package com.aspose.html.utils.ms.core._net.d;

import com.aspose.html.utils.ms.System.Collections.ArrayList;
import com.aspose.html.utils.ms.System.Globalization.CultureInfo;
import com.aspose.html.utils.ms.System.Security.Cryptography.Oid;
import com.aspose.html.utils.ms.System.Security.Cryptography.X509Certificates.X509EnhancedKeyUsageExtension;
import com.aspose.html.utils.ms.System.Security.Cryptography.X509Certificates.X509KeyUsageExtension;
import com.aspose.html.utils.ms.System.StringExtensions;
import com.aspose.html.utils.ms.System.Text.RegularExpressions.MatchCollection;
import com.aspose.html.utils.ms.System.Text.RegularExpressions.Regex;
import com.aspose.html.utils.ms.core.System.Security.Cryptography.X509Certificates.X509Certificate;
import com.aspose.html.utils.ms.core.System.Security.Cryptography.X509Certificates.X509CertificateCollection;
import com.aspose.html.utils.ms.core.System.Security.Cryptography.X509Certificates.X509Chain;
import com.aspose.html.utils.ms.core.System.Security.Cryptography.X509Certificates.X509Extension;
import com.aspose.html.utils.ms.core.System.Security.Cryptography.X509Certificates.extensions.ExtendedKeyUsageExtension;
import com.aspose.html.utils.ms.core.System.Security.Cryptography.X509Certificates.extensions.KeyUsageExtension;
import com.aspose.html.utils.ms.core.System.Security.Cryptography.X509Certificates.extensions.NetscapeCertTypeExtension;
import com.aspose.html.utils.ms.core.System.Security.Cryptography.X509Certificates.extensions.SubjectAltNameExtension;
import com.aspose.html.utils.ms.core.System.Security.Protocol.Tls.TlsException;
import com.aspose.html.utils.ms.core.System.Security.Protocol.Tls.cm;
import com.aspose.html.utils.ms.core.System.Security.Protocol.Tls.q;
import com.aspose.html.utils.ms.core.System.Security.Protocol.Tls.w;
import com.aspose.html.utils.ms.lang.Operators;

/* loaded from: input_file:com/aspose/html/utils/ms/core/_net/d/f.class */
public class f extends com.aspose.html.utils.ms.core._net.e.c {
    private X509CertificateCollection a;

    public f(w wVar, byte[] bArr) {
        super(wVar, (byte) 11, bArr);
    }

    @Override // com.aspose.html.utils.ms.core._net.e.c
    public void b() {
        super.b();
        e().k().a(this.a);
        e().k().i();
    }

    @Override // com.aspose.html.utils.ms.core._net.e.c
    public void c() {
        d();
    }

    @Override // com.aspose.html.utils.ms.core._net.e.c
    public void d() {
        this.a = new X509CertificateCollection();
        int i = 0;
        int m = m();
        while (i < m) {
            int m2 = m();
            i += 3;
            if (m2 > 0) {
                this.a.add(new X509Certificate(a(m2)));
                i += m2;
            }
        }
        a(this.a);
    }

    private boolean a(X509Certificate x509Certificate) {
        q qVar = (q) e();
        if (x509Certificate.getVersion() < 3) {
            return true;
        }
        int i = 0;
        switch (qVar.H().a().j()) {
            case 0:
                i = 8;
                break;
            case 1:
                return false;
            case 3:
                i = 32;
                break;
            case 4:
                i = 128;
                break;
        }
        KeyUsageExtension keyUsageExtension = null;
        ExtendedKeyUsageExtension extendedKeyUsageExtension = null;
        X509Extension x509Extension = x509Certificate.getExtensions().get_Item(X509KeyUsageExtension.oid);
        if (x509Extension != null) {
            keyUsageExtension = new KeyUsageExtension(x509Extension);
        }
        X509Extension x509Extension2 = x509Certificate.getExtensions().get_Item(X509EnhancedKeyUsageExtension.oid);
        if (x509Extension2 != null) {
            extendedKeyUsageExtension = new ExtendedKeyUsageExtension(x509Extension2);
        }
        if (keyUsageExtension != null && extendedKeyUsageExtension != null) {
            if (keyUsageExtension.support(i)) {
                return extendedKeyUsageExtension.getKeyPurpose().contains("1.3.6.1.5.5.7.3.1") || extendedKeyUsageExtension.getKeyPurpose().contains("2.16.840.1.113730.4.1");
            }
            return false;
        }
        if (keyUsageExtension != null) {
            return keyUsageExtension.support(i);
        }
        if (extendedKeyUsageExtension != null) {
            return extendedKeyUsageExtension.getKeyPurpose().contains("1.3.6.1.5.5.7.3.1") || extendedKeyUsageExtension.getKeyPurpose().contains("2.16.840.1.113730.4.1");
        }
        X509Extension x509Extension3 = x509Certificate.getExtensions().get_Item(Oid.oidNetscapeCertType);
        if (x509Extension3 != null) {
            return new NetscapeCertTypeExtension(x509Extension3).support(64);
        }
        return true;
    }

    private void a(X509CertificateCollection x509CertificateCollection) {
        q qVar = (q) e();
        if (qVar.a().h()) {
            a(qVar, (byte) 42);
        } else {
            b(qVar, (byte) 42);
        }
    }

    private void a(q qVar, byte b) {
        byte b2;
        cm b3 = qVar.a().b(this.a);
        if (b3.a()) {
            return;
        }
        long c = b3.c();
        switch ((int) c) {
            case -2146762495:
                b2 = 45;
                break;
            case -2146762487:
                b2 = 48;
                break;
            case -2146762486:
                b2 = 48;
                break;
            default:
                b2 = 46;
                break;
        }
        throw new TlsException(b2, StringExtensions.format("Invalid certificate received from server. Error code: 0x{0:x}", Operators.boxing(Long.valueOf(c))));
    }

    private void b(q qVar, byte b) {
        boolean z;
        X509Certificate x509Certificate = this.a.get_Item(0);
        com.aspose.html.utils.ms.System.Security.Cryptography.X509Certificates.X509Certificate x509Certificate2 = new com.aspose.html.utils.ms.System.Security.Cryptography.X509Certificates.X509Certificate(x509Certificate.getRawData());
        ArrayList arrayList = new ArrayList();
        if (!a(x509Certificate)) {
            arrayList.addItem(Operators.boxing(-2146762490));
        }
        if (!b(x509Certificate)) {
            arrayList.addItem(Operators.boxing(-2146762481));
        }
        X509CertificateCollection x509CertificateCollection = new X509CertificateCollection(this.a);
        x509CertificateCollection.remove(x509Certificate);
        X509Chain x509Chain = new X509Chain(x509CertificateCollection);
        try {
            z = x509Chain.build(x509Certificate);
        } catch (RuntimeException e) {
            z = false;
        }
        if (!z) {
            switch (x509Chain.getStatus()) {
                case 1:
                    b = 45;
                    arrayList.addItem(Operators.boxing(-2146762495));
                    break;
                case 2:
                    arrayList.addItem(Operators.boxing(-2146762494));
                    break;
                case 8:
                    arrayList.addItem(Operators.boxing(-2146869232));
                    break;
                case 32:
                    b = 48;
                    arrayList.addItem(Operators.boxing(-2146762487));
                    break;
                case 1024:
                    arrayList.addItem(Operators.boxing(-2146869223));
                    break;
                case 65536:
                    b = 48;
                    arrayList.addItem(Operators.boxing(-2146762486));
                    break;
                default:
                    b = 46;
                    arrayList.addItem(Operators.boxing(Integer.valueOf(x509Chain.getStatus())));
                    break;
            }
        }
        if (!qVar.a().a(x509Certificate2, (int[]) Operators.cast(arrayList.toArray(Operators.typeOf(Integer.TYPE)), int[].class))) {
            throw new TlsException(b, "Invalid certificate received from server.");
        }
    }

    private boolean b(X509Certificate x509Certificate) {
        String a = ((q) e()).l().a();
        X509Extension x509Extension = x509Certificate.getExtensions().get_Item(Oid.oidSubjectAltName);
        if (x509Extension != null) {
            SubjectAltNameExtension subjectAltNameExtension = new SubjectAltNameExtension(x509Extension);
            for (String str : subjectAltNameExtension.getDNSNames()) {
                if (a(a, str)) {
                    return true;
                }
            }
            for (String str2 : subjectAltNameExtension.getIPAddresses()) {
                if (StringExtensions.equals(str2, a)) {
                    return true;
                }
            }
        }
        return a(x509Certificate.get_SubjectName());
    }

    private boolean a(String str) {
        q qVar = (q) e();
        String str2 = StringExtensions.Empty;
        MatchCollection matches = new Regex("CN\\s*=\\s*([^,]*)").matches(str);
        if (matches.getCount() == 1 && matches.get(0).getSuccess()) {
            str2 = matches.get(0).getGroups().get_Item(1).getValue().toString();
        }
        return a(qVar.l().a(), str2);
    }

    static boolean a(String str, String str2) {
        int indexOf = StringExtensions.indexOf(str2, '*');
        if (indexOf == -1) {
            return StringExtensions.compare(str, str2, true, CultureInfo.getInvariantCulture()) == 0;
        }
        if ((indexOf != str2.length() - 1 && str2.charAt(indexOf + 1) != '.') || StringExtensions.indexOf(str2, '*', indexOf + 1) != -1) {
            return false;
        }
        String substring = StringExtensions.substring(str2, indexOf + 1);
        int length = str.length() - substring.length();
        if (length <= 0 || StringExtensions.compare(str, length, substring, 0, substring.length(), true, CultureInfo.getInvariantCulture()) != 0) {
            return false;
        }
        if (indexOf == 0) {
            int indexOf2 = StringExtensions.indexOf(str, '.');
            return indexOf2 == -1 || indexOf2 >= str.length() - substring.length();
        }
        String substring2 = StringExtensions.substring(str2, 0, indexOf);
        return StringExtensions.compare(str, 0, substring2, 0, substring2.length(), true, CultureInfo.getInvariantCulture()) == 0;
    }
}
