package o;

import java.net.InetSocketAddress;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.x500.X500Principal;
import o.fng;

/* loaded from: classes11.dex */
public final class flg extends fmc {
    private static final fpe b = fph.e(flg.class.getName());
    final List<a> a;
    private final List<X500Principal> c;
    final List<fng> e;
    private int g;

    /* loaded from: classes11.dex */
    public enum a {
        RSA_SIGN(1, "RSA", true),
        DSS_SIGN(2, "DSA", true),
        RSA_FIXED_DH(3, "DH", false),
        DSS_FIXED_DH(4, "DH", false),
        RSA_EPHEMERAL_DH_RESERVED(5, "DH", false),
        DSS_EPHEMERAL_DH_RESERVED(6, "DH", false),
        FORTEZZA_DMS_RESERVED(20, "UNKNOWN", false),
        ECDSA_SIGN(64, "EC", true),
        RSA_FIXED_ECDH(65, "DH", false),
        ECDSA_FIXED_ECDH(66, "DH", false);

        final boolean l;
        final int m;
        final String p;

        a(int i, String str, boolean z) {
            this.m = i;
            this.p = str;
            this.l = z;
        }

        public static a b(int i) {
            for (a aVar : values()) {
                if (aVar.m == i) {
                    return aVar;
                }
            }
            return null;
        }
    }

    public flg(InetSocketAddress inetSocketAddress) {
        super(inetSocketAddress);
        this.a = new ArrayList();
        this.e = new ArrayList();
        this.c = new ArrayList();
        this.g = 0;
    }

    private flg(List<a> list, List<fng> list2, List<X500Principal> list3, InetSocketAddress inetSocketAddress) {
        super(inetSocketAddress);
        this.a = new ArrayList();
        this.e = new ArrayList();
        this.c = new ArrayList();
        this.g = 0;
        this.a.addAll(list);
        this.e.addAll(list2);
        b(list3);
    }

    private boolean a(X500Principal x500Principal) {
        if (x500Principal == null) {
            throw new NullPointerException("authority must not be null");
        }
        int length = x500Principal.getEncoded().length + 2;
        if (this.g + length > 65535) {
            return false;
        }
        this.c.add(x500Principal);
        this.g += length;
        return true;
    }

    public static fmc b(byte[] bArr, InetSocketAddress inetSocketAddress) {
        fku fkuVar = new fku(bArr);
        int d = fkuVar.d(8);
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < d; i++) {
            arrayList.add(a.b(fkuVar.d(8)));
        }
        int d2 = fkuVar.d(16);
        ArrayList arrayList2 = new ArrayList();
        for (int i2 = 0; i2 < d2; i2 += 2) {
            arrayList2.add(new fng(fng.b.a(fkuVar.d(8)), fng.c.a(fkuVar.d(8))));
        }
        int d3 = fkuVar.d(16);
        ArrayList arrayList3 = new ArrayList();
        while (d3 > 0) {
            byte[] a2 = fkuVar.a(fkuVar.d(16));
            arrayList3.add(new X500Principal(a2));
            d3 -= a2.length + 2;
        }
        return new flg(arrayList, arrayList2, arrayList3, inetSocketAddress);
    }

    private boolean b(List<X500Principal> list) {
        int i = 0;
        Iterator<X500Principal> it = list.iterator();
        while (it.hasNext()) {
            if (!a(it.next())) {
                b.b("could add only {} of {} certificate authorities, max length exceeded", Integer.valueOf(i), Integer.valueOf(list.size()));
                return false;
            }
            i++;
        }
        return true;
    }

    private fng c(PublicKey publicKey) {
        for (fng fngVar : this.e) {
            try {
                Signature.getInstance(fngVar.a()).initVerify(publicKey);
                return fngVar;
            } catch (InvalidKeyException | NoSuchAlgorithmException unused) {
            }
        }
        return null;
    }

    @Override // o.fmc
    public final fmb a() {
        return fmb.CERTIFICATE_REQUEST;
    }

    public final X509Certificate[] a(X509Certificate[] x509CertificateArr) {
        if (x509CertificateArr == null) {
            throw new NullPointerException("certificate chain must not be null");
        }
        if (x509CertificateArr.length <= 1) {
            return (X509Certificate[]) Arrays.copyOf(x509CertificateArr, x509CertificateArr.length);
        }
        int i = 1;
        while (i < x509CertificateArr.length && !this.c.contains(x509CertificateArr[i].getSubjectX500Principal())) {
            i++;
        }
        return (X509Certificate[]) Arrays.copyOf(x509CertificateArr, i);
    }

    public final fng b(PublicKey publicKey) {
        boolean z;
        Iterator<a> it = this.a.iterator();
        while (true) {
            if (!it.hasNext()) {
                z = false;
                break;
            }
            a next = it.next();
            if (next.p.equals(publicKey.getAlgorithm())) {
                z = true;
                break;
            }
        }
        if (z) {
            return c(publicKey);
        }
        return null;
    }

    public final boolean c(X509Certificate[] x509CertificateArr) {
        if (x509CertificateArr == null) {
            return true;
        }
        int i = 0;
        for (X509Certificate x509Certificate : x509CertificateArr) {
            if (!a(x509Certificate.getSubjectX500Principal())) {
                b.b("could add only {} of {} certificate authorities, max length exceeded", Integer.valueOf(i), Integer.valueOf(x509CertificateArr.length));
                return false;
            }
            i++;
        }
        return true;
    }

    @Override // o.fmc
    public final int d() {
        return this.a.size() + 1 + 2 + (this.e.size() * 2) + 2 + this.g;
    }

    public final fng e(X509Certificate[] x509CertificateArr) {
        boolean z;
        boolean z2;
        int i = 0;
        while (true) {
            if (i >= x509CertificateArr.length) {
                b.e("certificate chain is signed with supported algorithm(s)");
                z = true;
                break;
            }
            X509Certificate x509Certificate = x509CertificateArr[i];
            boolean z3 = false;
            Iterator<fng> it = this.e.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (it.next().a().equalsIgnoreCase(x509Certificate.getSigAlgName())) {
                    z3 = true;
                    break;
                }
            }
            if (!z3) {
                b.e("certificate chain is NOT signed with supported algorithm(s)");
                z = false;
                break;
            }
            i++;
        }
        if (!z) {
            return null;
        }
        X509Certificate x509Certificate2 = x509CertificateArr[0];
        Iterator<a> it2 = this.a.iterator();
        while (true) {
            if (!it2.hasNext()) {
                b.d("certificate [{}] is not of any supported type", x509Certificate2);
                z2 = false;
                break;
            }
            a next = it2.next();
            boolean equals = next.p.equals(x509Certificate2.getPublicKey().getAlgorithm());
            boolean z4 = !next.l || (next.l && x509Certificate2.getKeyUsage() != null && x509Certificate2.getKeyUsage()[0]);
            b.b("type: {}, isCompatibleWithKeyAlgorithm[{}]: {}, meetsSigningRequirements: {}", next, x509Certificate2.getPublicKey().getAlgorithm(), Boolean.valueOf(equals), Boolean.valueOf(z4));
            if (equals && z4) {
                z2 = true;
                break;
            }
        }
        if (z2) {
            return c(x509CertificateArr[0].getPublicKey());
        }
        return null;
    }

    @Override // o.fmc
    public final byte[] g() {
        fkt fktVar = new fkt();
        fktVar.a(this.a.size(), 8);
        Iterator<a> it = this.a.iterator();
        while (it.hasNext()) {
            fktVar.a(it.next().m, 8);
        }
        fktVar.a(this.e.size() * 2, 16);
        for (fng fngVar : this.e) {
            fktVar.a(fngVar.b.f, 8);
            fktVar.a(fngVar.e.e, 8);
        }
        fktVar.a(this.g, 16);
        Iterator<X500Principal> it2 = this.c.iterator();
        while (it2.hasNext()) {
            byte[] encoded = it2.next().getEncoded();
            fktVar.a(encoded.length, 16);
            fktVar.d(encoded);
        }
        return fktVar.b();
    }

    @Override // o.fmc
    public final String toString() {
        StringBuilder sb = new StringBuilder(super.toString());
        if (!this.a.isEmpty()) {
            sb.append("\t\tClient certificate type:").append(System.lineSeparator());
            Iterator<a> it = this.a.iterator();
            while (it.hasNext()) {
                sb.append("\t\t\t").append(it.next()).append(System.lineSeparator());
            }
        }
        if (!this.e.isEmpty()) {
            sb.append("\t\tSignature and hash algorithm:").append(System.lineSeparator());
            Iterator<fng> it2 = this.e.iterator();
            while (it2.hasNext()) {
                sb.append("\t\t\t").append(it2.next().a()).append(System.lineSeparator());
            }
        }
        if (!this.c.isEmpty()) {
            sb.append("\t\tCertificate authorities:").append(System.lineSeparator());
            Iterator<X500Principal> it3 = this.c.iterator();
            while (it3.hasNext()) {
                sb.append("\t\t\t").append(it3.next().getName()).append(System.lineSeparator());
            }
        }
        return sb.toString();
    }
}
