package es.gob.afirma.cert.certvalidation;

import es.gob.afirma.core.misc.AOUtil;
import es.gob.afirma.core.misc.http.DataDownloader;
import es.gob.afirma.ui.utils.Constants;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.cert.CRLException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.List;
import java.util.logging.Logger;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.DERIA5String;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.asn1.x509.CRLDistPoint;
import org.spongycastle.asn1.x509.DistributionPoint;
import org.spongycastle.asn1.x509.DistributionPointName;
import org.spongycastle.asn1.x509.Extension;
import org.spongycastle.asn1.x509.GeneralName;
import org.spongycastle.asn1.x509.GeneralNames;

/* loaded from: input_file:es/gob/afirma/cert/certvalidation/CrlHelper.class */
final class CrlHelper {
    private static final Logger LOGGER = Logger.getLogger(Constants.OUR_NODE_NAME);

    private CrlHelper() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Removed duplicated region for block: B:16:0x00a8  */
    /* JADX WARN: Removed duplicated region for block: B:48:0x0165  */
    /* JADX WARN: Removed duplicated region for block: B:50:0x0169  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static es.gob.afirma.cert.certvalidation.ValidationResult verifyCertificateCRLs(java.security.cert.X509Certificate r5, java.security.PublicKey r6, java.util.List<java.lang.String> r7) {
        /*
            Method dump skipped, instructions count: 374
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: es.gob.afirma.cert.certvalidation.CrlHelper.verifyCertificateCRLs(java.security.cert.X509Certificate, java.security.PublicKey, java.util.List):es.gob.afirma.cert.certvalidation.ValidationResult");
    }

    private static byte[] downloadCRL(String str) throws CRLException, IOException, NamingException, URISyntaxException {
        if (str.startsWith("http://") || str.startsWith("https://") || str.startsWith("ftp://")) {
            return downloadCRLFromWeb(str);
        }
        if (str.startsWith("ldap://")) {
            return downloadCRLFromLDAP(str);
        }
        if (str.startsWith("file:/")) {
            return downloadCRLFromFile(str);
        }
        throw new CRLException("No se soporta el protocolo del punto de distribucion de CRL: " + str);
    }

    private static byte[] downloadCRLFromFile(String str) throws IOException, URISyntaxException {
        return AOUtil.getDataFromInputStream(AOUtil.loadFile(new URI(str)));
    }

    private static byte[] downloadCRLFromLDAP(String str) throws NamingException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", str);
        byte[] bArr = (byte[]) new InitialDirContext(hashtable).getAttributes("").get("certificateRevocationList;binary").get();
        if (bArr == null || bArr.length == 0) {
            throw new NamingException("No se ha podido descargar la CRL desde " + str);
        }
        return bArr;
    }

    private static byte[] downloadCRLFromWeb(String str) throws IOException {
        return DataDownloader.downloadData(str);
    }

    private static List<String> getCrlDistributionPoints(X509Certificate x509Certificate) throws IOException {
        byte[] extensionValue = x509Certificate.getExtensionValue(Extension.cRLDistributionPoints.getId());
        if (extensionValue == null) {
            return new ArrayList(0);
        }
        ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(extensionValue));
        Throwable th = null;
        try {
            ASN1InputStream aSN1InputStream2 = new ASN1InputStream(new ByteArrayInputStream(((DEROctetString) aSN1InputStream.readObject()).getOctets()));
            Throwable th2 = null;
            try {
                try {
                    CRLDistPoint cRLDistPoint = CRLDistPoint.getInstance(aSN1InputStream2.readObject());
                    ArrayList arrayList = new ArrayList();
                    for (DistributionPoint distributionPoint : cRLDistPoint.getDistributionPoints()) {
                        DistributionPointName distributionPoint2 = distributionPoint.getDistributionPoint();
                        if (distributionPoint2 != null && distributionPoint2.getType() == 0) {
                            for (GeneralName generalName : GeneralNames.getInstance(distributionPoint2.getName()).getNames()) {
                                if (generalName.getTagNo() == 6) {
                                    arrayList.add(DERIA5String.getInstance(generalName.getName()).getString());
                                }
                            }
                        }
                    }
                    if (aSN1InputStream2 != null) {
                        if (0 != 0) {
                            try {
                                aSN1InputStream2.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            aSN1InputStream2.close();
                        }
                    }
                    return arrayList;
                } finally {
                }
            } catch (Throwable th4) {
                if (aSN1InputStream2 != null) {
                    if (th2 != null) {
                        try {
                            aSN1InputStream2.close();
                        } catch (Throwable th5) {
                            th2.addSuppressed(th5);
                        }
                    } else {
                        aSN1InputStream2.close();
                    }
                }
                throw th4;
            }
        } finally {
            if (aSN1InputStream != null) {
                if (0 != 0) {
                    try {
                        aSN1InputStream.close();
                    } catch (Throwable th6) {
                        th.addSuppressed(th6);
                    }
                } else {
                    aSN1InputStream.close();
                }
            }
        }
    }
}
