package com.nttdocomo.android.ocsplib;

import android.content.Context;
import com.nttdocomo.android.ocsplib.bouncycastle.asn1.ASN1InputStream;
import com.nttdocomo.android.ocsplib.bouncycastle.asn1.ASN1Primitive;
import com.nttdocomo.android.ocsplib.bouncycastle.asn1.ASN1Sequence;
import com.nttdocomo.android.ocsplib.bouncycastle.asn1.DERIA5String;
import com.nttdocomo.android.ocsplib.bouncycastle.asn1.DEROctetString;
import com.nttdocomo.android.ocsplib.bouncycastle.asn1.x509.AccessDescription;
import com.nttdocomo.android.ocsplib.bouncycastle.asn1.x509.AuthorityInformationAccess;
import com.nttdocomo.android.ocsplib.bouncycastle.asn1.x509.Extension;
import com.nttdocomo.android.ocsplib.bouncycastle.asn1.x509.GeneralName;
import com.nttdocomo.android.ocsplib.bouncycastle.asn1.x509.X509ObjectIdentifiers;
import com.nttdocomo.android.ocsplib.bouncycastle.cert.X509CertificateHolder;
import com.nttdocomo.android.ocsplib.bouncycastle.cert.jcajce.SHA1DigestCalculator;
import com.nttdocomo.android.ocsplib.bouncycastle.cert.ocsp.CertificateID;
import com.nttdocomo.android.ocsplib.bouncycastle.cert.ocsp.OCSPReq;
import com.nttdocomo.android.ocsplib.bouncycastle.cert.ocsp.OCSPReqBuilder;
import com.nttdocomo.android.ocsplib.bouncycastle.cert.ocsp.OCSPResp;
import com.nttdocomo.android.ocsplib.exception.OcspParameterException;
import com.nttdocomo.android.ocsplib.exception.OcspRequestException;
import com.nttdocomo.android.ocsplib.exception.OcspResponseException;
import java.io.BufferedOutputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.MessageDigest;
import java.security.cert.X509Certificate;

/* loaded from: classes.dex */
public class OcspUtil {
    public static final int STATUS_GOOD = 0;
    public static final int STATUS_REVOKED = 1;
    public static final int STATUS_UNKNOWN = 2;
    private static int c = 5000;
    private static final int f = 4096;
    private static int i = 5000;
    private static final String m = "BC";
    private static final String u = "SHA1";

    /* loaded from: classes.dex */
    public class IOException extends RuntimeException {
    }

    /* JADX WARN: Code restructure failed: missing block: B:10:0x0028, code lost:
    
        if (r7.t(new com.nttdocomo.android.ocsplib.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder().k(com.nttdocomo.android.ocsplib.OcspUtil.m).a(r8)) != false) goto L8;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static int i(com.nttdocomo.android.ocsplib.bouncycastle.cert.ocsp.OCSPResp r7, java.security.PublicKey r8, java.lang.String r9) throws com.nttdocomo.android.ocsplib.exception.OcspResponseException {
        /*
            Method dump skipped, instructions count: 396
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.nttdocomo.android.ocsplib.OcspUtil.i(com.nttdocomo.android.ocsplib.bouncycastle.cert.ocsp.OCSPResp, java.security.PublicKey, java.lang.String):int");
    }

    public static void init(Context context) throws OcspParameterException {
        LogUtil.r("init() start");
        if (context == null) {
            LogUtil.r("Failed to initialize library.");
            throw new OcspParameterException("Failed to initialize library.");
        }
        CacheUtil.k(context.getCacheDir());
        LogUtil.r("init() end");
    }

    private static String j(X509Certificate x509Certificate) {
        String str;
        byte[] extensionValue = x509Certificate.getExtensionValue(Extension.h.p());
        if (extensionValue == null) {
            str = "Certificate doesn't have authority information access points.";
        } else {
            try {
                for (AccessDescription accessDescription : AuthorityInformationAccess.p(ASN1Sequence.l(ASN1Primitive.e(((DEROctetString) new ASN1InputStream(extensionValue).y()).o()))).b()) {
                    GeneralName s = accessDescription.s();
                    if (s.z() == 6 && X509ObjectIdentifiers.x.p().equals(accessDescription.t().p())) {
                        return DERIA5String.t(s.j()).c();
                    }
                }
                str = "Cannot find OCSP responder URL from certificate.";
            } catch (java.io.IOException unused) {
                str = "Cannot read authority information access points.";
            }
        }
        LogUtil.r(str);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean o() {
        return CacheUtil.k();
    }

    public static int u(X509Certificate x509Certificate, X509Certificate x509Certificate2, boolean z) throws OcspParameterException, OcspRequestException, OcspResponseException {
        LogUtil.r("verifyCert() start");
        LogUtil.r("Target certificate serial number : " + x509Certificate.getSerialNumber().toString(16));
        LogUtil.r("useCache : " + z);
        if (!o()) {
            LogUtil.r("OcspUtil has not been initialized.");
            throw new OcspParameterException("OcspUtil has not been initialized.");
        }
        String d = CacheUtil.d(x509Certificate);
        if (z && d != null) {
            switch (CacheUtil.o(d)) {
                case 0:
                    LogUtil.r("verifyCert() end");
                    return 0;
                case 1:
                    LogUtil.r("verifyCert() end");
                    return 1;
                default:
                    LogUtil.r("No valid cache found.");
                    break;
            }
        }
        String j = j(x509Certificate);
        if (j == null) {
            LogUtil.r("Failed to get OCSP responder URL.");
            throw new OcspParameterException("Failed to get OCSP responder URL.");
        }
        LogUtil.r("OCSP responder URL : " + j);
        int i2 = i(u(z(x509Certificate, x509Certificate2), j), x509Certificate2.getPublicKey(), d);
        LogUtil.r("verifyCert() end");
        return i2;
    }

    private static OCSPResp u(OCSPReq oCSPReq, String str) throws OcspRequestException {
        HttpURLConnection httpURLConnection;
        try {
            try {
                httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
            } catch (Throwable th) {
                th = th;
                httpURLConnection = null;
            }
        } catch (java.io.IOException e) {
            e = e;
        }
        try {
            httpURLConnection.setRequestProperty("Content-Type", "application/ocsp-request");
            httpURLConnection.setRequestProperty("Accept", "application/ocsp-response");
            httpURLConnection.setDoOutput(true);
            httpURLConnection.setConnectTimeout(i);
            LogUtil.r("OCSP request connect timeout : " + httpURLConnection.getConnectTimeout());
            httpURLConnection.setReadTimeout(c);
            LogUtil.r("OCSP request read timeout : " + httpURLConnection.getReadTimeout());
            LogUtil.r("Send OCSP request.");
            DataOutputStream dataOutputStream = new DataOutputStream(new BufferedOutputStream(httpURLConnection.getOutputStream()));
            dataOutputStream.write(oCSPReq.z());
            dataOutputStream.flush();
            dataOutputStream.close();
            LogUtil.r("OCSP response responseCode : " + httpURLConnection.getResponseCode());
            LogUtil.r("OCSP response Content-Length : " + httpURLConnection.getContentLength());
            LogUtil.r("OCSP response Content-Type : " + httpURLConnection.getContentType());
            if (httpURLConnection.getResponseCode() != 200) {
                LogUtil.r("Failed to send OCSP request. response code : " + httpURLConnection.getResponseCode());
                throw new OcspRequestException("Failed to send OCSP request. response code : " + httpURLConnection.getResponseCode());
            }
            InputStream inputStream = httpURLConnection.getInputStream();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            while (true) {
                byte[] bArr = new byte[4096];
                int read = inputStream.read(bArr);
                if (read < 0) {
                    break;
                }
                byteArrayOutputStream.write(bArr, 0, read);
            }
            inputStream.close();
            OCSPResp oCSPResp = new OCSPResp(byteArrayOutputStream.toByteArray());
            LogUtil.r("OCSP response status : " + oCSPResp.p());
            if (httpURLConnection != null) {
                httpURLConnection.disconnect();
            }
            return oCSPResp;
        } catch (java.io.IOException e2) {
            e = e2;
            LogUtil.r("Failed to send OCSP request. " + e.getMessage());
            throw new OcspRequestException("Failed to send OCSP request.", e);
        } catch (Throwable th2) {
            th = th2;
            if (httpURLConnection != null) {
                httpURLConnection.disconnect();
            }
            throw th;
        }
    }

    public static void u(int i2) throws OcspParameterException {
        LogUtil.r("setReadTimeout() start");
        LogUtil.r("Timeout : " + i2);
        if (i2 < 0) {
            LogUtil.r("Read timeout must be zero or higher.");
            throw new OcspParameterException("Read timeout must be zero or higher.");
        }
        c = i2;
        LogUtil.r("setReadTimeout() end");
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:27:0x0104  */
    /* JADX WARN: Type inference failed for: r0v10 */
    /* JADX WARN: Type inference failed for: r0v9, types: [java.net.URL] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static int verifyUrl(java.lang.String r3, boolean r4) throws com.nttdocomo.android.ocsplib.exception.OcspParameterException, com.nttdocomo.android.ocsplib.exception.OcspRequestException, com.nttdocomo.android.ocsplib.exception.OcspResponseException {
        /*
            Method dump skipped, instructions count: 297
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.nttdocomo.android.ocsplib.OcspUtil.verifyUrl(java.lang.String, boolean):int");
    }

    public static void w(int i2) throws OcspParameterException {
        LogUtil.r("setConnectTimeout() start");
        LogUtil.r("Timeout : " + i2);
        if (i2 < 0) {
            LogUtil.r("Connect timeout must be zero or higher.");
            throw new OcspParameterException("Connect timeout must be zero or higher.");
        }
        i = i2;
        LogUtil.r("setConnectTimeout() end");
    }

    public static void y() {
        String str;
        LogUtil.r("deleteCache() start");
        if (o()) {
            CacheUtil.x();
            str = "deleteCache() end";
        } else {
            str = "OcspUtil has not been initialized. No cache file deleted.";
        }
        LogUtil.r(str);
    }

    private static OCSPReq z(X509Certificate x509Certificate, X509Certificate x509Certificate2) throws OcspRequestException {
        try {
            OCSPReqBuilder oCSPReqBuilder = new OCSPReqBuilder();
            oCSPReqBuilder.j(new CertificateID(new SHA1DigestCalculator(MessageDigest.getInstance(u)), new X509CertificateHolder(x509Certificate2.getEncoded()), x509Certificate.getSerialNumber()));
            return oCSPReqBuilder.v();
        } catch (Exception e) {
            LogUtil.r("Failed to generate OCSP request. " + e.getMessage());
            throw new OcspRequestException("Failed to generate OCSP request. ", e);
        }
    }
}
