package ru.CryptoPro.CAdES;

import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.ess.OtherCertID;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.cms.CMSAttributeTableGenerator;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.SignerInformationStore;
import org.bouncycastle.tsp.TimeStampToken;
import org.bouncycastle.util.CollectionStore;
import ru.CryptoPro.AdES.certificate.CertificateFinder;
import ru.CryptoPro.AdES.exception.AdESException;
import ru.CryptoPro.AdES.tools.AdESUtility;
import ru.CryptoPro.CAdES.exception.CAdESCMSAttributeTableGenerationException;
import ru.CryptoPro.CAdES.exception.CAdESException;
import ru.CryptoPro.CAdES.timestamp.external.data.TimeStampData;
import ru.CryptoPro.CAdES.tools.CAdESUtility;
import ru.CryptoPro.JCP.tools.JCPLogger;

/* loaded from: classes5.dex */
public class CAdESSignerBESImpl extends CAdESSignerPKCS7Impl implements CAdESSignerBES {
    protected final boolean i;

    /* JADX INFO: Access modifiers changed from: protected */
    public CAdESSignerBESImpl(SignerInformation signerInformation, Integer num, boolean z) throws CAdESException {
        super(signerInformation, num);
        this.i = z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CAdESSignerBESImpl(SignerInformation signerInformation, boolean z) throws CAdESException {
        this(signerInformation, CAdES_BES, z);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map<Object, Object> a() throws CAdESException {
        JCPLogger.fine("Preparing attribute parameters (BES -> T)...");
        HashMap hashMap = new HashMap();
        hashMap.put("encryptedDigest", this.a.getSignature());
        JCPLogger.fine("Adding content-type and digest algorithm id to parameters...");
        hashMap.put("contentType", this.a.getContentType());
        hashMap.put("digestAlgID", this.a.getDigestAlgorithmID());
        return hashMap;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CMSAttributeTableGenerator a(List<X509Certificate> list, String str, String str2, String str3, Integer num, AttributeTable attributeTable, List<TimeStampToken> list2, byte[] bArr, CollectionStore collectionStore, CollectionStore collectionStore2) throws AdESException {
        ru.CryptoPro.CAdES.pc_1.pc_0.cl_5 cl_5Var;
        JCPLogger.fine("Preparing generator for target type: " + num + "...");
        ArrayList arrayList = new ArrayList();
        arrayList.add(CAdESType.CAdES_BES);
        arrayList.add(CAdESType.CAdES_T);
        arrayList.add(CAdESType.CAdES_X_Long_Type_1);
        arrayList.add(CAdESType.CAdES_A);
        arrayList.remove(num);
        if (num.equals(CAdESType.CAdES_X_Long_Type_1)) {
            ru.CryptoPro.CAdES.pc_1.pc_0.cl_6 cl_6Var = new ru.CryptoPro.CAdES.pc_1.pc_0.cl_6(list, str3);
            cl_6Var.a(list2);
            cl_5Var = cl_6Var;
        } else if (num.equals(CAdESType.CAdES_A)) {
            ru.CryptoPro.CAdES.pc_1.pc_0.cl_1 cl_1Var = new ru.CryptoPro.CAdES.pc_1.pc_0.cl_1(list, str3, bArr);
            cl_1Var.a(getSignerSignedAttributes());
            cl_1Var.a(cl_5.a(this.a));
            cl_1Var.a(this.a.getVersion());
            cl_1Var.a(cl_5.b(this.a));
            cl_1Var.a(collectionStore);
            cl_1Var.b(collectionStore2);
            cl_5Var = cl_1Var;
        } else {
            cl_5Var = num.equals(CAdESType.CAdES_T) ? new ru.CryptoPro.CAdES.pc_1.pc_0.cl_5(list, str3) : num.equals(CAdESType.TSA_SIGNATURE_TIME_STAMP) ? new ru.CryptoPro.CAdES.pc_1.pc_0.cl_8(list) : num.equals(CAdESType.TSA_CAdESC_TIME_STAMP) ? new ru.CryptoPro.CAdES.pc_1.pc_0.cl_7(list) : num.equals(CAdESType.TSA_ARCHIVE_TIME_STAMP) ? new ru.CryptoPro.CAdES.pc_1.pc_0.cl_0(list) : null;
        }
        if (cl_5Var == null) {
            throw new CAdESException("Invalid signature type.", CAdESException.ecInternal);
        }
        if (cl_5Var instanceof ru.CryptoPro.CAdES.pc_1.pc_0.cl_6) {
            cl_5Var.setOptions(this.signatureOptions);
        }
        cl_5Var.setDigestAlgorithm(str2);
        cl_5Var.setProvider(str);
        cl_5Var.b(attributeTable);
        cl_5Var.setCertificateValues(this.signatureCertificates);
        cl_5Var.setCRLs(this.signatureCRLs);
        cl_5Var.b(arrayList);
        return cl_5Var;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CAdESSigner a(CMSAttributeTableGenerator cMSAttributeTableGenerator) throws AdESException {
        JCPLogger.fine("Installing generator parameters to signer...");
        CAdESSignerTImpl cl_6Var = cMSAttributeTableGenerator instanceof ru.CryptoPro.CAdES.pc_1.pc_0.cl_0 ? new cl_6(getSignerInfo()) : cMSAttributeTableGenerator instanceof ru.CryptoPro.CAdES.pc_1.pc_0.cl_8 ? new cl_8(getSignerInfo()) : cMSAttributeTableGenerator instanceof ru.CryptoPro.CAdES.pc_1.pc_0.cl_1 ? new CAdESSignerAImpl(getSignerInfo(), true) : cMSAttributeTableGenerator instanceof ru.CryptoPro.CAdES.pc_1.pc_0.cl_6 ? new CAdESSignerXLT1Impl(getSignerInfo(), true) : cMSAttributeTableGenerator instanceof ru.CryptoPro.CAdES.pc_1.pc_0.cl_5 ? new CAdESSignerTImpl(getSignerInfo(), true) : null;
        if (cl_6Var == null) {
            throw new CAdESException("Invalid generator type", CAdESException.ecInternal);
        }
        JCPLogger.fine("Setting global options...");
        cl_6Var.setProvider(this.provider);
        cl_6Var.a(this.signatureCertificates);
        cl_6Var.b(this.signatureCRLs);
        if (this.e != null) {
            cl_6Var.a(this.e);
        }
        cl_6Var.a(this.d);
        cl_6Var.a(this.f);
        cl_6Var.setOptions(this.signatureOptions);
        if (cMSAttributeTableGenerator instanceof ru.CryptoPro.CAdES.pc_1.pc_0.cl_1) {
            JCPLogger.fine("Setting specific A (archive) options...");
            CAdESSignerAImpl cAdESSignerAImpl = (CAdESSignerAImpl) cl_6Var;
            ru.CryptoPro.CAdES.pc_1.pc_0.cl_1 cl_1Var = (ru.CryptoPro.CAdES.pc_1.pc_0.cl_1) cMSAttributeTableGenerator;
            cAdESSignerAImpl.g = cl_1Var.e();
            cAdESSignerAImpl.h = cl_1Var.f();
        }
        if (cMSAttributeTableGenerator instanceof ru.CryptoPro.CAdES.pc_1.pc_0.cl_6) {
            JCPLogger.fine("Setting specific X Long Type 1 options...");
            TimeStampData g = ((ru.CryptoPro.CAdES.pc_1.pc_0.cl_6) cMSAttributeTableGenerator).g();
            if (g != null) {
                ((CAdESSignerXLT1Impl) cl_6Var).l = new TimeStampData(g.getTimeStampToken(), g.getTspData());
            }
        }
        if (cMSAttributeTableGenerator instanceof ru.CryptoPro.CAdES.pc_1.pc_0.cl_5) {
            JCPLogger.fine("Setting specific T options...");
            cl_6Var.k = ((ru.CryptoPro.CAdES.pc_1.pc_0.cl_5) cMSAttributeTableGenerator).j();
        }
        if (cl_6Var instanceof CAdESSignerXLT1) {
            JCPLogger.fine("Setting certificates ands CRL for A (archive) signer...");
            cl_6Var.c(this.archiveSignatureCertificateToBeHashedStore);
            cl_6Var.d(this.archiveSignatureValidationDataToBeHashedStore);
        }
        cl_6Var.b();
        return cl_6Var;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void a(boolean z, Set<X509Certificate> set, Set<X509CRL> set2) throws CAdESException {
        JCPLogger.subEnter();
        if (z) {
            JCPLogger.fine("Verifying counter signers, total: " + this.c.size() + "...");
            Iterator<CAdESSigner> it = this.c.iterator();
            while (it.hasNext()) {
                it.next().verify(set, set2, (Integer) null, true);
            }
            JCPLogger.fine("Counter signers have been verified.");
        }
        JCPLogger.subExit();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean a(String str, Integer num) throws CAdESException {
        boolean equals = this.a.getDigestAlgOID().equals(str);
        if (num.equals(CAdESType.CAdES_A)) {
            JCPLogger.fine("Checking if the same digest algorithm is used for message-digest and future archive-timestamp...");
            if (!equals && this.d) {
                throw new CAdESException("Digest cannot be recalculated because the signed data is being required but raw digest has been set.", CAdESException.ecGetMessageDigestFailure);
            }
            if (!equals) {
                throw new CAdESException("Digest cannot be recalculated for this signature type. If the signature type is CAdES-BES use consecutive enhancing detached BES -> 'X Long Type 1' -> A, or if the signature type is CAdES-T use consecutive enhancing detached T -> 'X Long Type 1' -> A, or create detached signature with type 'X Long Type 1' and enhance it to A, or use the signer's digest algorithm and do not use a new digest algorithm for enhancing. Step 'X Long Type 1' -> A requires 'X Long Type 1' to be detached, so if source BES or T is attached than BufferedCAdESSignature can be used.", CAdESException.ecCAdESANoIdenticDigAlgFailure);
            }
        }
        JCPLogger.fine("Same digest algorithm used: " + equals);
        return equals;
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    public void addCountersigner(SignerInformation signerInformation) throws CAdESException {
        JCPLogger.subEnter();
        JCPLogger.fine("%%% Adding a new counter signer... %%%");
        AttributeTable signedAttributes = signerInformation.getSignedAttributes();
        if (signedAttributes != null && CAdESUtility.getSingleAttribute(signedAttributes, PKCSObjectIdentifiers.pkcs_9_at_contentType) != null) {
            throw new CAdESException("For countersignature signedAttributes field must not contain a content-type attribute", CAdESException.ecSignerWrongCountersignature);
        }
        JCPLogger.fine("Preparing unsigned attribute tables...");
        AttributeTable unsignedAttributes = this.a.getUnsignedAttributes();
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        ASN1EncodableVector aSN1EncodableVector2 = unsignedAttributes == null ? new ASN1EncodableVector() : unsignedAttributes.toASN1EncodableVector();
        JCPLogger.fine("Finding counter-signature attributes...");
        Attribute singleAttribute = CAdESUtility.getSingleAttribute(unsignedAttributes, PKCSObjectIdentifiers.pkcs_9_at_counterSignature);
        ASN1Set aSN1Set = singleAttribute != null ? (ASN1Set) ((ASN1Sequence) singleAttribute.toASN1Object().toASN1Primitive()).getObjectAt(1) : null;
        JCPLogger.fine("Creating counter-signature attribute...");
        Attribute attribute = Attribute.getInstance(new DERSequence(CAdESUtility.getASN1EncodedCounterSigner(aSN1Set, signerInformation)));
        boolean z = false;
        for (int i = 0; i < aSN1EncodableVector2.size(); i++) {
            Attribute attribute2 = (Attribute) aSN1EncodableVector2.get(i);
            if (attribute2.equals(singleAttribute)) {
                JCPLogger.fine("Replacing existing counter-signature attribute...");
                aSN1EncodableVector.add(attribute);
                z = true;
            } else {
                aSN1EncodableVector.add(attribute2);
            }
        }
        if (!z) {
            JCPLogger.fine("Adding first one counter-signature attribute...");
            aSN1EncodableVector.add(attribute);
        }
        JCPLogger.fine("Replacing attributes...");
        replaceUnsignedAttributes(this, new AttributeTable(aSN1EncodableVector));
        JCPLogger.fine("%%% Counter signer has been added %%%");
        JCPLogger.subExit();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.CAdES.CAdESSigner
    public void b() throws AdESException {
        JCPLogger.subEnter();
        JCPLogger.fine("Decoding CAdES-BES signature...");
        super.b();
        this.c.clear();
        SignerInformationStore counterSignatures = this.a.getCounterSignatures();
        if (counterSignatures != null && counterSignatures.size() > 0) {
            Collection<SignerInformation> signers = counterSignatures.getSigners();
            JCPLogger.fine("Found countersignatures: " + signers.size());
            for (SignerInformation signerInformation : signers) {
                CAdESSigner a = CAdESSignerFactory.a(signerInformation, null);
                a.setProvider(this.provider);
                a.a(this.signatureCertificates);
                a.b(this.signatureCRLs);
                a.setOptions(this.signatureOptions);
                if (signerInformation.isCounterSignature()) {
                    a.b();
                }
                this.c.add(a);
            }
        }
        JCPLogger.subExit();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl
    protected void c() throws CAdESException {
        this.j = new ru.CryptoPro.CAdES.pc_0.pc_0.cl_4(this.a);
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    public CAdESSigner enhance(String str, String str2, List<X509Certificate> list, String str3, Integer num) throws CAdESException {
        return enhance(str, str2, list, str3, num, (AttributeTable) null);
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    public CAdESSigner enhance(String str, String str2, List<X509Certificate> list, String str3, Integer num, AttributeTable attributeTable) throws CAdESException {
        return enhance(str, str2, list, null, str3, num, null);
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    public CAdESSigner enhance(String str, String str2, List<X509Certificate> list, Set<X509CRL> set, String str3, Integer num, AttributeTable attributeTable) throws CAdESException {
        JCPLogger.fine("%%% Enhancing signer (BES)... %%%");
        try {
            checkIfCanEnhance(num);
            List<X509Certificate> emptyList = list == null ? Collections.emptyList() : list;
            Set unmodifiableSet = Collections.unmodifiableSet(this.signatureCertificates);
            this.signatureCertificates.addAll(emptyList);
            this.signatureCRLs.addAll(set == null ? Collections.emptySet() : set);
            X509Certificate a = a(unmodifiableSet, emptyList);
            String checkAndGetDigestAlgorithm = AdESUtility.checkAndGetDigestAlgorithm(str2, str, a.getPublicKey());
            if (checkAndGetDigestAlgorithm == null) {
                throw new CAdESException("Digest algorithm has not been found or is not supported by provider " + str, AdESException.ecInternal);
            }
            JCPLogger.fine("Enhancing digest algorithm: " + checkAndGetDigestAlgorithm);
            try {
                List<X509Certificate> build = build(a, str, null);
                if (!num.equals(CAdESType.CAdES_X_Long_Type_1) && !num.equals(CAdESType.CAdES_A)) {
                    validate(build, str, null);
                }
                JCPLogger.fine("Initiating attribute table (BES -> " + CAdESType.getSignatureTypeName(num) + ")...");
                a(checkAndGetDigestAlgorithm, num);
                CMSAttributeTableGenerator a2 = a(build, str, checkAndGetDigestAlgorithm, str3, num, attributeTable, null, null, null, null);
                JCPLogger.fine("Generating attributes...");
                AttributeTable attributes = a2.getAttributes(a());
                JCPLogger.fine("Replacing attributes...");
                replaceUnsignedAttributes(this, attributes);
                CAdESSigner a3 = a(a2);
                JCPLogger.fine("%%% Signer has been enhanced %%%");
                if (a3 instanceof CAdESSignerAImpl) {
                    ((CAdESSignerAImpl) a3).verify();
                }
                return a3;
            } catch (AdESException e) {
                throw new CAdESException(e, e.getErrorCode());
            } catch (CAdESCMSAttributeTableGenerationException e2) {
                throw new CAdESException(e2, e2.getErrorCode());
            }
        } catch (AdESException e3) {
            throw new CAdESException(e3, e3.getErrorCode());
        }
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.AdES.external.signature.AdESSigner
    protected void findSignerCertificate(Collection<X509Certificate> collection, Collection<X509Certificate> collection2) throws AdESException {
        JCPLogger.subEnter();
        OtherCertID otherCertID = (OtherCertID) this.j.getSignerCertificateReference();
        CertificateFinder certificateFinder = new CertificateFinder(collection, collection2);
        this.signerCertificateChain.clear();
        this.signerCertificateChain.add(otherCertID.getIssuerSerial() == null ? certificateFinder.find(otherCertID) : certificateFinder.find(otherCertID.getIssuerSerial()));
        JCPLogger.subExit();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSigner, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    public CAdESSigner[] getCAdESCountersignerInfos() {
        return (CAdESSigner[]) this.c.toArray(new CAdESSigner[this.c.size()]);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.AdES.external.signature.AdESSigner
    public Date getPkupValidationDate() {
        return ((ru.CryptoPro.CAdES.pc_0.pc_0.cl_4) this.j).getSigningTime();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSigner, ru.CryptoPro.AdES.external.interfaces.IAdESSigner
    public Integer getSignatureType() {
        return CAdES_BES;
    }

    @Override // ru.CryptoPro.CAdES.CAdESSigner, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    public AttributeTable getSignerSignedAttributes() {
        return this.a.getSignedAttributes();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSigner, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    public AttributeTable getSignerUnsignedAttributes() {
        return this.a.getUnsignedAttributes();
    }

    @Override // ru.CryptoPro.CAdES.CAdESSignerPKCS7Impl, ru.CryptoPro.AdES.external.interfaces.IAdESSigner, ru.CryptoPro.CAdES.interfaces.external.ICAdESSigner
    public void verify(Set<X509Certificate> set, Set<X509CRL> set2, Integer num, boolean z) throws CAdESException {
        JCPLogger.subEnter();
        JCPLogger.fine("%%% Verifying signer... %%%");
        super.verify(set, set2, (Integer) null, true);
        JCPLogger.fine("Validating the signature identifier...");
        AdESUtility.compareSID2SigningCertificate(this.a.getSID(), (OtherCertID) this.j.getSignerCertificateReference());
        if (!getSignatureType().equals(TSA_CAdESC_TIME_STAMP_SIMPLE) && !getSignatureType().equals(TSA_SIGNATURE_TIME_STAMP_SIMPLE) && !getSignatureType().equals(TSA_ARCHIVE_TIME_STAMP_SIMPLE)) {
            a(z, set, set2);
        }
        JCPLogger.fine("%%% Signer has been verified %%%");
        JCPLogger.subExit();
    }
}
