package com.itextpdf.signatures.validation;

import com.itextpdf.signatures.ICrlClient;
import com.itextpdf.signatures.IOcspClient;
import com.itextpdf.signatures.validation.SignatureValidationProperties;
import com.itextpdf.signatures.validation.context.CertificateSource;
import com.itextpdf.signatures.validation.context.CertificateSources;
import com.itextpdf.signatures.validation.context.TimeBasedContext;
import com.itextpdf.signatures.validation.context.TimeBasedContexts;
import com.itextpdf.signatures.validation.context.ValidationContext;
import com.itextpdf.signatures.validation.context.ValidatorContext;
import com.itextpdf.signatures.validation.context.ValidatorContexts;
import com.itextpdf.signatures.validation.extensions.CertificateExtension;
import com.itextpdf.signatures.validation.extensions.DynamicBasicConstraintsExtension;
import com.itextpdf.signatures.validation.extensions.ExtendedKeyUsageExtension;
import com.itextpdf.signatures.validation.extensions.KeyUsage;
import com.itextpdf.signatures.validation.extensions.KeyUsageExtension;
import java.time.Duration;
import java.util.ArrayList;
import java.util.Collections;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.function.Consumer;
import java.util.function.Function;

/* loaded from: classes2.dex */
public class SignatureValidationProperties {
    public static final boolean DEFAULT_CONTINUE_AFTER_FAILURE = true;
    private final List<ICrlClient> crlClients;
    private final List<IOcspClient> ocspClients;
    private final HashMap<ValidationContext, ContextProperties> properties = new HashMap<>();
    public static final Duration DEFAULT_FRESHNESS_PRESENT_CRL = Duration.ofDays(30);
    public static final Duration DEFAULT_FRESHNESS_PRESENT_OCSP = Duration.ofDays(30);
    public static final Duration DEFAULT_FRESHNESS_HISTORICAL = Duration.ofMinutes(1);
    public static final OnlineFetching DEFAULT_ONLINE_FETCHING = OnlineFetching.FETCH_IF_NO_OTHER_DATA_AVAILABLE;

    /* loaded from: classes2.dex */
    public static class ContextProperties {
        private Boolean continueAfterFailure;
        private Duration freshness;
        private OnlineFetching onlineFetching;
        private List<CertificateExtension> requiredExtensions;

        public Boolean getContinueAfterFailure() {
            return this.continueAfterFailure;
        }

        public Duration getFreshness() {
            return this.freshness;
        }

        public OnlineFetching getOnlineFetching() {
            return this.onlineFetching;
        }

        public List<CertificateExtension> getRequiredExtensions() {
            return this.requiredExtensions;
        }

        public void setContinueAfterFailure(Boolean bool) {
            this.continueAfterFailure = bool;
        }

        public void setFreshness(Duration duration) {
            this.freshness = duration;
        }

        public void setOnlineFetching(OnlineFetching onlineFetching) {
            this.onlineFetching = onlineFetching;
        }

        public void setRequiredExtensions(List<CertificateExtension> list) {
            this.requiredExtensions = list;
        }
    }

    /* loaded from: classes2.dex */
    public enum OnlineFetching {
        ALWAYS_FETCH,
        FETCH_IF_NO_OTHER_DATA_AVAILABLE,
        NEVER_FETCH
    }

    public SignatureValidationProperties() {
        ArrayList arrayList = new ArrayList();
        this.ocspClients = arrayList;
        ArrayList arrayList2 = new ArrayList();
        this.crlClients = arrayList2;
        setContinueAfterFailure(ValidatorContexts.all(), CertificateSources.all(), true);
        setRevocationOnlineFetching(ValidatorContexts.all(), CertificateSources.all(), TimeBasedContexts.all(), DEFAULT_ONLINE_FETCHING);
        setFreshness(ValidatorContexts.all(), CertificateSources.all(), TimeBasedContexts.of(TimeBasedContext.HISTORICAL, new TimeBasedContext[0]), DEFAULT_FRESHNESS_HISTORICAL);
        ValidatorContexts all = ValidatorContexts.all();
        CertificateSources all2 = CertificateSources.all();
        TimeBasedContext timeBasedContext = TimeBasedContext.PRESENT;
        setFreshness(all, all2, TimeBasedContexts.of(timeBasedContext, new TimeBasedContext[0]), DEFAULT_FRESHNESS_PRESENT_OCSP);
        setFreshness(ValidatorContexts.of(ValidatorContext.CRL_VALIDATOR, new ValidatorContext[0]), CertificateSources.all(), TimeBasedContexts.of(timeBasedContext, new TimeBasedContext[0]), DEFAULT_FRESHNESS_PRESENT_CRL);
        setRequiredExtensions(CertificateSources.of(CertificateSource.CRL_ISSUER, new CertificateSource[0]), Collections.singletonList(new KeyUsageExtension(KeyUsage.CRL_SIGN)));
        setRequiredExtensions(CertificateSources.of(CertificateSource.OCSP_ISSUER, new CertificateSource[0]), Collections.singletonList(new ExtendedKeyUsageExtension(Collections.singletonList(ExtendedKeyUsageExtension.OCSP_SIGNING))));
        setRequiredExtensions(CertificateSources.of(CertificateSource.SIGNER_CERT, new CertificateSource[0]), Collections.singletonList(new KeyUsageExtension(KeyUsage.NON_REPUDIATION)));
        ArrayList arrayList3 = new ArrayList();
        arrayList3.add(new KeyUsageExtension(KeyUsage.KEY_CERT_SIGN));
        arrayList3.add(new DynamicBasicConstraintsExtension());
        setRequiredExtensions(CertificateSources.of(CertificateSource.CERT_ISSUER, new CertificateSource[0]), arrayList3);
        setRequiredExtensions(CertificateSources.of(CertificateSource.TIMESTAMP, new CertificateSource[0]), Collections.singletonList(new ExtendedKeyUsageExtension(Collections.singletonList("1.3.6.1.5.5.7.3.8"))));
        arrayList.add(new ValidationOcspClient());
        arrayList2.add(new ValidationCrlClient());
    }

    public static /* synthetic */ Boolean lambda$getContinueAfterFailure$2(ContextProperties contextProperties) {
        return contextProperties.getContinueAfterFailure();
    }

    public static /* synthetic */ Duration lambda$getFreshness$0(ContextProperties contextProperties) {
        return contextProperties.getFreshness();
    }

    public static /* synthetic */ List lambda$getRequiredExtensions$6(ContextProperties contextProperties) {
        return contextProperties.getRequiredExtensions();
    }

    public static /* synthetic */ OnlineFetching lambda$getRevocationOnlineFetching$4(ContextProperties contextProperties) {
        return contextProperties.getOnlineFetching();
    }

    public static /* synthetic */ void lambda$setContinueAfterFailure$3(boolean z2, ContextProperties contextProperties) {
        contextProperties.setContinueAfterFailure(Boolean.valueOf(z2));
    }

    public static /* synthetic */ ContextProperties lambda$setParameterValueFor$8(ValidationContext validationContext) {
        return new ContextProperties();
    }

    public final SignatureValidationProperties addCrlClient(ICrlClient iCrlClient) {
        this.crlClients.add(iCrlClient);
        return this;
    }

    public final SignatureValidationProperties addOcspClient(IOcspClient iOcspClient) {
        this.ocspClients.add(iOcspClient);
        return this;
    }

    public boolean getContinueAfterFailure(ValidationContext validationContext) {
        return ((Boolean) getParametersValueFor(validationContext.getValidatorContext(), validationContext.getCertificateSource(), validationContext.getTimeBasedContext(), new o(2))).booleanValue();
    }

    public List<ICrlClient> getCrlClients() {
        return Collections.unmodifiableList(this.crlClients);
    }

    public Duration getFreshness(ValidationContext validationContext) {
        return (Duration) getParametersValueFor(validationContext.getValidatorContext(), validationContext.getCertificateSource(), validationContext.getTimeBasedContext(), new o(0));
    }

    public List<IOcspClient> getOcspClients() {
        return Collections.unmodifiableList(this.ocspClients);
    }

    public <T> T getParametersValueFor(ValidatorContext validatorContext, CertificateSource certificateSource, TimeBasedContext timeBasedContext, Function<ContextProperties, T> function) {
        ValidationContext validationContext = new ValidationContext(validatorContext, certificateSource, timeBasedContext);
        if (this.properties.containsKey(validationContext)) {
            return function.apply(this.properties.get(validationContext));
        }
        return null;
    }

    public List<CertificateExtension> getRequiredExtensions(ValidationContext validationContext) {
        return (List) getParametersValueFor(validationContext.getValidatorContext(), validationContext.getCertificateSource(), validationContext.getTimeBasedContext(), new o(1));
    }

    public OnlineFetching getRevocationOnlineFetching(ValidationContext validationContext) {
        return (OnlineFetching) getParametersValueFor(validationContext.getValidatorContext(), validationContext.getCertificateSource(), validationContext.getTimeBasedContext(), new o(3));
    }

    public final SignatureValidationProperties setContinueAfterFailure(ValidatorContexts validatorContexts, CertificateSources certificateSources, final boolean z2) {
        setParameterValueFor(validatorContexts.getSet(), certificateSources.getSet(), TimeBasedContexts.all().getSet(), new Consumer() { // from class: com.itextpdf.signatures.validation.q
            @Override // java.util.function.Consumer
            public final void accept(Object obj) {
                SignatureValidationProperties.lambda$setContinueAfterFailure$3(z2, (SignatureValidationProperties.ContextProperties) obj);
            }
        });
        return this;
    }

    public final SignatureValidationProperties setFreshness(ValidatorContexts validatorContexts, CertificateSources certificateSources, TimeBasedContexts timeBasedContexts, Duration duration) {
        setParameterValueFor(validatorContexts.getSet(), certificateSources.getSet(), timeBasedContexts.getSet(), new p(duration, 2));
        return this;
    }

    public final void setParameterValueFor(EnumSet<ValidatorContext> enumSet, EnumSet<CertificateSource> enumSet2, EnumSet<TimeBasedContext> enumSet3, Consumer<ContextProperties> consumer) {
        Iterator<E> it = enumSet.iterator();
        while (it.hasNext()) {
            ValidatorContext validatorContext = (ValidatorContext) it.next();
            Iterator<E> it2 = enumSet2.iterator();
            while (it2.hasNext()) {
                CertificateSource certificateSource = (CertificateSource) it2.next();
                Iterator<E> it3 = enumSet3.iterator();
                while (it3.hasNext()) {
                    consumer.accept(this.properties.computeIfAbsent(new ValidationContext(validatorContext, certificateSource, (TimeBasedContext) it3.next()), new o(6)));
                }
            }
        }
    }

    public final SignatureValidationProperties setRequiredExtensions(CertificateSources certificateSources, List<CertificateExtension> list) {
        setParameterValueFor(ValidatorContexts.all().getSet(), certificateSources.getSet(), TimeBasedContexts.all().getSet(), new p(Collections.unmodifiableList(new ArrayList(list)), 1));
        return this;
    }

    public final SignatureValidationProperties setRevocationOnlineFetching(ValidatorContexts validatorContexts, CertificateSources certificateSources, TimeBasedContexts timeBasedContexts, OnlineFetching onlineFetching) {
        setParameterValueFor(validatorContexts.getSet(), certificateSources.getSet(), timeBasedContexts.getSet(), new p(onlineFetching, 0));
        return this;
    }
}
