package com.sds.lego.cert.apis.client.util;

import AGENT.mq.b;
import AGENT.mq.e;
import AGENT.mq.f;
import AGENT.mq.j;
import AGENT.mq.p;
import AGENT.rp.k;
import AGENT.rp.v0;
import AGENT.rp.y0;
import android.util.Log;
import com.sds.emm.sdk.provisioning.internal.common.PvConstants;
import com.sds.lego.cert.apis.client.consts.CertConstants;
import defpackage.MDH_jp;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.List;
import javax.crypto.Cipher;
import javax.naming.directory.InitialDirContext;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import kotlin.UByte;

/* loaded from: classes2.dex */
public class CertUtil {
    static final HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() { // from class: com.sds.lego.cert.apis.client.util.CertUtil.2
        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return true;
        }
    };

    public static X509CRL downloadCRL(String str) {
        if (str.startsWith("http://") || str.startsWith("https://")) {
            return downloadCRLFromWeb(str);
        }
        if (str.startsWith("ldap://")) {
            return null;
        }
        throw new CertificateException("Can not download CRL from certificate distribution point: " + str);
    }

    private static X509CRL downloadCRLFromLDAP(String str) {
        Log.d(CertConstants.LOG_TAG, "LDAP URI: " + str);
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", str);
        byte[] bArr = (byte[]) new InitialDirContext(hashtable).getAttributes("").get("certificateRevocationList").get();
        if (bArr != null && bArr.length != 0) {
            return (X509CRL) CertificateFactory.getInstance("X.509").generateCRL(new ByteArrayInputStream(bArr));
        }
        throw new CertificateException("Can not download CRL from: " + str);
    }

    private static X509CRL downloadCRLFromWeb(String str) {
        String str2;
        HttpURLConnection httpURLConnection;
        Log.d(CertConstants.LOG_TAG, "CDP: " + str);
        URL url = new URL(str);
        url.openConnection();
        if (url.getProtocol().toLowerCase().equals("https")) {
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url.openConnection();
            httpsURLConnection.setHostnameVerifier(DO_NOT_VERIFY);
            TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.sds.lego.cert.apis.client.util.CertUtil.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str3) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str3) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }};
            try {
                SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
                sSLContext.init(null, trustManagerArr, new SecureRandom());
                httpsURLConnection.setSSLSocketFactory(sSLContext.getSocketFactory());
            } catch (Exception e) {
                e.printStackTrace();
            }
            str2 = "HTTPS";
            httpURLConnection = httpsURLConnection;
        } else {
            HttpURLConnection httpURLConnection2 = (HttpURLConnection) url.openConnection();
            str2 = "HTTP";
            httpURLConnection = httpURLConnection2;
        }
        Log.d(CertConstants.LOG_TAG, str2);
        httpURLConnection.setReadTimeout(3000);
        httpURLConnection.setConnectTimeout(3000);
        InputStream inputStream = httpURLConnection.getInputStream();
        try {
            X509CRL x509crl = (X509CRL) CertificateFactory.getInstance("X.509").generateCRL(inputStream);
            if (x509crl == null) {
                Log.d(CertConstants.LOG_TAG, "CRL Null");
            }
            return x509crl;
        } finally {
            inputStream.close();
        }
    }

    public static List<String> getCrlDistributionPoints(X509Certificate x509Certificate) {
        byte[] extensionValue = x509Certificate.getExtensionValue(p.p.B());
        if (extensionValue == null) {
            return new ArrayList();
        }
        b p = b.p(new k(new ByteArrayInputStream(((y0) new k(new ByteArrayInputStream(extensionValue)).p()).z())).p());
        ArrayList arrayList = new ArrayList();
        for (e eVar : p.o()) {
            f p2 = eVar.p();
            if (p2 != null && p2.s() == 0) {
                j[] r = AGENT.mq.k.q(p2.r()).r();
                for (int i = 0; i < r.length; i++) {
                    if (r[i].r() == 6) {
                        arrayList.add(v0.y(r[i].q()).g());
                    }
                }
            }
        }
        return arrayList;
    }

    public static String getEncryptedText(PublicKey publicKey, String str) {
        byte[] encryptedText = getEncryptedText(publicKey, str.getBytes(PvConstants.UTF_8));
        StringBuffer stringBuffer = new StringBuffer(encryptedText.length * 2);
        for (byte b : encryptedText) {
            stringBuffer.append((MDH_jp.w + Integer.toHexString(b & UByte.MAX_VALUE)).substring(r1.length() - 2));
        }
        return stringBuffer.toString();
    }

    public static byte[] getEncryptedText(PublicKey publicKey, byte[] bArr) {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, publicKey);
        return cipher.doFinal(bArr);
    }
}
