package uz.yt.cams.pki;

import java.io.IOException;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import org.spongycastle.asn1.ASN1EncodableVector;
import org.spongycastle.asn1.ASN1Primitive;
import org.spongycastle.asn1.DERSet;
import org.spongycastle.asn1.cms.Attribute;
import org.spongycastle.asn1.cms.AttributeTable;
import org.spongycastle.asn1.cms.Attributes;
import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.cms.CMSException;
import org.spongycastle.cms.CMSSignedData;
import org.spongycastle.cms.SignerInformation;
import org.spongycastle.cms.SignerInformationStore;
import org.spongycastle.tsp.TSPException;
import org.spongycastle.tsp.TimeStampToken;
import uz.yt.cams.pki.client.TsaClient;
import uz.yt.cams.pki.exception.ProviderException;
import uz.yt.cams.pki.exception.SignerNotFoundException;
import uz.yt.cams.pki.provider.TimeStampTokenProvider;

/* loaded from: classes2.dex */
public class TimeStamper {
    private final Provider provider;

    public TimeStamper(Provider provider) {
        this.provider = provider;
    }

    private CMSSignedData attachTimeStampToken(CMSSignedData cMSSignedData, BigInteger bigInteger, TimeStampToken timeStampToken) throws IOException, TSPException, NoSuchAlgorithmException, ProviderException, CertificateEncodingException {
        SignerInformationStore signerInfos = cMSSignedData.getSignerInfos();
        ArrayList arrayList = new ArrayList();
        boolean z = false;
        for (SignerInformation signerInformation : signerInfos.getSigners()) {
            if (!signerInformation.getSID().getSerialNumber().equals(bigInteger) || z) {
                arrayList.add(signerInformation);
            } else {
                arrayList.add(attachTimeStampToken(signerInformation, timeStampToken));
                z = true;
            }
        }
        return CMSSignedData.replaceSigners(cMSSignedData, new SignerInformationStore(arrayList));
    }

    private SignerInformation attachTimeStampToken(SignerInformation signerInformation, TimeStampToken timeStampToken) throws NoSuchAlgorithmException, ProviderException, TSPException, IOException {
        AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes();
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        if (unsignedAttributes != null) {
            aSN1EncodableVector = unsignedAttributes.toASN1EncodableVector();
        }
        aSN1EncodableVector.add(new Attribute(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken, new DERSet(ASN1Primitive.fromByteArray(timeStampToken.getEncoded()))));
        SignerInformation replaceUnsignedAttributes = SignerInformation.replaceUnsignedAttributes(signerInformation, new AttributeTable(new Attributes(aSN1EncodableVector)));
        return replaceUnsignedAttributes == null ? signerInformation : replaceUnsignedAttributes;
    }

    private SignerInformation attachTimeStampToken(SignerInformation signerInformation, TimeStampTokenProvider timeStampTokenProvider) throws NoSuchAlgorithmException, ProviderException, TSPException, IOException {
        AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes();
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        if (unsignedAttributes != null) {
            aSN1EncodableVector = unsignedAttributes.toASN1EncodableVector();
        }
        aSN1EncodableVector.add(new Attribute(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken, new DERSet(ASN1Primitive.fromByteArray(timeStampTokenProvider.get(signerInformation.getSignature()).getEncoded()))));
        SignerInformation replaceUnsignedAttributes = SignerInformation.replaceUnsignedAttributes(signerInformation, new AttributeTable(new Attributes(aSN1EncodableVector)));
        return replaceUnsignedAttributes == null ? signerInformation : replaceUnsignedAttributes;
    }

    public CMSSignedData attachTimeStampToken(CMSSignedData cMSSignedData, X509Certificate x509Certificate, TimeStampTokenProvider timeStampTokenProvider) throws IOException, TSPException, NoSuchAlgorithmException, ProviderException, CertificateEncodingException {
        X509CertificateHolder x509CertificateHolder = new X509CertificateHolder(x509Certificate.getEncoded());
        SignerInformationStore signerInfos = cMSSignedData.getSignerInfos();
        ArrayList arrayList = new ArrayList();
        for (SignerInformation signerInformation : signerInfos.getSigners()) {
            if (signerInformation.getSID().getIssuer().equals(x509CertificateHolder.getIssuer()) && signerInformation.getSID().getSerialNumber().equals(x509Certificate.getSerialNumber())) {
                arrayList.add(attachTimeStampToken(signerInformation, timeStampTokenProvider));
            } else {
                arrayList.add(signerInformation);
            }
        }
        return CMSSignedData.replaceSigners(cMSSignedData, new SignerInformationStore(arrayList));
    }

    public byte[] attachTimeStampToken(byte[] bArr, BigInteger bigInteger, byte[] bArr2) throws CMSException, SignerNotFoundException, TSPException, IOException, NoSuchAlgorithmException, ProviderException, CertificateEncodingException {
        return attachTimeStampToken(new CMSSignedData(bArr), bigInteger, new TimeStampToken(new CMSSignedData(bArr2))).getEncoded();
    }

    public byte[] getTimeStampRequest(byte[] bArr, BigInteger bigInteger) throws NoSuchAlgorithmException, SignerNotFoundException, CMSException, IOException {
        for (SignerInformation signerInformation : new CMSSignedData(bArr).getSignerInfos().getSigners()) {
            if (signerInformation.getSID().getSerialNumber().equals(bigInteger)) {
                return TsaClient.generateTimeStampRequestWithOzDST1106(this.provider, signerInformation.getSignature()).getEncoded();
            }
        }
        throw new SignerNotFoundException();
    }
}
