package com.rsa.cryptoj.o;

import com.novell.ldap.LDAPAttribute;
import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPEntry;
import com.novell.ldap.LDAPException;
import com.novell.ldap.LDAPSearchConstraints;
import com.novell.ldap.LDAPSearchResults;
import com.rsa.jcp.LDAPCertStoreParameters;
import java.io.ByteArrayInputStream;
import java.net.UnknownHostException;
import java.security.InvalidAlgorithmParameterException;
import java.security.cert.CRL;
import java.security.cert.CRLSelector;
import java.security.cert.CertSelector;
import java.security.cert.CertStoreException;
import java.security.cert.CertStoreParameters;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactorySpi;
import java.security.cert.X509CRLSelector;
import java.security.cert.X509CertSelector;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class ft {
    private static final int a = 0;
    private static final int b = 1;
    private LDAPCertStoreParameters c;
    private final String[] d;
    private final String[] e;
    private CertificateFactorySpi f;
    private final LDAPConnection g = new LDAPConnection();
    private final cf h;
    private final List<ca> i;

    /* JADX INFO: Access modifiers changed from: package-private */
    public ft(CertStoreParameters certStoreParameters, cf cfVar, List<ca> list) throws InvalidAlgorithmParameterException {
        this.h = cfVar;
        this.i = list;
        if (certStoreParameters == null) {
            throw new InvalidAlgorithmParameterException("Configuration should not be null.");
        }
        if (certStoreParameters instanceof LDAPCertStoreParameters) {
            this.c = (LDAPCertStoreParameters) certStoreParameters;
        } else {
            if (!(certStoreParameters instanceof java.security.cert.LDAPCertStoreParameters)) {
                throw new InvalidAlgorithmParameterException("Unsupported configuration type found.");
            }
            try {
                this.c = new LDAPCertStoreParameters(((java.security.cert.LDAPCertStoreParameters) certStoreParameters).getServerName(), ((java.security.cert.LDAPCertStoreParameters) certStoreParameters).getPort());
            } catch (UnknownHostException e) {
                throw new InvalidAlgorithmParameterException(e.getMessage());
            }
        }
        if (this.c.getAuthType() == 1 && (this.c.getUserDN() == null || this.c.getUserPassword() == null)) {
            throw new InvalidAlgorithmParameterException("Neither userDN nor password can be null if auth type is LDAP_AUTH_SIMPLE.");
        }
        this.d = a(this.c.getCertificateAttrs());
        this.e = a(this.c.getCertificateRevocationAttrs());
    }

    private String a(String[] strArr) {
        if (strArr == null) {
            return null;
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("(|");
        for (String str : strArr) {
            stringBuffer.append('(');
            stringBuffer.append(str);
            stringBuffer.append(")");
        }
        stringBuffer.append(')');
        return new String(stringBuffer);
    }

    private Collection a(LDAPConnection lDAPConnection, String str, String str2, String[] strArr, int i, CertSelector certSelector, CRLSelector cRLSelector) throws CertStoreException {
        try {
            return a(lDAPConnection.search(str, 2, str2, strArr, false), strArr, i, certSelector, cRLSelector);
        } catch (LDAPException e) {
            throw new CertStoreException((Throwable) e);
        }
    }

    private Collection a(LDAPSearchResults lDAPSearchResults, String[] strArr, int i, CertSelector certSelector, CRLSelector cRLSelector) throws CertStoreException {
        if (lDAPSearchResults == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        while (lDAPSearchResults.hasMore()) {
            try {
                LDAPEntry next = lDAPSearchResults.next();
                if (next instanceof LDAPEntry) {
                    LDAPEntry lDAPEntry = next;
                    for (String str : strArr) {
                        LDAPAttribute attribute = lDAPEntry.getAttribute(str);
                        if (attribute != null) {
                            Enumeration byteValues = attribute.getByteValues();
                            while (byteValues.hasMoreElements()) {
                                byte[] bArr = (byte[]) byteValues.nextElement();
                                if (bArr != null) {
                                    if (this.f == null) {
                                        this.f = new oz(this.h, this.i);
                                    }
                                    if (i == 0) {
                                        try {
                                            Certificate engineGenerateCertificate = this.f.engineGenerateCertificate(new ByteArrayInputStream(bArr));
                                            if (certSelector.match(engineGenerateCertificate)) {
                                                hashSet.add(engineGenerateCertificate);
                                            }
                                        } catch (Exception e) {
                                        }
                                    } else if (i == 1) {
                                        try {
                                            CRL engineGenerateCRL = this.f.engineGenerateCRL(new ByteArrayInputStream(bArr));
                                            if (cRLSelector.match(engineGenerateCRL)) {
                                                hashSet.add(engineGenerateCRL);
                                            }
                                        } catch (Exception e2) {
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            } catch (LDAPException e3) {
                switch (e3.getResultCode()) {
                    case 3:
                        throw new CertStoreException("Time limit exceeded.", e3);
                    case 4:
                        throw new CertStoreException("Size limit exceeded.", e3);
                    case 11:
                        throw new CertStoreException("Admin limit exceeded.", e3);
                }
            }
        }
        return hashSet;
    }

    private void a() throws CertStoreException {
        if (this.g.isConnected()) {
            return;
        }
        try {
            this.g.connect(this.c.getNetworkAddress().getHostName(), this.c.getPortNumber());
            LDAPSearchConstraints lDAPSearchConstraints = new LDAPSearchConstraints();
            lDAPSearchConstraints.setTimeLimit(this.c.getTimeLimit());
            lDAPSearchConstraints.setMaxResults(this.c.getSizeLimit());
            this.g.setConstraints(lDAPSearchConstraints);
            try {
                if (this.c.getAuthType() == 1) {
                    this.g.bind(3, this.c.getUserDN(), this.c.getUserPassword().getBytes());
                }
            } catch (LDAPException e) {
                throw new CertStoreException("LDAP authenticate call failed.", e);
            }
        } catch (LDAPException e2) {
            throw new CertStoreException("LDAP connect call failed.", e2);
        }
    }

    private String[] a(String str) {
        return str.split(",");
    }

    private void b() {
        if (this.g.isConnected()) {
            try {
                this.g.disconnect();
            } catch (LDAPException e) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Collection a(CRLSelector cRLSelector) throws CertStoreException {
        if (cRLSelector == null || !(cRLSelector instanceof X509CRLSelector)) {
            throw new CertStoreException("crlSelector must be of type X509CRLSelector.");
        }
        try {
            a();
            return a(this.g, this.c.getSearchRoot(), null, this.e, 1, null, cRLSelector);
        } finally {
            b();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Collection a(CertSelector certSelector) throws CertStoreException {
        if (certSelector == null || !(certSelector instanceof X509CertSelector)) {
            throw new CertStoreException("certSelector must be of type X509CertSelector.");
        }
        X500Principal subject = ((X509CertSelector) certSelector).getSubject();
        String a2 = a((subject == null || subject.getName() == null || subject.getName().length() == 0) ? null : a(subject.getName()));
        try {
            a();
            return a(this.g, this.c.getSearchRoot(), a2, this.d, 0, certSelector, null);
        } finally {
            b();
        }
    }
}
