package com.itextpdf.signatures;

import com.itextpdf.bouncycastleconnector.BouncyCastleFactoryCreator;
import com.itextpdf.commons.bouncycastle.IBouncyCastleFactory;
import com.itextpdf.commons.bouncycastle.cert.ocsp.AbstractOCSPException;
import com.itextpdf.commons.bouncycastle.cert.ocsp.IBasicOCSPResp;
import com.itextpdf.commons.bouncycastle.cert.ocsp.ICertificateStatus;
import com.itextpdf.commons.bouncycastle.cert.ocsp.IOCSPReq;
import com.itextpdf.commons.bouncycastle.cert.ocsp.IOCSPResp;
import com.itextpdf.commons.bouncycastle.cert.ocsp.ISingleResp;
import com.itextpdf.commons.bouncycastle.operator.AbstractOperatorCreationException;
import com.itextpdf.commons.utils.DateTimeUtil;
import com.itextpdf.io.logs.IoLogMessageConstant;
import com.itextpdf.io.util.StreamUtil;
import eb.b;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.Security;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;

/* loaded from: classes.dex */
public class OcspClientBouncyCastle implements IOcspClient {
    private static final IBouncyCastleFactory BOUNCY_CASTLE_FACTORY = BouncyCastleFactoryCreator.getFactory();
    private static final eb.a LOGGER = b.d(OcspClientBouncyCastle.class);
    private final OCSPVerifier verifier;

    public OcspClientBouncyCastle(OCSPVerifier oCSPVerifier) {
        this.verifier = oCSPVerifier;
    }

    public static IOCSPReq generateOCSPRequest(X509Certificate x509Certificate, BigInteger bigInteger) throws AbstractOCSPException, IOException, CertificateEncodingException, AbstractOperatorCreationException {
        IBouncyCastleFactory iBouncyCastleFactory = BOUNCY_CASTLE_FACTORY;
        Security.addProvider(iBouncyCastleFactory.getProvider());
        return SignUtils.generateOcspRequestWithNonce(SignUtils.generateCertificateId(x509Certificate, bigInteger, iBouncyCastleFactory.createCertificateID().getHashSha1()));
    }

    public static ICertificateStatus getCertificateStatus(byte[] bArr) {
        try {
            IBouncyCastleFactory iBouncyCastleFactory = BOUNCY_CASTLE_FACTORY;
            IBasicOCSPResp createBasicOCSPResp = iBouncyCastleFactory.createBasicOCSPResp(iBouncyCastleFactory.createBasicOCSPResponse(iBouncyCastleFactory.createASN1Primitive(bArr)));
            if (createBasicOCSPResp == null) {
                return null;
            }
            ISingleResp[] responses = createBasicOCSPResp.getResponses();
            if (responses.length >= 1) {
                return responses[0].getCertStatus();
            }
            return null;
        } catch (Exception unused) {
            return null;
        }
    }

    public InputStream createRequestAndResponse(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) throws IOException, AbstractOperatorCreationException, AbstractOCSPException, CertificateEncodingException {
        LOGGER.m("Getting OCSP from " + str);
        return SignUtils.getHttpResponseForOcspRequest(generateOCSPRequest(x509Certificate2, x509Certificate.getSerialNumber()).getEncoded(), new URL(str));
    }

    public IBasicOCSPResp getBasicOCSPResp(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) {
        try {
            IOCSPResp ocspResponse = getOcspResponse(x509Certificate, x509Certificate2, str);
            if (ocspResponse == null) {
                return null;
            }
            int status = ocspResponse.getStatus();
            IBouncyCastleFactory iBouncyCastleFactory = BOUNCY_CASTLE_FACTORY;
            if (status != iBouncyCastleFactory.createOCSPResponseStatus().getSuccessful()) {
                return null;
            }
            IBasicOCSPResp createBasicOCSPResp = iBouncyCastleFactory.createBasicOCSPResp(ocspResponse.getResponseObject());
            OCSPVerifier oCSPVerifier = this.verifier;
            if (oCSPVerifier != null) {
                oCSPVerifier.isValidResponse(createBasicOCSPResp, x509Certificate2, DateTimeUtil.getCurrentTimeDate());
            }
            return createBasicOCSPResp;
        } catch (Exception e4) {
            LOGGER.c(e4.getMessage());
            return null;
        }
    }

    @Override // com.itextpdf.signatures.IOcspClient
    public byte[] getEncoded(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) {
        try {
            IBasicOCSPResp basicOCSPResp = getBasicOCSPResp(x509Certificate, x509Certificate2, str);
            if (basicOCSPResp == null) {
                return null;
            }
            ISingleResp[] responses = basicOCSPResp.getResponses();
            if (responses.length != 1) {
                return null;
            }
            ICertificateStatus certStatus = responses[0].getCertStatus();
            IBouncyCastleFactory iBouncyCastleFactory = BOUNCY_CASTLE_FACTORY;
            if (!iBouncyCastleFactory.createCertificateStatus().getGood().equals(certStatus)) {
                if (iBouncyCastleFactory.createRevokedStatus(certStatus) == null) {
                    LOGGER.m(IoLogMessageConstant.OCSP_STATUS_IS_UNKNOWN);
                } else {
                    LOGGER.m(IoLogMessageConstant.OCSP_STATUS_IS_REVOKED);
                }
            }
            return basicOCSPResp.getEncoded();
        } catch (Exception e4) {
            LOGGER.c(e4.getMessage());
            return null;
        }
    }

    public IOCSPResp getOcspResponse(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) throws GeneralSecurityException, AbstractOCSPException, IOException, AbstractOperatorCreationException {
        InputStream createRequestAndResponse;
        if (x509Certificate == null || x509Certificate2 == null) {
            return null;
        }
        if (str == null) {
            str = CertificateUtil.getOCSPURL(x509Certificate);
        }
        if (str == null || (createRequestAndResponse = createRequestAndResponse(x509Certificate, x509Certificate2, str)) == null) {
            return null;
        }
        return BOUNCY_CASTLE_FACTORY.createOCSPResp(StreamUtil.inputStreamToArray(createRequestAndResponse));
    }
}
