package com.itextpdf.text.pdf.security;

import O4.AbstractC0156q;
import O4.C0147h;
import O4.C0148i;
import O4.C0151l;
import R5.l;
import com.itextpdf.text.error_messages.MessageLocalization;
import com.itextpdf.text.io.StreamUtil;
import com.itextpdf.text.log.Level;
import com.itextpdf.text.log.Logger;
import com.itextpdf.text.log.LoggerFactory;
import com.itextpdf.text.pdf.PdfEncryption;
import g5.d;
import java.io.BufferedOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.Security;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import k1.C1054b;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.cert.ocsp.OCSPException;
import org.bouncycastle.ocsp.RevokedStatus;
import org.bouncycastle.operator.OperatorException;
import q1.C1162d;
import q5.C1169a;
import q5.h;
import q5.i;
import t5.C1354c;
import u5.C1499a;
import u5.C1500b;
import u5.c;
import u5.e;

/* loaded from: classes7.dex */
public class OcspClientBouncyCastle implements OcspClient {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) OcspClientBouncyCastle.class);
    private final OCSPVerifier verifier;

    @Deprecated
    public OcspClientBouncyCastle() {
        this.verifier = null;
    }

    public OcspClientBouncyCastle(OCSPVerifier oCSPVerifier) {
        this.verifier = oCSPVerifier;
    }

    /* JADX WARN: Type inference failed for: r2v5, types: [org.bouncycastle.asn1.ASN1Sequence, O4.b0] */
    /* JADX WARN: Type inference failed for: r5v4, types: [O4.n, g5.l, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r6v2, types: [u5.d, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r6v3, types: [java.lang.Object, q5.h] */
    /* JADX WARN: Type inference failed for: r6v8, types: [u5.c, java.lang.Object] */
    private static c generateOCSPRequest(X509Certificate x509Certificate, BigInteger bigInteger) throws OCSPException, IOException, OperatorException, CertificateEncodingException {
        Security.addProvider(new N5.b());
        Q5.c cVar = new Q5.c(new G3.c(25));
        C1169a c1169a = C1500b.f20926b;
        try {
            MessageDigest c3 = cVar.c(c1169a);
            F5.b bVar = new F5.b(2);
            bVar.f840c = c3;
            C1500b c1500b = new C1500b(new C1162d(4, c1169a, bVar), new C1354c(x509Certificate), bigInteger);
            ArrayList arrayList = new ArrayList();
            ?? obj = new Object();
            obj.f20929a = c1500b;
            obj.f20930b = null;
            arrayList.add(obj);
            ASN1ObjectIdentifier aSN1ObjectIdentifier = d.f17408b;
            AbstractC0156q abstractC0156q = new AbstractC0156q(new AbstractC0156q(PdfEncryption.createDocumentId()).getEncoded());
            ?? obj2 = new Object();
            obj2.f19079b = aSN1ObjectIdentifier;
            obj2.f19080c = false;
            obj2.f19081d = abstractC0156q;
            i iVar = new i(new h[]{obj2});
            Iterator it = arrayList.iterator();
            C0147h c0147h = new C0147h();
            while (it.hasNext()) {
                try {
                    u5.d dVar = (u5.d) it.next();
                    g5.b bVar2 = dVar.f20929a.f20927a;
                    l lVar = new l();
                    lVar.f1807c = bVar2;
                    lVar.f1808d = dVar.f20930b;
                    c0147h.a(lVar);
                } catch (Exception e7) {
                    throw new OCSPException("exception creating Request", e7);
                }
            }
            ?? aSN1Sequence = new ASN1Sequence(c0147h);
            aSN1Sequence.f1497d = -1;
            ?? obj3 = new Object();
            obj3.f17430b = g5.l.f17429g;
            obj3.f17431c = null;
            obj3.f17432d = aSN1Sequence;
            obj3.f17433f = iVar;
            W4.a aVar = new W4.a();
            aVar.f2299c = obj3;
            ?? obj4 = new Object();
            obj4.f20928a = aVar;
            return obj4;
        } catch (GeneralSecurityException e8) {
            throw new OperatorException("exception on setup: " + e8, e8);
        }
    }

    private e getOcspResponse(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) throws GeneralSecurityException, OCSPException, IOException, OperatorException {
        if (x509Certificate == null || x509Certificate2 == null) {
            return null;
        }
        if (str == null) {
            str = CertificateUtil.getOCSPURL(x509Certificate);
        }
        if (str == null) {
            return null;
        }
        LOGGER.info("Getting OCSP from ".concat(str));
        byte[] encoded = generateOCSPRequest(x509Certificate2, x509Certificate.getSerialNumber()).f20928a.getEncoded();
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
        httpURLConnection.setRequestProperty("Content-Type", "application/ocsp-request");
        httpURLConnection.setRequestProperty("Accept", "application/ocsp-response");
        httpURLConnection.setDoOutput(true);
        DataOutputStream dataOutputStream = new DataOutputStream(new BufferedOutputStream(httpURLConnection.getOutputStream()));
        dataOutputStream.write(encoded);
        dataOutputStream.flush();
        dataOutputStream.close();
        if (httpURLConnection.getResponseCode() / 100 == 2) {
            return new e(StreamUtil.inputStreamToArray((InputStream) httpURLConnection.getContent()));
        }
        throw new IOException(MessageLocalization.getComposedMessage("invalid.http.response.1", httpURLConnection.getResponseCode()));
    }

    public C1499a getBasicOCSPResp(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) {
        try {
            e ocspResponse = getOcspResponse(x509Certificate, x509Certificate2, str);
            if (ocspResponse == null) {
                return null;
            }
            C0148i c0148i = ocspResponse.f20931a.f17410b.f17412b;
            byte[] bArr = c0148i.f1517b;
            int length = bArr.length;
            int i7 = c0148i.f1518c;
            if (length - i7 > 4) {
                throw new ArithmeticException("ASN.1 Enumerated out of int range");
            }
            if (C0151l.u(i7, bArr) != 0) {
                return null;
            }
            C1499a c1499a = (C1499a) ocspResponse.a();
            OCSPVerifier oCSPVerifier = this.verifier;
            if (oCSPVerifier != null) {
                oCSPVerifier.isValidResponse(c1499a, x509Certificate2);
            }
            return c1499a;
        } catch (Exception e7) {
            Logger logger = LOGGER;
            if (logger.isLogging(Level.ERROR)) {
                logger.error(e7.getMessage());
            }
            return null;
        }
    }

    @Override // com.itextpdf.text.pdf.security.OcspClient
    public byte[] getEncoded(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) {
        try {
            C1499a basicOCSPResp = getBasicOCSPResp(x509Certificate, x509Certificate2, str);
            if (basicOCSPResp == null) {
                return null;
            }
            l0.h[] b3 = basicOCSPResp.b();
            if (b3.length != 1) {
                return null;
            }
            C1054b c3 = b3[0].c();
            if (c3 == null) {
                return basicOCSPResp.getEncoded();
            }
            if (c3 instanceof RevokedStatus) {
                throw new IOException(MessageLocalization.getComposedMessage("ocsp.status.is.revoked", new Object[0]));
            }
            throw new IOException(MessageLocalization.getComposedMessage("ocsp.status.is.unknown", new Object[0]));
        } catch (Exception e7) {
            Logger logger = LOGGER;
            if (!logger.isLogging(Level.ERROR)) {
                return null;
            }
            logger.error(e7.getMessage());
            return null;
        }
    }
}
