package net.rim.protocol.iplayer.connection.handler.device.crl;

import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.text.MessageFormat;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchResult;
import javax.security.auth.x500.X500Principal;
import net.rim.application.ipproxyservice.Features;
import net.rim.application.ipproxyservice.RimPublicProperties;
import net.rim.protocol.iplayer.connection.handler.device.ocsp.ProxyStatusProvider;
import net.rim.protocol.iplayer.connection.handler.device.ocsp.l;
import net.rim.protocol.iplayer.connection.handler.device.ocsp.o;
import net.rim.protocol.iplayer.connection.handler.device.ocsp.utility.i;
import net.rim.protocol.iplayer.connection.handler.device.ocsp.utility.j;
import net.rim.protocol.iplayer.connection.handler.device.ocsp.utility.k;
import net.rim.shared.LogCode;
import sun.misc.BASE64Decoder;

/* loaded from: input_file:net/rim/protocol/iplayer/connection/handler/device/crl/CRLProxyStatusProvider.class */
public class CRLProxyStatusProvider extends ProxyStatusProvider {
    private static final long ak = -2255283056435802812L;
    private static final int al = 1;
    private static final int aUd = 2;
    private static final int an = 3;
    private static final int aUe = 4;
    private static final int aUf = 5;
    private static final int aUg = 6;
    private static final int aUh = 7;
    public static final int UNKNOWN = -1;
    public static final int aq = 0;
    public static final int ar = 1;
    private static final String FILTER = "(objectclass=*)";
    private RimPublicProperties aE;
    private static final String aUr = "application.handler.crl.DEFAULT_URL";
    private static final String aUs = "application.handler.crl.USE_DEVICE_RESPONDERS";
    private static final String aUi = "certificaterevocationlist";
    private static final String aUj = "certificaterevocationlist;binary";
    private static final String aUk = "authorityrevocationlist";
    private static final String aUl = "authorityrevocationlist;binary";
    private static final String[] aUo = {aUi, aUj, aUk, aUl};
    private static final String aUm = "cacertificate";
    private static final String aUn = "cacertificate;binary";
    private static final String[] aUp = {aUm, aUn};
    private static final String[] aUq = {"CN=", "C=", "L=", "ST=", "O=", "OU=", "DC="};

    public CRLProxyStatusProvider() {
        super(ak);
        try {
            this.aE = RimPublicProperties.getInstance();
        } catch (Throwable th) {
            net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_CONF_INSTANCE));
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // net.rim.protocol.iplayer.connection.handler.device.ocsp.ProxyStatusProvider
    public boolean processStatusRequest(net.rim.protocol.iplayer.connection.handler.device.ocsp.c cVar, l lVar) {
        int i;
        c fetchCRLs;
        net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_STARTING_REQUEST));
        boolean z = false;
        try {
            String[] decodeURLs = decodeURLs(cVar.Y(1));
            byte[] Y = cVar.Y(6);
            if (Y != null && Y.length == 1) {
                if (Y[0] == 1) {
                    z = true;
                }
            }
            net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_ALLOW_UNVERIFIED_CRLS), Boolean.toString(z)));
            Hashtable hashtable = new Hashtable();
            e KL = e.KL();
            int[] hR = cVar.hR();
            int length = hR.length;
            byte[] bArr = new byte[length];
            byte[] bArr2 = new byte[length];
            byte[] bArr3 = new byte[length];
            byte[] bArr4 = new byte[length];
            for (int i2 = 0; i2 < length; i2++) {
                bArr[i2] = cVar.f(hR[i2], 2);
                bArr2[i2] = cVar.f(hR[i2], 7);
                bArr3[i2] = cVar.f(hR[i2], 5);
                bArr4[i2] = cVar.f(hR[i2], 4);
            }
            int length2 = decodeURLs.length;
            for (int i3 = 0; i3 < length2; i3++) {
                X509CRL[] mg = KL.mg(decodeURLs[i3]);
                if (mg == null && (fetchCRLs = fetchCRLs(decodeURLs[i3])) != null) {
                    KL.a(decodeURLs[i3], fetchCRLs);
                    mg = fetchCRLs.getCRLs();
                }
                int length3 = mg == null ? 0 : mg.length;
                for (int i4 = 0; i4 < length3; i4++) {
                    X509CRL x509crl = mg[i4];
                    X500Principal issuerX500Principal = x509crl.getIssuerX500Principal();
                    for (int i5 = 0; i5 < length; i5++) {
                        boolean z2 = false;
                        if (bArr2[i5] != 0) {
                            net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_COMPARING_DNS), Integer.toString(hR[i5]), decodeURLs[i3]));
                            z2 = new X500Principal(bArr2[i5]).equals(issuerX500Principal);
                        } else if (bArr4[i5] != 0) {
                            net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_COMPARING_DNS_LEGACY), Integer.toString(hR[i5]), decodeURLs[i3]));
                            z2 = principalEqualsRFC2253(issuerX500Principal.getName("RFC2253"), new X500Principal(new String(bArr4[i5])).getName("RFC2253"));
                        }
                        if (z2) {
                            net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_DNS_MATCH), Integer.toString(hR[i5]), decodeURLs[i3]));
                            boolean verifyCRL = bArr3[i5] != 0 ? verifyCRL(decodeURLs[i3], x509crl, bArr3[i5]) : fetchIssuerAndVerifyCRL(decodeURLs[i3], x509crl, issuerX500Principal);
                            if (verifyCRL || z) {
                                X509CRLEntry revokedCertificate = x509crl.getRevokedCertificate(new BigInteger(bArr[i5]));
                                if (revokedCertificate != null) {
                                    net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_CERTIFICATE_REVOKED), Integer.toString(hR[i5]), decodeURLs[i3]));
                                    addStatus(hashtable, hR[i5], 1, decodeURLs[i3], x509crl, revokedCertificate, verifyCRL);
                                } else {
                                    net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_CERTIFICATE_GOOD), Integer.toString(hR[i5]), decodeURLs[i3]));
                                    addStatus(hashtable, hR[i5], 0, decodeURLs[i3], x509crl, revokedCertificate, verifyCRL);
                                }
                            } else {
                                net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_CERTIFICATE_UNKNOWN), Integer.toString(hR[i5]), decodeURLs[i3]));
                                addStatus(hashtable, hR[i5], -1, decodeURLs[i3], x509crl, null, verifyCRL);
                            }
                        } else {
                            net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_DNS_DO_NOT_MATCH), Integer.toString(hR[i5]), decodeURLs[i3]));
                            net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_CERTIFICATE_UNKNOWN), Integer.toString(hR[i5]), decodeURLs[i3]));
                            addStatus(hashtable, hR[i5], -1, decodeURLs[i3], x509crl, null, false);
                        }
                    }
                }
            }
            if (length2 == 0) {
                for (int i6 = 0; i6 < length; i6++) {
                    net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_NO_SERVERS_AVAILABLE), Integer.toString(hR[i6])));
                    addStatusUnknown(hashtable, hR[i6]);
                }
            }
            Enumeration keys = hashtable.keys();
            while (keys.hasMoreElements()) {
                Integer num = (Integer) keys.nextElement();
                a aVar = (a) hashtable.get(num);
                byte[] array = aVar.toArray();
                if (array != null) {
                    switch (aVar.getStatus()) {
                        case -1:
                        default:
                            i = 2;
                            break;
                        case 0:
                            i = 0;
                            break;
                        case 1:
                            i = 1;
                            break;
                    }
                    lVar.K(num.intValue(), i);
                    lVar.e(num.intValue(), 3, array);
                    lVar.setPriority(aVar.ft() ? 20 : 40);
                }
            }
            return true;
        } catch (IOException e) {
            return false;
        }
    }

    private boolean principalEqualsRFC2253(String str, String str2) {
        int indexOf;
        int indexOf2;
        int length = str.length();
        int length2 = str2.length();
        int length3 = aUq.length;
        Vector vector = new Vector();
        for (int i = 0; i < length3; i++) {
            String str3 = aUq[i];
            int i2 = 0;
            while (true) {
                int i3 = i2;
                if (i3 >= length || (indexOf2 = str.indexOf(str3, i3)) == -1) {
                    break;
                }
                int findAttributeValueEnd = findAttributeValueEnd(str, indexOf2);
                vector.addElement(str.substring(indexOf2, findAttributeValueEnd));
                i2 = findAttributeValueEnd;
            }
            int i4 = 0;
            while (true) {
                int i5 = i4;
                if (i5 >= length2 || (indexOf = str2.indexOf(str3, i5)) == -1) {
                    break;
                }
                int findAttributeValueEnd2 = findAttributeValueEnd(str2, indexOf);
                String substring = str2.substring(indexOf, findAttributeValueEnd2);
                if (!vector.contains(substring)) {
                    return false;
                }
                vector.removeElement(substring);
                i4 = findAttributeValueEnd2;
            }
            if (vector.size() > 0) {
                return false;
            }
        }
        return true;
    }

    private int findAttributeValueEnd(String str, int i) {
        boolean z = false;
        boolean z2 = false;
        int length = str.length();
        for (int i2 = i; i2 < length; i2++) {
            if (z) {
                z = false;
            } else {
                char charAt = str.charAt(i2);
                if (charAt == '\\') {
                    z = true;
                } else if (charAt == '\"') {
                    z2 = !z2;
                } else if (charAt == ',' && !z2) {
                    return i2;
                }
            }
        }
        return length;
    }

    private PublicKey[] getPublicKeys(byte[] bArr) {
        if (bArr == null) {
            throw new IllegalArgumentException();
        }
        try {
            DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(bArr));
            int readInt = dataInputStream.readInt();
            PublicKey[] publicKeyArr = new PublicKey[readInt];
            for (int i = 0; i < readInt; i++) {
                byte[] bArr2 = new byte[dataInputStream.readInt()];
                dataInputStream.readFully(bArr2);
                try {
                    publicKeyArr[i] = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(bArr2));
                } catch (NoSuchAlgorithmException e) {
                } catch (InvalidKeySpecException e2) {
                }
                if (publicKeyArr[i] == null) {
                    try {
                        publicKeyArr[i] = KeyFactory.getInstance("DSA").generatePublic(new X509EncodedKeySpec(bArr2));
                        if (publicKeyArr[i] != null) {
                        }
                    } catch (NoSuchAlgorithmException e3) {
                    } catch (InvalidKeySpecException e4) {
                    }
                }
            }
            return publicKeyArr;
        } catch (IOException e5) {
            return null;
        }
    }

    private boolean verifyCRL(String str, X509CRL x509crl, byte[] bArr) {
        if (x509crl == null || bArr == null) {
            throw new IllegalArgumentException();
        }
        for (PublicKey publicKey : getPublicKeys(bArr)) {
            if (verifyCRL(str, x509crl, publicKey)) {
                net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_VERIFIED_CRL_WITH_HANDHELD_KEY), str));
                return true;
            }
        }
        net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_COULD_NOT_VERIFY_CRL_WITH_HANDHELD_KEY), str));
        return false;
    }

    private boolean verifyCRL(String str, X509CRL x509crl, PublicKey publicKey) {
        try {
            x509crl.verify(publicKey);
            return true;
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | CRLException e) {
            return false;
        }
    }

    private a getCertStatus(int i, X509CRL x509crl, X509CRLEntry x509CRLEntry, boolean z) throws IOException {
        byte[] extensionValue;
        long time = x509crl.getThisUpdate().getTime();
        long time2 = x509crl.getNextUpdate().getTime();
        long j = 0;
        int i2 = 0;
        if (i == 1) {
            j = x509CRLEntry.getRevocationDate().getTime();
            if (x509CRLEntry.hasExtensions() && (extensionValue = x509CRLEntry.getExtensionValue("2.5.29.21")) != null && extensionValue.length > 0) {
                try {
                    i2 = new i(new i(extensionValue).uW()).uN();
                } catch (j e) {
                }
            }
        }
        return new a(i, time, time2, j, i2, z);
    }

    private void addStatus(Hashtable hashtable, int i, int i2, String str, X509CRL x509crl, X509CRLEntry x509CRLEntry, boolean z) {
        Integer num = new Integer(i);
        try {
            a aVar = (a) hashtable.get(num);
            if (aVar != null) {
                int status = aVar.getStatus();
                long fq = aVar.fq();
                if (i2 < status) {
                    net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_NOT_USING_STATUS), Integer.toString(i), str));
                    return;
                }
                if (i2 > status) {
                    hashtable.put(num, getCertStatus(i2, x509crl, x509CRLEntry, z));
                    net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_USING_STATUS), Integer.toString(i), str));
                } else if (x509crl.getThisUpdate().getTime() <= fq) {
                    net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_NOT_USING_STATUS), Integer.toString(i), str));
                } else {
                    hashtable.put(num, getCertStatus(i2, x509crl, x509CRLEntry, z));
                    net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_USING_STATUS), Integer.toString(i), str));
                }
            } else {
                hashtable.put(num, getCertStatus(i2, x509crl, x509CRLEntry, z));
                net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_USING_STATUS), Integer.toString(i), str));
            }
        } catch (IOException e) {
            try {
                hashtable.put(num, getCertStatus(i2, x509crl, x509CRLEntry, z));
            } catch (IOException e2) {
            }
        }
    }

    private void addStatusUnknown(Hashtable hashtable, int i) {
        Integer num = new Integer(i);
        if (((a) hashtable.get(num)) == null) {
            hashtable.put(num, new a(-1, System.currentTimeMillis(), 0L, 0L, 0, false));
        }
    }

    private String[] decodeURLs(byte[] bArr) throws IOException {
        String[] strArr;
        int i;
        if (this.aE.getBooleanProperty("application.handler.crl.USE_DEVICE_RESPONDERS", true)) {
            DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(bArr));
            i = dataInputStream.readInt();
            strArr = new String[i];
            for (int i2 = 0; i2 < i; i2++) {
                strArr[i2] = handleSpaces(dataInputStream.readUTF());
                net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log("URL[" + i2 + "]: " + strArr[i2]);
            }
        } else {
            strArr = new String[0];
            i = 0;
        }
        String property = this.aE.getProperty("application.handler.crl.DEFAULT_URL");
        if (property != null && property.length() > 0) {
            net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log("Default URL: " + property);
            String[] strArr2 = new String[i + 1];
            System.arraycopy(strArr, 0, strArr2, 0, i);
            strArr2[i] = property;
            strArr = strArr2;
        }
        String[] removeDuplicates = removeDuplicates(strArr);
        net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_TRIMMED_LIST), Integer.toString(removeDuplicates.length)));
        return removeDuplicates;
    }

    private String[] removeDuplicates(String[] strArr) {
        if (strArr == null || strArr.length <= 1) {
            return strArr;
        }
        Hashtable hashtable = new Hashtable();
        int length = strArr.length;
        for (int i = 0; i < length; i++) {
            hashtable.put(strArr[i], strArr[i]);
        }
        int size = hashtable.size();
        if (size == length) {
            return strArr;
        }
        String[] strArr2 = new String[size];
        int i2 = 0;
        Enumeration elements = hashtable.elements();
        while (elements.hasMoreElements()) {
            int i3 = i2;
            i2++;
            strArr2[i3] = (String) elements.nextElement();
        }
        return strArr2;
    }

    private Attribute getAttribute(Attributes attributes) {
        Attribute attribute = attributes.get(aUi);
        if (attribute != null) {
            return attribute;
        }
        Attribute attribute2 = attributes.get(aUj);
        if (attribute2 != null) {
            return attribute2;
        }
        Attribute attribute3 = attributes.get(aUk);
        if (attribute3 != null) {
            return attribute3;
        }
        Attribute attribute4 = attributes.get(aUl);
        if (attribute4 != null) {
            return attribute4;
        }
        Attribute attribute5 = attributes.get(aUm);
        if (attribute5 != null) {
            return attribute5;
        }
        Attribute attribute6 = attributes.get(aUn);
        if (attribute6 != null) {
            return attribute6;
        }
        return null;
    }

    private static String handleSpaces(String str) {
        if (str == null) {
            return null;
        }
        StringBuffer stringBuffer = new StringBuffer();
        while (true) {
            int indexOf = str.indexOf(32);
            if (indexOf == -1) {
                stringBuffer.append(str);
                return stringBuffer.toString();
            }
            stringBuffer.append(str.substring(0, indexOf));
            stringBuffer.append("%20");
            str = str.substring(indexOf + 1);
        }
    }

    private c fetchCRLs(String str) {
        c cVar;
        try {
            if (isHTTP(str)) {
                cVar = fetchCRLsHTTP(str);
            } else if (isLDAP(str)) {
                cVar = fetchCRLsLDAP(str);
            } else {
                net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_PROTOCOL_UNSUPPORTED) + "--> " + str);
                cVar = null;
            }
        } catch (Throwable th) {
            net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.logStackTraceOfThrowable(th);
            cVar = null;
        }
        net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_FETCHED_CRLS), Integer.toString(cVar.getCRLs().length), str));
        return cVar;
    }

    private boolean isHTTP(String str) {
        return str.toLowerCase().startsWith(Features.aup);
    }

    private boolean isLDAP(String str) {
        return str.toLowerCase().startsWith(Features.auu);
    }

    private c fetchCRLsHTTP(String str) throws CertificateException, CRLException, IOException {
        CRL generateCRL;
        net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_FETCHING_HTTP), str));
        byte[] gM = k.gM(str);
        if (gM == null) {
            return null;
        }
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
        int length = gM.length;
        try {
            generateCRL = certificateFactory.generateCRL(new ByteArrayInputStream(gM));
        } catch (CRLException e) {
            generateCRL = certificateFactory.generateCRL(new ByteArrayInputStream(new BASE64Decoder().decodeBuffer(new ByteArrayInputStream(gM))));
        }
        if (!(generateCRL instanceof X509CRL)) {
            return null;
        }
        net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_RECEIVED_HTTP), str));
        return new c(new X509CRL[]{(X509CRL) generateCRL}, length);
    }

    private c fetchCRLsLDAP(String str) throws CertificateException, CRLException, NamingException {
        net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_FETCHING_LDAP), str));
        Vector vector = new Vector();
        int i = 0;
        NamingEnumeration a = new o().a(net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.getName(), str, aUo, FILTER);
        if (a == null) {
            return null;
        }
        while (a.hasMore()) {
            Attribute attribute = getAttribute(((SearchResult) a.next()).getAttributes());
            if (attribute != null) {
                byte[] bArr = (byte[]) attribute.get();
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
                i += bArr.length;
                CRL generateCRL = certificateFactory.generateCRL(new ByteArrayInputStream(bArr));
                if (generateCRL instanceof X509CRL) {
                    net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_RECEIVED_LDAP), str));
                    vector.addElement(generateCRL);
                }
            }
        }
        return new c((X509CRL[]) vector.toArray(new X509CRL[0]), i);
    }

    private boolean fetchIssuerAndVerifyCRL(String str, X509CRL x509crl, X500Principal x500Principal) {
        CertificateFactory certificateFactory;
        if (str == null || x509crl == null) {
            throw new IllegalArgumentException();
        }
        b xN = b.xN();
        X509Certificate a = xN.a(x500Principal);
        if (a != null) {
            if (verifyCRL(str, x509crl, a.getPublicKey())) {
                net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_VERIFIED_CRL_WITH_CACHED_KEY), str));
                return true;
            }
            net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_COULD_NOT_VERIFY_CRL_WITH_CACHED_KEY), str));
        }
        if (!str.startsWith("ldap://")) {
            net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_CANNOT_FETCH_ISSUER_CERT), str));
            return false;
        }
        String substring = str.substring(0, str.indexOf("?") + 1);
        net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_FETCHING_ISSUER), substring));
        NamingEnumeration a2 = new o().a(net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.getName(), substring, aUp, FILTER);
        if (a2 == null) {
            return false;
        }
        while (a2.hasMore()) {
            try {
                Attribute attribute = getAttribute(((SearchResult) a2.next()).getAttributes());
                if (attribute != null) {
                    int size = attribute.size();
                    for (int i = 0; i < size; i++) {
                        byte[] bArr = (byte[]) attribute.get(i);
                        try {
                            certificateFactory = CertificateFactory.getInstance("X509");
                        } catch (CertificateException e) {
                        }
                        if (certificateFactory == null) {
                            net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_FACTORY_UNAVAILABLE));
                            return false;
                        }
                        X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(bArr));
                        if (verifyCRL(str, x509crl, x509Certificate.getPublicKey())) {
                            net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_VERIFIED_CRL_WITH_FETCHED_KEY), str));
                            xN.addCertificate(x509Certificate);
                            return true;
                        }
                    }
                }
            } catch (NamingException e2) {
                net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_FETCH_VERIFY_NAMING_EXCEPTION) + e2);
            }
        }
        net.rim.protocol.iplayer.connection.handler.device.crl.logging.a.log(MessageFormat.format(net.rim.protocol.iplayer.logging.a.getResource(LogCode.CRL_COULD_NOT_VERIFY_CRL_WITH_FETCHED_KEY), str));
        return false;
    }
}
