package com.thursby.pkard.util;

import com.google.firebase.crashlytics.buildtools.reloc.org.apache.http.HttpHost;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import org.spongycastle.cert.X509CertificateHolder;

/* loaded from: classes3.dex */
public class X509Parser {
    private static final String a = "X509Parser";
    private static int b = 7;

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:19:0x0044  */
    /* JADX WARN: Type inference failed for: r4v0, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r4v2 */
    /* JADX WARN: Type inference failed for: r4v4, types: [java.net.HttpURLConnection] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.cert.X509Certificate fetchCertFromUrl(java.lang.String r4) {
        /*
            r0 = 0
            java.net.URL r1 = new java.net.URL     // Catch: java.lang.Throwable -> L31 java.lang.Exception -> L36
            r1.<init>(r4)     // Catch: java.lang.Throwable -> L31 java.lang.Exception -> L36
            java.net.URLConnection r4 = r1.openConnection()     // Catch: java.lang.Throwable -> L31 java.lang.Exception -> L36
            java.net.HttpURLConnection r4 = (java.net.HttpURLConnection) r4     // Catch: java.lang.Throwable -> L31 java.lang.Exception -> L36
            java.lang.String r1 = "GET"
            r4.setRequestMethod(r1)     // Catch: java.lang.Exception -> L2f java.lang.Throwable -> L41
            r1 = 0
            r4.setUseCaches(r1)     // Catch: java.lang.Exception -> L2f java.lang.Throwable -> L41
            r1 = 1
            r4.setDoInput(r1)     // Catch: java.lang.Exception -> L2f java.lang.Throwable -> L41
            java.io.InputStream r1 = r4.getInputStream()     // Catch: java.lang.Exception -> L2f java.lang.Throwable -> L41
            java.lang.String r2 = "X509"
            java.security.cert.CertificateFactory r2 = java.security.cert.CertificateFactory.getInstance(r2)     // Catch: java.lang.Exception -> L2f java.lang.Throwable -> L41
            java.security.cert.Certificate r1 = r2.generateCertificate(r1)     // Catch: java.lang.Exception -> L2f java.lang.Throwable -> L41
            java.security.cert.X509Certificate r1 = (java.security.cert.X509Certificate) r1     // Catch: java.lang.Exception -> L2f java.lang.Throwable -> L41
            if (r4 == 0) goto L2e
            r4.disconnect()
        L2e:
            return r1
        L2f:
            r1 = move-exception
            goto L38
        L31:
            r4 = move-exception
            r3 = r0
            r0 = r4
            r4 = r3
            goto L42
        L36:
            r1 = move-exception
            r4 = r0
        L38:
            r1.printStackTrace()     // Catch: java.lang.Throwable -> L41
            if (r4 == 0) goto L40
            r4.disconnect()
        L40:
            return r0
        L41:
            r0 = move-exception
        L42:
            if (r4 == 0) goto L47
            r4.disconnect()
        L47:
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.thursby.pkard.util.X509Parser.fetchCertFromUrl(java.lang.String):java.security.cert.X509Certificate");
    }

    public static X509Certificate[] fetchIntermediatesFromCertificate(X509Certificate x509Certificate, KeyStore keyStore) throws Exception {
        ArrayList arrayList = new ArrayList();
        arrayList.add(x509Certificate);
        String certIssuerUrl = getCertIssuerUrl(x509Certificate);
        if (certIssuerUrl != null && !certIssuerUrl.startsWith(HttpHost.DEFAULT_SCHEME_NAME)) {
            return (X509Certificate[]) arrayList.toArray(new X509Certificate[0]);
        }
        while (true) {
            if (certIssuerUrl == null || arrayList.size() >= b) {
                break;
            }
            X509Certificate fetchCertFromUrl = fetchCertFromUrl(certIssuerUrl);
            if (fetchCertFromUrl == null) {
                break;
            }
            String str = a;
            Log.d(str, "building certificate chain");
            Log.d(str, "sub:" + fetchCertFromUrl.getSubjectDN().getName() + "\n issuer:" + fetchCertFromUrl.getIssuerDN().getName());
            arrayList.add(fetchCertFromUrl);
            if (keyStore != null && keyStore.getCertificateAlias(fetchCertFromUrl) != null) {
                Log.d(str, "found trust anchor, stop.");
                break;
            }
            if (!fetchCertFromUrl.getSubjectDN().equals(((X509Certificate) arrayList.get(arrayList.size() - 1)).getIssuerDN())) {
                Log.d(str, "subject does not match the expected issuer of the previous certificate");
                Log.d(str, "found:" + fetchCertFromUrl.getSubjectDN().getName() + "\n expected:" + ((X509Certificate) arrayList.get(arrayList.size() - 1)).getIssuerDN().getName());
                break;
            }
            if (fetchCertFromUrl.getSubjectDN().equals(fetchCertFromUrl.getIssuerDN())) {
                Log.d(str, "found CA, stop.");
                break;
            }
            certIssuerUrl = getCertIssuerUrl(fetchCertFromUrl);
            if (!certIssuerUrl.startsWith(HttpHost.DEFAULT_SCHEME_NAME)) {
                break;
            }
        }
        Collections.reverse(arrayList);
        return (X509Certificate[]) arrayList.toArray(new X509Certificate[0]);
    }

    /* JADX WARN: Removed duplicated region for block: B:38:0x00a6  */
    /* JADX WARN: Removed duplicated region for block: B:40:0x00ab  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.lang.String getCertIssuerUrl(java.security.cert.X509Certificate r9) throws java.lang.Exception {
        /*
            org.spongycastle.asn1.ASN1ObjectIdentifier r0 = org.spongycastle.asn1.x509.X509ObjectIdentifiers.id_ad_caIssuers
            org.spongycastle.asn1.ASN1ObjectIdentifier r1 = org.spongycastle.asn1.x509.Extension.authorityInfoAccess
            java.lang.String r1 = r1.getId()
            byte[] r9 = r9.getExtensionValue(r1)
            r1 = 0
            if (r9 != 0) goto L10
            return r1
        L10:
            java.io.ByteArrayInputStream r2 = new java.io.ByteArrayInputStream     // Catch: java.lang.Throwable -> L96 java.io.IOException -> L9a
            r2.<init>(r9)     // Catch: java.lang.Throwable -> L96 java.io.IOException -> L9a
            org.spongycastle.asn1.ASN1InputStream r9 = new org.spongycastle.asn1.ASN1InputStream     // Catch: java.lang.Throwable -> L96 java.io.IOException -> L9a
            r9.<init>(r2)     // Catch: java.lang.Throwable -> L96 java.io.IOException -> L9a
            org.spongycastle.asn1.ASN1Primitive r2 = r9.readObject()     // Catch: java.lang.Throwable -> L8e java.io.IOException -> L92
            org.spongycastle.asn1.DEROctetString r2 = (org.spongycastle.asn1.DEROctetString) r2     // Catch: java.lang.Throwable -> L8e java.io.IOException -> L92
            org.spongycastle.asn1.ASN1InputStream r3 = new org.spongycastle.asn1.ASN1InputStream     // Catch: java.lang.Throwable -> L8e java.io.IOException -> L92
            byte[] r2 = r2.getOctets()     // Catch: java.lang.Throwable -> L8e java.io.IOException -> L92
            r3.<init>(r2)     // Catch: java.lang.Throwable -> L8e java.io.IOException -> L92
            org.spongycastle.asn1.ASN1Primitive r2 = r3.readObject()     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            org.spongycastle.asn1.x509.AuthorityInformationAccess r2 = org.spongycastle.asn1.x509.AuthorityInformationAccess.getInstance(r2)     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            org.spongycastle.asn1.x509.AccessDescription[] r2 = r2.getAccessDescriptions()     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            int r4 = r2.length     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            r5 = 0
        L37:
            if (r5 >= r4) goto L83
            r6 = r2[r5]     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            org.spongycastle.asn1.ASN1ObjectIdentifier r7 = r6.getAccessMethod()     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            boolean r7 = r7.equals(r0)     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            if (r7 != 0) goto L46
            goto L51
        L46:
            org.spongycastle.asn1.x509.GeneralName r6 = r6.getAccessLocation()     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            int r7 = r6.getTagNo()     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            r8 = 6
            if (r7 == r8) goto L54
        L51:
            int r5 = r5 + 1
            goto L37
        L54:
            org.spongycastle.asn1.ASN1Primitive r0 = r6.toASN1Primitive()     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            org.spongycastle.asn1.DERTaggedObject r0 = (org.spongycastle.asn1.DERTaggedObject) r0     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            org.spongycastle.asn1.ASN1Primitive r0 = r0.getObject()     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            org.spongycastle.asn1.DERIA5String r0 = (org.spongycastle.asn1.DERIA5String) r0     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            java.lang.String r0 = r0.getString()     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            java.lang.String r1 = com.thursby.pkard.util.X509Parser.a     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            java.lang.StringBuilder r2 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            r2.<init>()     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            java.lang.String r4 = "CA URL: "
            java.lang.StringBuilder r2 = r2.append(r4)     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            java.lang.StringBuilder r2 = r2.append(r0)     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            java.lang.String r2 = r2.toString()     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            com.thursby.pkard.util.Log.d(r1, r2)     // Catch: java.lang.Throwable -> L8a java.io.IOException -> L8c
            r9.close()
            r3.close()
            return r0
        L83:
            r9.close()
            r3.close()
            return r1
        L8a:
            r0 = move-exception
            goto L90
        L8c:
            r0 = move-exception
            goto L94
        L8e:
            r0 = move-exception
            r3 = r1
        L90:
            r1 = r9
            goto La4
        L92:
            r0 = move-exception
            r3 = r1
        L94:
            r1 = r9
            goto L9d
        L96:
            r9 = move-exception
            r0 = r9
            r3 = r1
            goto La4
        L9a:
            r9 = move-exception
            r0 = r9
            r3 = r1
        L9d:
            java.lang.Exception r9 = new java.lang.Exception     // Catch: java.lang.Throwable -> La3
            r9.<init>(r0)     // Catch: java.lang.Throwable -> La3
            throw r9     // Catch: java.lang.Throwable -> La3
        La3:
            r0 = move-exception
        La4:
            if (r1 == 0) goto La9
            r1.close()
        La9:
            if (r3 == 0) goto Lae
            r3.close()
        Lae:
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.thursby.pkard.util.X509Parser.getCertIssuerUrl(java.security.cert.X509Certificate):java.lang.String");
    }

    public static String getDnsName(X509Certificate x509Certificate) {
        String str = null;
        try {
            Collection<List<?>> issuerAlternativeNames = x509Certificate.getIssuerAlternativeNames();
            if (issuerAlternativeNames != null) {
                for (List<?> list : issuerAlternativeNames) {
                    Integer num = (Integer) list.get(0);
                    Object obj = list.get(1);
                    String str2 = a;
                    Log.d(str2, "name type: " + num);
                    if (num.intValue() == 2) {
                        if (obj instanceof String) {
                            str = " (" + ((String) obj) + ")";
                            Log.d(str2, "DNS: " + str);
                        } else {
                            Log.d(str2, "DNS not returned as a String");
                        }
                    }
                }
            }
        } catch (CertificateException unused) {
            Log.d(a, "Unable to find DNS Name from certificate");
        }
        return str;
    }

    public static String getRfc822Name(X509Certificate x509Certificate) {
        String str = null;
        try {
            Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
            if (subjectAlternativeNames != null) {
                for (List<?> list : subjectAlternativeNames) {
                    Integer num = (Integer) list.get(0);
                    Object obj = list.get(1);
                    String str2 = a;
                    Log.d(str2, "name type: " + num);
                    if (num.intValue() == 1) {
                        if (obj instanceof String) {
                            String str3 = (String) obj;
                            try {
                                Log.d(str2, "RFC822: " + str3);
                                str = str3;
                            } catch (CertificateException unused) {
                                str = str3;
                                Log.d(a, "Unable to find RFC822 Name from certificate");
                                return str;
                            }
                        } else {
                            Log.d(str2, "RFC822 not returned as a String");
                        }
                    }
                }
            }
        } catch (CertificateException unused2) {
        }
        return str;
    }

    public static X509Certificate getX509FromBCHolder(X509CertificateHolder x509CertificateHolder) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(x509CertificateHolder.toASN1Structure().getEncoded()));
        } catch (IOException | CertificateException unused) {
            Log.d(a, "Unable to convert from BC holder class");
            return null;
        }
    }
}
