package com.aspose.html.internal.ox;

import com.aspose.html.internal.kp.bo;
import com.aspose.html.internal.kp.u;
import com.aspose.html.internal.kp.w;
import com.aspose.html.internal.kp.x;
import com.aspose.html.internal.me.ai;
import com.aspose.html.internal.me.at;
import com.aspose.html.internal.me.bc;
import com.aspose.html.internal.me.y;
import com.aspose.html.internal.ms.System.Net.SR;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.cert.CRLException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.PolicyQualifierInfo;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.security.cert.X509Extension;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:com/aspose/html/internal/ox/d.class */
class d {
    protected static final String nNh = "2.5.29.32.0";
    protected static final int nNj = 5;
    protected static final int nNk = 6;
    protected static final String nMU = y.jXO.getId();
    protected static final String nMV = y.jXE.getId();
    protected static final String nMW = y.jXP.getId();
    protected static final String nMX = y.jXC.getId();
    protected static final String nMY = y.jXM.getId();
    protected static final String nMZ = y.jXA.getId();
    protected static final String nNa = y.jXU.getId();
    protected static final String nNb = y.jXK.getId();
    protected static final String nNc = y.jXJ.getId();
    protected static final String nNd = y.jXR.getId();
    protected static final String nNe = y.jXT.getId();
    protected static final String nNf = y.jXN.getId();
    protected static final String nNg = y.jXQ.getId();
    protected static final String nNi = y.jXF.getId();
    protected static final String[] nNl = {"unspecified", "keyCompromise", "cACompromise", "affiliationChanged", "superseded", "cessationOfOperation", "certificateHold", SR.rM, "removeFromCRL", "privilegeWithdrawn", "aACompromise"};

    /* JADX INFO: Access modifiers changed from: protected */
    public static X500Principal getEncodedIssuerPrincipal(Object obj) {
        if (obj instanceof X509Certificate) {
            return ((X509Certificate) obj).getIssuerX500Principal();
        }
        throw new IllegalArgumentException("unknown certificate type");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Date getValidDate(PKIXParameters pKIXParameters) {
        Date date = pKIXParameters.getDate();
        if (date == null) {
            date = new Date();
        }
        return date;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static X500Principal getSubjectPrincipal(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectX500Principal();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean isSelfIssued(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static w a(X509Extension x509Extension, String str) throws a {
        byte[] extensionValue = x509Extension.getExtensionValue(str);
        if (extensionValue == null) {
            return null;
        }
        return d(str, extensionValue);
    }

    private static w d(String str, byte[] bArr) throws a {
        try {
            return new com.aspose.html.internal.kp.n(((com.aspose.html.internal.kp.s) new com.aspose.html.internal.kp.n(bArr).aVJ()).getOctets()).aVJ();
        } catch (Exception e) {
            throw new a("exception processing extension " + str, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static X500Principal getIssuerPrincipal(X509CRL x509crl) {
        return x509crl.getIssuerX500Principal();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static com.aspose.html.internal.me.b g(PublicKey publicKey) throws CertPathValidatorException {
        try {
            return bc.hT(new com.aspose.html.internal.kp.n(publicKey.getEncoded()).aVJ()).aYO();
        } catch (Exception e) {
            throw new CertPathValidatorException("Subject public key cannot be decoded.", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static final Set n(x xVar) throws CertPathValidatorException {
        HashSet hashSet = new HashSet();
        if (xVar == null) {
            return hashSet;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        u uVar = new u(byteArrayOutputStream);
        Enumeration objects = xVar.getObjects();
        while (objects.hasMoreElements()) {
            try {
                uVar.b((com.aspose.html.internal.kp.f) objects.nextElement());
                hashSet.add(new PolicyQualifierInfo(byteArrayOutputStream.toByteArray()));
                byteArrayOutputStream.reset();
            } catch (IOException e) {
                throw new CertPathValidatorException("Policy qualifier info cannot be decoded.", e);
            }
        }
        return hashSet;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static m a(m mVar, List[] listArr, m mVar2) {
        m mVar3 = (m) mVar2.getParent();
        if (mVar == null) {
            return null;
        }
        if (mVar3 != null) {
            mVar3.b(mVar2);
            a(listArr, mVar2);
            return mVar;
        }
        for (int i = 0; i < listArr.length; i++) {
            listArr[i] = new ArrayList();
        }
        return null;
    }

    private static void a(List[] listArr, m mVar) {
        listArr[mVar.getDepth()].remove(mVar);
        if (mVar.hasChildren()) {
            Iterator children = mVar.getChildren();
            while (children.hasNext()) {
                a(listArr, (m) children.next());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean a(int i, List[] listArr, com.aspose.html.internal.kp.r rVar, Set set) {
        List list = listArr[i - 1];
        for (int i2 = 0; i2 < list.size(); i2++) {
            m mVar = (m) list.get(i2);
            if (mVar.getExpectedPolicies().contains(rVar.getId())) {
                HashSet hashSet = new HashSet();
                hashSet.add(rVar.getId());
                m mVar2 = new m(new ArrayList(), i, hashSet, mVar, set, rVar.getId(), false);
                mVar.a(mVar2);
                listArr[i].add(mVar2);
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void b(int i, List[] listArr, com.aspose.html.internal.kp.r rVar, Set set) {
        List list = listArr[i - 1];
        for (int i2 = 0; i2 < list.size(); i2++) {
            m mVar = (m) list.get(i2);
            if ("2.5.29.32.0".equals(mVar.getValidPolicy())) {
                HashSet hashSet = new HashSet();
                hashSet.add(rVar.getId());
                m mVar2 = new m(new ArrayList(), i, hashSet, mVar, set, rVar.getId(), false);
                mVar.a(mVar2);
                listArr[i].add(mVar2);
                return;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void prepareNextCertB1(int i, List[] listArr, String str, Map map, X509Certificate x509Certificate) throws a, CertPathValidatorException {
        boolean z = false;
        Iterator it = listArr[i].iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            m mVar = (m) it.next();
            if (mVar.getValidPolicy().equals(str)) {
                z = true;
                mVar.setExpectedPolicies((Set) map.get(str));
                break;
            }
        }
        if (z) {
            return;
        }
        for (m mVar2 : listArr[i]) {
            if ("2.5.29.32.0".equals(mVar2.getValidPolicy())) {
                Set set = null;
                try {
                    Enumeration objects = bo.bF(a(x509Certificate, nMU)).getObjects();
                    while (true) {
                        if (!objects.hasMoreElements()) {
                            break;
                        }
                        try {
                            at hM = at.hM(objects.nextElement());
                            if ("2.5.29.32.0".equals(hM.bfs().getId())) {
                                try {
                                    set = n(hM.bft());
                                    break;
                                } catch (CertPathValidatorException e) {
                                    throw new CertPathValidatorException("Policy qualifier info set could not be built.", e);
                                }
                            }
                        } catch (Exception e2) {
                            throw new a("Policy information cannot be decoded.", e2);
                        }
                    }
                    boolean contains = x509Certificate.getCriticalExtensionOIDs() != null ? x509Certificate.getCriticalExtensionOIDs().contains(nMU) : false;
                    m mVar3 = (m) mVar2.getParent();
                    if ("2.5.29.32.0".equals(mVar3.getValidPolicy())) {
                        m mVar4 = new m(new ArrayList(), i, (Set) map.get(str), mVar3, set, str, contains);
                        mVar3.a(mVar4);
                        listArr[i].add(mVar4);
                        return;
                    }
                    return;
                } catch (Exception e3) {
                    throw new a("Certificate policies cannot be decoded.", e3);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static m a(int i, List[] listArr, String str, m mVar) {
        Iterator it = listArr[i].iterator();
        while (it.hasNext()) {
            m mVar2 = (m) it.next();
            if (mVar2.getValidPolicy().equals(str)) {
                ((m) mVar2.getParent()).b(mVar2);
                it.remove();
                for (int i2 = i - 1; i2 >= 0; i2--) {
                    List list = listArr[i2];
                    for (int i3 = 0; i3 < list.size(); i3++) {
                        m mVar3 = (m) list.get(i3);
                        if (!mVar3.hasChildren()) {
                            mVar = a(mVar, listArr, mVar3);
                            if (mVar == null) {
                                break;
                            }
                        }
                    }
                }
            }
        }
        return mVar;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean isAnyPolicy(Set set) {
        return set == null || set.contains("2.5.29.32.0") || set.isEmpty();
    }

    protected static Collection a(s sVar, List list) throws a {
        HashSet hashSet = new HashSet();
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            for (Object obj : list) {
                if (obj instanceof com.aspose.html.internal.pc.p) {
                    try {
                        for (Object obj2 : ((com.aspose.html.internal.pc.p) obj).a(sVar)) {
                            if (obj2 instanceof com.aspose.html.internal.pc.e) {
                                hashSet.add(certificateFactory.generateCertificate(new ByteArrayInputStream(((com.aspose.html.internal.pc.e) obj2).getEncoded())));
                            } else {
                                if (!(obj2 instanceof Certificate)) {
                                    throw new a("Unknown object found in certificate store.");
                                }
                                hashSet.add(obj2);
                            }
                        }
                    } catch (com.aspose.html.internal.pc.q e) {
                        throw new a("Problem while picking certificates from X.509 store.", e);
                    } catch (IOException e2) {
                        throw new a("Problem while extracting certificates from X.509 store.", e2);
                    } catch (CertificateException e3) {
                        throw new a("Problem while extracting certificates from X.509 store.", e3);
                    }
                } else {
                    try {
                        hashSet.addAll(((CertStore) obj).getCertificates(sVar));
                    } catch (CertStoreException e4) {
                        throw new a("Problem while picking certificates from certificate store.", e4);
                    }
                }
            }
            return hashSet;
        } catch (CertificateException e5) {
            throw new a(e5.getMessage(), e5);
        }
    }

    protected static Collection a(com.aspose.html.internal.nx.q qVar, List list) throws a {
        HashSet hashSet = new HashSet();
        for (Object obj : list) {
            if (obj instanceof com.aspose.html.internal.pc.p) {
                try {
                    hashSet.addAll(((com.aspose.html.internal.pc.p) obj).a(qVar));
                } catch (com.aspose.html.internal.pc.q e) {
                    throw new a("Problem while picking certificates from X.509 store.", e);
                }
            } else {
                try {
                    hashSet.addAll(com.aspose.html.internal.nx.q.a(qVar, (CertStore) obj));
                } catch (CertStoreException e2) {
                    throw new a("Problem while picking certificates from certificate store.", e2);
                }
            }
        }
        return hashSet;
    }

    private static BigInteger getSerialNumber(Object obj) {
        return ((X509Certificate) obj).getSerialNumber();
    }

    protected static void a(Date date, X509CRL x509crl, Object obj, e eVar) throws a {
        X509CRLEntry revokedCertificate;
        try {
            if (isIndirectCRL(x509crl)) {
                revokedCertificate = x509crl.getRevokedCertificate(getSerialNumber(obj));
                if (revokedCertificate == null) {
                    return;
                }
                X500Principal certificateIssuer = revokedCertificate.getCertificateIssuer();
                if (certificateIssuer == null) {
                    certificateIssuer = getIssuerPrincipal(x509crl);
                }
                if (!getEncodedIssuerPrincipal(obj).equals(certificateIssuer)) {
                    return;
                }
            } else {
                if (!getEncodedIssuerPrincipal(obj).equals(getIssuerPrincipal(x509crl))) {
                    return;
                }
                revokedCertificate = x509crl.getRevokedCertificate(getSerialNumber(obj));
                if (revokedCertificate == null) {
                    return;
                }
            }
            com.aspose.html.internal.kp.i iVar = null;
            if (revokedCertificate.hasExtensions()) {
                try {
                    iVar = com.aspose.html.internal.kp.i.bz(a(revokedCertificate, y.jXG.getId()));
                } catch (Exception e) {
                    throw new a("Reason code CRL entry extension could not be decoded.", e);
                }
            }
            int intValue = null == iVar ? 0 : iVar.getValue().intValue();
            if (date.getTime() >= revokedCertificate.getRevocationDate().getTime() || intValue == 0 || intValue == 1 || intValue == 2 || intValue == 10) {
                eVar.setCertStatus(intValue);
                eVar.setRevocationDate(revokedCertificate.getRevocationDate());
            }
        } catch (CRLException e2) {
            throw new a("Failed check for indirect CRL.", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static PublicKey getNextWorkingKey(List list, int i) throws CertPathValidatorException {
        PublicKey publicKey = ((Certificate) list.get(i)).getPublicKey();
        if (!(publicKey instanceof DSAPublicKey)) {
            return publicKey;
        }
        DSAPublicKey dSAPublicKey = (DSAPublicKey) publicKey;
        if (dSAPublicKey.getParams() != null) {
            return dSAPublicKey;
        }
        for (int i2 = i + 1; i2 < list.size(); i2++) {
            PublicKey publicKey2 = ((X509Certificate) list.get(i2)).getPublicKey();
            if (!(publicKey2 instanceof DSAPublicKey)) {
                throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
            }
            DSAPublicKey dSAPublicKey2 = (DSAPublicKey) publicKey2;
            if (dSAPublicKey2.getParams() != null) {
                DSAParams params = dSAPublicKey2.getParams();
                try {
                    return KeyFactory.getInstance("DSA").generatePublic(new DSAPublicKeySpec(dSAPublicKey.getY(), params.getP(), params.getQ(), params.getG()));
                } catch (Exception e) {
                    throw new RuntimeException(e.getMessage());
                }
            }
        }
        throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void verifyX509Certificate(X509Certificate x509Certificate, PublicKey publicKey, String str) throws GeneralSecurityException {
        if (str == null) {
            x509Certificate.verify(publicKey);
        } else {
            x509Certificate.verify(publicKey, str);
        }
    }

    static boolean isIndirectCRL(X509CRL x509crl) throws CRLException {
        try {
            byte[] extensionValue = x509crl.getExtensionValue(y.jXK.getId());
            if (extensionValue != null) {
                if (ai.hE(com.aspose.html.internal.kp.s.bE(extensionValue).getOctets()).isIndirectCRL()) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            throw new CRLException("Exception reading IssuingDistributionPoint: " + e);
        }
    }
}
