package p.b.w.f;

import java.io.IOException;
import java.math.BigInteger;
import java.security.PublicKey;
import java.security.cert.CRLException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509CRLSelector;
import java.security.cert.X509Certificate;
import java.security.cert.X509Extension;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import p.b.b.AbstractC1224D;
import p.b.b.AbstractC1471z;
import p.b.b.C1306j;
import p.b.b.C1435t;
import p.b.b.C1467y;
import p.b.b.a2.B;
import p.b.b.a2.C1277m;
import p.b.b.a2.C1288y;
import p.b.b.a2.C1289z;
import p.b.b.a2.E;
import p.b.b.a2.F;
import p.b.b.a2.L;
import p.b.n.p;
import p.b.n.t;
import p.b.z.u;
import p.b.z.v;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes3.dex */
public class m {

    /* renamed from: a, reason: collision with root package name */
    protected static final String f37002a = B.R5.N();

    m() {
    }

    static void a(Set set, Object obj) throws b {
        if (set.isEmpty()) {
            throw new b("No CRLs found for issuer \"" + p.b.b.Z1.g.e.T.h(j((X509Certificate) obj)) + "\"");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void b(LinkedHashSet linkedHashSet, t tVar, List list) throws a {
        for (Object obj : list) {
            if (obj instanceof u) {
                try {
                    linkedHashSet.addAll(((u) obj).getMatches(tVar));
                } catch (v e2) {
                    throw new a("Problem while picking certificates from X.509 store.", e2);
                }
            } else {
                try {
                    linkedHashSet.addAll(t.d(tVar, (CertStore) obj));
                } catch (CertStoreException e3) {
                    throw new a("Problem while picking certificates from certificate store.", e3);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static List<p.b.n.o> c(C1277m c1277m, Map<E, p.b.n.o> map) throws a {
        if (c1277m == null) {
            return Collections.emptyList();
        }
        try {
            C1288y[] A = c1277m.A();
            ArrayList arrayList = new ArrayList();
            for (C1288y c1288y : A) {
                C1289z B = c1288y.B();
                if (B != null && B.D() == 0) {
                    for (E e2 : F.B(B.C()).D()) {
                        p.b.n.o oVar = map.get(e2);
                        if (oVar != null) {
                            arrayList.add(oVar);
                        }
                    }
                }
            }
            return arrayList;
        } catch (Exception e3) {
            throw new a("Distribution points could not be read.", e3);
        }
    }

    protected static void d(C1288y c1288y, Collection collection, X509CRLSelector x509CRLSelector) throws a {
        ArrayList arrayList = new ArrayList();
        if (c1288y.A() != null) {
            E[] D = c1288y.A().D();
            for (int i2 = 0; i2 < D.length; i2++) {
                if (D[i2].s() == 4) {
                    try {
                        arrayList.add(p.b.b.Z1.d.B(D[i2].C()));
                    } catch (IllegalArgumentException e2) {
                        throw new a("CRL issuer information from distribution point cannot be decoded.", e2);
                    }
                }
            }
        } else {
            if (c1288y.B() == null) {
                throw new a("CRL issuer is omitted from distribution point but no distributionPoint field present.");
            }
            Iterator it = collection.iterator();
            while (it.hasNext()) {
                arrayList.add(it.next());
            }
        }
        Iterator it2 = arrayList.iterator();
        while (it2.hasNext()) {
            try {
                x509CRLSelector.addIssuerName(((p.b.b.Z1.d) it2.next()).getEncoded());
            } catch (IOException e3) {
                throw new a("Cannot decode CRL issuer information.", e3);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void e(Date date, X509CRL x509crl, Object obj, e eVar) throws a {
        X509CRLEntry revokedCertificate;
        try {
            boolean p2 = p(x509crl);
            X509Certificate x509Certificate = (X509Certificate) obj;
            p.b.b.Z1.d j2 = j(x509Certificate);
            if ((p2 || j2.equals(i(x509crl))) && (revokedCertificate = x509crl.getRevokedCertificate(x509Certificate.getSerialNumber())) != null) {
                if (p2) {
                    X500Principal certificateIssuer = revokedCertificate.getCertificateIssuer();
                    if (!j2.equals(certificateIssuer == null ? i(x509crl) : n(certificateIssuer))) {
                        return;
                    }
                }
                int i2 = 0;
                if (revokedCertificate.hasExtensions()) {
                    try {
                        C1306j J = C1306j.J(h(revokedCertificate, B.f29353q));
                        if (J != null) {
                            i2 = J.O();
                        }
                    } catch (Exception e2) {
                        throw new a("Reason code CRL entry extension could not be decoded.", e2);
                    }
                }
                Date revocationDate = revokedCertificate.getRevocationDate();
                if (!date.before(revocationDate) || i2 == 0 || i2 == 1 || i2 == 2 || i2 == 10) {
                    eVar.c(i2);
                    eVar.d(revocationDate);
                }
            }
        } catch (CRLException e3) {
            throw new a("Failed check for indirect CRL.", e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Set f(C1288y c1288y, Object obj, Date date, List list, List list2) throws a, b {
        X509CRLSelector x509CRLSelector = new X509CRLSelector();
        try {
            HashSet hashSet = new HashSet();
            hashSet.add(j((X509Certificate) obj));
            d(c1288y, hashSet, x509CRLSelector);
            if (obj instanceof X509Certificate) {
                x509CRLSelector.setCertificateChecking((X509Certificate) obj);
            }
            Set b2 = h.b(new p.b(x509CRLSelector).h(true).g(), date, list, list2);
            a(b2, obj);
            return b2;
        } catch (a e2) {
            throw new a("Could not get issuer information from distribution point.", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Set g(Date date, X509CRL x509crl, List<CertStore> list, List<p.b.n.o> list2) throws a {
        X509CRLSelector x509CRLSelector = new X509CRLSelector();
        try {
            x509CRLSelector.addIssuerName(x509crl.getIssuerX500Principal().getEncoded());
            try {
                AbstractC1224D h2 = h(x509crl, B.f29352h);
                BigInteger L = h2 != null ? C1435t.J(h2).L() : null;
                try {
                    byte[] extensionValue = x509crl.getExtensionValue(f37002a);
                    x509CRLSelector.setMinCRLNumber(L != null ? L.add(BigInteger.valueOf(1L)) : null);
                    p.b bVar = new p.b(x509CRLSelector);
                    bVar.j(extensionValue);
                    bVar.k(true);
                    bVar.l(L);
                    Set<X509CRL> b2 = h.b(bVar.g(), date, list, list2);
                    HashSet hashSet = new HashSet();
                    for (X509CRL x509crl2 : b2) {
                        if (o(x509crl2)) {
                            hashSet.add(x509crl2);
                        }
                    }
                    return hashSet;
                } catch (Exception e2) {
                    throw new a("issuing distribution point extension value could not be read", e2);
                }
            } catch (Exception e3) {
                throw new a("cannot extract CRL number extension from CRL", e3);
            }
        } catch (IOException e4) {
            throw new a("cannot extract issuer from CRL.", e4);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static AbstractC1224D h(X509Extension x509Extension, C1467y c1467y) throws a {
        byte[] extensionValue = x509Extension.getExtensionValue(c1467y.N());
        if (extensionValue == null) {
            return null;
        }
        return l(c1467y, extensionValue);
    }

    private static p.b.b.Z1.d i(X509CRL x509crl) {
        return n(x509crl.getIssuerX500Principal());
    }

    private static p.b.b.Z1.d j(X509Certificate x509Certificate) {
        return n(x509Certificate.getIssuerX500Principal());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static PublicKey k(List list, int i2, p.b.n.A.f fVar) throws CertPathValidatorException {
        DSAPublicKey dSAPublicKey;
        PublicKey publicKey = ((Certificate) list.get(i2)).getPublicKey();
        if (!(publicKey instanceof DSAPublicKey)) {
            return publicKey;
        }
        DSAPublicKey dSAPublicKey2 = (DSAPublicKey) publicKey;
        if (dSAPublicKey2.getParams() != null) {
            return dSAPublicKey2;
        }
        do {
            i2++;
            if (i2 >= list.size()) {
                throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
            }
            PublicKey publicKey2 = ((X509Certificate) list.get(i2)).getPublicKey();
            if (!(publicKey2 instanceof DSAPublicKey)) {
                throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
            }
            dSAPublicKey = (DSAPublicKey) publicKey2;
        } while (dSAPublicKey.getParams() == null);
        DSAParams params = dSAPublicKey.getParams();
        try {
            return fVar.a("DSA").generatePublic(new DSAPublicKeySpec(dSAPublicKey2.getY(), params.getP(), params.getQ(), params.getG()));
        } catch (Exception e2) {
            throw new RuntimeException(e2.getMessage());
        }
    }

    private static AbstractC1224D l(C1467y c1467y, byte[] bArr) throws a {
        try {
            return AbstractC1224D.F(AbstractC1471z.J(bArr).L());
        } catch (Exception e2) {
            throw new a("exception processing extension " + c1467y, e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Date m(p.b.n.v vVar, Date date) {
        Date y = vVar.y();
        return y == null ? date : y;
    }

    private static p.b.b.Z1.d n(X500Principal x500Principal) {
        return p.b.b.Z1.d.B(x500Principal.getEncoded());
    }

    private static boolean o(X509CRL x509crl) {
        Set<String> criticalExtensionOIDs = x509crl.getCriticalExtensionOIDs();
        if (criticalExtensionOIDs == null) {
            return false;
        }
        return criticalExtensionOIDs.contains(k.f36995c);
    }

    public static boolean p(X509CRL x509crl) throws CRLException {
        try {
            byte[] extensionValue = x509crl.getExtensionValue(B.R5.N());
            if (extensionValue != null) {
                if (L.C(AbstractC1471z.J(extensionValue).L()).F()) {
                    return true;
                }
            }
            return false;
        } catch (Exception e2) {
            throw new CRLException("exception reading IssuingDistributionPoint", e2);
        }
    }
}
