package com.rsa.certj.provider.path;

import com.rsa.certj.CertJ;
import com.rsa.certj.CertJUtils;
import com.rsa.certj.InvalidParameterException;
import com.rsa.certj.Provider;
import com.rsa.certj.ProviderImplementation;
import com.rsa.certj.ProviderManagementException;
import com.rsa.certj.cert.X500Name;
import com.rsa.certj.cert.X509CRL;
import com.rsa.certj.cert.X509Certificate;
import com.rsa.certj.cert.extensions.GeneralNames;
import com.rsa.certj.cert.extensions.GeneralSubtrees;
import com.rsa.certj.spi.path.CertPathCtx;
import com.rsa.certj.spi.path.CertPathException;
import com.rsa.certj.spi.path.CertPathResult;
import java.util.Vector;

/* loaded from: input_file:com/rsa/certj/provider/path/X509V1CertPath.class */
public final class X509V1CertPath extends Provider {

    /* loaded from: input_file:com/rsa/certj/provider/path/X509V1CertPath$b.class */
    private final class b extends CertPathCommon {
        private b(CertJ certJ, String str) throws InvalidParameterException {
            super(certJ, str);
        }

        @Override // com.rsa.certj.provider.path.CertPathCommon
        protected void getNextCertCandidates(CertPathCtx certPathCtx, Object obj, Vector vector) throws CertPathException {
            X500Name issuerName;
            if (obj instanceof X509Certificate) {
                issuerName = ((X509Certificate) obj).getIssuerName();
            } else {
                if (!(obj instanceof X509CRL)) {
                    throw new CertPathException("X509V1CertPath$Implementation.getNextCertCandidates: does not support startObjects other than X509Certificate or X509CRL.");
                }
                issuerName = ((X509CRL) obj).getIssuerName();
            }
            findCertBySubject(certPathCtx, issuerName, vector);
        }

        @Override // com.rsa.certj.provider.path.CertPathCommon
        protected boolean verifyPath(CertPathCtx certPathCtx, Vector vector, Vector vector2, Vector vector3, Vector vector4, GeneralSubtrees generalSubtrees, GeneralNames generalNames, CertPathResult certPathResult) throws CertPathException {
            X509V1CertPathResult x509V1CertPathResult = (certPathResult == null || !(certPathResult instanceof X509V1CertPathResult)) ? new X509V1CertPathResult() : (X509V1CertPathResult) certPathResult;
            Vector vector5 = vector2 == null ? null : new Vector();
            Vector vector6 = vector3 == null ? null : new Vector();
            X509Certificate x509Certificate = null;
            int size = vector.size() - 1;
            com.rsa.certj.x.b.a(DEBUG_ON, "Start X509v1 verifying path, using trusted root first.");
            while (size > 0) {
                size--;
                x509Certificate = (X509Certificate) vector.elementAt(size);
                if (DEBUG_ON) {
                    com.rsa.certj.x.b.a("Verifying path with certificate " + x509Certificate.getSubjectName().toString());
                }
                if (!verifyRevocation(certPathCtx, x509Certificate, vector5, vector6)) {
                    com.rsa.certj.x.b.a(DEBUG_ON, "Certificate revocation check failed.");
                    x509V1CertPathResult.setValidationResult(false);
                    x509V1CertPathResult.a("Certificate with subject " + x509Certificate.getSubjectName().toString() + " is either revoked or the revocation could not be determined");
                    return false;
                }
            }
            CertJUtils.mergeLists(vector2, vector5);
            CertJUtils.mergeLists(vector3, vector6);
            x509V1CertPathResult.setValidationResult(true);
            if (x509Certificate == null) {
                return true;
            }
            x509V1CertPathResult.a(x509Certificate);
            return true;
        }

        @Override // com.rsa.certj.ProviderImplementation
        public String toString() {
            return "X509V1 Certification Path provider named: " + super.getName();
        }

        @Override // com.rsa.certj.provider.path.CertPathCommon
        protected CertPathResult createCertPathResult() {
            return new X509V1CertPathResult();
        }
    }

    public X509V1CertPath(String str) throws InvalidParameterException {
        super(3, str);
    }

    @Override // com.rsa.certj.Provider
    public ProviderImplementation instantiate(CertJ certJ) throws ProviderManagementException {
        try {
            return new b(certJ, getName());
        } catch (InvalidParameterException e) {
            throw new ProviderManagementException("X509V1CertPath.instantiate: ", e);
        }
    }
}
