package com.dreamsecurity.jcaos.ocsp;

import com.dreamsecurity.jcaos.Environment;
import com.dreamsecurity.jcaos.asn1.ASN1EncodableVector;
import com.dreamsecurity.jcaos.asn1.ASN1InputStream;
import com.dreamsecurity.jcaos.asn1.f.g;
import com.dreamsecurity.jcaos.asn1.f.i;
import com.dreamsecurity.jcaos.asn1.oid.X509ObjectIdentifiers;
import com.dreamsecurity.jcaos.asn1.x509.Certificate;
import com.dreamsecurity.jcaos.asn1.x509.Name;
import com.dreamsecurity.jcaos.asn1.x509.u;
import com.dreamsecurity.jcaos.exception.NotExistSignerCertException;
import com.dreamsecurity.jcaos.exception.ParsingException;
import com.dreamsecurity.jcaos.exception.VerifyException;
import com.dreamsecurity.jcaos.x509.X500Principal;
import com.dreamsecurity.jcaos.x509.X509Certificate;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;

/* loaded from: classes.dex */
public class OCSPRequest {
    g a;

    OCSPRequest(g gVar) {
        this.a = gVar;
    }

    OCSPRequest(byte[] bArr) throws IOException {
        this(g.a(new ASN1InputStream(bArr).readObject()));
    }

    public static OCSPRequest getInstance(Object obj) throws IOException {
        if (obj instanceof byte[]) {
            return new OCSPRequest((byte[]) obj);
        }
        if (obj instanceof OCSPRequest) {
            return (OCSPRequest) obj;
        }
        if (obj instanceof g) {
            return new OCSPRequest((g) obj);
        }
        throw new IllegalArgumentException("unknown object.");
    }

    public static OCSPRequest getInstance(byte[] bArr) throws IOException {
        return new OCSPRequest(bArr);
    }

    public String[] getAcceptableResponseTypes() throws IOException {
        boolean z = SingleResponse.b;
        u d = this.a.a().d();
        if (d == null) {
            return null;
        }
        com.dreamsecurity.jcaos.asn1.f.b a = com.dreamsecurity.jcaos.asn1.f.b.a(new ASN1InputStream(d.a(u.D).c().getOctets()).readObject());
        String[] strArr = new String[a.a()];
        int i = 0;
        while (i < a.a()) {
            strArr[i] = a.a(i).getId();
            i++;
            if (z) {
                break;
            }
        }
        return strArr;
    }

    public ArrayList getCerts() throws IOException {
        ASN1EncodableVector c;
        boolean z = SingleResponse.b;
        if (this.a.b() == null || (c = this.a.b().c()) == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        int i = 0;
        while (i < c.size()) {
            arrayList.add(X509Certificate.getInstance(Certificate.getInstance(c.get(i)).getDEREncoded()));
            i++;
            if (z) {
                break;
            }
        }
        return arrayList;
    }

    public byte[] getEncoded() {
        return this.a.getDEREncoded();
    }

    public byte[] getNonce() {
        u d = this.a.a().d();
        if (d == null) {
            return null;
        }
        return d.a(u.C).c().getOctets();
    }

    public ArrayList getRequestList() {
        boolean z = SingleResponse.b;
        ArrayList arrayList = new ArrayList();
        ASN1EncodableVector c = this.a.a().c();
        int i = 0;
        while (i < c.size()) {
            arrayList.add(new Request(i.a(c.get(i))));
            i++;
            if (z) {
                break;
            }
        }
        return arrayList;
    }

    public X500Principal getRequestorName() throws ParsingException, IOException {
        if (this.a.a().b() == null) {
            return null;
        }
        if (this.a.a().b().getTag() == 4) {
            return new X500Principal(Name.a(this.a.a().b().getName()).getDEREncoded());
        }
        throw new ParsingException("Only directoryName supported.");
    }

    public byte[] getSignature() {
        if (this.a.b() == null) {
            return null;
        }
        return this.a.b().b().getBytes();
    }

    public String getSignatureAlgorithm() {
        if (this.a.b() == null) {
            return null;
        }
        return this.a.b().a().getString();
    }

    public int getVersion() {
        return this.a.a().a().getValue().intValue();
    }

    public void verify() throws ParsingException, IOException, InvalidKeyException, SignatureException, InvalidKeySpecException, NoSuchAlgorithmException, NoSuchProviderException, VerifyException, NotExistSignerCertException {
        boolean z = SingleResponse.b;
        if (getVersion() != 0) {
            throw new ParsingException("The request version is not supported.");
        }
        String[] acceptableResponseTypes = getAcceptableResponseTypes();
        int i = 0;
        if (acceptableResponseTypes != null) {
            int i2 = 0;
            while (i2 < acceptableResponseTypes.length) {
                if (!acceptableResponseTypes[i2].equals(X509ObjectIdentifiers.id_pkix_ocsp_basic.getId())) {
                    throw new ParsingException("Unknown response type required.");
                }
                i2++;
                if (z) {
                    break;
                }
            }
        }
        if (this.a.b() != null) {
            ASN1EncodableVector c = this.a.b().c();
            if (c == null) {
                throw new ParsingException("The signer certificate does not exist.");
            }
            X500Principal requestorName = getRequestorName();
            X509Certificate x509Certificate = null;
            boolean z2 = false;
            while (i < c.size()) {
                x509Certificate = X509Certificate.getInstance(Certificate.getInstance(c.get(i)).getEncoded());
                if (x509Certificate.getSubjectDN().equals(requestorName)) {
                    z2 = true;
                    if (!z) {
                        break;
                    }
                }
                i++;
                if (z) {
                    break;
                }
            }
            if (!z2) {
                throw new NotExistSignerCertException("The signer cert does not exist.");
            }
            Signature signature = Signature.getInstance(getSignatureAlgorithm(), Environment.getJCEProvider(getSignatureAlgorithm()));
            signature.initVerify(x509Certificate.getPublicKey());
            signature.update(this.a.a().getDEREncoded());
            if (!signature.verify(getSignature())) {
                throw new VerifyException("The signature verification is failed.");
            }
        }
    }
}
