package eu.europa.esig.dss.crl.stream.impl;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.cert.X509CRLEntry;
import java.util.Enumeration;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.ASN1BitString;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.TBSCertList;
import org.bouncycastle.asn1.x509.Time;
import org.bouncycastle.jce.provider.X509CRLEntryObject;
import org.bouncycastle.util.encoders.Hex;
import org.bouncycastle.util.io.Streams;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/crl/stream/impl/CRLParser.class */
class CRLParser {
    private static final Logger LOG = LoggerFactory.getLogger(CRLParser.class);

    public void getSignedData(BinaryFilteringInputStream binaryFilteringInputStream) throws IOException {
        binaryFilteringInputStream.on(false);
        consumeTagIntro(binaryFilteringInputStream);
        binaryFilteringInputStream.on(true);
        DERUtil.readTagNumber(binaryFilteringInputStream, DERUtil.readTag(binaryFilteringInputStream));
        readNbBytes(binaryFilteringInputStream, DERUtil.readLength(binaryFilteringInputStream));
        binaryFilteringInputStream.on(false);
    }

    public X509CRLEntry retrieveRevocationInfo(InputStream inputStream, BigInteger bigInteger) throws IOException {
        int readTagNumber;
        int readTag;
        consumeTagIntro(inputStream);
        consumeTagIntro(inputStream);
        do {
            readTagNumber = DERUtil.readTagNumber(inputStream, DERUtil.readTag(inputStream));
            skip(inputStream, DERUtil.readLength(inputStream));
        } while (!isDate(readTagNumber));
        int readTagNumber2 = DERUtil.readTagNumber(inputStream, DERUtil.readTag(inputStream));
        int readLength = DERUtil.readLength(inputStream);
        if (isDate(readTagNumber2)) {
            skip(inputStream, readLength);
            readTagNumber2 = DERUtil.readTagNumber(inputStream, DERUtil.readTag(inputStream));
            DERUtil.readLength(inputStream);
        }
        while (readTagNumber2 == 16 && (readTag = DERUtil.readTag(inputStream)) >= 0) {
            readTagNumber2 = DERUtil.readTagNumber(inputStream, readTag);
            int readLength2 = DERUtil.readLength(inputStream);
            if (readTagNumber2 == 16) {
                byte[] readNbBytes = readNbBytes(inputStream, readLength2);
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(readNbBytes);
                try {
                    int readTagNumber3 = DERUtil.readTagNumber(byteArrayInputStream, DERUtil.readTag(byteArrayInputStream));
                    int readLength3 = DERUtil.readLength(byteArrayInputStream);
                    if (2 == readTagNumber3 && bigInteger.equals(rebuildASN1Integer(readNbBytes(byteArrayInputStream, readLength3)).getValue())) {
                        X509CRLEntryObject x509CRLEntryObject = new X509CRLEntryObject(TBSCertList.CRLEntry.getInstance(rebuildASN1Sequence(readNbBytes)));
                        byteArrayInputStream.close();
                        return x509CRLEntryObject;
                    }
                    byteArrayInputStream.close();
                } catch (Throwable th) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            } else {
                LOG.debug("Should only contain SEQUENCEs : tagNo = {} (ignored)", Integer.valueOf(readTagNumber2));
                skip(inputStream, readLength2);
            }
        }
        return null;
    }

    public CRLInfo retrieveInfo(InputStream inputStream) throws IOException {
        if (!inputStream.markSupported()) {
            throw new IllegalArgumentException("The InputStream MUST support mark/reset methods !");
        }
        CRLInfo cRLInfo = new CRLInfo();
        consumeTagIntro(inputStream);
        consumeTagIntro(inputStream);
        int readTag = DERUtil.readTag(inputStream);
        int readTagNumber = DERUtil.readTagNumber(inputStream, readTag);
        int readLength = DERUtil.readLength(inputStream);
        if (readTagNumber == 2) {
            byte[] readNbBytes = readNbBytes(inputStream, readLength);
            if (LOG.isDebugEnabled()) {
                LOG.debug("TBSCertList -> version : {}", Hex.toHexString(readNbBytes));
            }
            cRLInfo.setVersion(Integer.valueOf(rebuildASN1Integer(readNbBytes).getValue().intValue() + 1));
            readTag = DERUtil.readTag(inputStream);
            readTagNumber = DERUtil.readTagNumber(inputStream, readTag);
            readLength = DERUtil.readLength(inputStream);
        }
        if (readTagNumber == 16) {
            byte[] readNbBytes2 = readNbBytes(inputStream, readLength);
            if (LOG.isDebugEnabled()) {
                LOG.debug("TBSCertList -> signatureAlgorithm : {}", Hex.toHexString(readNbBytes2));
            }
            AlgorithmIdentifier algorithmIdentifier = AlgorithmIdentifier.getInstance(rebuildASN1Sequence(readNbBytes2));
            cRLInfo.setCertificateListSignatureAlgorithmOid(algorithmIdentifier.getAlgorithm().getId());
            ASN1Encodable parameters = algorithmIdentifier.getParameters();
            if (parameters != null && !DERNull.INSTANCE.equals(parameters)) {
                cRLInfo.setCertificateListSignatureAlgorithmParams(parameters.toASN1Primitive().getEncoded("DER"));
            }
            readTag = DERUtil.readTag(inputStream);
            readTagNumber = DERUtil.readTagNumber(inputStream, readTag);
            readLength = DERUtil.readLength(inputStream);
        }
        if (readTagNumber == 16) {
            byte[] readNbBytes3 = readNbBytes(inputStream, readLength);
            if (LOG.isDebugEnabled()) {
                LOG.debug("TBSCertList -> issuer : {}", Hex.toHexString(readNbBytes3));
            }
            cRLInfo.setIssuer(new X500Principal(rebuildASN1Sequence(readNbBytes3).getEncoded()));
            readTag = DERUtil.readTag(inputStream);
            readTagNumber = DERUtil.readTagNumber(inputStream, readTag);
            readLength = DERUtil.readLength(inputStream);
        }
        if (isDate(readTagNumber)) {
            byte[] readNbBytes4 = readNbBytes(inputStream, readLength);
            if (LOG.isDebugEnabled()) {
                LOG.debug("TBSCertList -> thisUpdate : {}", Hex.toHexString(readNbBytes4));
            }
            cRLInfo.setThisUpdate(rebuildASN1Time(readTagNumber, readNbBytes4).getDate());
            readTag = DERUtil.readTag(inputStream);
            readTagNumber = DERUtil.readTagNumber(inputStream, readTag);
            readLength = DERUtil.readLength(inputStream);
        }
        if (isDate(readTagNumber)) {
            byte[] readNbBytes5 = readNbBytes(inputStream, readLength);
            if (LOG.isDebugEnabled()) {
                LOG.debug("TBSCertList -> nextUpdate : {}", Hex.toHexString(readNbBytes5));
            }
            cRLInfo.setNextUpdate(rebuildASN1Time(readTagNumber, readNbBytes5).getDate());
            readTag = DERUtil.readTag(inputStream);
            readTagNumber = DERUtil.readTagNumber(inputStream, readTag);
            readLength = DERUtil.readLength(inputStream);
        }
        if (readTagNumber == 16) {
            if (readLength > 0) {
                inputStream.mark(10);
                int readTagNumber2 = DERUtil.readTagNumber(inputStream, DERUtil.readTag(inputStream));
                inputStream.reset();
                if (readTagNumber2 == 16) {
                    skip(inputStream, readLength);
                    LOG.debug("TBSCertList -> revokedCertificates : skipped (length={})", Integer.valueOf(readLength));
                    readTag = DERUtil.readTag(inputStream);
                    readTagNumber = DERUtil.readTagNumber(inputStream, readTag);
                    readLength = DERUtil.readLength(inputStream);
                }
            } else {
                LOG.debug("TBSCertList -> revokedCertificates : Empty sequence");
                readTag = DERUtil.readTag(inputStream);
                readTagNumber = DERUtil.readTagNumber(inputStream, readTag);
                readLength = DERUtil.readLength(inputStream);
            }
        }
        if ((readTag & 128) != 0) {
            byte[] readNbBytes6 = readNbBytes(inputStream, readLength);
            if (LOG.isDebugEnabled()) {
                LOG.debug("TBSCertList -> crlExtensions : {}", Hex.toHexString(readNbBytes6));
            }
            extractExtensions((ASN1Sequence) ASN1Primitive.fromByteArray(readNbBytes6), cRLInfo);
            readTagNumber = DERUtil.readTagNumber(inputStream, DERUtil.readTag(inputStream));
            readLength = DERUtil.readLength(inputStream);
        }
        if (16 == readTagNumber) {
            byte[] readNbBytes7 = readNbBytes(inputStream, readLength);
            if (LOG.isDebugEnabled()) {
                LOG.debug("CertificateList -> signatureAlgorithm : {}", Hex.toHexString(readNbBytes7));
            }
            cRLInfo.setTbsSignatureAlgorithmOid(AlgorithmIdentifier.getInstance(rebuildASN1Sequence(readNbBytes7)).getAlgorithm().getId());
            readTagNumber = DERUtil.readTagNumber(inputStream, DERUtil.readTag(inputStream));
            readLength = DERUtil.readLength(inputStream);
        }
        if (3 == readTagNumber) {
            byte[] readNbBytes8 = readNbBytes(inputStream, readLength);
            if (LOG.isDebugEnabled()) {
                LOG.debug("CertificateList -> signatureValue : {}", Hex.toHexString(readNbBytes8));
            }
            cRLInfo.setSignatureValue(rebuildASN1BitString(readNbBytes8).getOctets());
        }
        return cRLInfo;
    }

    private boolean isDate(int i) {
        return i == 23 || i == 24;
    }

    private byte[] readNbBytes(InputStream inputStream, int i) throws IOException {
        byte[] bArr = new byte[i];
        if (Streams.readFully(inputStream, bArr) != i) {
            LOG.warn("Cannot read expected length!");
        }
        return bArr;
    }

    private void skip(InputStream inputStream, int i) throws IOException {
        long j = 0;
        long j2 = -1;
        while (j < i && j2 != 0) {
            j2 = inputStream.skip(i - j);
            j += j2;
        }
    }

    private void extractExtensions(ASN1Sequence aSN1Sequence, CRLInfo cRLInfo) throws IOException {
        Enumeration objects = aSN1Sequence.getObjects();
        while (objects.hasMoreElements()) {
            ASN1Sequence aSN1Sequence2 = null;
            try {
                aSN1Sequence2 = (ASN1Sequence) objects.nextElement();
                int size = aSN1Sequence2.size();
                if (size == 2) {
                    cRLInfo.addNonCriticalExtension(aSN1Sequence2.getObjectAt(0).getId(), aSN1Sequence2.getObjectAt(1).toASN1Primitive().getEncoded());
                } else if (size == 3) {
                    ASN1ObjectIdentifier objectAt = aSN1Sequence2.getObjectAt(0);
                    ASN1Boolean objectAt2 = aSN1Sequence2.getObjectAt(1);
                    byte[] encoded = aSN1Sequence2.getObjectAt(2).toASN1Primitive().getEncoded();
                    if (objectAt2.isTrue()) {
                        cRLInfo.addCriticalExtension(objectAt.getId(), encoded);
                    } else {
                        cRLInfo.addNonCriticalExtension(objectAt.getId(), encoded);
                    }
                } else {
                    LOG.warn("Not supported format : {}", aSN1Sequence2);
                }
            } catch (Exception e) {
                LOG.warn("Cannot parse extension {} : {}", aSN1Sequence2, e.getMessage());
            }
        }
    }

    private void consumeTagIntro(InputStream inputStream) throws IOException {
        DERUtil.readTagNumber(inputStream, DERUtil.readTag(inputStream));
        DERUtil.readLength(inputStream);
    }

    private ASN1Sequence rebuildASN1Sequence(byte[] bArr) throws IOException {
        return rebuildASN1Primitive(48, bArr);
    }

    private ASN1BitString rebuildASN1BitString(byte[] bArr) throws IOException {
        return rebuildASN1Primitive(3, bArr);
    }

    private ASN1Integer rebuildASN1Integer(byte[] bArr) throws IOException {
        return rebuildASN1Primitive(2, bArr);
    }

    private Time rebuildASN1Time(int i, byte[] bArr) throws IOException {
        return Time.getInstance(rebuildASN1Primitive(i, bArr));
    }

    private ASN1Primitive rebuildASN1Primitive(int i, byte[] bArr) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            byteArrayOutputStream.write(i);
            DERUtil.writeLength(byteArrayOutputStream, bArr.length);
            byteArrayOutputStream.write(bArr);
            ASN1Primitive fromByteArray = ASN1Primitive.fromByteArray(byteArrayOutputStream.toByteArray());
            byteArrayOutputStream.close();
            return fromByteArray;
        } catch (Throwable th) {
            try {
                byteArrayOutputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }
}
