package com.ark.arksigner.handlers;

import android.util.Log;
import com.ark.arksigner.certs.ArkX509Certificate;
import com.ark.arksigner.devices.ArkSigningDevice;
import com.ark.arksigner.exceptions.ArkSignerException;
import com.ark.arksigner.exceptions.CannotBuildASN1StructureException;
import com.ark.arksigner.exceptions.CannotConnectToTSSException;
import com.ark.arksigner.exceptions.CannotSignCAdESException;
import com.ark.arksigner.exceptions.UndefinedDigestAlgorithmException;
import com.ark.arksigner.license.LicenseDurationExpiredException;
import com.ark.arksigner.license.LicenseInvalidException;
import com.ark.arksigner.license.LicenseManager;
import com.ark.arksigner.license.LicenseNotCheckedException;
import com.ark.arksigner.license.NumberOfAllowedUsersExceededException;
import com.ark.arksigner.license.UnlicensedModuleException;
import com.ark.arksigner.tasks.CAdESSigningTask;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.Objects;
import java.util.TimeZone;
import org.spongycastle.asn1.ASN1Encodable;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.ASN1Integer;
import org.spongycastle.asn1.ASN1Object;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.ASN1Sequence;
import org.spongycastle.asn1.ASN1StreamParser;
import org.spongycastle.asn1.ASN1TaggedObject;
import org.spongycastle.asn1.DERIA5String;
import org.spongycastle.asn1.DERNull;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.asn1.DERSequence;
import org.spongycastle.asn1.DERSequenceParser;
import org.spongycastle.asn1.DERSet;
import org.spongycastle.asn1.DERTaggedObject;
import org.spongycastle.asn1.DERUTCTime;
import org.spongycastle.asn1.DERUTF8String;

/* loaded from: classes.dex */
public class CAdESBuilder extends AbstractArkSignerHandler {
    public CAdESBuilder() {
        try {
            LicenseManager.getInstance().check();
        } catch (LicenseDurationExpiredException e) {
            Log.e("ArkSigner - CAdES Builder", "Invalid license", e);
        } catch (LicenseInvalidException e2) {
            Log.e("ArkSigner - CAdES Builder", "Invalid license", e2);
        } catch (LicenseNotCheckedException e3) {
            Log.e("ArkSigner - CAdES Builder", "Invalid license", e3);
        } catch (NumberOfAllowedUsersExceededException e4) {
            Log.e("ArkSigner - CAdES Builder", "Invalid license", e4);
        } catch (UnlicensedModuleException e5) {
            Log.e("ArkSigner - CAdES Builder", "Invalid license", e5);
        }
    }

    private static ASN1Object A() throws ArkSignerException {
        return new DERSet(new DERSequence(new ASN1Object[]{new ASN1ObjectIdentifier(AbstractArkSignerHandler.OID_DIGEST_SHA_256), DERNull.INSTANCE}));
    }

    private static ASN1Object B() {
        return new DERSequence(new ASN1Object[]{new ASN1ObjectIdentifier("1.2.840.113549.1.1.11"), DERNull.INSTANCE});
    }

    private static DERSequence C() {
        return new DERSequence(new ASN1Object[]{new ASN1ObjectIdentifier(AbstractArkSignerHandler.OID_CONTENT_TYPE), new DERSet(new ASN1ObjectIdentifier(AbstractArkSignerHandler.OID_PKCS7_DATA))});
    }

    private static ASN1Object D() throws ArkSignerException {
        Log.e("ArkSigner - CAdES Builder", "Timestamping is not supported with your license");
        throw new UnlicensedModuleException("Timestamping is not supported with your license");
    }

    private ASN1Object a(ArkSigningDevice arkSigningDevice, CAdESSigningTask cAdESSigningTask) throws ArkSignerException {
        try {
            return new DERSequence(new ASN1Encodable[]{new ASN1ObjectIdentifier(AbstractArkSignerHandler.OID_SIGNED_DATA_PKCS7), new DERTaggedObject(true, 0, new DERSequence(new ASN1Encodable[]{a(cAdESSigningTask), A(), b(cAdESSigningTask), c(cAdESSigningTask), b(arkSigningDevice, cAdESSigningTask)}))});
        } catch (ArkSignerException e) {
            Log.e("ArkSigner - CAdES Builder", "Cannot encode content info of CAdES Signature", e);
            throw e;
        } catch (Exception e2) {
            Log.e("ArkSigner - CAdES Builder", "Cannot encode content info of CAdES Signature", e2);
            throw new CannotBuildASN1StructureException(e2);
        }
    }

    private static ASN1Object a(CAdESSigningTask cAdESSigningTask) throws ArkSignerException {
        return new ASN1Integer(cAdESSigningTask.getCmsVersion());
    }

    private static ASN1Sequence a(X509Certificate x509Certificate) throws ArkSignerException {
        try {
            return (ASN1Sequence) ((ASN1Sequence) ASN1Sequence.getInstance(new ASN1InputStream(x509Certificate.getEncoded()).readObject()).getObjectAt(0)).getObjectAt(3);
        } catch (Exception e) {
            Log.e("ArkSigner - CAdES Builder", "Cannot process certificate", e);
            throw new ArkSignerException("process retrieve certificate");
        }
    }

    private static DERSequence a(ArkX509Certificate arkX509Certificate) throws ArkSignerException {
        return new DERSequence(new ASN1Object[]{new ASN1ObjectIdentifier(AbstractArkSignerHandler.OID_SIGNING_CERTIFICATE_V2), new DERSet(new DERSequence(new DERSequence(new DERSequence(new ASN1Object[]{new DEROctetString(arkX509Certificate.getCertificateDigestSha256()), new DERSequence(new ASN1Object[]{new DERSequence(new DERTaggedObject(4, a(arkX509Certificate.asX509Certificate()))), new ASN1Integer(b(arkX509Certificate.asX509Certificate()))})}))))});
    }

    private static BigInteger b(X509Certificate x509Certificate) throws ArkSignerException {
        try {
            return ((ASN1Integer) ((ASN1Sequence) ASN1Sequence.getInstance(new ASN1InputStream(x509Certificate.getEncoded()).readObject()).getObjectAt(0)).getObjectAt(1)).getValue();
        } catch (Exception e) {
            Log.e("ArkSigner - CAdES Builder", "Cannot process certificate", e);
            throw new ArkSignerException("process retrieve certificate");
        }
    }

    private ASN1Object b(ArkSigningDevice arkSigningDevice, CAdESSigningTask cAdESSigningTask) throws IOException, UndefinedDigestAlgorithmException, NoSuchAlgorithmException, CertificateException, CannotConnectToTSSException, ArkSignerException {
        return new DERSet(c(arkSigningDevice, cAdESSigningTask));
    }

    private static ASN1Object b(CAdESSigningTask cAdESSigningTask) throws ArkSignerException {
        return cAdESSigningTask.isIsContentAttached() ? new DERSequence(new ASN1Object[]{new ASN1ObjectIdentifier(AbstractArkSignerHandler.OID_PKCS7_DATA), new DERTaggedObject(true, 0, new DEROctetString(cAdESSigningTask.getContent()))}) : new DERSequence(new ASN1Object[]{new ASN1ObjectIdentifier(AbstractArkSignerHandler.OID_PKCS7_DATA)});
    }

    private ASN1Object c(ArkSigningDevice arkSigningDevice, CAdESSigningTask cAdESSigningTask) throws ArkSignerException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new ASN1Integer(cAdESSigningTask.getCmsVersion()));
        arrayList.add(d(cAdESSigningTask));
        arrayList.add(new DERSequence(new ASN1Object[]{new ASN1ObjectIdentifier(AbstractArkSignerHandler.OID_DIGEST_SHA_256), DERNull.INSTANCE}));
        arrayList.add(d(arkSigningDevice, cAdESSigningTask));
        arrayList.add(B());
        arrayList.add(e(arkSigningDevice, cAdESSigningTask));
        if (cAdESSigningTask.getSignatureType() >= 3) {
            arrayList.add(g(cAdESSigningTask));
        }
        ASN1Encodable[] aSN1EncodableArr = new ASN1Encodable[arrayList.size()];
        for (int i = 0; i < arrayList.size(); i++) {
            aSN1EncodableArr[i] = (ASN1Encodable) arrayList.get(i);
        }
        return new DERSequence(aSN1EncodableArr);
    }

    private static ASN1Object c(CAdESSigningTask cAdESSigningTask) throws IOException, CertificateEncodingException, ArkSignerException {
        return new DERTaggedObject(true, 0, ASN1Sequence.fromByteArray(cAdESSigningTask.getSigningCertificate().getEncoded()));
    }

    private ASN1Object d(ArkSigningDevice arkSigningDevice, CAdESSigningTask cAdESSigningTask) throws ArkSignerException {
        if (cAdESSigningTask.getSignedAttributesData() != null && arkSigningDevice.isSigningDeferred()) {
            try {
                return new DERTaggedObject(false, 0, ASN1TaggedObject.getInstance(new ASN1InputStream(cAdESSigningTask.getSignedAttributesData()).readObject()).toASN1Primitive());
            } catch (Exception e) {
                Log.e("ArkSigner - CAdES Builder", "Cannot build signed attributes", e);
                throw new CannotBuildASN1StructureException(e);
            }
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(C());
        if (cAdESSigningTask.isAddSigningTime()) {
            arrayList.add(e(cAdESSigningTask));
        }
        arrayList.add(n(cAdESSigningTask.getContentDigest()));
        arrayList.add(a(cAdESSigningTask.getSigningCertificate()));
        if (cAdESSigningTask.getSigningProfile() != null && cAdESSigningTask.getSignatureSubType() >= 2) {
            arrayList.add(f(cAdESSigningTask));
        }
        ASN1Object[] aSN1ObjectArr = new ASN1Object[arrayList.size()];
        for (int i = 0; i < arrayList.size(); i++) {
            aSN1ObjectArr[i] = (ASN1Object) arrayList.get(i);
        }
        DERSet dERSet = new DERSet(aSN1ObjectArr);
        try {
            cAdESSigningTask.setDigestToBeSigned(calculateDigest(cAdESSigningTask, dERSet.getEncoded()));
            DERTaggedObject dERTaggedObject = new DERTaggedObject(false, 0, dERSet);
            try {
                if (arkSigningDevice.isSigningDeferred()) {
                    cAdESSigningTask.setSignedAttributesData(dERTaggedObject.getEncoded());
                }
                return dERTaggedObject;
            } catch (Exception e2) {
                Log.e("ArkSigner - CAdES Builder", "Cannot build signed attributes", e2);
                throw new CannotBuildASN1StructureException(e2);
            }
        } catch (Exception e3) {
            Log.e("ArkSigner - CAdES Builder", "Cannot calculate digest", e3);
            throw new CannotBuildASN1StructureException(e3);
        }
    }

    private static ASN1Object d(CAdESSigningTask cAdESSigningTask) throws ArkSignerException {
        return new DERSequence(new ASN1Object[]{h(cAdESSigningTask), new ASN1Integer(i(cAdESSigningTask))});
    }

    private static ASN1Object e(ArkSigningDevice arkSigningDevice, CAdESSigningTask cAdESSigningTask) throws ArkSignerException {
        if (cAdESSigningTask.getSignatureValue() == null) {
            cAdESSigningTask.setSignatureValue(arkSigningDevice.signPKCS1InSession(cAdESSigningTask.getSigningCertificate(), cAdESSigningTask.getDigestToBeSigned()));
        }
        return new DEROctetString(cAdESSigningTask.getSignatureValue());
    }

    private static DERSequence e(CAdESSigningTask cAdESSigningTask) {
        ASN1Object[] aSN1ObjectArr = new ASN1Object[2];
        aSN1ObjectArr[0] = new ASN1ObjectIdentifier(AbstractArkSignerHandler.OID_SIGNING_TIME);
        aSN1ObjectArr[1] = new DERSet(new DERUTCTime(cAdESSigningTask.getCustomSigningTime() != null ? new Date(cAdESSigningTask.getCustomSigningTime().longValue()) : Calendar.getInstance(TimeZone.getTimeZone("UTC")).getTime()));
        return new DERSequence(aSN1ObjectArr);
    }

    private static DERSequence f(CAdESSigningTask cAdESSigningTask) throws ArkSignerException {
        new DERSequence(new ASN1Object[]{new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.2.15"), new DERSet(new ASN1Object[]{new DERSequence(new ASN1Object[]{new ASN1ObjectIdentifier(cAdESSigningTask.getSigningProfile().getProfileOID()), new DERSequence(new ASN1Object[]{new DERSequence(new ASN1Object[]{new ASN1ObjectIdentifier(AbstractArkSignerHandler.OID_DIGEST_SHA_256)}), new DEROctetString(cAdESSigningTask.getSigningProfile().getDigest())}), new DERSequence(new ASN1Object[]{new DERSequence(new ASN1Object[]{new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.5.1"), new DERIA5String(cAdESSigningTask.getSigningProfile().getSpURI())}), new DERSequence(new ASN1Object[]{new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.5.2"), new DERSequence(new ASN1Object[]{new DERUTF8String(cAdESSigningTask.getSigningProfile().getDescription())})})})})})});
        return null;
    }

    private static ASN1Object g(CAdESSigningTask cAdESSigningTask) throws ArkSignerException {
        ArrayList arrayList = new ArrayList();
        if (cAdESSigningTask.getSignatureType() >= 3) {
            arrayList.add(D());
        }
        ASN1Object[] aSN1ObjectArr = new ASN1Object[arrayList.size()];
        for (int i = 0; i < arrayList.size(); i++) {
            aSN1ObjectArr[i] = (ASN1Object) arrayList.get(i);
        }
        return new DERTaggedObject(false, 1, new DERSet(aSN1ObjectArr));
    }

    private static ASN1Sequence h(CAdESSigningTask cAdESSigningTask) throws ArkSignerException {
        return a(cAdESSigningTask.getSigningCertificate().asX509Certificate());
    }

    private static BigInteger i(CAdESSigningTask cAdESSigningTask) throws ArkSignerException {
        return b(cAdESSigningTask.getSigningCertificate().asX509Certificate());
    }

    private static DERSequence n(byte[] bArr) {
        return new DERSequence(new ASN1Object[]{new ASN1ObjectIdentifier(AbstractArkSignerHandler.OID_MESSAGE_DIGEST), new DERSet(new DEROctetString(bArr))});
    }

    public static CAdESBuilder newInstance() {
        return new CAdESBuilder();
    }

    public byte[] extractOriginalContent(byte[] bArr) throws IOException {
        ASN1Sequence aSN1Sequence = (ASN1Sequence) ((ASN1Sequence) ((DERTaggedObject) ((ASN1Sequence) ((DERSequenceParser) new ASN1StreamParser(bArr).readObject()).toASN1Primitive()).getObjectAt(1).toASN1Primitive()).getObjectParser(0, true)).getObjectAt(2);
        byte[] octets = aSN1Sequence.size() == 2 ? ((DEROctetString) ((DERTaggedObject) aSN1Sequence.getObjectAt(1).toASN1Primitive()).getObjectParser(0, true)).getOctets() : null;
        Objects.toString(octets == null ? "0" : Integer.valueOf(octets.length));
        return octets;
    }

    public void sign(ArkSigningDevice arkSigningDevice, CAdESSigningTask cAdESSigningTask, OutputStream outputStream) throws ArkSignerException {
        try {
            if (cAdESSigningTask.getContent() != null && cAdESSigningTask.getContentDigest() == null) {
                cAdESSigningTask.setContentDigest(calculateDigest(cAdESSigningTask.getDigestAlgorithm(), cAdESSigningTask.getContent()));
            }
            ASN1Object a = a(arkSigningDevice, cAdESSigningTask);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] encoded = a.getEncoded();
            byteArrayOutputStream.write(encoded, 0, encoded.length);
            outputStream.write(byteArrayOutputStream.toByteArray());
        } catch (ArkSignerException e) {
            Log.e("ArkSigner - CAdES Builder", "Cannot perform signing CAdES", e);
            throw e;
        } catch (Exception e2) {
            Log.e("ArkSigner - CAdES Builder", "Cannot perform signing CAdES", e2);
            throw new CannotSignCAdESException(e2);
        }
    }
}
