package com.symantec.gfs;

import java.io.ByteArrayInputStream;
import java.security.Provider;
import java.security.PublicKey;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertStore;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Set;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public final class b {
    private X509Certificate a;
    private c b;
    private Provider c;

    /* JADX INFO: Access modifiers changed from: package-private */
    public b(Provider provider) {
        this.a = null;
        this.b = new c(this);
        this.c = null;
        this.c = provider;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public b(X509Certificate x509Certificate, Provider provider) {
        this.a = null;
        this.b = new c(this);
        this.c = null;
        this.a = x509Certificate;
        this.c = provider;
    }

    private void a(String str) {
        String str2 = "GfsVerify::" + str;
        if (this.a == null) {
            throw new NoValueException(str2, "certificate not set.");
        }
        if (c.b(this.b)) {
            return;
        }
        this.b.a(this);
    }

    private void a(PublicKey publicKey, b bVar, boolean z, Date date) {
        if (this.a == null) {
            throw new NoValueException("GfsCert::verifySignature(PublicKey, GfsCert, boolean, Date)", "certificate not set.");
        }
        p.a("GfsCert::verifySignature(PublicKey, GfsCert, boolean, Date)", "Verifying signature...");
        try {
            this.a.verify(bVar.c());
            p.a("GfsCert::verifySignature(PublicKey, GfsCert, boolean, Date)", "Complete verifying signature.");
            try {
                p.a("GfsCert::verifySignature(PublicKey, GfsCert, boolean, Date)", "Validating a certificate...");
                ArrayList arrayList = new ArrayList();
                arrayList.add(this.a);
                CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList), this.c);
                CertPath generateCertPath = CertificateFactory.getInstance("X.509", this.c).generateCertPath(arrayList);
                Set singleton = Collections.singleton(new TrustAnchor(bVar.a, null));
                CertPathValidator certPathValidator = CertPathValidator.getInstance("PKIX", this.c);
                PKIXParameters pKIXParameters = new PKIXParameters((Set<TrustAnchor>) singleton);
                pKIXParameters.setRevocationEnabled(false);
                pKIXParameters.addCertStore(certStore);
                pKIXParameters.setDate(date);
                certPathValidator.validate(generateCertPath, pKIXParameters);
                p.a("GfsCert::verifySignature(PublicKey, GfsCert, boolean, Date)", "Complete validating the certificate.");
            } catch (Exception e) {
                p.a("GfsCert::verifySignature(PublicKey, GfsCert, boolean, Date)", e.getMessage());
                p.a("GfsCert::verifySignature(PublicKey, GfsCert, boolean, Date)", e.getCause().toString());
                throw new BadCertException("GfsCert::verifySignature(PublicKey, GfsCert, boolean, Date)", e.getMessage());
            }
        } catch (Exception e2) {
            throw new BadSigException("GfsCert::verifySignature(PublicKey, GfsCert, boolean, Date)", e2.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final X509Certificate a() {
        return this.a;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void a(PublicKey publicKey, b bVar) {
        a(publicKey, bVar, false, null);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void a(PublicKey publicKey, b bVar, Date date) {
        a(publicKey, bVar, false, date);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void a(byte[] bArr) {
        p.a("GfsCert::loadFromMemory(byte[])", "Loading CA from memory...");
        try {
            this.a = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
            p.a("GfsCert::loadFromMemory(byte[])", "Complete loading CA.");
            this.b.a();
        } catch (Exception e) {
            throw new BadDataException("GfsCert::loadFromMemory(byte[])", "", p.a(e));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final boolean a(Date date) {
        if (this.a == null) {
            throw new NoValueException("isExpired(Date)", "certificate not set.");
        }
        try {
            this.a.checkValidity(date);
            return false;
        } catch (CertificateExpiredException e) {
            return true;
        } catch (CertificateNotYetValidException e2) {
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String b() {
        a("getLdapNameString()");
        return c.a(this.b).b().a();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final PublicKey c() {
        if (this.a == null) {
            throw new NoValueException("GfsCert::getPublicKey()", "certificate not set.");
        }
        return this.a.getPublicKey();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final f d() {
        a("getSubjectDN()");
        return c.a(this.b).b();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final f e() {
        a("getIssuerDN()");
        return c.a(this.b).a();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final d f() {
        if (this.a == null) {
            throw new NoValueException("GfsCert::getCertFields()", "certificate not set.");
        }
        if (!c.b(this.b)) {
            this.b.a(this);
        }
        return c.a(this.b);
    }
}
