package ru.CryptoPro.XAdES.pc_0;

import java.io.ByteArrayInputStream;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.SimpleTimeZone;
import java.util.TreeMap;
import org.bouncycastle.asn1.ASN1GeneralizedTime;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.esf.CrlOcspRef;
import org.bouncycastle.asn1.esf.CrlValidatedID;
import org.bouncycastle.asn1.esf.OcspIdentifier;
import org.bouncycastle.asn1.esf.OcspResponsesID;
import org.bouncycastle.asn1.esf.OtherHash;
import org.bouncycastle.asn1.esf.OtherHashAlgAndValue;
import org.bouncycastle.asn1.esf.RevocationValues;
import org.bouncycastle.asn1.ess.OtherCertID;
import org.bouncycastle.asn1.ocsp.BasicOCSPResponse;
import org.bouncycastle.asn1.ocsp.CertID;
import org.bouncycastle.asn1.ocsp.ResponderID;
import org.bouncycastle.asn1.ocsp.SingleResponse;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.CertificateList;
import org.bouncycastle.asn1.x509.X509Extension;
import org.bouncycastle.cert.ocsp.CertificateID;
import org.bouncycastle.jce.PrincipalUtil;
import org.bouncycastle.jce.X509Principal;
import ru.CryptoPro.AdES.certificate.CertificateFinder;
import ru.CryptoPro.AdES.evidence.CertificateIdentifierCalculator;
import ru.CryptoPro.AdES.exception.AdESException;
import ru.CryptoPro.AdES.external.decode.AdESXLongType1AttributeDecoder;
import ru.CryptoPro.AdES.tools.AdESUtility;
import ru.CryptoPro.AdES.tools.revocation.xades.ResponderIDNoIssuer;
import ru.CryptoPro.JCP.tools.JCPLogger;
import ru.CryptoPro.XAdES.cl_10;
import ru.CryptoPro.XAdES.cl_13;
import ru.CryptoPro.XAdES.cl_16;
import ru.CryptoPro.XAdES.cl_17;
import ru.CryptoPro.XAdES.cl_19;
import ru.CryptoPro.XAdES.cl_26;
import ru.CryptoPro.XAdES.cl_27;
import ru.CryptoPro.XAdES.cl_28;
import ru.CryptoPro.XAdES.cl_3;
import ru.CryptoPro.XAdES.cl_30;
import ru.CryptoPro.XAdES.cl_34;
import ru.CryptoPro.XAdES.cl_5;
import ru.CryptoPro.XAdES.cl_50;
import ru.CryptoPro.XAdES.cl_53;
import ru.CryptoPro.XAdES.cl_60;
import ru.CryptoPro.XAdES.cl_7;
import ru.CryptoPro.XAdES.cl_8;
import ru.CryptoPro.XAdES.exception.XAdESException;
import ru.CryptoPro.XAdES.util.XAdESUtility;

/* loaded from: classes4.dex */
public class cl_1 implements cl_0 {
    private static final boolean i = true;
    private final List<OtherCertID> a = new LinkedList();
    private final List<CrlOcspRef> b = new LinkedList();
    private final List<X509Certificate> c = new LinkedList();
    private RevocationValues d = null;
    private String e = null;
    private final List<BasicOCSPResponse> f = new LinkedList();
    private final List<CertificateList> g = new LinkedList();
    private AdESXLongType1AttributeDecoder h = null;

    private static String a(Date date) {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'");
        simpleDateFormat.setTimeZone(new SimpleTimeZone(0, "Z"));
        return simpleDateFormat.format(date);
    }

    private CrlValidatedID a(ru.CryptoPro.XAdES.cl_1 cl_1Var) throws Exception {
        JCPLogger.fine("Producing crl validated id...");
        cl_16 b = cl_1Var.b();
        if (b == null) {
            throw new XAdESException("DigestAlgAndValue not found.", XAdESException.ecNodeNotFound);
        }
        byte[] b2 = b.b();
        String findDigestNameByDigestUri = XAdESUtility.findDigestNameByDigestUri(b.a());
        String findDigestOidByDigestName = XAdESUtility.findDigestOidByDigestName(findDigestNameByDigestUri);
        if (findDigestOidByDigestName == null) {
            throw new XAdESException("Digest algorithm for DigestMethod " + findDigestNameByDigestUri + " not found.", XAdESException.ecNodeInvalidContent);
        }
        OtherHash otherHash = new OtherHash(new OtherHashAlgAndValue(new AlgorithmIdentifier(new ASN1ObjectIdentifier(findDigestOidByDigestName)), new DEROctetString(b2)));
        cl_1Var.a();
        JCPLogger.fine("Crl validated id completed.");
        return new CrlValidatedID(otherHash, null);
    }

    private OcspResponsesID a(cl_28 cl_28Var) throws Exception {
        ResponderID responderID;
        ResponderID responderID2;
        JCPLogger.fine("Producing OCSP response id...");
        cl_16 c = cl_28Var.c();
        if (c == null) {
            throw new XAdESException("DigestAlgAndValue not found.", XAdESException.ecNodeNotFound);
        }
        byte[] b = c.b();
        String findDigestNameByDigestUri = XAdESUtility.findDigestNameByDigestUri(c.a());
        String findDigestOidByDigestName = XAdESUtility.findDigestOidByDigestName(findDigestNameByDigestUri);
        if (findDigestOidByDigestName == null) {
            throw new XAdESException("Digest algorithm for DigestMethod " + findDigestNameByDigestUri + " not found.", XAdESException.ecNodeInvalidContent);
        }
        OtherHashAlgAndValue otherHashAlgAndValue = new OtherHashAlgAndValue(new AlgorithmIdentifier(new ASN1ObjectIdentifier(findDigestOidByDigestName)), new DEROctetString(b));
        cl_26 a = cl_28Var.a();
        if (a == null) {
            throw new XAdESException("OCSPIdentifier not found.", XAdESException.ecNodeNotFound);
        }
        cl_27 d = a.d();
        if (d == cl_27.Unknown) {
            throw new XAdESException("OCSPIdentifier has unknown content.", XAdESException.ecNodeInvalidContent);
        }
        int i2 = cl_2.a[d.ordinal()];
        if (i2 == 1) {
            byte[] c2 = a.c();
            if (c2 == null) {
                throw new XAdESException("ResponderID has invalid content.", XAdESException.ecNodeInvalidContent);
            }
            responderID = new ResponderID(new DEROctetString(c2));
        } else {
            if (i2 != 2) {
                throw new XAdESException("OCSPIdentifier has invalid content.", XAdESException.ecNodeInvalidContent);
            }
            if (c != null) {
                responderID2 = new ResponderIDNoIssuer();
                OcspIdentifier ocspIdentifier = new OcspIdentifier(responderID2, new ASN1GeneralizedTime(a(a.e())));
                JCPLogger.fine("OCSP response id completed.");
                return new OcspResponsesID(ocspIdentifier, new OtherHash(otherHashAlgAndValue));
            }
            responderID = new ResponderID(a.a());
        }
        responderID2 = responderID;
        OcspIdentifier ocspIdentifier2 = new OcspIdentifier(responderID2, new ASN1GeneralizedTime(a(a.e())));
        JCPLogger.fine("OCSP response id completed.");
        return new OcspResponsesID(ocspIdentifier2, new OtherHash(otherHashAlgAndValue));
    }

    private void a(X509Certificate x509Certificate, OtherCertID otherCertID, CrlOcspRef crlOcspRef, boolean z, String str) {
        JCPLogger.fineFormat("Normalization result for the certificate:\n\tserial number: {0}\n\tsubject: {1}\n\tissuer:  {2}\n\tcert reference: {3}\n\trev reference:  {4}\n\trevocation expected: {5}\n\trevocation type: {6}", x509Certificate.getSerialNumber().toString(16), x509Certificate.getSubjectDN(), x509Certificate.getIssuerDN(), otherCertID, crlOcspRef, Boolean.valueOf(z), str);
    }

    /* JADX WARN: Removed duplicated region for block: B:43:0x00ae A[RETURN] */
    /* JADX WARN: Removed duplicated region for block: B:44:0x00af  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void a(org.bouncycastle.asn1.ess.OtherCertID r16, java.util.List<ru.CryptoPro.XAdES.cl_28> r17, java.util.List<ru.CryptoPro.XAdES.cl_1> r18, java.util.Set<ru.CryptoPro.XAdES.cl_19> r19, java.util.Set<ru.CryptoPro.XAdES.cl_17> r20) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 477
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ru.CryptoPro.XAdES.pc_0.cl_1.a(org.bouncycastle.asn1.ess.OtherCertID, java.util.List, java.util.List, java.util.Set, java.util.Set):void");
    }

    private boolean a(String str, String str2) {
        return (str == null || str2 == null) ? str2 == null : str.equals(str2);
    }

    private boolean a(X509Certificate x509Certificate, BasicOCSPResponse basicOCSPResponse) {
        CertificateIdentifierCalculator certificateIdentifierCalculator;
        JCPLogger.fine("Analyzing basic ocsp response...");
        ASN1Sequence responses = basicOCSPResponse.getTbsResponseData().getResponses();
        for (int i2 = 0; i2 < responses.size(); i2++) {
            JCPLogger.fine("Analyzing single ocsp response #" + i2);
            CertID certID = SingleResponse.getInstance(responses.getObjectAt(i2)).getCertID();
            CertificateID certificateID = new CertificateID(certID);
            String id = certID.getHashAlgorithm().getAlgorithm().getId();
            CertificateFinder certificateFinder = new CertificateFinder(this.c);
            certificateFinder.setProvider(this.e);
            try {
                JCPLogger.fine("Finding issuer certificate...");
                X509Certificate find = certificateFinder.find(certificateID);
                JCPLogger.fine("Checking certificate signature...");
                x509Certificate.verify(find.getPublicKey(), this.e);
                certificateIdentifierCalculator = new CertificateIdentifierCalculator(x509Certificate, find);
                certificateIdentifierCalculator.setDigestAlgorithm(id);
                certificateIdentifierCalculator.setProvider(this.e);
                JCPLogger.fine("Checking certificate identifier...");
            } catch (Exception e) {
                JCPLogger.subThrown(e);
            }
            if (AdESUtility.compareCertificateID(certificateID, AdESUtility.fixCertificateID(certificateIdentifierCalculator.make((Void) null), id))) {
                JCPLogger.fine("OCSP evidence accepted.");
                return true;
            }
            continue;
        }
        return false;
    }

    private boolean a(X509Certificate x509Certificate, CertificateList certificateList) {
        JCPLogger.fine("Analyzing CRL...");
        try {
            X509CRL x509crl = (X509CRL) AdESUtility.CERT_FACTORY.generateCRL(new ByteArrayInputStream(certificateList.getEncoded()));
            X509Principal issuerX509Principal = PrincipalUtil.getIssuerX509Principal(x509crl);
            byte[] authorityKeyIdentifier = AdESUtility.getAuthorityKeyIdentifier(x509crl.getExtensionValue(X509Extension.authorityKeyIdentifier.getId()));
            CertificateFinder certificateFinder = new CertificateFinder(this.c);
            certificateFinder.setProvider(this.e);
            JCPLogger.fine("Finding issuer certificate...");
            X509Certificate find = certificateFinder.find(issuerX509Principal, authorityKeyIdentifier);
            JCPLogger.fine("Checking CRL signature...");
            x509crl.verify(find.getPublicKey(), this.e);
            JCPLogger.fine("Checking certificate signature...");
            x509Certificate.verify(find.getPublicKey(), this.e);
            JCPLogger.fine("CRL evidence accepted.");
            return true;
        } catch (Exception e) {
            JCPLogger.subThrown(e);
            return false;
        }
    }

    private boolean a(ru.CryptoPro.XAdES.cl_1 cl_1Var, cl_17 cl_17Var) {
        String b_ = cl_17Var.b_();
        if (cl_1Var.a() != null) {
            return a(b_, cl_1Var.a().d());
        }
        return true;
    }

    private boolean a(cl_28 cl_28Var, cl_19 cl_19Var) {
        return a(cl_19Var.b_(), cl_28Var.a().f());
    }

    @Override // ru.CryptoPro.XAdES.pc_0.cl_0
    public void a(TreeMap<cl_60, Object> treeMap) throws XAdESException {
        RevocationValues revocationValues;
        JCPLogger.subEnter();
        JCPLogger.fine("Obtaining references, certificates and evidences...");
        cl_10 cl_10Var = (cl_10) treeMap.get(cl_60.COMPLETE_CERTIFICATE_REFS);
        if (cl_10Var == null) {
            cl_10Var = (cl_10) treeMap.get(cl_60.COMPLETE_CERTIFICATE_REFSV2);
        }
        if (cl_10Var == null) {
            throw new XAdESException("complete-certificate-reference is undefined.", XAdESException.ecNodeNotFound);
        }
        cl_7 a = cl_10Var.a();
        if (a == null) {
            throw new XAdESException("CertRefs is undefined.", XAdESException.ecNodeNotFound);
        }
        List<cl_5> a2 = a.a();
        if (a2.isEmpty()) {
            throw new XAdESException("Certificate references not found in CertRefs.", XAdESException.ecNodeNotFound);
        }
        cl_13 cl_13Var = (cl_13) treeMap.get(cl_60.COMPLETE_REVOCATION_REFS);
        if (cl_13Var == null) {
            cl_13Var = (cl_13) treeMap.get(cl_60.COMPLETE_REVOCATION_REFSV2);
        }
        if (cl_13Var == null) {
            throw new XAdESException("complete-revocation-reference is undefined.", XAdESException.ecNodeNotFound);
        }
        List<ru.CryptoPro.XAdES.cl_1> b = cl_13Var.b();
        List<cl_28> a3 = cl_13Var.a();
        cl_8 cl_8Var = (cl_8) treeMap.get(cl_60.CERTIFICATE_VALUES);
        if (cl_8Var == null) {
            throw new XAdESException("certificate-values is undefined.", XAdESException.ecNodeNotFound);
        }
        this.c.addAll(cl_8Var.a());
        AdESXLongType1AttributeDecoder adESXLongType1AttributeDecoder = this.h;
        if (adESXLongType1AttributeDecoder != null && (adESXLongType1AttributeDecoder instanceof ru.CryptoPro.XAdES.pc_1.pc_0.cl_0)) {
            this.c.addAll(((ru.CryptoPro.XAdES.pc_1.pc_0.cl_0) adESXLongType1AttributeDecoder).a());
        }
        cl_34 cl_34Var = (cl_34) treeMap.get(cl_60.REVOCATION_VALUES);
        if (cl_34Var == null) {
            throw new XAdESException("revocation-values is undefined.", XAdESException.ecNodeNotFound);
        }
        cl_30 a4 = cl_34Var.a();
        HashSet hashSet = new HashSet();
        if (a4 != null) {
            hashSet.addAll(a4.a());
        }
        cl_3 b2 = cl_34Var.b();
        HashSet hashSet2 = new HashSet();
        if (b2 != null) {
            hashSet2.addAll(b2.a());
        }
        JCPLogger.fine("Extracting signing certificate reference...");
        cl_50 cl_50Var = (cl_50) treeMap.get(cl_60.SIGNING_CERTIFICATE);
        if (cl_50Var == null) {
            JCPLogger.fine("Extracting signing certificate V2 reference...");
            cl_50Var = (cl_53) treeMap.get(cl_60.SIGNING_CERTIFICATEV2);
        }
        if (cl_50Var == null) {
            throw new XAdESException("Signing certificate is undefined.", XAdESException.ecNodeNotFound);
        }
        OtherCertID a5 = cl_50Var.a();
        try {
            this.f.clear();
            this.g.clear();
            JCPLogger.fine("Normalization for signer certificate...");
            a(a5, a3, b, hashSet, hashSet2);
            Iterator<cl_5> it = a2.iterator();
            while (it.hasNext()) {
                OtherCertID a6 = cl_5.a(it.next());
                JCPLogger.fine("Normalization of other certificate...");
                a(a6, a3, b, hashSet, hashSet2);
            }
            if (this.f.isEmpty() || this.g.isEmpty()) {
                if (!this.f.isEmpty()) {
                    revocationValues = new RevocationValues(null, (BasicOCSPResponse[]) this.f.toArray(new BasicOCSPResponse[this.f.size()]), null);
                } else if (!this.g.isEmpty()) {
                    revocationValues = new RevocationValues((CertificateList[]) this.g.toArray(new CertificateList[this.g.size()]), null, null);
                }
                this.d = revocationValues;
            } else {
                this.d = new RevocationValues((CertificateList[]) this.g.toArray(new CertificateList[this.g.size()]), (BasicOCSPResponse[]) this.f.toArray(new BasicOCSPResponse[this.f.size()]), null);
            }
            JCPLogger.subExit();
        } catch (AdESException e) {
            throw new XAdESException(e, e.getErrorCode());
        } catch (Exception e2) {
            throw new XAdESException(e2, XAdESException.ecNormalizingFailed);
        }
    }

    @Override // ru.CryptoPro.AdES.external.decode.AdESXLongType1AttributeParametersDecoder
    public List<X509Certificate> getCertificateValues() {
        return Collections.unmodifiableList(this.c);
    }

    @Override // ru.CryptoPro.AdES.external.decode.AdESXLongType1AttributeParametersDecoder
    public List<OtherCertID> getCompleteCertificateReferences() {
        return Collections.unmodifiableList(this.a);
    }

    @Override // ru.CryptoPro.AdES.external.decode.AdESXLongType1AttributeParametersDecoder
    public List<CrlOcspRef> getCompleteRevocationReferences() {
        return Collections.unmodifiableList(this.b);
    }

    @Override // ru.CryptoPro.AdES.external.decode.AdESXLongType1AttributeParametersDecoder
    public RevocationValues getRevocationValues() {
        return this.d;
    }

    @Override // ru.CryptoPro.AdES.external.decode.ParentalDecoder
    public void setParentalDecoder(AdESXLongType1AttributeDecoder adESXLongType1AttributeDecoder) {
        this.h = adESXLongType1AttributeDecoder;
    }

    @Override // ru.CryptoPro.AdES.tools.ProviderUtility
    public void setProvider(String str) {
        this.e = str;
    }
}
