package ru.CryptoPro.reprov.certpath;

import com.drew.metadata.photoshop.PhotoshopDirectory;
import com.facebook.common.util.UriUtil;
import com.google.common.net.HttpHeaders;
import com.tom_roush.pdfbox.pdmodel.interactive.action.PDActionURI;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.net.URLConnection;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.cert.CRLSelector;
import java.security.cert.CertSelector;
import java.security.cert.CertStore;
import java.security.cert.CertStoreParameters;
import java.security.cert.CertStoreSpi;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import ru.CryptoPro.JCP.JCP;
import ru.CryptoPro.JCP.Util.GetProperty;
import ru.CryptoPro.JCP.pref.JCPPref;
import ru.CryptoPro.JCP.tools.JCPLogger;
import ru.CryptoPro.JCP.tools.Platform;
import ru.CryptoPro.reprov.utils.Cache;
import ru.CryptoPro.reprov.x509.AccessDescription;
import ru.CryptoPro.reprov.x509.GeneralNameInterface;
import ru.CryptoPro.reprov.x509.URIName;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes5.dex */
public class URICertStore extends CertStoreSpi {
    private static final int j = a();
    private static final int k = b();
    private static final int l = c();
    private static final int m = d();
    private static final boolean n = e();
    private static final boolean o = f();
    private static final boolean p = g();
    private static final String q = h();
    private static final String r = i();
    private static final boolean s = GetProperty.getBooleanProperty("allow_crl_redirect", false);
    private static final boolean t = GetProperty.getBooleanProperty("allow_cert_redirect", false);
    private static final Cache u = Cache.newSoftMemoryCache(185);
    private final CertificateFactory a;
    private Collection b;
    private X509CRL c;
    private long d;
    private long e;
    private URI f;
    private boolean g;
    private CertStore h;
    private String i;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes5.dex */
    public class UCS extends CertStore {
        protected UCS(CertStoreSpi certStoreSpi, Provider provider, String str, CertStoreParameters certStoreParameters) {
            super(certStoreSpi, provider, str, certStoreParameters);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes5.dex */
    public class URICertStoreParameters implements CertStoreParameters {
        private final URI a;
        private volatile int b = 0;

        /* JADX INFO: Access modifiers changed from: package-private */
        public URICertStoreParameters(URI uri) {
            this.a = uri;
        }

        @Override // java.security.cert.CertStoreParameters
        public Object clone() {
            try {
                return super.clone();
            } catch (CloneNotSupportedException e) {
                throw new InternalError(e.toString());
            }
        }

        public boolean equals(Object obj) {
            if (obj instanceof URICertStoreParameters) {
                return this.a.equals(((URICertStoreParameters) obj).a);
            }
            return false;
        }

        public int hashCode() {
            if (this.b == 0) {
                this.b = 629 + this.a.hashCode();
            }
            return this.b;
        }
    }

    URICertStore(CertStoreParameters certStoreParameters) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
        super(certStoreParameters);
        this.b = Collections.EMPTY_SET;
        this.g = false;
        if (!(certStoreParameters instanceof URICertStoreParameters)) {
            throw new InvalidAlgorithmParameterException("params must be instanceof URICertStoreParameters");
        }
        URI uri = ((URICertStoreParameters) certStoreParameters).a;
        this.f = uri;
        if (uri.getScheme().toLowerCase().equals("ldap")) {
            JCPLogger.fine("URICertStore: ignore LDAP scheme.");
        }
        try {
            this.a = CertificateFactory.getInstance(JCP.CERTIFICATE_FACTORY_NAME);
        } catch (CertificateException unused) {
            throw new RuntimeException();
        }
    }

    private static int a() {
        Integer valueOf = Integer.valueOf(GetProperty.getIntegerProperty("com.sun.security.crl.timeout", 15));
        if (valueOf == null || valueOf.intValue() < 0) {
            return 15000;
        }
        return valueOf.intValue() * 1000;
    }

    private static URLConnection a(URLConnection uRLConnection, int i, int i2) throws IOException {
        SSLContext sSLContext;
        boolean z = false;
        int i3 = 0;
        while (true) {
            if (i3 < 5) {
                String headerField = uRLConnection.getHeaderField(HttpHeaders.LOCATION);
                String headerField2 = uRLConnection.getHeaderField(HttpHeaders.SET_COOKIE);
                URL url = new URL(headerField);
                JCPLogger.fine("Connecting (redirect): " + url);
                if (!url.getProtocol().equals(UriUtil.HTTP_SCHEME) && !url.getProtocol().equals(UriUtil.HTTPS_SCHEME)) {
                    break;
                }
                ((HttpURLConnection) uRLConnection).disconnect();
                uRLConnection = url.openConnection();
                uRLConnection.setConnectTimeout(i);
                uRLConnection.setReadTimeout(i2);
                if (uRLConnection instanceof HttpsURLConnection) {
                    try {
                        if (p) {
                            sSLContext = SSLContext.getDefault();
                        } else {
                            String str = Platform.isSun ? "SunJSSE" : "IBMJSSE2";
                            String str2 = q;
                            if (str2 != null) {
                                str = str2;
                            }
                            String str3 = r;
                            sSLContext = SSLContext.getInstance(str3 != null ? str3 : "Default", str);
                        }
                        ((HttpsURLConnection) uRLConnection).setSSLSocketFactory(sSLContext.getSocketFactory());
                    } catch (Exception e) {
                        JCPLogger.subThrown(e);
                    }
                }
                if (headerField2 != null) {
                    uRLConnection.setRequestProperty(HttpHeaders.COOKIE, headerField2);
                }
                i3++;
                if (!a(((HttpURLConnection) uRLConnection).getResponseCode())) {
                    z = true;
                    break;
                }
            } else {
                break;
            }
        }
        if (z) {
            return uRLConnection;
        }
        throw new IOException("Redirection has failed after attempts: " + i3 + ". If count of attempts is equal 1 something may be wrong with https redirection (cpSSL/JavaTLS should be deleted and security options should be dropped to default values).");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized CertStore a(URICertStoreParameters uRICertStoreParameters) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        CertStore certStore;
        synchronized (URICertStore.class) {
            JCPLogger.finer("CertStore URI:", uRICertStoreParameters.a);
            Cache cache = u;
            certStore = (CertStore) cache.get(uRICertStoreParameters);
            if (certStore == null) {
                certStore = new UCS(new URICertStore(uRICertStoreParameters), null, PDActionURI.SUB_TYPE, uRICertStoreParameters);
                cache.put(uRICertStoreParameters, certStore);
            } else {
                JCPLogger.finer("URICertStore.getInstance: cache hit");
            }
        }
        return certStore;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static CertStore a(AccessDescription accessDescription) {
        if (!accessDescription.getAccessMethod().equals((Object) AccessDescription.Ad_CAISSUERS_Id)) {
            return null;
        }
        GeneralNameInterface name = accessDescription.getAccessLocation().getName();
        if (!(name instanceof URIName)) {
            return null;
        }
        try {
            return a(new URICertStoreParameters(((URIName) name).getURI()));
        } catch (Exception e) {
            JCPLogger.warning("exception creating CertStore: ", (Throwable) e);
            return null;
        }
    }

    private static Collection a(X509CRL x509crl, CRLSelector cRLSelector) {
        return (cRLSelector == null || (x509crl != null && cRLSelector.match(x509crl))) ? Collections.singletonList(x509crl) : Collections.EMPTY_LIST;
    }

    private static Collection a(Collection collection, CertSelector certSelector) {
        if (certSelector == null) {
            return collection;
        }
        ArrayList arrayList = new ArrayList(collection.size());
        Iterator it = collection.iterator();
        while (it.hasNext()) {
            X509Certificate x509Certificate = (X509Certificate) it.next();
            if (certSelector.match(x509Certificate)) {
                arrayList.add(x509Certificate);
            }
        }
        return arrayList;
    }

    private static boolean a(int i) {
        return i == 301 || i == 302 || i == 303;
    }

    private static int b() {
        Integer valueOf = Integer.valueOf(GetProperty.getIntegerProperty("ru.CryptoPro.crl.read_timeout", 10));
        return (valueOf == null || valueOf.intValue() < 0) ? PhotoshopDirectory.TAG_PRINT_FLAGS_INFO : valueOf.intValue() * 1000;
    }

    private static int c() {
        Integer valueOf = Integer.valueOf(GetProperty.getIntegerProperty("ru.CryptoPro.cert.connect_timeout", 15));
        if (valueOf == null || valueOf.intValue() < 0) {
            return 15000;
        }
        return valueOf.intValue() * 1000;
    }

    private static int d() {
        Integer valueOf = Integer.valueOf(GetProperty.getIntegerProperty("ru.CryptoPro.cert.read_timeout", 10));
        return (valueOf == null || valueOf.intValue() < 0) ? PhotoshopDirectory.TAG_PRINT_FLAGS_INFO : valueOf.intValue() * 1000;
    }

    private static boolean e() {
        return s || new JCPPref(URICertStore.class).getBoolean("allow_crl_redirect", false);
    }

    private static boolean f() {
        return t || new JCPPref(URICertStore.class).getBoolean("allow_cert_redirect", false);
    }

    private static boolean g() {
        return Boolean.valueOf(GetProperty.getBooleanProperty("use_default_jsse_impl", true)).booleanValue() && Boolean.valueOf(new JCPPref(URICertStore.class).getBoolean("use_default_jsse_impl", true)).booleanValue();
    }

    private static String h() {
        String stringProperty = GetProperty.getStringProperty("use_jsse_impl", null);
        String str = new JCPPref(URICertStore.class).get("use_jsse_impl", stringProperty);
        if (stringProperty != null) {
            return stringProperty;
        }
        if (str != null) {
            return str;
        }
        return null;
    }

    private static String i() {
        String stringProperty = GetProperty.getStringProperty("use_jsse_alg", null);
        String str = new JCPPref(URICertStore.class).get("use_jsse_alg", stringProperty);
        if (stringProperty != null) {
            return stringProperty;
        }
        if (str != null) {
            return str;
        }
        return null;
    }

    /* JADX WARN: Code restructure failed: missing block: B:70:0x0133, code lost:
    
        if (r8 == null) goto L71;
     */
    /* JADX WARN: Code restructure failed: missing block: B:71:0x0136, code lost:
    
        r14.e = 0;
        r14.c = null;
     */
    /* JADX WARN: Code restructure failed: missing block: B:73:0x013d, code lost:
    
        return java.util.Collections.EMPTY_LIST;
     */
    /* JADX WARN: Code restructure failed: missing block: B:75:0x0119, code lost:
    
        r8.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:80:0x0117, code lost:
    
        if (r8 == null) goto L71;
     */
    /* JADX WARN: Not initialized variable reg: 8, insn: 0x013f: MOVE (r1 I:??[OBJECT, ARRAY]) = (r8 I:??[OBJECT, ARRAY]), block:B:83:0x013f */
    /* JADX WARN: Removed duplicated region for block: B:86:0x0142 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    @Override // java.security.cert.CertStoreSpi
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized java.util.Collection engineGetCRLs(java.security.cert.CRLSelector r15) throws java.security.cert.CertStoreException {
        /*
            Method dump skipped, instructions count: 329
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ru.CryptoPro.reprov.certpath.URICertStore.engineGetCRLs(java.security.cert.CRLSelector):java.util.Collection");
    }

    /* JADX WARN: Code restructure failed: missing block: B:80:0x0149, code lost:
    
        if (0 == 0) goto L69;
     */
    /* JADX WARN: Code restructure failed: missing block: B:81:0x014c, code lost:
    
        r13.e = 0;
        r14 = java.util.Collections.EMPTY_SET;
        r13.b = r14;
     */
    /* JADX WARN: Code restructure failed: missing block: B:83:0x0153, code lost:
    
        return r14;
     */
    /* JADX WARN: Code restructure failed: missing block: B:85:0x0130, code lost:
    
        r0.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:90:0x012e, code lost:
    
        if (0 == 0) goto L69;
     */
    @Override // java.security.cert.CertStoreSpi
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized java.util.Collection engineGetCertificates(java.security.cert.CertSelector r14) throws java.security.cert.CertStoreException {
        /*
            Method dump skipped, instructions count: 349
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ru.CryptoPro.reprov.certpath.URICertStore.engineGetCertificates(java.security.cert.CertSelector):java.util.Collection");
    }
}
