package org.bouncycastle.x509;

import ah.c1;
import ah.i0;
import ah.s0;
import ah.t1;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.cert.CRLException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.PKIXParameters;
import java.security.cert.PolicyQualifierInfo;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.security.cert.X509Extension;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory;
import org.bouncycastle.jce.exception.ExtCertPathValidatorException;
import org.bouncycastle.jce.provider.AnnotatedException;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.StoreException;

/* compiled from: TbsSdkJava */
/* loaded from: classes5.dex */
public class c {

    /* renamed from: o, reason: collision with root package name */
    public static final String f66212o = "2.5.29.32.0";

    /* renamed from: q, reason: collision with root package name */
    public static final int f66214q = 5;

    /* renamed from: r, reason: collision with root package name */
    public static final int f66215r = 6;

    /* renamed from: a, reason: collision with root package name */
    public static final h f66198a = new h();

    /* renamed from: b, reason: collision with root package name */
    public static final String f66199b = ah.y.f1716t.x();

    /* renamed from: c, reason: collision with root package name */
    public static final String f66200c = ah.y.f1706j.x();

    /* renamed from: d, reason: collision with root package name */
    public static final String f66201d = ah.y.f1717u.x();

    /* renamed from: e, reason: collision with root package name */
    public static final String f66202e = ah.y.f1704h.x();

    /* renamed from: f, reason: collision with root package name */
    public static final String f66203f = ah.y.f1714r.x();

    /* renamed from: g, reason: collision with root package name */
    public static final String f66204g = ah.y.f1702f.x();

    /* renamed from: h, reason: collision with root package name */
    public static final String f66205h = ah.y.f1722z.x();

    /* renamed from: i, reason: collision with root package name */
    public static final String f66206i = ah.y.f1712p.x();

    /* renamed from: j, reason: collision with root package name */
    public static final String f66207j = ah.y.f1711o.x();

    /* renamed from: k, reason: collision with root package name */
    public static final String f66208k = ah.y.f1719w.x();

    /* renamed from: l, reason: collision with root package name */
    public static final String f66209l = ah.y.f1721y.x();

    /* renamed from: m, reason: collision with root package name */
    public static final String f66210m = ah.y.f1715s.x();

    /* renamed from: n, reason: collision with root package name */
    public static final String f66211n = ah.y.f1718v.x();

    /* renamed from: p, reason: collision with root package name */
    public static final String f66213p = ah.y.f1707k.x();

    /* renamed from: s, reason: collision with root package name */
    public static final String[] f66216s = {"unspecified", "keyCompromise", "cACompromise", "affiliationChanged", "superseded", "cessationOfOperation", "certificateHold", "unknown", "removeFromCRL", "privilegeWithdrawn", "aACompromise"};

    public static Collection a(di.g gVar, List list) throws AnnotatedException {
        HashSet hashSet = new HashSet();
        for (Object obj : list) {
            if (obj instanceof org.bouncycastle.util.p) {
                try {
                    hashSet.addAll(((org.bouncycastle.util.p) obj).a(gVar));
                } catch (StoreException e10) {
                    throw new AnnotatedException("Problem while picking certificates from X.509 store.", e10);
                }
            } else {
                try {
                    hashSet.addAll(di.g.b(gVar, (CertStore) obj));
                } catch (CertStoreException e11) {
                    throw new AnnotatedException("Problem while picking certificates from certificate store.", e11);
                }
            }
        }
        return hashSet;
    }

    public static Collection b(k kVar, List list) throws AnnotatedException {
        HashSet hashSet = new HashSet();
        for (Object obj : list) {
            if (obj instanceof r) {
                try {
                    hashSet.addAll(((r) obj).a(kVar));
                } catch (StoreException e10) {
                    throw new AnnotatedException("Problem while picking certificates from X.509 store.", e10);
                }
            }
        }
        return hashSet;
    }

    public static Collection c(o oVar, List list) throws AnnotatedException {
        HashSet hashSet = new HashSet();
        CertificateFactory certificateFactory = new CertificateFactory();
        for (Object obj : list) {
            if (obj instanceof org.bouncycastle.util.p) {
                try {
                    for (Object obj2 : ((org.bouncycastle.util.p) obj).a(oVar)) {
                        if (obj2 instanceof org.bouncycastle.util.d) {
                            obj2 = certificateFactory.engineGenerateCertificate(new ByteArrayInputStream(((org.bouncycastle.util.d) obj2).getEncoded()));
                        } else if (!(obj2 instanceof Certificate)) {
                            throw new AnnotatedException("Unknown object found in certificate store.");
                        }
                        hashSet.add(obj2);
                    }
                } catch (IOException e10) {
                    throw new AnnotatedException("Problem while extracting certificates from X.509 store.", e10);
                } catch (CertificateException e11) {
                    throw new AnnotatedException("Problem while extracting certificates from X.509 store.", e11);
                } catch (StoreException e12) {
                    throw new AnnotatedException("Problem while picking certificates from X.509 store.", e12);
                }
            } else {
                try {
                    hashSet.addAll(((CertStore) obj).getCertificates(oVar));
                } catch (CertStoreException e13) {
                    throw new AnnotatedException("Problem while picking certificates from certificate store.", e13);
                }
            }
        }
        return hashSet;
    }

    public static ah.b d(PublicKey publicKey) throws CertPathValidatorException {
        try {
            return c1.m(new jf.m(publicKey.getEncoded()).q()).l();
        } catch (Exception e10) {
            throw new ExtCertPathValidatorException("Subject public key cannot be decoded.", e10);
        }
    }

    public static void e(Date date, X509CRL x509crl, Object obj, d dVar) throws AnnotatedException {
        X509CRLEntry revokedCertificate;
        jf.i u10;
        try {
            if (p(x509crl)) {
                revokedCertificate = x509crl.getRevokedCertificate(l(obj));
                if (revokedCertificate == null) {
                    return;
                }
                X500Principal certificateIssuer = revokedCertificate.getCertificateIssuer();
                if (certificateIssuer == null) {
                    certificateIssuer = h(x509crl);
                }
                if (!f(obj).equals(certificateIssuer)) {
                    return;
                }
            } else if (!f(obj).equals(h(x509crl)) || (revokedCertificate = x509crl.getRevokedCertificate(l(obj))) == null) {
                return;
            }
            if (revokedCertificate.hasExtensions()) {
                try {
                    u10 = jf.i.u(g(revokedCertificate, t1.f1603k.x()));
                } catch (Exception e10) {
                    throw new AnnotatedException("Reason code CRL entry extension could not be decoded.", e10);
                }
            } else {
                u10 = null;
            }
            int y10 = u10 == null ? 0 : u10.y();
            if (date.getTime() >= revokedCertificate.getRevocationDate().getTime() || y10 == 0 || y10 == 1 || y10 == 2 || y10 == 10) {
                dVar.c(y10);
                dVar.d(revokedCertificate.getRevocationDate());
            }
        } catch (CRLException e11) {
            throw new AnnotatedException("Failed check for indirect CRL.", e11);
        }
    }

    public static X500Principal f(Object obj) {
        return obj instanceof X509Certificate ? ((X509Certificate) obj).getIssuerX500Principal() : (X500Principal) ((l) obj).c().b()[0];
    }

    public static jf.u g(X509Extension x509Extension, String str) throws AnnotatedException {
        byte[] extensionValue = x509Extension.getExtensionValue(str);
        if (extensionValue == null) {
            return null;
        }
        return j(str, extensionValue);
    }

    public static X500Principal h(X509CRL x509crl) {
        return x509crl.getIssuerX500Principal();
    }

    public static PublicKey i(List list, int i10) throws CertPathValidatorException {
        DSAPublicKey dSAPublicKey;
        PublicKey publicKey = ((Certificate) list.get(i10)).getPublicKey();
        if (!(publicKey instanceof DSAPublicKey)) {
            return publicKey;
        }
        DSAPublicKey dSAPublicKey2 = (DSAPublicKey) publicKey;
        if (dSAPublicKey2.getParams() != null) {
            return dSAPublicKey2;
        }
        do {
            i10++;
            if (i10 >= list.size()) {
                throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
            }
            PublicKey publicKey2 = ((X509Certificate) list.get(i10)).getPublicKey();
            if (!(publicKey2 instanceof DSAPublicKey)) {
                throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
            }
            dSAPublicKey = (DSAPublicKey) publicKey2;
        } while (dSAPublicKey.getParams() == null);
        DSAParams params = dSAPublicKey.getParams();
        try {
            return KeyFactory.getInstance("DSA", BouncyCastleProvider.PROVIDER_NAME).generatePublic(new DSAPublicKeySpec(dSAPublicKey2.getY(), params.getP(), params.getQ(), params.getG()));
        } catch (Exception e10) {
            throw new RuntimeException(e10.getMessage());
        }
    }

    public static jf.u j(String str, byte[] bArr) throws AnnotatedException {
        try {
            return new jf.m(((jf.r) new jf.m(bArr).q()).v()).q();
        } catch (Exception e10) {
            throw new AnnotatedException("exception processing extension " + str, e10);
        }
    }

    public static final Set k(jf.v vVar) throws CertPathValidatorException {
        HashSet hashSet = new HashSet();
        if (vVar == null) {
            return hashSet;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        jf.t b10 = jf.t.b(byteArrayOutputStream);
        Enumeration w10 = vVar.w();
        while (w10.hasMoreElements()) {
            try {
                b10.w((jf.f) w10.nextElement());
                hashSet.add(new PolicyQualifierInfo(byteArrayOutputStream.toByteArray()));
                byteArrayOutputStream.reset();
            } catch (IOException e10) {
                throw new ExtCertPathValidatorException("Policy qualifier info cannot be decoded.", e10);
            }
        }
        return hashSet;
    }

    public static BigInteger l(Object obj) {
        return obj instanceof X509Certificate ? ((X509Certificate) obj).getSerialNumber() : ((l) obj).getSerialNumber();
    }

    public static X500Principal m(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectX500Principal();
    }

    public static Date n(PKIXParameters pKIXParameters) {
        Date date = pKIXParameters.getDate();
        return date == null ? new Date() : date;
    }

    public static boolean o(Set set) {
        return set == null || set.contains("2.5.29.32.0") || set.isEmpty();
    }

    public static boolean p(X509CRL x509crl) throws CRLException {
        try {
            byte[] extensionValue = x509crl.getExtensionValue(ah.y.f1712p.x());
            if (extensionValue != null) {
                if (i0.n(jf.r.t(extensionValue).v()).q()) {
                    return true;
                }
            }
            return false;
        } catch (Exception e10) {
            throw new CRLException("Exception reading IssuingDistributionPoint: " + e10);
        }
    }

    public static boolean q(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN());
    }

    public static void r(int i10, List[] listArr, String str, Map map, X509Certificate x509Certificate) throws AnnotatedException, CertPathValidatorException {
        boolean z10;
        Set set;
        Iterator it = listArr[i10].iterator();
        while (true) {
            if (!it.hasNext()) {
                z10 = false;
                break;
            }
            org.bouncycastle.jce.provider.s sVar = (org.bouncycastle.jce.provider.s) it.next();
            if (sVar.getValidPolicy().equals(str)) {
                sVar.f((Set) map.get(str));
                z10 = true;
                break;
            }
        }
        if (z10) {
            return;
        }
        for (org.bouncycastle.jce.provider.s sVar2 : listArr[i10]) {
            if ("2.5.29.32.0".equals(sVar2.getValidPolicy())) {
                try {
                    Enumeration w10 = jf.v.t(g(x509Certificate, f66199b)).w();
                    while (true) {
                        if (!w10.hasMoreElements()) {
                            set = null;
                            break;
                        }
                        try {
                            s0 k10 = s0.k(w10.nextElement());
                            if ("2.5.29.32.0".equals(k10.l().x())) {
                                try {
                                    set = k(k10.m());
                                    break;
                                } catch (CertPathValidatorException e10) {
                                    throw new ExtCertPathValidatorException("Policy qualifier info set could not be built.", e10);
                                }
                            }
                        } catch (Exception e11) {
                            throw new AnnotatedException("Policy information cannot be decoded.", e11);
                        }
                    }
                    Set set2 = set;
                    boolean contains = x509Certificate.getCriticalExtensionOIDs() != null ? x509Certificate.getCriticalExtensionOIDs().contains(f66199b) : false;
                    org.bouncycastle.jce.provider.s sVar3 = (org.bouncycastle.jce.provider.s) sVar2.getParent();
                    if ("2.5.29.32.0".equals(sVar3.getValidPolicy())) {
                        org.bouncycastle.jce.provider.s sVar4 = new org.bouncycastle.jce.provider.s(new ArrayList(), i10, (Set) map.get(str), sVar3, set2, str, contains);
                        sVar3.a(sVar4);
                        listArr[i10].add(sVar4);
                        return;
                    }
                    return;
                } catch (Exception e12) {
                    throw new AnnotatedException("Certificate policies cannot be decoded.", e12);
                }
            }
        }
    }

    public static org.bouncycastle.jce.provider.s s(int i10, List[] listArr, String str, org.bouncycastle.jce.provider.s sVar) {
        int i11;
        Iterator it = listArr[i10].iterator();
        while (it.hasNext()) {
            org.bouncycastle.jce.provider.s sVar2 = (org.bouncycastle.jce.provider.s) it.next();
            if (sVar2.getValidPolicy().equals(str)) {
                ((org.bouncycastle.jce.provider.s) sVar2.getParent()).d(sVar2);
                it.remove();
                for (int i12 = i10 - 1; i12 >= 0; i12--) {
                    List list = listArr[i12];
                    while (i11 < list.size()) {
                        org.bouncycastle.jce.provider.s sVar3 = (org.bouncycastle.jce.provider.s) list.get(i11);
                        i11 = (sVar3.c() || (sVar = v(sVar, listArr, sVar3)) != null) ? i11 + 1 : 0;
                    }
                }
            }
        }
        return sVar;
    }

    public static boolean t(int i10, List[] listArr, jf.q qVar, Set set) {
        List list = listArr[i10 - 1];
        for (int i11 = 0; i11 < list.size(); i11++) {
            org.bouncycastle.jce.provider.s sVar = (org.bouncycastle.jce.provider.s) list.get(i11);
            if (sVar.getExpectedPolicies().contains(qVar.x())) {
                HashSet hashSet = new HashSet();
                hashSet.add(qVar.x());
                org.bouncycastle.jce.provider.s sVar2 = new org.bouncycastle.jce.provider.s(new ArrayList(), i10, hashSet, sVar, set, qVar.x(), false);
                sVar.a(sVar2);
                listArr[i10].add(sVar2);
                return true;
            }
        }
        return false;
    }

    public static void u(int i10, List[] listArr, jf.q qVar, Set set) {
        List list = listArr[i10 - 1];
        for (int i11 = 0; i11 < list.size(); i11++) {
            org.bouncycastle.jce.provider.s sVar = (org.bouncycastle.jce.provider.s) list.get(i11);
            if ("2.5.29.32.0".equals(sVar.getValidPolicy())) {
                HashSet hashSet = new HashSet();
                hashSet.add(qVar.x());
                org.bouncycastle.jce.provider.s sVar2 = new org.bouncycastle.jce.provider.s(new ArrayList(), i10, hashSet, sVar, set, qVar.x(), false);
                sVar.a(sVar2);
                listArr[i10].add(sVar2);
                return;
            }
        }
    }

    public static org.bouncycastle.jce.provider.s v(org.bouncycastle.jce.provider.s sVar, List[] listArr, org.bouncycastle.jce.provider.s sVar2) {
        org.bouncycastle.jce.provider.s sVar3 = (org.bouncycastle.jce.provider.s) sVar2.getParent();
        if (sVar == null) {
            return null;
        }
        if (sVar3 != null) {
            sVar3.d(sVar2);
            w(listArr, sVar2);
            return sVar;
        }
        for (int i10 = 0; i10 < listArr.length; i10++) {
            listArr[i10] = new ArrayList();
        }
        return null;
    }

    public static void w(List[] listArr, org.bouncycastle.jce.provider.s sVar) {
        listArr[sVar.getDepth()].remove(sVar);
        if (sVar.c()) {
            Iterator children = sVar.getChildren();
            while (children.hasNext()) {
                w(listArr, (org.bouncycastle.jce.provider.s) children.next());
            }
        }
    }

    public static void x(X509Certificate x509Certificate, PublicKey publicKey, String str) throws GeneralSecurityException {
        if (str == null) {
            x509Certificate.verify(publicKey);
        } else {
            x509Certificate.verify(publicKey, str);
        }
    }
}
