package org.bouncycastle.jce.provider;

import G.g;
import R4.C1795b;
import Ui.C2050q;
import Yj.b;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.cert.CRL;
import java.security.cert.CRLSelector;
import java.security.cert.CertSelector;
import java.security.cert.CertStoreException;
import java.security.cert.CertStoreParameters;
import java.security.cert.CertStoreSpi;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRLSelector;
import java.security.cert.X509CertSelector;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Properties;
import java.util.Set;
import javax.naming.NamingEnumeration;
import javax.naming.directory.Attribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.security.auth.x500.X500Principal;
import org.slf4j.Marker;
import tj.C6207n;
import tj.C6209p;

/* loaded from: classes3.dex */
public class X509LDAPCertStoreSpi extends CertStoreSpi {
    private static String LDAP_PROVIDER = "com.sun.jndi.ldap.LdapCtxFactory";
    private static String REFERRALS_IGNORE = "ignore";
    private static final String SEARCH_SECURITY_LEVEL = "none";
    private static final String URL_CONTEXT_PREFIX = "com.sun.jndi.url";
    private b params;

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public X509LDAPCertStoreSpi(CertStoreParameters certStoreParameters) {
        super(certStoreParameters);
        if (certStoreParameters instanceof b) {
            this.params = (b) certStoreParameters;
            return;
        }
        throw new InvalidAlgorithmParameterException(X509LDAPCertStoreSpi.class.getName() + ": parameter must be a " + b.class.getName() + " object\n" + certStoreParameters.toString());
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private Set certSubjectSerialSearch(X509CertSelector x509CertSelector, String[] strArr, String str, String str2) {
        String name;
        String str3;
        HashSet hashSet = new HashSet();
        try {
            if (x509CertSelector.getSubjectAsBytes() == null && x509CertSelector.getSubjectAsString() == null) {
                if (x509CertSelector.getCertificate() == null) {
                    hashSet.addAll(search(str, Marker.ANY_MARKER, strArr));
                    return hashSet;
                }
            }
            if (x509CertSelector.getCertificate() != null) {
                name = x509CertSelector.getCertificate().getSubjectX500Principal().getName("RFC1779");
                str3 = x509CertSelector.getCertificate().getSerialNumber().toString();
            } else {
                name = x509CertSelector.getSubjectAsBytes() != null ? new X500Principal(x509CertSelector.getSubjectAsBytes()).getName("RFC1779") : x509CertSelector.getSubjectAsString();
                str3 = null;
            }
            hashSet.addAll(search(str, Marker.ANY_MARKER + parseDN(name, str2) + Marker.ANY_MARKER, strArr));
            if (str3 != null) {
                this.params.getClass();
            }
            return hashSet;
        } catch (IOException e10) {
            throw new CertStoreException("exception processing selector: " + e10);
        }
    }

    private DirContext connectLDAP() {
        Properties properties = new Properties();
        properties.setProperty("java.naming.factory.initial", LDAP_PROVIDER);
        properties.setProperty("java.naming.batchsize", "0");
        this.params.getClass();
        properties.setProperty("java.naming.provider.url", null);
        properties.setProperty("java.naming.factory.url.pkgs", URL_CONTEXT_PREFIX);
        properties.setProperty("java.naming.referral", REFERRALS_IGNORE);
        properties.setProperty("java.naming.security.authentication", SEARCH_SECURITY_LEVEL);
        return new InitialDirContext(properties);
    }

    private Set getCACertificates(X509CertSelector x509CertSelector) {
        this.params.getClass();
        String[] strArr = {null};
        this.params.getClass();
        this.params.getClass();
        Set certSubjectSerialSearch = certSubjectSerialSearch(x509CertSelector, strArr, null, null);
        if (certSubjectSerialSearch.isEmpty()) {
            certSubjectSerialSearch.addAll(search(null, Marker.ANY_MARKER, strArr));
        }
        return certSubjectSerialSearch;
    }

    private Set getCrossCertificates(X509CertSelector x509CertSelector) {
        this.params.getClass();
        String[] strArr = {null};
        this.params.getClass();
        this.params.getClass();
        Set certSubjectSerialSearch = certSubjectSerialSearch(x509CertSelector, strArr, null, null);
        if (certSubjectSerialSearch.isEmpty()) {
            certSubjectSerialSearch.addAll(search(null, Marker.ANY_MARKER, strArr));
        }
        return certSubjectSerialSearch;
    }

    private Set getEndCertificates(X509CertSelector x509CertSelector) {
        this.params.getClass();
        this.params.getClass();
        this.params.getClass();
        return certSubjectSerialSearch(x509CertSelector, new String[]{null}, null, null);
    }

    private String parseDN(String str, String str2) {
        String substring = str.substring(str2.length() + str.toLowerCase().indexOf(str2.toLowerCase()));
        int indexOf = substring.indexOf(44);
        if (indexOf == -1) {
            indexOf = substring.length();
        }
        while (substring.charAt(indexOf - 1) == '\\') {
            indexOf = substring.indexOf(44, indexOf + 1);
            if (indexOf == -1) {
                indexOf = substring.length();
            }
        }
        String substring2 = substring.substring(0, indexOf);
        String substring3 = substring2.substring(substring2.indexOf(61) + 1);
        if (substring3.charAt(0) == ' ') {
            substring3 = substring3.substring(1);
        }
        if (substring3.startsWith("\"")) {
            substring3 = substring3.substring(1);
        }
        if (substring3.endsWith("\"")) {
            substring3 = substring3.substring(0, substring3.length() - 1);
        }
        return substring3;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private Set search(String str, String str2, String[] strArr) {
        DirContext connectLDAP;
        String a6 = g.a(str, "=", str2);
        DirContext dirContext = null;
        if (str == null) {
            a6 = null;
        }
        HashSet hashSet = new HashSet();
        try {
            try {
                connectLDAP = connectLDAP();
            } catch (Exception e10) {
                e = e10;
            }
        } catch (Throwable th2) {
            th = th2;
        }
        try {
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            searchControls.setCountLimit(0L);
            for (String str3 : strArr) {
                String[] strArr2 = {str3};
                searchControls.setReturningAttributes(strArr2);
                String str4 = "(&(" + a6 + ")(" + strArr2[0] + "=*))";
                if (a6 == null) {
                    str4 = "(" + strArr2[0] + "=*)";
                }
                this.params.getClass();
                NamingEnumeration search = connectLDAP.search((String) null, str4, searchControls);
                while (search.hasMoreElements()) {
                    NamingEnumeration all = ((Attribute) ((SearchResult) search.next()).getAttributes().getAll().next()).getAll();
                    while (all.hasMore()) {
                        hashSet.add(all.next());
                    }
                }
            }
            if (connectLDAP != null) {
                try {
                    connectLDAP.close();
                } catch (Exception unused) {
                }
            }
            return hashSet;
        } catch (Exception e11) {
            e = e11;
            dirContext = connectLDAP;
            throw new CertStoreException("Error getting results from LDAP directory " + e);
        } catch (Throwable th3) {
            th = th3;
            dirContext = connectLDAP;
            if (dirContext != null) {
                try {
                    dirContext.close();
                } catch (Exception unused2) {
                }
            }
            throw th;
        }
    }

    /* JADX WARN: Unreachable blocks removed: 2, instructions: 2 */
    @Override // java.security.cert.CertStoreSpi
    public Collection engineGetCRLs(CRLSelector cRLSelector) {
        String name;
        this.params.getClass();
        String[] strArr = {null};
        if (!(cRLSelector instanceof X509CRLSelector)) {
            throw new CertStoreException("selector is not a X509CRLSelector");
        }
        X509CRLSelector x509CRLSelector = (X509CRLSelector) cRLSelector;
        HashSet hashSet = new HashSet();
        this.params.getClass();
        HashSet hashSet2 = new HashSet();
        if (x509CRLSelector.getIssuerNames() != null) {
            for (Object obj : x509CRLSelector.getIssuerNames()) {
                if (obj instanceof String) {
                    this.params.getClass();
                    name = (String) obj;
                } else {
                    this.params.getClass();
                    name = new X500Principal((byte[]) obj).getName("RFC1779");
                }
                hashSet2.addAll(search(null, C1795b.a(Marker.ANY_MARKER, parseDN(name, null), Marker.ANY_MARKER), strArr));
            }
        } else {
            hashSet2.addAll(search(null, Marker.ANY_MARKER, strArr));
        }
        hashSet2.addAll(search(null, Marker.ANY_MARKER, strArr));
        Iterator it = hashSet2.iterator();
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
            while (true) {
                while (it.hasNext()) {
                    CRL generateCRL = certificateFactory.generateCRL(new ByteArrayInputStream((byte[]) it.next()));
                    if (x509CRLSelector.match(generateCRL)) {
                        hashSet.add(generateCRL);
                    }
                }
                return hashSet;
            }
        } catch (Exception e10) {
            throw new CertStoreException("CRL cannot be constructed from LDAP result " + e10);
        }
    }

    /* JADX WARN: Unreachable blocks removed: 2, instructions: 2 */
    @Override // java.security.cert.CertStoreSpi
    public Collection engineGetCertificates(CertSelector certSelector) {
        if (!(certSelector instanceof X509CertSelector)) {
            throw new CertStoreException("selector is not a X509CertSelector");
        }
        X509CertSelector x509CertSelector = (X509CertSelector) certSelector;
        HashSet hashSet = new HashSet();
        Set<byte[]> endCertificates = getEndCertificates(x509CertSelector);
        endCertificates.addAll(getCACertificates(x509CertSelector));
        endCertificates.addAll(getCrossCertificates(x509CertSelector));
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
            while (true) {
                for (byte[] bArr : endCertificates) {
                    if (bArr == null) {
                        break;
                    }
                    if (bArr.length != 0) {
                        ArrayList arrayList = new ArrayList();
                        arrayList.add(bArr);
                        try {
                            C6209p m10 = C6209p.m(new C2050q(bArr).j());
                            arrayList.clear();
                            C6207n c6207n = m10.f58526b;
                            if (c6207n != null) {
                                arrayList.add(c6207n.getEncoded());
                            }
                            C6207n c6207n2 = m10.f58527c;
                            if (c6207n2 != null) {
                                arrayList.add(c6207n2.getEncoded());
                            }
                        } catch (IOException | IllegalArgumentException unused) {
                        }
                        Iterator it = arrayList.iterator();
                        while (true) {
                            while (it.hasNext()) {
                                try {
                                    Certificate generateCertificate = certificateFactory.generateCertificate(new ByteArrayInputStream((byte[]) it.next()));
                                    if (x509CertSelector.match(generateCertificate)) {
                                        hashSet.add(generateCertificate);
                                    }
                                } catch (Exception unused2) {
                                }
                            }
                        }
                    }
                }
                return hashSet;
            }
        } catch (Exception e10) {
            throw new CertStoreException("certificate cannot be constructed from LDAP result: " + e10);
        }
    }
}
