package org.bouncycastle.cms;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.RSAPrivateKey;
import java.util.ArrayList;
import java.util.Date;
import java.util.Hashtable;
import java.util.Iterator;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.BERConstructedOctetString;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERUTCTime;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.CMSAttributes;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.cms.SignedData;
import org.bouncycastle.asn1.cms.SignerIdentifier;
import org.bouncycastle.asn1.cms.SignerInfo;
import org.bouncycastle.asn1.cms.Time;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.CertificateList;
import org.bouncycastle.asn1.x509.TBSCertificateStructure;
import org.bouncycastle.asn1.x509.X509CertificateStructure;

/* loaded from: input_file:org/bouncycastle/cms/CMSSignedDataGenerator.class */
public class CMSSignedDataGenerator {
    CertStore certStore;
    ArrayList certs = new ArrayList();
    ArrayList crls = new ArrayList();
    ArrayList signerInfs = new ArrayList();
    ArrayList signers = new ArrayList();
    public static final String DIGEST_SHA1 = "1.3.14.3.2.26";
    public static final String DIGEST_MD5 = "1.2.840.113549.2.5";
    public static final String ENCRYPTION_RSA = "1.2.840.113549.1.1.1";
    public static final String ENCRYPTION_DSA = "1.2.840.10040.4.3";

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/bouncycastle/cms/CMSSignedDataGenerator$DigOutputStream.class */
    public static class DigOutputStream extends OutputStream {
        MessageDigest dig;

        public DigOutputStream(MessageDigest messageDigest) {
            this.dig = messageDigest;
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr, int i, int i2) throws IOException {
            this.dig.update(bArr, i, i2);
        }

        @Override // java.io.OutputStream
        public void write(int i) throws IOException {
            this.dig.update((byte) i);
        }
    }

    /* loaded from: input_file:org/bouncycastle/cms/CMSSignedDataGenerator$SigOutputStream.class */
    static class SigOutputStream extends OutputStream {
        Signature sig;

        public SigOutputStream(Signature signature) {
            this.sig = signature;
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr, int i, int i2) throws IOException {
            try {
                this.sig.update(bArr, i, i2);
            } catch (SignatureException e) {
                throw new IOException(new StringBuffer().append("signature problem: ").append(e).toString());
            }
        }

        @Override // java.io.OutputStream
        public void write(int i) throws IOException {
            try {
                this.sig.update((byte) i);
            } catch (SignatureException e) {
                throw new IOException(new StringBuffer().append("signature problem: ").append(e).toString());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/bouncycastle/cms/CMSSignedDataGenerator$SignerInf.class */
    public class SignerInf {
        PrivateKey key;
        X509Certificate cert;
        String digestOID;
        String encOID;
        AttributeTable sAttr;
        AttributeTable unsAttr;
        private final CMSSignedDataGenerator this$0;

        SignerInf(CMSSignedDataGenerator cMSSignedDataGenerator, PrivateKey privateKey, X509Certificate x509Certificate, String str, String str2) {
            this.this$0 = cMSSignedDataGenerator;
            this.key = privateKey;
            this.cert = x509Certificate;
            this.digestOID = str;
            this.encOID = str2;
        }

        SignerInf(CMSSignedDataGenerator cMSSignedDataGenerator, PrivateKey privateKey, X509Certificate x509Certificate, String str, String str2, AttributeTable attributeTable, AttributeTable attributeTable2) {
            this.this$0 = cMSSignedDataGenerator;
            this.key = privateKey;
            this.cert = x509Certificate;
            this.digestOID = str;
            this.encOID = str2;
            this.sAttr = attributeTable;
            this.unsAttr = attributeTable2;
        }

        PrivateKey getKey() {
            return this.key;
        }

        X509Certificate getCertificate() {
            return this.cert;
        }

        String getDigestAlgOID() {
            return this.digestOID;
        }

        byte[] getDigestAlgParams() {
            return null;
        }

        String getEncryptionAlgOID() {
            return this.encOID;
        }

        AttributeTable getSignedAttributes() {
            return this.sAttr;
        }

        AttributeTable getUnsignedAttributes() {
            return this.unsAttr;
        }

        String getDigestAlgName() {
            String digestAlgOID = getDigestAlgOID();
            return "1.2.840.113549.2.5".equals(digestAlgOID) ? "MD5" : "1.3.14.3.2.26".equals(digestAlgOID) ? "SHA1" : digestAlgOID;
        }

        String getEncryptionAlgName() {
            String encryptionAlgOID = getEncryptionAlgOID();
            return "1.2.840.10040.4.3".equals(encryptionAlgOID) ? "DSA" : "1.2.840.113549.1.1.1".equals(encryptionAlgOID) ? "RSA" : encryptionAlgOID;
        }

        SignerInfo toSignerInfo(DERObjectIdentifier dERObjectIdentifier, CMSProcessable cMSProcessable, String str) throws IOException, SignatureException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException, CertificateEncodingException, CMSException {
            Signature signature;
            MessageDigest messageDigest;
            DERSet dERSet;
            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(new DERObjectIdentifier(getDigestAlgOID()), new DERNull());
            AlgorithmIdentifier algorithmIdentifier2 = getEncryptionAlgOID().equals("1.2.840.10040.4.3") ? new AlgorithmIdentifier(new DERObjectIdentifier(getEncryptionAlgOID())) : new AlgorithmIdentifier(new DERObjectIdentifier(getEncryptionAlgOID()), new DERNull());
            DERSet dERSet2 = null;
            if (str != null) {
                signature = Signature.getInstance(new StringBuffer().append(getDigestAlgName()).append("with").append(getEncryptionAlgName()).toString(), str);
                messageDigest = MessageDigest.getInstance(getDigestAlgName(), str);
            } else {
                signature = Signature.getInstance(new StringBuffer().append(getDigestAlgName()).append("with").append(getEncryptionAlgName()).toString());
                messageDigest = MessageDigest.getInstance(getDigestAlgName());
            }
            cMSProcessable.write(new DigOutputStream(messageDigest));
            byte[] digest = messageDigest.digest();
            AttributeTable signedAttributes = getSignedAttributes();
            if (signedAttributes != null) {
                ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                if (signedAttributes.get(CMSAttributes.contentType) == null) {
                    aSN1EncodableVector.add(new Attribute(CMSAttributes.contentType, new DERSet(dERObjectIdentifier)));
                } else {
                    aSN1EncodableVector.add(signedAttributes.get(CMSAttributes.contentType));
                }
                if (signedAttributes.get(CMSAttributes.signingTime) == null) {
                    aSN1EncodableVector.add(new Attribute(CMSAttributes.signingTime, new DERSet(new Time(new Date()))));
                } else {
                    aSN1EncodableVector.add(signedAttributes.get(CMSAttributes.signingTime));
                }
                aSN1EncodableVector.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(digest))));
                Hashtable hashtable = signedAttributes.toHashtable();
                hashtable.remove(CMSAttributes.contentType);
                hashtable.remove(CMSAttributes.signingTime);
                hashtable.remove(CMSAttributes.messageDigest);
                Iterator it = hashtable.values().iterator();
                while (it.hasNext()) {
                    aSN1EncodableVector.add(Attribute.getInstance(it.next()));
                }
                dERSet = new DERSet(aSN1EncodableVector);
            } else {
                ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
                aSN1EncodableVector2.add(new Attribute(CMSAttributes.contentType, new DERSet(dERObjectIdentifier)));
                aSN1EncodableVector2.add(new Attribute(CMSAttributes.signingTime, new DERSet(new DERUTCTime(new Date()))));
                aSN1EncodableVector2.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(digest))));
                dERSet = new DERSet(aSN1EncodableVector2);
            }
            AttributeTable unsignedAttributes = getUnsignedAttributes();
            if (unsignedAttributes != null) {
                Iterator it2 = unsignedAttributes.toHashtable().values().iterator();
                ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
                while (it2.hasNext()) {
                    aSN1EncodableVector3.add(Attribute.getInstance(it2.next()));
                }
                dERSet2 = new DERSet(aSN1EncodableVector3);
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new DEROutputStream(byteArrayOutputStream).writeObject(dERSet);
            signature.initSign(this.key);
            signature.update(byteArrayOutputStream.toByteArray());
            DEROctetString dEROctetString = new DEROctetString(signature.sign());
            X509Certificate certificate = getCertificate();
            return new SignerInfo(new SignerIdentifier(new IssuerAndSerialNumber(TBSCertificateStructure.getInstance(new ASN1InputStream(new ByteArrayInputStream(certificate.getTBSCertificate())).readObject()).getIssuer(), certificate.getSerialNumber())), algorithmIdentifier, dERSet, algorithmIdentifier2, dEROctetString, dERSet2);
        }
    }

    public void addSigner(PrivateKey privateKey, X509Certificate x509Certificate, String str) throws IllegalArgumentException {
        String str2 = null;
        if (privateKey instanceof RSAPrivateKey) {
            str2 = "1.2.840.113549.1.1.1";
        } else if (privateKey instanceof DSAPrivateKey) {
            str2 = "1.2.840.10040.4.3";
            if (!str.equals("1.3.14.3.2.26")) {
                throw new IllegalArgumentException("can't mix DSA with anything but SHA1");
            }
        }
        this.signerInfs.add(new SignerInf(this, privateKey, x509Certificate, str, str2));
    }

    public void addSigner(PrivateKey privateKey, X509Certificate x509Certificate, String str, AttributeTable attributeTable, AttributeTable attributeTable2) throws IllegalArgumentException {
        String str2 = null;
        if (privateKey instanceof RSAPrivateKey) {
            str2 = "1.2.840.113549.1.1.1";
        } else if (privateKey instanceof DSAPrivateKey) {
            str2 = "1.2.840.10040.4.3";
            if (!str.equals("1.3.14.3.2.26")) {
                throw new IllegalArgumentException("can't mix DSA with anything but SHA1");
            }
        }
        this.signerInfs.add(new SignerInf(this, privateKey, x509Certificate, str, str2, attributeTable, attributeTable2));
    }

    public void addSigners(SignerInformationStore signerInformationStore) {
        Iterator it = signerInformationStore.getSigners().iterator();
        while (it.hasNext()) {
            this.signers.add(it.next());
        }
    }

    public void addCertificatesAndCRLs(CertStore certStore) throws CertStoreException, CMSException {
        try {
            Iterator<? extends Certificate> it = certStore.getCertificates(null).iterator();
            while (it.hasNext()) {
                this.certs.add(new X509CertificateStructure(makeObj(((X509Certificate) it.next()).getEncoded())));
            }
            try {
                Iterator<? extends CRL> it2 = certStore.getCRLs(null).iterator();
                while (it2.hasNext()) {
                    this.crls.add(new CertificateList(makeObj(((X509CRL) it2.next()).getEncoded())));
                }
            } catch (IOException e) {
                throw new CMSException("error processing crls", e);
            } catch (CRLException e2) {
                throw new CMSException("error encoding crls", e2);
            }
        } catch (IOException e3) {
            throw new CMSException("error processing certs", e3);
        } catch (CertificateEncodingException e4) {
            throw new CMSException("error encoding certs", e4);
        }
    }

    private DERObject makeObj(byte[] bArr) throws IOException {
        if (bArr == null) {
            return null;
        }
        return new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject();
    }

    private AlgorithmIdentifier makeAlgId(String str, byte[] bArr) throws IOException {
        return bArr != null ? new AlgorithmIdentifier(new DERObjectIdentifier(str), makeObj(bArr)) : new AlgorithmIdentifier(new DERObjectIdentifier(str), new DERNull());
    }

    public CMSSignedData generate(CMSProcessable cMSProcessable, String str) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException {
        return generate(cMSProcessable, false, str);
    }

    public CMSSignedData generate(CMSProcessable cMSProcessable, boolean z, String str) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException {
        ContentInfo contentInfo;
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        Iterator it = this.signers.iterator();
        while (it.hasNext()) {
            SignerInformation signerInformation = (SignerInformation) it.next();
            try {
                aSN1EncodableVector.add(makeAlgId(signerInformation.getDigestAlgOID(), signerInformation.getDigestAlgParams()));
                aSN1EncodableVector2.add(signerInformation.toSignerInfo());
            } catch (IOException e) {
                throw new CMSException("encoding error.", e);
            }
        }
        Iterator it2 = this.signerInfs.iterator();
        while (it2.hasNext()) {
            SignerInf signerInf = (SignerInf) it2.next();
            try {
                aSN1EncodableVector.add(makeAlgId(signerInf.getDigestAlgOID(), signerInf.getDigestAlgParams()));
                aSN1EncodableVector2.add(signerInf.toSignerInfo(PKCSObjectIdentifiers.data, cMSProcessable, str));
            } catch (IOException e2) {
                throw new CMSException("encoding error.", e2);
            } catch (InvalidKeyException e3) {
                throw new CMSException("key inappropriate for signature.", e3);
            } catch (SignatureException e4) {
                throw new CMSException("error creating signature.", e4);
            } catch (CertificateEncodingException e5) {
                throw new CMSException("error creating sid.", e5);
            }
        }
        DERSet dERSet = null;
        if (this.certs.size() != 0) {
            ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
            Iterator it3 = this.certs.iterator();
            while (it3.hasNext()) {
                aSN1EncodableVector3.add((DEREncodable) it3.next());
            }
            dERSet = new DERSet(aSN1EncodableVector3);
        }
        DERSet dERSet2 = null;
        if (this.crls.size() != 0) {
            ASN1EncodableVector aSN1EncodableVector4 = new ASN1EncodableVector();
            Iterator it4 = this.crls.iterator();
            while (it4.hasNext()) {
                aSN1EncodableVector4.add((DEREncodable) it4.next());
            }
            dERSet2 = new DERSet(aSN1EncodableVector4);
        }
        if (z) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                cMSProcessable.write(byteArrayOutputStream);
                contentInfo = new ContentInfo(PKCSObjectIdentifiers.data, new BERConstructedOctetString(byteArrayOutputStream.toByteArray()));
            } catch (IOException e6) {
                throw new CMSException("encapsulation error.", e6);
            }
        } else {
            contentInfo = new ContentInfo(PKCSObjectIdentifiers.data, (DEREncodable) null);
        }
        return new CMSSignedData(cMSProcessable, new ContentInfo(PKCSObjectIdentifiers.signedData, new SignedData(new DERSet(aSN1EncodableVector), contentInfo, dERSet, dERSet2, new DERSet(aSN1EncodableVector2))));
    }
}
