package cn.com.infosec.ocsp;

import cn.com.infosec.asn1.ASN1OutputStream;
import cn.com.infosec.asn1.ASN1Sequence;
import cn.com.infosec.asn1.DEROutputStream;
import cn.com.infosec.asn1.ocsp.BasicOCSPResponse;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;

/* loaded from: input_file:lib/ISFJ_v2_0_1_127_3_BAISC_JDK14.jar:cn/com/infosec/ocsp/BasicOCSPResp.class */
public class BasicOCSPResp {
    BasicOCSPResponse resp;
    X509Certificate[] chain = null;

    public BasicOCSPResp(BasicOCSPResponse basicOCSPResponse) {
        this.resp = basicOCSPResponse;
    }

    public String getSignatureAlgOID() {
        return this.resp.getSignatureAlgorithm().getObjectId().getId();
    }

    public RespData getResponseData() {
        return new RespData(this.resp.getTbsResponseData());
    }

    public byte[] getSignature() {
        return this.resp.getSignature().getBytes();
    }

    public X509Certificate[] getCerts(String str) throws OCSPException, NoSuchProviderException {
        if (this.chain == null) {
            ArrayList arrayList = new ArrayList();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ASN1OutputStream aSN1OutputStream = new ASN1OutputStream(byteArrayOutputStream);
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", str);
                ASN1Sequence certs = this.resp.getCerts();
                if (certs != null) {
                    Enumeration objects = certs.getObjects();
                    while (objects.hasMoreElements()) {
                        try {
                            aSN1OutputStream.writeObject(objects.nextElement());
                            arrayList.add(certificateFactory.generateCertificate(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())));
                            byteArrayOutputStream.reset();
                        } catch (IOException e) {
                            throw new OCSPException("can't re-encode certificate!", e);
                        } catch (CertificateException e2) {
                            throw new OCSPException("can't re-encode certificate!", e2);
                        }
                    }
                }
                this.chain = (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
            } catch (CertificateException e3) {
                throw new OCSPException("can't get certificate factory.", e3);
            }
        }
        return this.chain;
    }

    public boolean verify(PublicKey publicKey, String str) throws OCSPException, NoSuchProviderException {
        try {
            Signature signature = Signature.getInstance(getSignatureAlgOID(), str);
            signature.initVerify(publicKey);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new DEROutputStream(byteArrayOutputStream).writeObject(this.resp.getTbsResponseData());
            signature.update(byteArrayOutputStream.toByteArray());
            return signature.verify(getSignature());
        } catch (NoSuchProviderException e) {
            throw e;
        } catch (Exception e2) {
            throw new OCSPException(new StringBuffer().append("exception processing sig: ").append(e2).toString(), e2);
        }
    }

    public byte[] getEncoded() throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        new ASN1OutputStream(byteArrayOutputStream).writeObject(this.resp);
        return byteArrayOutputStream.toByteArray();
    }
}
