package be.fedict.trust.ocsp;

import java.io.IOException;
import java.net.URI;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.ocsp.BasicOCSPResp;
import org.bouncycastle.ocsp.CertificateID;
import org.bouncycastle.ocsp.OCSPException;
import org.bouncycastle.ocsp.OCSPResp;
import org.bouncycastle.ocsp.SingleResp;

/* loaded from: input_file:be/fedict/trust/ocsp/OfflineOcspRepository.class */
public class OfflineOcspRepository implements OcspRepository {
    private static final Log LOG = LogFactory.getLog(OfflineOcspRepository.class);
    private final List<OCSPResp> ocspResponses = new LinkedList();

    public OfflineOcspRepository(List<byte[]> list) throws IOException {
        Iterator<byte[]> it = list.iterator();
        while (it.hasNext()) {
            this.ocspResponses.add(new OCSPResp(it.next()));
        }
    }

    @Override // be.fedict.trust.ocsp.OcspRepository
    public OCSPResp findOcspResponse(URI uri, X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        LOG.debug("find OCSP response");
        try {
            for (OCSPResp oCSPResp : this.ocspResponses) {
                CertificateID certificateID = new CertificateID(CertificateID.HASH_SHA1, x509Certificate2, x509Certificate.getSerialNumber());
                for (SingleResp singleResp : ((BasicOCSPResp) oCSPResp.getResponseObject()).getResponses()) {
                    if (singleResp.getCertID().equals(certificateID)) {
                        LOG.debug("OCSP response found");
                        return oCSPResp;
                    }
                }
            }
            LOG.debug("OCSP response not found");
            return null;
        } catch (OCSPException e) {
            LOG.error("OCSPException: " + e.getMessage(), e);
            return null;
        }
    }
}
