package o.d.f.d;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateParsingException;
import java.security.cert.PolicyQualifierInfo;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509CRLSelector;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.security.cert.X509Extension;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import o.d.b.h2.m;
import o.d.b.h2.v;
import o.d.b.n;
import o.d.b.p;
import o.d.b.q;
import o.d.b.r;
import o.d.b.x0;
import o.d.e.b;
import o.d.e.d;
import org.spongycastle.jce.exception.ExtCertPathValidatorException;
import org.spongycastle.jce.provider.AnnotatedException;
import org.spongycastle.util.StoreException;

/* compiled from: CertPathValidatorUtilities.java */
/* loaded from: classes3.dex */
public class b {

    /* renamed from: a, reason: collision with root package name */
    public static final d f12907a = new d();

    /* renamed from: b, reason: collision with root package name */
    public static final String f12908b;

    /* renamed from: c, reason: collision with root package name */
    public static final String f12909c;

    /* renamed from: d, reason: collision with root package name */
    public static final String f12910d;

    static {
        o.d.b.h2.k.K0.k();
        o.d.b.h2.k.C0.k();
        o.d.b.h2.k.L0.k();
        o.d.b.h2.k.f12312p.k();
        o.d.b.h2.k.I0.k();
        o.d.b.h2.k.f12311g.k();
        o.d.b.h2.k.Q0.k();
        f12908b = o.d.b.h2.k.G0.k();
        o.d.b.h2.k.F0.k();
        o.d.b.h2.k.N0.k();
        o.d.b.h2.k.P0.k();
        o.d.b.h2.k.J0.k();
        f12909c = o.d.b.h2.k.M0.k();
        f12910d = o.d.b.h2.k.D0.k();
        String[] strArr = {"unspecified", "keyCompromise", "cACompromise", "affiliationChanged", "superseded", "cessationOfOperation", "certificateHold", "unknown", "removeFromCRL", "privilegeWithdrawn", "aACompromise"};
    }

    public static BigInteger a(Object obj) {
        return ((X509Certificate) obj).getSerialNumber();
    }

    public static PublicKey a(List list, int i2, o.d.e.h.b bVar) throws CertPathValidatorException {
        DSAPublicKey dSAPublicKey;
        PublicKey publicKey = ((Certificate) list.get(i2)).getPublicKey();
        if (!(publicKey instanceof DSAPublicKey)) {
            return publicKey;
        }
        DSAPublicKey dSAPublicKey2 = (DSAPublicKey) publicKey;
        if (dSAPublicKey2.getParams() != null) {
            return dSAPublicKey2;
        }
        do {
            i2++;
            if (i2 >= list.size()) {
                throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
            }
            PublicKey publicKey2 = ((X509Certificate) list.get(i2)).getPublicKey();
            if (!(publicKey2 instanceof DSAPublicKey)) {
                throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
            }
            dSAPublicKey = (DSAPublicKey) publicKey2;
        } while (dSAPublicKey.getParams() == null);
        DSAParams params = dSAPublicKey.getParams();
        try {
            return bVar.c("DSA").generatePublic(new DSAPublicKeySpec(dSAPublicKey2.getY(), params.getP(), params.getQ(), params.getG()));
        } catch (Exception e2) {
            throw new RuntimeException(e2.getMessage());
        }
    }

    public static TrustAnchor a(X509Certificate x509Certificate, Set set, String str) throws AnnotatedException {
        X509CertSelector x509CertSelector = new X509CertSelector();
        o.d.b.g2.c a2 = h.a((Object) x509Certificate);
        try {
            x509CertSelector.setSubject(a2.e());
            Iterator it2 = set.iterator();
            TrustAnchor trustAnchor = null;
            Exception e2 = null;
            PublicKey publicKey = null;
            while (it2.hasNext() && trustAnchor == null) {
                trustAnchor = (TrustAnchor) it2.next();
                if (trustAnchor.getTrustedCert() != null) {
                    if (x509CertSelector.match(trustAnchor.getTrustedCert())) {
                        publicKey = trustAnchor.getTrustedCert().getPublicKey();
                    }
                    trustAnchor = null;
                } else {
                    if (trustAnchor.getCAName() != null && trustAnchor.getCAPublicKey() != null) {
                        try {
                            if (a2.equals(h.a(trustAnchor))) {
                                publicKey = trustAnchor.getCAPublicKey();
                            }
                        } catch (IllegalArgumentException unused) {
                        }
                    }
                    trustAnchor = null;
                }
                if (publicKey != null) {
                    try {
                        a(x509Certificate, publicKey, str);
                    } catch (Exception e3) {
                        e2 = e3;
                        trustAnchor = null;
                        publicKey = null;
                    }
                }
            }
            if (trustAnchor != null || e2 == null) {
                return trustAnchor;
            }
            throw new AnnotatedException("TrustAnchor found but certificate validation failed.", e2);
        } catch (IOException e4) {
            throw new AnnotatedException("Cannot set subject search criteria for trust anchor.", e4);
        }
    }

    public static Collection a(X509Certificate x509Certificate, List<CertStore> list, List<o.d.e.c> list2) throws AnnotatedException {
        byte[] f2;
        X509CertSelector x509CertSelector = new X509CertSelector();
        try {
            x509CertSelector.setSubject(h.a(x509Certificate).e());
            try {
                byte[] extensionValue = x509Certificate.getExtensionValue(f12909c);
                if (extensionValue != null && (f2 = o.d.b.h2.b.a(n.a((Object) extensionValue).j()).f()) != null) {
                    x509CertSelector.setSubjectKeyIdentifier(new x0(f2).e());
                }
            } catch (Exception unused) {
            }
            o.d.e.d<? extends Certificate> a2 = new d.b(x509CertSelector).a();
            LinkedHashSet linkedHashSet = new LinkedHashSet();
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.addAll(a(a2, list));
                arrayList.addAll(a(a2, list2));
                Iterator it2 = arrayList.iterator();
                while (it2.hasNext()) {
                    linkedHashSet.add((X509Certificate) it2.next());
                }
                return linkedHashSet;
            } catch (AnnotatedException e2) {
                throw new AnnotatedException("Issuer certificate cannot be searched.", e2);
            }
        } catch (IOException e3) {
            throw new AnnotatedException("Subject criteria for certificate selector to find issuer certificate could not be set.", e3);
        }
    }

    public static Collection a(o.d.e.d dVar, List list) throws AnnotatedException {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        for (Object obj : list) {
            if (obj instanceof o.d.i.j) {
                try {
                    linkedHashSet.addAll(((o.d.i.j) obj).a(dVar));
                } catch (StoreException e2) {
                    throw new AnnotatedException("Problem while picking certificates from X.509 store.", e2);
                }
            } else {
                try {
                    linkedHashSet.addAll(o.d.e.d.a(dVar, (CertStore) obj));
                } catch (CertStoreException e3) {
                    throw new AnnotatedException("Problem while picking certificates from certificate store.", e3);
                }
            }
        }
        return linkedHashSet;
    }

    public static Date a(o.d.e.f fVar) {
        Date e2 = fVar.e();
        return e2 == null ? new Date() : e2;
    }

    public static Date a(o.d.e.f fVar, CertPath certPath, int i2) throws AnnotatedException {
        if (fVar.l() == 1 && i2 > 0) {
            int i3 = i2 - 1;
            if (i3 != 0) {
                return ((X509Certificate) certPath.getCertificates().get(i3)).getNotBefore();
            }
            try {
                byte[] extensionValue = ((X509Certificate) certPath.getCertificates().get(i3)).getExtensionValue(o.d.b.y1.a.f12466d.k());
                o.d.b.h a2 = extensionValue != null ? o.d.b.h.a((Object) q.a(extensionValue)) : null;
                if (a2 == null) {
                    return ((X509Certificate) certPath.getCertificates().get(i3)).getNotBefore();
                }
                try {
                    return a2.k();
                } catch (ParseException e2) {
                    throw new AnnotatedException("Date from date of cert gen extension could not be parsed.", e2);
                }
            } catch (IOException unused) {
                throw new AnnotatedException("Date of cert gen extension could not be read.");
            } catch (IllegalArgumentException unused2) {
                throw new AnnotatedException("Date of cert gen extension could not be read.");
            }
        }
        return a(fVar);
    }

    public static List<o.d.e.a> a(o.d.b.h2.d dVar, Map<m, o.d.e.a> map) throws AnnotatedException {
        if (dVar == null) {
            return Collections.EMPTY_LIST;
        }
        try {
            o.d.b.h2.i[] f2 = dVar.f();
            ArrayList arrayList = new ArrayList();
            for (o.d.b.h2.i iVar : f2) {
                o.d.b.h2.j g2 = iVar.g();
                if (g2 != null && g2.f() == 0) {
                    for (m mVar : o.d.b.h2.n.a(g2.getName()).f()) {
                        o.d.e.a aVar = map.get(mVar);
                        if (aVar != null) {
                            arrayList.add(aVar);
                        }
                    }
                }
            }
            return arrayList;
        } catch (Exception e2) {
            throw new AnnotatedException("Distribution points could not be read.", e2);
        }
    }

    public static List<o.d.e.c> a(byte[] bArr, Map<m, o.d.e.c> map) throws CertificateParsingException {
        if (bArr == null) {
            return Collections.EMPTY_LIST;
        }
        m[] f2 = o.d.b.h2.n.a(n.a((Object) bArr).j()).f();
        ArrayList arrayList = new ArrayList();
        for (int i2 = 0; i2 != f2.length; i2++) {
            o.d.e.c cVar = map.get(f2[i2]);
            if (cVar != null) {
                arrayList.add(cVar);
            }
        }
        return arrayList;
    }

    public static Set a(Date date, X509CRL x509crl, List<CertStore> list, List<o.d.e.a> list2) throws AnnotatedException {
        X509CRLSelector x509CRLSelector = new X509CRLSelector();
        try {
            x509CRLSelector.addIssuerName(h.a(x509crl).e());
            try {
                q a2 = a(x509crl, f12910d);
                BigInteger j2 = a2 != null ? o.d.b.j.a((Object) a2).j() : null;
                try {
                    byte[] extensionValue = x509crl.getExtensionValue(f12908b);
                    x509CRLSelector.setMinCRLNumber(j2 != null ? j2.add(BigInteger.valueOf(1L)) : null);
                    b.C0339b c0339b = new b.C0339b(x509CRLSelector);
                    c0339b.a(extensionValue);
                    c0339b.b(true);
                    c0339b.a(j2);
                    Set<X509CRL> a3 = f12907a.a(c0339b.a(), date, list, list2);
                    HashSet hashSet = new HashSet();
                    for (X509CRL x509crl2 : a3) {
                        if (a(x509crl2)) {
                            hashSet.add(x509crl2);
                        }
                    }
                    return hashSet;
                } catch (Exception e2) {
                    throw new AnnotatedException("Issuing distribution point extension value could not be read.", e2);
                }
            } catch (Exception e3) {
                throw new AnnotatedException("CRL number extension could not be extracted from CRL.", e3);
            }
        } catch (IOException e4) {
            throw new AnnotatedException("Cannot extract issuer from CRL.", e4);
        }
    }

    public static Set a(o.d.b.h2.i iVar, Object obj, Date date, o.d.e.f fVar) throws AnnotatedException {
        X509CRLSelector x509CRLSelector = new X509CRLSelector();
        try {
            HashSet hashSet = new HashSet();
            hashSet.add(h.a(obj));
            a(iVar, hashSet, x509CRLSelector);
            if (obj instanceof X509Certificate) {
                x509CRLSelector.setCertificateChecking((X509Certificate) obj);
            }
            b.C0339b c0339b = new b.C0339b(x509CRLSelector);
            c0339b.a(true);
            o.d.e.b<? extends CRL> a2 = c0339b.a();
            if (fVar.e() != null) {
                date = fVar.e();
            }
            Set a3 = f12907a.a(a2, date, fVar.c(), fVar.a());
            a(a3, obj);
            return a3;
        } catch (AnnotatedException e2) {
            throw new AnnotatedException("Could not get issuer information from distribution point.", e2);
        }
    }

    public static final Set a(r rVar) throws CertPathValidatorException {
        HashSet hashSet = new HashSet();
        if (rVar == null) {
            return hashSet;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        p pVar = new p(byteArrayOutputStream);
        Enumeration j2 = rVar.j();
        while (j2.hasMoreElements()) {
            try {
                pVar.a((o.d.b.e) j2.nextElement());
                hashSet.add(new PolicyQualifierInfo(byteArrayOutputStream.toByteArray()));
                byteArrayOutputStream.reset();
            } catch (IOException e2) {
                throw new ExtCertPathValidatorException("Policy qualifier info cannot be decoded.", e2);
            }
        }
        return hashSet;
    }

    public static o.d.b.h2.a a(PublicKey publicKey) throws CertPathValidatorException {
        try {
            return v.a(new o.d.b.i(publicKey.getEncoded()).x()).f();
        } catch (Exception e2) {
            throw new ExtCertPathValidatorException("Subject public key cannot be decoded.", e2);
        }
    }

    public static q a(String str, byte[] bArr) throws AnnotatedException {
        try {
            return new o.d.b.i(((n) new o.d.b.i(bArr).x()).j()).x();
        } catch (Exception e2) {
            throw new AnnotatedException("exception processing extension " + str, e2);
        }
    }

    public static q a(X509Extension x509Extension, String str) throws AnnotatedException {
        byte[] extensionValue = x509Extension.getExtensionValue(str);
        if (extensionValue == null) {
            return null;
        }
        return a(str, extensionValue);
    }

    public static g a(g gVar, List[] listArr, g gVar2) {
        g gVar3 = (g) gVar2.getParent();
        if (gVar == null) {
            return null;
        }
        if (gVar3 != null) {
            gVar3.b(gVar2);
            a(listArr, gVar2);
            return gVar;
        }
        for (int i2 = 0; i2 < listArr.length; i2++) {
            listArr[i2] = new ArrayList();
        }
        return null;
    }

    public static void a(X509Certificate x509Certificate, PublicKey publicKey, String str) throws GeneralSecurityException {
        if (str == null) {
            x509Certificate.verify(publicKey);
        } else {
            x509Certificate.verify(publicKey, str);
        }
    }

    public static void a(Date date, X509CRL x509crl, Object obj, c cVar) throws AnnotatedException {
        X509CRLEntry revokedCertificate;
        try {
            if (k.a(x509crl)) {
                revokedCertificate = x509crl.getRevokedCertificate(a(obj));
                if (revokedCertificate == null) {
                    return;
                }
                X500Principal certificateIssuer = revokedCertificate.getCertificateIssuer();
                if (!h.a(obj).equals(certificateIssuer == null ? h.a(x509crl) : o.d.b.g2.c.a(certificateIssuer.getEncoded()))) {
                    return;
                }
            } else if (!h.a(obj).equals(h.a(x509crl)) || (revokedCertificate = x509crl.getRevokedCertificate(a(obj))) == null) {
                return;
            }
            o.d.b.g gVar = null;
            if (revokedCertificate.hasExtensions()) {
                try {
                    gVar = o.d.b.g.a((Object) a(revokedCertificate, o.d.b.h2.k.E0.k()));
                } catch (Exception e2) {
                    throw new AnnotatedException("Reason code CRL entry extension could not be decoded.", e2);
                }
            }
            if (date.getTime() >= revokedCertificate.getRevocationDate().getTime() || gVar == null || gVar.j().intValue() == 0 || gVar.j().intValue() == 1 || gVar.j().intValue() == 2 || gVar.j().intValue() == 8) {
                if (gVar != null) {
                    cVar.a(gVar.j().intValue());
                } else {
                    cVar.a(0);
                }
                cVar.a(revokedCertificate.getRevocationDate());
            }
        } catch (CRLException e3) {
            throw new AnnotatedException("Failed check for indirect CRL.", e3);
        }
    }

    public static void a(Set set, Object obj) throws AnnotatedException {
        if (set.isEmpty()) {
            if (obj instanceof o.d.j.d) {
                new StringBuilder().append("No CRLs found for issuer \"");
                ((o.d.j.d) obj).a().a();
                throw null;
            }
            throw new AnnotatedException("No CRLs found for issuer \"" + o.d.b.g2.f.d.V.a(h.a((X509Certificate) obj)) + "\"");
        }
    }

    public static void a(o.d.b.h2.i iVar, Collection collection, X509CRLSelector x509CRLSelector) throws AnnotatedException {
        ArrayList arrayList = new ArrayList();
        if (iVar.f() != null) {
            m[] f2 = iVar.f().f();
            for (int i2 = 0; i2 < f2.length; i2++) {
                if (f2[i2].f() == 4) {
                    try {
                        arrayList.add(o.d.b.g2.c.a(f2[i2].getName().b().e()));
                    } catch (IOException e2) {
                        throw new AnnotatedException("CRL issuer information from distribution point cannot be decoded.", e2);
                    }
                }
            }
        } else {
            if (iVar.g() == null) {
                throw new AnnotatedException("CRL issuer is omitted from distribution point but no distributionPoint field present.");
            }
            Iterator it2 = collection.iterator();
            while (it2.hasNext()) {
                arrayList.add(it2.next());
            }
        }
        Iterator it3 = arrayList.iterator();
        while (it3.hasNext()) {
            try {
                x509CRLSelector.addIssuerName(((o.d.b.g2.c) it3.next()).e());
            } catch (IOException e3) {
                throw new AnnotatedException("Cannot decode CRL issuer information.", e3);
            }
        }
    }

    public static void a(List[] listArr, g gVar) {
        listArr[gVar.getDepth()].remove(gVar);
        if (gVar.b()) {
            Iterator children = gVar.getChildren();
            while (children.hasNext()) {
                a(listArr, (g) children.next());
            }
        }
    }

    public static boolean a(int i2, List[] listArr, o.d.b.m mVar, Set set) {
        List list = listArr[i2 - 1];
        for (int i3 = 0; i3 < list.size(); i3++) {
            g gVar = (g) list.get(i3);
            if (gVar.getExpectedPolicies().contains(mVar.k())) {
                HashSet hashSet = new HashSet();
                hashSet.add(mVar.k());
                g gVar2 = new g(new ArrayList(), i2, hashSet, gVar, set, mVar.k(), false);
                gVar.a(gVar2);
                listArr[i2].add(gVar2);
                return true;
            }
        }
        return false;
    }

    public static boolean a(X509CRL x509crl) {
        Set<String> criticalExtensionOIDs = x509crl.getCriticalExtensionOIDs();
        if (criticalExtensionOIDs == null) {
            return false;
        }
        return criticalExtensionOIDs.contains(i.f12935e);
    }

    public static boolean a(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN());
    }

    public static boolean a(Set set) {
        return set == null || set.contains("2.5.29.32.0") || set.isEmpty();
    }

    public static void b(int i2, List[] listArr, o.d.b.m mVar, Set set) {
        List list = listArr[i2 - 1];
        for (int i3 = 0; i3 < list.size(); i3++) {
            g gVar = (g) list.get(i3);
            if ("2.5.29.32.0".equals(gVar.getValidPolicy())) {
                HashSet hashSet = new HashSet();
                hashSet.add(mVar.k());
                g gVar2 = new g(new ArrayList(), i2, hashSet, gVar, set, mVar.k(), false);
                gVar.a(gVar2);
                listArr[i2].add(gVar2);
                return;
            }
        }
    }
}
