package o;

import java.net.InetSocketAddress;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.x500.X500Principal;
import o.gqt;

/* loaded from: classes15.dex */
public final class goj extends gpp {
    private static final gsr b = gso.c(goj.class.getName());
    private int a;
    private final List<gqt> c;
    private final List<d> d;
    private final List<X500Principal> e;

    /* loaded from: classes15.dex */
    public enum d {
        RSA_SIGN(1, "RSA", true),
        DSS_SIGN(2, "DSA", true),
        RSA_FIXED_DH(3, "DH", false),
        DSS_FIXED_DH(4, "DH", false),
        RSA_EPHEMERAL_DH_RESERVED(5, "DH", false),
        DSS_EPHEMERAL_DH_RESERVED(6, "DH", false),
        FORTEZZA_DMS_RESERVED(20, "UNKNOWN", false),
        ECDSA_SIGN(64, "EC", true),
        RSA_FIXED_ECDH(65, "DH", false),
        ECDSA_FIXED_ECDH(66, "DH", false);

        private final int l;
        private final String m;

        /* renamed from: o, reason: collision with root package name */
        private final boolean f933o;

        d(int i, String str, boolean z) {
            this.l = i;
            this.m = str;
            this.f933o = z;
        }

        public static d b(int i) {
            for (d dVar : values()) {
                if (dVar.l == i) {
                    return dVar;
                }
            }
            return null;
        }

        public boolean a() {
            return this.f933o;
        }

        public boolean a(String str) {
            return this.m.equals(str);
        }

        public int c() {
            return this.l;
        }
    }

    public goj(InetSocketAddress inetSocketAddress) {
        super(inetSocketAddress);
        this.d = new ArrayList();
        this.c = new ArrayList();
        this.e = new ArrayList();
        this.a = 0;
    }

    public goj(List<d> list, List<gqt> list2, List<X500Principal> list3, InetSocketAddress inetSocketAddress) {
        super(inetSocketAddress);
        this.d = new ArrayList();
        this.c = new ArrayList();
        this.e = new ArrayList();
        this.a = 0;
        if (list != null) {
            this.d.addAll(list);
        }
        if (list2 != null) {
            this.c.addAll(list2);
        }
        if (list3 != null) {
            a(list3);
        }
    }

    private boolean a(List<X500Principal> list) {
        Iterator<X500Principal> it = list.iterator();
        int i = 0;
        while (it.hasNext()) {
            if (!e(it.next())) {
                b.e("could add only {} of {} certificate authorities, max length exceeded", Integer.valueOf(i), Integer.valueOf(list.size()));
                return false;
            }
            i++;
        }
        return true;
    }

    public static gpp c(byte[] bArr, InetSocketAddress inetSocketAddress) {
        gnt gntVar = new gnt(bArr);
        int a = gntVar.a(8);
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < a; i++) {
            arrayList.add(d.b(gntVar.a(8)));
        }
        int a2 = gntVar.a(16);
        ArrayList arrayList2 = new ArrayList();
        for (int i2 = 0; i2 < a2; i2 += 2) {
            arrayList2.add(new gqt(gqt.e.c(gntVar.a(8)), gqt.c.e(gntVar.a(8))));
        }
        int a3 = gntVar.a(16);
        ArrayList arrayList3 = new ArrayList();
        while (a3 > 0) {
            byte[] c = gntVar.c(gntVar.a(16));
            arrayList3.add(new X500Principal(c));
            a3 -= c.length + 2;
        }
        return new goj(arrayList, arrayList2, arrayList3, inetSocketAddress);
    }

    gqt a(PublicKey publicKey) {
        for (gqt gqtVar : this.c) {
            try {
                Signature.getInstance(gqtVar.c()).initVerify(publicKey);
                return gqtVar;
            } catch (InvalidKeyException | NoSuchAlgorithmException unused) {
            }
        }
        return null;
    }

    public gqt b(List<X509Certificate> list) {
        if (!d(list)) {
            return null;
        }
        X509Certificate x509Certificate = list.get(0);
        if (b(x509Certificate)) {
            return a(x509Certificate.getPublicKey());
        }
        return null;
    }

    boolean b(PublicKey publicKey) {
        Iterator<d> it = this.d.iterator();
        while (it.hasNext()) {
            if (it.next().a(publicKey.getAlgorithm())) {
                return true;
            }
        }
        return false;
    }

    boolean b(X509Certificate x509Certificate) {
        for (d dVar : this.d) {
            boolean a = dVar.a(x509Certificate.getPublicKey().getAlgorithm());
            boolean z = !dVar.a() || x509Certificate.getKeyUsage() == null || x509Certificate.getKeyUsage()[0];
            b.e("type: {}, isCompatibleWithKeyAlgorithm[{}]: {}, meetsSigningRequirements: {}", dVar, x509Certificate.getPublicKey().getAlgorithm(), Boolean.valueOf(a), Boolean.valueOf(z));
            if (a && z) {
                return true;
            }
        }
        b.e("certificate [{}] is not of any supported type", x509Certificate);
        return false;
    }

    public void c(gqt gqtVar) {
        this.c.add(gqtVar);
    }

    boolean c(X509Certificate x509Certificate) {
        String sigAlgName = x509Certificate.getSigAlgName();
        Iterator<gqt> it = this.c.iterator();
        while (it.hasNext()) {
            if (it.next().c().equalsIgnoreCase(sigAlgName)) {
                return true;
            }
        }
        b.a("certificate is NOT signed with supported algorithm(s)");
        return false;
    }

    public boolean c(X509Certificate[] x509CertificateArr) {
        if (x509CertificateArr != null) {
            int i = 0;
            for (X509Certificate x509Certificate : x509CertificateArr) {
                if (!e(x509Certificate.getSubjectX500Principal())) {
                    b.e("could add only {} of {} certificate authorities, max length exceeded", Integer.valueOf(i), Integer.valueOf(x509CertificateArr.length));
                    return false;
                }
                i++;
            }
        }
        return true;
    }

    @Override // o.gpp
    public gpr d() {
        return gpr.CERTIFICATE_REQUEST;
    }

    public gqt d(PublicKey publicKey) {
        if (b(publicKey)) {
            return a(publicKey);
        }
        return null;
    }

    public void d(d dVar) {
        this.d.add(dVar);
    }

    boolean d(List<X509Certificate> list) {
        Iterator<X509Certificate> it = list.iterator();
        while (it.hasNext()) {
            if (!c(it.next())) {
                b.a("certificate chain is NOT signed with supported algorithm(s)");
                return false;
            }
        }
        b.a("certificate chain is signed with supported algorithm(s)");
        return true;
    }

    @Override // o.gpp
    public int e() {
        return this.d.size() + 1 + 2 + (this.c.size() * 2) + 2 + this.a;
    }

    public List<X509Certificate> e(List<X509Certificate> list) {
        if (list == null) {
            throw new NullPointerException("certificate chain must not be null");
        }
        if (list.size() <= 1) {
            return list;
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(list.get(0));
        for (int i = 1; i < list.size(); i++) {
            X509Certificate x509Certificate = list.get(i);
            arrayList.add(x509Certificate);
            if (this.e.contains(x509Certificate.getSubjectX500Principal())) {
                break;
            }
        }
        return Collections.unmodifiableList(arrayList);
    }

    public boolean e(X500Principal x500Principal) {
        if (x500Principal == null) {
            throw new NullPointerException("authority must not be null");
        }
        int length = x500Principal.getEncoded().length + 2;
        if (this.a + length > 65535) {
            return false;
        }
        this.e.add(x500Principal);
        this.a += length;
        return true;
    }

    @Override // o.gpp
    public byte[] i() {
        gnu gnuVar = new gnu();
        gnuVar.b(this.d.size(), 8);
        Iterator<d> it = this.d.iterator();
        while (it.hasNext()) {
            gnuVar.b(it.next().c(), 8);
        }
        gnuVar.b(this.c.size() * 2, 16);
        for (gqt gqtVar : this.c) {
            gnuVar.b(gqtVar.d().a(), 8);
            gnuVar.b(gqtVar.a().a(), 8);
        }
        gnuVar.b(this.a, 16);
        Iterator<X500Principal> it2 = this.e.iterator();
        while (it2.hasNext()) {
            byte[] encoded = it2.next().getEncoded();
            gnuVar.b(encoded.length, 16);
            gnuVar.d(encoded);
        }
        return gnuVar.b();
    }

    @Override // o.gpp
    public String toString() {
        StringBuilder sb = new StringBuilder(super.toString());
        if (!this.d.isEmpty()) {
            sb.append("\t\tClient certificate type:");
            sb.append(goa.c());
            for (d dVar : this.d) {
                sb.append("\t\t\t");
                sb.append(dVar);
                sb.append(goa.c());
            }
        }
        if (!this.c.isEmpty()) {
            sb.append("\t\tSignature and hash algorithm:");
            sb.append(goa.c());
            for (gqt gqtVar : this.c) {
                sb.append("\t\t\t");
                sb.append(gqtVar.c());
                sb.append(goa.c());
            }
        }
        if (!this.e.isEmpty()) {
            sb.append("\t\tCertificate authorities:");
            sb.append(goa.c());
            for (X500Principal x500Principal : this.e) {
                sb.append("\t\t\t");
                sb.append(x500Principal.getName());
                sb.append(goa.c());
            }
        }
        return sb.toString();
    }
}
