package cfca.sadk.x509.certificate;

import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.org.bouncycastle.asn1.ASN1GeneralizedTime;
import cfca.sadk.org.bouncycastle.asn1.ASN1Integer;
import cfca.sadk.org.bouncycastle.asn1.ASN1UTCTime;
import cfca.sadk.org.bouncycastle.asn1.cmp.PKIFailureInfo;
import cfca.sadk.org.bouncycastle.asn1.cms.Time;
import cfca.sadk.org.bouncycastle.asn1.x500.X500Name;
import cfca.sadk.org.bouncycastle.asn1.x500.X500NameStyle;
import cfca.sadk.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import cfca.sadk.org.bouncycastle.util.encoders.Hex;
import java.io.IOException;
import java.io.RandomAccessFile;
import java.util.Date;

/* loaded from: input_file:cfca/sadk/x509/certificate/CRLStructure.class */
final class CRLStructure {
    final CRLSignType crlSignType = new CRLSignType();
    final CRLTag contextTag;
    final CRLTag algorithmTag;
    final CRLTag signatureTag;
    final CRLCertTag context;
    final AlgorithmIdentifier signatureAlgorithm;
    final byte[] signatureValue;

    /* JADX INFO: Access modifiers changed from: package-private */
    public CRLStructure(RandomAccessFile randomAccessFile, int i, long j, byte[] bArr) throws PKIException {
        this.contextTag = lengthsFrom(randomAccessFile, 48, j, i, "tbsCertList", bArr);
        int i2 = i + this.contextTag.length;
        this.algorithmTag = lengthsFrom(randomAccessFile, 48, j, i2, "signatureAlgorithm", bArr);
        this.signatureTag = lengthsFrom(randomAccessFile, 3, j, i2 + this.algorithmTag.length, "signatureValue", bArr);
        this.context = decodeCRLTBSCertList(randomAccessFile, this.contextTag, j, bArr);
        this.signatureAlgorithm = decodeSignatureAlgorithm(randomAccessFile, this.algorithmTag, bArr);
        this.signatureValue = decodeSignatureValue(randomAccessFile, this.signatureTag, bArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String getIssuer(X500NameStyle x500NameStyle) {
        return (this.context == null || this.context.issuer == null) ? null : new X500Name(x500NameStyle, this.context.issuer).toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final Date getThisUpdate() {
        return (this.context == null || this.context.thisUpdate == null) ? null : this.context.thisUpdate.getDate();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final Date getNextUpdate() {
        return (this.context == null || this.context.nextUpdate == null) ? null : this.context.nextUpdate.getDate();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final byte[] getSignature() {
        if (this.signatureValue == null) {
            return null;
        }
        return (byte[]) this.signatureValue.clone();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String getSignatureAlgName() {
        String str = null;
        if (this.signatureAlgorithm != null) {
            str = Mechanism.getSignatureAlgName(this.signatureAlgorithm);
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String getSignatureAlgOID() {
        String str = null;
        if (this.signatureAlgorithm != null) {
            str = this.signatureAlgorithm.getAlgorithm().getId();
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final byte[] getTBSEncoded(byte[] bArr) throws PKIException {
        try {
            byte[] bArr2 = new byte[this.contextTag.length];
            System.arraycopy(bArr, this.contextTag.begin, bArr2, 0, bArr2.length);
            return bArr2;
        } catch (Exception e) {
            throw new PKIException(PKIException.TBSCRL_BYTES, PKIException.TBSCRL_BYTES_DES, e);
        } catch (Throwable th) {
            throw new PKIException(PKIException.TBSCRL_BYTES, PKIException.TBSCRL_BYTES_DES + "-->" + th.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final boolean isNoneCertTag() {
        return this.context == null || this.context.certsTag == null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final StringBuffer dump(StringBuffer stringBuffer) {
        stringBuffer.append("\n\t contextTag=");
        stringBuffer.append(this.contextTag);
        stringBuffer.append(this.context);
        stringBuffer.append("\n\t algorithmTag=");
        stringBuffer.append(this.algorithmTag);
        if (this.signatureAlgorithm != null) {
            stringBuffer.append("\n\t\t oid=");
            stringBuffer.append(this.signatureAlgorithm.getAlgorithm());
            stringBuffer.append("(");
            stringBuffer.append(Mechanism.getSignatureAlgName(this.signatureAlgorithm));
            stringBuffer.append(")");
        }
        stringBuffer.append("\n\t signatureTag=");
        stringBuffer.append(this.signatureTag);
        if (this.signatureValue != null) {
            stringBuffer.append("\n\t\t value=0x");
            stringBuffer.append(new String(Hex.encode(this.signatureValue)));
        }
        return stringBuffer;
    }

    final AlgorithmIdentifier decodeSignatureAlgorithm(RandomAccessFile randomAccessFile, CRLTag cRLTag, byte[] bArr) throws PKIException {
        try {
            return AlgorithmIdentifier.getInstance(bArr != null ? cRLTag.valueFrom(bArr) : cRLTag.valueFrom(randomAccessFile, cRLTag.begin, 1024));
        } catch (Exception e) {
            throw new PKIException("Failure when decodeAlgorithm", e);
        }
    }

    final byte[] decodeSignatureValue(RandomAccessFile randomAccessFile, CRLTag cRLTag, byte[] bArr) throws PKIException {
        try {
            byte[] valueFrom = bArr != null ? cRLTag.valueFrom(bArr) : cRLTag.valueFrom(randomAccessFile, cRLTag.begin, 1024);
            CRLLengths buildLengthsFrom = CRLLengths.buildLengthsFrom(valueFrom, 0, 3);
            byte[] bArr2 = null;
            if (valueFrom[buildLengthsFrom.headLength] == 0 && buildLengthsFrom.valueLength % 64 != 0) {
                bArr2 = new byte[buildLengthsFrom.valueLength - 1];
                System.arraycopy(valueFrom, buildLengthsFrom.headLength + 1, bArr2, 0, bArr2.length);
            }
            return bArr2;
        } catch (Exception e) {
            throw new PKIException("Failure when decodeSignatureValue", e);
        }
    }

    final CRLCertTag decodeCRLTBSCertList(RandomAccessFile randomAccessFile, CRLTag cRLTag, long j, byte[] bArr) throws PKIException {
        int i;
        int i2 = cRLTag.length;
        if (bArr == null) {
            bArr = contentPartFrom(randomAccessFile, cRLTag, j);
            i = 0;
        } else {
            i = cRLTag.begin;
        }
        try {
            CRLLengths buildLengthsFrom = CRLLengths.buildLengthsFrom(bArr, i, 48);
            if (buildLengthsFrom.asn1Length != i2) {
                throw new PKIException("Failure on decodeCRLTBSCertList  with invalid asn1Length --> " + buildLengthsFrom.asn1Length);
            }
            int i3 = i + buildLengthsFrom.headLength;
            ASN1Integer aSN1Integer = null;
            try {
                if (bArr[i3] == 2) {
                    byte[] valueFrom = valueFrom(bArr, i3);
                    aSN1Integer = ASN1Integer.getInstance(valueFrom);
                    i3 += valueFrom.length;
                }
                try {
                    byte[] valueFrom2 = valueFrom(bArr, i3);
                    AlgorithmIdentifier algorithmIdentifier = AlgorithmIdentifier.getInstance(valueFrom2);
                    int length = i3 + valueFrom2.length;
                    try {
                        byte[] valueFrom3 = valueFrom(bArr, length);
                        X500Name x500Name = X500Name.getInstance(valueFrom3);
                        int length2 = length + valueFrom3.length;
                        if (bArr[length2] != 24 && bArr[length2] != 23) {
                            throw new PKIException("Failure on decodeCRLTBSCertList  when readThisUpdate with invalid thisUpdate --> " + ((int) bArr[length2]));
                        }
                        try {
                            byte[] valueFrom4 = valueFrom(bArr, length2);
                            Time time = bArr[length2] == 24 ? Time.getInstance(ASN1GeneralizedTime.getInstance(valueFrom4)) : Time.getInstance(ASN1UTCTime.getInstance(valueFrom4));
                            int length3 = length2 + valueFrom4.length;
                            Time time2 = null;
                            try {
                                if (bArr[length3] == 24 || bArr[length3] == 23) {
                                    byte[] valueFrom5 = valueFrom(bArr, length3);
                                    time2 = bArr[length3] == 24 ? Time.getInstance(ASN1GeneralizedTime.getInstance(valueFrom5)) : Time.getInstance(ASN1UTCTime.getInstance(valueFrom5));
                                    length3 += valueFrom5.length;
                                }
                                CRLTag cRLTag2 = null;
                                try {
                                    if (bArr[length3] == 48) {
                                        CRLLengths buildLengthsFrom2 = CRLLengths.buildLengthsFrom(bArr, length3, 0);
                                        cRLTag2 = new CRLTag(cRLTag.begin + length3, buildLengthsFrom2.asn1Length, "CRLCertsTag");
                                        int i4 = length3 + buildLengthsFrom2.asn1Length;
                                    }
                                    return new CRLCertTag(aSN1Integer, algorithmIdentifier, x500Name, time, time2, cRLTag2);
                                } catch (Exception e) {
                                    throw new PKIException("Failure on decodeCRLTBSCertList  when readRevokedCertificates", e);
                                }
                            } catch (Exception e2) {
                                throw new PKIException("Failure on decodeCRLTBSCertList  when readNextUpdate", e2);
                            }
                        } catch (Exception e3) {
                            throw new PKIException("Failure on decodeCRLTBSCertList  when readThisUpdate", e3);
                        }
                    } catch (Exception e4) {
                        throw new PKIException("Failure on decodeCRLTBSCertList  when readIssuerDN", e4);
                    }
                } catch (Exception e5) {
                    throw new PKIException("Failure on decodeCRLTBSCertList  when readSignatureAlgorithm", e5);
                }
            } catch (Exception e6) {
                throw new PKIException("Failure on decodeCRLTBSCertList  when readVersion", e6);
            }
        } catch (Exception e7) {
            throw new PKIException("Failure on decodeCRLTBSCertList  when readTBSCertList-Head", e7);
        }
    }

    final byte[] contentPartFrom(RandomAccessFile randomAccessFile, CRLTag cRLTag, long j) throws PKIException {
        int i = cRLTag.length;
        try {
            randomAccessFile.seek(cRLTag.begin);
            byte[] bArr = new byte[i < 65536 ? i : PKIFailureInfo.notAuthorized];
            int length = bArr.length;
            int i2 = 0;
            do {
                int read = randomAccessFile.read(bArr, i2, bArr.length - i2);
                if (read <= 0) {
                    break;
                }
                i2 += read;
                length -= read;
                if (i2 == bArr.length) {
                    break;
                }
            } while (length > 0);
            return bArr;
        } catch (Exception e) {
            throw new PKIException("Failure on decodeCRLTBSCertList  readFile", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final byte[] valueFrom(RandomAccessFile randomAccessFile, int i, int i2, byte[] bArr) throws PKIException {
        byte[] bArr2;
        try {
            if (bArr == null) {
                bArr2 = new byte[i2 > 65536 ? PKIFailureInfo.notAuthorized : i2];
                randomAccessFile.seek(i);
                int length = bArr2.length;
                int i3 = 0;
                do {
                    int read = randomAccessFile.read(bArr2, i3, bArr2.length - i3);
                    i3 = read;
                    if (read <= 0) {
                        break;
                    }
                    length -= i3;
                } while (length > 0);
            } else {
                bArr2 = new byte[CRLLengths.buildLengthsFrom(bArr, i, 0).asn1Length];
                System.arraycopy(bArr, i, bArr2, 0, bArr2.length);
            }
            return bArr2;
        } catch (Exception e) {
            throw new PKIException("asn1CRLTag - read block failure[position=" + i + ",expectLength" + i2 + "]", e);
        } catch (Throwable th) {
            throw new PKIException("asn1CRLTag - read block failure[position=" + i + "]: " + th.getMessage());
        }
    }

    final byte[] valueFrom(byte[] bArr, int i) throws PKIException {
        try {
            byte[] bArr2 = new byte[CRLLengths.buildLengthsFrom(bArr, i, 0).asn1Length];
            System.arraycopy(bArr, i, bArr2, 0, bArr2.length);
            return bArr2;
        } catch (Exception e) {
            throw new PKIException("asn1CRLTag - read block failure[position=" + i + "]", e);
        } catch (Throwable th) {
            throw new PKIException("asn1CRLTag - read block failure[position=" + i + "]: " + th.getMessage());
        }
    }

    final CRLTag lengthsFrom(RandomAccessFile randomAccessFile, int i, long j, int i2, String str, byte[] bArr) throws PKIException {
        long j2;
        CRLLengths buildLengthsFrom;
        try {
            if (bArr != null) {
                j2 = bArr.length;
                buildLengthsFrom = CRLLengths.buildLengthsFrom(bArr, i2, i);
            } else {
                j2 = j;
                byte[] bArr2 = new byte[20];
                randomAccessFile.seek(i2);
                int length = bArr2.length;
                int i3 = 0;
                do {
                    int read = randomAccessFile.read(bArr2, i3, bArr2.length - i3);
                    i3 = read;
                    if (read <= 0) {
                        break;
                    }
                    length -= i3;
                } while (length > 0);
                buildLengthsFrom = CRLLengths.buildLengthsFrom(bArr2, 0, i);
            }
            CRLTag cRLTag = new CRLTag(i2, buildLengthsFrom.asn1Length, str);
            cRLTag.checkLengths(j2);
            return cRLTag;
        } catch (IOException e) {
            throw new PKIException("asn1Tag - read" + str + "Lengths failure", e);
        } catch (Exception e2) {
            throw new PKIException("asn1Tag - read" + str + "Lengths failure", e2);
        }
    }
}
