package com.itextpdf.text.pdf.security;

import bf.c1;
import bf.f;
import bf.n;
import bf.o;
import com.google.android.gms.internal.ads.pj;
import com.itextpdf.text.error_messages.MessageLocalization;
import com.itextpdf.text.io.StreamUtil;
import com.itextpdf.text.log.Level;
import com.itextpdf.text.log.Logger;
import com.itextpdf.text.log.LoggerFactory;
import com.itextpdf.text.pdf.PdfEncryption;
import fg.k;
import fg.l;
import ig.c;
import ih.a;
import java.io.BufferedOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import jg.b;
import jg.e;
import jg.j;
import org.apache.httpcore.HttpHeaders;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import rh.d;
import rh.g;
import vf.h;

/* loaded from: classes2.dex */
public class OcspClientBouncyCastle implements OcspClient {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) OcspClientBouncyCastle.class);
    private final OCSPVerifier verifier;

    @Deprecated
    public OcspClientBouncyCastle() {
        this.verifier = null;
    }

    public OcspClientBouncyCastle(OCSPVerifier oCSPVerifier) {
        this.verifier = oCSPVerifier;
    }

    /* JADX WARN: Type inference failed for: r0v5, types: [vf.e, bf.n] */
    /* JADX WARN: Type inference failed for: r2v0, types: [gh.b, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r3v0, types: [java.io.OutputStream, rh.e$a] */
    /* JADX WARN: Type inference failed for: r5v4, types: [vf.n, bf.n] */
    /* JADX WARN: Type inference failed for: r6v2, types: [jg.f, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r6v3, types: [fg.k, bf.n] */
    /* JADX WARN: Type inference failed for: r6v7, types: [jg.e, java.lang.Object] */
    private static e generateOCSPRequest(X509Certificate x509Certificate, BigInteger bigInteger) {
        Security.addProvider(new a());
        g gVar = new g(new Object());
        fg.a aVar = b.f17737b;
        try {
            MessageDigest c = gVar.c(aVar);
            ?? outputStream = new OutputStream();
            outputStream.f21225b = c;
            b bVar = new b(new d.a(aVar, outputStream), new c(x509Certificate), bigInteger);
            ArrayList arrayList = new ArrayList();
            ?? obj = new Object();
            obj.f17741a = bVar;
            obj.f17742b = null;
            arrayList.add(obj);
            ASN1ObjectIdentifier aSN1ObjectIdentifier = vf.d.f22332b;
            o oVar = new o(new o(PdfEncryption.createDocumentId()).getEncoded());
            ?? nVar = new n();
            nVar.f16439b = aSN1ObjectIdentifier;
            nVar.f16440d = false;
            nVar.f16441e = oVar;
            l lVar = new l(new k[]{nVar});
            Iterator it = arrayList.iterator();
            f fVar = new f();
            while (it.hasNext()) {
                try {
                    jg.f fVar2 = (jg.f) it.next();
                    fVar.a(new h(fVar2.f17741a.f17738a, fVar2.f17742b));
                } catch (Exception e10) {
                    throw new jg.d("exception creating Request", e10);
                }
            }
            c1 c1Var = new c1(fVar);
            ?? nVar2 = new n();
            nVar2.f22358b = vf.n.f22357n;
            nVar2.f22359d = null;
            nVar2.f22360e = c1Var;
            nVar2.f22361i = lVar;
            ?? nVar3 = new n();
            nVar3.f22333b = nVar2;
            ?? obj2 = new Object();
            obj2.f17740a = nVar3;
            return obj2;
        } catch (GeneralSecurityException e11) {
            throw new ph.l("exception on setup: " + e11, e11);
        }
    }

    private jg.g getOcspResponse(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) {
        if (x509Certificate == null || x509Certificate2 == null) {
            return null;
        }
        if (str == null) {
            str = CertificateUtil.getOCSPURL(x509Certificate);
        }
        if (str == null) {
            return null;
        }
        LOGGER.info("Getting OCSP from ".concat(str));
        byte[] encoded = generateOCSPRequest(x509Certificate2, x509Certificate.getSerialNumber()).f17740a.getEncoded();
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
        httpURLConnection.setRequestProperty("Content-Type", "application/ocsp-request");
        httpURLConnection.setRequestProperty(HttpHeaders.ACCEPT, "application/ocsp-response");
        httpURLConnection.setDoOutput(true);
        DataOutputStream dataOutputStream = new DataOutputStream(new BufferedOutputStream(httpURLConnection.getOutputStream()));
        dataOutputStream.write(encoded);
        dataOutputStream.flush();
        dataOutputStream.close();
        if (httpURLConnection.getResponseCode() / 100 == 2) {
            return new jg.g(StreamUtil.inputStreamToArray((InputStream) httpURLConnection.getContent()));
        }
        throw new IOException(MessageLocalization.getComposedMessage("invalid.http.response.1", httpURLConnection.getResponseCode()));
    }

    public jg.a getBasicOCSPResp(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) {
        try {
            jg.g ocspResponse = getOcspResponse(x509Certificate, x509Certificate2, str);
            if (ocspResponse == null) {
                return null;
            }
            bf.g gVar = ocspResponse.f17743a.f22334b.f22336b;
            byte[] bArr = gVar.f1415b;
            int length = bArr.length;
            int i10 = gVar.f1416d;
            if (length - i10 > 4) {
                throw new ArithmeticException("ASN.1 Enumerated out of int range");
            }
            if (bf.l.v(i10, -1, bArr) != 0) {
                return null;
            }
            jg.a aVar = (jg.a) ocspResponse.a();
            OCSPVerifier oCSPVerifier = this.verifier;
            if (oCSPVerifier != null) {
                oCSPVerifier.isValidResponse(aVar, x509Certificate2);
            }
            return aVar;
        } catch (Exception e10) {
            Logger logger = LOGGER;
            if (logger.isLogging(Level.ERROR)) {
                logger.error(e10.getMessage());
            }
            return null;
        }
    }

    @Override // com.itextpdf.text.pdf.security.OcspClient
    public byte[] getEncoded(X509Certificate x509Certificate, X509Certificate x509Certificate2, String str) {
        try {
            jg.a basicOCSPResp = getBasicOCSPResp(x509Certificate, x509Certificate2, str);
            if (basicOCSPResp == null) {
                return null;
            }
            pj[] d10 = basicOCSPResp.d();
            if (d10.length != 1) {
                return null;
            }
            jg.c a10 = d10[0].a();
            if (a10 == null) {
                return basicOCSPResp.f17735b.getEncoded();
            }
            if (a10 instanceof j) {
                throw new IOException(MessageLocalization.getComposedMessage("ocsp.status.is.revoked", new Object[0]));
            }
            throw new IOException(MessageLocalization.getComposedMessage("ocsp.status.is.unknown", new Object[0]));
        } catch (Exception e10) {
            Logger logger = LOGGER;
            if (!logger.isLogging(Level.ERROR)) {
                return null;
            }
            logger.error(e10.getMessage());
            return null;
        }
    }
}
