package net.netca.pki.encoding.asn1.pki.ocsp;

import java.util.ArrayList;
import net.netca.pki.PkiException;
import net.netca.pki.encoding.asn1.ASN1TypeManager;
import net.netca.pki.encoding.asn1.BitString;
import net.netca.pki.encoding.asn1.Integer;
import net.netca.pki.encoding.asn1.Sequence;
import net.netca.pki.encoding.asn1.SequenceOf;
import net.netca.pki.encoding.asn1.SequenceOfType;
import net.netca.pki.encoding.asn1.SequenceType;
import net.netca.pki.encoding.asn1.TaggedValue;
import net.netca.pki.encoding.asn1.pki.AlgorithmIdentifier;
import net.netca.pki.encoding.asn1.pki.Extensions;
import net.netca.pki.encoding.asn1.pki.GeneralName;
import net.netca.pki.encoding.asn1.pki.Signable;
import net.netca.pki.encoding.asn1.pki.X509Certificate;

/* loaded from: classes3.dex */
public final class OCSPRequestBuilder {
    private Extensions exts;
    private RequestList reqList;
    private GeneralName requestor;
    private static final SequenceType type = (SequenceType) ASN1TypeManager.getInstance().get("OCSPRequest");
    private static final SequenceType tbsType = (SequenceType) ASN1TypeManager.getInstance().get("OCSPTBSRequest");
    private static final SequenceType signatureType = (SequenceType) ASN1TypeManager.getInstance().get("OCSPSignature");
    private int version = 0;
    private ArrayList<X509Certificate> certs = new ArrayList<>();

    private Sequence buildSiganture(AlgorithmIdentifier algorithmIdentifier, byte[] bArr) throws PkiException {
        Sequence sequence = new Sequence(signatureType);
        sequence.add(algorithmIdentifier.getASN1Object());
        sequence.add(new BitString(0, bArr));
        int size = this.certs.size();
        if (size > 0) {
            SequenceOf sequenceOf = new SequenceOf(new SequenceOfType((SequenceType) ASN1TypeManager.getInstance().get("Certificate")));
            for (int i = 0; i < size; i++) {
                sequenceOf.add(this.certs.get(i).getCertObject());
            }
            sequence.add(new TaggedValue(128, 0, false, sequenceOf));
        }
        return sequence;
    }

    private Sequence buildTbs() throws PkiException {
        Sequence sequence = new Sequence(tbsType);
        if (this.version != 0) {
            sequence.add(new TaggedValue(128, 0, false, new Integer(this.version)));
        }
        if (this.requestor != null) {
            sequence.add(new TaggedValue(128, 1, false, this.requestor.getASN1Object()));
        }
        sequence.add(this.reqList.getASN1Object());
        if (this.exts != null) {
            sequence.add(new TaggedValue(128, 2, false, this.exts.getASN1Object()));
        }
        return sequence;
    }

    public void addCert(X509Certificate x509Certificate) {
        this.certs.add(x509Certificate);
    }

    public OCSPRequest build() throws PkiException {
        if (this.reqList == null) {
            throw new PkiException("requestList is null");
        }
        Sequence buildTbs = buildTbs();
        Sequence sequence = new Sequence(type);
        sequence.add(buildTbs);
        return new OCSPRequest(sequence);
    }

    public void setExtensions(Extensions extensions) throws PkiException {
        this.exts = extensions;
    }

    public void setRequestList(RequestList requestList) throws PkiException {
        if (requestList == null) {
            throw new PkiException("requestList is null");
        }
        this.reqList = requestList;
    }

    public void setRequestorName(GeneralName generalName) throws PkiException {
        this.requestor = generalName;
    }

    public OCSPRequest sign(Signable signable, AlgorithmIdentifier algorithmIdentifier) throws PkiException {
        if (this.reqList == null) {
            throw new PkiException("requestList is null");
        }
        Sequence buildTbs = buildTbs();
        byte[] encode = buildTbs.encode();
        Sequence buildSiganture = buildSiganture(algorithmIdentifier, signable.sign(algorithmIdentifier, encode, 0, encode.length));
        Sequence sequence = new Sequence(type);
        sequence.add(buildTbs);
        sequence.add(new TaggedValue(128, 0, false, buildSiganture));
        return new OCSPRequest(sequence);
    }

    public OCSPRequest sign(Signable signable, AlgorithmIdentifier algorithmIdentifier, X509Certificate x509Certificate) throws PkiException {
        setRequestorName(GeneralName.NewDirectoryName(x509Certificate.getSubject()));
        return sign(signable, algorithmIdentifier);
    }
}
