package org.bouncycastle.jce.provider;

import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.cert.CertStoreException;
import java.security.cert.CertStoreParameters;
import java.security.cert.CertStoreSpi;
import java.security.cert.X509CertSelector;
import java.util.HashSet;
import java.util.Properties;
import java.util.Set;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.security.auth.x500.X500Principal;
import org.apache.pdfbox.contentstream.operator.OperatorName;
import org.bouncycastle.jce.X509LDAPCertStoreParameters;

/* loaded from: classes5.dex */
public class X509LDAPCertStoreSpi extends CertStoreSpi {
    private static String LDAP_PROVIDER = "com.sun.jndi.ldap.LdapCtxFactory";
    private static String REFERRALS_IGNORE = "ignore";
    private static final String SEARCH_SECURITY_LEVEL = "none";
    private static final String URL_CONTEXT_PREFIX = "com.sun.jndi.url";
    private X509LDAPCertStoreParameters params;

    public X509LDAPCertStoreSpi(CertStoreParameters certStoreParameters) throws InvalidAlgorithmParameterException {
        super(certStoreParameters);
        if (!(certStoreParameters instanceof X509LDAPCertStoreParameters)) {
            throw new InvalidAlgorithmParameterException(((String) X509LDAPCertStoreSpi.class.getDeclaringType()) + ": parameter must be a " + ((String) X509LDAPCertStoreParameters.class.getDeclaringType()) + " object\n" + certStoreParameters.toString());
        }
        this.params = (X509LDAPCertStoreParameters) certStoreParameters;
    }

    private Set certSubjectSerialSearch(X509CertSelector x509CertSelector, String[] strArr, String str, String str2) throws CertStoreException {
        String name;
        String str3;
        Set search;
        HashSet hashSet = new HashSet();
        try {
            if (x509CertSelector.getSubjectAsBytes() == null && x509CertSelector.getSubjectAsString() == null && x509CertSelector.getCertificate() == null) {
                search = search(str, "*", strArr);
                hashSet.addAll(search);
                return hashSet;
            }
            if (x509CertSelector.getCertificate() != null) {
                name = x509CertSelector.getCertificate().getSubjectX500Principal().getName("RFC1779");
                str3 = x509CertSelector.getCertificate().getSerialNumber().toString();
            } else {
                name = x509CertSelector.getSubjectAsBytes() != null ? new X500Principal(x509CertSelector.getSubjectAsBytes()).getName("RFC1779") : x509CertSelector.getSubjectAsString();
                str3 = null;
            }
            hashSet.addAll(search(str, "*" + parseDN(name, str2) + "*", strArr));
            if (str3 != null && this.params.getSearchForSerialNumberIn() != null) {
                search = search(this.params.getSearchForSerialNumberIn(), "*" + str3 + "*", strArr);
                hashSet.addAll(search);
            }
            return hashSet;
        } catch (IOException e) {
            throw new CertStoreException("exception processing selector: " + e);
        }
    }

    private DirContext connectLDAP() throws NamingException {
        Properties properties = new Properties();
        properties.setProperty("java.naming.factory.initial", LDAP_PROVIDER);
        properties.setProperty("java.naming.batchsize", "0");
        properties.setProperty("java.naming.provider.url", this.params.getLdapURL());
        properties.setProperty("java.naming.factory.url.pkgs", URL_CONTEXT_PREFIX);
        properties.setProperty("java.naming.referral", REFERRALS_IGNORE);
        properties.setProperty("java.naming.security.authentication", "none");
        return new InitialDirContext(properties);
    }

    private Set getCACertificates(X509CertSelector x509CertSelector) throws CertStoreException {
        String[] strArr = {this.params.getCACertificateAttribute()};
        Set certSubjectSerialSearch = certSubjectSerialSearch(x509CertSelector, strArr, this.params.getLdapCACertificateAttributeName(), this.params.getCACertificateSubjectAttributeName());
        if (certSubjectSerialSearch.isEmpty()) {
            certSubjectSerialSearch.addAll(search(null, "*", strArr));
        }
        return certSubjectSerialSearch;
    }

    private Set getCrossCertificates(X509CertSelector x509CertSelector) throws CertStoreException {
        String[] strArr = {this.params.getCrossCertificateAttribute()};
        Set certSubjectSerialSearch = certSubjectSerialSearch(x509CertSelector, strArr, this.params.getLdapCrossCertificateAttributeName(), this.params.getCrossCertificateSubjectAttributeName());
        if (certSubjectSerialSearch.isEmpty()) {
            certSubjectSerialSearch.addAll(search(null, "*", strArr));
        }
        return certSubjectSerialSearch;
    }

    private Set getEndCertificates(X509CertSelector x509CertSelector) throws CertStoreException {
        return certSubjectSerialSearch(x509CertSelector, new String[]{this.params.getUserCertificateAttribute()}, this.params.getLdapUserCertificateAttributeName(), this.params.getUserCertificateSubjectAttributeName());
    }

    private String parseDN(String str, String str2) {
        String substring = str.substring(str.toLowerCase().indexOf(str2.toLowerCase()) + str2.length());
        int indexOf = substring.indexOf(44);
        if (indexOf == -1) {
            indexOf = substring.length();
        }
        while (substring.charAt(indexOf - 1) == '\\') {
            indexOf = substring.indexOf(44, indexOf + 1);
            if (indexOf == -1) {
                indexOf = substring.length();
            }
        }
        String substring2 = substring.substring(0, indexOf);
        String substring3 = substring2.substring(substring2.indexOf(61) + 1);
        if (substring3.charAt(0) == ' ') {
            substring3 = substring3.substring(1);
        }
        if (substring3.startsWith(OperatorName.SHOW_TEXT_LINE_AND_SPACE)) {
            substring3 = substring3.substring(1);
        }
        return substring3.endsWith(OperatorName.SHOW_TEXT_LINE_AND_SPACE) ? substring3.substring(0, substring3.length() - 1) : substring3;
    }

    private Set search(String str, String str2, String[] strArr) throws CertStoreException {
        String str3 = str + "=" + str2;
        DirContext dirContext = null;
        if (str == null) {
            str3 = null;
        }
        HashSet hashSet = new HashSet();
        try {
            try {
                dirContext = connectLDAP();
                SearchControls searchControls = new SearchControls();
                searchControls.setSearchScope(2);
                searchControls.setCountLimit(0L);
                for (String str4 : strArr) {
                    String[] strArr2 = {str4};
                    searchControls.setReturningAttributes(strArr2);
                    String str5 = "(&(" + str3 + ")(" + strArr2[0] + "=*))";
                    if (str3 == null) {
                        str5 = "(" + strArr2[0] + "=*)";
                    }
                    NamingEnumeration search = dirContext.search(this.params.getBaseDN(), str5, searchControls);
                    while (search.hasMoreElements()) {
                        NamingEnumeration all = ((Attribute) ((SearchResult) search.next()).getAttributes().getAll().next()).getAll();
                        while (all.hasMore()) {
                            hashSet.add(all.next());
                        }
                    }
                }
                if (dirContext != null) {
                    try {
                        dirContext.close();
                    } catch (Exception unused) {
                    }
                }
                return hashSet;
            } catch (Exception e) {
                throw new CertStoreException("Error getting results from LDAP directory " + e);
            }
        } catch (Throwable th) {
            if (dirContext != null) {
                try {
                    dirContext.close();
                } catch (Exception unused2) {
                }
            }
            throw th;
        }
    }

    /*  JADX ERROR: JadxRuntimeException in pass: ModVisitor
        jadx.core.utils.exceptions.JadxRuntimeException: Can't remove SSA var: r3v3 java.io.ByteArrayInputStream, still in use, count: 2, list:
          (r3v3 java.io.ByteArrayInputStream) from 0x00a4: INVOKE (r3v3 java.io.ByteArrayInputStream) DIRECT call: org.eclipse.jdt.core.dom.SingleVariableDeclaration.getType():org.eclipse.jdt.core.dom.Type A[Catch: Exception -> 0x00b6]
          (r3v3 java.io.ByteArrayInputStream) from 0x00a7: INVOKE (r3v4 java.security.cert.CRL) = (r2v6 java.security.cert.CertificateFactory), (r3v3 java.io.ByteArrayInputStream) VIRTUAL call: java.security.cert.CertificateFactory.generateCRL(java.io.InputStream):java.security.cert.CRL A[Catch: Exception -> 0x00b6, MD:(java.io.InputStream):java.security.cert.CRL throws java.security.cert.CRLException (c)]
        	at jadx.core.utils.InsnRemover.removeSsaVar(InsnRemover.java:151)
        	at jadx.core.utils.InsnRemover.unbindResult(InsnRemover.java:116)
        	at jadx.core.utils.InsnRemover.unbindInsn(InsnRemover.java:80)
        	at jadx.core.utils.InsnRemover.addAndUnbind(InsnRemover.java:56)
        	at jadx.core.dex.visitors.ModVisitor.removeStep(ModVisitor.java:447)
        	at jadx.core.dex.visitors.ModVisitor.visit(ModVisitor.java:96)
        */
    @Override // java.security.cert.CertStoreSpi
    public java.util.Collection engineGetCRLs(java.security.cert.CRLSelector r10) throws java.security.cert.CertStoreException {
        /*
            r9 = this;
            org.bouncycastle.jce.X509LDAPCertStoreParameters r0 = r9.params
            java.lang.String r0 = r0.getCertificateRevocationListAttribute()
            java.lang.String[] r0 = new java.lang.String[]{r0}
            boolean r1 = r10 instanceof java.security.cert.X509CRLSelector
            if (r1 == 0) goto Lcc
            java.security.cert.X509CRLSelector r10 = (java.security.cert.X509CRLSelector) r10
            java.util.HashSet r1 = new java.util.HashSet
            r1.<init>()
            org.bouncycastle.jce.X509LDAPCertStoreParameters r2 = r9.params
            java.lang.String r2 = r2.getLdapCertificateRevocationListAttributeName()
            java.util.HashSet r3 = new java.util.HashSet
            r3.<init>()
            java.util.Collection r4 = r10.getIssuerNames()
            java.lang.String r5 = "*"
            if (r4 == 0) goto L79
            java.util.Collection r4 = r10.getIssuerNames()
            java.util.Iterator r4 = r4.iterator()
        L30:
            boolean r6 = r4.hasNext()
            if (r6 == 0) goto L80
            java.lang.Object r6 = r4.next()
            boolean r7 = r6 instanceof java.lang.String
            if (r7 == 0) goto L47
            org.bouncycastle.jce.X509LDAPCertStoreParameters r7 = r9.params
            java.lang.String r7 = r7.getCertificateRevocationListIssuerAttributeName()
            java.lang.String r6 = (java.lang.String) r6
            goto L5c
        L47:
            org.bouncycastle.jce.X509LDAPCertStoreParameters r7 = r9.params
            java.lang.String r7 = r7.getCertificateRevocationListIssuerAttributeName()
            javax.security.auth.x500.X500Principal r8 = new javax.security.auth.x500.X500Principal
            byte[] r6 = (byte[]) r6
            byte[] r6 = (byte[]) r6
            r8.<init>(r6)
            java.lang.String r6 = "RFC1779"
            java.lang.String r6 = r8.getName(r6)
        L5c:
            java.lang.String r6 = r9.parseDN(r6, r7)
            java.lang.StringBuilder r7 = new java.lang.StringBuilder
            r7.<init>(r5)
            java.lang.StringBuilder r6 = r7.append(r6)
            java.lang.StringBuilder r6 = r6.append(r5)
            java.lang.String r6 = r6.toString()
            java.util.Set r6 = r9.search(r2, r6, r0)
            r3.addAll(r6)
            goto L30
        L79:
            java.util.Set r2 = r9.search(r2, r5, r0)
            r3.addAll(r2)
        L80:
            r2 = 0
            java.util.Set r0 = r9.search(r2, r5, r0)
            r3.addAll(r0)
            java.util.Iterator r0 = r3.iterator()
            java.lang.String r2 = "X.509"
            java.lang.String r3 = "BC"
            java.security.cert.CertificateFactory r2 = java.security.cert.CertificateFactory.getInstance(r2, r3)     // Catch: java.lang.Exception -> Lb6
        L94:
            boolean r3 = r0.hasNext()     // Catch: java.lang.Exception -> Lb6
            if (r3 == 0) goto Lb5
            java.io.ByteArrayInputStream r3 = new java.io.ByteArrayInputStream     // Catch: java.lang.Exception -> Lb6
            java.lang.Object r4 = r0.next()     // Catch: java.lang.Exception -> Lb6
            byte[] r4 = (byte[]) r4     // Catch: java.lang.Exception -> Lb6
            byte[] r4 = (byte[]) r4     // Catch: java.lang.Exception -> Lb6
            r3.getType()     // Catch: java.lang.Exception -> Lb6
            java.security.cert.CRL r3 = r2.generateCRL(r3)     // Catch: java.lang.Exception -> Lb6
            boolean r4 = r10.match(r3)     // Catch: java.lang.Exception -> Lb6
            if (r4 == 0) goto L94
            r1.add(r3)     // Catch: java.lang.Exception -> Lb6
            goto L94
        Lb5:
            return r1
        Lb6:
            r10 = move-exception
            java.security.cert.CertStoreException r0 = new java.security.cert.CertStoreException
            java.lang.StringBuilder r1 = new java.lang.StringBuilder
            java.lang.String r2 = "CRL cannot be constructed from LDAP result "
            r1.<init>(r2)
            java.lang.StringBuilder r10 = r1.append(r10)
            java.lang.String r10 = r10.toString()
            r0.<init>(r10)
            throw r0
        Lcc:
            java.security.cert.CertStoreException r10 = new java.security.cert.CertStoreException
            java.lang.String r0 = "selector is not a X509CRLSelector"
            r10.<init>(r0)
            throw r10
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jce.provider.X509LDAPCertStoreSpi.engineGetCRLs(java.security.cert.CRLSelector):java.util.Collection");
    }

    /*  JADX ERROR: JadxRuntimeException in pass: ModVisitor
        jadx.core.utils.exceptions.JadxRuntimeException: Can't remove SSA var: r4v3 java.io.ByteArrayInputStream, still in use, count: 2, list:
          (r4v3 java.io.ByteArrayInputStream) from 0x008b: INVOKE (r4v3 java.io.ByteArrayInputStream) DIRECT call: org.eclipse.jdt.core.dom.SingleVariableDeclaration.getType():org.eclipse.jdt.core.dom.Type A[Catch: Exception -> 0x009d, TRY_LEAVE]
          (r4v3 java.io.ByteArrayInputStream) from 0x008e: INVOKE (r4v4 java.security.cert.Certificate) = (r2v4 java.security.cert.CertificateFactory), (r4v3 java.io.ByteArrayInputStream) VIRTUAL call: java.security.cert.CertificateFactory.generateCertificate(java.io.InputStream):java.security.cert.Certificate A[Catch: Exception -> 0x007b, MD:(java.io.InputStream):java.security.cert.Certificate throws java.security.cert.CertificateException (c), TRY_ENTER]
        	at jadx.core.utils.InsnRemover.removeSsaVar(InsnRemover.java:151)
        	at jadx.core.utils.InsnRemover.unbindResult(InsnRemover.java:116)
        	at jadx.core.utils.InsnRemover.unbindInsn(InsnRemover.java:80)
        	at jadx.core.utils.InsnRemover.addAndUnbind(InsnRemover.java:56)
        	at jadx.core.dex.visitors.ModVisitor.removeStep(ModVisitor.java:447)
        	at jadx.core.dex.visitors.ModVisitor.visit(ModVisitor.java:96)
        */
    @Override // java.security.cert.CertStoreSpi
    public java.util.Collection engineGetCertificates(java.security.cert.CertSelector r7) throws java.security.cert.CertStoreException {
        /*
            r6 = this;
            boolean r0 = r7 instanceof java.security.cert.X509CertSelector
            if (r0 == 0) goto Lb3
            java.security.cert.X509CertSelector r7 = (java.security.cert.X509CertSelector) r7
            java.util.HashSet r0 = new java.util.HashSet
            r0.<init>()
            java.util.Set r1 = r6.getEndCertificates(r7)
            java.util.Set r2 = r6.getCACertificates(r7)
            r1.addAll(r2)
            java.util.Set r2 = r6.getCrossCertificates(r7)
            r1.addAll(r2)
            java.util.Iterator r1 = r1.iterator()
            java.lang.String r2 = "X.509"
            java.lang.String r3 = "BC"
            java.security.cert.CertificateFactory r2 = java.security.cert.CertificateFactory.getInstance(r2, r3)     // Catch: java.lang.Exception -> L9d
        L29:
            boolean r3 = r1.hasNext()     // Catch: java.lang.Exception -> L9d
            if (r3 == 0) goto L9c
            java.lang.Object r3 = r1.next()     // Catch: java.lang.Exception -> L9d
            byte[] r3 = (byte[]) r3     // Catch: java.lang.Exception -> L9d
            byte[] r3 = (byte[]) r3     // Catch: java.lang.Exception -> L9d
            if (r3 == 0) goto L29
            int r4 = r3.length     // Catch: java.lang.Exception -> L9d
            if (r4 != 0) goto L3d
            goto L29
        L3d:
            java.util.ArrayList r4 = new java.util.ArrayList     // Catch: java.lang.Exception -> L9d
            r4.<init>()     // Catch: java.lang.Exception -> L9d
            r4.add(r3)     // Catch: java.lang.Exception -> L9d
            org.bouncycastle.asn1.ASN1InputStream r5 = new org.bouncycastle.asn1.ASN1InputStream     // Catch: java.lang.Throwable -> L77 java.lang.Exception -> L9d
            r5.<init>(r3)     // Catch: java.lang.Throwable -> L77 java.lang.Exception -> L9d
            org.bouncycastle.asn1.ASN1Primitive r3 = r5.readObject()     // Catch: java.lang.Throwable -> L77 java.lang.Exception -> L9d
            org.bouncycastle.asn1.x509.CertificatePair r3 = org.bouncycastle.asn1.x509.CertificatePair.getInstance(r3)     // Catch: java.lang.Throwable -> L77 java.lang.Exception -> L9d
            r4.clear()     // Catch: java.lang.Throwable -> L77 java.lang.Exception -> L9d
            org.bouncycastle.asn1.x509.Certificate r5 = r3.getForward()     // Catch: java.lang.Throwable -> L77 java.lang.Exception -> L9d
            if (r5 == 0) goto L66
            org.bouncycastle.asn1.x509.Certificate r5 = r3.getForward()     // Catch: java.lang.Throwable -> L77 java.lang.Exception -> L9d
            byte[] r5 = r5.getEncoded()     // Catch: java.lang.Throwable -> L77 java.lang.Exception -> L9d
            r4.add(r5)     // Catch: java.lang.Throwable -> L77 java.lang.Exception -> L9d
        L66:
            org.bouncycastle.asn1.x509.Certificate r5 = r3.getReverse()     // Catch: java.lang.Throwable -> L77 java.lang.Exception -> L9d
            if (r5 == 0) goto L77
            org.bouncycastle.asn1.x509.Certificate r3 = r3.getReverse()     // Catch: java.lang.Throwable -> L77 java.lang.Exception -> L9d
            byte[] r3 = r3.getEncoded()     // Catch: java.lang.Throwable -> L77 java.lang.Exception -> L9d
            r4.add(r3)     // Catch: java.lang.Throwable -> L77 java.lang.Exception -> L9d
        L77:
            java.util.Iterator r3 = r4.iterator()     // Catch: java.lang.Exception -> L9d
        L7b:
            boolean r4 = r3.hasNext()     // Catch: java.lang.Exception -> L9d
            if (r4 == 0) goto L29
            java.io.ByteArrayInputStream r4 = new java.io.ByteArrayInputStream     // Catch: java.lang.Exception -> L9d
            java.lang.Object r5 = r3.next()     // Catch: java.lang.Exception -> L9d
            byte[] r5 = (byte[]) r5     // Catch: java.lang.Exception -> L9d
            byte[] r5 = (byte[]) r5     // Catch: java.lang.Exception -> L9d
            r4.getType()     // Catch: java.lang.Exception -> L9d
            java.security.cert.Certificate r4 = r2.generateCertificate(r4)     // Catch: java.lang.Exception -> L7b
            boolean r5 = r7.match(r4)     // Catch: java.lang.Exception -> L7b
            if (r5 == 0) goto L7b
            r0.add(r4)     // Catch: java.lang.Exception -> L7b
            goto L7b
        L9c:
            return r0
        L9d:
            r7 = move-exception
            java.security.cert.CertStoreException r0 = new java.security.cert.CertStoreException
            java.lang.StringBuilder r1 = new java.lang.StringBuilder
            java.lang.String r2 = "certificate cannot be constructed from LDAP result: "
            r1.<init>(r2)
            java.lang.StringBuilder r7 = r1.append(r7)
            java.lang.String r7 = r7.toString()
            r0.<init>(r7)
            throw r0
        Lb3:
            java.security.cert.CertStoreException r7 = new java.security.cert.CertStoreException
            java.lang.String r0 = "selector is not a X509CertSelector"
            r7.<init>(r0)
            throw r7
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jce.provider.X509LDAPCertStoreSpi.engineGetCertificates(java.security.cert.CertSelector):java.util.Collection");
    }
}
