package com.itextpdf.text.pdf.security;

import B7.a;
import B7.b;
import B7.c;
import B7.d;
import B7.e;
import B7.f;
import B7.i;
import R1.A;
import U6.AbstractC0644n;
import U6.C0636f;
import U6.C0637g;
import U6.C0641k;
import U6.C0643m;
import U6.b0;
import com.google.common.net.HttpHeaders;
import com.itextpdf.text.error_messages.MessageLocalization;
import com.itextpdf.text.io.StreamUtil;
import com.itextpdf.text.log.Level;
import com.itextpdf.text.log.Logger;
import com.itextpdf.text.log.LoggerFactory;
import com.itextpdf.text.pdf.PdfEncryption;
import e7.C2070a;
import e7.C2071b;
import f8.C2090d;
import f8.g;
import java.io.BufferedOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.Security;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
import org.bouncycastle.cert.ocsp.OCSPException;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.OperatorException;
import y7.C3483a;
import y7.k;
import y7.l;

/* loaded from: classes3.dex */
public class OcspClientBouncyCastle implements OcspClient {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) OcspClientBouncyCastle.class);
    private final OCSPVerifier verifier;

    @Deprecated
    public OcspClientBouncyCastle() {
        this.verifier = null;
    }

    public OcspClientBouncyCastle(OCSPVerifier oCSPVerifier) {
        this.verifier = oCSPVerifier;
    }

    /* JADX WARN: Type inference failed for: r2v0, types: [java.lang.Object, T7.c] */
    /* JADX WARN: Type inference failed for: r3v0, types: [java.io.OutputStream, f8.e$a] */
    /* JADX WARN: Type inference failed for: r6v4, types: [o7.l, org.bouncycastle.asn1.ASN1Object] */
    /* JADX WARN: Type inference failed for: r7v2, types: [B7.e, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r7v3, types: [y7.k, org.bouncycastle.asn1.ASN1Object] */
    /* JADX WARN: Type inference failed for: r7v7, types: [B7.d, java.lang.Object] */
    private static d generateOCSPRequest(X509Certificate x509Certificate, BigInteger bigInteger) throws OCSPException, IOException, OperatorException, CertificateEncodingException {
        Security.addProvider(new BouncyCastleProvider());
        g gVar = new g(new Object());
        C3483a c3483a = b.f524b;
        try {
            MessageDigest c9 = gVar.c(c3483a);
            ?? outputStream = new OutputStream();
            outputStream.f23949c = c9;
            b bVar = new b(new C2090d.a(c3483a, outputStream), new JcaX509CertificateHolder(x509Certificate), bigInteger);
            ArrayList arrayList = new ArrayList();
            ?? obj = new Object();
            obj.f527a = bVar;
            obj.f528b = null;
            arrayList.add(obj);
            C0643m c0643m = o7.d.f26396b;
            AbstractC0644n abstractC0644n = new AbstractC0644n(new AbstractC0644n(PdfEncryption.createDocumentId()).getEncoded());
            ?? aSN1Object = new ASN1Object();
            aSN1Object.f33847c = c0643m;
            aSN1Object.f33848d = false;
            aSN1Object.f33849e = abstractC0644n;
            l lVar = new l(new k[]{aSN1Object});
            Iterator it2 = arrayList.iterator();
            C0636f c0636f = new C0636f();
            while (it2.hasNext()) {
                try {
                    e eVar = (e) it2.next();
                    c0636f.a(new C2071b(eVar.f527a.f525a, eVar.f528b, 1));
                } catch (Exception e9) {
                    throw new OCSPException("exception creating Request", e9);
                }
            }
            b0 b0Var = new b0(c0636f);
            ?? aSN1Object2 = new ASN1Object();
            aSN1Object2.f26417c = o7.l.f26416g;
            aSN1Object2.f26418d = null;
            aSN1Object2.f26419e = b0Var;
            aSN1Object2.f = lVar;
            C2070a c2070a = new C2070a(aSN1Object2, null, 1);
            ?? obj2 = new Object();
            obj2.f526a = c2070a;
            ((o7.l) c2070a.f23584d).getClass();
            return obj2;
        } catch (GeneralSecurityException e10) {
            throw new OperatorException("exception on setup: " + e10, e10);
        }
    }

    private f getOcspResponse(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) throws GeneralSecurityException, OCSPException, IOException, OperatorException {
        if (x509Certificate == null || x509Certificate2 == null) {
            return null;
        }
        if (str == null) {
            str = CertificateUtil.getOCSPURL(x509Certificate);
        }
        if (str == null) {
            return null;
        }
        LOGGER.info("Getting OCSP from ".concat(str));
        byte[] encoded = generateOCSPRequest(x509Certificate2, x509Certificate.getSerialNumber()).f526a.getEncoded();
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
        httpURLConnection.setRequestProperty("Content-Type", "application/ocsp-request");
        httpURLConnection.setRequestProperty(HttpHeaders.ACCEPT, "application/ocsp-response");
        httpURLConnection.setDoOutput(true);
        DataOutputStream dataOutputStream = new DataOutputStream(new BufferedOutputStream(httpURLConnection.getOutputStream()));
        dataOutputStream.write(encoded);
        dataOutputStream.flush();
        dataOutputStream.close();
        if (httpURLConnection.getResponseCode() / 100 == 2) {
            return new f(StreamUtil.inputStreamToArray((InputStream) httpURLConnection.getContent()));
        }
        throw new IOException(MessageLocalization.getComposedMessage("invalid.http.response.1", httpURLConnection.getResponseCode()));
    }

    public a getBasicOCSPResp(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) {
        try {
            f ocspResponse = getOcspResponse(x509Certificate, x509Certificate2, str);
            if (ocspResponse == null) {
                return null;
            }
            C0637g c0637g = ocspResponse.f529a.f26398c.f26400c;
            byte[] bArr = c0637g.f3435c;
            int length = bArr.length;
            int i9 = c0637g.f3436d;
            if (length - i9 > 4) {
                throw new ArithmeticException("ASN.1 Enumerated out of int range");
            }
            if (C0641k.x(i9, -1, bArr) != 0) {
                return null;
            }
            a aVar = (a) ocspResponse.a();
            OCSPVerifier oCSPVerifier = this.verifier;
            if (oCSPVerifier != null) {
                oCSPVerifier.isValidResponse(aVar, x509Certificate2);
            }
            return aVar;
        } catch (Exception e9) {
            Logger logger = LOGGER;
            if (logger.isLogging(Level.ERROR)) {
                logger.error(e9.getMessage());
            }
            return null;
        }
    }

    @Override // com.itextpdf.text.pdf.security.OcspClient
    public byte[] getEncoded(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) {
        try {
            a basicOCSPResp = getBasicOCSPResp(x509Certificate, x509Certificate2, str);
            if (basicOCSPResp == null) {
                return null;
            }
            A[] b8 = basicOCSPResp.b();
            if (b8.length != 1) {
                return null;
            }
            c a9 = b8[0].a();
            if (a9 == null) {
                return basicOCSPResp.f522c.getEncoded();
            }
            if (a9 instanceof i) {
                throw new IOException(MessageLocalization.getComposedMessage("ocsp.status.is.revoked", new Object[0]));
            }
            throw new IOException(MessageLocalization.getComposedMessage("ocsp.status.is.unknown", new Object[0]));
        } catch (Exception e9) {
            Logger logger = LOGGER;
            if (!logger.isLogging(Level.ERROR)) {
                return null;
            }
            logger.error(e9.getMessage());
            return null;
        }
    }
}
