package com.itextpdf.text.pdf.security;

import R5.C0802s0;
import T6.a;
import W6.b;
import com.itextpdf.text.error_messages.MessageLocalization;
import com.itextpdf.text.io.StreamUtil;
import com.itextpdf.text.log.Level;
import com.itextpdf.text.log.Logger;
import com.itextpdf.text.log.LoggerFactory;
import com.itextpdf.text.pdf.PdfEncryption;
import j6.d;
import java.io.BufferedOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.Security;
import java.security.cert.X509Certificate;
import t6.j;
import t6.k;
import w6.C7297d;
import x6.C7380a;
import x6.C7381b;
import x6.C7384e;
import x6.C7385f;
import x6.C7386g;
import x6.C7388i;
import x6.C7389j;
import x6.InterfaceC7382c;

/* loaded from: classes2.dex */
public class OcspClientBouncyCastle implements OcspClient {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) OcspClientBouncyCastle.class);
    private final OCSPVerifier verifier;

    @Deprecated
    public OcspClientBouncyCastle() {
        this.verifier = null;
    }

    public OcspClientBouncyCastle(OCSPVerifier oCSPVerifier) {
        this.verifier = oCSPVerifier;
    }

    private static C7384e generateOCSPRequest(X509Certificate x509Certificate, BigInteger bigInteger) {
        Security.addProvider(new a());
        C7381b c7381b = new C7381b(new b().b().a(C7381b.f35196b), new C7297d(x509Certificate), bigInteger);
        C7385f c7385f = new C7385f();
        c7385f.a(c7381b);
        c7385f.d(new k(new j[]{new j(d.f30572c, false, new C0802s0(new C0802s0(PdfEncryption.createDocumentId()).getEncoded()))}));
        return c7385f.b();
    }

    private C7386g getOcspResponse(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) {
        if (x509Certificate == null || x509Certificate2 == null) {
            return null;
        }
        if (str == null) {
            str = CertificateUtil.getOCSPURL(x509Certificate);
        }
        if (str == null) {
            return null;
        }
        LOGGER.info("Getting OCSP from " + str);
        byte[] a8 = generateOCSPRequest(x509Certificate2, x509Certificate.getSerialNumber()).a();
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
        httpURLConnection.setRequestProperty("Content-Type", "application/ocsp-request");
        httpURLConnection.setRequestProperty("Accept", "application/ocsp-response");
        httpURLConnection.setDoOutput(true);
        DataOutputStream dataOutputStream = new DataOutputStream(new BufferedOutputStream(httpURLConnection.getOutputStream()));
        dataOutputStream.write(a8);
        dataOutputStream.flush();
        dataOutputStream.close();
        if (httpURLConnection.getResponseCode() / 100 == 2) {
            return new C7386g(StreamUtil.inputStreamToArray((InputStream) httpURLConnection.getContent()));
        }
        throw new IOException(MessageLocalization.getComposedMessage("invalid.http.response.1", httpURLConnection.getResponseCode()));
    }

    public C7380a getBasicOCSPResp(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) {
        try {
            C7386g ocspResponse = getOcspResponse(x509Certificate, x509Certificate2, str);
            if (ocspResponse == null || ocspResponse.c() != 0) {
                return null;
            }
            C7380a c7380a = (C7380a) ocspResponse.b();
            OCSPVerifier oCSPVerifier = this.verifier;
            if (oCSPVerifier != null) {
                oCSPVerifier.isValidResponse(c7380a, x509Certificate2);
            }
            return c7380a;
        } catch (Exception e8) {
            Logger logger = LOGGER;
            if (logger.isLogging(Level.ERROR)) {
                logger.error(e8.getMessage());
            }
            return null;
        }
    }

    @Override // com.itextpdf.text.pdf.security.OcspClient
    public byte[] getEncoded(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) {
        try {
            C7380a basicOCSPResp = getBasicOCSPResp(x509Certificate, x509Certificate2, str);
            if (basicOCSPResp == null) {
                return null;
            }
            C7389j[] b8 = basicOCSPResp.b();
            if (b8.length != 1) {
                return null;
            }
            InterfaceC7382c b9 = b8[0].b();
            if (b9 == InterfaceC7382c.f35198a) {
                return basicOCSPResp.getEncoded();
            }
            if (b9 instanceof C7388i) {
                throw new IOException(MessageLocalization.getComposedMessage("ocsp.status.is.revoked", new Object[0]));
            }
            throw new IOException(MessageLocalization.getComposedMessage("ocsp.status.is.unknown", new Object[0]));
        } catch (Exception e8) {
            Logger logger = LOGGER;
            if (!logger.isLogging(Level.ERROR)) {
                return null;
            }
            logger.error(e8.getMessage());
            return null;
        }
    }
}
