package kotlin.appmattus.certificatetransparency.internal.verifier;

import java.lang.reflect.Method;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.appmattus.certificatetransparency.chaincleaner.CertificateChainCleanerFactory;
import kotlin.appmattus.certificatetransparency.internal.verifier.model.Host;
import kotlin.dl1;
import kotlin.ds5;
import kotlin.er5;
import kotlin.fh1;
import kotlin.fs5;
import kotlin.jk1;
import kotlin.jo5;
import kotlin.ki1;
import kotlin.li1;
import kotlin.lk1;
import kotlin.lm1;
import kotlin.mm1;
import kotlin.nk1;
import kotlin.pk1;
import kotlin.ti1;
import kotlin.vi1;
import kotlin.wl1;
import kotlin.xi1;
import kotlin.xr5;
import kotlin.z81;
import kotlin.zl5;

@Metadata(d1 = {"\u0000t\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\"\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n\u0000\n\u0002\u0010\u0011\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0010 \n\u0002\b\b\b\u0000\u0018\u00002\u00020\u00012\u00020\u0002Bw\u0012\u0006\u0010\u0003\u001a\u00020\u0001\u0012\f\u0010\u0004\u001a\b\u0012\u0004\u0012\u00020\u00060\u0005\u0012\f\u0010\u0007\u001a\b\u0012\u0004\u0012\u00020\u00060\u0005\u0012\b\u0010\b\u001a\u0004\u0018\u00010\t\u0012\b\u0010\n\u001a\u0004\u0018\u00010\u000b\u0012\u000e\u0010\f\u001a\n\u0012\u0004\u0012\u00020\u000e\u0018\u00010\r\u0012\b\u0010\u000f\u001a\u0004\u0018\u00010\u0010\u0012\b\u0010\u0011\u001a\u0004\u0018\u00010\u0012\u0012\b\b\u0002\u0010\u0013\u001a\u00020\u0014\u0012\n\b\u0002\u0010\u0015\u001a\u0004\u0018\u00010\u0016¢\u0006\u0002\u0010\u0017J%\u0010\u001b\u001a\u00020\u001c2\u000e\u0010\u001d\u001a\n\u0012\u0006\b\u0001\u0012\u00020\u001f0\u001e2\u0006\u0010 \u001a\u00020!H\u0016¢\u0006\u0002\u0010\"J%\u0010#\u001a\u00020\u001c2\u000e\u0010\u001d\u001a\n\u0012\u0006\b\u0001\u0012\u00020\u001f0\u001e2\u0006\u0010 \u001a\u00020!H\u0016¢\u0006\u0002\u0010\"J1\u0010#\u001a\b\u0012\u0004\u0012\u00020\u001f0$2\u000e\u0010\u001d\u001a\n\u0012\u0006\b\u0001\u0012\u00020\u001f0\u001e2\u0006\u0010 \u001a\u00020!2\u0006\u0010%\u001a\u00020!¢\u0006\u0002\u0010&J\u0013\u0010'\u001a\b\u0012\u0004\u0012\u00020\u001f0\u001eH\u0016¢\u0006\u0002\u0010(J\u001a\u0010)\u001a\u00020\u00142\b\u0010*\u001a\u0004\u0018\u00010!2\b\u0010+\u001a\u0004\u0018\u00010!R\u0010\u0010\u0018\u001a\u0004\u0018\u00010\u0019X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0003\u001a\u00020\u0001X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0013\u001a\u00020\u0014X\u0082\u0004¢\u0006\u0002\n\u0000R\u0010\u0010\u001a\u001a\u0004\u0018\u00010\u0019X\u0082\u0004¢\u0006\u0002\n\u0000R\u0010\u0010\u0015\u001a\u0004\u0018\u00010\u0016X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006,"}, d2 = {"Lcom/appmattus/certificatetransparency/internal/verifier/CertificateTransparencyTrustManager;", "Ljavax/net/ssl/X509TrustManager;", "Lcom/appmattus/certificatetransparency/internal/verifier/CertificateTransparencyBase;", "delegate", "includeHosts", "", "Lcom/appmattus/certificatetransparency/internal/verifier/model/Host;", "excludeHosts", "certificateChainCleanerFactory", "Lcom/appmattus/certificatetransparency/chaincleaner/CertificateChainCleanerFactory;", "logListService", "Lcom/appmattus/certificatetransparency/loglist/LogListService;", "logListDataSource", "Lcom/appmattus/certificatetransparency/datasource/DataSource;", "Lcom/appmattus/certificatetransparency/loglist/LogListResult;", "policy", "Lcom/appmattus/certificatetransparency/CTPolicy;", "diskCache", "Lcom/appmattus/certificatetransparency/cache/DiskCache;", "failOnError", "", "logger", "Lcom/appmattus/certificatetransparency/CTLogger;", "(Ljavax/net/ssl/X509TrustManager;Ljava/util/Set;Ljava/util/Set;Lcom/appmattus/certificatetransparency/chaincleaner/CertificateChainCleanerFactory;Lcom/appmattus/certificatetransparency/loglist/LogListService;Lcom/appmattus/certificatetransparency/datasource/DataSource;Lcom/appmattus/certificatetransparency/CTPolicy;Lcom/appmattus/certificatetransparency/cache/DiskCache;ZLcom/appmattus/certificatetransparency/CTLogger;)V", "checkServerTrustedMethod", "Ljava/lang/reflect/Method;", "isSameTrustConfigurationMethod", "checkClientTrusted", "", "chain", "", "Ljava/security/cert/X509Certificate;", "authType", "", "([Ljava/security/cert/X509Certificate;Ljava/lang/String;)V", "checkServerTrusted", "", "host", "([Ljava/security/cert/X509Certificate;Ljava/lang/String;Ljava/lang/String;)Ljava/util/List;", "getAcceptedIssuers", "()[Ljava/security/cert/X509Certificate;", "isSameTrustConfiguration", "hostname1", "hostname2", "certificatetransparency"}, k = 1, mv = {1, 8, 0}, xi = 48)
/* loaded from: classes.dex */
public final class CertificateTransparencyTrustManager extends wl1 implements X509TrustManager {
    private final Method checkServerTrustedMethod;
    private final X509TrustManager delegate;
    private final boolean failOnError;
    private final Method isSameTrustConfigurationMethod;
    private final ki1 logger;

    @Metadata(d1 = {"\u0000\f\n\u0000\n\u0002\u0010\u000e\n\u0002\u0018\u0002\n\u0000\u0010\u0000\u001a\u0004\u0018\u00010\u0001*\u00020\u0002H\n¢\u0006\u0002\b\u0003"}, d2 = {"<anonymous>", "", "Lcom/appmattus/certificatetransparency/internal/utils/asn1/query/ASN1Query;", "invoke"}, k = 3, mv = {1, 8, 0}, xi = 48)
    /* loaded from: classes.dex */
    public static final class a extends fs5 implements er5<dl1, String> {
        public static final a a = new a();

        public a() {
            super(1);
        }

        @Override // kotlin.er5
        public String invoke(dl1 dl1Var) {
            Object obj;
            dl1 dl1Var2;
            dl1 dl1Var3;
            String str;
            dl1 dl1Var4 = dl1Var;
            ds5.f(dl1Var4, "$this$query");
            Iterator it = ((ArrayList) dl1Var4.a()).iterator();
            while (true) {
                if (!it.hasNext()) {
                    obj = null;
                    break;
                }
                obj = it.next();
                jk1 jk1Var = ((dl1) jo5.x(((dl1) jo5.x(((dl1) obj).a())).a())).a;
                ds5.d(jk1Var, "null cannot be cast to non-null type com.appmattus.certificatetransparency.internal.utils.asn1.ASN1ObjectIdentifier");
                if (ds5.a(((lk1) jk1Var).f(), "2.5.4.3")) {
                    break;
                }
            }
            dl1 dl1Var5 = (dl1) obj;
            if (dl1Var5 == null || (dl1Var2 = (dl1) jo5.x(dl1Var5.a())) == null || (dl1Var3 = (dl1) ((ArrayList) dl1Var2.a()).get(1)) == null) {
                return null;
            }
            jk1 jk1Var2 = dl1Var3.a;
            if (jk1Var2 instanceof nk1) {
                str = (String) ((nk1) jk1Var2).h.getValue();
            } else {
                if (!(jk1Var2 instanceof pk1)) {
                    StringBuilder Y0 = fh1.Y0("Unsupported string object ");
                    Y0.append(dl1Var3.a);
                    throw new IllegalStateException(Y0.toString().toString());
                }
                str = (String) ((pk1) jk1Var2).h.getValue();
            }
            return str;
        }
    }

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public CertificateTransparencyTrustManager(X509TrustManager x509TrustManager, Set<Host> set, Set<Host> set2, CertificateChainCleanerFactory certificateChainCleanerFactory, mm1 mm1Var, xi1<lm1> xi1Var, li1 li1Var, vi1 vi1Var, boolean z, ki1 ki1Var) {
        super(set, set2, certificateChainCleanerFactory, x509TrustManager, mm1Var, xi1Var, li1Var, vi1Var);
        Method method;
        ds5.f(x509TrustManager, "delegate");
        ds5.f(set, "includeHosts");
        ds5.f(set2, "excludeHosts");
        this.delegate = x509TrustManager;
        this.failOnError = z;
        this.logger = ki1Var;
        Method method2 = null;
        try {
            method = x509TrustManager.getClass().getDeclaredMethod("checkServerTrusted", X509Certificate[].class, String.class, String.class);
        } catch (NoSuchMethodException unused) {
            method = null;
        }
        this.checkServerTrustedMethod = method;
        try {
            method2 = this.delegate.getClass().getDeclaredMethod("isSameTrustConfiguration", String.class, String.class);
        } catch (NoSuchMethodException unused2) {
        }
        this.isSameTrustConfigurationMethod = method2;
    }

    public /* synthetic */ CertificateTransparencyTrustManager(X509TrustManager x509TrustManager, Set set, Set set2, CertificateChainCleanerFactory certificateChainCleanerFactory, mm1 mm1Var, xi1 xi1Var, li1 li1Var, vi1 vi1Var, boolean z, ki1 ki1Var, int i, xr5 xr5Var) {
        this(x509TrustManager, set, set2, certificateChainCleanerFactory, mm1Var, xi1Var, li1Var, vi1Var, (i & 256) != 0 ? true : z, (i & 512) != 0 ? null : ki1Var);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] chain, String authType) {
        ds5.f(chain, "chain");
        ds5.f(authType, "authType");
        this.delegate.checkClientTrusted(chain, authType);
    }

    public final List<X509Certificate> checkServerTrusted(X509Certificate[] chain, String authType, String host) {
        ds5.f(chain, "chain");
        ds5.f(authType, "authType");
        ds5.f(host, "host");
        Method method = this.checkServerTrustedMethod;
        ds5.c(method);
        Object invoke = method.invoke(this.delegate, chain, authType, host);
        ds5.d(invoke, "null cannot be cast to non-null type kotlin.collections.List<java.security.cert.X509Certificate>");
        List<X509Certificate> list = (List) invoke;
        ti1 verifyCertificateTransparency = verifyCertificateTransparency(host, jo5.w0(list));
        ki1 ki1Var = this.logger;
        if (ki1Var != null) {
            ki1Var.log(host, verifyCertificateTransparency);
        }
        if ((verifyCertificateTransparency instanceof ti1.a) && this.failOnError) {
            throw new CertificateException("Certificate transparency failed");
        }
        return list;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] chain, String authType) {
        ds5.f(chain, "chain");
        ds5.f(authType, "authType");
        this.delegate.checkServerTrusted(chain, authType);
        byte[] encoded = ((X509Certificate) zl5.A0(chain)).getSubjectX500Principal().getEncoded();
        ds5.e(encoded, "leafCertificate.subjectX500Principal.encoded");
        jk1 Y = z81.Y(encoded, null, 1);
        a aVar = a.a;
        ds5.f(Y, "<this>");
        ds5.f(aVar, "query");
        String str = (String) aVar.invoke(new dl1(Y));
        if (str == null) {
            throw new CertificateException("No commonName found in certificate subjectDN");
        }
        ti1 verifyCertificateTransparency = verifyCertificateTransparency(str, zl5.e3(chain));
        ki1 ki1Var = this.logger;
        if (ki1Var != null) {
            ki1Var.log(str, verifyCertificateTransparency);
        }
        if ((verifyCertificateTransparency instanceof ti1.a) && this.failOnError) {
            throw new CertificateException("Certificate transparency failed");
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        X509Certificate[] acceptedIssuers = this.delegate.getAcceptedIssuers();
        ds5.e(acceptedIssuers, "delegate.acceptedIssuers");
        return acceptedIssuers;
    }

    public final boolean isSameTrustConfiguration(String hostname1, String hostname2) {
        Method method = this.isSameTrustConfigurationMethod;
        ds5.c(method);
        Object invoke = method.invoke(this.delegate, hostname1, hostname2);
        ds5.d(invoke, "null cannot be cast to non-null type kotlin.Boolean");
        return ((Boolean) invoke).booleanValue();
    }
}
