package com.aspose.html.utils;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.cert.CRLException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.PolicyQualifierInfo;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.security.cert.X509Extension;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:com/aspose/html/utils/bhP.class */
class bhP {
    protected static final String mCj = "2.5.29.32.0";
    protected static final int mCl = 5;
    protected static final int mCm = 6;
    protected static final String mBW = C1350aFf.kmy.getId();
    protected static final String mBX = C1350aFf.kmo.getId();
    protected static final String mBY = C1350aFf.kmz.getId();
    protected static final String mBZ = C1350aFf.kmm.getId();
    protected static final String mCa = C1350aFf.kmw.getId();
    protected static final String mCb = C1350aFf.kmk.getId();
    protected static final String mCc = C1350aFf.kmE.getId();
    protected static final String mCd = C1350aFf.kmu.getId();
    protected static final String mCe = C1350aFf.kmt.getId();
    protected static final String mCf = C1350aFf.kmB.getId();
    protected static final String mCg = C1350aFf.kmD.getId();
    protected static final String mCh = C1350aFf.kmx.getId();
    protected static final String mCi = C1350aFf.kmA.getId();
    protected static final String mCk = C1350aFf.kmp.getId();
    protected static final String[] mCn = {"unspecified", "keyCompromise", "cACompromise", "affiliationChanged", "superseded", "cessationOfOperation", "certificateHold", com.aspose.html.utils.ms.System.Net.SR.rM, "removeFromCRL", "privilegeWithdrawn", "aACompromise"};

    /* JADX INFO: Access modifiers changed from: protected */
    public static X500Principal getEncodedIssuerPrincipal(Object obj) {
        if (obj instanceof X509Certificate) {
            return ((X509Certificate) obj).getIssuerX500Principal();
        }
        throw new IllegalArgumentException("unknown certificate type");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Date getValidDate(PKIXParameters pKIXParameters) {
        Date date = pKIXParameters.getDate();
        if (date == null) {
            date = new Date();
        }
        return date;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static X500Principal getSubjectPrincipal(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectX500Principal();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean isSelfIssued(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static AbstractC3174axe a(X509Extension x509Extension, String str) throws bhM {
        byte[] extensionValue = x509Extension.getExtensionValue(str);
        if (extensionValue == null) {
            return null;
        }
        return d(str, extensionValue);
    }

    private static AbstractC3174axe d(String str, byte[] bArr) throws bhM {
        try {
            return new C3112awV(((AbstractC3170axa) new C3112awV(bArr).aWw()).getOctets()).aWw();
        } catch (Exception e) {
            throw new bhM("exception processing extension " + str, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static X500Principal getIssuerPrincipal(X509CRL x509crl) {
        return x509crl.getIssuerX500Principal();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static aEI g(PublicKey publicKey) throws CertPathValidatorException {
        try {
            return aFJ.hE(new C3112awV(publicKey.getEncoded()).aWw()).aZq();
        } catch (Exception e) {
            throw new CertPathValidatorException("Subject public key cannot be decoded.", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static final Set n(AbstractC3175axf abstractC3175axf) throws CertPathValidatorException {
        HashSet hashSet = new HashSet();
        if (abstractC3175axf == null) {
            return hashSet;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        C3172axc c3172axc = new C3172axc(byteArrayOutputStream);
        Enumeration objects = abstractC3175axf.getObjects();
        while (objects.hasMoreElements()) {
            try {
                c3172axc.b((InterfaceC3104awN) objects.nextElement());
                hashSet.add(new PolicyQualifierInfo(byteArrayOutputStream.toByteArray()));
                byteArrayOutputStream.reset();
            } catch (IOException e) {
                throw new CertPathValidatorException("Policy qualifier info cannot be decoded.", e);
            }
        }
        return hashSet;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static bhZ a(bhZ bhz, List[] listArr, bhZ bhz2) {
        bhZ bhz3 = (bhZ) bhz2.getParent();
        if (bhz == null) {
            return null;
        }
        if (bhz3 != null) {
            bhz3.b(bhz2);
            a(listArr, bhz2);
            return bhz;
        }
        for (int i = 0; i < listArr.length; i++) {
            listArr[i] = new ArrayList();
        }
        return null;
    }

    private static void a(List[] listArr, bhZ bhz) {
        listArr[bhz.getDepth()].remove(bhz);
        if (bhz.hasChildren()) {
            Iterator children = bhz.getChildren();
            while (children.hasNext()) {
                a(listArr, (bhZ) children.next());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean a(int i, List[] listArr, C3116awZ c3116awZ, Set set) {
        List list = listArr[i - 1];
        for (int i2 = 0; i2 < list.size(); i2++) {
            bhZ bhz = (bhZ) list.get(i2);
            if (bhz.getExpectedPolicies().contains(c3116awZ.getId())) {
                HashSet hashSet = new HashSet();
                hashSet.add(c3116awZ.getId());
                bhZ bhz2 = new bhZ(new ArrayList(), i, hashSet, bhz, set, c3116awZ.getId(), false);
                bhz.a(bhz2);
                listArr[i].add(bhz2);
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void b(int i, List[] listArr, C3116awZ c3116awZ, Set set) {
        List list = listArr[i - 1];
        for (int i2 = 0; i2 < list.size(); i2++) {
            bhZ bhz = (bhZ) list.get(i2);
            if ("2.5.29.32.0".equals(bhz.getValidPolicy())) {
                HashSet hashSet = new HashSet();
                hashSet.add(c3116awZ.getId());
                bhZ bhz2 = new bhZ(new ArrayList(), i, hashSet, bhz, set, c3116awZ.getId(), false);
                bhz.a(bhz2);
                listArr[i].add(bhz2);
                return;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void prepareNextCertB1(int i, List[] listArr, String str, Map map, X509Certificate x509Certificate) throws bhM, CertPathValidatorException {
        boolean z = false;
        Iterator it = listArr[i].iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            bhZ bhz = (bhZ) it.next();
            if (bhz.getValidPolicy().equals(str)) {
                z = true;
                bhz.setExpectedPolicies((Set) map.get(str));
                break;
            }
        }
        if (z) {
            return;
        }
        for (bhZ bhz2 : listArr[i]) {
            if ("2.5.29.32.0".equals(bhz2.getValidPolicy())) {
                Set set = null;
                try {
                    Enumeration objects = C3166axW.bL(a(x509Certificate, mBW)).getObjects();
                    while (true) {
                        if (!objects.hasMoreElements()) {
                            break;
                        }
                        try {
                            aFA hx = aFA.hx(objects.nextElement());
                            if ("2.5.29.32.0".equals(hx.bfO().getId())) {
                                try {
                                    set = n(hx.bfP());
                                    break;
                                } catch (CertPathValidatorException e) {
                                    throw new CertPathValidatorException("Policy qualifier info set could not be built.", e);
                                }
                            }
                        } catch (Exception e2) {
                            throw new bhM("Policy information cannot be decoded.", e2);
                        }
                    }
                    boolean contains = x509Certificate.getCriticalExtensionOIDs() != null ? x509Certificate.getCriticalExtensionOIDs().contains(mBW) : false;
                    bhZ bhz3 = (bhZ) bhz2.getParent();
                    if ("2.5.29.32.0".equals(bhz3.getValidPolicy())) {
                        bhZ bhz4 = new bhZ(new ArrayList(), i, (Set) map.get(str), bhz3, set, str, contains);
                        bhz3.a(bhz4);
                        listArr[i].add(bhz4);
                        return;
                    }
                    return;
                } catch (Exception e3) {
                    throw new bhM("Certificate policies cannot be decoded.", e3);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static bhZ a(int i, List[] listArr, String str, bhZ bhz) {
        Iterator it = listArr[i].iterator();
        while (it.hasNext()) {
            bhZ bhz2 = (bhZ) it.next();
            if (bhz2.getValidPolicy().equals(str)) {
                ((bhZ) bhz2.getParent()).b(bhz2);
                it.remove();
                for (int i2 = i - 1; i2 >= 0; i2--) {
                    List list = listArr[i2];
                    for (int i3 = 0; i3 < list.size(); i3++) {
                        bhZ bhz3 = (bhZ) list.get(i3);
                        if (!bhz3.hasChildren()) {
                            bhz = a(bhz, listArr, bhz3);
                            if (bhz == null) {
                                break;
                            }
                        }
                    }
                }
            }
        }
        return bhz;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean isAnyPolicy(Set set) {
        return set == null || set.contains("2.5.29.32.0") || set.isEmpty();
    }

    protected static Collection a(C3551bif c3551bif, List list) throws bhM {
        HashSet hashSet = new HashSet();
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            for (Object obj : list) {
                if (obj instanceof InterfaceC3576bjd) {
                    try {
                        for (Object obj2 : ((InterfaceC3576bjd) obj).a(c3551bif)) {
                            if (obj2 instanceof biS) {
                                hashSet.add(certificateFactory.generateCertificate(new ByteArrayInputStream(((biS) obj2).getEncoded())));
                            } else {
                                if (!(obj2 instanceof Certificate)) {
                                    throw new bhM("Unknown object found in certificate store.");
                                }
                                hashSet.add(obj2);
                            }
                        }
                    } catch (C3577bje e) {
                        throw new bhM("Problem while picking certificates from X.509 store.", e);
                    } catch (IOException e2) {
                        throw new bhM("Problem while extracting certificates from X.509 store.", e2);
                    } catch (CertificateException e3) {
                        throw new bhM("Problem while extracting certificates from X.509 store.", e3);
                    }
                } else {
                    try {
                        hashSet.addAll(((CertStore) obj).getCertificates(c3551bif));
                    } catch (CertStoreException e4) {
                        throw new bhM("Problem while picking certificates from certificate store.", e4);
                    }
                }
            }
            return hashSet;
        } catch (CertificateException e5) {
            throw new bhM(e5.getMessage(), e5);
        }
    }

    protected static Collection a(aXS axs, List list) throws bhM {
        HashSet hashSet = new HashSet();
        for (Object obj : list) {
            if (obj instanceof InterfaceC3576bjd) {
                try {
                    hashSet.addAll(((InterfaceC3576bjd) obj).a(axs));
                } catch (C3577bje e) {
                    throw new bhM("Problem while picking certificates from X.509 store.", e);
                }
            } else {
                try {
                    hashSet.addAll(aXS.a(axs, (CertStore) obj));
                } catch (CertStoreException e2) {
                    throw new bhM("Problem while picking certificates from certificate store.", e2);
                }
            }
        }
        return hashSet;
    }

    private static BigInteger getSerialNumber(Object obj) {
        return ((X509Certificate) obj).getSerialNumber();
    }

    protected static void a(Date date, X509CRL x509crl, Object obj, bhQ bhq) throws bhM {
        X509CRLEntry revokedCertificate;
        try {
            if (isIndirectCRL(x509crl)) {
                revokedCertificate = x509crl.getRevokedCertificate(getSerialNumber(obj));
                if (revokedCertificate == null) {
                    return;
                }
                X500Principal certificateIssuer = revokedCertificate.getCertificateIssuer();
                if (certificateIssuer == null) {
                    certificateIssuer = getIssuerPrincipal(x509crl);
                }
                if (!getEncodedIssuerPrincipal(obj).equals(certificateIssuer)) {
                    return;
                }
            } else {
                if (!getEncodedIssuerPrincipal(obj).equals(getIssuerPrincipal(x509crl))) {
                    return;
                }
                revokedCertificate = x509crl.getRevokedCertificate(getSerialNumber(obj));
                if (revokedCertificate == null) {
                    return;
                }
            }
            C3107awQ c3107awQ = null;
            if (revokedCertificate.hasExtensions()) {
                try {
                    c3107awQ = C3107awQ.bF(a(revokedCertificate, C1350aFf.kmq.getId()));
                } catch (Exception e) {
                    throw new bhM("Reason code CRL entry extension could not be decoded.", e);
                }
            }
            int intValue = null == c3107awQ ? 0 : c3107awQ.getValue().intValue();
            if (date.getTime() >= revokedCertificate.getRevocationDate().getTime() || intValue == 0 || intValue == 1 || intValue == 2 || intValue == 10) {
                bhq.setCertStatus(intValue);
                bhq.setRevocationDate(revokedCertificate.getRevocationDate());
            }
        } catch (CRLException e2) {
            throw new bhM("Failed check for indirect CRL.", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static PublicKey getNextWorkingKey(List list, int i) throws CertPathValidatorException {
        PublicKey publicKey = ((Certificate) list.get(i)).getPublicKey();
        if (!(publicKey instanceof DSAPublicKey)) {
            return publicKey;
        }
        DSAPublicKey dSAPublicKey = (DSAPublicKey) publicKey;
        if (dSAPublicKey.getParams() != null) {
            return dSAPublicKey;
        }
        for (int i2 = i + 1; i2 < list.size(); i2++) {
            PublicKey publicKey2 = ((X509Certificate) list.get(i2)).getPublicKey();
            if (!(publicKey2 instanceof DSAPublicKey)) {
                throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
            }
            DSAPublicKey dSAPublicKey2 = (DSAPublicKey) publicKey2;
            if (dSAPublicKey2.getParams() != null) {
                DSAParams params = dSAPublicKey2.getParams();
                try {
                    return KeyFactory.getInstance("DSA").generatePublic(new DSAPublicKeySpec(dSAPublicKey.getY(), params.getP(), params.getQ(), params.getG()));
                } catch (Exception e) {
                    throw new RuntimeException(e.getMessage());
                }
            }
        }
        throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void verifyX509Certificate(X509Certificate x509Certificate, PublicKey publicKey, String str) throws GeneralSecurityException {
        if (str == null) {
            x509Certificate.verify(publicKey);
        } else {
            x509Certificate.verify(publicKey, str);
        }
    }

    static boolean isIndirectCRL(X509CRL x509crl) throws CRLException {
        try {
            byte[] extensionValue = x509crl.getExtensionValue(C1350aFf.kmu.getId());
            if (extensionValue != null) {
                if (C1360aFp.hp(AbstractC3170axa.bK(extensionValue).getOctets()).isIndirectCRL()) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            throw new CRLException("Exception reading IssuingDistributionPoint: " + e);
        }
    }
}
