package com.initech.pki.ocsp;

import com.initech.pki.asn1.ASN1BitString;
import com.initech.pki.asn1.ASN1Decoder;
import com.initech.pki.asn1.ASN1Encoder;
import com.initech.pki.asn1.ASN1Exception;
import com.initech.pki.asn1.ASN1OID;
import com.initech.pki.asn1.ASN1Tag;
import com.initech.pki.asn1.DERDecoder;
import com.initech.pki.asn1.DEREncoder;
import com.initech.pki.asn1.useful.ASN1Object;
import com.initech.pki.asn1.useful.AlgorithmID;
import com.initech.pki.asn1.useful.Extension;
import com.initech.pki.asn1.useful.Extensions;
import com.initech.pki.ocsp.extensions.AcceptableResponses;
import com.initech.pki.x509.Certificates;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import java.util.Vector;

/* loaded from: classes.dex */
public class BasicResponse extends ASN1Object implements OCSPResponseType {
    private static final ASN1OID type = new ASN1OID(AcceptableResponses.BASIC);
    protected byte[] encodedTBSRep;
    Date producedAt;
    ASN1BitString signature;
    protected boolean tbsModified;
    int version = 1;
    ResponderID responder = new ResponderID();
    Vector resps = new Vector(4);
    Extensions exts = new Extensions();
    AlgorithmID sigAlg = new AlgorithmID();
    Certificates certs = new Certificates();

    public void add(CertID certID, int i, Date date) {
        add(certID, i, null, date, null);
    }

    public void add(CertID certID, int i, Date date, Date date2) {
        add(certID, i, null, date, date2);
    }

    public void add(CertID certID, int i, Date date, Date date2, Date date3) {
        SingleResponse singleResponse = new SingleResponse();
        singleResponse.setCertID(certID);
        singleResponse.setStatus(i);
        singleResponse.setThisUpdate(date2);
        if (date3 != null) {
            singleResponse.setNextUpdate(date3);
        }
        if (date != null) {
            singleResponse.setStatusRevoked(date);
        }
        add(singleResponse);
    }

    public void add(SingleResponse singleResponse) {
        this.resps.addElement(singleResponse);
    }

    public void addCert(X509Certificate x509Certificate) {
        this.certs.add(x509Certificate);
        this.modified = true;
    }

    public void addExtension(Extension extension) {
        this.tbsModified = true;
        this.exts.add(extension);
    }

    public void clearExtensions() {
        this.tbsModified = true;
        this.exts.clear();
    }

    @Override // com.initech.pki.asn1.useful.ASN1Object, com.initech.pki.asn1.ASN1Type
    public void decode(ASN1Decoder aSN1Decoder) throws ASN1Exception {
        int decodeSequence = aSN1Decoder.decodeSequence();
        int decodeSequence2 = aSN1Decoder.decodeSequence();
        if (aSN1Decoder.nextIsDefault(ASN1Tag.makeExplicitTag(0))) {
            this.version = 1;
        } else {
            int decodeExplicit = aSN1Decoder.decodeExplicit(ASN1Tag.makeContextTag(0));
            this.version = aSN1Decoder.decodeIntegerAsInt();
            this.version++;
            aSN1Decoder.endOf(decodeExplicit);
        }
        this.responder.decode(aSN1Decoder);
        this.producedAt = aSN1Decoder.decodeGeneralizedTime();
        this.resps.clear();
        int decodeSequenceOf = aSN1Decoder.decodeSequenceOf();
        while (!aSN1Decoder.endOf(decodeSequenceOf)) {
            SingleResponse singleResponse = new SingleResponse();
            singleResponse.decode(aSN1Decoder);
            this.resps.addElement(singleResponse);
        }
        this.exts.clear();
        if (!aSN1Decoder.nextIsOptional(ASN1Tag.makeExplicitTag(1))) {
            int decodeExplicit2 = aSN1Decoder.decodeExplicit(ASN1Tag.makeContextTag(1));
            this.exts.decode(aSN1Decoder);
            aSN1Decoder.endOf(decodeExplicit2);
        }
        aSN1Decoder.endOf(decodeSequence2);
        this.sigAlg.decode(aSN1Decoder);
        this.signature = aSN1Decoder.decodeBitString();
        this.certs.clear();
        if (!aSN1Decoder.nextIsOptional(ASN1Tag.makeExplicitTag(0))) {
            int decodeExplicit3 = aSN1Decoder.decodeExplicit(ASN1Tag.makeContextTag(0));
            this.certs.decode(aSN1Decoder);
            aSN1Decoder.endOf(decodeExplicit3);
        }
        aSN1Decoder.endOf(decodeSequence);
    }

    @Override // com.initech.pki.asn1.useful.ASN1Object, com.initech.pki.asn1.ASN1EncType
    public void encode(ASN1Encoder aSN1Encoder) throws ASN1Exception {
        int encodeSequence = aSN1Encoder.encodeSequence();
        aSN1Encoder.encodeAny(getTBSResponse());
        this.sigAlg.encode(aSN1Encoder);
        aSN1Encoder.encodeBitString(this.signature);
        if (this.certs.size() > 0) {
            int encodeExplicit = aSN1Encoder.encodeExplicit(ASN1Tag.makeContextTag(0));
            this.certs.encode(aSN1Encoder);
            aSN1Encoder.endOf(encodeExplicit);
        }
        aSN1Encoder.endOf(encodeSequence);
    }

    @Override // com.initech.pki.ocsp.OCSPResponseType
    public X509Certificate[] getCerts() {
        return this.certs.getCertificates();
    }

    public byte[] getExtensionValue(String str) {
        Extension extension = this.exts.getExtension(str);
        if (extension != null) {
            return extension.getExtValue();
        }
        return null;
    }

    public Date getProducedAt() {
        return new Date(this.producedAt.getTime());
    }

    public SingleResponse getResponseAt(int i) {
        if (i < 0 || i > this.resps.size() - 1) {
            return null;
        }
        return (SingleResponse) this.resps.elementAt(i);
    }

    @Override // com.initech.pki.ocsp.OCSPResponseType
    public Enumeration getResponses() {
        return this.resps.elements();
    }

    public String getSigAlgName() {
        return this.sigAlg.getAlgName();
    }

    public String getSigAlgOID() {
        return this.sigAlg.getAlg();
    }

    public byte[] getSigAlgParams() {
        return this.sigAlg.getParameter();
    }

    public byte[] getSignature() {
        return this.signature.getAsByteArray();
    }

    public byte[] getTBSResponse() throws ASN1Exception {
        if (!this.tbsModified && this.encodedTBSRep != null) {
            return this.encodedTBSRep;
        }
        DEREncoder dEREncoder = new DEREncoder();
        int encodeSequence = dEREncoder.encodeSequence();
        if (this.version > 1) {
            int encodeExplicit = dEREncoder.encodeExplicit(ASN1Tag.makeContextTag(0));
            dEREncoder.encodeInteger(this.version - 1);
            dEREncoder.endOf(encodeExplicit);
        }
        dEREncoder.encodeAny(this.responder.getEncoded());
        if (this.producedAt == null) {
            this.producedAt = new Date();
        }
        dEREncoder.encodeGeneralizedTime(this.producedAt);
        int encodeSequenceOf = dEREncoder.encodeSequenceOf();
        for (int i = 0; i < this.resps.size(); i++) {
            ((SingleResponse) this.resps.elementAt(i)).encode(dEREncoder);
        }
        dEREncoder.endOf(encodeSequenceOf);
        if (this.exts.size() > 0) {
            int encodeExplicit2 = dEREncoder.encodeExplicit(ASN1Tag.makeContextTag(1));
            this.exts.encode(dEREncoder);
            dEREncoder.endOf(encodeExplicit2);
        }
        dEREncoder.endOf(encodeSequence);
        this.encodedTBSRep = dEREncoder.toByteArray();
        dEREncoder.finish();
        this.tbsModified = false;
        return this.encodedTBSRep;
    }

    @Override // com.initech.pki.ocsp.OCSPResponseType
    public ASN1OID getType() {
        return type;
    }

    public int getVersion() {
        return this.version;
    }

    public boolean isSigned() {
        return (this.sigAlg == null || this.signature == null) ? false : true;
    }

    public void removeExtension(String str) {
        this.tbsModified = true;
        this.exts.remove(str);
    }

    @Override // com.initech.pki.ocsp.OCSPResponseType
    public void set(ASN1OID asn1oid, byte[] bArr) throws ASN1Exception {
        decode(new DERDecoder(bArr));
        this.tbsModified = true;
        this.modified = true;
    }

    public void setProducedAt(Date date) {
        this.tbsModified = true;
        this.producedAt = new Date(date.getTime());
    }

    public void setResponderID(ResponderID responderID) {
        this.responder = responderID;
        this.tbsModified = true;
    }

    public void setSigAlg(AlgorithmID algorithmID) {
        this.sigAlg = algorithmID;
    }

    public void setSignature(byte[] bArr) {
        if (this.signature == null) {
            this.signature = new ASN1BitString();
        }
        this.signature.setByteArray(bArr);
        this.modified = true;
    }

    public void setVersion(int i) {
        this.tbsModified = true;
        this.version = i;
    }

    public void sign(PrivateKey privateKey, AlgorithmID algorithmID) throws OCSPException {
        sign(privateKey, algorithmID, "Initech");
    }

    public void sign(PrivateKey privateKey, AlgorithmID algorithmID, String str) throws OCSPException {
        try {
            Signature signature = Signature.getInstance(algorithmID.getAlgName(), str);
            this.sigAlg = (AlgorithmID) algorithmID.clone();
            this.tbsModified = true;
            signature.initSign(privateKey);
            signature.update(getTBSResponse());
            if (this.signature == null) {
                this.signature = new ASN1BitString();
            }
            this.signature.setByteArray(signature.sign());
            this.modified = true;
        } catch (Exception e) {
            throw new OCSPException(e);
        }
    }

    public int size() {
        return this.resps.size();
    }

    @Override // com.initech.pki.ocsp.OCSPResponseType
    public void verify(PublicKey publicKey) throws OCSPException {
        verify(publicKey, "Initech");
    }

    public void verify(PublicKey publicKey, String str) throws OCSPException {
        try {
            Signature signature = Signature.getInstance(getSigAlgName(), str);
            signature.initVerify(publicKey);
            signature.update(getTBSResponse());
            if (!signature.verify(getSignature())) {
                throw new OCSPException("Bad Signature");
            }
        } catch (Exception e) {
            throw new OCSPException(e);
        }
    }
}
