package iaik.x509.ocsp;

import iaik.asn1.ASN;
import iaik.asn1.ASN1;
import iaik.asn1.ASN1Object;
import iaik.asn1.BIT_STRING;
import iaik.asn1.CON_SPEC;
import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.INTEGER;
import iaik.asn1.ObjectID;
import iaik.asn1.SEQUENCE;
import iaik.asn1.structures.AlgorithmID;
import iaik.asn1.structures.GeneralName;
import iaik.utils.Util;
import iaik.x509.V3Extension;
import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionException;
import iaik.x509.ocsp.extensions.AcceptableResponses;
import iaik.x509.ocsp.extensions.Nonce;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Enumeration;

/* loaded from: classes.dex */
public class OCSPRequest {

    /* renamed from: a, reason: collision with root package name */
    static Class f4005a;

    /* renamed from: b, reason: collision with root package name */
    static Class f4006b;

    /* renamed from: c, reason: collision with root package name */
    private ASN1 f4007c;

    /* renamed from: d, reason: collision with root package name */
    private int f4008d;
    private GeneralName e;
    private Request[] f;
    private OCSPExtensions g;
    private AlgorithmID h;
    private byte[] i;
    private X509Certificate[] j;
    private boolean k;

    public OCSPRequest() {
        this.f4008d = 1;
        this.k = true;
        this.f4007c = new ASN1();
    }

    public OCSPRequest(InputStream inputStream) {
        this();
        decode(inputStream);
    }

    public OCSPRequest(byte[] bArr) {
        this();
        decode(bArr);
    }

    private void a() {
        int i;
        Class cls;
        Class cls2;
        ASN1Object componentAt = this.f4007c.getComponentAt(0);
        ASN1Object componentAt2 = componentAt.getComponentAt(0);
        if (componentAt2.isA(ASN.CON_SPEC) && componentAt2.getAsnType().getTag() == 0) {
            this.f4008d = ((BigInteger) ((ASN1Object) componentAt2.getValue()).getValue()).intValue() + 1;
            i = 1;
        } else {
            i = 0;
        }
        ASN1Object componentAt3 = componentAt.getComponentAt(i + 0);
        if (componentAt3.isA(ASN.CON_SPEC) && componentAt3.getAsnType().getTag() == 1) {
            this.e = new GeneralName((ASN1Object) componentAt3.getValue());
            i++;
        }
        ASN1Object componentAt4 = componentAt.getComponentAt(i + 0);
        if (f4005a == null) {
            cls = class$("iaik.x509.ocsp.Request");
            f4005a = cls;
        } else {
            cls = f4005a;
        }
        this.f = (Request[]) ASN.parseSequenceOf(componentAt4, cls);
        int i2 = i + 1;
        if (i2 < componentAt.countComponents()) {
            this.g = new OCSPExtensions((ASN1Object) componentAt.getComponentAt(i2).getValue());
        }
        if (this.f4007c.countComponents() == 2) {
            ASN1Object aSN1Object = (ASN1Object) this.f4007c.getComponentAt(1).getValue();
            this.h = new AlgorithmID(aSN1Object.getComponentAt(0));
            if (this.h == null) {
                throw new CodingException("Request is signed, but signature algorithm is missing!");
            }
            this.i = (byte[]) ((BIT_STRING) aSN1Object.getComponentAt(1)).getValue();
            if (this.i == null) {
                throw new CodingException("Request is signed, but signature value is missing!");
            }
            if (aSN1Object.countComponents() == 3) {
                ASN1Object aSN1Object2 = (ASN1Object) aSN1Object.getComponentAt(2).getValue();
                if (f4006b == null) {
                    cls2 = class$("iaik.x509.X509Certificate");
                    f4006b = cls2;
                } else {
                    cls2 = f4006b;
                }
                this.j = (X509Certificate[]) ASN.parseSequenceOf(aSN1Object2, cls2);
            }
            this.k = false;
        }
        this.f4007c.clearASN1Object();
    }

    private ASN1Object b() {
        if (this.f == null || this.f.length == 0) {
            throw new OCSPException("No single requests set!");
        }
        try {
            SEQUENCE sequence = new SEQUENCE();
            if (this.f4008d > 1) {
                sequence.addComponent(new CON_SPEC(0, new INTEGER(this.f4008d - 1)));
            }
            if (this.e != null) {
                sequence.addComponent(new CON_SPEC(1, this.e.toASN1Object()));
            }
            sequence.addComponent(ASN.createSequenceOf(this.f));
            if (this.g != null && this.g.countExtensions() > 0) {
                sequence.addComponent(new CON_SPEC(2, this.g.toASN1Object()));
            }
            return sequence;
        } catch (Exception e) {
            throw new OCSPException(e.getMessage());
        }
    }

    private void c() {
        try {
            b();
            SEQUENCE sequence = new SEQUENCE();
            sequence.addComponent(b());
            this.f4007c = new ASN1(sequence);
        } catch (CodingException e) {
            throw new OCSPException(e.getMessage());
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    public void addExtension(V3Extension v3Extension) {
        if (this.g == null) {
            this.g = new OCSPExtensions();
        }
        this.g.addExtension(v3Extension);
        this.k = true;
    }

    public boolean containsCertificates() {
        return this.j != null && this.j.length > 0;
    }

    public boolean containsSignature() {
        return this.i != null;
    }

    public int countExtensions() {
        if (this.g == null) {
            return 0;
        }
        return this.g.countExtensions();
    }

    public int countRequests() {
        return this.f.length;
    }

    public void decode(ASN1Object aSN1Object) {
        this.f4007c = new ASN1(aSN1Object);
        try {
            a();
        } catch (Exception e) {
            throw new CodingException(e.toString());
        }
    }

    public void decode(InputStream inputStream) {
        try {
            this.f4007c = new ASN1(inputStream);
            a();
        } catch (CodingException e) {
            throw new IOException(e.getMessage());
        } catch (X509ExtensionException e2) {
            throw new IOException(e2.getMessage());
        }
    }

    public void decode(byte[] bArr) {
        try {
            this.f4007c = new ASN1(bArr);
            a();
        } catch (X509ExtensionException e) {
            throw new CodingException(e.getMessage());
        }
    }

    public ObjectID[] getAccepatableResponseTypes() {
        AcceptableResponses acceptableResponses = (AcceptableResponses) getExtension(AcceptableResponses.oid);
        if (acceptableResponses == null) {
            return null;
        }
        return acceptableResponses.getAcceptableResponseTypes();
    }

    public X509Certificate[] getCertifcates() {
        return this.j;
    }

    public byte[] getEncoded() {
        if (this.k && this.i != null) {
            throw new RuntimeException("Cannot encode this request. First it has to be resigned.");
        }
        if (this.i == null && this.f4007c.toByteArray() == null) {
            try {
                c();
            } catch (OCSPException e) {
                throw new CodingException(e.getMessage());
            }
        }
        return this.f4007c.toByteArray();
    }

    public V3Extension getExtension(ObjectID objectID) {
        if (this.g == null) {
            return null;
        }
        return this.g.getExtension(objectID);
    }

    public byte[] getNonce() {
        Nonce nonce = (Nonce) getExtension(Nonce.oid);
        if (nonce == null) {
            return null;
        }
        return nonce.getValue();
    }

    public Request[] getRequestList() {
        return this.f;
    }

    public GeneralName getRequestorName() {
        return this.e;
    }

    public byte[] getSignature() {
        return this.i;
    }

    public AlgorithmID getSignatureAlgorithm() {
        return this.h;
    }

    public byte[] getTBSRequest() {
        try {
            return (this.f4007c == null || this.f4007c.toByteArray() == null) ? DerCoder.encode(b()) : this.f4007c.getFirstObject();
        } catch (OCSPException e) {
            throw new CodingException(e.toString());
        }
    }

    public int getVersion() {
        return this.f4008d;
    }

    public boolean hasExtensions() {
        if (this.g == null) {
            return false;
        }
        return this.g.hasExtensions();
    }

    public boolean hasUnsupportedCriticalExtension() {
        if (this.g == null) {
            return false;
        }
        return this.g.hasUnsupportedCriticalExtension();
    }

    public Enumeration listExtensions() {
        if (this.g == null) {
            return null;
        }
        return this.g.listExtensions();
    }

    public void removeAllExtensions() {
        if (this.g != null) {
            this.g.removeAllExtensions();
            this.k = true;
        }
        this.g = null;
    }

    public boolean removeExtension(ObjectID objectID) {
        boolean removeExtension = this.g == null ? false : this.g.removeExtension(objectID);
        if (removeExtension) {
            this.k = true;
        }
        return removeExtension;
    }

    public void setAcceptableResponseTypes(ObjectID[] objectIDArr) {
        addExtension(new AcceptableResponses(objectIDArr));
    }

    public void setCertificates(X509Certificate[] x509CertificateArr) {
        this.j = x509CertificateArr;
        this.k = true;
    }

    public void setNonce(byte[] bArr) {
        addExtension(new Nonce(bArr));
    }

    public void setRequestList(Request[] requestArr) {
        this.f = requestArr;
        this.k = true;
        if (requestArr != null) {
            for (Request request : requestArr) {
                if (request.getReqCert().getType() != 0) {
                    this.f4008d = 2;
                    return;
                }
            }
        }
    }

    public void setRequestorName(GeneralName generalName) {
        this.e = generalName;
        this.k = true;
    }

    public void setSignature(AlgorithmID algorithmID, byte[] bArr) {
        if (algorithmID == null) {
            throw new OCSPException("Cannot sign request! No signature algorithm specified!");
        }
        if (bArr == null || bArr.length == 0) {
            throw new OCSPException("Cannot set empty signature value!");
        }
        this.h = algorithmID;
        this.i = bArr;
        ASN1Object b2 = b();
        try {
            BIT_STRING bit_string = new BIT_STRING(this.i);
            SEQUENCE sequence = new SEQUENCE();
            SEQUENCE sequence2 = new SEQUENCE();
            sequence2.addComponent(this.h.toASN1Object());
            sequence2.addComponent(bit_string);
            if (this.j != null && this.j.length > 0) {
                sequence2.addComponent(new CON_SPEC(0, ASN.createSequenceOf(this.j)));
            }
            sequence.addComponent(b2);
            sequence.addComponent(new CON_SPEC(0, sequence2));
            this.f4007c = new ASN1(sequence);
            this.k = false;
        } catch (CodingException e) {
            throw new OCSPException(e.getMessage());
        }
    }

    public void sign(AlgorithmID algorithmID, PrivateKey privateKey) {
        sign(algorithmID, privateKey, null);
    }

    public void sign(AlgorithmID algorithmID, PrivateKey privateKey, String str) {
        AlgorithmParameters signatureParameters;
        if (algorithmID == null) {
            throw new OCSPException("Cannot sign request! No signature algorithm specified!");
        }
        this.h = algorithmID;
        Signature signatureInstance = this.h.getSignatureInstance(str);
        signatureInstance.initSign(privateKey);
        try {
            if (!AlgorithmID.getDoNotIncludeParameters(this.h) && !this.h.hasParameters() && (signatureParameters = Util.getSignatureParameters(signatureInstance)) != null) {
                this.h.setAlgorithmParameters(signatureParameters);
            }
        } catch (Exception e) {
        }
        ASN1Object b2 = b();
        try {
            signatureInstance.update(DerCoder.encode(b2));
            this.i = signatureInstance.sign();
            BIT_STRING bit_string = new BIT_STRING(this.i);
            SEQUENCE sequence = new SEQUENCE();
            SEQUENCE sequence2 = new SEQUENCE();
            sequence2.addComponent(this.h.toASN1Object());
            sequence2.addComponent(bit_string);
            if (this.j != null && this.j.length > 0) {
                sequence2.addComponent(new CON_SPEC(0, ASN.createSequenceOf(this.j)));
            }
            sequence.addComponent(b2);
            sequence.addComponent(new CON_SPEC(0, sequence2));
            this.f4007c = new ASN1(sequence);
            this.k = false;
        } catch (CodingException e2) {
            throw new OCSPException(e2.getMessage());
        } catch (SignatureException e3) {
            throw new OCSPException(e3.getMessage());
        }
    }

    public ASN1Object toASN1Object() {
        if (this.k && this.i != null) {
            throw new RuntimeException("Cannot give an ASN.1 representation of this request. First it has to be resigned.");
        }
        if (this.i == null && this.f4007c.toByteArray() == null) {
            try {
                c();
            } catch (OCSPException e) {
                throw new CodingException(e.getMessage());
            }
        }
        return this.f4007c.toASN1Object();
    }

    public String toString() {
        return toString(false);
    }

    public String toString(boolean z) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(new StringBuffer("Version: ").append(this.f4008d).append("\n").toString());
        if (this.e != null) {
            stringBuffer.append(new StringBuffer("requestorName: ").append(this.e).append("\n").toString());
        }
        if (z) {
            for (int i = 0; i < this.f.length; i++) {
                stringBuffer.append(new StringBuffer("request ").append(i).append(": {\n").toString());
                Util.printIndented(this.f[i].toString(true), true, "  ", stringBuffer);
                stringBuffer.append("\n}");
            }
        } else {
            stringBuffer.append(new StringBuffer("requests: ").append(this.f.length).toString());
        }
        if (this.g != null) {
            stringBuffer.append("\n");
            if (z) {
                stringBuffer.append(this.g);
                stringBuffer.setLength(stringBuffer.length() - 1);
            } else {
                stringBuffer.append(new StringBuffer("Extensions: ").append(this.g.countExtensions()).toString());
            }
        }
        if (this.h != null) {
            stringBuffer.append(new StringBuffer("\nSignature algorithm: ").append(this.h).toString());
        }
        if (this.j != null) {
            stringBuffer.append(new StringBuffer("\ncertificates: ").append(this.j.length).toString());
        }
        return stringBuffer.toString();
    }

    public X509Certificate verify() {
        if (this.j == null || this.j.length <= 0) {
            throw new OCSPException("Cannot verify request. No certificates included.");
        }
        X509Certificate[] arrangeCertificateChain = Util.arrangeCertificateChain(this.j, false);
        if (arrangeCertificateChain == null || arrangeCertificateChain.length <= 0) {
            throw new OCSPException("Cannot verify request. Cannot build chain from included certs.");
        }
        verify(arrangeCertificateChain[0].getPublicKey());
        return arrangeCertificateChain[0];
    }

    public void verify(PublicKey publicKey) {
        verify(publicKey, null);
    }

    public void verify(PublicKey publicKey, String str) {
        if (this.k) {
            throw new RuntimeException("Cannot verify this request. First it has to be signed.");
        }
        if (this.h == null) {
            throw new NoSuchAlgorithmException("Cannot verify request! No signature algorithm set.");
        }
        Signature signatureInstance = this.h.getSignatureInstance(str);
        try {
            byte[] firstObject = this.f4007c.getFirstObject();
            signatureInstance.initVerify(publicKey);
            signatureInstance.update(firstObject);
            if (!signatureInstance.verify(this.i)) {
                throw new SignatureException("Signature verification error!");
            }
        } catch (CodingException e) {
            throw new SignatureException(e.toString());
        }
    }

    public void writeTo(OutputStream outputStream) {
        if (this.k && this.i != null) {
            throw new RuntimeException("Cannot encode this response. First it has to be signed.");
        }
        try {
            outputStream.write(getEncoded());
        } catch (CodingException e) {
            throw new IOException(e.getMessage());
        }
    }
}
