package org.bouncycastle.jce.provider;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.CertPathValidatorException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import qb.d;
import qb.i;
import sb.n;
import ya.a0;
import ya.g;
import ya.h1;
import ya.j1;
import ya.p;
import ya.s;
import ya.u;
import ya.v;
import yb.d0;
import yc.l;
import yc.m;
import ye.f;
import zb.k;

/* loaded from: classes.dex */
public final class b implements l {

    /* renamed from: x1, reason: collision with root package name */
    public static final HashMap f8274x1;
    public final c X;
    public final ld.b Y;
    public m Z;
    public boolean x0;

    /* renamed from: y0, reason: collision with root package name */
    public String f8275y0;

    static {
        HashMap hashMap = new HashMap();
        f8274x1 = hashMap;
        hashMap.put(new u("1.2.840.113549.1.1.5"), "SHA1WITHRSA");
        hashMap.put(n.H, "SHA224WITHRSA");
        hashMap.put(n.E, "SHA256WITHRSA");
        hashMap.put(n.F, "SHA384WITHRSA");
        hashMap.put(n.G, "SHA512WITHRSA");
        hashMap.put(eb.a.f4622k, "GOST3411WITHGOST3410");
        hashMap.put(eb.a.f4623l, "GOST3411WITHECGOST3410");
        hashMap.put(tb.a.e, "GOST3411-2012-256WITHECGOST3410-2012-256");
        hashMap.put(tb.a.f9438f, "GOST3411-2012-512WITHECGOST3410-2012-512");
        hashMap.put(uc.a.f10001a, "SHA1WITHPLAIN-ECDSA");
        hashMap.put(uc.a.f10002b, "SHA224WITHPLAIN-ECDSA");
        hashMap.put(uc.a.f10003c, "SHA256WITHPLAIN-ECDSA");
        hashMap.put(uc.a.f10004d, "SHA384WITHPLAIN-ECDSA");
        hashMap.put(uc.a.e, "SHA512WITHPLAIN-ECDSA");
        hashMap.put(uc.a.f10005f, "RIPEMD160WITHPLAIN-ECDSA");
        hashMap.put(wc.a.f10634a, "SHA1WITHCVC-ECDSA");
        hashMap.put(wc.a.f10635b, "SHA224WITHCVC-ECDSA");
        hashMap.put(wc.a.f10636c, "SHA256WITHCVC-ECDSA");
        hashMap.put(wc.a.f10637d, "SHA384WITHCVC-ECDSA");
        hashMap.put(wc.a.e, "SHA512WITHCVC-ECDSA");
        hashMap.put(kb.a.f7015a, "XMSS");
        hashMap.put(kb.a.f7016b, "XMSSMT");
        hashMap.put(new u("1.2.840.113549.1.1.4"), "MD5WITHRSA");
        hashMap.put(new u("1.2.840.113549.1.1.2"), "MD2WITHRSA");
        hashMap.put(new u("1.2.840.10040.4.3"), "SHA1WITHDSA");
        hashMap.put(k.T0, "SHA1WITHECDSA");
        hashMap.put(k.W0, "SHA224WITHECDSA");
        hashMap.put(k.X0, "SHA256WITHECDSA");
        hashMap.put(k.Y0, "SHA384WITHECDSA");
        hashMap.put(k.Z0, "SHA512WITHECDSA");
        hashMap.put(rb.a.f8784h, "SHA1WITHRSA");
        hashMap.put(rb.a.f8783g, "SHA1WITHDSA");
        hashMap.put(ob.b.R, "SHA224WITHDSA");
        hashMap.put(ob.b.S, "SHA256WITHDSA");
    }

    public b(c cVar, ld.a aVar) {
        this.X = cVar;
        this.Y = aVar;
    }

    public static byte[] b(MessageDigest messageDigest, PublicKey publicKey) {
        return messageDigest.digest(d0.o(publicKey.getEncoded()).Y.D());
    }

    public static String e(yb.b bVar) {
        g gVar = bVar.Y;
        if (gVar == null || h1.Y.t(gVar) || !bVar.X.u(n.D)) {
            HashMap hashMap = f8274x1;
            return hashMap.containsKey(bVar.X) ? (String) hashMap.get(bVar.X) : bVar.X.X;
        }
        sb.u o = sb.u.o(gVar);
        StringBuilder sb2 = new StringBuilder();
        String a10 = ld.c.a(o.X.X);
        int indexOf = a10.indexOf(45);
        if (indexOf > 0 && !a10.startsWith("SHA3")) {
            a10 = a10.substring(0, indexOf) + a10.substring(indexOf + 1);
        }
        return androidx.activity.g.h(sb2, a10, "WITHRSAANDMGF1");
    }

    public static X509Certificate f(qb.a aVar, X509Certificate x509Certificate, X509Certificate x509Certificate2, ld.b bVar) {
        s sVar = aVar.X.Z.X;
        byte[] bArr = sVar instanceof v ? ((v) sVar).X : null;
        if (bArr != null) {
            MessageDigest f8 = bVar.f("SHA1");
            if (x509Certificate2 != null && Arrays.equals(bArr, b(f8, x509Certificate2.getPublicKey()))) {
                return x509Certificate2;
            }
            if (x509Certificate != null && Arrays.equals(bArr, b(f8, x509Certificate.getPublicKey()))) {
                return x509Certificate;
            }
        } else {
            xb.a aVar2 = xb.a.f10800q;
            wb.c o = wb.c.o(aVar2, sVar instanceof v ? null : wb.c.p(sVar));
            if (x509Certificate2 != null && o.equals(wb.c.o(aVar2, x509Certificate2.getSubjectX500Principal().getEncoded()))) {
                return x509Certificate2;
            }
            if (x509Certificate != null && o.equals(wb.c.o(aVar2, x509Certificate.getSubjectX500Principal().getEncoded()))) {
                return x509Certificate;
            }
        }
        return null;
    }

    public static boolean g(i iVar, X509Certificate x509Certificate, ld.b bVar) {
        s sVar = iVar.X;
        wb.c cVar = null;
        byte[] bArr = sVar instanceof v ? ((v) sVar).X : null;
        if (bArr != null) {
            return Arrays.equals(bArr, b(bVar.f("SHA1"), x509Certificate.getPublicKey()));
        }
        xb.a aVar = xb.a.f10800q;
        if (!(sVar instanceof v)) {
            cVar = wb.c.p(sVar);
        }
        return wb.c.o(aVar, cVar).equals(wb.c.o(aVar, x509Certificate.getSubjectX500Principal().getEncoded()));
    }

    /* JADX WARN: Unreachable blocks removed: 6, instructions: 6 */
    public static boolean h(qb.a aVar, m mVar, byte[] bArr, X509Certificate x509Certificate, ld.b bVar) {
        try {
            a0 a0Var = aVar.x0;
            Signature b10 = bVar.b(e(aVar.Y));
            X509Certificate f8 = f(aVar, mVar.e, x509Certificate, bVar);
            if (f8 == null && a0Var == null) {
                throw new CertPathValidatorException("OCSP responder certificate not found");
            }
            if (f8 != null) {
                b10.initVerify(f8.getPublicKey());
            } else {
                X509Certificate x509Certificate2 = (X509Certificate) bVar.p("X.509").generateCertificate(new ByteArrayInputStream(a0Var.F(0).g().getEncoded()));
                x509Certificate2.verify(mVar.e.getPublicKey());
                x509Certificate2.checkValidity(new Date(mVar.f11132b.getTime()));
                if (!g(aVar.X.Z, x509Certificate2, bVar)) {
                    throw new CertPathValidatorException("responder certificate does not match responderID", null, mVar.f11133c, mVar.f11134d);
                }
                List<String> extendedKeyUsage = x509Certificate2.getExtendedKeyUsage();
                if (extendedKeyUsage == null || !extendedKeyUsage.contains(yb.v.Y.X.X)) {
                    throw new CertPathValidatorException("responder certificate not valid for signing OCSP responses", null, mVar.f11133c, mVar.f11134d);
                }
                b10.initVerify(x509Certificate2);
            }
            b10.update(aVar.X.n("DER"));
            if (!b10.verify(aVar.Z.D())) {
                return false;
            }
            if (bArr != null && !Arrays.equals(bArr, aVar.X.f8646x1.o(d.f8644b).Z.X)) {
                throw new CertPathValidatorException("nonce mismatch in OCSP response", null, mVar.f11133c, mVar.f11134d);
            }
            return true;
        } catch (IOException e) {
            throw new CertPathValidatorException(a1.a.n(e, a1.a.p("OCSP response failure: ")), e, mVar.f11133c, mVar.f11134d);
        } catch (CertPathValidatorException e10) {
            throw e10;
        } catch (GeneralSecurityException e11) {
            StringBuilder p10 = a1.a.p("OCSP response failure: ");
            p10.append(e11.getMessage());
            throw new CertPathValidatorException(p10.toString(), e11, mVar.f11133c, mVar.f11134d);
        }
    }

    @Override // yc.l
    public final void a(m mVar) {
        this.Z = mVar;
        this.x0 = f.b("ocsp.enable");
        this.f8275y0 = f.a("ocsp.responderURL");
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public final qb.b c(yb.b bVar, yb.i iVar, p pVar) {
        try {
            MessageDigest f8 = this.Y.f(ld.c.a(bVar.X));
            return new qb.b(bVar, new j1(f8.digest(iVar.Y.F1.n("DER"))), new j1(f8.digest(iVar.Y.G1.Y.D())), pVar);
        } catch (Exception e) {
            throw new CertPathValidatorException("problem creating ID: " + e, e);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:120:0x0283, code lost:
    
        r0 = qb.f.o(r8.toByteArray());
     */
    /* JADX WARN: Code restructure failed: missing block: B:122:0x0293, code lost:
    
        if (r0.X.X.E() != 0) goto L120;
     */
    /* JADX WARN: Code restructure failed: missing block: B:123:0x0295, code lost:
    
        r1 = qb.j.o(r0.Y);
     */
    /* JADX WARN: Code restructure failed: missing block: B:124:0x02a3, code lost:
    
        if (r1.X.u(qb.d.f8643a) == false) goto L105;
     */
    /* JADX WARN: Code restructure failed: missing block: B:125:0x02a5, code lost:
    
        r1 = h(qb.a.o(r1.Y.X), r6, r11, r7, r9);
     */
    /* JADX WARN: Code restructure failed: missing block: B:126:0x02b4, code lost:
    
        if (r1 == false) goto L117;
     */
    /* JADX WARN: Code restructure failed: missing block: B:127:0x02b6, code lost:
    
        r1 = od.e.f8001a.get(r3);
     */
    /* JADX WARN: Code restructure failed: missing block: B:128:0x02be, code lost:
    
        if (r1 == null) goto L110;
     */
    /* JADX WARN: Code restructure failed: missing block: B:129:0x02c0, code lost:
    
        r1.get().put(r4, r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:130:0x02dc, code lost:
    
        r11 = r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:131:0x02ca, code lost:
    
        r1 = new java.util.HashMap();
        r1.put(r4, r0);
        od.e.f8001a.put(r3, new java.lang.ref.WeakReference<>(r1));
     */
    /* JADX WARN: Code restructure failed: missing block: B:134:0x030f, code lost:
    
        throw new java.security.cert.CertPathValidatorException("OCSP response failed to validate", null, r6.f11133c, r6.f11134d);
     */
    /* JADX WARN: Code restructure failed: missing block: B:135:0x02b2, code lost:
    
        r1 = false;
     */
    /* JADX WARN: Code restructure failed: missing block: B:136:0x0310, code lost:
    
        r2 = new java.lang.StringBuilder();
        r2.append("OCSP responder failed: ");
        r0 = r0.X.X;
        r0.getClass();
        r2.append(new java.math.BigInteger(r0.X));
     */
    /* JADX WARN: Code restructure failed: missing block: B:137:0x033c, code lost:
    
        throw new java.security.cert.CertPathValidatorException(r2.toString(), null, r6.f11133c, r6.f11134d);
     */
    /* JADX WARN: Code restructure failed: missing block: B:138:0x033d, code lost:
    
        r0 = e;
     */
    /* JADX WARN: Code restructure failed: missing block: B:140:0x0353, code lost:
    
        throw new java.security.cert.CertPathValidatorException(a1.a.n(r0, a1.a.p("configuration error: ")), r0, r6.f11133c, r6.f11134d);
     */
    /* JADX WARN: Code restructure failed: missing block: B:148:0x02dd, code lost:
    
        r1 = r16;
        r2.put(r1, r11.getEncoded());
     */
    /* JADX WARN: Code restructure failed: missing block: B:149:0x02e6, code lost:
    
        r0 = true;
        r4 = null;
        r3 = r22;
     */
    /* JADX WARN: Code restructure failed: missing block: B:223:0x02ef, code lost:
    
        r0 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:224:0x02f0, code lost:
    
        r2 = r22.Z;
     */
    /* JADX WARN: Code restructure failed: missing block: B:225:0x02ff, code lost:
    
        throw new java.security.cert.CertPathValidatorException("unable to encode OCSP response", r0, r2.f11133c, r2.f11134d);
     */
    /* JADX WARN: Code restructure failed: missing block: B:92:0x018a, code lost:
    
        if (r11 != null) goto L214;
     */
    /* JADX WARN: Multi-variable type inference failed */
    @Override // yc.l
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final void check(java.security.cert.Certificate r23) {
        /*
            Method dump skipped, instructions count: 1322
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jce.provider.b.check(java.security.cert.Certificate):void");
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public final yb.i d() {
        try {
            return yb.i.o(this.Z.e.getEncoded());
        } catch (Exception e) {
            String f8 = androidx.activity.g.f(e, a1.a.p("cannot process signing cert: "));
            m mVar = this.Z;
            throw new CertPathValidatorException(f8, e, mVar.f11133c, mVar.f11134d);
        }
    }
}
