL
    public boolean isRevoked(Certificate certificate) {
        C1342aEy aZN;
        C1350aFf q;
        if (!certificate.getType().equals("X.509")) {
            throw new IllegalArgumentException("X.509 CRL used with non X.509 Cert");
        }
        Enumeration revokedCertificateEnumeration = this.mhf.getRevokedCertificateEnumeration();
        C1342aEy aZN2 = this.mhf.aZN();
        if (!revokedCertificateEnumeration.hasMoreElements()) {
            return false;
        }
        BigInteger serialNumber = ((X509Certificate) certificate).getSerialNumber();
        while (revokedCertificateEnumeration.hasMoreElements()) {
            aFK.a hG = aFK.a.hG(revokedCertificateEnumeration.nextElement());
            if (this.mhi && hG.hasExtensions() && (q = hG.aZT().q(C1350aFf.kmv)) != null) {
                aZN2 = C1342aEy.gI(C1354aFj.hk(q.beV()).bfa()[0].beR());
            }
            if (hG.bfC().getValue().equals(serialNumber)) {
                if (certificate instanceof X509Certificate) {
                    aZN = C1342aEy.gI(((X509Certificate) certificate).getIssuerX500Principal().getEncoded());
                } else {
                    try {
                        aZN = aFL.hH(certificate.getEncoded()).aZN();
                    } catch (CertificateEncodingException e) {
                        throw new IllegalArgumentException("Cannot process certificate: " + e.getMessage(), e);
                    }
                }
                return aZN2.equals(aZN);
            }
        }
        return false;
    }

    @Override // java.security.cert.X509CRL
    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (!(obj instanceof X509CRL)) {
            return false;
        }
        if (!(obj instanceof baN)) {
            return super.equals(obj);
        }
        baN ban = (baN) obj;
        if (this.isHashCodeSet && ban.isHashCodeSet && ban.hashCodeValue != this.hashCodeValue) {
            return false;
        }
        return this.mhf.equals(ban.mhf);
    }

    @Override // java.security.cert.X509CRL
    public int hashCode() {
        if (!this.isHashCodeSet) {
            this.hashCodeValue = super.hashCode();
            this.isHashCodeSet = true;
        }
        return this.hashCodeValue;
    }
}
