package com.rsa.cryptoj.o;

import com.airwatch.sdk.wrapper.BuildConfig;
import com.rsa.jcp.OCSPParameters;
import com.rsa.jcp.OCSPResponderConfig;
import com.rsa.jcp.OCSPWithRespondersParameters;
import com.rsa.jsafe.provider.CRLDPParameters;
import java.io.IOException;
import java.math.BigInteger;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.InvalidAlgorithmParameterException;
import java.security.Security;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Iterator;
import java.util.regex.Pattern;

/* loaded from: classes.dex */
final class qp {
    public static final String a = "com.sun.security.enableCRLDP";
    public static final String b = "com.ibm.security.enableCRLDP";
    public static final String c = "ocsp.enable";
    public static final String d = "ocsp.responderURL";
    public static final String e = "ocsp.responderCertSubjectName";
    public static final String f = "ocsp.responderCertIssuerName";
    public static final String g = "ocsp.responderCertSerialNumber";
    public static final String h = "com.rsa.ocsp.nextUpdateIntervalSeconds";
    private static final Pattern i = Pattern.compile("[: ]");
    private static final long j = 900000;
    private static long k;

    private qp() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static long a() {
        try {
            k = Security.getProperty(h) == null ? 900000L : Long.parseLong(Security.getProperty(h)) * 1000;
        } catch (Exception e2) {
            k = j;
        }
        return k;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OCSPParameters a(PKIXParameters pKIXParameters, OCSPParameters oCSPParameters) throws InvalidAlgorithmParameterException {
        if (oCSPParameters != null) {
            return oCSPParameters;
        }
        OCSPResponderConfig a2 = a(pKIXParameters);
        if (a2 == null) {
            return null;
        }
        boolean z = a2.getOCSPResponderURL() != null;
        return new OCSPWithRespondersParameters(Arrays.asList(a2), z, z ? false : true);
    }

    private static OCSPResponderConfig a(PKIXParameters pKIXParameters) throws InvalidAlgorithmParameterException {
        X509CertSelector x509CertSelector;
        X509Certificate x509Certificate = null;
        if (!d()) {
            return null;
        }
        String f2 = f();
        String g2 = g();
        String h2 = h();
        try {
            BigInteger i2 = i();
            try {
                if (g2 != null) {
                    x509CertSelector = new X509CertSelector();
                    x509CertSelector.setSubject(g2);
                } else if (h2 != null && i2 != null) {
                    x509CertSelector = new X509CertSelector();
                    x509CertSelector.setIssuer(h2);
                    x509CertSelector.setSerialNumber(i2);
                } else {
                    if (h2 != null || i2 != null) {
                        throw new InvalidAlgorithmParameterException("Security properties: ocsp.responderCertIssuerName and ocsp.responderCertSerialNumber should both be set.");
                    }
                    x509CertSelector = null;
                }
                if (x509CertSelector != null) {
                    try {
                        x509Certificate = a(pKIXParameters, x509CertSelector);
                        if (x509Certificate == null) {
                            throw new InvalidAlgorithmParameterException("Could not find the OCSP responder certificate specified.");
                        }
                    } catch (CertStoreException e2) {
                        throw new InvalidAlgorithmParameterException("Error accessing CertStore.");
                    }
                }
                return new OCSPResponderConfig(f2, x509Certificate);
            } catch (IOException e3) {
                throw new InvalidAlgorithmParameterException("Invalid name read from OCSP security properties." + e3.getMessage());
            }
        } catch (NumberFormatException e4) {
            throw new InvalidAlgorithmParameterException("Invalid value for security property: ocsp.responderCertSerialNumber");
        }
    }

    private static String a(String str) {
        return (str.length() >= 2 && str.charAt(0) == '\"' && str.charAt(str.length() + (-1)) == '\"') ? str.substring(1, str.length() - 1) : str;
    }

    private static X509Certificate a(PKIXParameters pKIXParameters, X509CertSelector x509CertSelector) throws CertStoreException, InvalidAlgorithmParameterException {
        Iterator<TrustAnchor> it = pKIXParameters.getTrustAnchors().iterator();
        while (it.hasNext()) {
            X509Certificate trustedCert = it.next().getTrustedCert();
            if (trustedCert == null) {
                throw new InvalidAlgorithmParameterException("Responder certificate which is also a TrustAnchor must be specified using a certificate.");
            }
            if (x509CertSelector.match(trustedCert)) {
                return trustedCert;
            }
        }
        Iterator<CertStore> it2 = pKIXParameters.getCertStores().iterator();
        while (it2.hasNext()) {
            Iterator<? extends Certificate> it3 = it2.next().getCertificates(x509CertSelector).iterator();
            if (it3.hasNext()) {
                return (X509Certificate) it3.next();
            }
        }
        return null;
    }

    static long b() {
        return j;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static CRLDPParameters c() throws InvalidAlgorithmParameterException {
        URI uri;
        if (!e()) {
            return null;
        }
        String property = System.getProperty("http.proxyHost");
        String property2 = System.getProperty("http.proxyPort");
        if (property == null || property2 == null) {
            uri = null;
        } else {
            try {
                uri = property.indexOf("//") == -1 ? new URI(null, null, property, Integer.parseInt(property2), null, null, null) : new URI(property + ":" + property2);
            } catch (NumberFormatException e2) {
                throw new InvalidAlgorithmParameterException(e2);
            } catch (URISyntaxException e3) {
                throw new InvalidAlgorithmParameterException(e3);
            }
        }
        return new CRLDPParameters(null, false, uri);
    }

    private static boolean d() {
        return "true".equalsIgnoreCase(Security.getProperty(c));
    }

    private static boolean e() {
        String property = System.getProperty(a);
        if (property == null) {
            property = System.getProperty(b);
        }
        return "true".equalsIgnoreCase(property);
    }

    private static String f() {
        String property = Security.getProperty(d);
        if (property == null || property.length() == 0) {
            return null;
        }
        return property;
    }

    private static String g() {
        String property = Security.getProperty(e);
        if (property == null || property.length() == 0) {
            return null;
        }
        return a(property);
    }

    private static String h() {
        String property = Security.getProperty(f);
        if (property == null || property.length() == 0) {
            return null;
        }
        return a(property);
    }

    private static BigInteger i() throws NumberFormatException {
        String property = Security.getProperty(g);
        if (property == null || property.length() == 0) {
            return null;
        }
        return new BigInteger(i.matcher(property).replaceAll(BuildConfig.FLAVOR), 16);
    }
}
