package net.klakegg.pkix.ocsp;

import java.io.IOException;
import java.math.BigInteger;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.ThreadLocalRandom;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.ocsp.CertID;
import org.bouncycastle.asn1.ocsp.OCSPObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.Extensions;
import org.bouncycastle.cert.ocsp.CertificateID;
import org.bouncycastle.cert.ocsp.OCSPException;
import org.bouncycastle.cert.ocsp.OCSPReqBuilder;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/pkix-ocsp-0.9.1.jar:net/klakegg/pkix/ocsp/OcspRequest.class */
public class OcspRequest {
    private List<Extension> extensions = new ArrayList();
    private List<BigInteger> certificates = new ArrayList();
    private ASN1OctetString issuerNameHash;
    private ASN1OctetString issuerKeyHash;
    private AlgorithmIdentifier algorithmIdentifier;

    public void setIssuer(CertificateIssuer certificateIssuer) {
        this.issuerNameHash = new DEROctetString(certificateIssuer.getIssuerNameHash());
        this.issuerKeyHash = new DEROctetString(certificateIssuer.getIssuerKeyHash());
        this.algorithmIdentifier = new AlgorithmIdentifier(new ASN1ObjectIdentifier(certificateIssuer.getAlgorithmIdentifier()));
    }

    public void addNonce() {
        byte[] bArr = new byte[16];
        ThreadLocalRandom.current().nextBytes(bArr);
        addExtension(new Extension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, (ASN1OctetString) new DEROctetString(bArr)));
    }

    public void addExtension(Extension extension) {
        this.extensions.add(extension);
    }

    public void addCertificates(BigInteger... bigIntegerArr) {
        Collections.addAll(this.certificates, bigIntegerArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] generateRequest() throws OcspException {
        try {
            OCSPReqBuilder oCSPReqBuilder = new OCSPReqBuilder();
            Iterator<BigInteger> it = this.certificates.iterator();
            while (it.hasNext()) {
                oCSPReqBuilder.addRequest(new CertificateID(new CertID(this.algorithmIdentifier, this.issuerNameHash, this.issuerKeyHash, new ASN1Integer(it.next()))));
            }
            if (this.extensions.size() > 0) {
                oCSPReqBuilder.setRequestExtensions(new Extensions((Extension[]) this.extensions.toArray(new Extension[this.extensions.size()])));
            }
            return oCSPReqBuilder.build().getEncoded();
        } catch (IOException | OCSPException e) {
            throw new OcspException("Exception while creating OCSP request: '%s'", e, e.getMessage());
        }
    }
}
