package X;

import java.io.IOException;
import java.math.BigInteger;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.MessageDigest;
import java.security.cert.CertPathValidatorException;
import java.security.cert.Certificate;
import java.security.cert.Extension;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/* loaded from: classes6.dex */
public class CE5 implements InterfaceC25457CaF {
    public static final Map A05;
    public String A00;
    public C23878Bgq A01;
    public boolean A02;
    public final CY3 A03;
    public final CFT A04;

    static {
        HashMap A0v = AbstractC38711qg.A0v();
        A05 = A0v;
        A0v.put(AbstractC22820Azu.A15("1.2.840.113549.1.1.5"), "SHA1WITHRSA");
        A0v.put(InterfaceC18030w0.A2D, "SHA224WITHRSA");
        A0v.put(InterfaceC18030w0.A2E, "SHA256WITHRSA");
        AbstractC22823Azx.A0b(InterfaceC18030w0.A2F, A0v);
        AbstractC22823Azx.A0a(InterfaceC25538Cbs.A0G, A0v);
    }

    public CE5(CY3 cy3, CFT cft) {
        this.A04 = cft;
        this.A03 = cy3;
    }

    private C25367CTl A00(CUN cun, CU2 cu2, C25368CTm c25368CTm) {
        try {
            CY3 cy3 = this.A03;
            C18070w4 c18070w4 = cu2.A01;
            String A0x = AbstractC38731qi.A0x(c18070w4, AbstractC23577BaZ.A00);
            if (A0x == null) {
                A0x = c18070w4.A01;
            }
            MessageDigest messageDigest = MessageDigest.getInstance(A0x, ((CEB) cy3).A00);
            C25369CTn c25369CTn = c25368CTm.A03;
            return new C25367CTl(cun, new CUE(messageDigest.digest(c25369CTn.A06.A0A("DER"))), new CUE(messageDigest.digest(c25369CTn.A09.A00.A0I())), cu2);
        } catch (Exception e) {
            throw new CertPathValidatorException(AnonymousClass001.A0Z(e, "problem creating ID: ", AnonymousClass000.A0x()), e);
        }
    }

    private C25368CTm A01() {
        try {
            return C25368CTm.A00(this.A01.A03.getEncoded());
        } catch (Exception e) {
            throw C23878Bgq.A00(AbstractC88144dg.A0d("cannot process signing cert: ", AnonymousClass000.A0x(), e), e, this.A01);
        }
    }

    public static boolean A02(MessageDigest messageDigest, Certificate certificate, byte[] bArr) {
        return Arrays.equals(bArr, messageDigest.digest(C25363CTh.A00(certificate.getPublicKey().getEncoded()).A00.A0I()));
    }

    /* JADX WARN: Code restructure failed: missing block: B:76:0x00e4, code lost:
    
        if (r0 != false) goto L52;
     */
    /* JADX WARN: Removed duplicated region for block: B:71:0x00e9  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static boolean A03(java.security.cert.X509Certificate r11, X.C25366CTk r12, X.C23878Bgq r13, X.CY3 r14, byte[] r15) {
        /*
            Method dump skipped, instructions count: 483
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: X.CE5.A03(java.security.cert.X509Certificate, X.CTk, X.Bgq, X.CY3, byte[]):boolean");
    }

    @Override // X.InterfaceC25457CaF
    public void BVV(C23878Bgq c23878Bgq) {
        this.A01 = c23878Bgq;
        this.A02 = Bt0.A01("ocsp.enable");
        this.A00 = Bt0.A00("ocsp.responderURL");
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // X.InterfaceC25457CaF
    public void check(Certificate certificate) {
        byte[] bArr;
        boolean z;
        X509Certificate x509Certificate = (X509Certificate) certificate;
        CFT cft = this.A04;
        Map<X509Certificate, byte[]> ocspResponses = cft.getOcspResponses();
        URI ocspResponder = cft.getOcspResponder();
        if (ocspResponder == null) {
            String str = this.A00;
            if (str != null) {
                try {
                    ocspResponder = new URI(str);
                } catch (URISyntaxException e) {
                    throw C23878Bgq.A00(AbstractC88144dg.A0d("configuration error: ", AnonymousClass000.A0x(), e), e, this.A01);
                }
            } else {
                byte[] extensionValue = x509Certificate.getExtensionValue(CU4.A04.A01);
                ocspResponder = null;
                if (extensionValue != null) {
                    byte[] A03 = CUS.A03(extensionValue);
                    C25372CTq[] c25372CTqArr = (A03 instanceof CTW ? (CTW) A03 : A03 != 0 ? new CTW(CUP.A04(A03)) : null).A00;
                    int length = c25372CTqArr.length;
                    C25372CTq[] c25372CTqArr2 = new C25372CTq[length];
                    System.arraycopy(c25372CTqArr, 0, c25372CTqArr2, 0, length);
                    int i = 0;
                    while (true) {
                        if (i == length) {
                            break;
                        }
                        C25372CTq c25372CTq = c25372CTqArr2[i];
                        if (C25372CTq.A03.A0H(c25372CTq.A00)) {
                            CUA cua = c25372CTq.A01;
                            if (cua.A00 == 6) {
                                try {
                                    ocspResponder = new URI(((InterfaceC25431CZc) cua.A01).BSE());
                                    break;
                                } catch (URISyntaxException unused) {
                                    continue;
                                }
                            } else {
                                continue;
                            }
                        }
                        i++;
                    }
                }
            }
        }
        if (ocspResponses.get(x509Certificate) != null || ocspResponder == null) {
            List<Extension> ocspExtensions = cft.getOcspExtensions();
            bArr = null;
            for (int i2 = 0; i2 != ocspExtensions.size(); i2++) {
                Extension extension = ocspExtensions.get(i2);
                byte[] value = extension.getValue();
                if ("1.3.6.1.5.5.7.48.1.2".equals(extension.getId())) {
                    bArr = value;
                }
            }
            z = false;
        } else {
            if (this.A00 == null && cft.getOcspResponder() == null && !this.A02) {
                C23878Bgq c23878Bgq = this.A01;
                throw new CFN("OCSP disabled by \"ocsp.enable\" setting", c23878Bgq.A02, c23878Bgq.A00);
            }
            try {
                ocspResponses.put(x509Certificate, AbstractC24255BoE.A00(ocspResponder, cft.getOcspResponderCert(), cft.getOcspExtensions(), A00(new CUN(x509Certificate.getSerialNumber()), new CU2(InterfaceC18110wA.A07), A01()), this.A01, this.A03).A09());
                bArr = null;
                z = true;
            } catch (IOException e2) {
                C23878Bgq c23878Bgq2 = this.A01;
                throw new CertPathValidatorException("unable to encode OCSP response", e2, c23878Bgq2.A02, c23878Bgq2.A00);
            }
        }
        if (ocspResponses.isEmpty()) {
            C23878Bgq c23878Bgq3 = this.A01;
            throw new CFN("no OCSP response found for any certificate", c23878Bgq3.A02, c23878Bgq3.A00);
        }
        byte[] bArr2 = ocspResponses.get(x509Certificate);
        CTQ ctq = bArr2 instanceof CTQ ? (CTQ) bArr2 : bArr2 != 0 ? new CTQ(CUP.A04(bArr2)) : null;
        CUN cun = new CUN(x509Certificate.getSerialNumber());
        if (ctq == null) {
            C23878Bgq c23878Bgq4 = this.A01;
            throw new CFN("no OCSP response found for certificate", c23878Bgq4.A02, c23878Bgq4.A00);
        }
        CUL cul = ctq.A00.A00;
        if (cul.A0I() != 0) {
            StringBuilder A0x = AnonymousClass000.A0x();
            A0x.append("OCSP response failed: ");
            throw C23878Bgq.A00(AnonymousClass000.A0s(new BigInteger(cul.A00), A0x), null, this.A01);
        }
        CTd cTd = ctq.A01;
        if (cTd == null) {
            cTd = null;
        }
        if (cTd.A00.A0H(InterfaceC25533Cbn.A02)) {
            try {
                byte[] bArr3 = cTd.A01.A00;
                C25366CTk c25366CTk = bArr3 instanceof C25366CTk ? (C25366CTk) bArr3 : bArr3 != 0 ? new C25366CTk(CUP.A04(bArr3)) : null;
                if (!z) {
                    if (!A03(cft.getOcspResponderCert(), c25366CTk, this.A01, this.A03, bArr)) {
                        return;
                    }
                }
                C25379CTx c25379CTx = c25366CTk.A02;
                CUN cun2 = C25379CTx.A06;
                if (c25379CTx == null) {
                    c25379CTx = null;
                }
                CUP cup = c25379CTx.A00;
                C25367CTl c25367CTl = null;
                for (int i3 = 0; i3 != cup.A0I(); i3++) {
                    InterfaceC18040w1 A0K = cup.A0K(i3);
                    CTT ctt = A0K instanceof CTT ? (CTT) A0K : A0K != null ? new CTT(CUP.A04(A0K)) : null;
                    C25367CTl c25367CTl2 = ctt.A01;
                    if (cun.A0H(c25367CTl2.A00)) {
                        CUO cuo = ctt.A00;
                        if (cuo != null && new Date(this.A01.A04.getTime()).after(cuo.A0J())) {
                            throw new CFO();
                        }
                        if (c25367CTl == null || !c25367CTl.A03.equals(c25367CTl2.A03)) {
                            c25367CTl = A00(cun, c25367CTl2.A03, A01());
                        }
                        if (c25367CTl.equals(c25367CTl2)) {
                            CU7 cu7 = ctt.A02;
                            int i4 = cu7.A00;
                            if (i4 != 0) {
                                if (i4 != 1) {
                                    throw C23878Bgq.A00("certificate revoked, details unknown", null, this.A01);
                                }
                                InterfaceC18040w1 interfaceC18040w1 = cu7.A01;
                                CTR ctr = interfaceC18040w1 instanceof CTR ? (CTR) interfaceC18040w1 : interfaceC18040w1 != null ? new CTR(CUP.A04(interfaceC18040w1)) : null;
                                C25380CTy c25380CTy = ctr.A01;
                                StringBuilder A0x2 = AnonymousClass000.A0x();
                                A0x2.append("certificate revoked, reason=(");
                                A0x2.append(c25380CTy);
                                A0x2.append("), date=");
                                throw C23878Bgq.A00(AnonymousClass000.A0s(ctr.A00.A0J(), A0x2), null, this.A01);
                            }
                            return;
                        }
                    }
                }
            } catch (CertPathValidatorException e3) {
                throw e3;
            } catch (Exception e4) {
                C23878Bgq c23878Bgq5 = this.A01;
                throw new CertPathValidatorException("unable to process OCSP response", e4, c23878Bgq5.A02, c23878Bgq5.A00);
            }
        }
    }
}
