package df.sign.cms;

import df.sign.SignUtils;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.BEROctetString;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.CMSAttributes;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.cms.SignedData;
import org.bouncycastle.asn1.cms.SignerIdentifier;
import org.bouncycastle.asn1.cms.SignerInfo;
import org.bouncycastle.asn1.cms.Time;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.asn1.x509.DigestInfo;
import org.bouncycastle.asn1.x509.TBSCertificateStructure;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cms.CMSProcessable;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.SignerInformationStore;
import org.bouncycastle.util.Store;

/* loaded from: input_file:df/sign/cms/CMSSignedDataWrapper.class */
public class CMSSignedDataWrapper {
    private CMSProcessable content;
    private ArrayList<SignerInfo> signerInfList = new ArrayList<>();
    private ArrayList<ASN1Encodable> certList = new ArrayList<>();
    private ArrayList<ASN1Encodable> crlList = new ArrayList<>();
    private boolean encapsulate = true;

    private static ASN1Set buildSignedAttributes(byte[] bArr, Date date, X509Certificate x509Certificate) throws Exception {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new Attribute(CMSAttributes.contentType, new DERSet(PKCSObjectIdentifiers.data)));
        if (date != null) {
            aSN1EncodableVector.add(new Attribute(CMSAttributes.signingTime, new DERSet(new Time(date))));
        }
        aSN1EncodableVector.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(bArr))));
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        aSN1EncodableVector2.add(new AlgorithmIdentifier(new ASN1ObjectIdentifier(CMSSignedDataGenerator.DIGEST_SHA256), null));
        aSN1EncodableVector2.add(new DEROctetString(SignUtils.calculateHASH(CMSSignedDataGenerator.DIGEST_SHA256, x509Certificate.getEncoded())));
        aSN1EncodableVector.add(new Attribute(PKCSObjectIdentifiers.id_aa_signingCertificateV2, new DERSet(new DERSequence(new DERSequence(new DERSequence(aSN1EncodableVector2))))));
        return new DERSet(aSN1EncodableVector);
    }

    public static byte[] getDataToSign(byte[] bArr, Date date, X509Certificate x509Certificate) throws Exception {
        return buildSignedAttributes(bArr, date, x509Certificate).getEncoded(ASN1Encoding.DER);
    }

    public static byte[] getDigestInfoToSign(String str, byte[] bArr) throws Exception {
        return new DigestInfo(new AlgorithmIdentifier(new ASN1ObjectIdentifier(str), DERNull.INSTANCE), bArr).getEncoded(ASN1Encoding.DER);
    }

    public void addSignerInformation(SignerInformation signerInformation) {
        this.signerInfList.add(signerInformation.toASN1Structure());
    }

    public void addSignerInformation(SignerInformationStore signerInformationStore) {
        Collection<SignerInformation> signers = signerInformationStore.getSigners();
        if (signers != null) {
            Iterator<SignerInformation> it = signers.iterator();
            while (it.hasNext()) {
                addSignerInformation(it.next());
            }
        }
    }

    public void addSignerInformation(String str, String str2, X509Certificate x509Certificate, byte[] bArr) throws Exception {
        addSignerInformation(str, str2, x509Certificate, bArr, null, null);
    }

    public void addSignerInformation(String str, String str2, X509Certificate x509Certificate, byte[] bArr, byte[] bArr2, Date date) throws Exception {
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(new ASN1ObjectIdentifier(str), DERNull.INSTANCE);
        AlgorithmIdentifier algorithmIdentifier2 = str2.equals(CMSSignedDataGenerator.ENCRYPTION_DSA) ? new AlgorithmIdentifier(new ASN1ObjectIdentifier(str2)) : new AlgorithmIdentifier(new ASN1ObjectIdentifier(str2), DERNull.INSTANCE);
        DEROctetString dEROctetString = new DEROctetString(bArr);
        ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(x509Certificate.getTBSCertificate()));
        IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(TBSCertificateStructure.getInstance(aSN1InputStream.readObject()).getIssuer(), x509Certificate.getSerialNumber());
        aSN1InputStream.close();
        ASN1Set aSN1Set = null;
        if (bArr2 != null) {
            aSN1Set = buildSignedAttributes(bArr2, date, x509Certificate);
        }
        this.signerInfList.add(new SignerInfo(new SignerIdentifier(issuerAndSerialNumber), algorithmIdentifier, aSN1Set, algorithmIdentifier2, dEROctetString, (ASN1Set) null));
    }

    public void addCert(byte[] bArr) {
        this.certList.add(Certificate.getInstance(bArr));
    }

    public void addCert(Store<X509CertificateHolder> store) throws Exception {
        if (store == null) {
            return;
        }
        Iterator<X509CertificateHolder> it = store.getMatches(null).iterator();
        while (it.hasNext()) {
            addCert(it.next().getEncoded());
        }
    }

    public void addCrl(byte[] bArr) {
        this.crlList.add(Certificate.getInstance(bArr));
    }

    public void addCrl(Store<X509CRL> store) throws Exception {
        if (store == null) {
            return;
        }
        Iterator<X509CRL> it = store.getMatches(null).iterator();
        while (it.hasNext()) {
            addCert(it.next().getEncoded());
        }
    }

    public void setContent(CMSProcessable cMSProcessable) {
        this.content = cMSProcessable;
    }

    public void setContent(byte[] bArr) {
        this.content = new CMSProcessableByteArray(bArr);
    }

    public void setEncapsulate(boolean z) {
        this.encapsulate = z;
    }

    public CMSSignedData buildCMSSignedData() throws Exception {
        ContentInfo contentInfo;
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        Iterator<SignerInfo> it = this.signerInfList.iterator();
        while (it.hasNext()) {
            SignerInfo next = it.next();
            aSN1EncodableVector.add(next);
            aSN1EncodableVector2.add(next.getDigestAlgorithm());
        }
        DERSet dERSet = null;
        if (this.certList.size() != 0) {
            ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
            Iterator<ASN1Encodable> it2 = this.certList.iterator();
            while (it2.hasNext()) {
                aSN1EncodableVector3.add(it2.next());
            }
            dERSet = new DERSet(aSN1EncodableVector3);
        }
        DERSet dERSet2 = null;
        if (this.crlList.size() != 0) {
            ASN1EncodableVector aSN1EncodableVector4 = new ASN1EncodableVector();
            Iterator<ASN1Encodable> it3 = this.crlList.iterator();
            while (it3.hasNext()) {
                aSN1EncodableVector4.add(it3.next());
            }
            dERSet2 = new DERSet(aSN1EncodableVector4);
        }
        ASN1ObjectIdentifier aSN1ObjectIdentifier = new ASN1ObjectIdentifier(CMSSignedDataGenerator.DATA);
        if (this.encapsulate) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            this.content.write(byteArrayOutputStream);
            contentInfo = new ContentInfo(aSN1ObjectIdentifier, new BEROctetString(byteArrayOutputStream.toByteArray()));
        } else {
            contentInfo = new ContentInfo(aSN1ObjectIdentifier, null);
        }
        return new CMSSignedData(this.content, new ContentInfo(PKCSObjectIdentifiers.signedData, new SignedData(new DERSet(aSN1EncodableVector2), contentInfo, dERSet, dERSet2, new DERSet(aSN1EncodableVector))));
    }
}
