package com.aspose.html.utils;

import com.aspose.html.utils.cCC;
import java.io.BufferedInputStream;
import java.io.InputStream;
import java.lang.ref.WeakReference;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Provider;
import java.security.PublicKey;
import java.security.cert.CRL;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXCertPathChecker;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TimeZone;
import java.util.WeakHashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.x500.X500Principal;

/* renamed from: com.aspose.html.utils.dbt, reason: case insensitive filesystem */
/* loaded from: input_file:com/aspose/html/utils/dbt.class */
public class C8247dbt extends PKIXCertPathChecker {
    public static final int rDX = 0;
    public static final int rDY = 1;
    private final Map<X500Principal, Long> rEa;
    private final Set<TrustAnchor> rEb;
    private final boolean rEc;
    private final int rEd;
    private final List<InterfaceC8303dcw<CRL>> rEe;
    private final List<CertStore> rEf;
    private final InterfaceC8238dbk rEg;
    private final boolean rEh;
    private final long rEi;
    private final long rEj;
    private Date rDG;
    private X500Principal rEk;
    private PublicKey rEl;
    private X509Certificate rEm;
    private static Logger qzO = Logger.getLogger(C8247dbt.class.getName());
    private static final Map<C6246cdg, WeakReference<X509CRL>> rDZ = Collections.synchronizedMap(new WeakHashMap());
    protected static final String[] rEn = {"unspecified", "keyCompromise", "cACompromise", "affiliationChanged", "superseded", "cessationOfOperation", "certificateHold", C3111axC.jbh, "removeFromCRL", "privilegeWithdrawn", "aACompromise"};

    /* renamed from: com.aspose.html.utils.dbt$a */
    /* loaded from: input_file:com/aspose/html/utils/dbt$a.class */
    public static class a {
        private Set<TrustAnchor> qBv;
        private List<CertStore> rEf;
        private List<InterfaceC8303dcw<CRL>> plm;
        private boolean rEc;
        private int qBu;
        private Provider pkz;
        private String pkA;
        private boolean rEh;
        private long rEi;
        private long rEj;

        public a(TrustAnchor trustAnchor) {
            this.rEf = new ArrayList();
            this.plm = new ArrayList();
            this.qBu = 0;
            this.qBv = Collections.singleton(trustAnchor);
        }

        public a(Set<TrustAnchor> set) {
            this.rEf = new ArrayList();
            this.plm = new ArrayList();
            this.qBu = 0;
            this.qBv = new HashSet(set);
        }

        public a(KeyStore keyStore) throws KeyStoreException {
            this.rEf = new ArrayList();
            this.plm = new ArrayList();
            this.qBu = 0;
            this.qBv = new HashSet();
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.isCertificateEntry(nextElement)) {
                    this.qBv.add(new TrustAnchor((X509Certificate) keyStore.getCertificate(nextElement), null));
                }
            }
        }

        public a a(CertStore certStore) {
            this.rEf.add(certStore);
            return this;
        }

        public a j(InterfaceC8303dcw<CRL> interfaceC8303dcw) {
            this.plm.add(interfaceC8303dcw);
            return this;
        }

        public a iT(boolean z) {
            this.rEc = z;
            return this;
        }

        public a b(boolean z, long j) {
            this.rEh = z;
            this.rEi = j;
            this.rEj = -1L;
            return this;
        }

        public a c(boolean z, long j) {
            this.rEh = z;
            this.rEi = (j * 3) / 4;
            this.rEj = j;
            return this;
        }

        public a BJ(int i) {
            this.qBu = i;
            return this;
        }

        public a af(Provider provider) {
            this.pkz = provider;
            return this;
        }

        public a Gl(String str) {
            this.pkA = str;
            return this;
        }

        public C8247dbt cZr() {
            return new C8247dbt(this, null);
        }
    }

    /* renamed from: com.aspose.html.utils.dbt$b */
    /* loaded from: input_file:com/aspose/html/utils/dbt$b.class */
    class b implements InterfaceC5427cCu<CRL>, InterfaceC8295dco<CRL> {
        private Collection<CRL> rEs;

        public b(InterfaceC8303dcw<CRL> interfaceC8303dcw) {
            this.rEs = new ArrayList(interfaceC8303dcw.a(null));
        }

        @Override // com.aspose.html.utils.InterfaceC5427cCu, com.aspose.html.utils.InterfaceC8303dcw
        public Collection<CRL> a(InterfaceC8301dcu<CRL> interfaceC8301dcu) {
            if (interfaceC8301dcu == null) {
                return new ArrayList(this.rEs);
            }
            ArrayList arrayList = new ArrayList();
            for (CRL crl : this.rEs) {
                if (interfaceC8301dcu.bl(crl)) {
                    arrayList.add(crl);
                }
            }
            return arrayList;
        }

        @Override // com.aspose.html.utils.InterfaceC8295dco, java.lang.Iterable
        public Iterator<CRL> iterator() {
            return a(null).iterator();
        }
    }

    private C8247dbt(a aVar) {
        this.rEa = new HashMap();
        this.rEe = new ArrayList(aVar.plm);
        this.rEf = new ArrayList(aVar.rEf);
        this.rEc = aVar.rEc;
        this.rEd = aVar.qBu;
        this.rEb = aVar.qBv;
        this.rEh = aVar.rEh;
        this.rEi = aVar.rEi;
        this.rEj = aVar.rEj;
        if (aVar.pkz != null) {
            this.rEg = new C8241dbn(aVar.pkz);
        } else if (aVar.pkA != null) {
            this.rEg = new C8239dbl(aVar.pkA);
        } else {
            this.rEg = new C8237dbj();
        }
    }

    @Override // java.security.cert.PKIXCertPathChecker, java.security.cert.CertPathChecker
    public void init(boolean z) throws CertPathValidatorException {
        if (z) {
            throw new IllegalArgumentException("forward processing not supported");
        }
        this.rDG = new Date();
        this.rEk = null;
    }

    @Override // java.security.cert.PKIXCertPathChecker, java.security.cert.CertPathChecker
    public boolean isForwardCheckingSupported() {
        return false;
    }

    @Override // java.security.cert.PKIXCertPathChecker
    public Set<String> getSupportedExtensions() {
        return null;
    }

    @Override // java.security.cert.PKIXCertPathChecker
    public void check(Certificate certificate, Collection<String> collection) throws CertPathValidatorException {
        X509Certificate x509Certificate = (X509Certificate) certificate;
        if (this.rEc && x509Certificate.getBasicConstraints() != -1) {
            this.rEk = x509Certificate.getSubjectX500Principal();
            this.rEl = x509Certificate.getPublicKey();
            this.rEm = x509Certificate;
            return;
        }
        TrustAnchor trustAnchor = null;
        if (this.rEk == null) {
            this.rEk = x509Certificate.getIssuerX500Principal();
            for (TrustAnchor trustAnchor2 : this.rEb) {
                if (this.rEk.equals(trustAnchor2.getCA()) || this.rEk.equals(trustAnchor2.getTrustedCert().getSubjectX500Principal())) {
                    trustAnchor = trustAnchor2;
                }
            }
            if (trustAnchor == null) {
                throw new CertPathValidatorException("no trust anchor found for " + this.rEk);
            }
            this.rEm = trustAnchor.getTrustedCert();
            this.rEl = this.rEm.getPublicKey();
        }
        ArrayList arrayList = new ArrayList();
        try {
            PKIXParameters pKIXParameters = new PKIXParameters(this.rEb);
            pKIXParameters.setRevocationEnabled(false);
            pKIXParameters.setDate(this.rDG);
            for (int i = 0; i != this.rEf.size(); i++) {
                if (qzO.isLoggable(Level.INFO)) {
                    a(arrayList, this.rEf.get(i));
                }
                pKIXParameters.addCertStore(this.rEf.get(i));
            }
            cCC.a aVar = new cCC.a(pKIXParameters);
            aVar.AO(this.rEd);
            for (int i2 = 0; i2 != this.rEe.size(); i2++) {
                if (qzO.isLoggable(Level.INFO)) {
                    a(arrayList, this.rEe.get(i2));
                }
                aVar.a(new b(this.rEe.get(i2)));
            }
            if (arrayList.isEmpty()) {
                qzO.log(Level.INFO, "configured with 0 pre-loaded CRLs");
            } else if (qzO.isLoggable(Level.FINE)) {
                for (int i3 = 0; i3 != arrayList.size(); i3++) {
                    qzO.log(Level.FINE, "configuring with CRL for issuer \"" + arrayList.get(i3) + "\"");
                }
            } else {
                qzO.log(Level.INFO, "configured with " + arrayList.size() + " pre-loaded CRLs");
            }
            cCC cTE = aVar.cTE();
            try {
                a(cTE, this.rDG, C8244dbq.a(cTE, this.rDG), x509Certificate, this.rEm, this.rEl, new ArrayList(), this.rEg);
            } catch (C8228dba e) {
                throw new CertPathValidatorException(e.getMessage(), e.getCause());
            } catch (C8229dbb e2) {
                if (null == x509Certificate.getExtensionValue(C6243cdd.pbV.getId())) {
                    throw e2;
                }
                try {
                    CRL a2 = a(x509Certificate.getIssuerX500Principal(), this.rDG, C8244dbq.a(x509Certificate, C6243cdd.pbV), this.rEg);
                    if (a2 != null) {
                        try {
                            aVar.a(new b(new C8289dci(Collections.singleton(a2))));
                            cCC cTE2 = aVar.cTE();
                            a(cTE2, this.rDG, C8244dbq.a(cTE2, this.rDG), x509Certificate, this.rEm, this.rEl, new ArrayList(), this.rEg);
                        } catch (C8228dba e3) {
                            throw new CertPathValidatorException(e3.getMessage(), e3.getCause());
                        }
                    } else {
                        if (!this.rEh) {
                            throw e2;
                        }
                        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
                        Long l = this.rEa.get(issuerX500Principal);
                        if (l != null) {
                            long currentTimeMillis = System.currentTimeMillis() - l.longValue();
                            if (this.rEj != -1 && this.rEj < currentTimeMillis) {
                                throw e2;
                            }
                            if (currentTimeMillis < this.rEi) {
                                qzO.log(Level.WARNING, "soft failing for issuer: \"" + issuerX500Principal + "\"");
                            } else {
                                qzO.log(Level.SEVERE, "soft failing for issuer: \"" + issuerX500Principal + "\"");
                            }
                        } else {
                            this.rEa.put(issuerX500Principal, Long.valueOf(System.currentTimeMillis()));
                        }
                    }
                } catch (C8228dba e4) {
                    throw new CertPathValidatorException(e4.getMessage(), e4.getCause());
                }
            }
            this.rEm = x509Certificate;
            this.rEl = x509Certificate.getPublicKey();
            this.rEk = x509Certificate.getSubjectX500Principal();
        } catch (GeneralSecurityException e5) {
            throw new RuntimeException("error setting up baseParams: " + e5.getMessage());
        }
    }

    private void a(List<X500Principal> list, CertStore certStore) throws CertStoreException {
        certStore.getCRLs(new C8248dbu(this, list));
    }

    private void a(List<X500Principal> list, InterfaceC8303dcw<CRL> interfaceC8303dcw) {
        interfaceC8303dcw.a(new C8249dbv(this, list));
    }

    private CRL a(X500Principal x500Principal, Date date, AbstractC3812bUd abstractC3812bUd, InterfaceC5891cTz interfaceC5891cTz) {
        C6240cda[] cDK = C6176ccP.nR(abstractC3812bUd).cDK();
        for (int i = 0; i != cDK.length; i++) {
            C6241cdb cDZ = cDK[i].cDZ();
            if (cDZ != null && cDZ.getType() == 0) {
                C6246cdg[] cEm = C6247cdh.oi(cDZ.cEc()).cEm();
                for (int i2 = 0; i2 != cEm.length; i2++) {
                    C6246cdg c6246cdg = cEm[i2];
                    if (c6246cdg.ctk() == 6) {
                        WeakReference<X509CRL> weakReference = rDZ.get(c6246cdg);
                        if (weakReference != null) {
                            X509CRL x509crl = weakReference.get();
                            if (x509crl != null && !date.before(x509crl.getThisUpdate()) && !date.after(x509crl.getNextUpdate())) {
                                return x509crl;
                            }
                            rDZ.remove(c6246cdg);
                        }
                        URL url = null;
                        try {
                            url = new URL(c6246cdg.cEc().toString());
                            CertificateFactory Dg = interfaceC5891cTz.Dg("X.509");
                            InputStream openStream = url.openStream();
                            X509CRL x509crl2 = (X509CRL) Dg.generateCRL(new BufferedInputStream(openStream));
                            openStream.close();
                            qzO.log(Level.INFO, "downloaded CRL from CrlDP " + url + " for issuer \"" + x500Principal + "\"");
                            rDZ.put(c6246cdg, new WeakReference<>(x509crl2));
                            return x509crl2;
                        } catch (Exception e) {
                            if (qzO.isLoggable(Level.FINE)) {
                                qzO.log(Level.FINE, "CrlDP " + url + " ignored: " + e.getMessage(), (Throwable) e);
                            } else {
                                qzO.log(Level.INFO, "CrlDP " + url + " ignored: " + e.getMessage());
                            }
                        }
                    }
                }
            }
        }
        return null;
    }

    static List<InterfaceC5427cCu> a(C6176ccP c6176ccP, Map<C6246cdg, InterfaceC5427cCu> map) throws C8228dba {
        if (c6176ccP == null) {
            return Collections.emptyList();
        }
        try {
            C6240cda[] cDK = c6176ccP.cDK();
            ArrayList arrayList = new ArrayList();
            for (C6240cda c6240cda : cDK) {
                C6241cdb cDZ = c6240cda.cDZ();
                if (cDZ != null && cDZ.getType() == 0) {
                    for (C6246cdg c6246cdg : C6247cdh.oi(cDZ.cEc()).cEm()) {
                        InterfaceC5427cCu interfaceC5427cCu = map.get(c6246cdg);
                        if (interfaceC5427cCu != null) {
                            arrayList.add(interfaceC5427cCu);
                        }
                    }
                }
            }
            return arrayList;
        } catch (Exception e) {
            throw new C8228dba("could not read distribution points could not be read", e);
        }
    }

    protected void a(cCC ccc, Date date, Date date2, X509Certificate x509Certificate, X509Certificate x509Certificate2, PublicKey publicKey, List list, InterfaceC8238dbk interfaceC8238dbk) throws C8228dba, CertPathValidatorException {
        try {
            C6176ccP nR = C6176ccP.nR(C8244dbq.a(x509Certificate, C6243cdd.pbV));
            C8232dbe c8232dbe = new C8232dbe();
            C8243dbp c8243dbp = new C8243dbp();
            C8228dba c8228dba = null;
            boolean z = false;
            if (nR != null) {
                try {
                    C6240cda[] cDK = nR.cDK();
                    if (cDK != null) {
                        cCC.a aVar = new cCC.a(ccc);
                        try {
                            Iterator<InterfaceC5427cCu> it = a(nR, ccc.cTr()).iterator();
                            while (it.hasNext()) {
                                aVar.a(it.next());
                            }
                            cCC cTE = aVar.cTE();
                            Date a2 = C8244dbq.a(cTE, date);
                            for (int i = 0; i < cDK.length && c8232dbe.cUn() == 11 && !c8243dbp.cVH(); i++) {
                                try {
                                    C8242dbo.a(cDK[i], cTE, date, a2, x509Certificate, x509Certificate2, publicKey, c8232dbe, c8243dbp, list, interfaceC8238dbk);
                                    z = true;
                                } catch (C8228dba e) {
                                    c8228dba = e;
                                }
                            }
                        } catch (C8228dba e2) {
                            throw new C8228dba("no additional CRL locations could be decoded from CRL distribution point extension", e2);
                        }
                    }
                } catch (Exception e3) {
                    throw new C8228dba("cannot read distribution points", e3);
                }
            }
            if (c8232dbe.cUn() == 11 && !c8243dbp.cVH()) {
                try {
                    C8242dbo.a(new C6240cda(new C6241cdb(0, new C6247cdh(new C6246cdg(4, C6209ccw.nG(x509Certificate.getIssuerX500Principal().getEncoded())))), null, null), (cCC) ccc.clone(), date, date2, x509Certificate, x509Certificate2, publicKey, c8232dbe, c8243dbp, list, interfaceC8238dbk);
                    z = true;
                } catch (C8228dba e4) {
                    c8228dba = e4;
                }
            }
            if (!z) {
                if (!(c8228dba instanceof C8228dba)) {
                    throw new C8229dbb("no valid CRL found");
                }
                throw new C8229dbb("no valid CRL found", c8228dba);
            }
            if (c8232dbe.cUn() != 11) {
                SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss Z");
                simpleDateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
                throw new C8228dba(("certificate [issuer=\"" + x509Certificate.getIssuerX500Principal() + "\",serialNumber=" + x509Certificate.getSerialNumber() + ",subject=\"" + x509Certificate.getSubjectX500Principal() + "\"] revoked after " + simpleDateFormat.format(c8232dbe.getRevocationDate())) + ", reason: " + rEn[c8232dbe.cUn()]);
            }
            if (!c8243dbp.cVH() && c8232dbe.cUn() == 11) {
                c8232dbe.AT(12);
            }
            if (c8232dbe.cUn() == 12) {
                throw new C8228dba("certificate status could not be determined");
            }
        } catch (Exception e5) {
            throw new C8228dba("cannot read CRL distribution point extension", e5);
        }
    }

    @Override // java.security.cert.PKIXCertPathChecker
    public Object clone() {
        return this;
    }

    /* synthetic */ C8247dbt(a aVar, C8248dbu c8248dbu) {
        this(aVar);
    }
}
