package com.dreamsecurity.jcaos.ctl;

import com.dreamsecurity.jcaos.Environment;
import com.dreamsecurity.jcaos.asn1.ASN1Encodable;
import com.dreamsecurity.jcaos.asn1.ASN1InputStream;
import com.dreamsecurity.jcaos.asn1.DEREncodable;
import com.dreamsecurity.jcaos.asn1.DERGeneralizedTime;
import com.dreamsecurity.jcaos.asn1.I;
import com.dreamsecurity.jcaos.asn1.d.a;
import com.dreamsecurity.jcaos.exception.CTLException;
import com.dreamsecurity.jcaos.util.ByteUtil;
import com.dreamsecurity.jcaos.x509.X509Certificate;
import java.io.IOException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;

/* loaded from: input_file:com/dreamsecurity/jcaos/ctl/CertificateTrustList.class */
public class CertificateTrustList {
    a a;

    CertificateTrustList(byte[] bArr) throws IOException {
        this(a.a(new ASN1InputStream(bArr).readObject()));
    }

    CertificateTrustList(a aVar) {
        this.a = aVar;
    }

    public static CertificateTrustList getInstance(byte[] bArr) throws IOException {
        return new CertificateTrustList(bArr);
    }

    public static CertificateTrustList getInstance(Object obj) throws IOException {
        if (obj instanceof CertificateTrustList) {
            return (CertificateTrustList) obj;
        }
        if (obj instanceof byte[]) {
            return new CertificateTrustList((byte[]) obj);
        }
        if (obj instanceof a) {
            return new CertificateTrustList((a) obj);
        }
        throw new IllegalArgumentException("unknown object.");
    }

    public byte[] getEncoded() {
        return this.a.getDEREncoded();
    }

    public int getVersion() {
        return this.a.a().getValue().intValue();
    }

    public String[] getSubjectUsage() {
        boolean z = TrustedCertificate.b;
        String[] strArr = new String[this.a.b().a()];
        int i = 0;
        while (i < this.a.b().a()) {
            strArr[i] = this.a.b().a(i).getId();
            i++;
            if (z) {
                break;
            }
        }
        return strArr;
    }

    public byte[] getListIdentifier() {
        if (this.a.c() == null) {
            return null;
        }
        return this.a.c().getOctets();
    }

    public BigInteger getSequenceNumber() {
        return this.a.d().getValue();
    }

    public Date getThisUpdate() throws ParseException {
        DEREncodable a = this.a.e().a();
        return a instanceof I ? I.a(a).a() : DERGeneralizedTime.getInstance(a).getDate();
    }

    public Date getNextUpdate() throws ParseException {
        DEREncodable a = this.a.f().a();
        return a instanceof I ? I.a(a).a() : DERGeneralizedTime.getInstance(a).getDate();
    }

    public String getSubjectAlgorithm() {
        return this.a.g().getString();
    }

    public ArrayList getTrustedSubjects() {
        boolean z = TrustedCertificate.b;
        ArrayList arrayList = new ArrayList();
        int i = 0;
        while (i < this.a.h().a()) {
            arrayList.add(new TrustedCertificate(this.a.h().a(i)));
            i++;
            if (z) {
                break;
            }
        }
        return arrayList;
    }

    public void checkValidity() throws CTLException, ParseException {
        checkValidity(Calendar.getInstance().getTime());
    }

    public void checkValidity(Date date) throws CTLException, ParseException {
        boolean z = TrustedCertificate.b;
        Date thisUpdate = getThisUpdate();
        Date nextUpdate = getNextUpdate();
        if (date.before(thisUpdate)) {
            throw new CTLException(new StringBuffer().append("Not yet valid. (current date = ").append(date.toString()).append(", thisUpdate = ").append(thisUpdate.toString()).append(")").toString());
        }
        if (date.after(nextUpdate)) {
            throw new CTLException(new StringBuffer().append("Expired ctl. (current date = ").append(date.toString()).append(", nextUpdate = ").append(nextUpdate.toString()).append(")").toString());
        }
        if (ASN1Encodable.c != 0) {
            TrustedCertificate.b = !z;
        }
    }

    public boolean isTrust(X509Certificate x509Certificate) throws NoSuchProviderException, NoSuchAlgorithmException, IOException {
        boolean z = TrustedCertificate.b;
        byte[] digest = MessageDigest.getInstance(getSubjectAlgorithm(), Environment.getJCEProvider(getSubjectAlgorithm())).digest(x509Certificate.getEncoded());
        int i = 0;
        while (i < this.a.h().a()) {
            if (ByteUtil.equals(digest, this.a.h().a(i).a().getOctets())) {
                return true;
            }
            i++;
            if (z) {
                ASN1Encodable.c++;
                return false;
            }
        }
        return false;
    }
}
