package com.aspose.html.utils;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.cert.CRLException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.PolicyQualifierInfo;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.security.cert.X509Extension;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.x500.X500Principal;

/* renamed from: com.aspose.html.utils.bfq, reason: case insensitive filesystem */
/* loaded from: input_file:com/aspose/html/utils/bfq.class */
class C3480bfq {
    protected static final String mws = "2.5.29.32.0";
    protected static final int mwu = 5;
    protected static final int mwv = 6;
    protected static final String mwf = aCG.kgH.getId();
    protected static final String mwg = aCG.kgx.getId();
    protected static final String mwh = aCG.kgI.getId();
    protected static final String mwi = aCG.kgv.getId();
    protected static final String mwj = aCG.kgF.getId();
    protected static final String mwk = aCG.kgt.getId();
    protected static final String mwl = aCG.kgN.getId();
    protected static final String mwm = aCG.kgD.getId();
    protected static final String mwn = aCG.kgC.getId();
    protected static final String mwo = aCG.kgK.getId();
    protected static final String mwp = aCG.kgM.getId();
    protected static final String mwq = aCG.kgG.getId();
    protected static final String mwr = aCG.kgJ.getId();
    protected static final String mwt = aCG.kgy.getId();
    protected static final String[] mww = {"unspecified", "keyCompromise", "cACompromise", "affiliationChanged", "superseded", "cessationOfOperation", "certificateHold", com.aspose.html.utils.ms.System.Net.SR.rM, "removeFromCRL", "privilegeWithdrawn", "aACompromise"};

    /* JADX INFO: Access modifiers changed from: protected */
    public static X500Principal getEncodedIssuerPrincipal(Object obj) {
        if (obj instanceof X509Certificate) {
            return ((X509Certificate) obj).getIssuerX500Principal();
        }
        throw new IllegalArgumentException("unknown certificate type");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Date getValidDate(PKIXParameters pKIXParameters) {
        Date date = pKIXParameters.getDate();
        if (date == null) {
            date = new Date();
        }
        return date;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static X500Principal getSubjectPrincipal(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectX500Principal();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean isSelfIssued(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static AbstractC2989auF a(X509Extension x509Extension, String str) throws C3477bfn {
        byte[] extensionValue = x509Extension.getExtensionValue(str);
        if (extensionValue == null) {
            return null;
        }
        return d(str, extensionValue);
    }

    private static AbstractC2989auF d(String str, byte[] bArr) throws C3477bfn {
        try {
            return new C3032auw(((AbstractC2985auB) new C3032auw(bArr).aVo()).getOctets()).aVo();
        } catch (Exception e) {
            throw new C3477bfn("exception processing extension " + str, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static X500Principal getIssuerPrincipal(X509CRL x509crl) {
        return x509crl.getIssuerX500Principal();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static C1272aCj g(PublicKey publicKey) throws CertPathValidatorException {
        try {
            return C1300aDk.hD(new C3032auw(publicKey.getEncoded()).aVo()).aYi();
        } catch (Exception e) {
            throw new CertPathValidatorException("Subject public key cannot be decoded.", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static final Set n(AbstractC2990auG abstractC2990auG) throws CertPathValidatorException {
        HashSet hashSet = new HashSet();
        if (abstractC2990auG == null) {
            return hashSet;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        C2987auD c2987auD = new C2987auD(byteArrayOutputStream);
        Enumeration objects = abstractC2990auG.getObjects();
        while (objects.hasMoreElements()) {
            try {
                c2987auD.b((InterfaceC3024auo) objects.nextElement());
                hashSet.add(new PolicyQualifierInfo(byteArrayOutputStream.toByteArray()));
                byteArrayOutputStream.reset();
            } catch (IOException e) {
                throw new CertPathValidatorException("Policy qualifier info cannot be decoded.", e);
            }
        }
        return hashSet;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static bfA a(bfA bfa, List[] listArr, bfA bfa2) {
        bfA bfa3 = (bfA) bfa2.getParent();
        if (bfa == null) {
            return null;
        }
        if (bfa3 != null) {
            bfa3.b(bfa2);
            a(listArr, bfa2);
            return bfa;
        }
        for (int i = 0; i < listArr.length; i++) {
            listArr[i] = new ArrayList();
        }
        return null;
    }

    private static void a(List[] listArr, bfA bfa) {
        listArr[bfa.getDepth()].remove(bfa);
        if (bfa.hasChildren()) {
            Iterator children = bfa.getChildren();
            while (children.hasNext()) {
                a(listArr, (bfA) children.next());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean a(int i, List[] listArr, C2984auA c2984auA, Set set) {
        List list = listArr[i - 1];
        for (int i2 = 0; i2 < list.size(); i2++) {
            bfA bfa = (bfA) list.get(i2);
            if (bfa.getExpectedPolicies().contains(c2984auA.getId())) {
                HashSet hashSet = new HashSet();
                hashSet.add(c2984auA.getId());
                bfA bfa2 = new bfA(new ArrayList(), i, hashSet, bfa, set, c2984auA.getId(), false);
                bfa.a(bfa2);
                listArr[i].add(bfa2);
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void b(int i, List[] listArr, C2984auA c2984auA, Set set) {
        List list = listArr[i - 1];
        for (int i2 = 0; i2 < list.size(); i2++) {
            bfA bfa = (bfA) list.get(i2);
            if ("2.5.29.32.0".equals(bfa.getValidPolicy())) {
                HashSet hashSet = new HashSet();
                hashSet.add(c2984auA.getId());
                bfA bfa2 = new bfA(new ArrayList(), i, hashSet, bfa, set, c2984auA.getId(), false);
                bfa.a(bfa2);
                listArr[i].add(bfa2);
                return;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void prepareNextCertB1(int i, List[] listArr, String str, Map map, X509Certificate x509Certificate) throws C3477bfn, CertPathValidatorException {
        boolean z = false;
        Iterator it = listArr[i].iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            bfA bfa = (bfA) it.next();
            if (bfa.getValidPolicy().equals(str)) {
                z = true;
                bfa.setExpectedPolicies((Set) map.get(str));
                break;
            }
        }
        if (z) {
            return;
        }
        for (bfA bfa2 : listArr[i]) {
            if ("2.5.29.32.0".equals(bfa2.getValidPolicy())) {
                Set set = null;
                try {
                    Enumeration objects = C3086avx.bK(a(x509Certificate, mwf)).getObjects();
                    while (true) {
                        if (!objects.hasMoreElements()) {
                            break;
                        }
                        try {
                            C1291aDb hw = C1291aDb.hw(objects.nextElement());
                            if ("2.5.29.32.0".equals(hw.beG().getId())) {
                                try {
                                    set = n(hw.beH());
                                    break;
                                } catch (CertPathValidatorException e) {
                                    throw new CertPathValidatorException("Policy qualifier info set could not be built.", e);
                                }
                            }
                        } catch (Exception e2) {
                            throw new C3477bfn("Policy information cannot be decoded.", e2);
                        }
                    }
                    boolean contains = x509Certificate.getCriticalExtensionOIDs() != null ? x509Certificate.getCriticalExtensionOIDs().contains(mwf) : false;
                    bfA bfa3 = (bfA) bfa2.getParent();
                    if ("2.5.29.32.0".equals(bfa3.getValidPolicy())) {
                        bfA bfa4 = new bfA(new ArrayList(), i, (Set) map.get(str), bfa3, set, str, contains);
                        bfa3.a(bfa4);
                        listArr[i].add(bfa4);
                        return;
                    }
                    return;
                } catch (Exception e3) {
                    throw new C3477bfn("Certificate policies cannot be decoded.", e3);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static bfA a(int i, List[] listArr, String str, bfA bfa) {
        Iterator it = listArr[i].iterator();
        while (it.hasNext()) {
            bfA bfa2 = (bfA) it.next();
            if (bfa2.getValidPolicy().equals(str)) {
                ((bfA) bfa2.getParent()).b(bfa2);
                it.remove();
                for (int i2 = i - 1; i2 >= 0; i2--) {
                    List list = listArr[i2];
                    for (int i3 = 0; i3 < list.size(); i3++) {
                        bfA bfa3 = (bfA) list.get(i3);
                        if (!bfa3.hasChildren()) {
                            bfa = a(bfa, listArr, bfa3);
                            if (bfa == null) {
                                break;
                            }
                        }
                    }
                }
            }
        }
        return bfa;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean isAnyPolicy(Set set) {
        return set == null || set.contains("2.5.29.32.0") || set.isEmpty();
    }

    protected static Collection a(bfG bfg, List list) throws C3477bfn {
        HashSet hashSet = new HashSet();
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            for (Object obj : list) {
                if (obj instanceof bgE) {
                    try {
                        for (Object obj2 : ((bgE) obj).a(bfg)) {
                            if (obj2 instanceof InterfaceC3510bgt) {
                                hashSet.add(certificateFactory.generateCertificate(new ByteArrayInputStream(((InterfaceC3510bgt) obj2).getEncoded())));
                            } else {
                                if (!(obj2 instanceof Certificate)) {
                                    throw new C3477bfn("Unknown object found in certificate store.");
                                }
                                hashSet.add(obj2);
                            }
                        }
                    } catch (bgF e) {
                        throw new C3477bfn("Problem while picking certificates from X.509 store.", e);
                    } catch (IOException e2) {
                        throw new C3477bfn("Problem while extracting certificates from X.509 store.", e2);
                    } catch (CertificateException e3) {
                        throw new C3477bfn("Problem while extracting certificates from X.509 store.", e3);
                    }
                } else {
                    try {
                        hashSet.addAll(((CertStore) obj).getCertificates(bfg));
                    } catch (CertStoreException e4) {
                        throw new C3477bfn("Problem while picking certificates from certificate store.", e4);
                    }
                }
            }
            return hashSet;
        } catch (CertificateException e5) {
            throw new C3477bfn(e5.getMessage(), e5);
        }
    }

    protected static Collection a(C1808aVt c1808aVt, List list) throws C3477bfn {
        HashSet hashSet = new HashSet();
        for (Object obj : list) {
            if (obj instanceof bgE) {
                try {
                    hashSet.addAll(((bgE) obj).a(c1808aVt));
                } catch (bgF e) {
                    throw new C3477bfn("Problem while picking certificates from X.509 store.", e);
                }
            } else {
                try {
                    hashSet.addAll(C1808aVt.a(c1808aVt, (CertStore) obj));
                } catch (CertStoreException e2) {
                    throw new C3477bfn("Problem while picking certificates from certificate store.", e2);
                }
            }
        }
        return hashSet;
    }

    private static BigInteger getSerialNumber(Object obj) {
        return ((X509Certificate) obj).getSerialNumber();
    }

    protected static void a(Date date, X509CRL x509crl, Object obj, C3481bfr c3481bfr) throws C3477bfn {
        X509CRLEntry revokedCertificate;
        try {
            if (isIndirectCRL(x509crl)) {
                revokedCertificate = x509crl.getRevokedCertificate(getSerialNumber(obj));
                if (revokedCertificate == null) {
                    return;
                }
                X500Principal certificateIssuer = revokedCertificate.getCertificateIssuer();
                if (certificateIssuer == null) {
                    certificateIssuer = getIssuerPrincipal(x509crl);
                }
                if (!getEncodedIssuerPrincipal(obj).equals(certificateIssuer)) {
                    return;
                }
            } else {
                if (!getEncodedIssuerPrincipal(obj).equals(getIssuerPrincipal(x509crl))) {
                    return;
                }
                revokedCertificate = x509crl.getRevokedCertificate(getSerialNumber(obj));
                if (revokedCertificate == null) {
                    return;
                }
            }
            C3027aur c3027aur = null;
            if (revokedCertificate.hasExtensions()) {
                try {
                    c3027aur = C3027aur.bE(a(revokedCertificate, aCG.kgz.getId()));
                } catch (Exception e) {
                    throw new C3477bfn("Reason code CRL entry extension could not be decoded.", e);
                }
            }
            int intValue = null == c3027aur ? 0 : c3027aur.getValue().intValue();
            if (date.getTime() >= revokedCertificate.getRevocationDate().getTime() || intValue == 0 || intValue == 1 || intValue == 2 || intValue == 10) {
                c3481bfr.setCertStatus(intValue);
                c3481bfr.setRevocationDate(revokedCertificate.getRevocationDate());
            }
        } catch (CRLException e2) {
            throw new C3477bfn("Failed check for indirect CRL.", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static PublicKey getNextWorkingKey(List list, int i) throws CertPathValidatorException {
        PublicKey publicKey = ((Certificate) list.get(i)).getPublicKey();
        if (!(publicKey instanceof DSAPublicKey)) {
            return publicKey;
        }
        DSAPublicKey dSAPublicKey = (DSAPublicKey) publicKey;
        if (dSAPublicKey.getParams() != null) {
            return dSAPublicKey;
        }
        for (int i2 = i + 1; i2 < list.size(); i2++) {
            PublicKey publicKey2 = ((X509Certificate) list.get(i2)).getPublicKey();
            if (!(publicKey2 instanceof DSAPublicKey)) {
                throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
            }
            DSAPublicKey dSAPublicKey2 = (DSAPublicKey) publicKey2;
            if (dSAPublicKey2.getParams() != null) {
                DSAParams params = dSAPublicKey2.getParams();
                try {
                    return KeyFactory.getInstance("DSA").generatePublic(new DSAPublicKeySpec(dSAPublicKey.getY(), params.getP(), params.getQ(), params.getG()));
                } catch (Exception e) {
                    throw new RuntimeException(e.getMessage());
                }
            }
        }
        throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void verifyX509Certificate(X509Certificate x509Certificate, PublicKey publicKey, String str) throws GeneralSecurityException {
        if (str == null) {
            x509Certificate.verify(publicKey);
        } else {
            x509Certificate.verify(publicKey, str);
        }
    }

    static boolean isIndirectCRL(X509CRL x509crl) throws CRLException {
        try {
            byte[] extensionValue = x509crl.getExtensionValue(aCG.kgD.getId());
            if (extensionValue != null) {
                if (aCQ.ho(AbstractC2985auB.bJ(extensionValue).getOctets()).isIndirectCRL()) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            throw new CRLException("Exception reading IssuingDistributionPoint: " + e);
        }
    }
}
