package iaik.x509.stream;

import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.DerInputStream;
import iaik.asn1.structures.AlgorithmID;
import iaik.asn1.structures.ChoiceOfTime;
import iaik.asn1.structures.Name;
import iaik.x509.RevokedCertificate;
import iaik.x509.X509ExtensionException;
import iaik.x509.X509Extensions;
import java.io.EOFException;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CRLException;
import java.util.Date;
import org.spongycastle.asn1.eac.CertificateBody;

/* loaded from: classes.dex */
public class X509CRLStream {
    private CRLListener a;
    private InputStream b;
    private byte[] c;
    private int d;

    public X509CRLStream(CRLListener cRLListener) {
        this.a = cRLListener;
    }

    private void a() {
        this.d = 0;
    }

    private void a(int i) throws EOFException, IOException {
        while (i > this.c.length - this.d) {
            e();
        }
        int i2 = 0;
        while (i2 < i) {
            int read = this.b.read(this.c, this.d, i - i2);
            if (read < 0) {
                throw new EOFException("Unexpected EOF while reading data.");
            }
            i2 += read;
            this.d = read + this.d;
        }
    }

    private void a(InputStream inputStream) {
        this.b = inputStream;
        this.c = inputStream != null ? new byte[128] : null;
    }

    private int b() {
        return this.d;
    }

    private byte[] c() {
        return this.c;
    }

    private int d() throws IOException {
        int read = this.b.read();
        if (read != -1) {
            if (this.d >= this.c.length) {
                e();
            }
            byte[] bArr = this.c;
            int i = this.d;
            this.d = i + 1;
            bArr[i] = (byte) read;
        }
        return read;
    }

    private void e() {
        byte[] bArr = new byte[this.c.length * 2];
        System.arraycopy(this.c, 0, bArr, 0, this.d);
        this.c = bArr;
    }

    private int f() throws IOException {
        return d();
    }

    private int g() throws EOFException, IOException, CodingException {
        int d = d();
        if (d == -1) {
            throw new EOFException("Unexpected EOF! Expected encoded length.");
        }
        int i = d & 255;
        if (i >= 128) {
            if (i != 128) {
                int i2 = i & CertificateBody.profileType;
                if (i2 <= 4) {
                    i = 0;
                    while (true) {
                        i2--;
                        if (i2 < 0) {
                            break;
                        }
                        int d2 = d();
                        if (d2 == -1) {
                            throw new EOFException("Unexpected EOF! Expected a length octet.");
                        }
                        i = (i << 8) | (d2 & 255);
                    }
                } else {
                    throw new CodingException(new StringBuffer().append("Encoded length is too large. Takes ").append(i2).append(" octets. Maximum is 4.").toString());
                }
            } else {
                throw new CodingException("Invalid DER encoding. Indefinite length encoding is not allowed.");
            }
        }
        return i;
    }

    void a(DerInputStream derInputStream) throws IOException, CRLException {
        try {
            try {
                if (this.a instanceof RevokedCertificatesCRLListener) {
                    RevokedCertificatesCRLListener revokedCertificatesCRLListener = (RevokedCertificatesCRLListener) this.a;
                    a((InputStream) derInputStream);
                    while (true) {
                        a();
                        int f = f();
                        if (f == -1) {
                            break;
                        }
                        if (f != 48) {
                            throw new CRLException("Invalid CRL entry that is not a SEQUENCE.");
                        }
                        int g = g();
                        int b = b();
                        int f2 = f();
                        if (f2 == -1) {
                            throw new EOFException("Unexpected EOF in entry! Expected an INTEGER.");
                        }
                        if (f2 != 2) {
                            throw new CRLException("Invalid CRL entry, which does not start with an INTEGER.");
                        }
                        int g2 = g();
                        int b2 = b();
                        a(g - (b2 - b));
                        revokedCertificatesCRLListener.revokedCertificate(c(), 0, g + b, b2, g2);
                    }
                } else {
                    while (derInputStream.nextTag() != -1) {
                        this.a.revokedCertificate(new RevokedCertificate(DerCoder.decode(derInputStream)));
                    }
                }
            } catch (CodingException e) {
                throw new CRLException(e.toString());
            } catch (X509ExtensionException e2) {
                throw new CRLException(e2.toString());
            }
        } finally {
            a((InputStream) null);
        }
    }

    void a(DerInputStream derInputStream, a aVar) throws IOException, CRLException {
        try {
            int intValue = derInputStream.nextTag() == 2 ? derInputStream.readInteger().intValue() : -1;
            Signature signature = this.a.getSignature(new AlgorithmID(derInputStream));
            if (signature != null) {
                aVar.a(signature);
            } else {
                aVar.a(false);
            }
            Name name = new Name(DerCoder.decode(derInputStream));
            Date date = new ChoiceOfTime(DerCoder.decode(derInputStream)).getDate();
            int nextTag = derInputStream.nextTag();
            this.a.header(intValue, name, date, (nextTag == 23 || nextTag == 24) ? new ChoiceOfTime(DerCoder.decode(derInputStream)).getDate() : null);
            if (derInputStream.nextTag() == 16) {
                a(derInputStream.readSequence());
            }
            this.a.extensions(derInputStream.nextIsContextSpecific() ? new X509Extensions(DerCoder.decode(derInputStream.readContextSpecific())) : null);
        } catch (CodingException e) {
            throw new CRLException(e.toString());
        } catch (X509ExtensionException e2) {
            throw new CRLException(e2.toString());
        } catch (InvalidKeyException e3) {
            throw new CRLException(e3.toString());
        } catch (NoSuchAlgorithmException e4) {
            throw new CRLException(e4.toString());
        } catch (SignatureException e5) {
            throw new CRLException(e5.toString());
        }
    }

    public CRLListener getListener() {
        return this.a;
    }

    public void parse(InputStream inputStream) throws IOException, CRLException {
        boolean z = false;
        a aVar = new a(inputStream);
        aVar.a(false);
        DerInputStream derInputStream = new DerInputStream(aVar);
        if (derInputStream.nextTag() != 16) {
            throw new CRLException("Invalid CRL. CRL is not a SEQUENCE.");
        }
        DerInputStream readSequence = derInputStream.readSequence();
        aVar.a(true);
        if (readSequence.nextTag() != 16) {
            throw new CRLException("Invalid CRL. tbsCertList TBSCertList (SEQUENCE) expected.");
        }
        a(readSequence.readSequence(), aVar);
        aVar.a(false);
        AlgorithmID algorithmID = new AlgorithmID(readSequence);
        if (readSequence.nextTag() != 3) {
            throw new CRLException("Invalid CRL. signatureValue BIT STRING expected.");
        }
        byte[] bArr = (byte[]) readSequence.readBitString().getValue();
        Signature a = aVar.a();
        if (a != null) {
            try {
                z = a.verify(bArr);
            } catch (SignatureException e) {
            }
        }
        this.a.signature(algorithmID, bArr, z);
        inputStream.close();
    }
}
