package pl.unizeto.android.cryptoapi.etsi;

import iaik.asn1.structures.AlgorithmID;
import iaik.cms.CMSException;
import iaik.cms.IssuerAndSerialNumber;
import iaik.cms.SignedDataStream;
import iaik.cms.SignerInfo;
import iaik.x509.X509Certificate;
import java.security.PrivateKey;
import java.util.Arrays;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.unizeto.android.cryptoapi.exception.PKIErrorCode;
import pl.unizeto.android.cryptoapi.util.HexUtil;
import pl.unizeto.pki.electronicsignaturepolicies.SignaturePolicy;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class IndependentSignatureListener extends UniSDSEncodeListener {
    private static final Logger log = LoggerFactory.getLogger(IndependentSignatureListener.class.getSimpleName());
    private SignerInfo addedSignerInfo;
    AlgorithmID digestAlg_;
    int mode;
    PrivateKey privateKey;
    private boolean qualified;
    AlgorithmID signatureAlg_;
    SignaturePolicy signaturePolicy;
    X509Certificate signer;

    public IndependentSignatureListener(X509Certificate x509Certificate, PrivateKey privateKey, int i, SignaturePolicy signaturePolicy, boolean z, AlgorithmID algorithmID) {
        this.qualified = false;
        this.mode = 1;
        this.signaturePolicy = signaturePolicy;
        this.qualified = z;
        this.signer = x509Certificate;
        this.digestAlg_ = algorithmID;
        this.privateKey = privateKey;
    }

    public IndependentSignatureListener(X509Certificate x509Certificate, PrivateKey privateKey, int i, SignaturePolicy signaturePolicy, boolean z, AlgorithmID algorithmID, AlgorithmID algorithmID2) {
        this(x509Certificate, privateKey, i, signaturePolicy, z, algorithmID);
        if (algorithmID2 != null) {
            this.signatureAlg_ = algorithmID2;
        }
    }

    private void checkDigests(SignedDataStream signedDataStream) throws UniETSIVerifyException, CMSException {
        if (this.dataDigest == null) {
            throw new IllegalArgumentException("dataDigest is null");
        }
        byte[] signedDigest = signedDataStream.getSignerInfos()[0].getSignedDigest();
        log.debug("First signature hash: " + HexUtil.bytesToHex(signedDigest));
        log.debug("Next signature hash:  " + HexUtil.bytesToHex(this.dataDigest));
        if (!Arrays.equals(signedDigest, this.dataDigest)) {
            throw new UniETSIVerifyException(PKIErrorCode.SIGNED_DATA_DIFFERENT_THAN_INPUT_DATA, new String[0]);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // iaik.cms.SDSEncodeListener
    public void afterComputeSignature(SignedDataStream signedDataStream) throws CMSException {
        try {
            log.debug("Dodawanie atrybutów niepodpisanych");
            SignerInfoBuilder.addUnsignedAttributes(signedDataStream, this.addedSignerInfo, this.signaturePolicy, this.qualified, this.signer, this.signProperties);
            signedDataStream.verify(this.signer.getPublicKey(), signedDataStream.getSignerInfos().length - 1);
        } catch (Exception e) {
            this.exception = e;
            throw new CMSException(e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // iaik.cms.SDSEncodeListener
    public void beforeComputeSignature(SignedDataStream signedDataStream) throws CMSException {
        log.debug("beforeComputeSignature");
        try {
            log.debug("Sprawdzanie czy w podpisie jest conajmniej jeden podpis");
            if (signedDataStream.getSignerInfos().length < 1) {
                throw new UniETSIException(PKIErrorCode.UNI_ETSI_SIGNATURE_NOT_SIGNED, new String[0]);
            }
            checkDigests(signedDataStream);
            log.debug("Dodawanie certyfikatów do podpisu");
            SignedDataBuilder.addCertificates(signedDataStream, this.signer, this.signaturePolicy);
            SignerInfo signerInfo = new SignerInfo(new IssuerAndSerialNumber(this.signer), this.digestAlg_, this.privateKey);
            log.debug("Dodawanie atrybutów podpisanych");
            SignerInfoBuilder.addSignedAttributes(signerInfo, this.signaturePolicy, this.signer, this.signProperties);
            signedDataStream.addSignerInfo(signerInfo);
            this.addedSignerInfo = signerInfo;
        } catch (Exception e) {
            this.exception = e;
            throw new CMSException(e.getMessage());
        }
    }
}
