package com.ibm.cfwk.tools;

import com.ibm.cfwk.API;
import com.ibm.cfwk.pki.X509CRL;
import com.ibm.cfwk.pki.X509CRLEntry;
import com.ibm.cfwk.pki.X509Cert;
import com.ibm.cfwk.pki.X509Util;
import com.ibm.util.getopt.ArgEater;
import com.ibm.util.getopt.FileData;
import com.ibm.util.getopt.GUITrigger;
import com.ibm.util.getopt.GetOptSpec;
import com.ibm.util.getopt.HelpOption;
import com.ibm.util.getopt.Option;
import com.ibm.util.getopt.OptionSet;
import java.text.SimpleDateFormat;
import java.util.Date;

/* loaded from: input_file:lib/swimport.zip:com/ibm/cfwk/tools/CRLTool.class */
public class CRLTool {
    static final String cmd = "crltool";
    static final String doc = "A tool to inspect and verify CRLs.";
    static API api;
    static FileData crlFile;
    static FileData issuerFile;
    static Option vrfyOpt;
    static Option printOpt;
    static ExtProfile profile;
    static Option profOpt;
    static Option gui;
    static Option verbose;
    static Option[] opts;
    static ArgEater[] args;
    static GetOptSpec spec;

    public static void main(String[] strArr) {
        spec.parse(strArr);
        X509CRL x509crl = null;
        try {
            try {
                x509crl = new X509CRL(X509Util.toBinary("CRL", crlFile.getFileData()));
            } catch (Exception e) {
                System.err.println(new StringBuffer("crltool: Cannot decode CRL: ").append(e).toString());
                System.exit(1);
            }
            if (printOpt.isSet() || !vrfyOpt.isSet()) {
                System.out.print(new StringBuffer("CRL read from `").append(crlFile.getString()).append("':\n").append(x509crl).toString());
                if (x509crl.extensions().numberOfExtensions() > 0) {
                    System.out.println("CRL Extensions:");
                    CertTool.printExtensions(x509crl.extensions(), "    ", profile.getProfile());
                }
                int numberOfEntries = x509crl.numberOfEntries();
                SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd/hh:mm:ss");
                System.out.println(new StringBuffer("CRL Entries (").append(numberOfEntries).append("):").toString());
                for (int i = 0; i < numberOfEntries; i++) {
                    X509CRLEntry entry = x509crl.entry(i);
                    System.out.println(new StringBuffer("       ").append(simpleDateFormat.format(new Date(entry.revocationDate()))).append("  ").append(entry.certSerialNo()).toString());
                    CertTool.printExtensions(entry.extensions(), "    ", profile.getProfile());
                }
            }
            if (vrfyOpt.isSet()) {
                X509Cert x509Cert = null;
                try {
                    x509Cert = new X509Cert(X509Util.toBinary("CERTIFICATE", issuerFile.getFileData()));
                } catch (Exception e2) {
                    if (System.getProperty("PRINT.STACKTRACE") != null) {
                        e2.printStackTrace();
                    }
                    System.err.println(new StringBuffer("crltool: Cannot decode issuer certificate: ").append(e2).toString());
                    System.exit(1);
                }
                boolean verify = x509crl.verify(x509Cert.subjectKey(api), api);
                System.out.println(new StringBuffer("Verification: ").append(verify ? "ok" : "failed").toString());
                System.exit(verify ? 0 : 1);
            }
        } catch (Exception e3) {
            if (System.getProperty("PRINT.STACKTRACE") != null) {
                e3.printStackTrace();
            }
            System.err.println(new StringBuffer("crltool: Something failed: ").append(e3.getClass().getName()).append(": ").append(e3.getMessage()).toString());
            System.exit(1);
        }
        System.exit(0);
    }

    static {
        try {
            api = new API() { // from class: com.ibm.cfwk.tools.CRLTool.1
            }.open();
        } catch (Exception e) {
            System.err.println(new StringBuffer("crltool: ").append(e.getMessage()).toString());
            System.exit(1);
        }
        crlFile = new FileData("crl", "Source CRL file or - for stdin", "-", true, 4);
        issuerFile = new FileData("issuer", null, null, false, 4);
        vrfyOpt = new Option("--verify", (char) 0, "Verify against given issuer certificate", issuerFile);
        printOpt = new Option("--print", (char) 0, "Print certifcate", null);
        profile = new ExtProfile("profile", null);
        profOpt = new Option("--profile", (char) 0, "Definition of some extension profile", profile);
        gui = new GUITrigger();
        verbose = new Option("--verbose", (char) 0, null, null);
        opts = new Option[]{new HelpOption(), gui, verbose, printOpt, profOpt, vrfyOpt};
        args = new ArgEater[]{new OptionSet(opts, null), crlFile};
        spec = new GetOptSpec(cmd, doc, args, 15, true, gui, null);
    }
}
