package b.c.b;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.cert.CRLException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.DERIA5String;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.x509.CRLDistPoint;
import org.bouncycastle.asn1.x509.DistributionPoint;
import org.bouncycastle.asn1.x509.DistributionPointName;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.X509Extensions;

/* loaded from: classes.dex */
public final class a {

    /* renamed from: b.c.b.a$a, reason: collision with other inner class name */
    /* loaded from: classes.dex */
    public class C0044a extends Thread {

        /* renamed from: a, reason: collision with root package name */
        public c f1434a;

        /* renamed from: b, reason: collision with root package name */
        public String f1435b;

        /* renamed from: c, reason: collision with root package name */
        public X509CRL f1436c;
        public b d = b.DOWNLOADING;

        public C0044a(a aVar, c cVar, String str) {
            this.f1434a = cVar;
            this.f1435b = str;
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            X509CRL x509crl = null;
            try {
                if (this.f1434a.ordinal() == 0) {
                    x509crl = a.a(this.f1435b);
                }
            } catch (b.c.b.b e) {
                e.printStackTrace();
            } catch (MalformedURLException e2) {
                e2.printStackTrace();
            } catch (IOException e3) {
                e3.printStackTrace();
            } catch (CRLException e4) {
                e4.printStackTrace();
            } catch (CertificateException e5) {
                e5.printStackTrace();
            }
            this.d = b.COMPLETE;
            this.f1436c = x509crl;
        }
    }

    /* loaded from: classes.dex */
    public enum b {
        DOWNLOADING,
        COMPLETE
    }

    /* loaded from: classes.dex */
    public enum c {
        WEB,
        LDAP
    }

    public static X509CRL a(String str) {
        InputStream openStream = new URL(str).openStream();
        try {
            return (X509CRL) CertificateFactory.getInstance("X.509").generateCRL(openStream);
        } finally {
            openStream.close();
        }
    }

    public final X509CRL b(String str) {
        c cVar;
        if (str.startsWith("http://") || str.startsWith("https://") || str.startsWith("ftp://")) {
            cVar = c.WEB;
        } else {
            if (!str.startsWith("ldap://")) {
                throw new b.c.b.b(e.RD_MA_SERVICE_CANNOT_DOWNLOAD_CRL, b.a.a.a.a.d("Can not download CRL from certificate distribution point: ", str));
            }
            cVar = c.LDAP;
        }
        C0044a c0044a = new C0044a(this, cVar, str);
        c0044a.start();
        while (c0044a.d != b.COMPLETE) {
            try {
                Thread.sleep(100L);
            } catch (InterruptedException e) {
                e.printStackTrace();
                return null;
            }
        }
        return c0044a.f1436c;
    }

    public final List<String> c(X509Certificate x509Certificate) {
        byte[] extensionValue = x509Certificate.getExtensionValue(X509Extensions.CRLDistributionPoints.getId());
        if (extensionValue == null) {
            return new ArrayList();
        }
        ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(extensionValue));
        ASN1InputStream aSN1InputStream2 = new ASN1InputStream(new ByteArrayInputStream(((DEROctetString) aSN1InputStream.readObject()).getOctets()));
        CRLDistPoint cRLDistPoint = CRLDistPoint.getInstance(aSN1InputStream2.readObject());
        ArrayList arrayList = new ArrayList();
        for (DistributionPoint distributionPoint : cRLDistPoint.getDistributionPoints()) {
            DistributionPointName distributionPoint2 = distributionPoint.getDistributionPoint();
            if (distributionPoint2 != null && distributionPoint2.getType() == 0) {
                for (GeneralName generalName : GeneralNames.getInstance(distributionPoint2.getName()).getNames()) {
                    if (generalName.getTagNo() == 6) {
                        arrayList.add(DERIA5String.getInstance(generalName.getName()).getString());
                    }
                }
            }
        }
        aSN1InputStream.close();
        aSN1InputStream2.close();
        return arrayList;
    }

    public void d(X509Certificate x509Certificate) {
        try {
            Iterator it = ((ArrayList) c(x509Certificate)).iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                X509CRL b2 = b(str);
                if (b2 != null && b2.isRevoked(x509Certificate)) {
                    throw new b.c.b.b(e.RD_MA_SERVICE_CERT_IS_REVOKED, "The certificate is revoked by CRL: " + str);
                }
            }
        } catch (Exception e) {
            if (e instanceof b.c.b.b) {
                throw ((b.c.b.b) e);
            }
            e.printStackTrace();
            e eVar = e.RD_MA_SERVICE_CERT_CANNOT_VERIFY_CRL;
            StringBuilder o = b.a.a.a.a.o("Can not verify CRL for certificate: ");
            o.append(x509Certificate.getSubjectX500Principal());
            throw new b.c.b.b(eVar, o.toString());
        }
    }
}
