package com.itextpdf.signatures;

import com.itextpdf.bouncycastleconnector.BouncyCastleFactoryCreator;
import com.itextpdf.commons.bouncycastle.IBouncyCastleFactory;
import com.itextpdf.commons.bouncycastle.cert.ocsp.AbstractOCSPException;
import com.itextpdf.commons.bouncycastle.cert.ocsp.IBasicOCSPResp;
import com.itextpdf.commons.bouncycastle.cert.ocsp.ICertificateStatus;
import com.itextpdf.commons.bouncycastle.cert.ocsp.IOCSPReq;
import com.itextpdf.commons.bouncycastle.cert.ocsp.IOCSPResp;
import com.itextpdf.commons.bouncycastle.cert.ocsp.ISingleResp;
import com.itextpdf.commons.bouncycastle.operator.AbstractOperatorCreationException;
import com.itextpdf.commons.utils.DateTimeUtil;
import com.itextpdf.io.logs.IoLogMessageConstant;
import com.itextpdf.io.util.StreamUtil;
import defpackage.ar;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.Security;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes2.dex */
public class OcspClientBouncyCastle implements IOcspClient {

    /* renamed from: b, reason: collision with root package name */
    public static final IBouncyCastleFactory f8085b = BouncyCastleFactoryCreator.getFactory();

    /* renamed from: c, reason: collision with root package name */
    public static final Logger f8086c = LoggerFactory.getLogger((Class<?>) OcspClientBouncyCastle.class);

    /* renamed from: a, reason: collision with root package name */
    public final OCSPVerifier f8087a;

    public OcspClientBouncyCastle(OCSPVerifier oCSPVerifier) {
        this.f8087a = oCSPVerifier;
    }

    public static IOCSPReq generateOCSPRequest(X509Certificate x509Certificate, BigInteger bigInteger) throws AbstractOCSPException, IOException, CertificateEncodingException, AbstractOperatorCreationException {
        Security.addProvider(f8085b.getProvider());
        return ar.a(ar.a(x509Certificate, bigInteger, f8085b.createCertificateID().getHashSha1()));
    }

    public IOCSPResp a(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) throws GeneralSecurityException, AbstractOCSPException, IOException, AbstractOperatorCreationException {
        if (x509Certificate == null || x509Certificate2 == null) {
            return null;
        }
        if (str == null) {
            str = CertificateUtil.getOCSPURL(x509Certificate);
        }
        if (str == null) {
            return null;
        }
        return f8085b.createOCSPResp(StreamUtil.inputStreamToArray(createRequestAndResponse(x509Certificate, x509Certificate2, str)));
    }

    public InputStream createRequestAndResponse(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) throws IOException, AbstractOperatorCreationException, AbstractOCSPException, CertificateEncodingException {
        f8086c.info("Getting OCSP from " + str);
        return ar.a(generateOCSPRequest(x509Certificate2, x509Certificate.getSerialNumber()).getEncoded(), new URL(str));
    }

    public IBasicOCSPResp getBasicOCSPResp(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) {
        try {
            IOCSPResp a2 = a(x509Certificate, x509Certificate2, str);
            if (a2 == null || a2.getStatus() != f8085b.createOCSPResponseStatus().getSuccessful()) {
                return null;
            }
            IBasicOCSPResp createBasicOCSPResp = f8085b.createBasicOCSPResp(a2.getResponseObject());
            if (this.f8087a != null) {
                this.f8087a.isValidResponse(createBasicOCSPResp, x509Certificate2, DateTimeUtil.getCurrentTimeDate());
            }
            return createBasicOCSPResp;
        } catch (Exception e) {
            f8086c.error(e.getMessage());
            return null;
        }
    }

    @Override // com.itextpdf.signatures.IOcspClient
    public byte[] getEncoded(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) {
        try {
            IBasicOCSPResp basicOCSPResp = getBasicOCSPResp(x509Certificate, x509Certificate2, str);
            if (basicOCSPResp == null) {
                return null;
            }
            ISingleResp[] responses = basicOCSPResp.getResponses();
            if (responses.length != 1) {
                return null;
            }
            ICertificateStatus certStatus = responses[0].getCertStatus();
            if (Objects.equals(certStatus, f8085b.createCertificateStatus().getGood())) {
                return basicOCSPResp.getEncoded();
            }
            if (f8085b.createRevokedStatus(certStatus) == null) {
                throw new IOException(IoLogMessageConstant.OCSP_STATUS_IS_UNKNOWN);
            }
            throw new IOException(IoLogMessageConstant.OCSP_STATUS_IS_REVOKED);
        } catch (Exception e) {
            f8086c.error(e.getMessage());
            return null;
        }
    }
}
