package com.djigzo.android.common.security.crl;

import com.unboundid.ldap.sdk.Attribute;
import com.unboundid.ldap.sdk.LDAPConnection;
import com.unboundid.ldap.sdk.LDAPConnectionOptions;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.LDAPURL;
import com.unboundid.ldap.sdk.SearchResult;
import com.unboundid.ldap.sdk.SearchResultEntry;
import com.unboundid.ldap.sdk.SearchScope;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.URI;
import java.security.NoSuchProviderException;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.CertificateException;
import java.util.Collection;
import java.util.LinkedList;
import java.util.List;
import mitm.common.security.SecurityFactoryFactoryException;
import mitm.common.security.crl.CRLDownloadHandler;
import mitm.common.security.crl.CRLDownloadParameters;
import mitm.common.security.crl.CRLUtils;
import mitm.common.util.Check;
import mitm.common.util.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class LDAPCRLDownloadHandler implements CRLDownloadHandler {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) LDAPCRLDownloadHandler.class);
    private final CRLDownloadParameters downloadParameters;

    public LDAPCRLDownloadHandler(CRLDownloadParameters cRLDownloadParameters) {
        this.downloadParameters = cRLDownloadParameters;
    }

    private void parseCRL(byte[] bArr, Collection<CRL> collection) throws CRLException {
        try {
            if (bArr.length > this.downloadParameters.getMaxBytes()) {
                logger.warn("Bytes returned by LDAP server exceed limit.");
                return;
            }
            Collection<? extends CRL> readCRLs = CRLUtils.readCRLs(new ByteArrayInputStream(bArr));
            if (readCRLs == null || readCRLs.size() == 0) {
                logger.debug("No CRLs found in the downloaded stream.");
            }
            CollectionUtils.copyCollectionFiltered(readCRLs, collection, CRL.class);
        } catch (NoSuchProviderException e) {
            throw new CRLException(e);
        } catch (CertificateException e2) {
            throw new CRLException(e2);
        } catch (SecurityFactoryFactoryException e3) {
            throw new CRLException(e3);
        }
    }

    @Override // mitm.common.security.crl.CRLDownloadHandler
    public boolean canHandle(URI uri) {
        Check.notNull(uri, "uri");
        String scheme = uri.getScheme();
        return scheme != null && scheme.equalsIgnoreCase("ldap") && this.downloadParameters.isLDAPEnabled();
    }

    @Override // mitm.common.security.crl.CRLDownloadHandler
    public Collection<? extends CRL> downloadCRLs(URI uri) throws IOException, CRLException {
        byte[][] valueByteArrays;
        if (!canHandle(uri)) {
            throw new IllegalArgumentException("The uri cannot be handled by this handler.");
        }
        LinkedList linkedList = new LinkedList();
        LDAPConnectionOptions lDAPConnectionOptions = new LDAPConnectionOptions();
        lDAPConnectionOptions.setAbandonOnTimeout(true);
        lDAPConnectionOptions.setConnectTimeoutMillis((int) this.downloadParameters.getConnectTimeout());
        lDAPConnectionOptions.setResponseTimeoutMillis((int) this.downloadParameters.getReadTimeout());
        lDAPConnectionOptions.setMaxMessageSize((int) this.downloadParameters.getMaxBytes());
        lDAPConnectionOptions.setFollowReferrals(true);
        LDAPConnection lDAPConnection = new LDAPConnection(lDAPConnectionOptions);
        int port = uri.getPort();
        if (port == -1) {
            port = LDAPURL.DEFAULT_LDAP_PORT;
        }
        try {
            lDAPConnection.connect(uri.getHost(), port);
            String removeStart = StringUtils.removeStart(uri.getPath(), "/");
            String query = uri.getQuery();
            SearchResult search = lDAPConnection.search(removeStart, SearchScope.SUB, "(objectClass=*)", StringUtils.isNotBlank(query) ? new String[]{query} : new String[]{"certificateRevocationList;binary", "authorityRevocationList;binary", "deltaRevocationList;binary"});
            if (search != null && search.getEntryCount() > 0) {
                List<SearchResultEntry> searchEntries = search.getSearchEntries();
                if (CollectionUtils.isNotEmpty(searchEntries)) {
                    for (SearchResultEntry searchResultEntry : searchEntries) {
                        if (searchResultEntry != null) {
                            Collection<Attribute> attributes = searchResultEntry.getAttributes();
                            if (CollectionUtils.isNotEmpty(attributes)) {
                                for (Attribute attribute : attributes) {
                                    if (attribute != null && (valueByteArrays = attribute.getValueByteArrays()) != null) {
                                        for (byte[] bArr : valueByteArrays) {
                                            if (bArr != null) {
                                                parseCRL(bArr, linkedList);
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
            return linkedList;
        } catch (LDAPException e) {
            throw new CRLException(e);
        }
    }
}
