package com.kica.security.certpath;

import com.kica.android.fido.uaf.auth.crypto.CryptoConst;
import com.kica.security.KICAProvider;
import com.kica.security.asn1.DERIA5String;
import com.kica.security.asn1.x509.CRLDistPoint;
import com.kica.security.asn1.x509.DistributionPoint;
import com.kica.security.asn1.x509.DistributionPointName;
import com.kica.security.asn1.x509.GeneralName;
import com.kica.security.asn1.x509.GeneralNames;
import com.kica.security.certpath.X509HttpCertStoreParameters;
import com.kica.security.certpath.X509LDAPCertStoreParameters;
import com.kica.security.provider.X509CertificateObject;
import com.kica.security.x509.X509CertStoreSelector;
import com.kica.security.x509.X509Store;
import com.raonsecure.crypto.KSCertificateDirectory;
import cz.msebera.android.httpclient.d0;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.URLDecoder;
import java.security.NoSuchProviderException;
import java.security.cert.CertPathBuilderException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;

/* loaded from: classes3.dex */
public class CRLDistPointUtillities {
    private CRLDistPoint crldp;
    private String[] locations;

    public CRLDistPointUtillities(CRLDistPoint cRLDistPoint) {
        this.locations = null;
        this.crldp = cRLDistPoint;
        this.locations = getCRLDistributionPointLocation(cRLDistPoint);
    }

    public CRLDistPointUtillities(X509Certificate x509Certificate) throws CertPathBuilderException {
        this.locations = null;
        if (!(x509Certificate instanceof X509CertificateObject)) {
            try {
                x509Certificate = (X509Certificate) CertificateFactory.getInstance(CryptoConst.CERT_X509, KICAProvider.PROVIDER_NAME).generateCertificate(new ByteArrayInputStream(x509Certificate.getEncoded()));
            } catch (NoSuchProviderException e6) {
                throw new CertPathBuilderException(e6);
            } catch (CertificateException e7) {
                throw new CertPathBuilderException(e7);
            }
        }
        try {
            new X509CertStoreSelector().setSubject(x509Certificate.getIssuerX500Principal().getEncoded());
            try {
                CRLDistPoint cRLDistPoint = CRLDistPoint.getInstance(CertPathValidatorUtilities.getExtensionValue(x509Certificate, RFC3280CertPathUtilities.CRL_DISTRIBUTION_POINTS));
                this.crldp = cRLDistPoint;
                this.locations = getCRLDistributionPointLocation(cRLDistPoint);
            } catch (Exception e8) {
                throw new CertPathBuilderException("CRL distribution point extension could not be read.", e8);
            }
        } catch (IOException e9) {
            throw new CertPathBuilderException("Subject criteria for certificate selector to find issuer certificate could not be set.", e9);
        }
    }

    public static X509Store getAdditionalStoreFromLocation(String str) {
        String str2;
        String str3 = null;
        if (str == null) {
            return null;
        }
        try {
            if (!str.startsWith("ldap://")) {
                if (!str.startsWith("http://") && !str.startsWith("https://")) {
                    return null;
                }
                return X509Store.getInstance(d0.F, new X509HttpCertStoreParameters.Builder().build(), KSCertificateDirectory.KICA);
            }
            String substring = str.substring(7);
            if (substring.indexOf("/") != -1) {
                str3 = substring.substring(substring.indexOf("/"));
                str2 = "ldap://" + substring.substring(0, substring.indexOf("/"));
            } else {
                str2 = "ldap://" + substring;
            }
            return X509Store.getInstance("LDAP", new X509LDAPCertStoreParameters.Builder(str2, str3).build(), KSCertificateDirectory.KICA);
        } catch (Exception e6) {
            e6.printStackTrace();
            throw new RuntimeException("Exception adding X.509 stores.");
        }
    }

    static String getFileNameFromLocation(String str) {
        try {
            if (!str.startsWith("ldap://")) {
                return null;
            }
            String substring = str.substring(7);
            if (substring.indexOf("/") == -1) {
                return null;
            }
            String substring2 = substring.substring(substring.indexOf("/") + 1);
            if (substring2.indexOf("?") != -1) {
                substring2 = substring2.substring(0, substring2.indexOf("?"));
            }
            return URLDecoder.decode(substring2);
        } catch (Exception unused) {
            throw new StoreException("Exception adding X.509 stores.");
        }
    }

    public Collection getAdditionalStores() {
        HashSet hashSet = new HashSet();
        int i6 = 0;
        while (true) {
            String[] strArr = this.locations;
            if (i6 >= strArr.length) {
                return hashSet;
            }
            hashSet.add(getAdditionalStoreFromLocation(strArr[i6]));
            i6++;
        }
    }

    String[] getCRLDistributionPointLocation(CRLDistPoint cRLDistPoint) {
        if (cRLDistPoint == null) {
            return null;
        }
        try {
            DistributionPoint[] distributionPoints = cRLDistPoint.getDistributionPoints();
            ArrayList arrayList = new ArrayList();
            for (DistributionPoint distributionPoint : distributionPoints) {
                DistributionPointName distributionPoint2 = distributionPoint.getDistributionPoint();
                if (distributionPoint2 != null && distributionPoint2.getType() == 0) {
                    GeneralName[] names = GeneralNames.getInstance(distributionPoint2.getName()).getNames();
                    for (int i6 = 0; i6 < names.length; i6++) {
                        if (names[i6].getTagNo() == 6) {
                            arrayList.add(DERIA5String.getInstance(names[i6].getName()).getString());
                        }
                    }
                }
            }
            return (String[]) arrayList.toArray(new String[0]);
        } catch (Exception e6) {
            throw new RuntimeException("Distribution points could not be read.", e6);
        }
    }

    public X509Store getLDAPStore() {
        return getAdditionalStoreFromLocation(getLdapLocation());
    }

    public String getLdapLocation() {
        int i6 = 0;
        while (true) {
            String[] strArr = this.locations;
            if (i6 >= strArr.length) {
                return null;
            }
            if (strArr[i6].startsWith("ldap://")) {
                return this.locations[i6];
            }
            i6++;
        }
    }

    public String[] getLdapLocations() {
        return getCRLDistributionPointLocation(this.crldp);
    }
}
