package org.bouncycastle.jcajce.provider.asymmetric.x509;

import com.webauthn4j.data.attestation.statement.TPMAObject;
import g.a.e1;
import java.io.BufferedOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.Principal;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import l.b.a.a0;
import l.b.a.d3.h;
import l.b.a.d3.l;
import l.b.a.d3.m0;
import l.b.a.d3.s;
import l.b.a.d3.t;
import l.b.a.e;
import l.b.a.k;
import l.b.a.o;
import l.b.a.p;
import l.b.a.q0;
import l.b.a.s2.d;
import l.b.a.s2.g;
import l.b.a.u;
import l.b.a.w0;
import l.b.a.x0;
import l.b.c.p.a;
import l.b.c.s.c;
import l.b.g.m.f;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes.dex */
public abstract class X509CertificateImpl extends X509Certificate implements a {
    public h basicConstraints;
    public c bcHelper;
    public l c;
    public boolean[] keyUsage;
    public String sigAlgName;
    public byte[] sigAlgParams;

    public X509CertificateImpl(c cVar, l lVar, h hVar, boolean[] zArr, String str, byte[] bArr) {
        this.bcHelper = cVar;
        this.c = lVar;
        this.basicConstraints = hVar;
        this.keyUsage = zArr;
        this.sigAlgName = str;
        this.sigAlgParams = bArr;
    }

    private void checkSignature(PublicKey publicKey, Signature signature) {
        l lVar = this.c;
        if (!isAlgIdEqual(lVar.e, lVar.d.n)) {
            throw new CertificateException("signature algorithm in TBS cert not same as outer cert");
        }
        X509SignatureUtil.setSignatureParameters(signature, this.c.e.d);
        signature.initVerify(publicKey);
        try {
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new l.b.c.q.c(signature), BaseBlockCipher.BUF_SIZE);
            this.c.d.f(bufferedOutputStream, "DER");
            bufferedOutputStream.close();
            if (!signature.verify(getSignature())) {
                throw new SignatureException("certificate does not verify with supplied key");
            }
        } catch (IOException e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:10:0x0033. Please report as an issue. */
    public static Collection getAlternativeNames(l lVar, String str) {
        String d;
        byte[] extensionOctets = getExtensionOctets(lVar, str);
        if (extensionOctets == null) {
            return null;
        }
        try {
            ArrayList arrayList = new ArrayList();
            Enumeration t = u.q(extensionOctets).t();
            while (t.hasMoreElements()) {
                l.b.a.d3.u i2 = l.b.a.d3.u.i(t.nextElement());
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add(Integer.valueOf(i2.d));
                switch (i2.d) {
                    case 0:
                    case 3:
                    case 5:
                        arrayList2.add(i2.getEncoded());
                        arrayList.add(Collections.unmodifiableList(arrayList2));
                    case 1:
                    case 2:
                    case 6:
                        d = ((a0) i2.c).d();
                        arrayList2.add(d);
                        arrayList.add(Collections.unmodifiableList(arrayList2));
                    case 4:
                        d = l.b.a.c3.c.j(l.b.a.c3.e.c.V, i2.c).toString();
                        arrayList2.add(d);
                        arrayList.add(Collections.unmodifiableList(arrayList2));
                    case 7:
                        try {
                            d = InetAddress.getByAddress(p.q(i2.c).c).getHostAddress();
                            arrayList2.add(d);
                            arrayList.add(Collections.unmodifiableList(arrayList2));
                        } catch (UnknownHostException unused) {
                        }
                    case 8:
                        d = o.t(i2.c).c;
                        arrayList2.add(d);
                        arrayList.add(Collections.unmodifiableList(arrayList2));
                    default:
                        throw new IOException("Bad tag number: " + i2.d);
                }
            }
            if (arrayList.size() == 0) {
                return null;
            }
            return Collections.unmodifiableCollection(arrayList);
        } catch (Exception e) {
            throw new CertificateParsingException(e.getMessage());
        }
    }

    public static byte[] getExtensionOctets(l lVar, String str) {
        p extensionValue = getExtensionValue(lVar, str);
        if (extensionValue != null) {
            return extensionValue.c;
        }
        return null;
    }

    public static p getExtensionValue(l lVar, String str) {
        t tVar = lVar.d.a2;
        if (tVar == null) {
            return null;
        }
        s sVar = (s) tVar.c.get(new o(str));
        if (sVar != null) {
            return sVar.e;
        }
        return null;
    }

    private boolean isAlgIdEqual(l.b.a.d3.a aVar, l.b.a.d3.a aVar2) {
        if (!aVar.c.l(aVar2.c)) {
            return false;
        }
        e eVar = aVar.d;
        if (eVar == null) {
            e eVar2 = aVar2.d;
            return eVar2 == null || eVar2.equals(x0.c);
        }
        e eVar3 = aVar2.d;
        return eVar3 == null ? eVar == null || eVar.equals(x0.c) : eVar.equals(eVar3);
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity() {
        checkValidity(new Date());
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity(Date date) {
        if (date.getTime() > getNotAfter().getTime()) {
            StringBuilder w = i.a.a.a.a.w("certificate expired on ");
            w.append(this.c.d.x.j());
            throw new CertificateExpiredException(w.toString());
        }
        if (date.getTime() >= getNotBefore().getTime()) {
            return;
        }
        StringBuilder w2 = i.a.a.a.a.w("certificate not valid till ");
        w2.append(this.c.d.q.j());
        throw new CertificateNotYetValidException(w2.toString());
    }

    @Override // java.security.cert.X509Certificate
    public int getBasicConstraints() {
        h hVar = this.basicConstraints;
        if (hVar == null || !hVar.j()) {
            return -1;
        }
        if (this.basicConstraints.i() == null) {
            return Integer.MAX_VALUE;
        }
        return this.basicConstraints.i().intValue();
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        if (getVersion() != 3) {
            return null;
        }
        HashSet hashSet = new HashSet();
        t tVar = this.c.d.a2;
        if (tVar == null) {
            return null;
        }
        Enumeration j2 = tVar.j();
        while (j2.hasMoreElements()) {
            o oVar = (o) j2.nextElement();
            if (tVar.h(oVar).d) {
                hashSet.add(oVar.c);
            }
        }
        return hashSet;
    }

    @Override // java.security.cert.Certificate
    public byte[] getEncoded() {
        try {
            return this.c.g("DER");
        } catch (IOException e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public List getExtendedKeyUsage() {
        byte[] extensionOctets = getExtensionOctets(this.c, "2.5.29.37");
        if (extensionOctets == null) {
            return null;
        }
        try {
            u q = u.q(l.b.a.t.m(extensionOctets));
            ArrayList arrayList = new ArrayList();
            for (int i2 = 0; i2 != q.size(); i2++) {
                arrayList.add(((o) q.s(i2)).c);
            }
            return Collections.unmodifiableList(arrayList);
        } catch (Exception unused) {
            throw new CertificateParsingException("error processing extended key usage extension");
        }
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        p extensionValue = getExtensionValue(this.c, str);
        if (extensionValue == null) {
            return null;
        }
        try {
            return extensionValue.getEncoded();
        } catch (Exception e) {
            throw new IllegalStateException(i.a.a.a.a.h(e, i.a.a.a.a.w("error parsing ")));
        }
    }

    @Override // java.security.cert.X509Certificate
    public Collection getIssuerAlternativeNames() {
        return getAlternativeNames(this.c, s.q.c);
    }

    @Override // java.security.cert.X509Certificate
    public Principal getIssuerDN() {
        return new l.b.d.c(this.c.d.p);
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getIssuerUniqueID() {
        q0 q0Var = this.c.d.Y1;
        if (q0Var == null) {
            return null;
        }
        byte[] q = q0Var.q();
        int length = (q.length * 8) - q0Var.d;
        boolean[] zArr = new boolean[length];
        for (int i2 = 0; i2 != length; i2++) {
            zArr[i2] = (q[i2 / 8] & (TPMAObject.ADMIN_WITH_POLICY_BIT >>> (i2 % 8))) != 0;
        }
        return zArr;
    }

    @Override // l.b.c.p.a
    public l.b.a.c3.c getIssuerX500Name() {
        return this.c.d.p;
    }

    @Override // java.security.cert.X509Certificate
    public X500Principal getIssuerX500Principal() {
        try {
            return new X500Principal(this.c.d.p.g("DER"));
        } catch (IOException unused) {
            throw new IllegalStateException("can't encode issuer DN");
        }
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getKeyUsage() {
        boolean[] zArr = this.keyUsage;
        if (zArr == null) {
            return null;
        }
        return (boolean[]) zArr.clone();
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        if (getVersion() != 3) {
            return null;
        }
        HashSet hashSet = new HashSet();
        t tVar = this.c.d.a2;
        if (tVar == null) {
            return null;
        }
        Enumeration j2 = tVar.j();
        while (j2.hasMoreElements()) {
            o oVar = (o) j2.nextElement();
            if (!tVar.h(oVar).d) {
                hashSet.add(oVar.c);
            }
        }
        return hashSet;
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotAfter() {
        return this.c.d.x.h();
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotBefore() {
        return this.c.d.q.h();
    }

    @Override // java.security.cert.Certificate
    public PublicKey getPublicKey() {
        try {
            return BouncyCastleProvider.getPublicKey(this.c.d.X1);
        } catch (IOException unused) {
            return null;
        }
    }

    @Override // java.security.cert.X509Certificate
    public BigInteger getSerialNumber() {
        return this.c.d.e.t();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgName() {
        return this.sigAlgName;
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgOID() {
        return this.c.e.c.c;
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSigAlgParams() {
        return l.b.e.d.a.q(this.sigAlgParams);
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSignature() {
        return this.c.n.r();
    }

    @Override // java.security.cert.X509Certificate
    public Collection getSubjectAlternativeNames() {
        return getAlternativeNames(this.c, s.p.c);
    }

    @Override // java.security.cert.X509Certificate
    public Principal getSubjectDN() {
        return new l.b.d.c(this.c.d.y);
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getSubjectUniqueID() {
        q0 q0Var = this.c.d.Z1;
        if (q0Var == null) {
            return null;
        }
        byte[] q = q0Var.q();
        int length = (q.length * 8) - q0Var.d;
        boolean[] zArr = new boolean[length];
        for (int i2 = 0; i2 != length; i2++) {
            zArr[i2] = (q[i2 / 8] & (TPMAObject.ADMIN_WITH_POLICY_BIT >>> (i2 % 8))) != 0;
        }
        return zArr;
    }

    @Override // l.b.c.p.a
    public l.b.a.c3.c getSubjectX500Name() {
        return this.c.d.y;
    }

    @Override // java.security.cert.X509Certificate
    public X500Principal getSubjectX500Principal() {
        try {
            return new X500Principal(this.c.d.y.g("DER"));
        } catch (IOException unused) {
            throw new IllegalStateException("can't encode subject DN");
        }
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getTBSCertificate() {
        try {
            return this.c.d.g("DER");
        } catch (IOException e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    @Override // l.b.c.p.a
    public m0 getTBSCertificateNative() {
        return this.c.d;
    }

    @Override // java.security.cert.X509Certificate
    public int getVersion() {
        return this.c.d.d.x() + 1;
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        t tVar;
        if (getVersion() != 3 || (tVar = this.c.d.a2) == null) {
            return false;
        }
        Enumeration j2 = tVar.j();
        while (j2.hasMoreElements()) {
            o oVar = (o) j2.nextElement();
            if (!oVar.l(s.n) && !oVar.l(s.d2) && !oVar.l(s.e2) && !oVar.l(s.j2) && !oVar.l(s.c2) && !oVar.l(s.Z1) && !oVar.l(s.Y1) && !oVar.l(s.g2) && !oVar.l(s.x) && !oVar.l(s.p) && !oVar.l(s.b2) && ((s) tVar.c.get(oVar)).d) {
                return true;
            }
        }
        return false;
    }

    @Override // java.security.cert.Certificate
    public String toString() {
        Object gVar;
        StringBuffer stringBuffer = new StringBuffer();
        String str = l.b.g.l.a;
        stringBuffer.append("  [0]         Version: ");
        stringBuffer.append(getVersion());
        stringBuffer.append(str);
        stringBuffer.append("         SerialNumber: ");
        stringBuffer.append(getSerialNumber());
        stringBuffer.append(str);
        stringBuffer.append("             IssuerDN: ");
        stringBuffer.append(getIssuerDN());
        stringBuffer.append(str);
        stringBuffer.append("           Start Date: ");
        stringBuffer.append(getNotBefore());
        stringBuffer.append(str);
        stringBuffer.append("           Final Date: ");
        stringBuffer.append(getNotAfter());
        stringBuffer.append(str);
        stringBuffer.append("            SubjectDN: ");
        stringBuffer.append(getSubjectDN());
        stringBuffer.append(str);
        stringBuffer.append("           Public Key: ");
        stringBuffer.append(getPublicKey());
        stringBuffer.append(str);
        stringBuffer.append("  Signature Algorithm: ");
        stringBuffer.append(getSigAlgName());
        stringBuffer.append(str);
        byte[] signature = getSignature();
        stringBuffer.append("            Signature: ");
        stringBuffer.append(new String(f.e(signature, 0, 20)));
        stringBuffer.append(str);
        int i2 = 20;
        while (i2 < signature.length) {
            int length = signature.length - 20;
            stringBuffer.append("                       ");
            stringBuffer.append(i2 < length ? new String(f.e(signature, i2, 20)) : new String(f.e(signature, i2, signature.length - i2)));
            stringBuffer.append(str);
            i2 += 20;
        }
        t tVar = this.c.d.a2;
        if (tVar != null) {
            Enumeration j2 = tVar.j();
            if (j2.hasMoreElements()) {
                stringBuffer.append("       Extensions: \n");
            }
            while (j2.hasMoreElements()) {
                o oVar = (o) j2.nextElement();
                s h2 = tVar.h(oVar);
                p pVar = h2.e;
                if (pVar != null) {
                    k kVar = new k(pVar.c);
                    stringBuffer.append("                       critical(");
                    stringBuffer.append(h2.d);
                    stringBuffer.append(") ");
                    try {
                    } catch (Exception unused) {
                        stringBuffer.append(oVar.c);
                        stringBuffer.append(" value = ");
                        stringBuffer.append("*****");
                    }
                    if (oVar.l(s.x)) {
                        gVar = h.h(kVar.e());
                    } else if (oVar.l(s.n)) {
                        gVar = l.b.a.d3.a0.h(kVar.e());
                    } else if (oVar.l(l.b.a.s2.c.b)) {
                        gVar = new d(q0.s(kVar.e()));
                    } else if (oVar.l(l.b.a.s2.c.c)) {
                        gVar = new l.b.a.s2.e(w0.q(kVar.e()));
                    } else if (oVar.l(l.b.a.s2.c.e)) {
                        gVar = new g(w0.q(kVar.e()));
                    } else {
                        stringBuffer.append(oVar.c);
                        stringBuffer.append(" value = ");
                        stringBuffer.append(e1.E(kVar.e()));
                        stringBuffer.append(str);
                    }
                    stringBuffer.append(gVar);
                    stringBuffer.append(str);
                }
                stringBuffer.append(str);
            }
        }
        return stringBuffer.toString();
    }

    @Override // java.security.cert.Certificate
    public final void verify(PublicKey publicKey) {
        Signature signature;
        String signatureName = X509SignatureUtil.getSignatureName(this.c.e);
        try {
            signature = this.bcHelper.g(signatureName);
        } catch (Exception unused) {
            signature = Signature.getInstance(signatureName);
        }
        checkSignature(publicKey, signature);
    }

    @Override // java.security.cert.Certificate
    public final void verify(PublicKey publicKey, String str) {
        String signatureName = X509SignatureUtil.getSignatureName(this.c.e);
        checkSignature(publicKey, str != null ? Signature.getInstance(signatureName, str) : Signature.getInstance(signatureName));
    }

    @Override // java.security.cert.X509Certificate, java.security.cert.Certificate
    public final void verify(PublicKey publicKey, Provider provider) {
        String signatureName = X509SignatureUtil.getSignatureName(this.c.e);
        checkSignature(publicKey, provider != null ? Signature.getInstance(signatureName, provider) : Signature.getInstance(signatureName));
    }
}
