package iaik.x509.ocsp;

import iaik.asn1.ASN;
import iaik.asn1.ASN1;
import iaik.asn1.ASN1Object;
import iaik.asn1.BIT_STRING;
import iaik.asn1.CON_SPEC;
import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.INTEGER;
import iaik.asn1.ObjectID;
import iaik.asn1.SEQUENCE;
import iaik.asn1.structures.AlgorithmID;
import iaik.asn1.structures.GeneralName;
import iaik.utils.Util;
import iaik.x509.V3Extension;
import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionException;
import iaik.x509.X509ExtensionInitException;
import iaik.x509.ocsp.extensions.AcceptableResponses;
import iaik.x509.ocsp.extensions.Nonce;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Enumeration;

/* loaded from: input_file:115766-09/SUNWamsci/reloc/SUNWam/lib/iaik_jce_full.jar:iaik/x509/ocsp/OCSPRequest.class */
public class OCSPRequest {
    static Class k;
    static Class j;
    private boolean h;
    private X509Certificate[] l;
    private byte[] c;
    private AlgorithmID d;
    private OCSPExtensions i;
    private Request[] f;
    private GeneralName e;
    private int a;
    private ASN1 g;

    static Class a(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    public void writeTo(OutputStream outputStream) throws IOException {
        if (this.h && this.c != null) {
            throw new RuntimeException("Cannot encode this response. First it has to be signed.");
        }
        try {
            outputStream.write(getEncoded());
        } catch (CodingException e) {
            throw new IOException(e.getMessage());
        }
    }

    public void verify(PublicKey publicKey, String str) throws SignatureException, InvalidKeyException, NoSuchAlgorithmException {
        if (this.h) {
            throw new RuntimeException("Cannot verify this request. First it has to be signed.");
        }
        if (this.d == null) {
            throw new NoSuchAlgorithmException("Cannot verify request! No signature algorithm set.");
        }
        Signature signatureInstance = this.d.getSignatureInstance(str);
        try {
            byte[] firstObject = this.g.getFirstObject();
            signatureInstance.initVerify(publicKey);
            signatureInstance.update(firstObject);
            if (!signatureInstance.verify(this.c)) {
                throw new SignatureException("Signature verification error!");
            }
        } catch (CodingException e) {
            throw new SignatureException(e.toString());
        }
    }

    public void verify(PublicKey publicKey) throws SignatureException, InvalidKeyException, NoSuchAlgorithmException {
        verify(publicKey, null);
    }

    public X509Certificate verify() throws OCSPException, SignatureException, InvalidKeyException, NoSuchAlgorithmException {
        if (this.l == null || this.l.length <= 0) {
            throw new OCSPException("Cannot verify request. No certificates included.");
        }
        X509Certificate[] arrangeCertificateChain = Util.arrangeCertificateChain(this.l, false);
        if (arrangeCertificateChain == null || arrangeCertificateChain.length <= 0) {
            throw new OCSPException("Cannot verify request. Cannot build chain from included certs.");
        }
        verify(arrangeCertificateChain[0].getPublicKey());
        return arrangeCertificateChain[0];
    }

    public String toString(boolean z) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(new StringBuffer("Version: ").append(this.a).append("\n").toString());
        if (this.e != null) {
            stringBuffer.append(new StringBuffer("requestorName: ").append(this.e).append("\n").toString());
        }
        if (z) {
            for (int i = 0; i < this.f.length; i++) {
                stringBuffer.append(new StringBuffer("request ").append(i).append(": {\n").toString());
                stringBuffer.append(new StringBuffer(String.valueOf(this.f[i].toString(true))).append("}").toString());
            }
        } else {
            stringBuffer.append(new StringBuffer("requests: ").append(this.f.length).toString());
        }
        if (this.i != null) {
            stringBuffer.append("\n");
            if (z) {
                stringBuffer.append(this.i);
                stringBuffer.setLength(stringBuffer.length() - 1);
            } else {
                stringBuffer.append(new StringBuffer("Extensions: ").append(this.i.countExtensions()).toString());
            }
        }
        if (this.d != null) {
            stringBuffer.append(new StringBuffer("\nSignature algorithm: ").append(this.d).toString());
        }
        if (this.l != null) {
            stringBuffer.append(new StringBuffer("\ncertificates: ").append(this.l.length).toString());
        }
        return stringBuffer.toString();
    }

    public String toString() {
        return toString(false);
    }

    public ASN1Object toASN1Object() throws CodingException {
        if (this.h && this.c != null) {
            throw new RuntimeException("Cannot give an ASN.1 representation of this request. First it has to be resigned.");
        }
        if (this.c == null && this.g.toASN1Object() == null) {
            try {
                b();
            } catch (OCSPException e) {
                throw new CodingException(e.getMessage());
            }
        }
        return this.g.toASN1Object();
    }

    public void sign(AlgorithmID algorithmID, PrivateKey privateKey, String str) throws NoSuchAlgorithmException, InvalidKeyException, OCSPException {
        if (algorithmID == null) {
            throw new OCSPException("Cannot sign request! No signature algorithm specified!");
        }
        this.d = algorithmID;
        Signature signatureInstance = this.d.getSignatureInstance(str);
        ASN1Object a = a();
        signatureInstance.initSign(privateKey);
        try {
            signatureInstance.update(DerCoder.encode(a));
            this.c = signatureInstance.sign();
            BIT_STRING bit_string = new BIT_STRING(this.c);
            SEQUENCE sequence = new SEQUENCE();
            SEQUENCE sequence2 = new SEQUENCE();
            sequence2.addComponent(this.d.toASN1Object());
            sequence2.addComponent(bit_string);
            if (this.l != null && this.l.length > 0) {
                sequence2.addComponent(new CON_SPEC(0, ASN.createSequenceOf(this.l)));
            }
            sequence.addComponent(a);
            sequence.addComponent(new CON_SPEC(0, sequence2));
            this.g = new ASN1(sequence);
            this.h = false;
        } catch (CodingException e) {
            throw new OCSPException(e.getMessage());
        } catch (SignatureException e2) {
            throw new OCSPException(e2.getMessage());
        }
    }

    public void sign(AlgorithmID algorithmID, PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, OCSPException {
        sign(algorithmID, privateKey, null);
    }

    public void setSignature(AlgorithmID algorithmID, byte[] bArr) throws OCSPException {
        if (algorithmID == null) {
            throw new OCSPException("Cannot sign request! No signature algorithm specified!");
        }
        if (bArr == null || bArr.length == 0) {
            throw new OCSPException("Cannot set empty signature value!");
        }
        this.d = algorithmID;
        this.c = bArr;
        ASN1Object a = a();
        try {
            BIT_STRING bit_string = new BIT_STRING(this.c);
            SEQUENCE sequence = new SEQUENCE();
            SEQUENCE sequence2 = new SEQUENCE();
            sequence2.addComponent(this.d.toASN1Object());
            sequence2.addComponent(bit_string);
            if (this.l != null && this.l.length > 0) {
                sequence2.addComponent(new CON_SPEC(0, ASN.createSequenceOf(this.l)));
            }
            sequence.addComponent(a);
            sequence.addComponent(new CON_SPEC(0, sequence2));
            this.g = new ASN1(sequence);
            this.h = false;
        } catch (CodingException e) {
            throw new OCSPException(e.getMessage());
        }
    }

    public void setRequestorName(GeneralName generalName) {
        this.e = generalName;
        this.h = true;
    }

    public void setRequestList(Request[] requestArr) {
        this.f = requestArr;
        this.h = true;
        if (requestArr != null) {
            for (Request request : requestArr) {
                if (request.getReqCert().getType() != 0) {
                    this.a = 2;
                    return;
                }
            }
        }
    }

    public void setNonce(byte[] bArr) throws X509ExtensionException {
        addExtension(new Nonce(bArr));
    }

    public void setCertificates(X509Certificate[] x509CertificateArr) {
        this.l = x509CertificateArr;
        this.h = true;
    }

    public void setAcceptableResponseTypes(ObjectID[] objectIDArr) throws X509ExtensionException {
        addExtension(new AcceptableResponses(objectIDArr));
    }

    public boolean removeExtension(ObjectID objectID) {
        boolean removeExtension = this.i == null ? false : this.i.removeExtension(objectID);
        if (removeExtension) {
            this.h = true;
        }
        return removeExtension;
    }

    public void removeAllExtensions() {
        if (this.i != null) {
            this.i.removeAllExtensions();
            this.h = true;
        }
        this.i = null;
    }

    public Enumeration listExtensions() {
        if (this.i == null) {
            return null;
        }
        return this.i.listExtensions();
    }

    private void c() throws X509ExtensionException, CodingException {
        Class a;
        Class a2;
        int i = 0;
        ASN1Object componentAt = this.g.getComponentAt(0);
        ASN1Object componentAt2 = componentAt.getComponentAt(0);
        if (componentAt2.isA(ASN.CON_SPEC) && componentAt2.getAsnType().getTag() == 0) {
            this.a = ((BigInteger) ((ASN1Object) componentAt2.getValue()).getValue()).intValue() + 1;
            i = 0 + 1;
        }
        ASN1Object componentAt3 = componentAt.getComponentAt(i);
        if (componentAt3.isA(ASN.CON_SPEC) && componentAt3.getAsnType().getTag() == 1) {
            this.e = new GeneralName((ASN1Object) componentAt3.getValue());
            i++;
        }
        ASN1Object componentAt4 = componentAt.getComponentAt(i);
        if (j != null) {
            a = j;
        } else {
            a = a("iaik.x509.ocsp.Request");
            j = a;
        }
        this.f = (Request[]) ASN.parseSequenceOf(componentAt4, a);
        int i2 = 1 + i;
        if (i2 < componentAt.countComponents()) {
            this.i = new OCSPExtensions((ASN1Object) componentAt.getComponentAt(i2).getValue());
        }
        if (this.g.countComponents() == 2) {
            ASN1Object aSN1Object = (ASN1Object) this.g.getComponentAt(1).getValue();
            this.d = new AlgorithmID(aSN1Object.getComponentAt(0));
            if (this.d == null) {
                throw new CodingException("Request is signed, but signature algorithm is missing!");
            }
            this.c = (byte[]) ((BIT_STRING) aSN1Object.getComponentAt(1)).getValue();
            if (this.c == null) {
                throw new CodingException("Request is signed, but signature value is missing!");
            }
            if (aSN1Object.countComponents() == 3) {
                ASN1Object aSN1Object2 = (ASN1Object) aSN1Object.getComponentAt(2).getValue();
                if (k != null) {
                    a2 = k;
                } else {
                    a2 = a("iaik.x509.X509Certificate");
                    k = a2;
                }
                this.l = (X509Certificate[]) ASN.parseSequenceOf(aSN1Object2, a2);
            }
            this.h = false;
        }
        this.g.clearASN1Object();
    }

    public boolean hasUnsupportedCriticalExtension() {
        if (this.i == null) {
            return false;
        }
        return this.i.hasUnsupportedCriticalExtension();
    }

    public boolean hasExtensions() {
        if (this.i == null) {
            return false;
        }
        return this.i.hasExtensions();
    }

    public int getVersion() {
        return this.a;
    }

    public byte[] getTBSRequest() throws CodingException {
        try {
            return (this.g == null || this.g.toByteArray() == null) ? DerCoder.encode(a()) : this.g.getFirstObject();
        } catch (OCSPException e) {
            throw new CodingException(e.toString());
        }
    }

    public AlgorithmID getSignatureAlgorithm() {
        return this.d;
    }

    public byte[] getSignature() {
        return this.c;
    }

    public GeneralName getRequestorName() {
        return this.e;
    }

    public Request[] getRequestList() {
        return this.f;
    }

    public byte[] getNonce() throws X509ExtensionInitException {
        Nonce nonce = (Nonce) getExtension(Nonce.oid);
        if (nonce == null) {
            return null;
        }
        return nonce.getValue();
    }

    public V3Extension getExtension(ObjectID objectID) throws X509ExtensionInitException {
        if (this.i == null) {
            return null;
        }
        return this.i.getExtension(objectID);
    }

    public byte[] getEncoded() throws CodingException {
        if (this.h && this.c != null) {
            throw new RuntimeException("Cannot encode this request. First it has to be resigned.");
        }
        if (this.c == null && this.g.toByteArray() == null) {
            try {
                b();
            } catch (OCSPException e) {
                throw new CodingException(e.getMessage());
            }
        }
        return this.g.toByteArray();
    }

    public X509Certificate[] getCertifcates() {
        return this.l;
    }

    public ObjectID[] getAccepatableResponseTypes() throws X509ExtensionInitException {
        AcceptableResponses acceptableResponses = (AcceptableResponses) getExtension(AcceptableResponses.oid);
        if (acceptableResponses == null) {
            return null;
        }
        return acceptableResponses.getAcceptableResponseTypes();
    }

    public void decode(byte[] bArr) throws CodingException {
        try {
            this.g = new ASN1(bArr);
            c();
        } catch (X509ExtensionException e) {
            throw new CodingException(e.getMessage());
        }
    }

    public void decode(InputStream inputStream) throws IOException {
        try {
            this.g = new ASN1(inputStream);
            c();
        } catch (CodingException e) {
            throw new IOException(e.getMessage());
        } catch (X509ExtensionException e2) {
            throw new IOException(e2.getMessage());
        }
    }

    public void decode(ASN1Object aSN1Object) throws CodingException {
        this.g = new ASN1(aSN1Object);
        try {
            c();
        } catch (Exception e) {
            throw new CodingException(e.toString());
        }
    }

    private void b() throws OCSPException {
        try {
            a();
            SEQUENCE sequence = new SEQUENCE();
            sequence.addComponent(a());
            this.g = new ASN1(sequence);
        } catch (CodingException e) {
            throw new OCSPException(e.getMessage());
        }
    }

    private ASN1Object a() throws OCSPException {
        if (this.f == null || this.f.length == 0) {
            throw new OCSPException("No single requests set!");
        }
        try {
            SEQUENCE sequence = new SEQUENCE();
            if (this.a > 1) {
                sequence.addComponent(new CON_SPEC(0, new INTEGER(this.a - 1)));
            }
            if (this.e != null) {
                sequence.addComponent(new CON_SPEC(1, this.e.toASN1Object()));
            }
            sequence.addComponent(ASN.createSequenceOf(this.f));
            if (this.i != null) {
                sequence.addComponent(new CON_SPEC(2, this.i.toASN1Object()));
            }
            return sequence;
        } catch (Exception e) {
            throw new OCSPException(e.getMessage());
        }
    }

    public int countRequests() {
        return this.f.length;
    }

    public int countExtensions() {
        if (this.i == null) {
            return 0;
        }
        return this.i.countExtensions();
    }

    public boolean containsSignature() {
        return this.c != null;
    }

    public boolean containsCertificates() {
        return this.l != null && this.l.length > 0;
    }

    public void addExtension(V3Extension v3Extension) throws X509ExtensionException {
        if (this.i == null) {
            this.i = new OCSPExtensions();
        }
        this.i.addExtension(v3Extension);
        this.h = true;
    }

    public OCSPRequest(byte[] bArr) throws CodingException {
        this();
        decode(bArr);
    }

    public OCSPRequest(InputStream inputStream) throws IOException {
        this();
        decode(inputStream);
    }

    public OCSPRequest() {
        this.a = 1;
        this.h = true;
        this.g = new ASN1();
    }
}
