package com.xdja.pki.ocsp.certmanager.service.certstatus;

import com.xdja.pki.ocsp.core.Constants;
import com.xdja.pki.ocsp.hsm.crypt.manager.PkixIssueRespBuilderManager;
import com.xdja.pki.ocsp.issue.OCSPHenceRespBuilder;
import java.security.cert.X509Certificate;
import java.util.Date;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ocsp.OCSPObjectIdentifiers;
import org.bouncycastle.asn1.ocsp.OCSPRequest;
import org.bouncycastle.asn1.ocsp.Request;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.Extensions;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
import org.bouncycastle.cert.ocsp.BasicOCSPResp;
import org.bouncycastle.cert.ocsp.BasicOCSPRespBuilder;
import org.bouncycastle.cert.ocsp.CertificateID;
import org.bouncycastle.cert.ocsp.CertificateStatus;
import org.bouncycastle.cert.ocsp.OCSPReq;
import org.bouncycastle.cert.ocsp.OCSPResp;
import org.bouncycastle.cert.ocsp.RespID;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:com/xdja/pki/ocsp/certmanager/service/certstatus/OcspResponseServiceImpl.class */
public class OcspResponseServiceImpl implements OcspResponseService {
    private Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    private PkixIssueRespBuilderManager pkixIssueRespBuilderManager;

    @Autowired
    private CertStatusQueryService certStatusQueryService;

    public OCSPReq buildOcspReq(byte[] bArr) {
        try {
            return new OCSPReq(bArr);
        } catch (Exception e) {
            throw new RuntimeException("ocsp请求结构体构造异常", e);
        }
    }

    public byte[] builOCSPResponse(OCSPReq oCSPReq, int i) {
        try {
            return buildOCSPResp(oCSPReq, i).getEncoded();
        } catch (Exception e) {
            throw new RuntimeException("构造OCSP Response结构体异常");
        }
    }

    private OCSPResp buildOCSPResp(OCSPReq oCSPReq, int i) {
        BasicOCSPRespBuilder basicOCSPRespBuilder = null;
        X509Certificate x509Certificate = Constants.OCSP_SIGN_CERT;
        if (0 == i) {
            try {
                basicOCSPRespBuilder = buildCertStatus(oCSPReq, new BasicOCSPRespBuilder(new RespID(new X500Name(x509Certificate.getSubjectDN().getName()))));
            } catch (Exception e) {
                i = 2;
                e.printStackTrace();
                this.logger.error("获取ContentSignerc异常", e);
            }
        }
        return signOcspResp(i, basicOCSPRespBuilder, oCSPReq);
    }

    public BasicOCSPRespBuilder buildCertStatus(OCSPReq oCSPReq, BasicOCSPRespBuilder basicOCSPRespBuilder) {
        try {
            ASN1Sequence requestList = OCSPRequest.getInstance(oCSPReq.getEncoded()).getTbsRequest().getRequestList();
            for (int i = 0; i < requestList.size(); i++) {
                CertificateID certificateID = new CertificateID(Request.getInstance(requestList.getObjectAt(i)).getReqCert());
                CertificateStatus certStatusQuery = this.certStatusQueryService.certStatusQuery(certificateID);
                basicOCSPRespBuilder.setResponseExtensions(new Extensions(oCSPReq.getExtension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce)));
                basicOCSPRespBuilder.addResponse(certificateID, certStatusQuery, new Date(), new Date());
            }
            return basicOCSPRespBuilder;
        } catch (Exception e) {
            throw new RuntimeException("进行返回证书状态结构体构造异常", e);
        }
    }

    public OCSPResp signOcspResp(int i, BasicOCSPRespBuilder basicOCSPRespBuilder, OCSPReq oCSPReq) {
        BasicOCSPResp basicOCSPResp = null;
        if (0 == i) {
            try {
                basicOCSPResp = basicOCSPRespBuilder.build(this.pkixIssueRespBuilderManager.buildContentSigner(), new X509CertificateHolder[]{new JcaX509CertificateHolder(Constants.OCSP_SIGN_CERT)}, new Date());
            } catch (Exception e) {
                i = 2;
                this.logger.error("获取ContentSignerc异常", e);
            }
        }
        return buildOcspResp(i, basicOCSPResp, oCSPReq);
    }

    public OCSPResp signOcspResp(int i, BasicOCSPRespBuilder basicOCSPRespBuilder) {
        BasicOCSPResp basicOCSPResp = null;
        if (0 == i) {
            try {
                basicOCSPResp = basicOCSPRespBuilder.build(this.pkixIssueRespBuilderManager.buildContentSigner(), new X509CertificateHolder[]{new JcaX509CertificateHolder(Constants.OCSP_SIGN_CERT)}, new Date());
            } catch (Exception e) {
                i = 2;
                this.logger.error("获取ContentSignerc异常", e);
            }
        }
        return buildOcspResp(i, basicOCSPResp);
    }

    public OCSPResp buildOcspResp(int i, BasicOCSPResp basicOCSPResp) {
        try {
            OCSPHenceRespBuilder oCSPHenceRespBuilder = new OCSPHenceRespBuilder();
            return 0 == i ? oCSPHenceRespBuilder.build(i, basicOCSPResp, Constants.RESPONSE_RESPONSER_TYPE) : oCSPHenceRespBuilder.build(i, (Object) null, Constants.RESPONSE_RESPONSER_TYPE);
        } catch (Exception e) {
            throw new RuntimeException("组装ocsp返回结构体失败", e);
        }
    }

    public OCSPResp buildOcspResp(int i, BasicOCSPResp basicOCSPResp, OCSPReq oCSPReq) {
        try {
            OCSPHenceRespBuilder oCSPHenceRespBuilder = new OCSPHenceRespBuilder();
            return 0 == i ? oCSPHenceRespBuilder.build(i, basicOCSPResp, oCSPReq, Constants.RESPONSE_RESPONSER_TYPE) : oCSPHenceRespBuilder.build(i, (Object) null, oCSPReq, Constants.RESPONSE_RESPONSER_TYPE);
        } catch (Exception e) {
            throw new RuntimeException("组装ocsp返回结构体失败", e);
        }
    }
}
