package com.aspose.html.internal.p434;

import com.aspose.html.internal.ms.System.Net.SR;
import com.aspose.html.internal.p322.z21;
import com.aspose.html.internal.p322.z23;
import com.aspose.html.internal.p322.z24;
import com.aspose.html.internal.p322.z67;
import com.aspose.html.internal.p363.z25;
import com.aspose.html.internal.p363.z35;
import com.aspose.html.internal.p363.z46;
import com.aspose.html.internal.p363.z55;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.cert.CRLException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.PolicyQualifierInfo;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.security.cert.X509Extension;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:com/aspose/html/internal/p434/z4.class */
class z4 {
    protected static final String ANY_POLICY = "2.5.29.32.0";
    protected static final int KEY_CERT_SIGN = 5;
    protected static final int CRL_SIGN = 6;
    protected static final String CERTIFICATE_POLICIES = z25.m19762.getId();
    protected static final String BASIC_CONSTRAINTS = z25.m19752.getId();
    protected static final String POLICY_MAPPINGS = z25.m19763.getId();
    protected static final String SUBJECT_ALTERNATIVE_NAME = z25.m19750.getId();
    protected static final String NAME_CONSTRAINTS = z25.m19760.getId();
    protected static final String KEY_USAGE = z25.m19748.getId();
    protected static final String INHIBIT_ANY_POLICY = z25.m19768.getId();
    protected static final String ISSUING_DISTRIBUTION_POINT = z25.m19758.getId();
    protected static final String DELTA_CRL_INDICATOR = z25.m19757.getId();
    protected static final String POLICY_CONSTRAINTS = z25.m19765.getId();
    protected static final String FRESHEST_CRL = z25.m19767.getId();
    protected static final String CRL_DISTRIBUTION_POINTS = z25.m19761.getId();
    protected static final String AUTHORITY_KEY_IDENTIFIER = z25.m19764.getId();
    protected static final String CRL_NUMBER = z25.m19753.getId();
    protected static final String[] crlReasons = {"unspecified", "keyCompromise", "cACompromise", "affiliationChanged", "superseded", "cessationOfOperation", "certificateHold", SR.rM, "removeFromCRL", "privilegeWithdrawn", "aACompromise"};

    /* JADX INFO: Access modifiers changed from: protected */
    public static X500Principal getEncodedIssuerPrincipal(Object obj) {
        if (obj instanceof X509Certificate) {
            return ((X509Certificate) obj).getIssuerX500Principal();
        }
        throw new IllegalArgumentException("unknown certificate type");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Date getValidDate(PKIXParameters pKIXParameters) {
        Date date = pKIXParameters.getDate();
        if (date == null) {
            date = new Date();
        }
        return date;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static X500Principal getSubjectPrincipal(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectX500Principal();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean isSelfIssued(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static z23 m1(X509Extension x509Extension, String str) throws z1 {
        byte[] extensionValue = x509Extension.getExtensionValue(str);
        if (extensionValue == null) {
            return null;
        }
        return m4(str, extensionValue);
    }

    private static z23 m4(String str, byte[] bArr) throws z1 {
        try {
            return new com.aspose.html.internal.p322.z14(((com.aspose.html.internal.p322.z19) new com.aspose.html.internal.p322.z14(bArr).m5080()).getOctets()).m5080();
        } catch (Exception e) {
            throw new z1("exception processing extension " + str, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static X500Principal getIssuerPrincipal(X509CRL x509crl) {
        return x509crl.getIssuerX500Principal();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static com.aspose.html.internal.p363.z2 m7(PublicKey publicKey) throws CertPathValidatorException {
        try {
            return z55.m516(new com.aspose.html.internal.p322.z14(publicKey.getEncoded()).m5080()).m5241();
        } catch (Exception e) {
            throw new CertPathValidatorException("Subject public key cannot be decoded.", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static final Set m9(z24 z24Var) throws CertPathValidatorException {
        HashSet hashSet = new HashSet();
        if (z24Var == null) {
            return hashSet;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        z21 z21Var = new z21(byteArrayOutputStream);
        Enumeration objects = z24Var.getObjects();
        while (objects.hasMoreElements()) {
            try {
                z21Var.m2((com.aspose.html.internal.p322.z6) objects.nextElement());
                hashSet.add(new PolicyQualifierInfo(byteArrayOutputStream.toByteArray()));
                byteArrayOutputStream.reset();
            } catch (IOException e) {
                throw new CertPathValidatorException("Policy qualifier info cannot be decoded.", e);
            }
        }
        return hashSet;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static z13 m1(z13 z13Var, List[] listArr, z13 z13Var2) {
        z13 z13Var3 = (z13) z13Var2.getParent();
        if (z13Var == null) {
            return null;
        }
        if (z13Var3 != null) {
            z13Var3.m2(z13Var2);
            m1(listArr, z13Var2);
            return z13Var;
        }
        for (int i = 0; i < listArr.length; i++) {
            listArr[i] = new ArrayList();
        }
        return null;
    }

    private static void m1(List[] listArr, z13 z13Var) {
        listArr[z13Var.getDepth()].remove(z13Var);
        if (z13Var.hasChildren()) {
            Iterator children = z13Var.getChildren();
            while (children.hasNext()) {
                m1(listArr, (z13) children.next());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean m1(int i, List[] listArr, com.aspose.html.internal.p322.z18 z18Var, Set set) {
        List list = listArr[i - 1];
        for (int i2 = 0; i2 < list.size(); i2++) {
            z13 z13Var = (z13) list.get(i2);
            if (z13Var.getExpectedPolicies().contains(z18Var.getId())) {
                HashSet hashSet = new HashSet();
                hashSet.add(z18Var.getId());
                z13 z13Var2 = new z13(new ArrayList(), i, hashSet, z13Var, set, z18Var.getId(), false);
                z13Var.m1(z13Var2);
                listArr[i].add(z13Var2);
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void m2(int i, List[] listArr, com.aspose.html.internal.p322.z18 z18Var, Set set) {
        List list = listArr[i - 1];
        for (int i2 = 0; i2 < list.size(); i2++) {
            z13 z13Var = (z13) list.get(i2);
            if ("2.5.29.32.0".equals(z13Var.getValidPolicy())) {
                HashSet hashSet = new HashSet();
                hashSet.add(z18Var.getId());
                z13 z13Var2 = new z13(new ArrayList(), i, hashSet, z13Var, set, z18Var.getId(), false);
                z13Var.m1(z13Var2);
                listArr[i].add(z13Var2);
                return;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void prepareNextCertB1(int i, List[] listArr, String str, Map map, X509Certificate x509Certificate) throws z1, CertPathValidatorException {
        boolean z = false;
        Iterator it = listArr[i].iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            z13 z13Var = (z13) it.next();
            if (z13Var.getValidPolicy().equals(str)) {
                z = true;
                z13Var.setExpectedPolicies((Set) map.get(str));
                break;
            }
        }
        if (z) {
            return;
        }
        for (z13 z13Var2 : listArr[i]) {
            if ("2.5.29.32.0".equals(z13Var2.getValidPolicy())) {
                Set set = null;
                try {
                    Enumeration objects = z67.m190(m1(x509Certificate, CERTIFICATE_POLICIES)).getObjects();
                    while (true) {
                        if (!objects.hasMoreElements()) {
                            break;
                        }
                        try {
                            z46 m509 = z46.m509(objects.nextElement());
                            if ("2.5.29.32.0".equals(m509.m5583().getId())) {
                                try {
                                    set = m9(m509.m5584());
                                    break;
                                } catch (CertPathValidatorException e) {
                                    throw new CertPathValidatorException("Policy qualifier info set could not be built.", e);
                                }
                            }
                        } catch (Exception e2) {
                            throw new z1("Policy information cannot be decoded.", e2);
                        }
                    }
                    boolean contains = x509Certificate.getCriticalExtensionOIDs() != null ? x509Certificate.getCriticalExtensionOIDs().contains(CERTIFICATE_POLICIES) : false;
                    z13 z13Var3 = (z13) z13Var2.getParent();
                    if ("2.5.29.32.0".equals(z13Var3.getValidPolicy())) {
                        z13 z13Var4 = new z13(new ArrayList(), i, (Set) map.get(str), z13Var3, set, str, contains);
                        z13Var3.m1(z13Var4);
                        listArr[i].add(z13Var4);
                        return;
                    }
                    return;
                } catch (Exception e3) {
                    throw new z1("Certificate policies cannot be decoded.", e3);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static z13 m1(int i, List[] listArr, String str, z13 z13Var) {
        Iterator it = listArr[i].iterator();
        while (it.hasNext()) {
            z13 z13Var2 = (z13) it.next();
            if (z13Var2.getValidPolicy().equals(str)) {
                ((z13) z13Var2.getParent()).m2(z13Var2);
                it.remove();
                for (int i2 = i - 1; i2 >= 0; i2--) {
                    List list = listArr[i2];
                    for (int i3 = 0; i3 < list.size(); i3++) {
                        z13 z13Var3 = (z13) list.get(i3);
                        if (!z13Var3.hasChildren()) {
                            z13Var = m1(z13Var, listArr, z13Var3);
                            if (z13Var == null) {
                                break;
                            }
                        }
                    }
                }
            }
        }
        return z13Var;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean isAnyPolicy(Set set) {
        return set == null || set.contains("2.5.29.32.0") || set.isEmpty();
    }

    protected static Collection m1(z19 z19Var, List list) throws z1 {
        HashSet hashSet = new HashSet();
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            for (Object obj : list) {
                if (obj instanceof com.aspose.html.internal.p439.z16) {
                    try {
                        for (Object obj2 : ((com.aspose.html.internal.p439.z16) obj).m1(z19Var)) {
                            if (obj2 instanceof com.aspose.html.internal.p439.z5) {
                                hashSet.add(certificateFactory.generateCertificate(new ByteArrayInputStream(((com.aspose.html.internal.p439.z5) obj2).getEncoded())));
                            } else {
                                if (!(obj2 instanceof Certificate)) {
                                    throw new z1("Unknown object found in certificate store.");
                                }
                                hashSet.add(obj2);
                            }
                        }
                    } catch (com.aspose.html.internal.p439.z17 e) {
                        throw new z1("Problem while picking certificates from X.509 store.", e);
                    } catch (IOException e2) {
                        throw new z1("Problem while extracting certificates from X.509 store.", e2);
                    } catch (CertificateException e3) {
                        throw new z1("Problem while extracting certificates from X.509 store.", e3);
                    }
                } else {
                    try {
                        hashSet.addAll(((CertStore) obj).getCertificates(z19Var));
                    } catch (CertStoreException e4) {
                        throw new z1("Problem while picking certificates from certificate store.", e4);
                    }
                }
            }
            return hashSet;
        } catch (CertificateException e5) {
            throw new z1(e5.getMessage(), e5);
        }
    }

    protected static Collection m1(com.aspose.html.internal.p408.z17 z17Var, List list) throws z1 {
        HashSet hashSet = new HashSet();
        for (Object obj : list) {
            if (obj instanceof com.aspose.html.internal.p439.z16) {
                try {
                    hashSet.addAll(((com.aspose.html.internal.p439.z16) obj).m1(z17Var));
                } catch (com.aspose.html.internal.p439.z17 e) {
                    throw new z1("Problem while picking certificates from X.509 store.", e);
                }
            } else {
                try {
                    hashSet.addAll(com.aspose.html.internal.p408.z17.m1(z17Var, (CertStore) obj));
                } catch (CertStoreException e2) {
                    throw new z1("Problem while picking certificates from certificate store.", e2);
                }
            }
        }
        return hashSet;
    }

    private static BigInteger getSerialNumber(Object obj) {
        return ((X509Certificate) obj).getSerialNumber();
    }

    protected static void m1(Date date, X509CRL x509crl, Object obj, z5 z5Var) throws z1 {
        X509CRLEntry revokedCertificate;
        try {
            if (isIndirectCRL(x509crl)) {
                revokedCertificate = x509crl.getRevokedCertificate(getSerialNumber(obj));
                if (revokedCertificate == null) {
                    return;
                }
                X500Principal certificateIssuer = revokedCertificate.getCertificateIssuer();
                if (certificateIssuer == null) {
                    certificateIssuer = getIssuerPrincipal(x509crl);
                }
                if (!getEncodedIssuerPrincipal(obj).equals(certificateIssuer)) {
                    return;
                }
            } else {
                if (!getEncodedIssuerPrincipal(obj).equals(getIssuerPrincipal(x509crl))) {
                    return;
                }
                revokedCertificate = x509crl.getRevokedCertificate(getSerialNumber(obj));
                if (revokedCertificate == null) {
                    return;
                }
            }
            com.aspose.html.internal.p322.z9 z9Var = null;
            if (revokedCertificate.hasExtensions()) {
                try {
                    z9Var = com.aspose.html.internal.p322.z9.m184(m1(revokedCertificate, z25.m19754.getId()));
                } catch (Exception e) {
                    throw new z1("Reason code CRL entry extension could not be decoded.", e);
                }
            }
            int intValue = null == z9Var ? 0 : z9Var.getValue().intValue();
            if (date.getTime() >= revokedCertificate.getRevocationDate().getTime() || intValue == 0 || intValue == 1 || intValue == 2 || intValue == 10) {
                z5Var.setCertStatus(intValue);
                z5Var.setRevocationDate(revokedCertificate.getRevocationDate());
            }
        } catch (CRLException e2) {
            throw new z1("Failed check for indirect CRL.", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static PublicKey getNextWorkingKey(List list, int i) throws CertPathValidatorException {
        PublicKey publicKey = ((Certificate) list.get(i)).getPublicKey();
        if (!(publicKey instanceof DSAPublicKey)) {
            return publicKey;
        }
        DSAPublicKey dSAPublicKey = (DSAPublicKey) publicKey;
        if (dSAPublicKey.getParams() != null) {
            return dSAPublicKey;
        }
        for (int i2 = i + 1; i2 < list.size(); i2++) {
            PublicKey publicKey2 = ((X509Certificate) list.get(i2)).getPublicKey();
            if (!(publicKey2 instanceof DSAPublicKey)) {
                throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
            }
            DSAPublicKey dSAPublicKey2 = (DSAPublicKey) publicKey2;
            if (dSAPublicKey2.getParams() != null) {
                DSAParams params = dSAPublicKey2.getParams();
                try {
                    return KeyFactory.getInstance("DSA").generatePublic(new DSAPublicKeySpec(dSAPublicKey.getY(), params.getP(), params.getQ(), params.getG()));
                } catch (Exception e) {
                    throw new RuntimeException(e.getMessage());
                }
            }
        }
        throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void verifyX509Certificate(X509Certificate x509Certificate, PublicKey publicKey, String str) throws GeneralSecurityException {
        if (str == null) {
            x509Certificate.verify(publicKey);
        } else {
            x509Certificate.verify(publicKey, str);
        }
    }

    static boolean isIndirectCRL(X509CRL x509crl) throws CRLException {
        try {
            byte[] extensionValue = x509crl.getExtensionValue(z25.m19758.getId());
            if (extensionValue != null) {
                if (z35.m501(com.aspose.html.internal.p322.z19.m189(extensionValue).getOctets()).isIndirectCRL()) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            throw new CRLException("Exception reading IssuingDistributionPoint: " + e);
        }
    }
}
