package org.xipki.ocsp.server;

import java.io.IOException;
import java.io.OutputStream;
import java.util.Date;
import java.util.LinkedList;
import java.util.List;
import org.bouncycastle.cert.ocsp.OCSPException;
import org.xipki.ocsp.server.type.ASN1Type;
import org.xipki.ocsp.server.type.CertID;
import org.xipki.ocsp.server.type.Extensions;
import org.xipki.ocsp.server.type.ResponderID;
import org.xipki.ocsp.server.type.ResponseData;
import org.xipki.ocsp.server.type.SingleResponse;
import org.xipki.ocsp.server.type.TaggedCertSequence;
import org.xipki.security.ConcurrentBagEntrySigner;
import org.xipki.security.ConcurrentContentSigner;
import org.xipki.security.NoIdleSignerException;
import org.xipki.security.XiContentSigner;
import org.xipki.util.Hex;

/* loaded from: input_file:WEB-INF/lib/ocsp-server-5.3.7.jar:org/xipki/ocsp/server/OCSPRespBuilder.class */
public class OCSPRespBuilder {
    private static final byte[] successfulStatus = Hex.decode("0a0100");
    private static final byte[] responseTypeBasic = Hex.decode("06092b0601050507300101");
    private List<SingleResponse> list = new LinkedList();
    private Extensions responseExtensions = null;
    private ResponderID responderId;

    public OCSPRespBuilder(ResponderID responderID) {
        this.responderId = responderID;
    }

    public void addResponse(CertID certID, byte[] bArr, Date date, Date date2, Extensions extensions) {
        this.list.add(new SingleResponse(certID, bArr, date, date2, extensions));
    }

    public void setResponseExtensions(Extensions extensions) {
        this.responseExtensions = extensions;
    }

    public byte[] buildOCSPResponse(ConcurrentContentSigner concurrentContentSigner, TaggedCertSequence taggedCertSequence, Date date) throws OCSPException, NoIdleSignerException {
        ResponseData responseData = new ResponseData(0, this.responderId, date, this.list, this.responseExtensions);
        byte[] bArr = new byte[responseData.getEncodedLength()];
        responseData.write(bArr, 0);
        ConcurrentBagEntrySigner borrowSigner = concurrentContentSigner.borrowSigner();
        try {
            XiContentSigner value = borrowSigner.value();
            OutputStream outputStream = value.getOutputStream();
            try {
                outputStream.write(bArr);
                outputStream.close();
                byte[] signature = value.getSignature();
                byte[] encodedAlgorithmIdentifier = value.getEncodedAlgorithmIdentifier();
                concurrentContentSigner.requiteSigner(borrowSigner);
                int length = signature.length + 1;
                int length2 = bArr.length + encodedAlgorithmIdentifier.length + getLen(length);
                if (taggedCertSequence != null) {
                    length2 += taggedCertSequence.getEncodedLength();
                }
                int len = getLen(length2);
                int length3 = responseTypeBasic.length + getLen(len);
                int len2 = getLen(length3);
                int length4 = successfulStatus.length + getLen(len2);
                byte[] bArr2 = new byte[getLen(length4)];
                int writeHeader = 0 + ASN1Type.writeHeader((byte) 48, length4, bArr2, 0);
                int arraycopy = writeHeader + arraycopy(successfulStatus, bArr2, writeHeader);
                int writeHeader2 = arraycopy + ASN1Type.writeHeader((byte) -96, len2, bArr2, arraycopy);
                int writeHeader3 = writeHeader2 + ASN1Type.writeHeader((byte) 48, length3, bArr2, writeHeader2);
                int arraycopy2 = writeHeader3 + arraycopy(responseTypeBasic, bArr2, writeHeader3);
                int writeHeader4 = arraycopy2 + ASN1Type.writeHeader((byte) 4, len, bArr2, arraycopy2);
                int writeHeader5 = writeHeader4 + ASN1Type.writeHeader((byte) 48, length2, bArr2, writeHeader4);
                int arraycopy3 = writeHeader5 + arraycopy(bArr, bArr2, writeHeader5);
                int arraycopy4 = arraycopy3 + arraycopy(encodedAlgorithmIdentifier, bArr2, arraycopy3);
                int writeHeader6 = arraycopy4 + ASN1Type.writeHeader((byte) 3, length, bArr2, arraycopy4);
                int i = writeHeader6 + 1;
                bArr2[writeHeader6] = 0;
                int arraycopy5 = i + arraycopy(signature, bArr2, i);
                if (taggedCertSequence != null) {
                    int write = arraycopy5 + taggedCertSequence.write(bArr2, arraycopy5);
                }
                return bArr2;
            } catch (IOException e) {
                throw new OCSPException("exception signing TBSRequest: " + e.getMessage(), e);
            }
        } catch (Throwable th) {
            concurrentContentSigner.requiteSigner(borrowSigner);
            throw th;
        }
    }

    private static int getLen(int i) {
        return ASN1Type.getHeaderLen(i) + i;
    }

    private static int arraycopy(byte[] bArr, byte[] bArr2, int i) {
        System.arraycopy(bArr, 0, bArr2, i, bArr.length);
        return bArr.length;
    }
}
