package Wq;

import Qq.C3230g;
import Qq.c0;
import Uq.l;
import Wq.v;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.function.Consumer;
import java.util.function.Function;
import java.util.function.Predicate;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.security.auth.x500.X500Principal;
import org.apache.logging.log4j.util.m0;
import org.bouncycastle.asn1.ASN1IA5String;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.cmp.PKIFailureInfo;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.CRLDistPoint;
import org.bouncycastle.asn1.x509.DistributionPoint;
import org.bouncycastle.asn1.x509.DistributionPointName;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
import org.bouncycastle.cms.DefaultCMSSignatureAlgorithmNameGenerator;
import org.bouncycastle.cms.SignerId;
import org.bouncycastle.cms.bc.BcRSASignerInfoVerifierBuilder;
import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
import org.bouncycastle.tsp.TimeStampRequest;
import org.bouncycastle.tsp.TimeStampRequestGenerator;
import org.bouncycastle.tsp.TimeStampResponse;
import org.bouncycastle.tsp.TimeStampToken;
import org.bouncycastle.util.Selector;

/* loaded from: classes5.dex */
public class u implements w {

    /* renamed from: a, reason: collision with root package name */
    public static final org.apache.logging.log4j.g f45683a = org.apache.logging.log4j.f.s(u.class);

    /* loaded from: classes5.dex */
    public static /* synthetic */ class a {

        /* renamed from: a, reason: collision with root package name */
        public static final /* synthetic */ int[] f45684a;

        static {
            int[] iArr = new int[c0.values().length];
            f45684a = iArr;
            try {
                iArr[c0.sha1.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f45684a[c0.sha256.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                f45684a[c0.sha384.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                f45684a[c0.sha512.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
        }
    }

    public static /* synthetic */ boolean p(DistributionPointName distributionPointName) {
        return distributionPointName.getType() == 0;
    }

    public static /* synthetic */ Stream q(DistributionPointName distributionPointName) {
        return Stream.of((Object[]) GeneralNames.getInstance(distributionPointName.getName()).getNames());
    }

    public static /* synthetic */ boolean r(GeneralName generalName) {
        return generalName.getTagNo() == 6;
    }

    public static /* synthetic */ String s(GeneralName generalName) {
        return ASN1IA5String.getInstance(generalName.getName()).getString();
    }

    public static /* synthetic */ String u(X509CertificateHolder x509CertificateHolder) {
        return x509CertificateHolder.getSubject().toString();
    }

    public static /* synthetic */ boolean v(X500Name x500Name, BigInteger bigInteger, X509CertificateHolder x509CertificateHolder) {
        return x500Name.equals(x509CertificateHolder.getIssuer()) && bigInteger.equals(x509CertificateHolder.getSerialNumber());
    }

    public static /* synthetic */ IllegalStateException w() {
        return new IllegalStateException("TSP response token has no signer certificate");
    }

    public List<byte[]> A(final Uq.l lVar, final X509Certificate x509Certificate) throws IOException {
        final List<l.b> k10 = lVar.k();
        byte[] extensionValue = x509Certificate.getExtensionValue(Extension.cRLDistributionPoints.getId());
        return extensionValue == null ? Collections.emptyList() : (List) Stream.of((Object[]) CRLDistPoint.getInstance(JcaX509ExtensionUtils.parseExtensionValue(extensionValue)).getDistributionPoints()).map(new Function() { // from class: Wq.r
            @Override // java.util.function.Function
            public final Object apply(Object obj) {
                DistributionPointName distributionPoint;
                distributionPoint = ((DistributionPoint) obj).getDistributionPoint();
                return distributionPoint;
            }
        }).filter(new Predicate() { // from class: Wq.s
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                return Objects.nonNull((DistributionPointName) obj);
            }
        }).filter(new Predicate() { // from class: Wq.t
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean p10;
                p10 = u.p((DistributionPointName) obj);
                return p10;
            }
        }).flatMap(new Function() { // from class: Wq.g
            @Override // java.util.function.Function
            public final Object apply(Object obj) {
                Stream q10;
                q10 = u.q((DistributionPointName) obj);
                return q10;
            }
        }).filter(new Predicate() { // from class: Wq.h
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean r10;
                r10 = u.r((GeneralName) obj);
                return r10;
            }
        }).map(new Function() { // from class: Wq.i
            @Override // java.util.function.Function
            public final Object apply(Object obj) {
                String s10;
                s10 = u.s((GeneralName) obj);
                return s10;
            }
        }).flatMap(new Function() { // from class: Wq.j
            @Override // java.util.function.Function
            public final Object apply(Object obj) {
                Stream t10;
                t10 = u.this.t(k10, x509Certificate, lVar, (String) obj);
                return t10;
            }
        }).filter(new Predicate() { // from class: Wq.k
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                return Objects.nonNull((byte[]) obj);
            }
        }).collect(Collectors.toList());
    }

    @Override // Wq.w
    public byte[] a(Uq.q qVar, byte[] bArr, final C4172c c4172c) throws Exception {
        Uq.l m10 = qVar.m();
        byte[] digest = C3230g.n(m10.H()).digest(bArr);
        BigInteger bigInteger = new BigInteger(128, new SecureRandom());
        TimeStampRequestGenerator timeStampRequestGenerator = new TimeStampRequestGenerator();
        timeStampRequestGenerator.setCertReq(true);
        String K10 = m10.K();
        if (K10 != null) {
            timeStampRequestGenerator.setReqPolicy(new ASN1ObjectIdentifier(K10));
        }
        TimeStampRequest generate = timeStampRequestGenerator.generate(x(m10.H()), digest, bigInteger);
        v I10 = m10.I();
        I10.b(m10);
        I10.c(m10.b0() ? "application/timestamp-request" : "application/timestamp-query");
        v.a j10 = I10.j(m10.M(), generate.getEncoded());
        if (!j10.e()) {
            throw new IOException("Requesting timestamp data failed");
        }
        byte[] d10 = j10.d();
        if (d10.length == 0) {
            throw new IllegalStateException("Content-Length is zero");
        }
        TimeStampResponse timeStampResponse = new TimeStampResponse(d10);
        timeStampResponse.validate(generate);
        if (timeStampResponse.getStatus() != 0) {
            org.apache.logging.log4j.g gVar = f45683a;
            gVar.c1().q("status: {}", m0.g(timeStampResponse.getStatus()));
            gVar.c1().q("status string: {}", timeStampResponse.getStatusString());
            PKIFailureInfo failInfo = timeStampResponse.getFailInfo();
            if (failInfo != null) {
                gVar.c1().q("fail info int value: {}", m0.g(failInfo.intValue()));
                if (256 == failInfo.intValue()) {
                    gVar.c1().a("unaccepted policy");
                }
            }
            throw new IllegalStateException("timestamp response status != 0: " + timeStampResponse.getStatus());
        }
        TimeStampToken timeStampToken = timeStampResponse.getTimeStampToken();
        SignerId sid = timeStampToken.getSID();
        final BigInteger serialNumber = sid.getSerialNumber();
        final X500Name issuer = sid.getIssuer();
        org.apache.logging.log4j.g gVar2 = f45683a;
        gVar2.c1().q("signer cert serial number: {}", serialNumber);
        gVar2.c1().q("signer cert issuer: {}", issuer);
        Map map = (Map) timeStampToken.getCertificates().getMatches((Selector) null).stream().collect(Collectors.toMap(new Function() { // from class: Wq.n
            @Override // java.util.function.Function
            public final Object apply(Object obj) {
                String u10;
                u10 = u.u((X509CertificateHolder) obj);
                return u10;
            }
        }, Function.identity()));
        X509CertificateHolder x509CertificateHolder = (X509CertificateHolder) map.values().stream().filter(new Predicate() { // from class: Wq.o
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean v10;
                v10 = u.v(issuer, serialNumber, (X509CertificateHolder) obj);
                return v10;
            }
        }).findFirst().orElseThrow(new Supplier() { // from class: Wq.p
            @Override // java.util.function.Supplier
            public final Object get() {
                IllegalStateException w10;
                w10 = u.w();
                return w10;
            }
        });
        JcaX509CertificateConverter jcaX509CertificateConverter = new JcaX509CertificateConverter();
        jcaX509CertificateConverter.setProvider("BC");
        X509Certificate certificate = jcaX509CertificateConverter.getCertificate(x509CertificateHolder);
        do {
            c4172c.d(certificate);
            X500Principal issuerX500Principal = certificate.getIssuerX500Principal();
            if (certificate.getSubjectX500Principal().equals(issuerX500Principal)) {
                break;
            }
            X509CertificateHolder x509CertificateHolder2 = (X509CertificateHolder) map.get(issuerX500Principal.getName());
            certificate = x509CertificateHolder2 != null ? jcaX509CertificateConverter.getCertificate(x509CertificateHolder2) : m10.h(issuerX500Principal.getName());
            if (certificate != null) {
                A(m10, certificate).forEach(new Consumer() { // from class: Wq.q
                    @Override // java.util.function.Consumer
                    public final void accept(Object obj) {
                        C4172c.this.c((byte[]) obj);
                    }
                });
            }
        } while (certificate != null);
        timeStampToken.validate(new BcRSASignerInfoVerifierBuilder(new DefaultCMSSignatureAlgorithmNameGenerator(), new DefaultSignatureAlgorithmIdentifierFinder(), new DefaultDigestAlgorithmIdentifierFinder(), new BcDigestCalculatorProvider()).build(x509CertificateHolder));
        if (m10.O() != null) {
            m10.O().a(c4172c.h(), c4172c);
        }
        f45683a.c1().q("time-stamp token time: {}", timeStampToken.getTimeStampInfo().getGenTime());
        return timeStampToken.getEncoded();
    }

    public l.b m(Uq.l lVar, String str) {
        if (!lVar.V()) {
            return null;
        }
        v I10 = lVar.I();
        I10.b(lVar);
        I10.e(null, null);
        try {
            v.a d10 = I10.d(str);
            if (!d10.e()) {
                return null;
            }
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                byte[] d11 = d10.d();
                return lVar.b(str, ((X509CRL) certificateFactory.generateCRL(new ByteArrayInputStream(d11))).getIssuerX500Principal().getName(), d11);
            } catch (GeneralSecurityException e10) {
                f45683a.y5().d(e10).q("CRL download failed from {}", str);
                return null;
            }
        } catch (IOException unused) {
        }
    }

    public final /* synthetic */ Stream t(List list, final X509Certificate x509Certificate, Uq.l lVar, final String str) {
        l.b m10;
        List list2 = (List) list.stream().filter(new Predicate() { // from class: Wq.f
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean n10;
                n10 = u.this.n(x509Certificate, str, (l.b) obj);
                return n10;
            }
        }).collect(Collectors.toList());
        Stream filter = list.stream().filter(new Predicate() { // from class: Wq.l
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean o10;
                o10 = u.this.o(x509Certificate, str, (l.b) obj);
                return o10;
            }
        });
        if (list2.isEmpty() && (m10 = m(lVar, str)) != null) {
            list2.add(m10);
        }
        return Stream.concat(list2.stream(), filter).map(new Function() { // from class: Wq.m
            @Override // java.util.function.Function
            public final Object apply(Object obj) {
                return ((l.b) obj).b();
            }
        });
    }

    public ASN1ObjectIdentifier x(c0 c0Var) {
        int i10 = a.f45684a[c0Var.ordinal()];
        if (i10 == 1) {
            return X509ObjectIdentifiers.id_SHA1;
        }
        if (i10 == 2) {
            return NISTObjectIdentifiers.id_sha256;
        }
        if (i10 == 3) {
            return NISTObjectIdentifiers.id_sha384;
        }
        if (i10 == 4) {
            return NISTObjectIdentifiers.id_sha512;
        }
        throw new IllegalArgumentException("unsupported digest algo: " + c0Var);
    }

    /* renamed from: y, reason: merged with bridge method [inline-methods] */
    public boolean o(l.b bVar, X509Certificate x509Certificate, String str) {
        return x509Certificate.getSubjectX500Principal().getName().equals(bVar.a());
    }

    /* renamed from: z, reason: merged with bridge method [inline-methods] */
    public boolean n(l.b bVar, X509Certificate x509Certificate, String str) {
        return str.equals(bVar.c());
    }
}
