package m.b.k;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.cert.CRLException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.PKIXParameters;
import java.security.cert.PolicyQualifierInfo;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.security.cert.X509Extension;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import m.b.b.f4.d1;
import m.b.b.f4.i0;
import m.b.b.f4.t0;
import m.b.b.f4.u1;
import m.b.g.o.h0;

/* loaded from: classes4.dex */
public class d {

    /* renamed from: o, reason: collision with root package name */
    public static final String f20543o = "2.5.29.32.0";

    /* renamed from: q, reason: collision with root package name */
    public static final int f20545q = 5;
    public static final int r = 6;
    public static final l a = new l();
    public static final String b = m.b.b.f4.y.L.S();

    /* renamed from: c, reason: collision with root package name */
    public static final String f20531c = m.b.b.f4.y.B.S();

    /* renamed from: d, reason: collision with root package name */
    public static final String f20532d = m.b.b.f4.y.M.S();

    /* renamed from: e, reason: collision with root package name */
    public static final String f20533e = m.b.b.f4.y.z.S();

    /* renamed from: f, reason: collision with root package name */
    public static final String f20534f = m.b.b.f4.y.J.S();

    /* renamed from: g, reason: collision with root package name */
    public static final String f20535g = m.b.b.f4.y.x.S();

    /* renamed from: h, reason: collision with root package name */
    public static final String f20536h = m.b.b.f4.y.R.S();

    /* renamed from: i, reason: collision with root package name */
    public static final String f20537i = m.b.b.f4.y.H.S();

    /* renamed from: j, reason: collision with root package name */
    public static final String f20538j = m.b.b.f4.y.G.S();

    /* renamed from: k, reason: collision with root package name */
    public static final String f20539k = m.b.b.f4.y.O.S();

    /* renamed from: l, reason: collision with root package name */
    public static final String f20540l = m.b.b.f4.y.Q.S();

    /* renamed from: m, reason: collision with root package name */
    public static final String f20541m = m.b.b.f4.y.K.S();

    /* renamed from: n, reason: collision with root package name */
    public static final String f20542n = m.b.b.f4.y.N.S();

    /* renamed from: p, reason: collision with root package name */
    public static final String f20544p = m.b.b.f4.y.C.S();
    public static final String[] s = {"unspecified", "keyCompromise", "cACompromise", "affiliationChanged", "superseded", "cessationOfOperation", "certificateHold", "unknown", "removeFromCRL", "privilegeWithdrawn", "aACompromise"};

    public static Collection a(m.b.f.m mVar, List list) throws m.b.g.o.a {
        HashSet hashSet = new HashSet();
        for (Object obj : list) {
            if (obj instanceof m.b.j.o) {
                try {
                    hashSet.addAll(((m.b.j.o) obj).a(mVar));
                } catch (m.b.j.p e2) {
                    throw new m.b.g.o.a("Problem while picking certificates from X.509 store.", e2);
                }
            } else {
                try {
                    hashSet.addAll(m.b.f.m.b(mVar, (CertStore) obj));
                } catch (CertStoreException e3) {
                    throw new m.b.g.o.a("Problem while picking certificates from certificate store.", e3);
                }
            }
        }
        return hashSet;
    }

    public static Collection b(o oVar, List list) throws m.b.g.o.a {
        HashSet hashSet = new HashSet();
        for (Object obj : list) {
            if (obj instanceof v) {
                try {
                    hashSet.addAll(((v) obj).a(oVar));
                } catch (m.b.j.p e2) {
                    throw new m.b.g.o.a("Problem while picking certificates from X.509 store.", e2);
                }
            }
        }
        return hashSet;
    }

    public static Collection c(s sVar, List list) throws m.b.g.o.a {
        HashSet hashSet = new HashSet();
        m.b.f.q.a.w.a aVar = new m.b.f.q.a.w.a();
        for (Object obj : list) {
            if (obj instanceof m.b.j.o) {
                try {
                    for (Object obj2 : ((m.b.j.o) obj).a(sVar)) {
                        if (obj2 instanceof m.b.j.d) {
                            obj2 = aVar.engineGenerateCertificate(new ByteArrayInputStream(((m.b.j.d) obj2).getEncoded()));
                        } else if (!(obj2 instanceof Certificate)) {
                            throw new m.b.g.o.a("Unknown object found in certificate store.");
                        }
                        hashSet.add(obj2);
                    }
                } catch (IOException e2) {
                    throw new m.b.g.o.a("Problem while extracting certificates from X.509 store.", e2);
                } catch (CertificateException e3) {
                    throw new m.b.g.o.a("Problem while extracting certificates from X.509 store.", e3);
                } catch (m.b.j.p e4) {
                    throw new m.b.g.o.a("Problem while picking certificates from X.509 store.", e4);
                }
            } else {
                try {
                    hashSet.addAll(((CertStore) obj).getCertificates(sVar));
                } catch (CertStoreException e5) {
                    throw new m.b.g.o.a("Problem while picking certificates from certificate store.", e5);
                }
            }
        }
        return hashSet;
    }

    public static m.b.b.f4.b d(PublicKey publicKey) throws CertPathValidatorException {
        try {
            return d1.u(new m.b.b.m(publicKey.getEncoded()).j()).s();
        } catch (Exception e2) {
            throw new m.b.g.l.b("Subject public key cannot be decoded.", e2);
        }
    }

    public static void e(Date date, X509CRL x509crl, Object obj, e eVar) throws m.b.g.o.a {
        X509CRLEntry revokedCertificate;
        try {
            if (p(x509crl)) {
                revokedCertificate = x509crl.getRevokedCertificate(l(obj));
                if (revokedCertificate == null) {
                    return;
                }
                X500Principal certificateIssuer = revokedCertificate.getCertificateIssuer();
                if (certificateIssuer == null) {
                    certificateIssuer = h(x509crl);
                }
                if (!f(obj).equals(certificateIssuer)) {
                    return;
                }
            } else if (!f(obj).equals(h(x509crl)) || (revokedCertificate = x509crl.getRevokedCertificate(l(obj))) == null) {
                return;
            }
            m.b.b.i iVar = null;
            if (revokedCertificate.hasExtensions()) {
                try {
                    iVar = m.b.b.i.M(g(revokedCertificate, u1.f16956k.S()));
                } catch (Exception e2) {
                    throw new m.b.g.o.a("Reason code CRL entry extension could not be decoded.", e2);
                }
            }
            if (date.getTime() >= revokedCertificate.getRevocationDate().getTime() || iVar == null || iVar.Q().intValue() == 0 || iVar.Q().intValue() == 1 || iVar.Q().intValue() == 2 || iVar.Q().intValue() == 8) {
                eVar.c(iVar != null ? iVar.Q().intValue() : 0);
                eVar.d(revokedCertificate.getRevocationDate());
            }
        } catch (CRLException e3) {
            throw new m.b.g.o.a("Failed check for indirect CRL.", e3);
        }
    }

    public static X500Principal f(Object obj) {
        return obj instanceof X509Certificate ? ((X509Certificate) obj).getIssuerX500Principal() : (X500Principal) ((p) obj).m().b()[0];
    }

    public static m.b.b.v g(X509Extension x509Extension, String str) throws m.b.g.o.a {
        byte[] extensionValue = x509Extension.getExtensionValue(str);
        if (extensionValue == null) {
            return null;
        }
        return j(str, extensionValue);
    }

    public static X500Principal h(X509CRL x509crl) {
        return x509crl.getIssuerX500Principal();
    }

    public static PublicKey i(List list, int i2) throws CertPathValidatorException {
        DSAPublicKey dSAPublicKey;
        PublicKey publicKey = ((Certificate) list.get(i2)).getPublicKey();
        if (!(publicKey instanceof DSAPublicKey)) {
            return publicKey;
        }
        DSAPublicKey dSAPublicKey2 = (DSAPublicKey) publicKey;
        if (dSAPublicKey2.getParams() != null) {
            return dSAPublicKey2;
        }
        do {
            i2++;
            if (i2 >= list.size()) {
                throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
            }
            PublicKey publicKey2 = ((X509Certificate) list.get(i2)).getPublicKey();
            if (!(publicKey2 instanceof DSAPublicKey)) {
                throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
            }
            dSAPublicKey = (DSAPublicKey) publicKey2;
        } while (dSAPublicKey.getParams() == null);
        DSAParams params = dSAPublicKey.getParams();
        try {
            return KeyFactory.getInstance("DSA", "BC").generatePublic(new DSAPublicKeySpec(dSAPublicKey2.getY(), params.getP(), params.getQ(), params.getG()));
        } catch (Exception e2) {
            throw new RuntimeException(e2.getMessage());
        }
    }

    public static m.b.b.v j(String str, byte[] bArr) throws m.b.g.o.a {
        try {
            return new m.b.b.m(((m.b.b.r) new m.b.b.m(bArr).j()).N()).j();
        } catch (Exception e2) {
            throw new m.b.g.o.a("exception processing extension " + str, e2);
        }
    }

    public static final Set k(m.b.b.w wVar) throws CertPathValidatorException {
        HashSet hashSet = new HashSet();
        if (wVar == null) {
            return hashSet;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        m.b.b.t tVar = new m.b.b.t(byteArrayOutputStream);
        Enumeration S = wVar.S();
        while (S.hasMoreElements()) {
            try {
                tVar.m((m.b.b.f) S.nextElement());
                hashSet.add(new PolicyQualifierInfo(byteArrayOutputStream.toByteArray()));
                byteArrayOutputStream.reset();
            } catch (IOException e2) {
                throw new m.b.g.l.b("Policy qualifier info cannot be decoded.", e2);
            }
        }
        return hashSet;
    }

    public static BigInteger l(Object obj) {
        return obj instanceof X509Certificate ? ((X509Certificate) obj).getSerialNumber() : ((p) obj).getSerialNumber();
    }

    public static X500Principal m(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectX500Principal();
    }

    public static Date n(PKIXParameters pKIXParameters) {
        Date date = pKIXParameters.getDate();
        return date == null ? new Date() : date;
    }

    public static boolean o(Set set) {
        return set == null || set.contains("2.5.29.32.0") || set.isEmpty();
    }

    public static boolean p(X509CRL x509crl) throws CRLException {
        try {
            byte[] extensionValue = x509crl.getExtensionValue(m.b.b.f4.y.H.S());
            if (extensionValue != null) {
                if (i0.v(m.b.b.r.H(extensionValue).N()).G()) {
                    return true;
                }
            }
            return false;
        } catch (Exception e2) {
            throw new CRLException("Exception reading IssuingDistributionPoint: " + e2);
        }
    }

    public static boolean q(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN());
    }

    public static void r(int i2, List[] listArr, String str, Map map, X509Certificate x509Certificate) throws m.b.g.o.a, CertPathValidatorException {
        boolean z;
        Iterator it = listArr[i2].iterator();
        while (true) {
            if (!it.hasNext()) {
                z = false;
                break;
            }
            h0 h0Var = (h0) it.next();
            if (h0Var.getValidPolicy().equals(str)) {
                z = true;
                h0Var.f((Set) map.get(str));
                break;
            }
        }
        if (z) {
            return;
        }
        for (h0 h0Var2 : listArr[i2]) {
            if ("2.5.29.32.0".equals(h0Var2.getValidPolicy())) {
                Set set = null;
                try {
                    Enumeration S = m.b.b.w.H(g(x509Certificate, b)).S();
                    while (true) {
                        if (!S.hasMoreElements()) {
                            break;
                        }
                        try {
                            t0 n2 = t0.n(S.nextElement());
                            if ("2.5.29.32.0".equals(n2.s().S())) {
                                try {
                                    set = k(n2.u());
                                    break;
                                } catch (CertPathValidatorException e2) {
                                    throw new m.b.g.l.b("Policy qualifier info set could not be built.", e2);
                                }
                            }
                        } catch (Exception e3) {
                            throw new m.b.g.o.a("Policy information cannot be decoded.", e3);
                        }
                    }
                    Set set2 = set;
                    boolean contains = x509Certificate.getCriticalExtensionOIDs() != null ? x509Certificate.getCriticalExtensionOIDs().contains(b) : false;
                    h0 h0Var3 = (h0) h0Var2.getParent();
                    if ("2.5.29.32.0".equals(h0Var3.getValidPolicy())) {
                        h0 h0Var4 = new h0(new ArrayList(), i2, (Set) map.get(str), h0Var3, set2, str, contains);
                        h0Var3.a(h0Var4);
                        listArr[i2].add(h0Var4);
                        return;
                    }
                    return;
                } catch (Exception e4) {
                    throw new m.b.g.o.a("Certificate policies cannot be decoded.", e4);
                }
            }
        }
    }

    public static h0 s(int i2, List[] listArr, String str, h0 h0Var) {
        int i3;
        Iterator it = listArr[i2].iterator();
        while (it.hasNext()) {
            h0 h0Var2 = (h0) it.next();
            if (h0Var2.getValidPolicy().equals(str)) {
                ((h0) h0Var2.getParent()).d(h0Var2);
                it.remove();
                for (int i4 = i2 - 1; i4 >= 0; i4--) {
                    List list = listArr[i4];
                    while (i3 < list.size()) {
                        h0 h0Var3 = (h0) list.get(i3);
                        i3 = (h0Var3.c() || (h0Var = v(h0Var, listArr, h0Var3)) != null) ? i3 + 1 : 0;
                    }
                }
            }
        }
        return h0Var;
    }

    public static boolean t(int i2, List[] listArr, m.b.b.q qVar, Set set) {
        List list = listArr[i2 - 1];
        for (int i3 = 0; i3 < list.size(); i3++) {
            h0 h0Var = (h0) list.get(i3);
            if (h0Var.getExpectedPolicies().contains(qVar.S())) {
                HashSet hashSet = new HashSet();
                hashSet.add(qVar.S());
                h0 h0Var2 = new h0(new ArrayList(), i2, hashSet, h0Var, set, qVar.S(), false);
                h0Var.a(h0Var2);
                listArr[i2].add(h0Var2);
                return true;
            }
        }
        return false;
    }

    public static void u(int i2, List[] listArr, m.b.b.q qVar, Set set) {
        List list = listArr[i2 - 1];
        for (int i3 = 0; i3 < list.size(); i3++) {
            h0 h0Var = (h0) list.get(i3);
            if ("2.5.29.32.0".equals(h0Var.getValidPolicy())) {
                HashSet hashSet = new HashSet();
                hashSet.add(qVar.S());
                h0 h0Var2 = new h0(new ArrayList(), i2, hashSet, h0Var, set, qVar.S(), false);
                h0Var.a(h0Var2);
                listArr[i2].add(h0Var2);
                return;
            }
        }
    }

    public static h0 v(h0 h0Var, List[] listArr, h0 h0Var2) {
        h0 h0Var3 = (h0) h0Var2.getParent();
        if (h0Var == null) {
            return null;
        }
        if (h0Var3 != null) {
            h0Var3.d(h0Var2);
            w(listArr, h0Var2);
            return h0Var;
        }
        for (int i2 = 0; i2 < listArr.length; i2++) {
            listArr[i2] = new ArrayList();
        }
        return null;
    }

    public static void w(List[] listArr, h0 h0Var) {
        listArr[h0Var.getDepth()].remove(h0Var);
        if (h0Var.c()) {
            Iterator children = h0Var.getChildren();
            while (children.hasNext()) {
                w(listArr, (h0) children.next());
            }
        }
    }

    public static void x(X509Certificate x509Certificate, PublicKey publicKey, String str) throws GeneralSecurityException {
        if (str == null) {
            x509Certificate.verify(publicKey);
        } else {
            x509Certificate.verify(publicKey, str);
        }
    }
}
