package cfca.sadk.x509.certificate;

import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.asn1.parser.ASN1Parser;
import cfca.sadk.org.bouncycastle.asn1.x509.CertificateList;
import cfca.sadk.org.bouncycastle.crypto.Digest;
import cfca.sadk.org.bouncycastle.util.io.Streams;
import cfca.sadk.system.FileHelper;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.util.Arrays;
import java.util.HashSet;

/* loaded from: input_file:cfca/sadk/x509/certificate/X509CRL.class */
public class X509CRL extends X509CRLBase {
    byte[] derCRL;
    boolean cachesFinished = false;
    final HashSet caches = new HashSet();

    public X509CRL(byte[] bArr) throws PKIException {
        if (bArr == null) {
            throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": missing derCRL");
        }
        loadEncoding(bArr);
    }

    public X509CRL(CertificateList certificateList) {
        if (certificateList == null) {
            throw new IllegalArgumentException(" missing certList");
        }
        try {
            loadEncoding(certificateList.getEncoded());
        } catch (PKIException e) {
            throw new SecurityException(e.getMessage());
        } catch (Exception e2) {
            throw new SecurityException(PKIException.INIT_CRL_DES + ": " + e2.getMessage());
        } catch (Throwable th) {
            throw new SecurityException(PKIException.INIT_CRL_DES + ": " + th.getMessage());
        }
    }

    public X509CRL(String str) throws PKIException {
        if (str == null) {
            throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": missing crlFilePath");
        }
        try {
            checkJVMXmxMemory(new File(str).length(), 4);
            loadEncoding(FileHelper.read(str));
        } catch (PKIException e) {
            throw e;
        } catch (Exception e2) {
            throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES, e2);
        } catch (Throwable th) {
            throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": " + th.getMessage());
        }
    }

    public X509CRL(InputStream inputStream) throws PKIException {
        if (inputStream == null) {
            throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": missing crlInputStream");
        }
        byte[] bArr = new byte[80];
        int i = 0;
        while (i < 80) {
            try {
                int read = inputStream.read(bArr, r0 + i, 80 - i);
                if (read < 0) {
                    break;
                } else {
                    i += read;
                }
            } catch (PKIException e) {
                throw e;
            } catch (Exception e2) {
                throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": read header of crlFile failure", e2);
            } catch (Throwable th) {
                throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": read header of crlFile failure-->" + th.getMessage());
            }
        }
        if (i != 80) {
            throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": too shortage of crlFile");
        }
        int i2 = CRLLengths.buildLengthsFrom(bArr, 0, 0).asn1Length;
        if (i2 < 80) {
            throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": invalid length of crlFile");
        }
        checkJVMXmxMemory(i2, 4);
        try {
            try {
                byte[] bArr2 = new byte[i2];
                System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
                int i3 = i2 - 80;
                if (Streams.readFully(inputStream, bArr2, 80, i3) != i3) {
                    throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": missing content of crlFile");
                }
                loadEncoding(bArr2);
            } catch (PKIException e3) {
                throw e3;
            } catch (Exception e4) {
                throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": read content of crlFile failure", e4);
            } catch (Throwable th2) {
                throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": read header of crlFile failure-->" + th2.getMessage());
            }
        } finally {
        }
    }

    private final byte[] loadEncoding(byte[] bArr) throws PKIException {
        if (bArr == null) {
            throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": missing derCRL");
        }
        if (bArr.length < 80 || !ASN1Parser.isDERSequence(bArr)) {
            throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": invalid derCRL");
        }
        try {
            try {
                CRLLengths buildLengthsFrom = CRLLengths.buildLengthsFrom(bArr, 0, 48);
                if (buildLengthsFrom.asn1Length != bArr.length) {
                    throw new PKIException("CrlFile verify failure when invalid asn1Length --> " + buildLengthsFrom.asn1Length);
                }
                this.crlStructure = new CRLStructure(null, buildLengthsFrom.headLength, bArr.length, bArr);
                this.derCRL = bArr;
                return bArr;
            } catch (IOException e) {
                throw new PKIException("CrlFile verify failure when invalid asn1Length --> ", e);
            }
        } catch (PKIException e2) {
            throw e2;
        } catch (Exception e3) {
            throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES, e3);
        } catch (Throwable th) {
            throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": " + th.getMessage());
        }
    }

    public final boolean loadAllRecordsToMemory() throws PKIException {
        boolean z = false;
        try {
            if (this.cachesFinished) {
                z = true;
            } else {
                try {
                    try {
                        checkJVMXmxMemory(this.derCRL.length, 4);
                        if (this.crlStructure.isNoneCertTag()) {
                            if (0 != 0) {
                                this.cachesFinished = true;
                            } else {
                                this.caches.clear();
                            }
                            return false;
                        }
                        CRLFindResult.loadBlock(this.derCRL, this.crlStructure.context.certsTag.begin, this.crlStructure.context.certsTag.begin + this.crlStructure.context.certsTag.length, this.caches);
                        z = true;
                        if (1 != 0) {
                            this.cachesFinished = true;
                        } else {
                            this.caches.clear();
                        }
                    } catch (PKIException e) {
                        throw e;
                    }
                } catch (Exception e2) {
                    throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": load records of crlFile failure", e2);
                } catch (Throwable th) {
                    throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ": load records of crlFile failure-->" + th.getMessage());
                }
            }
            return z;
        } catch (Throwable th2) {
            if (z) {
                this.cachesFinished = true;
            } else {
                this.caches.clear();
            }
            throw th2;
        }
    }

    public CertificateList getCertificateList() {
        try {
            checkJVMXmxMemory(this.derCRL.length, 16);
            try {
                return CertificateList.getInstance(this.derCRL);
            } catch (Exception e) {
                throw new SecurityException("Failure on CertificateList" + e.getMessage());
            } catch (Throwable th) {
                throw new SecurityException("Failure on CertificateList" + th.getMessage());
            }
        } catch (PKIException e2) {
            throw new SecurityException(e2.getMessage());
        }
    }

    public byte[] getEncoded() throws PKIException {
        return this.derCRL;
    }

    public byte[] getTBSCertList() throws PKIException {
        return this.crlStructure.getTBSEncoded(this.derCRL);
    }

    @Override // cfca.sadk.x509.certificate.X509CRLBase
    public boolean isRevoke(BigInteger bigInteger) {
        if (bigInteger == null || this.crlStructure.isNoneCertTag()) {
            return false;
        }
        if (this.cachesFinished) {
            return this.caches.contains(new CRLRecord(bigInteger.toByteArray()));
        }
        byte[] byteArray = bigInteger.toByteArray();
        try {
            return CRLFindResult.findBlock(this.derCRL, this.crlStructure.context.certsTag.begin, this.crlStructure.context.certsTag.begin + this.crlStructure.context.certsTag.length, byteArray).isRevoke;
        } catch (Exception e) {
            throw new SecurityException("CrlFile verify failure: " + e.getMessage());
        }
    }

    public static boolean verify(String str, String str2) throws FileNotFoundException, IOException, PKIException {
        return new X509CRLFile(str, false).verify(new X509Cert(str2).getPublicKey());
    }

    public int hashCode() {
        int i = 1;
        for (int i2 = 0; i2 < this.derCRL.length; i2++) {
            i = (31 * i) + this.derCRL[i2];
        }
        return i;
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        return obj != null && getClass() == obj.getClass() && Arrays.equals(this.derCRL, ((X509CRL) obj).derCRL);
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("X509CRL [");
        if (this.crlStructure != null) {
            this.crlStructure.dump(stringBuffer);
        }
        stringBuffer.append("]");
        return stringBuffer.toString();
    }

    @Override // cfca.sadk.x509.certificate.X509CRLBase
    public final byte[] hash(Digest digest) throws PKIException {
        byte[] bArr = new byte[digest.getDigestSize()];
        digest.update(this.derCRL, this.crlStructure.contextTag.begin, this.crlStructure.contextTag.length);
        digest.doFinal(bArr, 0);
        return bArr;
    }

    final void checkJVMXmxMemory(long j, int i) throws PKIException {
        if (j > Runtime.getRuntime().maxMemory() / i) {
            throw new PKIException(PKIException.INIT_CRL, PKIException.INIT_CRL_DES + ":JVM effective virtual memory MUST BE " + i + " times with the size of crlFile");
        }
    }
}
