package org.bouncycastle.jcajce.provider.asymmetric.x509;

import defpackage.b0;
import defpackage.d62;
import defpackage.f0;
import defpackage.fv2;
import defpackage.g0;
import defpackage.gv2;
import defpackage.j;
import defpackage.km0;
import defpackage.l0;
import defpackage.lh3;
import defpackage.m0;
import defpackage.m45;
import defpackage.no1;
import defpackage.o0;
import defpackage.p81;
import defpackage.p9;
import defpackage.po;
import defpackage.pt;
import defpackage.pt4;
import defpackage.r0;
import defpackage.u0;
import defpackage.ul4;
import defpackage.vc3;
import defpackage.w35;
import defpackage.x;
import defpackage.xs;
import defpackage.y81;
import defpackage.yq2;
import defpackage.z30;
import java.io.BufferedOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.jcajce.CompositePublicKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.a;

/* loaded from: classes4.dex */
abstract class X509CertificateImpl extends X509Certificate implements po {
    protected xs basicConstraints;
    protected d62 bcHelper;
    protected z30 c;
    protected boolean[] keyUsage;
    protected String sigAlgName;
    protected byte[] sigAlgParams;

    public X509CertificateImpl(d62 d62Var, z30 z30Var, xs xsVar, boolean[] zArr, String str, byte[] bArr) {
        this.bcHelper = d62Var;
        this.c = z30Var;
        this.basicConstraints = xsVar;
        this.keyUsage = zArr;
        this.sigAlgName = str;
        this.sigAlgParams = bArr;
    }

    private void checkSignature(PublicKey publicKey, Signature signature, b0 b0Var, byte[] bArr) throws CertificateException, InvalidKeyException, NoSuchAlgorithmException, SignatureException {
        z30 z30Var = this.c;
        if (!X509SignatureUtil.areEquivalentAlgorithms(z30Var.d, z30Var.c.e)) {
            throw new CertificateException("signature algorithm in TBS cert not same as outer cert");
        }
        X509SignatureUtil.setSignatureParameters(signature, b0Var);
        signature.initVerify(publicKey);
        try {
            pt ptVar = new pt(5);
            ptVar.c = signature;
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(ptVar, 512);
            this.c.c.e().k(bufferedOutputStream, "DER");
            bufferedOutputStream.close();
            if (!signature.verify(bArr)) {
                throw new SignatureException("certificate does not verify with supplied key");
            }
        } catch (IOException e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    private void doVerify(PublicKey publicKey, SignatureCreator signatureCreator) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchProviderException {
        boolean z = publicKey instanceof CompositePublicKey;
        int i = 0;
        if (z && X509SignatureUtil.isCompositeAlgorithm(this.c.d)) {
            List<PublicKey> publicKeys = ((CompositePublicKey) publicKey).getPublicKeys();
            r0 u = r0.u(this.c.d.c);
            r0 u2 = r0.u(this.c.e.u());
            boolean z2 = false;
            while (i != publicKeys.size()) {
                if (publicKeys.get(i) != null) {
                    p9 h = p9.h(u.v(i));
                    try {
                        checkSignature(publicKeys.get(i), signatureCreator.createSignature(X509SignatureUtil.getSignatureName(h)), h.c, x.t(u2.v(i)).u());
                        e = null;
                        z2 = true;
                    } catch (SignatureException e) {
                        e = e;
                    }
                    if (e != null) {
                        throw e;
                    }
                }
                i++;
            }
            if (!z2) {
                throw new InvalidKeyException("no matching key found");
            }
            return;
        }
        if (!X509SignatureUtil.isCompositeAlgorithm(this.c.d)) {
            Signature createSignature = signatureCreator.createSignature(getSigAlgName());
            if (z) {
                CompositePublicKey compositePublicKey = (CompositePublicKey) publicKey;
                if (yq2.v.n(compositePublicKey.getAlgorithmIdentifier())) {
                    List<PublicKey> publicKeys2 = compositePublicKey.getPublicKeys();
                    while (i != publicKeys2.size()) {
                        try {
                            checkSignature(publicKeys2.get(i), createSignature, this.c.d.c, getSignature());
                            return;
                        } catch (InvalidKeyException unused) {
                            i++;
                        }
                    }
                    throw new InvalidKeyException("no matching signature found");
                }
            }
            checkSignature(publicKey, createSignature, this.c.d.c, getSignature());
            return;
        }
        r0 u3 = r0.u(this.c.d.c);
        r0 u4 = r0.u(this.c.e.u());
        boolean z3 = false;
        while (i != u4.size()) {
            p9 h2 = p9.h(u3.v(i));
            try {
                checkSignature(publicKey, signatureCreator.createSignature(X509SignatureUtil.getSignatureName(h2)), h2.c, x.t(u4.v(i)).u());
                e = null;
                z3 = true;
            } catch (InvalidKeyException | NoSuchAlgorithmException unused2) {
                e = null;
            } catch (SignatureException e2) {
                e = e2;
            }
            if (e != null) {
                throw e;
            }
            i++;
        }
        if (!z3) {
            throw new InvalidKeyException("no matching key found");
        }
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:8:0x0033. Please report as an issue. */
    private static Collection getAlternativeNames(z30 z30Var, l0 l0Var) throws CertificateParsingException {
        Object encoded;
        byte[] extensionOctets = getExtensionOctets(z30Var, l0Var);
        if (extensionOctets == null) {
            return null;
        }
        try {
            ArrayList arrayList = new ArrayList();
            Enumeration w = r0.u(extensionOctets).w();
            while (w.hasMoreElements()) {
                no1 h = no1.h(w.nextElement());
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add(Integer.valueOf(h.c));
                switch (h.c) {
                    case 0:
                    case 3:
                    case 5:
                        encoded = h.getEncoded();
                        arrayList2.add(encoded);
                        arrayList.add(Collections.unmodifiableList(arrayList2));
                    case 1:
                    case 2:
                    case 6:
                        encoded = ((u0) h.a).getString();
                        arrayList2.add(encoded);
                        arrayList.add(Collections.unmodifiableList(arrayList2));
                    case 4:
                        w35 h2 = w35.h(lh3.l, h.a);
                        encoded = h2.d.a(h2);
                        arrayList2.add(encoded);
                        arrayList.add(Collections.unmodifiableList(arrayList2));
                    case 7:
                        try {
                            encoded = InetAddress.getByAddress(m0.r(h.a).a).getHostAddress();
                            arrayList2.add(encoded);
                            arrayList.add(Collections.unmodifiableList(arrayList2));
                        } catch (UnknownHostException unused) {
                        }
                    case 8:
                        encoded = l0.v(h.a).u();
                        arrayList2.add(encoded);
                        arrayList.add(Collections.unmodifiableList(arrayList2));
                    default:
                        throw new IOException("Bad tag number: " + h.c);
                }
            }
            if (arrayList.size() == 0) {
                return null;
            }
            return Collections.unmodifiableCollection(arrayList);
        } catch (Exception e) {
            throw new CertificateParsingException(e.getMessage());
        }
    }

    public static byte[] getExtensionOctets(z30 z30Var, l0 l0Var) {
        m0 j = y81.j(z30Var.c.p, l0Var);
        if (j == null) {
            return null;
        }
        return j.a;
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
        checkValidity(new Date());
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
        if (date.getTime() > getNotAfter().getTime()) {
            throw new CertificateExpiredException("certificate expired on " + this.c.h().j());
        }
        if (date.getTime() >= getNotBefore().getTime()) {
            return;
        }
        throw new CertificateNotYetValidException("certificate not valid till " + this.c.j().j());
    }

    @Override // java.security.cert.X509Certificate
    public int getBasicConstraints() {
        xs xsVar = this.basicConstraints;
        if (xsVar == null || !xsVar.i()) {
            return -1;
        }
        g0 g0Var = this.basicConstraints.c;
        if (g0Var == null) {
            return Integer.MAX_VALUE;
        }
        return g0Var.w();
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        if (getVersion() != 3) {
            return null;
        }
        HashSet hashSet = new HashSet();
        y81 y81Var = this.c.c.p;
        if (y81Var == null) {
            return null;
        }
        Enumeration elements = y81Var.c.elements();
        while (elements.hasMoreElements()) {
            l0 l0Var = (l0) elements.nextElement();
            if (y81Var.h(l0Var).c) {
                hashSet.add(l0Var.u());
            }
        }
        return hashSet;
    }

    @Override // java.security.cert.X509Certificate
    public List getExtendedKeyUsage() throws CertificateParsingException {
        byte[] extensionOctets = getExtensionOctets(this.c, p81.y);
        if (extensionOctets == null) {
            return null;
        }
        try {
            r0 u = r0.u(extensionOctets);
            ArrayList arrayList = new ArrayList();
            for (int i = 0; i != u.size(); i++) {
                arrayList.add(((l0) u.v(i)).u());
            }
            return Collections.unmodifiableList(arrayList);
        } catch (Exception unused) {
            throw new CertificateParsingException("error processing extended key usage extension");
        }
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        return X509SignatureUtil.getExtensionValue(this.c.c.p, str);
    }

    @Override // java.security.cert.X509Certificate
    public Collection getIssuerAlternativeNames() throws CertificateParsingException {
        return getAlternativeNames(this.c, p81.g);
    }

    @Override // java.security.cert.X509Certificate
    public Principal getIssuerDN() {
        return new m45(this.c.c.f);
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getIssuerUniqueID() {
        x xVar = this.c.c.k;
        if (xVar == null) {
            return null;
        }
        byte[] s = xVar.s();
        int length = (s.length * 8) - xVar.c();
        boolean[] zArr = new boolean[length];
        for (int i = 0; i != length; i++) {
            zArr[i] = (s[i / 8] & (128 >>> (i % 8))) != 0;
        }
        return zArr;
    }

    @Override // defpackage.po
    public w35 getIssuerX500Name() {
        return this.c.c.f;
    }

    @Override // java.security.cert.X509Certificate
    public X500Principal getIssuerX500Principal() {
        try {
            return new X500Principal(this.c.c.f.g());
        } catch (IOException unused) {
            throw new IllegalStateException("can't encode issuer DN");
        }
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getKeyUsage() {
        boolean[] zArr = this.keyUsage;
        if (zArr == null) {
            return null;
        }
        return (boolean[]) zArr.clone();
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        if (getVersion() != 3) {
            return null;
        }
        HashSet hashSet = new HashSet();
        y81 y81Var = this.c.c.p;
        if (y81Var == null) {
            return null;
        }
        Enumeration elements = y81Var.c.elements();
        while (elements.hasMoreElements()) {
            l0 l0Var = (l0) elements.nextElement();
            if (!y81Var.h(l0Var).c) {
                hashSet.add(l0Var.u());
            }
        }
        return hashSet;
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotAfter() {
        return this.c.h().h();
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotBefore() {
        return this.c.j().h();
    }

    @Override // java.security.cert.Certificate
    public PublicKey getPublicKey() {
        try {
            return BouncyCastleProvider.getPublicKey(this.c.c.j);
        } catch (IOException e) {
            throw new IllegalStateException(j.f(e, new StringBuilder("failed to recover public key: ")), e);
        }
    }

    @Override // java.security.cert.X509Certificate
    public BigInteger getSerialNumber() {
        return this.c.c.d.t();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgName() {
        return this.sigAlgName;
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgOID() {
        return this.c.d.a.u();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSigAlgParams() {
        return vc3.l(this.sigAlgParams);
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSignature() {
        return this.c.e.u();
    }

    @Override // java.security.cert.X509Certificate
    public Collection getSubjectAlternativeNames() throws CertificateParsingException {
        return getAlternativeNames(this.c, p81.f);
    }

    @Override // java.security.cert.X509Certificate
    public Principal getSubjectDN() {
        return new m45(this.c.c.i);
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getSubjectUniqueID() {
        x xVar = this.c.c.o;
        if (xVar == null) {
            return null;
        }
        byte[] s = xVar.s();
        int length = (s.length * 8) - xVar.c();
        boolean[] zArr = new boolean[length];
        for (int i = 0; i != length; i++) {
            zArr[i] = (s[i / 8] & (128 >>> (i % 8))) != 0;
        }
        return zArr;
    }

    @Override // defpackage.po
    public w35 getSubjectX500Name() {
        return this.c.c.i;
    }

    @Override // java.security.cert.X509Certificate
    public X500Principal getSubjectX500Principal() {
        try {
            return new X500Principal(this.c.c.i.g());
        } catch (IOException unused) {
            throw new IllegalStateException("can't encode subject DN");
        }
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getTBSCertificate() throws CertificateEncodingException {
        try {
            return this.c.c.g();
        } catch (IOException e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    @Override // defpackage.po
    public ul4 getTBSCertificateNative() {
        return this.c.c;
    }

    @Override // java.security.cert.X509Certificate
    public int getVersion() {
        return this.c.c.c.y() + 1;
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        y81 y81Var;
        if (getVersion() != 3 || (y81Var = this.c.c.p) == null) {
            return false;
        }
        Enumeration elements = y81Var.c.elements();
        while (elements.hasMoreElements()) {
            l0 l0Var = (l0) elements.nextElement();
            if (!p81.e.n(l0Var) && !p81.u.n(l0Var) && !p81.v.n(l0Var) && !p81.A.n(l0Var) && !p81.s.n(l0Var) && !p81.p.n(l0Var) && !p81.o.n(l0Var) && !p81.x.n(l0Var) && !p81.i.n(l0Var) && !p81.f.n(l0Var) && !p81.r.n(l0Var) && y81Var.h(l0Var).c) {
                return true;
            }
        }
        return false;
    }

    /* JADX WARN: Type inference failed for: r7v11, types: [db2, java.lang.Object] */
    @Override // java.security.cert.Certificate
    public String toString() {
        Object gv2Var;
        Object obj;
        StringBuffer stringBuffer = new StringBuffer();
        String str = a.a;
        stringBuffer.append("  [0]         Version: ");
        stringBuffer.append(getVersion());
        stringBuffer.append(str);
        stringBuffer.append("         SerialNumber: ");
        stringBuffer.append(getSerialNumber());
        stringBuffer.append(str);
        stringBuffer.append("             IssuerDN: ");
        stringBuffer.append(getIssuerDN());
        stringBuffer.append(str);
        stringBuffer.append("           Start Date: ");
        stringBuffer.append(getNotBefore());
        stringBuffer.append(str);
        stringBuffer.append("           Final Date: ");
        stringBuffer.append(getNotAfter());
        stringBuffer.append(str);
        stringBuffer.append("            SubjectDN: ");
        stringBuffer.append(getSubjectDN());
        stringBuffer.append(str);
        stringBuffer.append("           Public Key: ");
        stringBuffer.append(getPublicKey());
        stringBuffer.append(str);
        stringBuffer.append("  Signature Algorithm: ");
        stringBuffer.append(getSigAlgName());
        stringBuffer.append(str);
        X509SignatureUtil.prettyPrintSignature(getSignature(), stringBuffer, str);
        y81 y81Var = this.c.c.p;
        if (y81Var != null) {
            Enumeration elements = y81Var.c.elements();
            if (elements.hasMoreElements()) {
                stringBuffer.append("       Extensions: \n");
            }
            while (elements.hasMoreElements()) {
                l0 l0Var = (l0) elements.nextElement();
                p81 h = y81Var.h(l0Var);
                m0 m0Var = h.d;
                if (m0Var != null) {
                    f0 f0Var = new f0(m0Var.a);
                    stringBuffer.append("                       critical(");
                    stringBuffer.append(h.c);
                    stringBuffer.append(") ");
                    try {
                    } catch (Exception unused) {
                        stringBuffer.append(l0Var.u());
                        stringBuffer.append(" value = ");
                        stringBuffer.append("*****");
                    }
                    if (l0Var.n(p81.i)) {
                        gv2Var = xs.h(f0Var.r());
                    } else {
                        if (l0Var.n(p81.e)) {
                            o0 r = f0Var.r();
                            if (r != null) {
                                x t = x.t(r);
                                ?? obj2 = new Object();
                                obj2.a = t;
                                obj = obj2;
                            } else {
                                obj = null;
                            }
                            stringBuffer.append(obj);
                        } else if (l0Var.n(yq2.a)) {
                            gv2Var = new fv2(x.t(f0Var.r()));
                        } else if (l0Var.n(yq2.b)) {
                            gv2Var = new gv2(km0.r(f0Var.r()), 0);
                        } else if (l0Var.n(yq2.c)) {
                            gv2Var = new gv2(km0.r(f0Var.r()), 1);
                        } else {
                            stringBuffer.append(l0Var.u());
                            stringBuffer.append(" value = ");
                            stringBuffer.append(pt4.r(f0Var.r()));
                        }
                        stringBuffer.append(str);
                    }
                    stringBuffer.append(gv2Var);
                    stringBuffer.append(str);
                }
                stringBuffer.append(str);
            }
        }
        return stringBuffer.toString();
    }

    @Override // java.security.cert.Certificate
    public final void verify(PublicKey publicKey) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        doVerify(publicKey, new SignatureCreator() { // from class: org.bouncycastle.jcajce.provider.asymmetric.x509.X509CertificateImpl.1
            @Override // org.bouncycastle.jcajce.provider.asymmetric.x509.SignatureCreator
            public Signature createSignature(String str) throws NoSuchAlgorithmException {
                try {
                    return X509CertificateImpl.this.bcHelper.createSignature(str);
                } catch (Exception unused) {
                    return Signature.getInstance(str);
                }
            }
        });
    }

    @Override // java.security.cert.Certificate
    public final void verify(PublicKey publicKey, final String str) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        doVerify(publicKey, new SignatureCreator() { // from class: org.bouncycastle.jcajce.provider.asymmetric.x509.X509CertificateImpl.2
            @Override // org.bouncycastle.jcajce.provider.asymmetric.x509.SignatureCreator
            public Signature createSignature(String str2) throws NoSuchAlgorithmException, NoSuchProviderException {
                String str3 = str;
                return str3 != null ? Signature.getInstance(str2, str3) : Signature.getInstance(str2);
            }
        });
    }

    @Override // java.security.cert.X509Certificate, java.security.cert.Certificate
    public final void verify(PublicKey publicKey, final Provider provider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        try {
            doVerify(publicKey, new SignatureCreator() { // from class: org.bouncycastle.jcajce.provider.asymmetric.x509.X509CertificateImpl.3
                @Override // org.bouncycastle.jcajce.provider.asymmetric.x509.SignatureCreator
                public Signature createSignature(String str) throws NoSuchAlgorithmException {
                    Provider provider2 = provider;
                    return provider2 != null ? Signature.getInstance(str, provider2) : Signature.getInstance(str);
                }
            });
        } catch (NoSuchProviderException e) {
            throw new NoSuchAlgorithmException("provider issue: " + e.getMessage());
        }
    }
}
