package X;

import java.io.IOException;
import java.math.BigInteger;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.MessageDigest;
import java.security.cert.CertPathValidatorException;
import java.security.cert.Certificate;
import java.security.cert.Extension;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/* renamed from: X.BpP, reason: case insensitive filesystem */
/* loaded from: classes6.dex */
public class C23588BpP implements CAB {
    public static final Map A05;
    public String A00;
    public C22374B9h A01;
    public boolean A02;
    public final C7D A03;
    public final C23668Bqx A04;

    static {
        HashMap A0s = C1MC.A0s();
        A05 = A0s;
        A0s.put(AbstractC1370677y.A18("1.2.840.113549.1.1.5"), "SHA1WITHRSA");
        A0s.put(InterfaceC17590vO.A2D, "SHA224WITHRSA");
        A0s.put(InterfaceC17590vO.A2E, "SHA256WITHRSA");
        AOM.A0i(InterfaceC17590vO.A2F, A0s);
        AOM.A0h(CCV.A0G, A0s);
    }

    public C23588BpP(C7D c7d, C23668Bqx c23668Bqx) {
        this.A04 = c23668Bqx;
        this.A03 = c7d;
    }

    private C2U A00(C36 c36, C24120C2k c24120C2k, C2V c2v) {
        try {
            C7D c7d = this.A03;
            C17630vS c17630vS = c24120C2k.A01;
            String A0y = C1ME.A0y(c17630vS, AbstractC160548Ui.A00);
            if (A0y == null) {
                A0y = c17630vS.A01;
            }
            MessageDigest messageDigest = MessageDigest.getInstance(A0y, ((C23591BpS) c7d).A00);
            C2W c2w = c2v.A03;
            return new C2U(c36, new C24132C2w(messageDigest.digest(c2w.A06.A0A("DER"))), new C24132C2w(messageDigest.digest(c2w.A09.A00.A0I())), c24120C2k);
        } catch (Exception e) {
            throw new CertPathValidatorException(AnonymousClass001.A0Z(e, "problem creating ID: ", AnonymousClass000.A0w()), e);
        }
    }

    private C2V A01() {
        try {
            return C2V.A00(this.A01.A03.getEncoded());
        } catch (Exception e) {
            throw C22374B9h.A00(C49L.A0e("cannot process signing cert: ", AnonymousClass000.A0w(), e), e, this.A01);
        }
    }

    public static boolean A02(MessageDigest messageDigest, Certificate certificate, byte[] bArr) {
        return Arrays.equals(bArr, messageDigest.digest(C2Q.A00(certificate.getPublicKey().getEncoded()).A00.A0I()));
    }

    /* JADX WARN: Code restructure failed: missing block: B:76:0x00e3, code lost:
    
        if (r0 != false) goto L52;
     */
    /* JADX WARN: Removed duplicated region for block: B:71:0x00e8  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static boolean A03(java.security.cert.X509Certificate r11, X.C2T r12, X.C22374B9h r13, X.C7D r14, byte[] r15) {
        /*
            Method dump skipped, instructions count: 482
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: X.C23588BpP.A03(java.security.cert.X509Certificate, X.C2T, X.B9h, X.C7D, byte[]):boolean");
    }

    @Override // X.CAB
    public void BSL(C22374B9h c22374B9h) {
        this.A01 = c22374B9h;
        this.A02 = AbstractC22661BOs.A01("ocsp.enable");
        this.A00 = AbstractC22661BOs.A00("ocsp.responderURL");
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // X.CAB
    public void check(Certificate certificate) {
        byte[] bArr;
        boolean z;
        X509Certificate x509Certificate = (X509Certificate) certificate;
        C23668Bqx c23668Bqx = this.A04;
        Map<X509Certificate, byte[]> ocspResponses = c23668Bqx.getOcspResponses();
        URI ocspResponder = c23668Bqx.getOcspResponder();
        if (ocspResponder == null) {
            String str = this.A00;
            if (str != null) {
                try {
                    ocspResponder = new URI(str);
                } catch (URISyntaxException e) {
                    throw C22374B9h.A00(C49L.A0e("configuration error: ", AnonymousClass000.A0w(), e), e, this.A01);
                }
            } else {
                byte[] extensionValue = x509Certificate.getExtensionValue(C24122C2m.A04.A01);
                ocspResponder = null;
                if (extensionValue != null) {
                    byte[] A03 = C3B.A03(extensionValue);
                    C2Y[] c2yArr = (A03 instanceof C2F ? (C2F) A03 : A03 != 0 ? new C2F(C38.A04(A03)) : null).A00;
                    int length = c2yArr.length;
                    C2Y[] c2yArr2 = new C2Y[length];
                    System.arraycopy(c2yArr, 0, c2yArr2, 0, length);
                    int i = 0;
                    while (true) {
                        if (i == length) {
                            break;
                        }
                        C2Y c2y = c2yArr2[i];
                        if (C2Y.A03.A0H(c2y.A00)) {
                            C24128C2s c24128C2s = c2y.A01;
                            if (c24128C2s.A00 == 6) {
                                try {
                                    ocspResponder = new URI(((C9I) c24128C2s.A01).BP8());
                                    break;
                                } catch (URISyntaxException unused) {
                                    continue;
                                }
                            } else {
                                continue;
                            }
                        }
                        i++;
                    }
                }
            }
        }
        if (ocspResponses.get(x509Certificate) != null || ocspResponder == null) {
            List<Extension> ocspExtensions = c23668Bqx.getOcspExtensions();
            bArr = null;
            for (int i2 = 0; i2 != ocspExtensions.size(); i2++) {
                Extension extension = ocspExtensions.get(i2);
                byte[] value = extension.getValue();
                if ("1.3.6.1.5.5.7.48.1.2".equals(extension.getId())) {
                    bArr = value;
                }
            }
            z = false;
        } else {
            if (this.A00 == null && c23668Bqx.getOcspResponder() == null && !this.A02) {
                C22374B9h c22374B9h = this.A01;
                throw new C23665Bqr("OCSP disabled by \"ocsp.enable\" setting", c22374B9h.A02, c22374B9h.A00);
            }
            try {
                ocspResponses.put(x509Certificate, AbstractC22556BIo.A00(ocspResponder, c23668Bqx.getOcspResponderCert(), c23668Bqx.getOcspExtensions(), A00(new C36(x509Certificate.getSerialNumber()), new C24120C2k(InterfaceC17670vY.A07), A01()), this.A01, this.A03).A09());
                bArr = null;
                z = true;
            } catch (IOException e2) {
                C22374B9h c22374B9h2 = this.A01;
                throw new CertPathValidatorException("unable to encode OCSP response", e2, c22374B9h2.A02, c22374B9h2.A00);
            }
        }
        if (ocspResponses.isEmpty()) {
            C22374B9h c22374B9h3 = this.A01;
            throw new C23665Bqr("no OCSP response found for any certificate", c22374B9h3.A02, c22374B9h3.A00);
        }
        byte[] bArr2 = ocspResponses.get(x509Certificate);
        C29 c29 = bArr2 instanceof C29 ? (C29) bArr2 : bArr2 != 0 ? new C29(C38.A04(bArr2)) : null;
        C36 c36 = new C36(x509Certificate.getSerialNumber());
        if (c29 == null) {
            C22374B9h c22374B9h4 = this.A01;
            throw new C23665Bqr("no OCSP response found for certificate", c22374B9h4.A02, c22374B9h4.A00);
        }
        C34 c34 = c29.A00.A00;
        if (c34.A0I() != 0) {
            StringBuilder A0w = AnonymousClass000.A0w();
            A0w.append("OCSP response failed: ");
            throw C22374B9h.A00(AnonymousClass000.A0r(new BigInteger(c34.A00), A0w), null, this.A01);
        }
        C2M c2m = c29.A01;
        if (c2m == null) {
            c2m = null;
        }
        if (c2m.A00.A0H(CCQ.A02)) {
            try {
                byte[] bArr3 = c2m.A01.A00;
                C2T c2t = bArr3 instanceof C2T ? (C2T) bArr3 : bArr3 != 0 ? new C2T(C38.A04(bArr3)) : null;
                if (!z) {
                    if (!A03(c23668Bqx.getOcspResponderCert(), c2t, this.A01, this.A03, bArr)) {
                        return;
                    }
                }
                C24115C2f c24115C2f = c2t.A02;
                C36 c362 = C24115C2f.A06;
                if (c24115C2f == null) {
                    c24115C2f = null;
                }
                C38 c38 = c24115C2f.A00;
                C2U c2u = null;
                for (int i3 = 0; i3 != c38.A0I(); i3++) {
                    InterfaceC17600vP A0K = c38.A0K(i3);
                    C2C c2c = A0K instanceof C2C ? (C2C) A0K : A0K != null ? new C2C(C38.A04(A0K)) : null;
                    C2U c2u2 = c2c.A01;
                    if (c36.A0H(c2u2.A02)) {
                        C37 c37 = c2c.A00;
                        if (c37 != null && new Date(this.A01.A04.getTime()).after(c37.A0J())) {
                            throw new C23666Bqs();
                        }
                        if (c2u == null || !c2u.A03.equals(c2u2.A03)) {
                            c2u = A00(c36, c2u2.A03, A01());
                        }
                        if (c2u.equals(c2u2)) {
                            C24125C2p c24125C2p = c2c.A02;
                            int i4 = c24125C2p.A00;
                            if (i4 != 0) {
                                if (i4 != 1) {
                                    throw C22374B9h.A00("certificate revoked, details unknown", null, this.A01);
                                }
                                InterfaceC17600vP interfaceC17600vP = c24125C2p.A01;
                                C2A c2a = interfaceC17600vP instanceof C2A ? (C2A) interfaceC17600vP : interfaceC17600vP != null ? new C2A(C38.A04(interfaceC17600vP)) : null;
                                C24116C2g c24116C2g = c2a.A01;
                                StringBuilder A0w2 = AnonymousClass000.A0w();
                                A0w2.append("certificate revoked, reason=(");
                                A0w2.append(c24116C2g);
                                A0w2.append("), date=");
                                throw C22374B9h.A00(AnonymousClass000.A0r(c2a.A00.A0J(), A0w2), null, this.A01);
                            }
                            return;
                        }
                    }
                }
            } catch (CertPathValidatorException e3) {
                throw e3;
            } catch (Exception e4) {
                C22374B9h c22374B9h5 = this.A01;
                throw new CertPathValidatorException("unable to process OCSP response", e4, c22374B9h5.A02, c22374B9h5.A00);
            }
        }
    }
}
