package uz.yt.eimzo.plugin.pkcs7;

import android.content.Context;
import android.util.Log;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.ProviderException;
import java.security.Signature;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import org.spongycastle.asn1.ASN1Encodable;
import org.spongycastle.asn1.ASN1EncodableVector;
import org.spongycastle.asn1.ASN1Primitive;
import org.spongycastle.asn1.ASN1Sequence;
import org.spongycastle.asn1.ASN1Set;
import org.spongycastle.asn1.ASN1TaggedObject;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.asn1.DERSequence;
import org.spongycastle.asn1.DERSet;
import org.spongycastle.asn1.DERTaggedObject;
import org.spongycastle.asn1.DERUTCTime;
import org.spongycastle.asn1.DLSequence;
import org.spongycastle.asn1.cms.Attribute;
import org.spongycastle.asn1.cms.AttributeTable;
import org.spongycastle.asn1.cms.Attributes;
import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.spongycastle.asn1.x509.AlgorithmIdentifier;
import org.spongycastle.asn1.yt.YTObjectIdentifiers;
import org.spongycastle.cert.jcajce.JcaCertStore;
import org.spongycastle.cms.CMSException;
import org.spongycastle.cms.CMSProcessableByteArray;
import org.spongycastle.cms.CMSSignedData;
import org.spongycastle.cms.CMSSignedDataGenerator;
import org.spongycastle.cms.CMSTypedData;
import org.spongycastle.cms.SignerInformation;
import org.spongycastle.cms.SignerInformationStore;
import org.spongycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.spongycastle.jcajce.util.yt.DefaultAlgParams;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.tsp.TSPException;
import org.spongycastle.tsp.TimeStampToken;
import uz.yt.cams.pki.DocumentSigner;
import uz.yt.cams.pki.DocumentVerifier;
import uz.yt.cams.pki.dto.Pkcs7SignerInfo;
import uz.yt.cams.pki.exception.SignerNotFoundException;
import uz.yt.eimzo.dto.CertificateAndKey;
import uz.yt.eimzo.dto.Constants;
import uz.yt.eimzo.dto.ErrorMessage;
import uz.yt.eimzo.plugin.pkcs7.dto.CreatePkcs7Result;

/* loaded from: classes2.dex */
public class Pkcs7Plugin {
    private Context context;
    private Provider provider;

    public Pkcs7Plugin(Context context, Provider provider) {
        this.provider = provider;
    }

    private CMSSignedData attachTimeStampToken(CMSSignedData cMSSignedData, BigInteger bigInteger, TimeStampToken timeStampToken) throws IOException, TSPException, NoSuchAlgorithmException, ProviderException, CertificateEncodingException {
        SignerInformationStore signerInfos = cMSSignedData.getSignerInfos();
        ArrayList arrayList = new ArrayList();
        boolean z = false;
        for (SignerInformation signerInformation : signerInfos.getSigners()) {
            if (!signerInformation.getSID().getSerialNumber().equals(bigInteger) || z) {
                arrayList.add(signerInformation);
            } else {
                arrayList.add(attachTimeStampToken(signerInformation, timeStampToken));
                z = true;
            }
        }
        return CMSSignedData.replaceSigners(cMSSignedData, new SignerInformationStore(arrayList));
    }

    private SignerInformation attachTimeStampToken(SignerInformation signerInformation, TimeStampToken timeStampToken) throws NoSuchAlgorithmException, ProviderException, TSPException, IOException {
        AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes();
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        if (unsignedAttributes != null) {
            aSN1EncodableVector = unsignedAttributes.toASN1EncodableVector();
        }
        aSN1EncodableVector.add(new Attribute(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken, new DERSet(ASN1Primitive.fromByteArray(timeStampToken.getEncoded()))));
        SignerInformation replaceUnsignedAttributes = SignerInformation.replaceUnsignedAttributes(signerInformation, new AttributeTable(new Attributes(aSN1EncodableVector)));
        return replaceUnsignedAttributes == null ? signerInformation : replaceUnsignedAttributes;
    }

    private byte[] createPkcs7(X509Certificate[] x509CertificateArr, byte[] bArr, byte[] bArr2, byte[] bArr3) throws IOException, CertificateEncodingException, OperatorCreationException, CMSException {
        ASN1Set aSN1Set = (ASN1Set) DERSet.fromByteArray(bArr);
        CMSProcessableByteArray cMSProcessableByteArray = new CMSProcessableByteArray("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".getBytes("UTF-8"));
        ArrayList arrayList = new ArrayList();
        arrayList.add(x509CertificateArr[0]);
        arrayList.add(x509CertificateArr[1]);
        arrayList.add(x509CertificateArr[2]);
        JcaCertStore jcaCertStore = new JcaCertStore(arrayList);
        CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
        cMSSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new DummyDigestCalculatorProvider(new ByteArrayOutputStream(), bArr3)).build(new DummyContentSigner(new AlgorithmIdentifier(YTObjectIdentifiers.uzdst_signature_1092_2009_alg_2_with_1106_2009_alg_2_param_A), new ByteArrayOutputStream(), bArr2), x509CertificateArr[0]));
        cMSSignedDataGenerator.addCertificates(jcaCertStore);
        ASN1Sequence aSN1Sequence = (ASN1Sequence) DERSequence.fromByteArray(cMSSignedDataGenerator.generate((CMSTypedData) cMSProcessableByteArray, false).getEncoded());
        ASN1Sequence aSN1Sequence2 = (ASN1Sequence) ((ASN1TaggedObject) aSN1Sequence.getObjectAt(1)).getObject();
        ASN1Sequence aSN1Sequence3 = (ASN1Sequence) ((ASN1Set) aSN1Sequence2.getObjectAt(4)).getObjectAt(0);
        return new DERSequence(new ASN1Encodable[]{aSN1Sequence.getObjectAt(0), new DERTaggedObject(0, new DERSequence(new ASN1Encodable[]{aSN1Sequence2.getObjectAt(0), aSN1Sequence2.getObjectAt(1), aSN1Sequence2.getObjectAt(2), aSN1Sequence2.getObjectAt(3), new DERSet(new ASN1Encodable[]{new DERSequence(new ASN1Encodable[]{aSN1Sequence3.getObjectAt(0), aSN1Sequence3.getObjectAt(1), aSN1Sequence3.getObjectAt(2), new DERTaggedObject(false, 0, new DLSequence(aSN1Set.toArray())), aSN1Sequence3.getObjectAt(4), new DEROctetString(bArr2)})})}))}).getEncoded();
    }

    private byte[] getSignedAttributes(byte[] bArr) throws IOException {
        return new DERSet(new ASN1Sequence[]{new DERSequence(new ASN1Encodable[]{PKCSObjectIdentifiers.pkcs_9_at_contentType, new DERSet(PKCSObjectIdentifiers.data)}), new DERSequence(new ASN1Encodable[]{PKCSObjectIdentifiers.pkcs_9_at_signingTime, new DERSet(new DERUTCTime(new Date()))}), new DERSequence(new ASN1Encodable[]{PKCSObjectIdentifiers.pkcs_9_at_messageDigest, new DERSet(new DEROctetString(bArr))})}).getEncoded();
    }

    public CreatePkcs7Result appendPkcs7(byte[] bArr, CertificateAndKey certificateAndKey) {
        try {
            X509Certificate x509Certificate = certificateAndKey.getCertificateChain()[0];
            byte[] appendPkcs7Attached = new DocumentSigner(this.provider, certificateAndKey.getCertificateChain(), certificateAndKey.getPrivateKey()).appendPkcs7Attached(bArr);
            byte[] bArr2 = null;
            Iterator it = new DocumentVerifier(this.provider, null).verifyPkcs7Attached(appendPkcs7Attached).iterator();
            while (it.hasNext()) {
                Pkcs7SignerInfo pkcs7SignerInfo = (Pkcs7SignerInfo) it.next();
                if (pkcs7SignerInfo.getSignerId().getSerialNumber().equals(x509Certificate.getSerialNumber())) {
                    bArr2 = pkcs7SignerInfo.getSignature();
                }
            }
            return new CreatePkcs7Result(appendPkcs7Attached, x509Certificate.getSerialNumber().toString(16), x509Certificate.getSubjectX500Principal().getName(), bArr2);
        } catch (IOException e) {
            e = e;
            Log.e(Constants.EXTRA_PARAM_APPEND_PKCS7, e.getMessage(), e);
            return new CreatePkcs7Result(new ErrorMessage(e.getClass().getSimpleName(), e.getMessage()));
        } catch (CertificateEncodingException e2) {
            e = e2;
            Log.e(Constants.EXTRA_PARAM_APPEND_PKCS7, e.getMessage(), e);
            return new CreatePkcs7Result(new ErrorMessage(e.getClass().getSimpleName(), e.getMessage()));
        } catch (CMSException e3) {
            e = e3;
            Log.e(Constants.EXTRA_PARAM_APPEND_PKCS7, e.getMessage(), e);
            return new CreatePkcs7Result(new ErrorMessage(e.getClass().getSimpleName(), e.getMessage()));
        } catch (OperatorCreationException e4) {
            e = e4;
            Log.e(Constants.EXTRA_PARAM_APPEND_PKCS7, e.getMessage(), e);
            return new CreatePkcs7Result(new ErrorMessage(e.getClass().getSimpleName(), e.getMessage()));
        } catch (Throwable th) {
            Log.e(Constants.EXTRA_PARAM_APPEND_PKCS7, th.getMessage(), th);
            return new CreatePkcs7Result(new ErrorMessage(th.getClass().getSimpleName(), th.getMessage()));
        }
    }

    public byte[] attachTimeStampToken(byte[] bArr, BigInteger bigInteger, byte[] bArr2) throws CMSException, SignerNotFoundException, TSPException, IOException, NoSuchAlgorithmException, ProviderException, CertificateEncodingException {
        return attachTimeStampToken(new CMSSignedData(bArr), bigInteger, new TimeStampToken(new CMSSignedData(bArr2))).getEncoded();
    }

    public CreatePkcs7Result createPkcs7(byte[] bArr, CertificateAndKey certificateAndKey) {
        try {
            X509Certificate x509Certificate = certificateAndKey.getCertificateChain()[0];
            byte[] signedAttributes = getSignedAttributes(bArr);
            Signature signature = Signature.getInstance(DefaultAlgParams.getDefaultSignatureAlg(certificateAndKey.getPrivateKey().getAlgorithm()), this.provider);
            signature.initSign(certificateAndKey.getPrivateKey());
            signature.update(signedAttributes);
            byte[] sign = signature.sign();
            return new CreatePkcs7Result(createPkcs7(certificateAndKey.getCertificateChain(), signedAttributes, sign, bArr), x509Certificate.getSerialNumber().toString(16), x509Certificate.getSubjectX500Principal().getName(), sign);
        } catch (IOException e) {
            e = e;
            Log.e("create_pkcs7", e.getMessage(), e);
            return new CreatePkcs7Result(new ErrorMessage(e.getClass().getSimpleName(), e.getMessage()));
        } catch (CertificateEncodingException e2) {
            e = e2;
            Log.e("create_pkcs7", e.getMessage(), e);
            return new CreatePkcs7Result(new ErrorMessage(e.getClass().getSimpleName(), e.getMessage()));
        } catch (CMSException e3) {
            e = e3;
            Log.e("create_pkcs7", e.getMessage(), e);
            return new CreatePkcs7Result(new ErrorMessage(e.getClass().getSimpleName(), e.getMessage()));
        } catch (OperatorCreationException e4) {
            e = e4;
            Log.e("create_pkcs7", e.getMessage(), e);
            return new CreatePkcs7Result(new ErrorMessage(e.getClass().getSimpleName(), e.getMessage()));
        } catch (Throwable th) {
            Log.e("create_pkcs7", th.getMessage(), th);
            return new CreatePkcs7Result(new ErrorMessage(th.getClass().getSimpleName(), th.getMessage()));
        }
    }

    public CreatePkcs7Result createPkcs7(byte[] bArr, CertificateAndKey certificateAndKey, boolean z) {
        boolean z2 = !z;
        try {
            X509Certificate x509Certificate = certificateAndKey.getCertificateChain()[0];
            byte[] pkcs7 = new DocumentSigner(this.provider, certificateAndKey.getCertificateChain(), certificateAndKey.getPrivateKey()).getPkcs7(bArr, z2);
            byte[] bArr2 = null;
            DocumentVerifier documentVerifier = new DocumentVerifier(this.provider, null);
            Iterator it = (z2 ? documentVerifier.verifyPkcs7Attached(pkcs7) : documentVerifier.verifyPkcs7Detached(pkcs7, bArr)).iterator();
            while (it.hasNext()) {
                Pkcs7SignerInfo pkcs7SignerInfo = (Pkcs7SignerInfo) it.next();
                if (pkcs7SignerInfo.getSignerId().getSerialNumber().equals(x509Certificate.getSerialNumber())) {
                    bArr2 = pkcs7SignerInfo.getSignature();
                }
            }
            return new CreatePkcs7Result(pkcs7, x509Certificate.getSerialNumber().toString(16), x509Certificate.getSubjectX500Principal().getName(), bArr2);
        } catch (IOException e) {
            e = e;
            Log.e("create_pkcs7", e.getMessage(), e);
            return new CreatePkcs7Result(new ErrorMessage(e.getClass().getSimpleName(), e.getMessage()));
        } catch (CertificateEncodingException e2) {
            e = e2;
            Log.e("create_pkcs7", e.getMessage(), e);
            return new CreatePkcs7Result(new ErrorMessage(e.getClass().getSimpleName(), e.getMessage()));
        } catch (CMSException e3) {
            e = e3;
            Log.e("create_pkcs7", e.getMessage(), e);
            return new CreatePkcs7Result(new ErrorMessage(e.getClass().getSimpleName(), e.getMessage()));
        } catch (OperatorCreationException e4) {
            e = e4;
            Log.e("create_pkcs7", e.getMessage(), e);
            return new CreatePkcs7Result(new ErrorMessage(e.getClass().getSimpleName(), e.getMessage()));
        } catch (Throwable th) {
            Log.e("create_pkcs7", th.getMessage(), th);
            return new CreatePkcs7Result(new ErrorMessage(th.getClass().getSimpleName(), th.getMessage()));
        }
    }
}
