package io.intino.alexandria.restaccessor.core;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.BERConstructedOctetString;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DEREncodableVector;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.cms.SignedData;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.CertificateList;
import org.bouncycastle.asn1.x509.X509CertificateStructure;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSProcessable;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataGenerator;

/* loaded from: input_file:io/intino/alexandria/restaccessor/core/ExternalSignatureCMSSignedDataGenerator.class */
public class ExternalSignatureCMSSignedDataGenerator {
    private ArrayList<Object> certs = new ArrayList<>();
    private ArrayList<Object> crls = new ArrayList<>();
    private ArrayList<Object> signerInfs = new ArrayList<>();

    public void addCertificatesAndCRLs(CertStore certStore) throws CertStoreException, CMSException {
        try {
            Iterator<? extends Certificate> it = certStore.getCertificates(null).iterator();
            while (it.hasNext()) {
                this.certs.add(new X509CertificateStructure(makeObj(((X509Certificate) it.next()).getEncoded())));
            }
            try {
                Iterator<? extends CRL> it2 = certStore.getCRLs(null).iterator();
                while (it2.hasNext()) {
                    this.crls.add(new CertificateList(makeObj(((X509CRL) it2.next()).getEncoded())));
                }
            } catch (IOException e) {
                throw new CMSException("error processing crls", e);
            } catch (CRLException e2) {
                throw new CMSException("error encoding crls", e2);
            }
        } catch (IOException e3) {
            throw new CMSException("error processing certs", e3);
        } catch (CertificateEncodingException e4) {
            throw new CMSException("error encoding certs", e4);
        }
    }

    private DERObject makeObj(byte[] bArr) throws IOException {
        if (bArr == null) {
            return null;
        }
        ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(bArr));
        DERObject readObject = aSN1InputStream.readObject();
        aSN1InputStream.close();
        return readObject;
    }

    private AlgorithmIdentifier makeAlgId(String str, byte[] bArr) throws IOException {
        return bArr != null ? new AlgorithmIdentifier(new DERObjectIdentifier(str), makeObj(bArr)) : new AlgorithmIdentifier(new DERObjectIdentifier(str), new DERNull());
    }

    public void addSignerInf(ExternalSignatureSignerInfoGenerator externalSignatureSignerInfoGenerator) {
        this.signerInfs.add(externalSignatureSignerInfoGenerator);
    }

    public CMSSignedData generate(CMSProcessable cMSProcessable, boolean z) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException, InvalidAlgorithmParameterException, CertStoreException {
        ContentInfo contentInfo;
        DEREncodableVector dEREncodableVector = new DEREncodableVector();
        DEREncodableVector dEREncodableVector2 = new DEREncodableVector();
        DERObjectIdentifier dERObjectIdentifier = new DERObjectIdentifier(CMSSignedDataGenerator.DATA);
        DERSet dERSet = null;
        Iterator<Object> it = this.signerInfs.iterator();
        while (it.hasNext()) {
            ExternalSignatureSignerInfoGenerator externalSignatureSignerInfoGenerator = (ExternalSignatureSignerInfoGenerator) it.next();
            try {
                dEREncodableVector2.add(makeAlgId(externalSignatureSignerInfoGenerator.getDigestAlgOID(), externalSignatureSignerInfoGenerator.getDigestAlgParams()));
                dEREncodableVector.add(externalSignatureSignerInfoGenerator.generate());
            } catch (IOException e) {
                throw new CMSException("encoding error.", e);
            } catch (CertificateEncodingException e2) {
                throw new CMSException("error creating sid.", e2);
            }
        }
        if (this.certs.size() != 0) {
            DEREncodableVector dEREncodableVector3 = new DEREncodableVector();
            Iterator<Object> it2 = this.certs.iterator();
            while (it2.hasNext()) {
                dEREncodableVector3.add((DEREncodable) it2.next());
            }
            dERSet = new DERSet(dEREncodableVector3);
        }
        DERSet dERSet2 = null;
        if (this.crls.size() != 0) {
            DEREncodableVector dEREncodableVector4 = new DEREncodableVector();
            Iterator<Object> it3 = this.crls.iterator();
            while (it3.hasNext()) {
                dEREncodableVector4.add((DEREncodable) it3.next());
            }
            dERSet2 = new DERSet(dEREncodableVector4);
        }
        if (z) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                cMSProcessable.write(byteArrayOutputStream);
                contentInfo = new ContentInfo(dERObjectIdentifier, new BERConstructedOctetString(byteArrayOutputStream.toByteArray()));
            } catch (IOException e3) {
                throw new CMSException("encapsulation error.", e3);
            }
        } else {
            contentInfo = new ContentInfo(dERObjectIdentifier, (DEREncodable) null);
        }
        return new CMSSignedData(cMSProcessable, new ContentInfo(PKCSObjectIdentifiers.signedData, new SignedData(new DERSet(dEREncodableVector2), contentInfo, dERSet, dERSet2, new DERSet(dEREncodableVector))));
    }
}
