package X;

import java.io.IOException;
import java.math.BigInteger;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.MessageDigest;
import java.security.cert.CertPathValidatorException;
import java.security.cert.Certificate;
import java.security.cert.Extension;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/* renamed from: X.C0q, reason: case insensitive filesystem */
/* loaded from: classes6.dex */
public class C24083C0q implements InterfaceC24441CNc {
    public static final Map A05;
    public String A00;
    public C22431BMw A01;
    public boolean A02;
    public final CKD A03;
    public final C27 A04;

    static {
        HashMap A0r = C1NA.A0r();
        A05 = A0r;
        A0r.put(AMH.A17("1.2.840.113549.1.1.5"), "SHA1WITHRSA");
        A0r.put(InterfaceC18040vz.A2D, "SHA224WITHRSA");
        A0r.put(InterfaceC18040vz.A2E, "SHA256WITHRSA");
        AMK.A19(InterfaceC18040vz.A2F, A0r);
        AMK.A18(COw.A0G, A0r);
    }

    public C24083C0q(CKD ckd, C27 c27) {
        this.A04 = c27;
        this.A03 = ckd;
    }

    private C24338CFp A00(CGS cgs, CG6 cg6, C24339CFq c24339CFq) {
        try {
            CKD ckd = this.A03;
            C18080w3 c18080w3 = cg6.A01;
            String A0x = C1NC.A0x(c18080w3, AbstractC22246BFi.A00);
            if (A0x == null) {
                A0x = c18080w3.A01;
            }
            MessageDigest messageDigest = MessageDigest.getInstance(A0x, ((C24088C0w) ckd).A00);
            C24340CFr c24340CFr = c24339CFq.A03;
            return new C24338CFp(cgs, new CGI(messageDigest.digest(c24340CFr.A06.A0A("DER"))), new CGI(messageDigest.digest(c24340CFr.A09.A00.A0I())), cg6);
        } catch (Exception e) {
            throw new CertPathValidatorException(AnonymousClass000.A0s(e, "problem creating ID: ", AnonymousClass000.A0x()), e);
        }
    }

    private C24339CFq A01() {
        try {
            return C24339CFq.A00(this.A01.A03.getEncoded());
        } catch (Exception e) {
            throw C22431BMw.A00(AbstractC75064Bk.A0h("cannot process signing cert: ", AnonymousClass000.A0x(), e), e, this.A01);
        }
    }

    public static boolean A02(MessageDigest messageDigest, Certificate certificate, byte[] bArr) {
        return Arrays.equals(bArr, messageDigest.digest(C24334CFl.A00(certificate.getPublicKey().getEncoded()).A00.A0I()));
    }

    /* JADX WARN: Code restructure failed: missing block: B:76:0x00e3, code lost:
    
        if (r0 != false) goto L52;
     */
    /* JADX WARN: Removed duplicated region for block: B:71:0x00e8  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static boolean A03(java.security.cert.X509Certificate r11, X.C24337CFo r12, X.C22431BMw r13, X.CKD r14, byte[] r15) {
        /*
            Method dump skipped, instructions count: 486
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: X.C24083C0q.A03(java.security.cert.X509Certificate, X.CFo, X.BMw, X.CKD, byte[]):boolean");
    }

    @Override // X.InterfaceC24441CNc
    public void BUw(C22431BMw c22431BMw) {
        this.A01 = c22431BMw;
        this.A02 = AbstractC22701BaE.A01("ocsp.enable");
        this.A00 = AbstractC22701BaE.A00("ocsp.responderURL");
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // X.InterfaceC24441CNc
    public void check(Certificate certificate) {
        byte[] bArr;
        boolean z;
        X509Certificate x509Certificate = (X509Certificate) certificate;
        C27 c27 = this.A04;
        Map<X509Certificate, byte[]> ocspResponses = c27.getOcspResponses();
        URI ocspResponder = c27.getOcspResponder();
        if (ocspResponder == null) {
            String str = this.A00;
            if (str != null) {
                try {
                    ocspResponder = new URI(str);
                } catch (URISyntaxException e) {
                    throw C22431BMw.A00(AbstractC75064Bk.A0h("configuration error: ", AnonymousClass000.A0x(), e), e, this.A01);
                }
            } else {
                byte[] extensionValue = x509Certificate.getExtensionValue(CG8.A04.A01);
                ocspResponder = null;
                if (extensionValue != null) {
                    byte[] A03 = CGX.A03(extensionValue);
                    C24343CFu[] c24343CFuArr = (A03 instanceof CFa ? (CFa) A03 : A03 != 0 ? new CFa(CGU.A04(A03)) : null).A00;
                    int length = c24343CFuArr.length;
                    C24343CFu[] c24343CFuArr2 = new C24343CFu[length];
                    System.arraycopy(c24343CFuArr, 0, c24343CFuArr2, 0, length);
                    int i = 0;
                    while (true) {
                        if (i == length) {
                            break;
                        }
                        C24343CFu c24343CFu = c24343CFuArr2[i];
                        if (C24343CFu.A03.A0H(c24343CFu.A00)) {
                            CGE cge = c24343CFu.A01;
                            if (cge.A00 == 6) {
                                try {
                                    ocspResponder = new URI(((CMR) cge.A01).BRi());
                                    break;
                                } catch (URISyntaxException unused) {
                                    continue;
                                }
                            } else {
                                continue;
                            }
                        }
                        i++;
                    }
                }
            }
        }
        if (ocspResponses.get(x509Certificate) != null || ocspResponder == null) {
            List<Extension> ocspExtensions = c27.getOcspExtensions();
            bArr = null;
            for (int i2 = 0; i2 != ocspExtensions.size(); i2++) {
                Extension extension = ocspExtensions.get(i2);
                byte[] value = extension.getValue();
                if ("1.3.6.1.5.5.7.48.1.2".equals(extension.getId())) {
                    bArr = value;
                }
            }
            z = false;
        } else {
            if (this.A00 == null && c27.getOcspResponder() == null && !this.A02) {
                C22431BMw c22431BMw = this.A01;
                throw new C21("OCSP disabled by \"ocsp.enable\" setting", c22431BMw.A02, c22431BMw.A00);
            }
            try {
                ocspResponses.put(x509Certificate, AbstractC22598BVb.A00(ocspResponder, c27.getOcspResponderCert(), c27.getOcspExtensions(), A00(new CGS(x509Certificate.getSerialNumber()), new CG6(InterfaceC18120w9.A07), A01()), this.A01, this.A03).A09());
                bArr = null;
                z = true;
            } catch (IOException e2) {
                C22431BMw c22431BMw2 = this.A01;
                throw new CertPathValidatorException("unable to encode OCSP response", e2, c22431BMw2.A02, c22431BMw2.A00);
            }
        }
        if (ocspResponses.isEmpty()) {
            C22431BMw c22431BMw3 = this.A01;
            throw new C21("no OCSP response found for any certificate", c22431BMw3.A02, c22431BMw3.A00);
        }
        byte[] bArr2 = ocspResponses.get(x509Certificate);
        CFU cfu = bArr2 instanceof CFU ? (CFU) bArr2 : bArr2 != 0 ? new CFU(CGU.A04(bArr2)) : null;
        CGS cgs = new CGS(x509Certificate.getSerialNumber());
        if (cfu == null) {
            C22431BMw c22431BMw4 = this.A01;
            throw new C21("no OCSP response found for certificate", c22431BMw4.A02, c22431BMw4.A00);
        }
        CGQ cgq = cfu.A00.A00;
        if (cgq.A0I() != 0) {
            StringBuilder A0x = AnonymousClass000.A0x();
            A0x.append("OCSP response failed: ");
            throw C22431BMw.A00(C1ND.A0l(new BigInteger(cgq.A00), A0x), null, this.A01);
        }
        CFh cFh = cfu.A01;
        if (cFh == null) {
            cFh = null;
        }
        if (cFh.A00.A0H(InterfaceC24472COr.A02)) {
            try {
                byte[] bArr3 = cFh.A01.A00;
                C24337CFo c24337CFo = bArr3 instanceof C24337CFo ? (C24337CFo) bArr3 : bArr3 != 0 ? new C24337CFo(CGU.A04(bArr3)) : null;
                if (!z) {
                    if (!A03(c27.getOcspResponderCert(), c24337CFo, this.A01, this.A03, bArr)) {
                        return;
                    }
                }
                CG1 cg1 = c24337CFo.A02;
                CGS cgs2 = CG1.A06;
                if (cg1 == null) {
                    cg1 = null;
                }
                CGU cgu = cg1.A00;
                C24338CFp c24338CFp = null;
                for (int i3 = 0; i3 != cgu.A0I(); i3++) {
                    InterfaceC18050w0 A0K = cgu.A0K(i3);
                    CFX cfx = A0K instanceof CFX ? (CFX) A0K : A0K != null ? new CFX(CGU.A04(A0K)) : null;
                    C24338CFp c24338CFp2 = cfx.A01;
                    if (cgs.A0H(c24338CFp2.A00)) {
                        CGT cgt = cfx.A00;
                        if (cgt != null && new Date(this.A01.A04.getTime()).after(cgt.A0J())) {
                            throw new C22();
                        }
                        if (c24338CFp == null || !c24338CFp.A03.equals(c24338CFp2.A03)) {
                            c24338CFp = A00(cgs, c24338CFp2.A03, A01());
                        }
                        if (c24338CFp.equals(c24338CFp2)) {
                            CGB cgb = cfx.A02;
                            int i4 = cgb.A00;
                            if (i4 != 0) {
                                if (i4 != 1) {
                                    throw C22431BMw.A00("certificate revoked, details unknown", null, this.A01);
                                }
                                InterfaceC18050w0 interfaceC18050w0 = cgb.A01;
                                CFV cfv = interfaceC18050w0 instanceof CFV ? (CFV) interfaceC18050w0 : interfaceC18050w0 != null ? new CFV(CGU.A04(interfaceC18050w0)) : null;
                                CG2 cg2 = cfv.A01;
                                StringBuilder A0x2 = AnonymousClass000.A0x();
                                A0x2.append("certificate revoked, reason=(");
                                A0x2.append(cg2);
                                A0x2.append("), date=");
                                throw C22431BMw.A00(C1ND.A0l(cfv.A00.A0J(), A0x2), null, this.A01);
                            }
                            return;
                        }
                    }
                }
            } catch (CertPathValidatorException e3) {
                throw e3;
            } catch (Exception e4) {
                C22431BMw c22431BMw5 = this.A01;
                throw new CertPathValidatorException("unable to process OCSP response", e4, c22431BMw5.A02, c22431BMw5.A00);
            }
        }
    }
}
