package com.appmattus.certificatetransparency.internal.verifier;

import com.appmattus.certificatetransparency.CTLogger;
import com.appmattus.certificatetransparency.CTPolicy;
import com.appmattus.certificatetransparency.VerificationResult;
import com.appmattus.certificatetransparency.cache.DiskCache;
import com.appmattus.certificatetransparency.chaincleaner.CertificateChainCleanerFactory;
import com.appmattus.certificatetransparency.datasource.DataSource;
import com.appmattus.certificatetransparency.internal.utils.asn1.ASN1Kt;
import com.appmattus.certificatetransparency.internal.utils.asn1.query.ASN1Query;
import com.appmattus.certificatetransparency.internal.utils.asn1.query.ASN1QueryKt;
import com.appmattus.certificatetransparency.loglist.LogListService;
import java.lang.reflect.Method;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.net.ssl.X509TrustManager;
import kotlin.collections.ArraysKt;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: CertificateTransparencyTrustManagerBasic.kt */
/* loaded from: classes4.dex */
public final class CertificateTransparencyTrustManagerBasic implements X509TrustManager, CertificateTransparencyTrustManager {
    private final Method checkServerTrustedMethod;
    private final CertificateTransparencyBase ctBase;
    private final X509TrustManager delegate;
    private final boolean failOnError;
    private final Method isSameTrustConfigurationMethod;
    private final CTLogger logger;

    public CertificateTransparencyTrustManagerBasic(X509TrustManager delegate, Set includeHosts, Set excludeHosts, CertificateChainCleanerFactory certificateChainCleanerFactory, LogListService logListService, DataSource dataSource, CTPolicy cTPolicy, DiskCache diskCache, boolean z, CTLogger cTLogger) {
        Method method;
        Intrinsics.checkNotNullParameter(delegate, "delegate");
        Intrinsics.checkNotNullParameter(includeHosts, "includeHosts");
        Intrinsics.checkNotNullParameter(excludeHosts, "excludeHosts");
        this.delegate = delegate;
        this.failOnError = z;
        this.logger = cTLogger;
        this.ctBase = new CertificateTransparencyBase(includeHosts, excludeHosts, certificateChainCleanerFactory, delegate, logListService, dataSource, cTPolicy, diskCache);
        Method method2 = null;
        try {
            method = delegate.getClass().getDeclaredMethod("checkServerTrusted", X509Certificate[].class, String.class, String.class);
        } catch (NoSuchMethodException unused) {
            method = null;
        }
        this.checkServerTrustedMethod = method;
        try {
            method2 = this.delegate.getClass().getDeclaredMethod("isSameTrustConfiguration", String.class, String.class);
        } catch (NoSuchMethodException unused2) {
        }
        this.isSameTrustConfigurationMethod = method2;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] chain, String authType) {
        Intrinsics.checkNotNullParameter(chain, "chain");
        Intrinsics.checkNotNullParameter(authType, "authType");
        this.delegate.checkClientTrusted(chain, authType);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] chain, String authType) {
        Intrinsics.checkNotNullParameter(chain, "chain");
        Intrinsics.checkNotNullParameter(authType, "authType");
        this.delegate.checkServerTrusted(chain, authType);
        byte[] encoded = ((X509Certificate) ArraysKt.first(chain)).getSubjectX500Principal().getEncoded();
        Intrinsics.checkNotNullExpressionValue(encoded, "getEncoded(...)");
        String str = (String) ASN1QueryKt.query(ASN1Kt.toAsn1$default(encoded, null, 1, null), new Function1() { // from class: com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManagerBasic$checkServerTrusted$commonName$1
            @Override // kotlin.jvm.functions.Function1
            public final String invoke(ASN1Query query) {
                Object obj;
                List seq;
                ASN1Query aSN1Query;
                List seq2;
                ASN1Query aSN1Query2;
                Intrinsics.checkNotNullParameter(query, "$this$query");
                Iterator it = query.seq().iterator();
                while (true) {
                    if (!it.hasNext()) {
                        obj = null;
                        break;
                    }
                    obj = it.next();
                    if (Intrinsics.areEqual(((ASN1Query) CollectionsKt.first(((ASN1Query) CollectionsKt.first(((ASN1Query) obj).seq())).seq())).oid(), "2.5.4.3")) {
                        break;
                    }
                }
                ASN1Query aSN1Query3 = (ASN1Query) obj;
                if (aSN1Query3 == null || (seq = aSN1Query3.seq()) == null || (aSN1Query = (ASN1Query) CollectionsKt.first(seq)) == null || (seq2 = aSN1Query.seq()) == null || (aSN1Query2 = (ASN1Query) seq2.get(1)) == null) {
                    return null;
                }
                return aSN1Query2.string();
            }
        });
        if (str == null) {
            throw new CertificateException("No commonName found in certificate subjectDN");
        }
        VerificationResult verifyCertificateTransparency = verifyCertificateTransparency(str, ArraysKt.toList(chain));
        CTLogger cTLogger = this.logger;
        if (cTLogger != null) {
            cTLogger.log(str, verifyCertificateTransparency);
        }
        if ((verifyCertificateTransparency instanceof VerificationResult.Failure) && this.failOnError) {
            throw new CertificateException("Certificate transparency failed");
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        X509Certificate[] acceptedIssuers = this.delegate.getAcceptedIssuers();
        Intrinsics.checkNotNullExpressionValue(acceptedIssuers, "getAcceptedIssuers(...)");
        return acceptedIssuers;
    }

    @Override // com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManager
    public VerificationResult verifyCertificateTransparency(String host, List certificates) {
        Intrinsics.checkNotNullParameter(host, "host");
        Intrinsics.checkNotNullParameter(certificates, "certificates");
        return this.ctBase.verifyCertificateTransparency(host, certificates);
    }
}
