package io.intino.alexandria.restful.core;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Hashtable;
import java.util.Iterator;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DEREncodableVector;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERUTCTime;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.CMSAttributes;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.cms.SignerIdentifier;
import org.bouncycastle.asn1.cms.SignerInfo;
import org.bouncycastle.asn1.cms.Time;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.TBSCertificateStructure;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedDataGenerator;

/* loaded from: input_file:io/intino/alexandria/restful/core/ExternalSignatureSignerInfoGenerator.class */
public class ExternalSignatureSignerInfoGenerator {
    byte[] signedBytes;
    String digestOID;
    String encOID;
    AttributeTable sAttr = null;
    AttributeTable unsAttr = null;
    ASN1Set signedAttr = null;
    ASN1Set unsignedAttr = null;
    X509Certificate cert = null;

    /* loaded from: input_file:io/intino/alexandria/restful/core/ExternalSignatureSignerInfoGenerator$DigOutputStream.class */
    static class DigOutputStream extends OutputStream {
        MessageDigest dig;

        public DigOutputStream(MessageDigest messageDigest) {
            this.dig = messageDigest;
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr, int i, int i2) throws IOException {
            this.dig.update(bArr, i, i2);
        }

        @Override // java.io.OutputStream
        public void write(int i) throws IOException {
            this.dig.update((byte) i);
        }
    }

    public ExternalSignatureSignerInfoGenerator(String str, String str2) {
        this.digestOID = str;
        this.encOID = str2;
    }

    X509Certificate getCertificate() {
        return this.cert;
    }

    public void setCertificate(X509Certificate x509Certificate) {
        this.cert = x509Certificate;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getDigestAlgOID() {
        return this.digestOID;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] getDigestAlgParams() {
        return null;
    }

    String getEncryptionAlgOID() {
        return this.encOID;
    }

    AttributeTable getSignedAttributes() {
        return this.sAttr;
    }

    AttributeTable getUnsignedAttributes() {
        return this.unsAttr;
    }

    String getDigestAlgName() {
        String digestAlgOID = getDigestAlgOID();
        return CMSSignedDataGenerator.DIGEST_MD5.equals(digestAlgOID) ? "MD5" : CMSSignedDataGenerator.DIGEST_SHA1.equals(digestAlgOID) ? "SHA1" : CMSSignedDataGenerator.DIGEST_SHA224.equals(digestAlgOID) ? "SHA224" : digestAlgOID;
    }

    String getEncryptionAlgName() {
        String encryptionAlgOID = getEncryptionAlgOID();
        return CMSSignedDataGenerator.ENCRYPTION_DSA.equals(encryptionAlgOID) ? "DSA" : CMSSignedDataGenerator.ENCRYPTION_RSA.equals(encryptionAlgOID) ? "RSA" : encryptionAlgOID;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignerInfo generate() throws CertificateEncodingException, IOException {
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(new DERObjectIdentifier(getDigestAlgOID()), new DERNull());
        AlgorithmIdentifier algorithmIdentifier2 = getEncryptionAlgOID().equals(CMSSignedDataGenerator.ENCRYPTION_DSA) ? new AlgorithmIdentifier(new DERObjectIdentifier(getEncryptionAlgOID())) : new AlgorithmIdentifier(new DERObjectIdentifier(getEncryptionAlgOID()), new DERNull());
        DEROctetString dEROctetString = new DEROctetString(this.signedBytes);
        X509Certificate certificate = getCertificate();
        ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(certificate.getTBSCertificate()));
        DERObject readObject = aSN1InputStream.readObject();
        aSN1InputStream.close();
        return new SignerInfo(new SignerIdentifier(new IssuerAndSerialNumber(TBSCertificateStructure.getInstance(readObject).getIssuer(), certificate.getSerialNumber())), algorithmIdentifier, this.signedAttr, algorithmIdentifier2, dEROctetString, this.unsignedAttr);
    }

    public byte[] getBytesToSign(DERObjectIdentifier dERObjectIdentifier, byte[] bArr, String str) throws IOException, SignatureException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException, CertificateEncodingException, CMSException {
        AttributeTable signedAttributes = getSignedAttributes();
        if (signedAttributes != null) {
            DEREncodableVector dEREncodableVector = new DEREncodableVector();
            if (signedAttributes.get(CMSAttributes.contentType) == null) {
                dEREncodableVector.add(new Attribute(CMSAttributes.contentType, new DERSet(dERObjectIdentifier)));
            } else {
                dEREncodableVector.add(signedAttributes.get(CMSAttributes.contentType));
            }
            if (signedAttributes.get(CMSAttributes.signingTime) == null) {
                dEREncodableVector.add(new Attribute(CMSAttributes.signingTime, new DERSet(new Time(new Date()))));
            } else {
                dEREncodableVector.add(signedAttributes.get(CMSAttributes.signingTime));
            }
            dEREncodableVector.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(bArr))));
            Hashtable hashtable = signedAttributes.toHashtable();
            hashtable.remove(CMSAttributes.contentType);
            hashtable.remove(CMSAttributes.signingTime);
            hashtable.remove(CMSAttributes.messageDigest);
            Iterator it = hashtable.values().iterator();
            while (it.hasNext()) {
                dEREncodableVector.add(Attribute.getInstance(it.next()));
            }
            this.signedAttr = new DERSet(dEREncodableVector);
        } else {
            DEREncodableVector dEREncodableVector2 = new DEREncodableVector();
            dEREncodableVector2.add(new Attribute(CMSAttributes.contentType, new DERSet(dERObjectIdentifier)));
            dEREncodableVector2.add(new Attribute(CMSAttributes.signingTime, new DERSet(new DERUTCTime(new Date()))));
            dEREncodableVector2.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(bArr))));
            this.signedAttr = new DERSet(dEREncodableVector2);
        }
        AttributeTable unsignedAttributes = getUnsignedAttributes();
        if (unsignedAttributes != null) {
            Iterator it2 = unsignedAttributes.toHashtable().values().iterator();
            DEREncodableVector dEREncodableVector3 = new DEREncodableVector();
            while (it2.hasNext()) {
                dEREncodableVector3.add(Attribute.getInstance(it2.next()));
            }
            this.unsignedAttr = new DERSet(dEREncodableVector3);
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
        dEROutputStream.writeObject(this.signedAttr);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        dEROutputStream.close();
        return byteArray;
    }

    public void setSignedBytes(byte[] bArr) {
        this.signedBytes = bArr;
    }
}
