package pl.unizeto.android.cryptoapi.etsi;

import com.lowagie.text.pdf.PdfBoolean;
import iaik.asn1.ASN1Object;
import iaik.asn1.CodingException;
import iaik.asn1.IA5String;
import iaik.asn1.NULL;
import iaik.asn1.OCTET_STRING;
import iaik.asn1.structures.Attribute;
import iaik.cms.CMSException;
import iaik.cms.SignedDataStream;
import iaik.cms.SignerInfo;
import iaik.cms.attributes.CMSContentType;
import iaik.cms.attributes.CounterSignature;
import iaik.cms.attributes.SigningTime;
import iaik.smime.ess.ContentHints;
import iaik.smime.ess.SigningCertificate;
import iaik.smime.ess.SigningCertificateV2;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import org.apache.commons.codec.EncoderException;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.unizeto.android.cryptoapi.BaseProperties;
import pl.unizeto.android.cryptoapi.ObjectID;
import pl.unizeto.android.cryptoapi.SignProperties;
import pl.unizeto.android.cryptoapi.certificatestoremanager.CertificationPath;
import pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManagerException;
import pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManagerFactory;
import pl.unizeto.android.cryptoapi.exception.PKIErrorCode;
import pl.unizeto.android.cryptoapi.exception.PKIException;
import pl.unizeto.android.cryptoapi.util.cert.CertificateExtensionsSupport;
import pl.unizeto.android.cryptoapi.util.internet.MIMEUtils;
import pl.unizeto.android.cryptoapi.util.policy.ETSIPolicyInfo;
import pl.unizeto.android.cryptoapi.util.policy.PolicyInfoUtil;
import pl.unizeto.pki.electronicsignaturepolicies.SignaturePolicy;
import unizeto.x509.attr.CertificateValues;
import unizeto.x509.attr.CommitmentTypeIndication;
import unizeto.x509.attr.CompleteCertificateRefs;
import unizeto.x509.attr.SignaturePolicyId;

/* loaded from: classes.dex */
class SignerInfoBuilder {
    private static final Logger log = LoggerFactory.getLogger(SignerInfoBuilder.class.getSimpleName());

    SignerInfoBuilder() {
    }

    static void addCertificateValues(SignedDataStream signedDataStream, SignerInfo signerInfo, SignaturePolicy signaturePolicy) throws CertificateException, KeyStoreException, UniCertificateStoreManagerException, IOException, PKIException, NoSuchAlgorithmException, CodingException, InvalidKeyException, NoSuchProviderException {
        CertificationPath certificationPath = UniCertificateStoreManagerFactory.getInstance().getCertificationPath(UniETSIUtils.getCertificate(signedDataStream, signerInfo.getSignerIdentifier()));
        CertificateExtensionsSupport.checkUnsupportedCriticalExtensions(certificationPath.getPath());
        signerInfo.addUnSignedAttribute(new Attribute(ObjectID.id_aa_ets_certValues, new ASN1Object[]{new CertificateValues(certificationPath.toArray()).toASN1Object()}));
    }

    static void addCertificateValues2(SignedDataStream signedDataStream, Object obj, SignaturePolicy signaturePolicy, List<X509Certificate> list) throws NoSuchAlgorithmException, CertificateException, CodingException, PKIException {
        CertificateExtensionsSupport.checkUnsupportedCriticalExtensions(list);
        Attribute attribute = new Attribute(ObjectID.id_aa_ets_certValues, new ASN1Object[]{new CertificateValues((X509Certificate[]) list.toArray(new X509Certificate[0])).toASN1Object()});
        if (obj instanceof SignerInfo) {
            ((SignerInfo) obj).addUnSignedAttribute(attribute);
        } else if (obj instanceof CounterSignature) {
            ((CounterSignature) obj).addUnsignedAttributes(new Attribute[]{attribute});
        }
    }

    private static void addCommitmentTypeIndication(List<Attribute> list, SignProperties signProperties) throws CodingException {
        String property = signProperties.getProperty(SignProperties.COMMITMENT_TYPE_INDICATION, null);
        iaik.asn1.ObjectID objectID = "PROOF_OF_APPROVAL".equals(property) ? CommitmentTypeIndication.proofOfApproval : null;
        if ("PROOF_OF_CREATION".equals(property)) {
            objectID = CommitmentTypeIndication.proofOfCreation;
        }
        if ("PROOF_OF_DELIVERY".equals(property)) {
            objectID = CommitmentTypeIndication.proofOfDelivery;
        }
        if ("PROOF_OF_ORIGIN".equals(property)) {
            objectID = CommitmentTypeIndication.proofOfOrigin;
        }
        if ("PROOF_OF_RECEIPT".equals(property)) {
            objectID = CommitmentTypeIndication.proofOfReceipt;
        }
        if ("PROOF_OF_SENDER".equals(property)) {
            objectID = CommitmentTypeIndication.proofOfSender;
        }
        if (objectID != null) {
            list.add(new Attribute(CommitmentTypeIndication.objectID, new ASN1Object[]{new CommitmentTypeIndication(objectID).toASN1Object()}));
        }
    }

    static void addCompleteCertificateRefs(SignedDataStream signedDataStream, SignerInfo signerInfo, SignaturePolicy signaturePolicy) throws NoSuchAlgorithmException, CodingException, CertificateException, KeyStoreException, UniCertificateStoreManagerException, IOException, PKIException, InvalidKeyException, NoSuchProviderException {
        CertificationPath certificationPath = UniCertificateStoreManagerFactory.getInstance().getCertificationPath(UniETSIUtils.getCertificate(signedDataStream, signerInfo.getSignerIdentifier()));
        CertificateExtensionsSupport.checkUnsupportedCriticalExtensions(certificationPath.getPath());
        signerInfo.addUnSignedAttribute(new Attribute(ObjectID.id_aa_ets_certificaterefs, new ASN1Object[]{new CompleteCertificateRefs(certificationPath.toArray()).toASN1Object()}));
    }

    static void addCompleteCertificateRefs2(SignedDataStream signedDataStream, Object obj, SignaturePolicy signaturePolicy, List<X509Certificate> list) throws NoSuchAlgorithmException, CertificateException, CodingException, PKIException {
        CertificateExtensionsSupport.checkUnsupportedCriticalExtensions(list);
        Attribute attribute = new Attribute(ObjectID.id_aa_ets_certificaterefs, new ASN1Object[]{new CompleteCertificateRefs((X509Certificate[]) list.toArray(new X509Certificate[0])).toASN1Object()});
        if (obj instanceof SignerInfo) {
            ((SignerInfo) obj).addUnSignedAttribute(attribute);
        } else if (obj instanceof CounterSignature) {
            ((CounterSignature) obj).addUnsignedAttributes(new Attribute[]{attribute});
        }
    }

    private static void addMandatorySignedAttributes(Object obj, SignaturePolicy signaturePolicy, iaik.x509.X509Certificate x509Certificate, SignProperties signProperties) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, CertificateException, KeyStoreException, UniCertificateStoreManagerException, CodingException, IOException, PKIException {
        log.debug("Dodawanie obowiązkowych atrybutów podpisanych");
        if (!(obj instanceof SignerInfo) && !(obj instanceof CounterSignature)) {
            throw new IllegalArgumentException("signatureToSign must be instance of SignerInfo or CounterSignature");
        }
        ArrayList arrayList = new ArrayList();
        if (obj instanceof SignerInfo) {
            arrayList.add(new Attribute(new CMSContentType(iaik.asn1.ObjectID.cms_data)));
        }
        boolean z = BooleanUtils.toBoolean(signProperties.getProperty("pl.unizeto.procertum.etsi.useSigningCertificateV2", PdfBoolean.FALSE));
        if (signaturePolicy.getSignPolicyInfo().getSignatureValidationPolicy().getCommonRules().getSignerAndVerifierRules().getSignerRules().getMandatedSignedAttr().getObjectsIDs().contains(SigningCertificateV2.oid)) {
            z = true;
        }
        if (z) {
            arrayList.add(new Attribute(SigningCertificateV2.oid, new ASN1Object[]{((SigningCertificateV2) createSigningCertificate(x509Certificate, signaturePolicy, true)).toASN1Object()}));
        } else {
            arrayList.add(new Attribute(iaik.asn1.ObjectID.signingCertificate, new ASN1Object[]{createSigningCertificate(x509Certificate, signaturePolicy, false).toASN1Object()}));
        }
        boolean z2 = new ETSIPolicyInfo(signaturePolicy).getMandatedSignedAttr().contains(ObjectID.policyId);
        if (!z2 && BooleanUtils.toBoolean(signProperties.getProperty("pl.unizeto.procertum.etsi.forceAddPolicyId", PdfBoolean.FALSE))) {
            z2 = true;
        }
        if (z2) {
            SignaturePolicyId signaturePolicyId = new SignaturePolicyId(signaturePolicy.getSignPolicyInfo().getSignPolicyIdentifier(), signaturePolicy.getSignPolicyHashAlg(), new OCTET_STRING(signaturePolicy.getSignPolicyHash()));
            String policyURL = PolicyInfoUtil.getPolicyURL(signaturePolicy);
            if (policyURL != null) {
                signaturePolicyId.setSigPolicyQualifiers(new IA5String[]{new IA5String(policyURL)});
            }
            arrayList.add(new Attribute(ObjectID.policyId, new ASN1Object[]{signaturePolicyId.toASN1Object()}));
        } else if (BooleanUtils.toBoolean(signProperties.getProperty("pl.unizeto.procertum.etsi.compatibilityMode", PdfBoolean.TRUE))) {
            arrayList.add(new Attribute(ObjectID.policyId, new ASN1Object[]{new NULL()}));
        }
        Attribute[] attributeArr = (Attribute[]) arrayList.toArray(new Attribute[arrayList.size()]);
        if (obj instanceof SignerInfo) {
            ((SignerInfo) obj).addSignedAttributes(attributeArr);
        } else if (obj instanceof CounterSignature) {
            ((CounterSignature) obj).addSignedAttributes(attributeArr);
        }
        log.debug("Dodawanie obowiązkowych atrybutów podpisanych zakończone");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void addSignedAttributes(Object obj, SignaturePolicy signaturePolicy, iaik.x509.X509Certificate x509Certificate, SignProperties signProperties) throws CMSException, NoSuchAlgorithmException, CertificateException, KeyStoreException, UniCertificateStoreManagerException, IOException, PKIException, InvalidKeyException, NoSuchProviderException, CodingException {
        log.debug("Dodawanie atrybutów podpisanych");
        if (!(obj instanceof SignerInfo) && !(obj instanceof CounterSignature)) {
            throw new IllegalArgumentException("signatureToSign must be instance of SignerInfo or CounterSignature");
        }
        addMandatorySignedAttributes(obj, signaturePolicy, x509Certificate, signProperties);
        boolean z = false;
        try {
            Vector<iaik.asn1.ObjectID> objectsIDs = signaturePolicy.getSignPolicyInfo().getSignatureValidationPolicy().getCommonRules().getSignerAndVerifierRules().getSignerRules().getMandatedSignedAttr().getObjectsIDs();
            ArrayList arrayList = new ArrayList();
            Iterator<iaik.asn1.ObjectID> it = objectsIDs.iterator();
            while (it.hasNext()) {
                iaik.asn1.ObjectID next = it.next();
                if (!next.equals(iaik.asn1.ObjectID.messageDigest) && !next.equals(iaik.asn1.ObjectID.contentType)) {
                    if (next.equals(iaik.asn1.ObjectID.signingTime)) {
                        arrayList.add(new Attribute(new SigningTime()));
                    } else if (!next.equals(iaik.asn1.ObjectID.signingCertificate) && !next.equals(SigningCertificateV2.oid) && !next.equals(ObjectID.policyId)) {
                        if (!next.equals(iaik.asn1.ObjectID.contentHint)) {
                            throw new UniETSIException(PKIErrorCode.UNI_ETSI_NOT_SUPPORTED_SIGNATURE_POLICY, next.toString());
                        }
                        String property = signProperties.getProperty(SignProperties.CONTENT_FILENAME);
                        String property2 = signProperties.getProperty(SignProperties.CONTENT_DESCRIPTION);
                        String property3 = signProperties.getProperty(SignProperties.CONTENT_TYPE);
                        if (StringUtils.isBlank(property)) {
                            throw new IllegalArgumentException("Nie ustawiono parametru SignProperties.CONTENT_FILENAME");
                        }
                        String createMimeContentDescription = MIMEUtils.createMimeContentDescription(property, property3, property2);
                        ContentHints contentHints = new ContentHints((iaik.asn1.ObjectID) ObjectID.signedFile);
                        contentHints.setContentDescription(createMimeContentDescription);
                        arrayList.add(new Attribute(contentHints));
                        z = true;
                    }
                }
            }
            if (!z) {
                String property4 = signProperties.getProperty(SignProperties.CONTENT_FILENAME);
                if (StringUtils.isNotBlank(property4)) {
                    String createMimeContentDescription2 = MIMEUtils.createMimeContentDescription(property4, signProperties.getProperty(SignProperties.CONTENT_TYPE), signProperties.getProperty(SignProperties.CONTENT_DESCRIPTION));
                    ContentHints contentHints2 = new ContentHints((iaik.asn1.ObjectID) ObjectID.signedFile);
                    contentHints2.setContentDescription(createMimeContentDescription2);
                    arrayList.add(new Attribute(contentHints2));
                }
            }
            String property5 = signProperties.getProperty(SignProperties.SIGNER_DECLARATION, null);
            if (StringUtils.isNotBlank(property5)) {
                ContentHints contentHints3 = new ContentHints((iaik.asn1.ObjectID) ObjectID.signersDeclaration);
                contentHints3.setContentDescription(property5);
                arrayList.add(new Attribute(contentHints3));
            }
            addCommitmentTypeIndication(arrayList, signProperties);
            Attribute[] attributeArr = (Attribute[]) arrayList.toArray(new Attribute[arrayList.size()]);
            if (obj instanceof SignerInfo) {
                ((SignerInfo) obj).addSignedAttributes(attributeArr);
            } else if (obj instanceof CounterSignature) {
                ((CounterSignature) obj).addSignedAttributes(attributeArr);
            }
            log.debug("Dodawanie atrybutów podpisanych zakończone");
        } catch (CodingException e) {
            log.error("Błąd podczas dodawania atrybutów podpisanych do struktury SignerInfo", (Throwable) e);
            throw new CMSException(e.getMessage());
        } catch (EncoderException e2) {
            log.error("Błąd podczas dodawania atrybutów podpisanych do struktury SignerInfo", (Throwable) e2);
            throw new CMSException(e2.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void addUnsignedAttributes(SignedDataStream signedDataStream, Object obj, SignaturePolicy signaturePolicy, boolean z, iaik.x509.X509Certificate x509Certificate, BaseProperties baseProperties) throws NoSuchAlgorithmException, PKIException, CodingException, CMSException {
        signaturePolicy.getSignPolicyInfo().getSignatureValidationPolicy().getCommonRules().getSignerAndVerifierRules().getSignerRules().getMandatedUnsignedAttr().getObjectsIDs();
        ArrayList arrayList = new ArrayList();
        if (arrayList.isEmpty()) {
            return;
        }
        Attribute[] attributeArr = (Attribute[]) arrayList.toArray(new Attribute[arrayList.size()]);
        if (obj instanceof SignerInfo) {
            ((SignerInfo) obj).setUnsignedAttributes(attributeArr);
        } else if (obj instanceof CounterSignature) {
            ((CounterSignature) obj).setUnsignedAttributes(attributeArr);
        }
    }

    private static SigningCertificate createSigningCertificate(iaik.x509.X509Certificate x509Certificate, SignaturePolicy signaturePolicy, boolean z) throws NoSuchAlgorithmException, CodingException, InvalidKeyException, NoSuchProviderException, CertificateException, KeyStoreException, UniCertificateStoreManagerException, IOException, PKIException {
        try {
            if (signaturePolicy.getSignPolicyInfo().getSignatureValidationPolicy().getCommonRules().getSignerAndVerifierRules().getSignerRules().getMandatedCertificateRef().getCertRefReq() == 1) {
                return z ? new SigningCertificateV2(new Certificate[]{x509Certificate}, true) : new SigningCertificate(new Certificate[]{x509Certificate}, true);
            }
            Vector<X509Certificate> path = UniCertificateStoreManagerFactory.getInstance().getCertificationPath(x509Certificate).getPath();
            iaik.x509.X509Certificate[] x509CertificateArr = new iaik.x509.X509Certificate[path.size()];
            int i = 0;
            Iterator<X509Certificate> it = path.iterator();
            while (it.hasNext()) {
                x509CertificateArr[i] = new iaik.x509.X509Certificate(it.next().getEncoded());
                i++;
            }
            return z ? new SigningCertificateV2((Certificate[]) x509CertificateArr, true) : new SigningCertificate((Certificate[]) x509CertificateArr, true);
        } catch (NullPointerException e) {
            return z ? new SigningCertificateV2(new Certificate[]{x509Certificate}, true) : new SigningCertificate(new Certificate[]{x509Certificate}, true);
        }
    }

    public static Attribute getUnsignedAttribute(Object obj, iaik.asn1.ObjectID objectID) {
        Attribute[] attributeArr = (Attribute[]) null;
        if (obj instanceof SignerInfo) {
            attributeArr = ((SignerInfo) obj).getUnsignedAttributes();
        } else if (obj instanceof CounterSignature) {
            attributeArr = ((CounterSignature) obj).getUnsignedAttributes();
        }
        if (attributeArr == null) {
            return null;
        }
        for (int i = 0; i < attributeArr.length; i++) {
            if (attributeArr[i].getType().equals(objectID)) {
                return attributeArr[i];
            }
        }
        return null;
    }

    public static Attribute[] getUnsignedAttributes(Object obj, iaik.asn1.ObjectID objectID) {
        Attribute[] attributeArr = (Attribute[]) null;
        if (obj instanceof SignerInfo) {
            attributeArr = ((SignerInfo) obj).getUnsignedAttributes();
        } else if (obj instanceof CounterSignature) {
            attributeArr = ((CounterSignature) obj).getUnsignedAttributes();
        }
        if (attributeArr == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < attributeArr.length; i++) {
            if (attributeArr[i].getType().equals(objectID)) {
                arrayList.add(attributeArr[i]);
            }
        }
        return (Attribute[]) arrayList.toArray(new Attribute[arrayList.size()]);
    }

    public static void removeUnSignedAttribute(CounterSignature counterSignature, iaik.asn1.ObjectID objectID) {
        ArrayList arrayList = new ArrayList();
        Attribute[] unsignedAttributes = counterSignature.getUnsignedAttributes();
        if (unsignedAttributes != null) {
            for (int i = 0; i < unsignedAttributes.length; i++) {
                if (!unsignedAttributes[i].getType().equals(objectID)) {
                    arrayList.add(unsignedAttributes[i]);
                }
            }
        }
        counterSignature.setUnsignedAttributes((Attribute[]) arrayList.toArray(new Attribute[arrayList.size()]));
    }
}
