package org.xipki.ocsp.client;

import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.ocsp.CertID;
import org.bouncycastle.asn1.ocsp.OCSPRequest;
import org.bouncycastle.asn1.ocsp.Request;
import org.bouncycastle.asn1.ocsp.Signature;
import org.bouncycastle.asn1.ocsp.TBSRequest;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.asn1.x509.Extensions;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.cert.ocsp.OCSPException;
import org.bouncycastle.operator.ContentSigner;

/* loaded from: input_file:org/xipki/ocsp/client/XiOCSPReqBuilder.class */
public class XiOCSPReqBuilder {
    private List<RequestObject> list = new ArrayList();
    private GeneralName requestorName = null;
    private Extensions requestExtensions = null;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/xipki/ocsp/client/XiOCSPReqBuilder$RequestObject.class */
    public class RequestObject {
        CertID certId;
        Extensions extensions;

        public RequestObject(CertID certID, Extensions extensions) {
            this.certId = certID;
            this.extensions = extensions;
        }

        public Request toRequest() throws Exception {
            return new Request(this.certId, this.extensions);
        }
    }

    public XiOCSPReqBuilder addRequest(CertID certID) {
        this.list.add(new RequestObject(certID, null));
        return this;
    }

    public XiOCSPReqBuilder addRequest(CertID certID, Extensions extensions) {
        this.list.add(new RequestObject(certID, extensions));
        return this;
    }

    public XiOCSPReqBuilder setRequestorName(X500Name x500Name) {
        this.requestorName = new GeneralName(4, x500Name);
        return this;
    }

    public XiOCSPReqBuilder setRequestorName(GeneralName generalName) {
        this.requestorName = generalName;
        return this;
    }

    public XiOCSPReqBuilder setRequestExtensions(Extensions extensions) {
        this.requestExtensions = extensions;
        return this;
    }

    private OCSPRequest generateRequest(ContentSigner contentSigner, Certificate[] certificateArr) throws OCSPException {
        Iterator<RequestObject> it = this.list.iterator();
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        while (it.hasNext()) {
            try {
                aSN1EncodableVector.add(it.next().toRequest());
            } catch (Exception e) {
                throw new OCSPException("exception creating Request", e);
            }
        }
        TBSRequest tBSRequest = new TBSRequest(this.requestorName, new DERSequence(aSN1EncodableVector), this.requestExtensions);
        Signature signature = null;
        if (contentSigner != null) {
            if (this.requestorName == null) {
                throw new OCSPException("requestorName must be specified if request is signed.");
            }
            try {
                OutputStream outputStream = contentSigner.getOutputStream();
                outputStream.write(tBSRequest.getEncoded("DER"));
                outputStream.close();
                DERBitString dERBitString = new DERBitString(contentSigner.getSignature());
                AlgorithmIdentifier algorithmIdentifier = contentSigner.getAlgorithmIdentifier();
                if (certificateArr == null || certificateArr.length <= 0) {
                    signature = new Signature(algorithmIdentifier, dERBitString);
                } else {
                    ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
                    for (int i = 0; i != certificateArr.length; i++) {
                        aSN1EncodableVector2.add(certificateArr[i]);
                    }
                    signature = new Signature(algorithmIdentifier, dERBitString, new DERSequence(aSN1EncodableVector2));
                }
            } catch (Exception e2) {
                throw new OCSPException("exception processing TBSRequest: " + e2, e2);
            }
        }
        return new OCSPRequest(tBSRequest, signature);
    }

    public OCSPRequest build() throws OCSPException {
        return generateRequest(null, null);
    }

    public OCSPRequest build(ContentSigner contentSigner, Certificate[] certificateArr) throws OCSPException {
        if (contentSigner == null) {
            throw new IllegalArgumentException("no signer specified");
        }
        return generateRequest(contentSigner, certificateArr);
    }
}
