package ru.CryptoPro.CAdES;

import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.Vector;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.SignerIdentifier;
import org.bouncycastle.asn1.cms.SignerInfo;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.tsp.TimeStampToken;
import ru.CryptoPro.AdES.exception.AdESException;
import ru.CryptoPro.AdES.external.signature.ATSHashIndex;
import ru.CryptoPro.AdES.external.timestamp.TSPTimeStampValidationProcess;
import ru.CryptoPro.AdES.external.timestamp.data.TSPData;
import ru.CryptoPro.AdES.timestamp.TSPTimeStampValidatorImpl;
import ru.CryptoPro.CAdES.exception.ArchiveTimestampValidationException;
import ru.CryptoPro.CAdES.exception.CAdESException;
import ru.CryptoPro.CAdES.exception.TimeStampValidationException;
import ru.CryptoPro.CAdES.timestamp.external.ArchiveTimeStampValidationProcessImpl;
import ru.CryptoPro.CAdES.timestamp.external.EnhancedArchiveTimeStampValidationProcessImpl;
import ru.CryptoPro.CAdES.timestamp.external.data.TSPArchiveDataImpl;
import ru.CryptoPro.CAdES.timestamp.external.data.TimeStampData;
import ru.CryptoPro.CAdES.tools.CAdESUtility;
import ru.CryptoPro.JCP.tools.JCPLogger;

/* loaded from: classes4.dex */
public class CAdESSignerAImpl extends CAdESSignerXLT1Impl implements CAdESSignerA {
    protected TimeStampData h;
    protected TimeStampData i;

    protected CAdESSignerAImpl(SignerInformation signerInformation, Integer num, boolean z) throws CAdESException {
        super(signerInformation, num, z);
        this.h = null;
        this.i = null;
        c();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CAdESSignerAImpl(SignerInformation signerInformation, boolean z) throws CAdESException {
        this(signerInformation, CAdES_A, z);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r14v3 */
    /* JADX WARN: Type inference failed for: r14v4, types: [boolean] */
    /* JADX WARN: Type inference failed for: r14v5 */
    /* JADX WARN: Type inference failed for: r2v1, types: [java.lang.Throwable, ru.CryptoPro.CAdES.exception.TimeStampValidationException, java.lang.Integer] */
    /* JADX WARN: Type inference failed for: r2v15 */
    /* JADX WARN: Type inference failed for: r2v16, types: [ru.CryptoPro.AdES.external.timestamp.TSPTimeStampValidationProcess, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r2v24 */
    /* JADX WARN: Type inference failed for: r5v25, types: [java.lang.StringBuilder] */
    /* JADX WARN: Type inference failed for: r5v42, types: [ru.CryptoPro.AdES.timestamp.TSPTimeStampValidator, java.util.Set, java.util.Set<java.security.cert.X509CRL>] */
    private void f() throws CAdESException {
        TSPTimeStampValidationProcess enhancedArchiveTimeStampValidationProcessImpl;
        List<TimeStampToken> list;
        Date genTime;
        ?? r2;
        JCPLogger.subEnter();
        List<TimeStampToken> b = ((ru.CryptoPro.CAdES.pc_0.pc_0.cl_2) this.k).b();
        TimeStampValidationException timeStampValidationException = new TimeStampValidationException(CAdESException.ecTimestampInvalid);
        int size = b.size();
        if (size == 0) {
            ?? r22 = CAdESException.ecTimestampInvalid;
            r22.add(new ArchiveTimestampValidationException("No previous archive timestamps have been found! It's not a CAdES-A signature!", r22));
            throw r22;
        }
        JCPLogger.fine("Preparing archive-timestamp attributes...");
        byte[] signature = this.a.getSignature();
        SignerIdentifier a = cl_5.a(this.a);
        int version = this.a.getVersion();
        AlgorithmIdentifier digestAlgorithmID = this.a.getDigestAlgorithmID();
        AlgorithmIdentifier b2 = cl_5.b(this.a);
        ASN1ObjectIdentifier contentType = this.a.getContentType();
        AttributeTable signerSignedAttributes = getSignerSignedAttributes();
        TSPData[] tSPDataArr = new TSPData[size];
        JCPLogger.fine("Validating archive-timestamps: " + size);
        int i = 0;
        int i2 = 0;
        while (i2 < size) {
            TimeStampToken timeStampToken = b.get(i2);
            AttributeTable unsignedAttributes = timeStampToken.getUnsignedAttributes();
            Attribute attribute = unsignedAttributes.get(CAdESParameters.id_aa_ets_ATSHashIndex);
            Attribute attribute2 = attribute == null ? unsignedAttributes.get(CAdESParameters.id_aa_ets_ATSHashIndexV3) : attribute;
            ATSHashIndex a2 = cl_0.a(attribute2);
            a2.setProvider(this.provider);
            JCPLogger.fine("Validating #" + i2 + " : ats-hash-index digest algorithm...");
            String digestAlgorithm = a2.getDigestAlgorithm();
            String aSN1ObjectIdentifier = timeStampToken.getTimeStampInfo().getHashAlgorithm().getAlgorithm().toString();
            if (!digestAlgorithm.equals(aSN1ObjectIdentifier)) {
                TimeStampValidationException timeStampValidationException2 = timeStampValidationException;
                timeStampValidationException2.add(new ArchiveTimestampValidationException("Hash algorithm in ats-hash-index: " + digestAlgorithm + " doesn't match to algorithm in archive-timestamp: " + aSN1ObjectIdentifier, CAdESException.ecCAdESANoIdenticDigAlgFailure));
                throw timeStampValidationException2;
            }
            JCPLogger.fine("Validating #" + i2 + " : archive-timestamp's ats-hash-index...");
            Vector<Attribute> unsignedAttributes2 = CAdESUtility.getUnsignedAttributes(this.a.getUnsignedAttributes());
            JCPLogger.fine("Validating #" + i2 + " : calculating ats-hash-index digest...");
            cl_0 cl_0Var = new cl_0(attribute2.getAttrType().equals(CAdESParameters.id_aa_ets_ATSHashIndexV3));
            cl_0Var.setAttributes(unsignedAttributes2);
            cl_0Var.setDigestAlgorithm(digestAlgorithm);
            cl_0Var.setProvider(this.provider);
            cl_0Var.setArchiveSignatureCertificateToBeHashedStore(this.archiveSignatureCertificateToBeHashedStore);
            cl_0Var.setArchiveSignatureValidationDataToBeHashedStore(this.archiveSignatureValidationDataToBeHashedStore);
            try {
                cl_0Var.validateImprint(a2);
                new TSPTimeStampValidatorImpl();
                JCPLogger.fine("Validating #" + i2 + " : archive-timestamp imprint...");
                byte[] bArr = (byte[]) this.n.get(aSN1ObjectIdentifier);
                if (bArr == null) {
                    Integer[] numArr = new Integer[1];
                    numArr[i] = CAdESException.ecATSHashIndexCreatingFailure;
                    throw new CAdESException("No data hash found", numArr);
                }
                TimeStampValidationException timeStampValidationException3 = timeStampValidationException;
                SignerInfo signerInfo = new SignerInfo(a, digestAlgorithmID, signerSignedAttributes != null ? new DERSet(signerSignedAttributes.toASN1EncodableVector()) : null, b2, new DEROctetString(signature), (ASN1Set) null);
                byte[] bArr2 = signature;
                byte[] bArr3 = signature;
                int i3 = i2;
                List<TimeStampToken> list2 = b;
                int i4 = i;
                Attribute attribute3 = attribute2;
                TSPData[] tSPDataArr2 = tSPDataArr;
                tSPDataArr2[i3] = new TSPArchiveDataImpl(bArr2, bArr, a, b2, digestAlgorithmID, version, contentType, signerSignedAttributes, attribute3, signerInfo);
                tSPDataArr2[i3].setProvider(this.provider);
                JCPLogger.fine("Searching for valid archive timestamp(s)...");
                if (CAdESType.isTimeStampEnhanced(timeStampToken)) {
                    ?? r14 = i3 == size + (-1) ? 1 : i4;
                    JCPLogger.fine(((String) 1) + i3 + ", is last archive timestamp = " + r14);
                    if (r14 != 0) {
                        JCPLogger.fine(((String) 1) + i3 + " as simple archive-timestamp...");
                        enhancedArchiveTimeStampValidationProcessImpl = new ArchiveTimeStampValidationProcessImpl(tSPDataArr2[i3], timeStampToken);
                        genTime = new Date();
                        list = list2;
                    } else {
                        JCPLogger.fine(((String) 1) + i3 + " as enhanced archive-timestamp...");
                        enhancedArchiveTimeStampValidationProcessImpl = new EnhancedArchiveTimeStampValidationProcessImpl(tSPDataArr2[i3], timeStampToken);
                        list = list2;
                        genTime = list.get(i3 + 1).getTimeStampInfo().getGenTime();
                        ((EnhancedArchiveTimeStampValidationProcessImpl) enhancedArchiveTimeStampValidationProcessImpl).setParentalDecoder((ru.CryptoPro.CAdES.pc_0.pc_0.cl_1) this.k);
                    }
                    JCPLogger.fine(((String) 1) + i3 + ", archive validation date = " + genTime);
                    enhancedArchiveTimeStampValidationProcessImpl.setExternalDate(genTime);
                    JCPLogger.fine(((String) 1) + i3 + ", archive validation date = " + genTime);
                    r2 = enhancedArchiveTimeStampValidationProcessImpl;
                } else {
                    if (i3 != size - 1) {
                        Integer[] numArr2 = new Integer[1];
                        numArr2[i4] = CAdESException.ecCAdESAVerifingFailure;
                        throw new CAdESException("Simple archive timestamp can be only the last", numArr2);
                    }
                    JCPLogger.fine(((String) 1) + i3 + " as simple archive-timestamp...");
                    list = list2;
                    r2 = new ArchiveTimeStampValidationProcessImpl(tSPDataArr2[i3], timeStampToken);
                }
                r2.setCertificateValues(this.signatureCertificates);
                ?? r5 = this.signatureCRLs;
                r2.setCRLs(r5);
                try {
                    r5.validate(r2);
                    i2 = i3 + 1;
                    i = i4;
                    b = list;
                    tSPDataArr = tSPDataArr2;
                    signature = bArr3;
                    timeStampValidationException = timeStampValidationException3;
                } catch (AdESException e) {
                    timeStampValidationException3.add(e);
                    throw timeStampValidationException3;
                }
            } catch (AdESException e2) {
                TimeStampValidationException timeStampValidationException4 = timeStampValidationException;
                timeStampValidationException4.add(e2);
                throw timeStampValidationException4;
            }
        }
        List<TimeStampToken> list3 = b;
        int i5 = i;
        TSPData[] tSPDataArr3 = tSPDataArr;
        JCPLogger.fine("Validating of archive-timestamp(s) completed.");
        int i6 = size - 1;
        this.i = new TimeStampData(list3.get(i6), tSPDataArr3[i6]);
        this.h = new TimeStampData(list3.get(i5), tSPDataArr3[i5]);
        JCPLogger.fine("Archive-timestamps have been found!");
        JCPLogger.exit();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // ru.CryptoPro.CAdES.CAdESSignerXLT1Impl, ru.CryptoPro.CAdES.CAdESSignerTImpl, ru.CryptoPro.CAdES.CAdESSignerBESImpl
    public Map<Object, Object> a() throws CAdESException {
        JCPLogger.fine("Preparing attribute parameters (A -> A)...");
        JCPLogger.fine("Looking for an earliest and latest archive-timestamps...");
        if (this.i == null || this.h == null) {
            f();
        }
        Map<Object, Object> a = super.a();
        Vector<Attribute> attributes = CAdESUtility.getAttributes(this.a.getUnsignedAttributes(), CAdESParameters.id_aa_ets_archiveTimestampV3);
        Collections.sort(attributes, ru.CryptoPro.CAdES.pc_0.pc_0.cl_2.e);
        if (!attributes.isEmpty()) {
            JCPLogger.fine("Adding earliest and latest archive timestamps (A -> A)...");
            a.put("LatestArchiveTimeStamp", this.i);
            a.put("EarliestArchiveTimeStamp", this.h);
            JCPLogger.fine("Adding all the archive timestamps (A -> A)...");
            a.put("ArchiveTimeStampVector", attributes);
        }
        return a;
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerXLT1Impl, ru.CryptoPro.CAdES.CAdESSignerTImpl, ru.CryptoPro.CAdES.CAdESSignerBESImpl, ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl
    protected void c() throws CAdESException {
        this.k = new ru.CryptoPro.CAdES.pc_0.pc_0.cl_2(this.a);
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerXLT1Impl
    protected Date d() {
        return this.h.getTimeStampToken().getTimeStampInfo().getGenTime();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerXLT1Impl
    protected void e() throws AdESException {
        JCPLogger.subEnter();
        long time = this.m.getTimeStampToken().getTimeStampInfo().getGenTime().getTime() - this.h.getTimeStampToken().getTimeStampInfo().getGenTime().getTime();
        if (time > 0) {
            throw new AdESException("Generation time of earliest archive-timestamp is less than CAdES-C-timestamp on " + time + " ms", CAdESException.ecCAdESADateMismatch);
        }
        JCPLogger.subExit();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerXLT1Impl, ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.AdES.external.signature.AdESSigner
    protected Date getBuildingDate() {
        return null;
    }

    @Override // ru.CryptoPro.AdES.external.signature.AdESArchSignatureModel
    public List<TimeStampToken> getCAdESArchiveTimestampTokens() {
        return ((ru.CryptoPro.CAdES.pc_0.pc_0.cl_2) this.k).b();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerA
    public TimeStampToken getEarliestArchiveTimeStampToken() {
        return this.h.getTimeStampToken();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerA
    public TimeStampToken getLatestArchiveTimeStampToken() {
        return this.i.getTimeStampToken();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerXLT1Impl, ru.CryptoPro.CAdES.CAdESSignerTImpl, ru.CryptoPro.CAdES.CAdESSignerBESImpl, ru.CryptoPro.CAdES.CAdESSigner, ru.CryptoPro.AdES.external.interfaces.IAdESSigner
    public Integer getSignatureType() {
        return CAdES_A;
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerXLT1Impl, ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.AdES.external.signature.AdESSigner
    protected Date getValidationDate() {
        return null;
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerXLT1Impl, ru.CryptoPro.CAdES.CAdESSignerXLT1
    public void verify() throws CAdESException {
        JCPLogger.subEnter();
        verify(null, null);
        JCPLogger.subExit();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerXLT1Impl, ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.AdES.external.interfaces.IAdESSigner, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    public void verify(Set<X509Certificate> set, Set<X509CRL> set2) throws CAdESException {
        JCPLogger.subEnter();
        verify(set, set2, (Integer) null, true);
        JCPLogger.subExit();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerXLT1Impl, ru.CryptoPro.CAdES.CAdESSignerTImpl, ru.CryptoPro.CAdES.CAdESSignerBESImpl, ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.AdES.external.interfaces.IAdESSigner, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    public void verify(Set<X509Certificate> set, Set<X509CRL> set2, Integer num, boolean z) throws CAdESException {
        Integer num2;
        boolean z2;
        JCPLogger.subEnter();
        JCPLogger.fine("%%% Verifying signer... %%%");
        if (num != null && !num.equals(CAdES_A) && !num.equals(CAdES_X_Long_Type_1) && !num.equals(CAdES_T) && !num.equals(CAdES_BES)) {
            JCPLogger.infoFormat("Signature type '{0}' ignored, default signature type used.", CAdESType.getSignatureTypeName(num));
            num = null;
        }
        if (num == null) {
            num = getSignatureType();
        }
        if (set == null) {
            set = Collections.emptySet();
        }
        Set<X509Certificate> set3 = set;
        Set unmodifiableSet = Collections.unmodifiableSet(this.signatureCertificates);
        this.signatureCertificates.addAll(set3);
        if (set2 == null) {
            set2 = Collections.emptySet();
        }
        Set<X509CRL> set4 = set2;
        this.signatureCRLs.addAll(set4);
        if (num.equals(CAdES_A) && getSignatureType().equals(CAdES_A)) {
            JCPLogger.fine("Validating if archive-timestamps use the same digest algorithms. It allows to ignore calculating of the message-digest...");
            String digestAlgOID = this.a.getDigestAlgOID();
            List<TimeStampToken> b = ((ru.CryptoPro.CAdES.pc_0.pc_0.cl_2) this.k).b();
            boolean z3 = true;
            for (int i = 0; i < b.size(); i++) {
                z3 &= digestAlgOID.equals(b.get(i).getTimeStampInfo().getHashAlgorithm().getAlgorithm().toString());
            }
            if (!z3 && this.e == null) {
                throw new CAdESException("Signature can not be verified. Signer digest algorithm and digest algorithms in archive timestamps are not identical. For enhancing with another digest algorithm detached signature only is allowed.", CAdESException.ecCAdESANoIdenticDigAlgFailure);
            }
            if (!z3 && this.d) {
                throw new CAdESException("Signature can not be verified. Signer digest algorithm and digest algorithms in archive timestamps are not identical and raw digest is set as data. For enhancing with another digest algorithm detached signature with content only is allowed.", CAdESException.ecCAdESANoIdenticDigAlgFailure);
            }
            X509Certificate a = a(unmodifiableSet, set3);
            JCPLogger.fine("Verifying binary signature...");
            verifyCryptographicSignature(a, this.provider);
            JCPLogger.fine("Updating digest table...");
            a(!z3, (String) null, this.provider);
            f();
            num2 = CAdES_X_Long_Type_1;
            z2 = true;
        } else {
            num2 = num;
            z2 = false;
        }
        super.a(set3, set4, num2, z, z2);
        JCPLogger.subExit();
    }
}
