package com.dreamsecurity.dstoolkit.cert;

import com.dreamsecurity.dstoolkit.exception.DSToolkitException;
import com.dreamsecurity.dstoolkit.exception.RevokedCertException;
import com.dreamsecurity.dstoolkit.util.Base64;
import com.dreamsecurity.java.util.ArrayList;
import com.dreamsecurity.jcaos.x509.X509CertPath;
import com.dreamsecurity.jcaos.x509.X509CertVerifier;
import com.xshield.dc;

/* loaded from: classes2.dex */
public class CertPathValidator {
    public static final int CERT_KM = 2;
    public static final int CERT_SIGN = 1;
    public static final int CERT_VERIFY_FULL_PATH = 1;
    public static final int CERT_VERIFY_ONLY_USER = 4;
    public static final int CERT_VERIFY_SIGNATURE = 256;
    public static final int CERT_VERIFY_VALIDITY = 512;
    public static final int REVOKE_CHECK_ARL = 1;
    public static final int REVOKE_CHECK_CRL = 2;
    public static final int REVOKE_CHECK_NONE = 0;
    private int caCertCnt;
    private ArrayList caCerts;
    private String confFilePath;
    private int revocationCheck;
    private int rootCertCnt;
    private String[] rootCerts;
    private boolean useCache;
    private int verifyRange;

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public CertPathValidator() {
        this.verifyRange = 0;
        this.revocationCheck = 0;
        this.useCache = true;
        this.rootCerts = null;
        this.rootCertCnt = 0;
        this.caCerts = new ArrayList();
        this.confFilePath = "";
        this.verifyRange = 1;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public CertPathValidator(int i2) {
        this.verifyRange = 0;
        this.revocationCheck = 0;
        this.useCache = true;
        this.rootCerts = null;
        this.rootCertCnt = 0;
        this.caCerts = new ArrayList();
        this.confFilePath = "";
        this.verifyRange = i2;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public CertPathValidator(String str) throws DSToolkitException {
        this.verifyRange = 0;
        this.revocationCheck = 0;
        this.useCache = true;
        this.rootCerts = null;
        this.rootCertCnt = 0;
        this.caCerts = new ArrayList();
        this.confFilePath = "";
        if (str == null || str.length() == 0) {
            throw new DSToolkitException(dc.m1320(198165792));
        }
        this.confFilePath = str;
        this.verifyRange = 1;
        this.revocationCheck = 3;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void addCACert(X509Certificate x509Certificate) throws DSToolkitException {
        if (x509Certificate == null) {
            throw new DSToolkitException(dc.m1309(-1929108722));
        }
        if (this.caCerts == null) {
            this.caCerts = new ArrayList();
            this.caCertCnt = 0;
        }
        if (this.caCertCnt == 12) {
            throw new DSToolkitException(dc.m1321(1003746607) + this.caCerts.size());
        }
        try {
            com.dreamsecurity.jcaos.x509.X509Certificate x509Certificate2 = com.dreamsecurity.jcaos.x509.X509Certificate.getInstance(x509Certificate.getCert());
            this.caCertCnt++;
            this.caCerts.add(x509Certificate2);
        } catch (Exception e) {
            throw new DSToolkitException(e);
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void addTrustedRootCert(X509Certificate x509Certificate) throws DSToolkitException {
        if (x509Certificate == null) {
            throw new DSToolkitException(dc.m1320(198165416));
        }
        if (this.rootCerts == null) {
            this.rootCerts = new String[10];
            this.rootCertCnt = 0;
        }
        if (this.rootCertCnt == this.rootCerts.length) {
            throw new DSToolkitException(dc.m1321(1003746607) + this.rootCerts.length);
        }
        Base64 base64 = new Base64();
        String[] strArr = this.rootCerts;
        int i2 = this.rootCertCnt;
        this.rootCertCnt = i2 + 1;
        strArr[i2] = base64.encode(x509Certificate.getCert());
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void setRevokationCheck(int i2) {
        this.revocationCheck = i2;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void setVerifyRange(int i2) {
        this.verifyRange = i2;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void useCache(boolean z) {
        this.useCache = z;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void validate(int i2, X509Certificate x509Certificate) throws DSToolkitException, RevokedCertException {
        if (x509Certificate == null) {
            throw new DSToolkitException(dc.m1316(-1674343533));
        }
        if (this.rootCertCnt == 0) {
            throw new DSToolkitException(dc.m1321(1003735167));
        }
        if (this.confFilePath == null || this.confFilePath.length() == 0) {
            throw new DSToolkitException(dc.m1317(1206099058));
        }
        X509CertVerifier x509CertVerifier = new X509CertVerifier();
        switch (this.verifyRange) {
            case 1:
                this.verifyRange = 1;
                break;
            case 4:
                this.verifyRange = 2;
                break;
        }
        x509CertVerifier.setVerifyRange(this.verifyRange);
        try {
            com.dreamsecurity.jcaos.x509.X509Certificate x509Certificate2 = com.dreamsecurity.jcaos.x509.X509Certificate.getInstance(x509Certificate.getCert());
            this.revocationCheck = 0;
            if ((this.revocationCheck & 1) == 0) {
                this.revocationCheck |= 1;
            }
            if ((this.revocationCheck & 2) == 0) {
                this.revocationCheck |= 2;
            }
            x509CertVerifier.setRevocationCheckMethod(this.revocationCheck);
            x509CertVerifier.verify(x509Certificate2);
        } catch (Exception e) {
            throw new DSToolkitException(e);
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void validate(X509Certificate x509Certificate) throws Exception {
        if (x509Certificate == null) {
            throw new DSToolkitException(dc.m1316(-1674343533));
        }
        X509CertVerifier x509CertVerifier = new X509CertVerifier();
        if (this.verifyRange != 4 && this.caCertCnt == 0) {
            throw new DSToolkitException(dc.m1316(-1674332389));
        }
        switch (this.verifyRange) {
            case 1:
                this.verifyRange = 1;
                break;
            case 4:
                this.verifyRange = 2;
                break;
        }
        x509CertVerifier.setVerifyRange(this.verifyRange);
        try {
            com.dreamsecurity.jcaos.x509.X509Certificate x509Certificate2 = com.dreamsecurity.jcaos.x509.X509Certificate.getInstance(x509Certificate.getCert());
            this.revocationCheck = 0;
            if ((this.revocationCheck & 1) == 0) {
                this.revocationCheck |= 1;
            }
            if ((this.revocationCheck & 2) == 0) {
                this.revocationCheck |= 2;
            }
            x509CertVerifier.setRevocationCheckMethod(this.revocationCheck);
            x509CertVerifier.setCaPubs(new X509CertPath(this.caCerts));
            x509CertVerifier.verify(x509Certificate2);
        } catch (Exception e) {
            throw new DSToolkitException(e.getMessage());
        }
    }
}
