package mitm.common.security.crl;

import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import mitm.common.security.certificate.X500PrincipalUtils;
import org.bouncycastle.asn1.x509.CertificateList;
import org.bouncycastle.asn1.x509.IssuingDistributionPoint;
import org.bouncycastle.asn1.x509.TBSCertList;
import org.bouncycastle.jce.provider.X509CRLObject;

/* loaded from: classes2.dex */
public class OptimizedX509CRLObject extends X509CRLObject {
    private final CertificateList certificateList;
    private final boolean isIndirect;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public class CRLEntryEnumeration implements Enumeration<X509CRLEntry> {
        private X500Principal previousCertificateIssuer;
        private final Enumeration<TBSCertList.CRLEntry> revokedCertificateEntries;

        public CRLEntryEnumeration() {
            this.revokedCertificateEntries = OptimizedX509CRLObject.this.certificateList.getRevokedCertificateEnumeration();
            this.previousCertificateIssuer = OptimizedX509CRLObject.this.getIssuerX500Principal();
        }

        @Override // java.util.Enumeration
        public boolean hasMoreElements() {
            Enumeration<TBSCertList.CRLEntry> enumeration = this.revokedCertificateEntries;
            return enumeration != null && enumeration.hasMoreElements();
        }

        @Override // java.util.Enumeration
        public X509CRLEntry nextElement() {
            Enumeration<TBSCertList.CRLEntry> enumeration = this.revokedCertificateEntries;
            if (enumeration == null) {
                throw new IllegalStateException("There is no next because revokedCertificatesEnum is null.");
            }
            OptimizedX509CRLEntryObject optimizedX509CRLEntryObject = new OptimizedX509CRLEntryObject(enumeration.nextElement(), OptimizedX509CRLObject.this.isIndirect, X500PrincipalUtils.toX500Name(this.previousCertificateIssuer));
            this.previousCertificateIssuer = optimizedX509CRLEntryObject.getCertificateIssuer();
            return optimizedX509CRLEntryObject;
        }
    }

    public OptimizedX509CRLObject(CertificateList certificateList) throws CRLException {
        super(certificateList);
        this.certificateList = certificateList;
        try {
            this.isIndirect = isIndirect();
        } catch (IOException e) {
            throw new CRLException(e);
        }
    }

    private boolean isIndirect() throws IOException {
        IssuingDistributionPoint issuingDistributionPoint = X509CRLInspector.getIssuingDistributionPoint(this);
        return issuingDistributionPoint != null && issuingDistributionPoint.isIndirectCRL();
    }

    @Override // org.bouncycastle.jce.provider.X509CRLObject, java.security.cert.X509CRL
    public X509CRLEntry getRevokedCertificate(BigInteger bigInteger) {
        Enumeration<? extends X509CRLEntry> revokedCertificatesEnumeration = getRevokedCertificatesEnumeration();
        while (revokedCertificatesEnumeration.hasMoreElements()) {
            X509CRLEntry nextElement = revokedCertificatesEnumeration.nextElement();
            if (nextElement.getSerialNumber().equals(bigInteger)) {
                return nextElement;
            }
        }
        return null;
    }

    @Override // org.bouncycastle.jce.provider.X509CRLObject, java.security.cert.X509CRL
    public Set<? extends X509CRLEntry> getRevokedCertificates() {
        Enumeration<? extends X509CRLEntry> revokedCertificatesEnumeration = getRevokedCertificatesEnumeration();
        HashSet hashSet = null;
        while (revokedCertificatesEnumeration.hasMoreElements()) {
            if (hashSet == null) {
                hashSet = new HashSet();
            }
            hashSet.add(revokedCertificatesEnumeration.nextElement());
        }
        return hashSet;
    }

    public Enumeration<? extends X509CRLEntry> getRevokedCertificatesEnumeration() {
        return new CRLEntryEnumeration();
    }

    @Override // org.bouncycastle.jce.provider.X509CRLObject, java.security.cert.CRL
    public boolean isRevoked(Certificate certificate) {
        if (certificate instanceof X509Certificate) {
            return getRevokedCertificate(((X509Certificate) certificate).getSerialNumber()) != null;
        }
        throw new RuntimeException("Certificate must be a X509 Certificate.");
    }
}
