package org.eclipse.jetty.security.authentication;

import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.CRL;
import java.util.Collection;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.server.Authentication;
import org.eclipse.jetty.util.security.CertificateUtils;
import org.eclipse.jetty.util.security.Password;

/* compiled from: QWQ */
/* loaded from: classes2.dex */
public class ClientCertAuthenticator extends LoginAuthenticator {
    private static final String PASSWORD_PROPERTY = "org.eclipse.jetty.ssl.password";
    private String _crlPath;
    private String _ocspResponderURL;
    private transient Password _trustStorePassword;
    private String _trustStorePath;
    private String _trustStoreProvider;
    private boolean _validateCerts;
    private String _trustStoreType = "JKS";
    private int _maxCertPathLength = -1;
    private boolean _enableCRLDP = false;
    private boolean _enableOCSP = false;

    @Override // org.eclipse.jetty.security.Authenticator
    public String getAuthMethod() {
        return "CLIENT_CERT";
    }

    public String getCrlPath() {
        return this._crlPath;
    }

    public KeyStore getKeyStore(InputStream inputStream, String str, String str2, String str3, String str4) throws Exception {
        return CertificateUtils.getKeyStore(inputStream, str, str2, str3, str4);
    }

    public int getMaxCertPathLength() {
        return this._maxCertPathLength;
    }

    public String getOcspResponderURL() {
        return this._ocspResponderURL;
    }

    public String getTrustStore() {
        return this._trustStorePath;
    }

    public String getTrustStoreProvider() {
        return this._trustStoreProvider;
    }

    public String getTrustStoreType() {
        return this._trustStoreType;
    }

    public boolean isEnableCRLDP() {
        return this._enableCRLDP;
    }

    public boolean isEnableOCSP() {
        return this._enableOCSP;
    }

    public boolean isValidateCerts() {
        return this._validateCerts;
    }

    public Collection<? extends CRL> loadCRL(String str) throws Exception {
        return CertificateUtils.loadCRL(str);
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public boolean secureResponse(ServletRequest servletRequest, ServletResponse servletResponse, boolean z10, Authentication.User user) throws ServerAuthException {
        return true;
    }

    public void setCrlPath(String str) {
        this._crlPath = str;
    }

    public void setEnableCRLDP(boolean z10) {
        this._enableCRLDP = z10;
    }

    public void setEnableOCSP(boolean z10) {
        this._enableOCSP = z10;
    }

    public void setMaxCertPathLength(int i) {
        this._maxCertPathLength = i;
    }

    public void setOcspResponderURL(String str) {
        this._ocspResponderURL = str;
    }

    public void setTrustStore(String str) {
        this._trustStorePath = str;
    }

    public void setTrustStorePassword(String str) {
        this._trustStorePassword = Password.getPassword("org.eclipse.jetty.ssl.password", str, null);
    }

    public void setTrustStoreProvider(String str) {
        this._trustStoreProvider = str;
    }

    public void setTrustStoreType(String str) {
        this._trustStoreType = str;
    }

    public void setValidateCerts(boolean z10) {
        this._validateCerts = z10;
    }

    /* JADX WARN: Removed duplicated region for block: B:10:0x008a A[Catch: Exception -> 0x0045, TryCatch #1 {Exception -> 0x0045, blocks: (B:25:0x0032, B:26:0x004c, B:28:0x0050, B:32:0x0080, B:33:0x0055, B:35:0x005b, B:38:0x0068, B:41:0x0076, B:44:0x0064, B:8:0x0084, B:10:0x008a, B:12:0x0092), top: B:24:0x0032 }] */
    /* JADX WARN: Removed duplicated region for block: B:12:0x0092 A[Catch: Exception -> 0x0045, TRY_LEAVE, TryCatch #1 {Exception -> 0x0045, blocks: (B:25:0x0032, B:26:0x004c, B:28:0x0050, B:32:0x0080, B:33:0x0055, B:35:0x005b, B:38:0x0068, B:41:0x0076, B:44:0x0064, B:8:0x0084, B:10:0x008a, B:12:0x0092), top: B:24:0x0032 }] */
    @Override // org.eclipse.jetty.security.Authenticator
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.eclipse.jetty.server.Authentication validateRequest(javax.servlet.ServletRequest r8, javax.servlet.ServletResponse r9, boolean r10) throws org.eclipse.jetty.security.ServerAuthException {
        /*
            r7 = this;
            if (r10 != 0) goto L8
            org.eclipse.jetty.security.authentication.DeferredAuthentication r8 = new org.eclipse.jetty.security.authentication.DeferredAuthentication
            r8.<init>(r7)
            return r8
        L8:
            r10 = r8
            javax.servlet.http.HttpServletRequest r10 = (javax.servlet.http.HttpServletRequest) r10
            javax.servlet.http.HttpServletResponse r9 = (javax.servlet.http.HttpServletResponse) r9
            java.lang.String r0 = "javax.servlet.request.X509Certificate"
            java.lang.Object r10 = r10.getAttribute(r0)
            java.security.cert.X509Certificate[] r10 = (java.security.cert.X509Certificate[]) r10
            if (r10 == 0) goto L83
            int r0 = r10.length     // Catch: java.lang.Exception -> L48
            if (r0 <= 0) goto L83
            boolean r0 = r7._validateCerts     // Catch: java.lang.Exception -> L48
            if (r0 == 0) goto L4b
            java.lang.String r3 = r7._trustStorePath     // Catch: java.lang.Exception -> L48
            java.lang.String r4 = r7._trustStoreType     // Catch: java.lang.Exception -> L48
            java.lang.String r5 = r7._trustStoreProvider     // Catch: java.lang.Exception -> L48
            org.eclipse.jetty.util.security.Password r0 = r7._trustStorePassword     // Catch: java.lang.Exception -> L48
            if (r0 != 0) goto L2b
            r0 = 0
        L29:
            r6 = r0
            goto L30
        L2b:
            java.lang.String r0 = r0.toString()     // Catch: java.lang.Exception -> L48
            goto L29
        L30:
            r2 = 0
            r1 = r7
            java.security.KeyStore r0 = r1.getKeyStore(r2, r3, r4, r5, r6)     // Catch: java.lang.Exception -> L45
            java.lang.String r2 = r1._crlPath     // Catch: java.lang.Exception -> L45
            java.util.Collection r2 = r7.loadCRL(r2)     // Catch: java.lang.Exception -> L45
            org.eclipse.jetty.util.security.CertificateValidator r3 = new org.eclipse.jetty.util.security.CertificateValidator     // Catch: java.lang.Exception -> L45
            r3.<init>(r0, r2)     // Catch: java.lang.Exception -> L45
            r3.validate(r10)     // Catch: java.lang.Exception -> L45
            goto L4c
        L45:
            r0 = move-exception
        L46:
            r8 = r0
            goto L95
        L48:
            r0 = move-exception
            r1 = r7
            goto L46
        L4b:
            r1 = r7
        L4c:
            int r0 = r10.length     // Catch: java.lang.Exception -> L45
            r2 = 0
        L4e:
            if (r2 >= r0) goto L84
            r3 = r10[r2]     // Catch: java.lang.Exception -> L45
            if (r3 != 0) goto L55
            goto L80
        L55:
            java.security.Principal r4 = r3.getSubjectDN()     // Catch: java.lang.Exception -> L45
            if (r4 != 0) goto L5f
            java.security.Principal r4 = r3.getIssuerDN()     // Catch: java.lang.Exception -> L45
        L5f:
            if (r4 != 0) goto L64
            java.lang.String r4 = "clientcert"
            goto L68
        L64:
            java.lang.String r4 = r4.getName()     // Catch: java.lang.Exception -> L45
        L68:
            byte[] r3 = r3.getSignature()     // Catch: java.lang.Exception -> L45
            char[] r3 = org.eclipse.jetty.util.B64Code.encode(r3)     // Catch: java.lang.Exception -> L45
            org.eclipse.jetty.server.UserIdentity r3 = r7.login(r4, r3, r8)     // Catch: java.lang.Exception -> L45
            if (r3 == 0) goto L80
            org.eclipse.jetty.security.UserAuthentication r8 = new org.eclipse.jetty.security.UserAuthentication     // Catch: java.lang.Exception -> L45
            java.lang.String r9 = r7.getAuthMethod()     // Catch: java.lang.Exception -> L45
            r8.<init>(r9, r3)     // Catch: java.lang.Exception -> L45
            return r8
        L80:
            int r2 = r2 + 1
            goto L4e
        L83:
            r1 = r7
        L84:
            boolean r8 = org.eclipse.jetty.security.authentication.DeferredAuthentication.isDeferred(r9)     // Catch: java.lang.Exception -> L45
            if (r8 != 0) goto L92
            r8 = 403(0x193, float:5.65E-43)
            r9.sendError(r8)     // Catch: java.lang.Exception -> L45
            org.eclipse.jetty.server.Authentication r8 = org.eclipse.jetty.server.Authentication.SEND_FAILURE     // Catch: java.lang.Exception -> L45
            return r8
        L92:
            org.eclipse.jetty.server.Authentication r8 = org.eclipse.jetty.server.Authentication.UNAUTHENTICATED     // Catch: java.lang.Exception -> L45
            return r8
        L95:
            org.eclipse.jetty.security.ServerAuthException r9 = new org.eclipse.jetty.security.ServerAuthException
            java.lang.String r8 = r8.getMessage()
            r9.<init>(r8)
            throw r9
        */
        throw new UnsupportedOperationException("Method not decompiled: org.eclipse.jetty.security.authentication.ClientCertAuthenticator.validateRequest(javax.servlet.ServletRequest, javax.servlet.ServletResponse, boolean):org.eclipse.jetty.server.Authentication");
    }
}
