package pl.unizeto.android.cryptoapi.etsi;

import iaik.asn1.CodingException;
import iaik.asn1.ObjectID;
import iaik.asn1.structures.AlgorithmID;
import iaik.asn1.structures.Attribute;
import iaik.cms.CMSException;
import iaik.cms.IssuerAndSerialNumber;
import iaik.cms.SignedDataStream;
import iaik.cms.SignerInfo;
import iaik.cms.attributes.CounterSignature;
import iaik.security.provider.IAIK;
import iaik.x509.X509Certificate;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManagerException;
import pl.unizeto.android.cryptoapi.exception.PKIErrorCode;
import pl.unizeto.android.cryptoapi.exception.PKIException;
import pl.unizeto.pki.electronicsignaturepolicies.SignaturePolicy;

/* loaded from: classes.dex */
class CounterSignatureListener extends UniSDSEncodeListener {
    private static final Logger log = LoggerFactory.getLogger(CounterSignatureListener.class.getSimpleName());
    X509Certificate certOfSignerToBeCounterSigned;
    X509Certificate counterSigner;
    AlgorithmID digestAlg;
    int idToBeCounterSigned;
    PrivateKey privateKey;
    private boolean qualified;
    AlgorithmID signatureAlg;
    boolean signatureFound;
    int signatureIndex;
    SignaturePolicy signaturePolicy;

    CounterSignatureListener() {
        this.idToBeCounterSigned = -1;
        this.signatureIndex = -1;
        this.signatureFound = false;
        this.signatureAlg = AlgorithmID.rsaEncryption;
    }

    public CounterSignatureListener(X509Certificate x509Certificate, PrivateKey privateKey, SignaturePolicy signaturePolicy, boolean z, AlgorithmID algorithmID, int i) {
        this(x509Certificate, privateKey, signaturePolicy, z, algorithmID, null, i);
    }

    public CounterSignatureListener(X509Certificate x509Certificate, PrivateKey privateKey, SignaturePolicy signaturePolicy, boolean z, AlgorithmID algorithmID, AlgorithmID algorithmID2, int i) {
        this();
        this.counterSigner = x509Certificate;
        this.digestAlg = algorithmID;
        this.privateKey = privateKey;
        this.idToBeCounterSigned = i;
        this.signaturePolicy = signaturePolicy;
        this.qualified = z;
        if (algorithmID2 != null) {
            this.signatureAlg = algorithmID2;
        }
    }

    private CounterSignature counterSign(SignedDataStream signedDataStream, Object obj) throws SignatureException, CMSException, InvalidKeyException, NoSuchAlgorithmException, CertificateException, KeyStoreException, UniCertificateStoreManagerException, NoSuchProviderException, IOException, PKIException, CodingException {
        log.debug("Generowanie struktury kontrasygnaty");
        CounterSignature counterSignature = new CounterSignature(new IssuerAndSerialNumber(this.counterSigner), this.digestAlg, this.signatureAlg, this.privateKey);
        SignerInfoBuilder.addSignedAttributes(counterSignature, this.signaturePolicy, this.counterSigner, this.signProperties);
        SignedDataBuilder.addCertificate(signedDataStream, this.counterSigner);
        if (obj instanceof SignerInfo) {
            counterSignature.counterSign((SignerInfo) obj);
        } else if (obj instanceof CounterSignature) {
            counterSignature.counterSign((CounterSignature) obj);
        }
        SignerInfoBuilder.addUnsignedAttributes(signedDataStream, counterSignature, this.signaturePolicy, this.qualified, this.counterSigner, this.signProperties);
        if (obj instanceof SignerInfo) {
            counterSignature.verify(this.counterSigner.getPublicKey(), (SignerInfo) obj);
        } else if (obj instanceof CounterSignature) {
            counterSignature.verify(this.counterSigner.getPublicKey(), (CounterSignature) obj);
        }
        log.debug("Generowanie struktury kontrasygnaty zakończone");
        return counterSignature;
    }

    private void searchAndCounterSign(SignedDataStream signedDataStream) throws SignatureException, CMSException, CodingException, UniCertificateStoreManagerException, CertificateException, PKIException, IOException, InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException {
        if (new IAIK().getVersion() < 3.16d) {
            throw new RuntimeException("Nieobsługiwana wersja biblioteki IAIK JCE. Wymagana wersja 3.16 lub wyższa");
        }
        Object searchForSignById = UniETSIUtils.searchForSignById(signedDataStream, this.idToBeCounterSigned);
        if (searchForSignById instanceof SignerInfo) {
            ((SignerInfo) searchForSignById).addUnSignedAttribute(new Attribute(counterSign(signedDataStream, searchForSignById)));
        } else {
            if (!(searchForSignById instanceof CounterSignature)) {
                throw new UniETSIException(PKIErrorCode.UNI_ETSI_SPECIFIED_SIGNATURE_ID_NOT_FOUND, Integer.toString(this.idToBeCounterSigned));
            }
            ((CounterSignature) searchForSignById).addUnsignedAttributes(new Attribute[]{new Attribute(counterSign(signedDataStream, searchForSignById))});
        }
    }

    private void searchAndCounterSign(SignedDataStream signedDataStream, CounterSignature counterSignature) throws UniCertificateStoreManagerException, PKIException, CertificateException, CodingException, IOException, SignatureException, CMSException, InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException {
        Attribute[] unsignedAttributes = SignerInfoBuilder.getUnsignedAttributes(counterSignature, ObjectID.countersignature);
        if (unsignedAttributes != null) {
            for (int i = 0; i < unsignedAttributes.length; i++) {
                CounterSignature counterSignature2 = (CounterSignature) unsignedAttributes[i].getAttributeValue();
                this.signatureIndex++;
                if (this.idToBeCounterSigned == this.signatureIndex) {
                    this.signatureFound = true;
                    log.debug("Znaleziono podpis o id = " + this.idToBeCounterSigned + " (CounterSignature)");
                    counterSignature2.addUnsignedAttributes(new Attribute[]{new Attribute(counterSign(signedDataStream, counterSignature2))});
                    unsignedAttributes[i] = new Attribute(counterSignature2);
                } else {
                    searchAndCounterSign(signedDataStream, counterSignature2);
                    unsignedAttributes[i] = new Attribute(counterSignature2);
                }
            }
            SignerInfoBuilder.removeUnSignedAttribute(counterSignature, ObjectID.countersignature);
            counterSignature.addUnsignedAttributes(unsignedAttributes);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // iaik.cms.SDSEncodeListener
    public void afterComputeSignature(SignedDataStream signedDataStream) throws CMSException {
        log.debug("Sprawdzanie czy w strukturze jest conajmniej jeden podpis");
        if (signedDataStream.getSignerInfos().length < 1) {
            this.exception = new UniETSIException(PKIErrorCode.UNI_ETSI_SIGNATURE_NOT_SIGNED, new String[0]);
            throw new CMSException("Brak SignerInfos w strukturze");
        }
        if (this.idToBeCounterSigned > -1) {
            log.debug("Wykonywanie kontrasygnaty podpisu o id " + this.idToBeCounterSigned);
            try {
                searchAndCounterSign(signedDataStream);
                return;
            } catch (Exception e) {
                log.error("Błąd podczas generowania kontrasygnaty", (Throwable) e);
                this.exception = e;
                throw new CMSException("Błąd podczas generowania kontrasygnaty: " + e.getMessage());
            }
        }
        log.debug("Wykonywanie kontrasygnaty wszystkich podpisów (z pominięciem kontrasygnat)");
        try {
            for (SignerInfo signerInfo : signedDataStream.getSignerInfos()) {
                signerInfo.addUnsignedAttributes(new Attribute[]{new Attribute(counterSign(signedDataStream, signerInfo))});
            }
        } catch (Exception e2) {
            log.error("Błąd podczas generowania kontrasygnaty", (Throwable) e2);
            this.exception = e2;
            throw new CMSException("Błąd podczas generowania kontrasygnaty: " + e2.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // iaik.cms.SDSEncodeListener
    public void beforeComputeSignature(SignedDataStream signedDataStream) throws CMSException {
    }

    public X509Certificate getCertOfSignerToBeCounterSigned() {
        return this.certOfSignerToBeCounterSigned;
    }

    public void setCertOfSignerToBeCounterSigned(X509Certificate x509Certificate) {
        this.certOfSignerToBeCounterSigned = x509Certificate;
    }
}
