package c.b.c.k1.b7;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.CRL;
import java.security.cert.Certificate;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes.dex */
public class w extends e0 {

    /* renamed from: f, reason: collision with root package name */
    public static final c.b.c.j1.e f4118f = c.b.c.j1.f.a((Class<?>) w.class);

    /* renamed from: g, reason: collision with root package name */
    public static final String f4119g = "1.3.6.1.5.5.7.3.9";

    /* renamed from: e, reason: collision with root package name */
    public List<m.f.c.r.a> f4120e;

    public w(f fVar, List<m.f.c.r.a> list) {
        super(fVar);
        this.f4120e = list;
    }

    @Override // c.b.c.k1.b7.e0, c.b.c.k1.b7.f
    public List<n0> a(X509Certificate x509Certificate, X509Certificate x509Certificate2, Date date) throws GeneralSecurityException, IOException {
        int i2;
        ArrayList arrayList = new ArrayList();
        List<m.f.c.r.a> list = this.f4120e;
        boolean z = false;
        if (list != null) {
            Iterator<m.f.c.r.a> it = list.iterator();
            i2 = 0;
            while (it.hasNext()) {
                if (a(it.next(), x509Certificate, x509Certificate2, date)) {
                    i2++;
                }
            }
        } else {
            i2 = 0;
        }
        if (this.f4018b && i2 == 0 && a(a(x509Certificate, x509Certificate2), x509Certificate, x509Certificate2, date)) {
            i2++;
            z = true;
        }
        f4118f.d("Valid OCSPs found: " + i2);
        if (i2 > 0) {
            StringBuilder sb = new StringBuilder();
            sb.append("Valid OCSPs Found: ");
            sb.append(i2);
            sb.append(z ? " (online)" : "");
            arrayList.add(new n0(x509Certificate, w.class, sb.toString()));
        }
        f fVar = this.f4017a;
        if (fVar != null) {
            arrayList.addAll(fVar.a(x509Certificate, x509Certificate2, date));
        }
        return arrayList;
    }

    public m.f.c.r.a a(X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        m.f.c.r.a b2;
        if ((x509Certificate == null && x509Certificate2 == null) || (b2 = new y().b(x509Certificate, x509Certificate2, null)) == null) {
            return null;
        }
        for (m.f.c.r.o oVar : b2.h()) {
            if (oVar.b() == m.f.c.r.d.f21637a) {
                return b2;
            }
        }
        return null;
    }

    public void a(m.f.c.r.a aVar, X509Certificate x509Certificate) throws GeneralSecurityException, IOException {
        CRL crl;
        X509Certificate x509Certificate2 = a(aVar, (Certificate) x509Certificate) ? x509Certificate : null;
        if (x509Certificate2 == null) {
            if (aVar.a() != null) {
                m.f.c.i[] a2 = aVar.a();
                int length = a2.length;
                int i2 = 0;
                while (true) {
                    if (i2 >= length) {
                        break;
                    }
                    try {
                        X509Certificate a3 = new m.f.c.q.k().a(a2[i2]);
                        List<String> extendedKeyUsage = a3.getExtendedKeyUsage();
                        if (extendedKeyUsage != null && extendedKeyUsage.contains(f4119g) && a(aVar, (Certificate) a3)) {
                            x509Certificate2 = a3;
                            break;
                        }
                    } catch (CertificateParsingException | Exception unused) {
                    }
                    i2++;
                }
                if (x509Certificate2 == null) {
                    throw new m0(x509Certificate, "OCSP response could not be verified");
                }
            } else {
                KeyStore keyStore = this.f4016c;
                if (keyStore != null) {
                    try {
                        Enumeration<String> aliases = keyStore.aliases();
                        while (true) {
                            if (!aliases.hasMoreElements()) {
                                break;
                            }
                            String nextElement = aliases.nextElement();
                            try {
                                if (this.f4016c.isCertificateEntry(nextElement)) {
                                    X509Certificate x509Certificate3 = (X509Certificate) this.f4016c.getCertificate(nextElement);
                                    if (a(aVar, (Certificate) x509Certificate3)) {
                                        x509Certificate2 = x509Certificate3;
                                        break;
                                    }
                                }
                            } catch (GeneralSecurityException unused2) {
                            }
                        }
                    } catch (KeyStoreException unused3) {
                        x509Certificate2 = null;
                    }
                }
                if (x509Certificate2 == null) {
                    throw new m0(x509Certificate, "OCSP response could not be verified");
                }
            }
        }
        x509Certificate2.verify(x509Certificate.getPublicKey());
        if (x509Certificate2.getExtensionValue(m.f.b.g3.e.f20249g.m()) == null) {
            try {
                crl = d.a(x509Certificate2);
            } catch (Exception unused4) {
                crl = null;
            }
            if (crl != null && (crl instanceof X509CRL)) {
                b bVar = new b(null, null);
                bVar.a(this.f4016c);
                bVar.a(this.f4018b);
                bVar.a((X509CRL) crl, x509Certificate2, x509Certificate, new Date());
                return;
            }
        }
        x509Certificate2.checkValidity();
    }

    public boolean a(m.f.c.r.a aVar, Certificate certificate) {
        try {
            return aVar.a(new m.f.n.e0.b().a("BC").a(certificate.getPublicKey()));
        } catch (m.f.c.r.e | m.f.n.t unused) {
            return false;
        }
    }

    public boolean a(m.f.c.r.a aVar, X509Certificate x509Certificate, X509Certificate x509Certificate2, Date date) throws GeneralSecurityException, IOException {
        if (aVar == null) {
            return false;
        }
        m.f.c.r.o[] h2 = aVar.h();
        X509Certificate x509Certificate3 = x509Certificate2;
        for (int i2 = 0; i2 < h2.length; i2++) {
            if (x509Certificate.getSerialNumber().equals(h2[i2].a().d())) {
                if (x509Certificate3 == null) {
                    x509Certificate3 = x509Certificate;
                }
                try {
                    if (h2[i2].a().a(new m.f.c.i(x509Certificate3.getEncoded()), new m.f.n.d0.d())) {
                        Date e2 = h2[i2].e();
                        if (e2 == null) {
                            e2 = new Date(h2[i2].g().getTime() + 180000);
                            f4118f.d(String.format("No 'next update' for OCSP Response; assuming %s", e2));
                        }
                        if (date.after(e2)) {
                            f4118f.d(String.format("OCSP no longer valid: %s after %s", date, e2));
                        } else if (h2[i2].b() == m.f.c.r.d.f21637a) {
                            a(aVar, x509Certificate3);
                            return true;
                        }
                    } else {
                        f4118f.d("OCSP: Issuers doesn't match.");
                    }
                } catch (m.f.c.r.e unused) {
                    continue;
                }
            }
        }
        return false;
    }

    @Deprecated
    public boolean b(m.f.c.r.a aVar, X509Certificate x509Certificate) {
        try {
            a(aVar, x509Certificate);
            return true;
        } catch (Exception unused) {
            return false;
        }
    }
}
