package net.netca.pki.encoding.asn1.pki;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Hashtable;
import java.util.LinkedList;
import javax.naming.NamingEnumeration;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import net.netca.pki.encoding.asn1.pki.cms.CertificateSet;
import net.netca.pki.encoding.asn1.pki.cms.SignedData;
import net.netca.pki.u;

/* loaded from: classes.dex */
public class X509CertificatePathBuilder {
    private int maxPathCount = 1;
    private ArrayList<X509Certificate> rootCertList = new ArrayList<>();
    private ArrayList<X509Certificate> caCertList = new ArrayList<>();
    private IHttp http = new SimpleHttp();

    private void addCACertOnline(X509Certificate x509Certificate, int i) {
        int i2;
        ArrayList<byte[]> dataFromLDAP;
        if (i <= 0) {
            return;
        }
        try {
            String[] cACertUrl = x509Certificate.getCACertUrl();
            int length = cACertUrl.length;
            int i3 = i;
            for (int i4 = 0; i4 < length; i4++) {
                String str = cACertUrl[i4];
                if (SimpleHttp.isHttp(str)) {
                    try {
                        byte[] data = this.http.getData(str);
                        try {
                            X509Certificate x509Certificate2 = new X509Certificate(data);
                            addCACert(x509Certificate2);
                            i3--;
                            addCACertOnline(x509Certificate2, i3);
                        } catch (u unused) {
                            CertificateSet certificates = new SignedData(data).getCertificates();
                            int size = certificates.size();
                            i2 = i3;
                            int i5 = 0;
                            while (true) {
                                if (i5 < size) {
                                    try {
                                        X509Certificate x509PublicKeyCert = certificates.get(i5).getX509PublicKeyCert();
                                        if (x509PublicKeyCert != null) {
                                            addCACert(x509PublicKeyCert);
                                            i2--;
                                            addCACertOnline(x509PublicKeyCert, i2);
                                        }
                                        i5++;
                                    } catch (IOException | u unused2) {
                                    }
                                }
                                i3 = i2;
                            }
                        }
                    } catch (IOException | u unused3) {
                    }
                } else {
                    if (isLdap(str) && (dataFromLDAP = getDataFromLDAP(str)) != null) {
                        int size2 = dataFromLDAP.size();
                        i2 = i3;
                        int i6 = 0;
                        while (i4 < size2) {
                            byte[] bArr = dataFromLDAP.get(i6);
                            try {
                                try {
                                    X509Certificate x509Certificate3 = new X509Certificate(bArr);
                                    addCACert(x509Certificate3);
                                    i2--;
                                    addCACertOnline(x509Certificate3, i2);
                                } catch (u unused4) {
                                }
                            } catch (u unused5) {
                                X509Certificate issuedToThisCA = CertificatePair.decode(bArr).getIssuedToThisCA();
                                addCACert(issuedToThisCA);
                                i2--;
                                addCACertOnline(issuedToThisCA, i2);
                            }
                            i6++;
                        }
                        i3 = i2;
                    }
                }
            }
        } catch (u unused6) {
        }
    }

    private void addCertInList(ArrayList<X509Certificate> arrayList, X509Certificate x509Certificate) {
        byte[] derEncode = x509Certificate.derEncode();
        int size = arrayList.size();
        for (int i = 0; i < size; i++) {
            if (Arrays.equals(derEncode, arrayList.get(i).derEncode())) {
                return;
            }
        }
        arrayList.add(x509Certificate);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ArrayList<byte[]> getDataFromLDAP(String str) {
        try {
            Hashtable hashtable = new Hashtable();
            hashtable.put("java.naming.referral", "follow");
            NamingEnumeration search = new InitialDirContext(hashtable).search(str, (String) null, (SearchControls) null);
            ArrayList<byte[]> arrayList = new ArrayList<>();
            while (search.hasMore()) {
                NamingEnumeration all = ((SearchResult) search.next()).getAttributes().getAll();
                while (all.hasMore()) {
                    javax.naming.directory.Attribute attribute = (javax.naming.directory.Attribute) all.next();
                    for (int i = 0; i < attribute.size(); i++) {
                        Object obj = attribute.get(i);
                        if (obj instanceof byte[]) {
                            arrayList.add((byte[]) obj);
                        }
                    }
                }
            }
            return arrayList;
        } catch (Exception unused) {
            return null;
        }
    }

    private boolean isCertPath(ArrayList<X509Certificate> arrayList, X509Certificate x509Certificate) {
        for (int i = 0; i < arrayList.size(); i++) {
            if (Arrays.equals(arrayList.get(i).derEncode(), x509Certificate.derEncode())) {
                return false;
            }
        }
        try {
            return arrayList.get(arrayList.size() - 1).getSubject().equals(x509Certificate.getIssuer());
        } catch (u unused) {
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isLdap(String str) {
        return str.substring(0, 7).equalsIgnoreCase("ldap://") || str.substring(0, 8).equalsIgnoreCase("ldaps://");
    }

    private X509Certificate[] newCertPath(ArrayList<X509Certificate> arrayList, X509Certificate x509Certificate) {
        int size = arrayList.size();
        X509Certificate[] x509CertificateArr = new X509Certificate[size + 1];
        for (int i = 0; i < size; i++) {
            x509CertificateArr[i] = arrayList.get(i);
        }
        x509CertificateArr[size] = x509Certificate;
        return x509CertificateArr;
    }

    private ArrayList<X509Certificate> newCertPathList(ArrayList<X509Certificate> arrayList, X509Certificate x509Certificate) {
        ArrayList<X509Certificate> arrayList2 = new ArrayList<>();
        for (int i = 0; i < arrayList.size(); i++) {
            arrayList2.add(arrayList.get(i));
        }
        arrayList2.add(x509Certificate);
        return arrayList2;
    }

    public void addCACert(X509Certificate x509Certificate) {
        if (x509Certificate != null) {
            Extensions extensions = x509Certificate.getExtensions();
            if (extensions == null) {
                throw new u("no extension");
            }
            Extension extension = extensions.get(Extension.BASIC_CONSTRAINTS_OID);
            if (extension == null) {
                throw new u("no basic constaraint extension");
            }
            if (!((BasicConstraintsExtension) extension.getExtensionObject()).isCA()) {
                throw new u("not ca cert");
            }
            addCertInList(this.caCertList, x509Certificate);
        }
    }

    public void addRootCert(X509Certificate x509Certificate) {
        if (x509Certificate != null) {
            addCertInList(this.rootCertList, x509Certificate);
        }
    }

    public ArrayList<X509Certificate[]> build(X509Certificate x509Certificate) {
        return build(false, x509Certificate);
    }

    public ArrayList<X509Certificate[]> build(boolean z, X509Certificate x509Certificate) {
        int size = this.rootCertList.size();
        if (size == 0) {
            throw new u("no root cert");
        }
        if (z) {
            int size2 = this.caCertList.size();
            addCACertOnline(x509Certificate, 16);
            for (int i = 0; i < size2; i++) {
                addCACertOnline(this.caCertList.get(i), 16);
            }
        }
        ArrayList<X509Certificate[]> arrayList = new ArrayList<>();
        LinkedList linkedList = new LinkedList();
        int i2 = 0;
        for (int i3 = 0; i3 < size; i3++) {
            X509Certificate x509Certificate2 = this.rootCertList.get(i3);
            if (Arrays.equals(x509Certificate2.derEncode(), x509Certificate.derEncode())) {
                arrayList.add(new X509Certificate[]{x509Certificate2});
                i2++;
                if (i2 == this.maxPathCount) {
                    return arrayList;
                }
            } else {
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add(x509Certificate2);
                linkedList.add(arrayList2);
            }
        }
        int size3 = this.caCertList.size();
        while (!linkedList.isEmpty()) {
            ArrayList<X509Certificate> arrayList3 = (ArrayList) linkedList.remove();
            if (isCertPath(arrayList3, x509Certificate)) {
                arrayList.add(newCertPath(arrayList3, x509Certificate));
                i2++;
                if (i2 == this.maxPathCount) {
                    return arrayList;
                }
            }
            int i4 = i2;
            for (int i5 = 0; i5 < size3; i5++) {
                X509Certificate x509Certificate3 = this.caCertList.get(i5);
                if (isCertPath(arrayList3, x509Certificate3)) {
                    linkedList.add(newCertPathList(arrayList3, x509Certificate3));
                }
            }
            i2 = i4;
        }
        return arrayList;
    }

    public void setHttpImplement(IHttp iHttp) {
        this.http = iHttp;
    }

    public void setMaxPathCount(int i) {
        if (i > 0) {
            this.maxPathCount = i;
        }
    }
}
