package ru.CryptoPro.CAdES;

import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.Vector;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.cms.CMSAttributeTableGenerator;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.tsp.TimeStampToken;
import ru.CryptoPro.AdES.exception.AdESException;
import ru.CryptoPro.AdES.timestamp.TSPTimeStampValidatorImpl;
import ru.CryptoPro.AdES.tools.AdESUtility;
import ru.CryptoPro.CAdES.exception.CAdESCMSAttributeTableGenerationException;
import ru.CryptoPro.CAdES.exception.CAdESException;
import ru.CryptoPro.CAdES.exception.TimeStampValidationException;
import ru.CryptoPro.CAdES.timestamp.external.InternalTimeStampValidationProcessImpl;
import ru.CryptoPro.CAdES.timestamp.external.data.TSPSignatureDataImpl;
import ru.CryptoPro.CAdES.tools.CAdESUtility;
import ru.CryptoPro.JCP.tools.JCPLogger;

/* loaded from: classes5.dex */
public class CAdESSignerTImpl extends CAdESSignerBESImpl implements CAdESSignerT {
    protected TimeStampToken k;

    /* JADX INFO: Access modifiers changed from: protected */
    public CAdESSignerTImpl(SignerInformation signerInformation, Integer num, boolean z) throws CAdESException {
        super(signerInformation, num, z);
        this.k = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CAdESSignerTImpl(SignerInformation signerInformation, boolean z) throws CAdESException {
        this(signerInformation, CAdES_T, z);
    }

    private void d() throws CAdESException {
        JCPLogger.subEnter();
        JCPLogger.fine("Looking for a valid timestamp...");
        TimeStampValidationException timeStampValidationException = new TimeStampValidationException(TimeStampValidationException.ecTimestampInvalid);
        TSPSignatureDataImpl tSPSignatureDataImpl = new TSPSignatureDataImpl(this.a.getSignature());
        tSPSignatureDataImpl.setProvider(this.provider);
        List<TimeStampToken> signatureTimestampTokens = ((ru.CryptoPro.CAdES.pc_0.pc_0.cl_6) this.j).getSignatureTimestampTokens();
        for (TimeStampToken timeStampToken : signatureTimestampTokens) {
            TSPTimeStampValidatorImpl tSPTimeStampValidatorImpl = new TSPTimeStampValidatorImpl();
            try {
                InternalTimeStampValidationProcessImpl internalTimeStampValidationProcessImpl = new InternalTimeStampValidationProcessImpl(tSPSignatureDataImpl, timeStampToken);
                internalTimeStampValidationProcessImpl.setCertificateValues(this.signatureCertificates);
                internalTimeStampValidationProcessImpl.setCRLs(this.signatureCRLs);
                internalTimeStampValidationProcessImpl.setOptions(this.signatureOptions);
                tSPTimeStampValidatorImpl.validate((TSPTimeStampValidatorImpl) internalTimeStampValidationProcessImpl);
                JCPLogger.fine("Valid timestamp has been found!");
                this.k = timeStampToken;
                return;
            } catch (AdESException e) {
                if (signatureTimestampTokens.size() == 1) {
                    throw new TimeStampValidationException(e, e.getErrorCode());
                }
                JCPLogger.thrown(e);
                timeStampValidationException.add(e);
            }
        }
        if (this.k == null) {
            JCPLogger.fine("No signature-timestamp has been found.");
            throw timeStampValidationException;
        }
        JCPLogger.subExit();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // ru.CryptoPro.CAdES.CAdESSignerBESImpl
    public Map<Object, Object> a() throws CAdESException {
        JCPLogger.fine("Preparing attribute parameters (T -> X Long Type 1)...");
        Vector<Attribute> attributes = CAdESUtility.getAttributes(this.a.getUnsignedAttributes(), PKCSObjectIdentifiers.id_aa_signatureTimeStampToken);
        if (attributes.size() > 1) {
            throw new CAdESException("Could not enhance signature with more than one signature-timestamp", CAdESException.ecUnexpectedTimestampCount);
        }
        Attribute attribute = attributes.get(0);
        Map<Object, Object> a = super.a();
        a.put(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken, attribute);
        JCPLogger.fine("Adding freshest valid signature-timestamp (T -> X Long Type 1)...");
        a.put("FreshestValidInternalTimeStamp", this.k);
        return a;
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerBESImpl, ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl
    protected void c() throws CAdESException {
        this.j = new ru.CryptoPro.CAdES.pc_0.pc_0.cl_6(this.a);
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerBESImpl, ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    public CAdESSigner enhance(String str, String str2, List<X509Certificate> list, String str3, Integer num, AttributeTable attributeTable) throws CAdESException {
        return enhance(str, str2, list, null, str3, num, attributeTable);
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerBESImpl, ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    public CAdESSigner enhance(String str, String str2, List<X509Certificate> list, Set<X509CRL> set, String str3, Integer num, AttributeTable attributeTable) throws CAdESException {
        JCPLogger.fine("%%% Enhancing signer (T)... %%%");
        try {
            checkIfCanEnhance(num);
            List<X509Certificate> emptyList = list == null ? Collections.emptyList() : list;
            Set unmodifiableSet = Collections.unmodifiableSet(this.signatureCertificates);
            this.signatureCertificates.addAll(emptyList);
            this.signatureCRLs.addAll(set == null ? Collections.emptySet() : set);
            X509Certificate a = a(unmodifiableSet, emptyList);
            String checkAndGetDigestAlgorithm = AdESUtility.checkAndGetDigestAlgorithm(str2, str, a.getPublicKey());
            if (checkAndGetDigestAlgorithm == null) {
                throw new CAdESException("Digest algorithm has not been found or is not supported by provider " + str, AdESException.ecInternal);
            }
            JCPLogger.fine("Enhancing digest algorithm: " + checkAndGetDigestAlgorithm);
            JCPLogger.fine("Looking for an earliest valid signature-timestamp...");
            if (this.k == null) {
                d();
            }
            try {
                List<X509Certificate> build = this.i ? this.signerCertificateChain : build(a, str, null);
                JCPLogger.fine("Initiating attribute table (T -> " + CAdESType.getSignatureTypeName(num) + ")...");
                a(checkAndGetDigestAlgorithm, num);
                CMSAttributeTableGenerator a2 = a(build, str, checkAndGetDigestAlgorithm, str3, num, attributeTable, getSignatureTimestampTokens(), null, null, null);
                JCPLogger.fine("Generating attributes...");
                AttributeTable attributes = a2.getAttributes(a());
                JCPLogger.fine("Replacing attributes...");
                replaceUnsignedAttributes(this, attributes);
                CAdESSigner a3 = a(a2);
                JCPLogger.fine("%%% Signer has been enhanced %%%");
                if (a3 instanceof CAdESSignerAImpl) {
                    ((CAdESSignerAImpl) a3).verify();
                }
                return a3;
            } catch (AdESException e) {
                throw new CAdESException(e, e.getErrorCode());
            } catch (CAdESCMSAttributeTableGenerationException e2) {
                throw new CAdESException(e2, e2.getErrorCode());
            }
        } catch (AdESException e3) {
            throw new CAdESException(e3, e3.getErrorCode());
        }
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerT
    public TimeStampToken getEarliestValidSignatureTimeStampToken() {
        return this.k;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.AdES.external.signature.AdESSigner
    public Date getInternalDate() {
        return this.k.getTimeStampInfo().getGenTime();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // ru.CryptoPro.CAdES.CAdESSignerBESImpl, ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.AdES.external.signature.AdESSigner
    public Date getPkupValidationDate() {
        Date pkupValidationDate = super.getPkupValidationDate();
        return pkupValidationDate != null ? pkupValidationDate : getInternalDate();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSigner, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    @Deprecated
    public TimeStampToken getSignatureTimestampToken() {
        return getEarliestValidSignatureTimeStampToken();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSigner, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    @Deprecated
    public Collection<TimeStampToken> getSignatureTimestampTokenList() {
        return getSignatureTimestampTokens();
    }

    @Override // ru.CryptoPro.AdES.external.decode.AdESTAttributeParametersDecoder
    public List<TimeStampToken> getSignatureTimestampTokens() {
        return ((ru.CryptoPro.CAdES.pc_0.pc_0.cl_6) this.j).getSignatureTimestampTokens();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerBESImpl, ru.CryptoPro.CAdES.CAdESSigner, ru.CryptoPro.AdES.external.interfaces.IAdESSigner
    public Integer getSignatureType() {
        return CAdES_T;
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerBESImpl, ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.AdES.external.interfaces.IAdESSigner, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    public void verify(Set<X509Certificate> set, Set<X509CRL> set2, Integer num, boolean z) throws CAdESException {
        JCPLogger.subEnter();
        JCPLogger.fine("%%% Verifying signer... %%%");
        if (num != null && !num.equals(CAdES_T) && !num.equals(CAdES_BES)) {
            JCPLogger.infoFormat("Signature type '{0}' ignored, default signature type used.", CAdESType.getSignatureTypeName(num));
            num = null;
        }
        if (num == null) {
            num = getSignatureType();
        }
        if (num.equals(CAdES_BES)) {
            try {
                CAdESSignerBESImpl cAdESSignerBESImpl = new CAdESSignerBESImpl(getSignerInfo(), false);
                cAdESSignerBESImpl.setProvider(this.provider);
                cAdESSignerBESImpl.b();
                cAdESSignerBESImpl.verify(set, set2);
            } catch (AdESException e) {
                throw new CAdESException(e, e.getErrorCode());
            }
        } else {
            if (set == null) {
                set = Collections.emptySet();
            }
            if (set2 == null) {
                set2 = Collections.emptySet();
            }
            this.signatureCertificates.addAll(set);
            this.signatureCRLs.addAll(set2);
            this.k = null;
            d();
            super.verify(set, set2, (Integer) null, z);
        }
        JCPLogger.fine("%%% Signer has been verified %%%");
        JCPLogger.subExit();
    }
}
