package com.xdja.pki.issue;

import com.xdja.pki.asn1.issue.PkixIssueResponse;
import com.xdja.pki.asn1.issue.TBSIssueRequest;
import com.xdja.pki.asn1.issue.TBSIssueResponse;
import com.xdja.pki.gmssl.crypto.sdf.SdfCryptoType;
import java.io.IOException;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.util.Date;
import java.util.List;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ocsp.Signature;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/ldap-manager-0.0.1-SNAPSHOT.jar:com/xdja/pki/issue/PkixIssueResp.class */
public class PkixIssueResp extends BasicPkixIssue {
    private static Logger logger = LoggerFactory.getLogger((Class<?>) PkixIssueResp.class);

    public PkixIssueResp(byte[] bArr) throws IOException {
        this(new ASN1InputStream(bArr));
    }

    private PkixIssueResp(ASN1InputStream aSN1InputStream) throws IOException {
        this.issue = PkixIssueResponse.getInstance(aSN1InputStream.readObject());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PkixIssueResp(TBSIssueResponse tBSIssueResponse, Signature signature) {
        this.issue = new PkixIssueResponse(tBSIssueResponse, signature.getSignatureAlgorithm(), signature);
    }

    public TBSIssueResponseStatus getStatus() throws Exception {
        return TBSIssueResponseStatus.decode(((TBSIssueResponse) this.issue.getTBSIssue()).getResponseStatus());
    }

    public static boolean verifyTime(TBSIssueResponse tBSIssueResponse, int i) throws ParseException {
        Long valueOf = Long.valueOf(System.currentTimeMillis());
        Long valueOf2 = Long.valueOf(tBSIssueResponse.getTime().getDate().getTime());
        if (valueOf.longValue() - valueOf2.longValue() < 1000 * i) {
            return true;
        }
        logger.error("now time " + new Date(valueOf.longValue()).toString());
        logger.error("get time " + new Date(valueOf2.longValue()).toString());
        logger.error("verify time error nowTime = " + valueOf + " getTime = " + valueOf2 + " SUB = " + (valueOf.longValue() - valueOf2.longValue()));
        return false;
    }

    public static boolean verifyTranNonce(TBSIssueRequest tBSIssueRequest, TBSIssueResponse tBSIssueResponse) {
        if (tBSIssueRequest.getTransNonce().equals(tBSIssueResponse.getTransNonce())) {
            return true;
        }
        logger.error("req transNonce" + tBSIssueRequest.getTransNonce().toString());
        logger.error("resp transNonce" + tBSIssueResponse.getTransNonce().toString());
        return false;
    }

    public static boolean verifyNumber(TBSIssueRequest tBSIssueRequest, TBSIssueResponse tBSIssueResponse) {
        if (tBSIssueRequest.getNumber().equals(tBSIssueResponse.getNumber())) {
            return true;
        }
        logger.error("req Number" + tBSIssueRequest.getNumber().toString());
        logger.error("resp Number" + tBSIssueResponse.getNumber().toString());
        return false;
    }

    public static boolean verifyType(TBSIssueRequest tBSIssueRequest, TBSIssueResponse tBSIssueResponse) {
        if (tBSIssueRequest.getType().equals(tBSIssueResponse.getType())) {
            return true;
        }
        logger.error("req type" + tBSIssueRequest.getType().toString());
        logger.error("resp type" + tBSIssueResponse.getType().toString());
        return false;
    }

    public static boolean verifySign(PkixIssueResp pkixIssueResp, boolean z, List<X509Certificate> list, List<X509Certificate> list2, boolean z2, SdfCryptoType sdfCryptoType) throws Exception {
        List<X509Certificate> list3;
        if (z) {
            logger.debug("使用OCSP服务器证书验签 ");
            list3 = list;
        } else {
            logger.debug("使用LDAP服务器证书验签 ");
            list3 = list2;
        }
        return z2 ? pkixIssueResp.verifySignatureByBC(list3) : pkixIssueResp.verifySignatureBySdf(list3, sdfCryptoType);
    }
}
