package yg0;

import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.cert.CertPath;
import java.security.cert.CertPathBuilder;
import java.security.cert.CertPathBuilderException;
import java.security.cert.CertPathBuilderResult;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertPathValidatorResult;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes6.dex */
public class s1 {

    /* renamed from: a, reason: collision with root package name */
    public static final String f94232a = rf0.k1.M.n();

    /* renamed from: b, reason: collision with root package name */
    public static final String f94233b = rf0.k1.L.n();

    /* renamed from: c, reason: collision with root package name */
    public static final String f94234c = rf0.k1.f76675x.n();

    /* renamed from: d, reason: collision with root package name */
    public static final String f94235d = rf0.k1.F.n();

    public static void a(ph0.m mVar, ph0.f fVar) throws CertPathValidatorException {
        for (String str : fVar.h()) {
            if (mVar.d(str) != null) {
                throw new CertPathValidatorException("Attribute certificate contains prohibited attribute: " + str + ".");
            }
        }
        for (String str2 : fVar.g()) {
            if (mVar.d(str2) == null) {
                throw new CertPathValidatorException("Attribute certificate does not contain necessary attribute: " + str2 + ".");
            }
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:57:0x00e6, code lost:
    
        return;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void b(rf0.u r22, ph0.m r23, ph0.f r24, java.util.Date r25, java.security.cert.X509Certificate r26, yg0.g r27, yg0.u1 r28, java.util.List r29) throws yg0.a {
        /*
            Method dump skipped, instructions count: 240
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: yg0.s1.b(rf0.u, ph0.m, ph0.f, java.util.Date, java.security.cert.X509Certificate, yg0.g, yg0.u1, java.util.List):void");
    }

    /* JADX WARN: Removed duplicated region for block: B:29:0x00f1  */
    /* JADX WARN: Removed duplicated region for block: B:43:0x014e  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void c(ph0.m r18, ph0.f r19, java.security.cert.X509Certificate r20, java.util.Date r21, java.util.List r22) throws java.security.cert.CertPathValidatorException {
        /*
            Method dump skipped, instructions count: 387
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: yg0.s1.c(ph0.m, ph0.f, java.security.cert.X509Certificate, java.util.Date, java.util.List):void");
    }

    public static CertPath d(ph0.m mVar, ph0.f fVar) throws CertPathValidatorException {
        HashSet hashSet = new HashSet();
        if (mVar.a().e() != null) {
            ph0.p pVar = new ph0.p();
            pVar.setSerialNumber(mVar.a().j());
            Principal[] e11 = mVar.a().e();
            for (int i11 = 0; i11 < e11.length; i11++) {
                try {
                    if (e11[i11] instanceof X500Principal) {
                        pVar.setIssuer(((X500Principal) e11[i11]).getEncoded());
                    }
                    hashSet.addAll(f.e(pVar, fVar.i()));
                } catch (IOException e12) {
                    throw new vg0.b("Unable to encode X500 principal.", e12);
                } catch (a e13) {
                    throw new vg0.b("Public key certificate for attribute certificate cannot be searched.", e13);
                }
            }
            if (hashSet.isEmpty()) {
                throw new CertPathValidatorException("Public key certificate specified in base certificate ID for attribute certificate cannot be found.");
            }
        }
        if (mVar.a().d() != null) {
            ph0.p pVar2 = new ph0.p();
            Principal[] d11 = mVar.a().d();
            for (int i12 = 0; i12 < d11.length; i12++) {
                try {
                    if (d11[i12] instanceof X500Principal) {
                        pVar2.setIssuer(((X500Principal) d11[i12]).getEncoded());
                    }
                    hashSet.addAll(f.e(pVar2, fVar.i()));
                } catch (IOException e14) {
                    throw new vg0.b("Unable to encode X500 principal.", e14);
                } catch (a e15) {
                    throw new vg0.b("Public key certificate for attribute certificate cannot be searched.", e15);
                }
            }
            if (hashSet.isEmpty()) {
                throw new CertPathValidatorException("Public key certificate specified in entity name for attribute certificate cannot be found.");
            }
        }
        ph0.e eVar = (ph0.e) ph0.e.f(fVar);
        Iterator it2 = hashSet.iterator();
        vg0.b bVar = null;
        CertPathBuilderResult certPathBuilderResult = null;
        while (it2.hasNext()) {
            ph0.p pVar3 = new ph0.p();
            pVar3.setCertificate((X509Certificate) it2.next());
            eVar.u(pVar3);
            try {
                try {
                    certPathBuilderResult = CertPathBuilder.getInstance("PKIX", b.f93964f).build(ph0.e.f(eVar));
                } catch (InvalidAlgorithmParameterException e16) {
                    throw new RuntimeException(e16.getMessage());
                } catch (CertPathBuilderException e17) {
                    bVar = new vg0.b("Certification path for public key certificate of attribute certificate could not be build.", e17);
                }
            } catch (NoSuchAlgorithmException e18) {
                throw new vg0.b("Support class could not be created.", e18);
            } catch (NoSuchProviderException e19) {
                throw new vg0.b("Support class could not be created.", e19);
            }
        }
        if (bVar == null) {
            return certPathBuilderResult.getCertPath();
        }
        throw bVar;
    }

    public static CertPathValidatorResult e(CertPath certPath, ph0.f fVar) throws CertPathValidatorException {
        try {
            try {
                return CertPathValidator.getInstance("PKIX", b.f93964f).validate(certPath, fVar);
            } catch (InvalidAlgorithmParameterException e11) {
                throw new RuntimeException(e11.getMessage());
            } catch (CertPathValidatorException e12) {
                throw new vg0.b("Certification path for issuer certificate of attribute certificate could not be validated.", e12);
            }
        } catch (NoSuchAlgorithmException e13) {
            throw new vg0.b("Support class could not be created.", e13);
        } catch (NoSuchProviderException e14) {
            throw new vg0.b("Support class could not be created.", e14);
        }
    }

    public static void f(X509Certificate x509Certificate, ph0.f fVar) throws CertPathValidatorException {
        if (x509Certificate.getKeyUsage() != null && !x509Certificate.getKeyUsage()[0] && !x509Certificate.getKeyUsage()[1]) {
            throw new CertPathValidatorException("Attribute certificate issuer public key cannot be used to validate digital signatures.");
        }
        if (x509Certificate.getBasicConstraints() != -1) {
            throw new CertPathValidatorException("Attribute certificate issuer is also a public key certificate issuer.");
        }
    }

    public static void g(X509Certificate x509Certificate, ph0.f fVar) throws CertPathValidatorException {
        boolean z11 = false;
        for (TrustAnchor trustAnchor : fVar.k()) {
            if (x509Certificate.getSubjectX500Principal().getName("RFC2253").equals(trustAnchor.getCAName()) || x509Certificate.equals(trustAnchor.getTrustedCert())) {
                z11 = true;
            }
        }
        if (!z11) {
            throw new CertPathValidatorException("Attribute certificate issuer is not directly trusted.");
        }
    }

    public static void h(ph0.m mVar, ph0.f fVar) throws CertPathValidatorException {
        try {
            mVar.checkValidity(f.w(fVar));
        } catch (CertificateExpiredException e11) {
            throw new vg0.b("Attribute certificate is not valid.", e11);
        } catch (CertificateNotYetValidException e12) {
            throw new vg0.b("Attribute certificate is not valid.", e12);
        }
    }

    public static void i(ph0.m mVar, CertPath certPath, CertPath certPath2, ph0.f fVar) throws CertPathValidatorException {
        Set<String> criticalExtensionOIDs = mVar.getCriticalExtensionOIDs();
        String str = f94232a;
        if (criticalExtensionOIDs.contains(str)) {
            try {
                rf0.x0.k(f.o(mVar, str));
            } catch (IllegalArgumentException e11) {
                throw new vg0.b("Target information extension could not be read.", e11);
            } catch (a e12) {
                throw new vg0.b("Target information extension could not be read.", e12);
            }
        }
        criticalExtensionOIDs.remove(str);
        Iterator it2 = fVar.e().iterator();
        while (it2.hasNext()) {
            ((ph0.i) it2.next()).a(mVar, certPath, certPath2, criticalExtensionOIDs);
        }
        if (criticalExtensionOIDs.isEmpty()) {
            return;
        }
        throw new CertPathValidatorException("Attribute certificate contains unsupported critical extensions: " + criticalExtensionOIDs);
    }
}
