package org.openoces.ooapi.ping;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.ProtocolException;
import java.net.URL;
import java.security.Security;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import org.apache.log4j.Logger;
import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
import org.bouncycastle.cert.ocsp.CertificateID;
import org.bouncycastle.cert.ocsp.OCSPException;
import org.bouncycastle.cert.ocsp.OCSPReqBuilder;
import org.bouncycastle.cert.ocsp.OCSPResp;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.openoces.ooapi.config.OOAPIConfiguration;
import org.openoces.ooapi.environment.Environments;
import org.openoces.ooapi.environment.RootCertificates;
import org.openoces.ooapi.exceptions.InternalException;

/* loaded from: input_file:org/openoces/ooapi/ping/OCSPAlivetester.class */
public class OCSPAlivetester {
    private static final Logger logger = Logger.getLogger(OCSPAlivetester.class);
    protected static OOAPIConfiguration configuration = OOAPIConfiguration.getInstance();
    private static OCSPAlivetester instance = new OCSPAlivetester();

    public static OCSPAlivetester getInstance() {
        return instance;
    }

    public boolean pingOCSP(String str) {
        try {
            return isAlive(str);
        } catch (InternalException e) {
            logger.debug("Error verifying OCSP is alive");
            return false;
        }
    }

    private boolean isAlive(String str) throws InternalException {
        try {
            OCSPReqBuilder oCSPReqBuilder = new OCSPReqBuilder();
            Collection<Environments.Environment> trustedEnvironments = Environments.getTrustedEnvironments();
            if (trustedEnvironments == null || trustedEnvironments.size() == 0) {
                throw new IllegalArgumentException("No trusted enviroment has been set");
            }
            X509Certificate lookupCertificate = RootCertificates.lookupCertificate(trustedEnvironments.iterator().next());
            logger.debug("validate certificate serial number 1 for env:" + lookupCertificate);
            oCSPReqBuilder.addRequest(new CertificateID(new JcaDigestCalculatorProviderBuilder().build().get(CertificateID.HASH_SHA1), new JcaX509CertificateHolder(lookupCertificate), new BigInteger("1")));
            OCSPResp oCSPResp = new OCSPResp(doPostOCSPRequest(oCSPReqBuilder.build().getEncoded(), str));
            logger.debug("ocsp response status: " + oCSPResp.getStatus());
            return oCSPResp.getStatus() == 0;
        } catch (OCSPException | IOException | OperatorCreationException | CertificateEncodingException e) {
            throw new InternalException((Throwable) e);
        }
    }

    private byte[] doPostOCSPRequest(byte[] bArr, String str) {
        HttpURLConnection httpURLConnection = null;
        try {
            try {
                httpURLConnection = setupConnection(bArr.length, str);
                OutputStream outputStream = httpURLConnection.getOutputStream();
                outputStream.write(bArr);
                httpURLConnection.connect();
                outputStream.close();
                checkResponseCode(httpURLConnection);
                byte[] readResponse = readResponse(httpURLConnection);
                if (httpURLConnection != null) {
                    httpURLConnection.disconnect();
                }
                return readResponse;
            } catch (IOException e) {
                throw new IllegalStateException(e);
            }
        } catch (Throwable th) {
            if (httpURLConnection != null) {
                httpURLConnection.disconnect();
            }
            throw th;
        }
    }

    private HttpURLConnection setupConnection(int i, String str) throws IOException, MalformedURLException, ProtocolException {
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
        httpURLConnection.setAllowUserInteraction(false);
        httpURLConnection.setDoInput(true);
        httpURLConnection.setDoOutput(true);
        httpURLConnection.setUseCaches(false);
        httpURLConnection.setRequestMethod("POST");
        httpURLConnection.setRequestProperty("Content-Length", Integer.toString(i));
        httpURLConnection.setRequestProperty("Content-Type", "application/ocsp-request");
        return httpURLConnection;
    }

    private byte[] readResponse(HttpURLConnection httpURLConnection) throws IOException {
        int contentLength = httpURLConnection.getContentLength();
        InputStream inputStream = httpURLConnection.getInputStream();
        byte[] bArr = new byte[contentLength];
        int i = 0;
        do {
            i += inputStream.read(bArr, i, Math.min(1024, contentLength - i));
        } while (i != contentLength);
        inputStream.close();
        return bArr;
    }

    private void checkResponseCode(HttpURLConnection httpURLConnection) throws IOException {
        if (httpURLConnection.getResponseCode() != 200) {
            throw new IllegalStateException("http response code was: " + httpURLConnection.getResponseCode());
        }
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
