package org.bouncycastle.jce.provider;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.lang.ref.WeakReference;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URL;
import java.security.cert.CertPathValidatorException;
import java.security.cert.Extension;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.WeakHashMap;
import kq0.a;
import kq0.b;
import kq0.d;
import kq0.e;
import kq0.f;
import kq0.h;
import kq0.j;
import kq0.n;
import up0.g;
import up0.j1;
import up0.k;
import up0.p;
import up0.q;
import up0.x;
import uq0.u;
import uq0.v;
import uq0.w;
import vr0.o;
import zr0.c;

/* loaded from: classes7.dex */
class OcspCache {
    private static final int DEFAULT_MAX_RESPONSE_SIZE = 32768;
    private static final int DEFAULT_TIMEOUT = 15000;
    private static Map<URI, WeakReference<Map<b, f>>> cache = Collections.synchronizedMap(new WeakHashMap());

    public static f getOcspResponse(b bVar, o oVar, URI uri, X509Certificate x509Certificate, List<Extension> list, c cVar) throws CertPathValidatorException {
        f fVar;
        f fVar2;
        k nextUpdate;
        WeakReference<Map<b, f>> weakReference = cache.get(uri);
        Map<b, f> map = weakReference != null ? weakReference.get() : null;
        boolean z7 = false;
        if (map != null && (fVar2 = map.get(bVar)) != null) {
            x responses = kq0.k.getInstance(a.getInstance(q.getInstance(fVar2.getResponseBytes().getResponse()).getOctets()).getTbsResponseData()).getResponses();
            for (int i11 = 0; i11 != responses.size(); i11++) {
                n nVar = n.getInstance(responses.getObjectAt(i11));
                if (bVar.equals(nVar.getCertID()) && (nextUpdate = nVar.getNextUpdate()) != null) {
                    try {
                    } catch (ParseException unused) {
                        map.remove(bVar);
                    }
                    if (oVar.getValidDate().after(nextUpdate.getDate())) {
                        map.remove(bVar);
                        fVar2 = null;
                    }
                }
            }
            if (fVar2 != null) {
                return fVar2;
            }
        }
        try {
            URL url = uri.toURL();
            g gVar = new g();
            gVar.add(new h(bVar, null));
            g gVar2 = new g();
            byte[] bArr = null;
            for (int i12 = 0; i12 != list.size(); i12++) {
                Extension extension = list.get(i12);
                byte[] value = extension.getValue();
                if (d.id_pkix_ocsp_nonce.getId().equals(extension.getId())) {
                    bArr = value;
                }
                gVar2.add(new u(new p(extension.getId()), extension.isCritical(), value));
            }
            try {
                byte[] encoded = new e(new kq0.o((w) null, new j1(gVar), v.getInstance(new j1(gVar2))), null).getEncoded();
                HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
                httpURLConnection.setConnectTimeout(15000);
                httpURLConnection.setReadTimeout(15000);
                httpURLConnection.setDoOutput(true);
                httpURLConnection.setDoInput(true);
                httpURLConnection.setRequestMethod(m40.e.HTTP_POST);
                httpURLConnection.setRequestProperty("Content-type", "application/ocsp-request");
                httpURLConnection.setRequestProperty("Content-length", String.valueOf(encoded.length));
                OutputStream outputStream = httpURLConnection.getOutputStream();
                outputStream.write(encoded);
                outputStream.flush();
                InputStream inputStream = httpURLConnection.getInputStream();
                int contentLength = httpURLConnection.getContentLength();
                if (contentLength < 0) {
                    contentLength = 32768;
                }
                fVar = f.getInstance(nt0.b.readAllLimited(inputStream, contentLength));
            } catch (IOException e11) {
                e = e11;
            }
            try {
                if (fVar.getResponseStatus().getIntValue() != 0) {
                    throw new CertPathValidatorException("OCSP responder failed: " + fVar.getResponseStatus().getValue(), null, oVar.getCertPath(), oVar.getIndex());
                }
                j jVar = j.getInstance(fVar.getResponseBytes());
                if (jVar.getResponseType().equals((up0.u) d.id_pkix_ocsp_basic)) {
                    z7 = ProvOcspRevocationChecker.validatedOcspResponse(a.getInstance(jVar.getResponse().getOctets()), oVar, bArr, x509Certificate, cVar);
                }
                if (!z7) {
                    throw new CertPathValidatorException("OCSP response failed to validate", null, oVar.getCertPath(), oVar.getIndex());
                }
                WeakReference<Map<b, f>> weakReference2 = cache.get(uri);
                if (weakReference2 != null) {
                    weakReference2.get().put(bVar, fVar);
                } else {
                    HashMap hashMap = new HashMap();
                    hashMap.put(bVar, fVar);
                    cache.put(uri, new WeakReference<>(hashMap));
                }
                return fVar;
            } catch (IOException e12) {
                e = e12;
                throw new CertPathValidatorException("configuration error: " + e.getMessage(), e, oVar.getCertPath(), oVar.getIndex());
            }
        } catch (MalformedURLException e13) {
            throw new CertPathValidatorException("configuration error: " + e13.getMessage(), e13, oVar.getCertPath(), oVar.getIndex());
        }
    }
}
