package org.bouncycastle.jce.provider;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.lang.ref.WeakReference;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URL;
import java.security.cert.CertPathValidatorException;
import java.security.cert.Extension;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.WeakHashMap;
import jh.q;
import pf.p;
import xe.c0;
import xe.d0;
import xe.k0;
import xe.o2;
import xe.s;
import zf.y;
import zf.z;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class OcspCache {
    private static final int DEFAULT_MAX_RESPONSE_SIZE = 32768;
    private static final int DEFAULT_TIMEOUT = 15000;
    private static Map<URI, WeakReference<Map<pf.b, pf.g>>> cache = Collections.synchronizedMap(new WeakHashMap());

    public static pf.g getOcspResponse(pf.b bVar, q qVar, URI uri, X509Certificate x509Certificate, List<Extension> list, nh.f fVar) throws CertPathValidatorException {
        pf.g f02;
        byte[] value;
        String id2;
        String id3;
        boolean isCritical;
        pf.g gVar;
        s j02;
        WeakReference<Map<pf.b, pf.g>> weakReference = cache.get(uri);
        Map<pf.b, pf.g> map = weakReference != null ? weakReference.get() : null;
        boolean z10 = false;
        if (map != null && (gVar = map.get(bVar)) != null) {
            k0 k02 = pf.l.f0(pf.a.g0(d0.p0(gVar.h0().h0()).r0()).k0()).k0();
            for (int i10 = 0; i10 != k02.size(); i10++) {
                p h02 = p.h0(k02.s0(i10));
                if (bVar.equals(h02.f0()) && (j02 = h02.j0()) != null) {
                    try {
                    } catch (ParseException unused) {
                        map.remove(bVar);
                    }
                    if (qVar.e().after(j02.s0())) {
                        map.remove(bVar);
                        gVar = null;
                    }
                }
            }
            if (gVar != null) {
                return gVar;
            }
        }
        try {
            URL url = uri.toURL();
            xe.l lVar = new xe.l();
            lVar.a(new pf.i(bVar, null));
            xe.l lVar2 = new xe.l();
            byte[] bArr = null;
            for (int i11 = 0; i11 != list.size(); i11++) {
                Extension a10 = a.a(list.get(i11));
                value = a10.getValue();
                String t02 = pf.e.f33215c.t0();
                id2 = a10.getId();
                if (t02.equals(id2)) {
                    bArr = value;
                }
                id3 = a10.getId();
                c0 c0Var = new c0(id3);
                isCritical = a10.isCritical();
                lVar2.a(new y(c0Var, isCritical, value));
            }
            try {
                byte[] encoded = new pf.f(new pf.q((zf.c0) null, new o2(lVar), z.n0(new o2(lVar2))), null).getEncoded();
                HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
                httpURLConnection.setConnectTimeout(DEFAULT_TIMEOUT);
                httpURLConnection.setReadTimeout(DEFAULT_TIMEOUT);
                httpURLConnection.setDoOutput(true);
                httpURLConnection.setDoInput(true);
                httpURLConnection.setRequestMethod(j6.d.f19666b);
                httpURLConnection.setRequestProperty("Content-type", "application/ocsp-request");
                httpURLConnection.setRequestProperty("Content-length", String.valueOf(encoded.length));
                OutputStream outputStream = httpURLConnection.getOutputStream();
                outputStream.write(encoded);
                outputStream.flush();
                InputStream inputStream = httpURLConnection.getInputStream();
                int contentLength = httpURLConnection.getContentLength();
                if (contentLength < 0) {
                    contentLength = 32768;
                }
                f02 = pf.g.f0(hj.d.f(inputStream, contentLength));
            } catch (IOException e10) {
                e = e10;
            }
            try {
                if (f02.i0().g0() != 0) {
                    throw new CertPathValidatorException("OCSP responder failed: " + f02.i0().h0(), null, qVar.a(), qVar.b());
                }
                pf.k f03 = pf.k.f0(f02.h0());
                if (f03.i0().k0(pf.e.f33214b)) {
                    z10 = ProvOcspRevocationChecker.validatedOcspResponse(pf.a.g0(f03.h0().r0()), qVar, bArr, x509Certificate, fVar);
                }
                if (!z10) {
                    throw new CertPathValidatorException("OCSP response failed to validate", null, qVar.a(), qVar.b());
                }
                WeakReference<Map<pf.b, pf.g>> weakReference2 = cache.get(uri);
                if (weakReference2 != null) {
                    weakReference2.get().put(bVar, f02);
                } else {
                    HashMap hashMap = new HashMap();
                    hashMap.put(bVar, f02);
                    cache.put(uri, new WeakReference<>(hashMap));
                }
                return f02;
            } catch (IOException e11) {
                e = e11;
                throw new CertPathValidatorException(xe.a.a(e, new StringBuilder("configuration error: ")), e, qVar.a(), qVar.b());
            }
        } catch (MalformedURLException e12) {
            throw new CertPathValidatorException("configuration error: " + e12.getMessage(), e12, qVar.a(), qVar.b());
        }
    }
}
