package com.ibm.security.cert;

import com.ibm.misc.Debug;
import com.ibm.misc.HexDumpEncoder;
import com.ibm.security.util.DerInputStream;
import com.ibm.security.util.DerOutputStream;
import com.ibm.security.util.DerValue;
import com.ibm.security.util.ObjectIdentifier;
import com.ibm.security.x509.Extension;
import java.io.IOException;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

/* loaded from: input_file:jre/lib/ibmcertpathprovider.jar:com/ibm/security/cert/OCSPResponse.class */
public class OCSPResponse {
    private OCSPResponseStatus status;
    private byte[] responseData;
    private ObjectIdentifier responseType;
    public static final ObjectIdentifier basicResponseType;
    private static final Debug debug = Debug.getInstance("certpath");
    private byte[] nonce = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:jre/lib/ibmcertpathprovider.jar:com/ibm/security/cert/OCSPResponse$ResponseStatus.class */
    public enum ResponseStatus {
        SUCCESSFUL,
        MALFORMED_REQUEST,
        INTERNAL_ERROR,
        TRY_LATER,
        UNUSED,
        SIG_REQUIRED,
        UNAUTHORIZED
    }

    public OCSPResponse(OCSPResponseStatus oCSPResponseStatus, BasicOCSPResponse basicOCSPResponse) {
        if (oCSPResponseStatus == null) {
            throw new IllegalArgumentException("status can not be null");
        }
        this.status = oCSPResponseStatus;
        try {
            this.responseData = basicOCSPResponse.encode();
        } catch (IOException e) {
        }
        this.responseType = basicResponseType;
    }

    public OCSPResponse(byte[] bArr) throws IOException {
        init(new DerInputStream(bArr));
    }

    public OCSPResponse(DerValue derValue) throws IOException {
        init(derValue.toDerInputStream());
    }

    void init(DerInputStream derInputStream) throws IOException {
        byte[] byteArray = derInputStream.toByteArray();
        DerValue[] sequence = new DerInputStream(byteArray).getSequence(2);
        if (sequence.length <= 0) {
            throw new IOException("input data does not contain valid OCSPResponse value");
        }
        this.status = new OCSPResponseStatus(sequence[0]);
        if (sequence.length > 1) {
            int tag = sequence[1].getTag() & 31;
            if (tag != 0) {
                throw new IOException("invalid tag of ResponseBytes: " + tag);
            }
            DerValue[] sequence2 = sequence[1].getData().getSequence(2);
            if (sequence2.length != 2) {
                throw new IOException("invalid sequence of ResponseBytes, length=" + sequence2.length);
            }
            if (!sequence2[0].getOID().equals(basicResponseType)) {
                throw new IOException("unknown response type, oid=" + sequence2[0].getOID());
            }
            this.responseData = sequence2[1].getOctetString();
            this.responseType = basicResponseType;
            this.nonce = getNonceFromOCSPResponse(byteArray);
            if (debug != null) {
                if (this.nonce == null) {
                    System.out.println("OCSPResponse.java:  init():  The nonce from the OCSPResponse is NULL");
                } else {
                    System.out.println("OCSPResponse.java:  init():  The nonce from the OCSPResponse NOT NULL:");
                    System.out.println(toHexString(this.nonce));
                }
            }
        }
    }

    public byte[] encode() throws IOException {
        DerValue[] derValueArr = this.responseData == null ? new DerValue[1] : new DerValue[2];
        derValueArr[0] = new DerValue(this.status.encode());
        if (derValueArr.length == 2) {
            DerOutputStream derOutputStream = new DerOutputStream();
            derOutputStream.putOID(basicResponseType);
            DerOutputStream derOutputStream2 = new DerOutputStream();
            derOutputStream2.putOctetString(this.responseData);
            DerValue[] derValueArr2 = {new DerValue(derOutputStream.toByteArray()), new DerValue(derOutputStream2.toByteArray())};
            DerOutputStream derOutputStream3 = new DerOutputStream();
            derOutputStream3.putSequence(derValueArr2);
            derValueArr[1] = new DerValue(derOutputStream3.toByteArray());
        }
        DerOutputStream derOutputStream4 = new DerOutputStream();
        derOutputStream4.putSequence(derValueArr);
        return derOutputStream4.toByteArray();
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("OCSPResponse:[\n");
        stringBuffer.append("  status: " + this.status.getStatusAsString() + "\n");
        if (this.responseData != null) {
            stringBuffer.append("  response type: " + this.responseType.toString() + "\n");
            stringBuffer.append("  response data: \n" + new HexDumpEncoder().encode(this.responseData));
        }
        stringBuffer.append("  ]");
        return stringBuffer.toString();
    }

    public OCSPResponseStatus getResponseStatus() {
        return this.status;
    }

    public ObjectIdentifier getResponseType() {
        return this.responseType;
    }

    public byte[] getResponseData() {
        return this.responseData;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] getNonce() {
        return this.nonce;
    }

    public static String toHexString(byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer();
        char[] cArr = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
        int length = bArr.length;
        for (int i = 0; i < length; i++) {
            if (i % 16 == 0) {
                stringBuffer.append('\n');
            }
            int i2 = (bArr[i] & 240) >> 4;
            int i3 = bArr[i] & 15;
            stringBuffer.append(cArr[i2]);
            stringBuffer.append(cArr[i3]);
            stringBuffer.append(' ');
        }
        return stringBuffer.toString();
    }

    byte[] getNonceFromOCSPResponse(byte[] bArr) throws IOException {
        ObjectIdentifier newInternal = ObjectIdentifier.newInternal(new int[]{1, 3, 6, 1, 5, 5, 7, 48, 1, 2});
        ObjectIdentifier newInternal2 = ObjectIdentifier.newInternal(new int[]{1, 3, 6, 1, 5, 5, 7, 48, 1, 1});
        ResponseStatus[] values = ResponseStatus.values();
        DerValue derValue = new DerValue(bArr);
        if (derValue.getTag() != 48) {
            throw new IOException("Bad encoding in OCSP response: expected ASN.1 SEQUENCE tag.");
        }
        DerInputStream data = derValue.getData();
        int intValue = data.getEnumerated().intValue();
        if (intValue < 0 || intValue >= values.length) {
            throw new IOException("Unknown OCSPResponse status: " + intValue);
        }
        if (values[intValue] != ResponseStatus.SUCCESSFUL) {
            return null;
        }
        DerValue derValue2 = data.getDerValue();
        if (!derValue2.isContextSpecific((byte) 0)) {
            throw new IOException("Bad encoding in responseBytes element of OCSP response: expected ASN.1 context specific tag 0.");
        }
        DerValue derValue3 = derValue2.getData().getDerValue();
        if (derValue3.getTag() != 48) {
            throw new IOException("Bad encoding in responseBytes element of OCSP response: expected ASN.1 SEQUENCE tag.");
        }
        DerInputStream data2 = derValue3.getData();
        ObjectIdentifier oid = data2.getOID();
        if (!oid.equals((Object) newInternal2)) {
            throw new IOException("Unsupported OCSP response type: " + oid);
        }
        DerValue[] sequence = new DerInputStream(data2.getOctetString()).getSequence(2);
        if (sequence.length < 3) {
            throw new IOException("Unexpected BasicOCSPResponse value");
        }
        DerValue derValue4 = sequence[0];
        sequence[0].toByteArray();
        if (derValue4.getTag() != 48) {
            throw new IOException("Bad encoding in tbsResponseData element of OCSP response: expected ASN.1 SEQUENCE tag.");
        }
        DerInputStream data3 = derValue4.getData();
        DerValue derValue5 = data3.getDerValue();
        if (derValue5.isContextSpecific((byte) 0) && derValue5.isConstructed() && derValue5.isContextSpecific()) {
            DerValue derValue6 = derValue5.getData().getDerValue();
            derValue6.getInteger().intValue();
            if (derValue6.getData().available() != 0) {
                throw new IOException("Bad encoding in version  element of OCSP response: bad format");
            }
            derValue5 = data3.getDerValue();
        }
        short tag = (byte) (derValue5.getTag() & 31);
        if (tag != 1 && tag != 2) {
            throw new IOException("Bad encoding in responderID element of OCSP response: expected ASN.1 context specific tag 0 or 1");
        }
        data3.getDerValue();
        data3.getSequence(1);
        byte[] bArr2 = null;
        if (data3.available() > 0) {
            DerValue derValue7 = data3.getDerValue();
            if (derValue7.isContextSpecific((byte) 1)) {
                for (DerValue derValue8 : derValue7.getData().getSequence(3)) {
                    Extension extension = new Extension(derValue8);
                    if (extension.getExtensionId().equals((Object) newInternal)) {
                        bArr2 = extension.getExtensionValue();
                    } else if (extension.isCritical()) {
                        throw new IOException("Unsupported OCSP critical extension: " + extension.getExtensionId());
                    }
                }
            }
        }
        return bArr2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Map<CertID, SingleResponse> getCertIDToSingleResponseMap(byte[] bArr, Date date) throws IOException {
        ObjectIdentifier.newInternal(new int[]{1, 3, 6, 1, 5, 5, 7, 48, 1, 2});
        ObjectIdentifier newInternal = ObjectIdentifier.newInternal(new int[]{1, 3, 6, 1, 5, 5, 7, 48, 1, 1});
        ResponseStatus[] values = ResponseStatus.values();
        DerValue derValue = new DerValue(bArr);
        if (derValue.getTag() != 48) {
            throw new IOException("Bad encoding in OCSP response: expected ASN.1 SEQUENCE tag.");
        }
        DerInputStream data = derValue.getData();
        int intValue = data.getEnumerated().intValue();
        if (intValue < 0 || intValue >= values.length) {
            throw new IOException("Unknown OCSPResponse status: " + intValue);
        }
        if (values[intValue] != ResponseStatus.SUCCESSFUL) {
            return Collections.emptyMap();
        }
        DerValue derValue2 = data.getDerValue();
        if (!derValue2.isContextSpecific((byte) 0)) {
            throw new IOException("Bad encoding in responseBytes element of OCSP response: expected ASN.1 context specific tag 0.");
        }
        DerValue derValue3 = derValue2.getData().getDerValue();
        if (derValue3.getTag() != 48) {
            throw new IOException("Bad encoding in responseBytes element of OCSP response: expected ASN.1 SEQUENCE tag.");
        }
        DerInputStream data2 = derValue3.getData();
        ObjectIdentifier oid = data2.getOID();
        if (!oid.equals((Object) newInternal)) {
            throw new IOException("Unsupported OCSP response type: " + oid);
        }
        DerValue[] sequence = new DerInputStream(data2.getOctetString()).getSequence(2);
        if (sequence.length < 3) {
            throw new IOException("Unexpected BasicOCSPResponse value");
        }
        DerValue derValue4 = sequence[0];
        sequence[0].toByteArray();
        if (derValue4.getTag() != 48) {
            throw new IOException("Bad encoding in tbsResponseData element of OCSP response: expected ASN.1 SEQUENCE tag.");
        }
        DerInputStream data3 = derValue4.getData();
        DerValue derValue5 = data3.getDerValue();
        if (derValue5.isContextSpecific((byte) 0) && derValue5.isConstructed() && derValue5.isContextSpecific()) {
            DerValue derValue6 = derValue5.getData().getDerValue();
            derValue6.getInteger().intValue();
            if (derValue6.getData().available() != 0) {
                throw new IOException("Bad encoding in version  element of OCSP response: bad format");
            }
            derValue5 = data3.getDerValue();
        }
        short tag = (byte) (derValue5.getTag() & 31);
        if (tag != 1 && tag != 2) {
            throw new IOException("Bad encoding in responderID element of OCSP response: expected ASN.1 context specific tag 0 or 1");
        }
        data3.getDerValue();
        DerValue[] sequence2 = data3.getSequence(1);
        HashMap hashMap = new HashMap(sequence2.length);
        for (DerValue derValue7 : sequence2) {
            SingleResponse singleResponse = new SingleResponse(derValue7, date);
            hashMap.put(singleResponse.getCertID(), singleResponse);
        }
        return hashMap;
    }

    static {
        ObjectIdentifier objectIdentifier = null;
        try {
            objectIdentifier = new ObjectIdentifier("1.3.6.1.5.5.7.48.1.1");
        } catch (Exception e) {
        }
        basicResponseType = objectIdentifier;
    }
}
