package com.sansec.cms;

import com.sansec.asn1.ASN1EncodableVector;
import com.sansec.asn1.ASN1ObjectIdentifier;
import com.sansec.asn1.ASN1Set;
import com.sansec.asn1.BERConstructedOctetString;
import com.sansec.asn1.DERNull;
import com.sansec.asn1.DEROctetString;
import com.sansec.asn1.DERSet;
import com.sansec.asn1.cms.AttributeTable;
import com.sansec.asn1.cms.CMSAttributes;
import com.sansec.asn1.cms.CMSObjectIdentifiers;
import com.sansec.asn1.cms.ContentInfo;
import com.sansec.asn1.cms.EncryptedContentInfo;
import com.sansec.asn1.cms.SignedAndEnvelopedData;
import com.sansec.asn1.cms.SignedData;
import com.sansec.asn1.cms.SignerIdentifier;
import com.sansec.asn1.cms.SignerInfo;
import com.sansec.asn1.pkcs.GBObjectIdentifiers;
import com.sansec.asn1.x509.AlgorithmIdentifier;
import com.sansec.cms.CMSSignedAndEnvelopedGenerator;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;

/* loaded from: input_file:com/sansec/cms/CMSSignedAndEnvelopedDataGenerator.class */
public class CMSSignedAndEnvelopedDataGenerator extends CMSSignedAndEnvelopedGenerator {
    List signerInfs;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/sansec/cms/CMSSignedAndEnvelopedDataGenerator$SignerInf.class */
    public class SignerInf {
        private final PrivateKey key;
        private final SignerIdentifier signerIdentifier;
        private final String digestOID;
        private final String encOID;
        private final CMSAttributeTableGenerator sAttr;
        private final CMSAttributeTableGenerator unsAttr;
        private final AttributeTable baseSignedTable;

        SignerInf(PrivateKey privateKey, SignerIdentifier signerIdentifier, String str, String str2, CMSAttributeTableGenerator cMSAttributeTableGenerator, CMSAttributeTableGenerator cMSAttributeTableGenerator2, AttributeTable attributeTable) {
            this.key = privateKey;
            this.signerIdentifier = signerIdentifier;
            this.digestOID = str;
            this.encOID = str2;
            this.sAttr = cMSAttributeTableGenerator;
            this.unsAttr = cMSAttributeTableGenerator2;
            this.baseSignedTable = attributeTable;
        }

        AlgorithmIdentifier getDigestAlgorithmID() {
            return new AlgorithmIdentifier(new ASN1ObjectIdentifier(this.digestOID), DERNull.INSTANCE);
        }

        SignerInfo toSignerInfo(ASN1ObjectIdentifier aSN1ObjectIdentifier, CMSProcessable cMSProcessable, SecureRandom secureRandom, Provider provider, boolean z, boolean z2) throws IOException, SignatureException, InvalidKeyException, NoSuchAlgorithmException, CertificateEncodingException, CMSException {
            AttributeTable attributeTable;
            byte[] byteArray;
            AlgorithmIdentifier digestAlgorithmID = getDigestAlgorithmID();
            String digestAlgName = CMSSignedHelper.INSTANCE.getDigestAlgName(this.digestOID);
            Signature signatureInstance = CMSSignedHelper.INSTANCE.getSignatureInstance(String.valueOf(digestAlgName) + "with" + CMSSignedHelper.INSTANCE.getEncryptionAlgName(this.encOID), provider);
            MessageDigest digestInstance = CMSSignedHelper.INSTANCE.getDigestInstance(digestAlgName, provider);
            AlgorithmIdentifier encAlgorithmIdentifier = CMSSignedAndEnvelopedDataGenerator.this.getEncAlgorithmIdentifier(this.encOID, signatureInstance);
            if (cMSProcessable != null) {
                cMSProcessable.write(new CMSSignedAndEnvelopedGenerator.DigOutputStream(digestInstance));
            }
            byte[] digest = digestInstance.digest();
            CMSSignedAndEnvelopedDataGenerator.this._digests.put(this.digestOID, digest.clone());
            if (z) {
                attributeTable = this.sAttr != null ? this.sAttr.getAttributes(Collections.unmodifiableMap(CMSSignedAndEnvelopedDataGenerator.this.getBaseParameters(aSN1ObjectIdentifier, digestAlgorithmID, digest))) : null;
            } else {
                attributeTable = this.baseSignedTable;
            }
            ASN1Set aSN1Set = null;
            if (attributeTable != null) {
                if (z2) {
                    Hashtable hashtable = attributeTable.toHashtable();
                    hashtable.remove(CMSAttributes.contentType);
                    attributeTable = new AttributeTable(hashtable);
                }
                aSN1Set = CMSSignedAndEnvelopedDataGenerator.this.getAttributeSet(attributeTable);
                byteArray = aSN1Set.getEncoded("DER");
            } else {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                if (cMSProcessable != null) {
                    cMSProcessable.write(byteArrayOutputStream);
                }
                byteArray = byteArrayOutputStream.toByteArray();
            }
            signatureInstance.initSign(this.key, secureRandom);
            signatureInstance.update(byteArray);
            byte[] sign = signatureInstance.sign();
            ASN1Set aSN1Set2 = null;
            if (this.unsAttr != null) {
                Map baseParameters = CMSSignedAndEnvelopedDataGenerator.this.getBaseParameters(aSN1ObjectIdentifier, digestAlgorithmID, digest);
                baseParameters.put(CMSAttributeTableGenerator.SIGNATURE, sign.clone());
                aSN1Set2 = CMSSignedAndEnvelopedDataGenerator.this.getAttributeSet(this.unsAttr.getAttributes(Collections.unmodifiableMap(baseParameters)));
            }
            return new SignerInfo(this.signerIdentifier, digestAlgorithmID, aSN1Set, encAlgorithmIdentifier, new DEROctetString(sign), aSN1Set2);
        }
    }

    public CMSSignedAndEnvelopedDataGenerator() {
        this.signerInfs = new ArrayList();
    }

    public CMSSignedAndEnvelopedDataGenerator(SecureRandom secureRandom) {
        super(secureRandom);
        this.signerInfs = new ArrayList();
    }

    public void addSigner(PrivateKey privateKey, X509Certificate x509Certificate, String str) throws IllegalArgumentException {
        addSigner(privateKey, x509Certificate, getEncOID(privateKey, str), str);
    }

    public void addSigner(PrivateKey privateKey, X509Certificate x509Certificate, String str, String str2) throws IllegalArgumentException {
        this.signerInfs.add(new SignerInf(privateKey, getSignerIdentifier(x509Certificate), str2, str, new DefaultSignedAttributeTableGenerator(), null, null));
    }

    public void addSigner(PrivateKey privateKey, byte[] bArr, String str) throws IllegalArgumentException {
        addSigner(privateKey, bArr, getEncOID(privateKey, str), str);
    }

    public void addSigner(PrivateKey privateKey, byte[] bArr, String str, String str2) throws IllegalArgumentException {
        this.signerInfs.add(new SignerInf(privateKey, getSignerIdentifier(bArr), str2, str, new DefaultSignedAttributeTableGenerator(), null, null));
    }

    public void addSigner(PrivateKey privateKey, X509Certificate x509Certificate, String str, AttributeTable attributeTable, AttributeTable attributeTable2) throws IllegalArgumentException {
        addSigner(privateKey, x509Certificate, getEncOID(privateKey, str), str, attributeTable, attributeTable2);
    }

    public void addSigner(PrivateKey privateKey, X509Certificate x509Certificate, String str, String str2, AttributeTable attributeTable, AttributeTable attributeTable2) throws IllegalArgumentException {
        this.signerInfs.add(new SignerInf(privateKey, getSignerIdentifier(x509Certificate), str2, str, new DefaultSignedAttributeTableGenerator(attributeTable), new SimpleAttributeTableGenerator(attributeTable2), attributeTable));
    }

    public void addSigner(PrivateKey privateKey, byte[] bArr, String str, AttributeTable attributeTable, AttributeTable attributeTable2) throws IllegalArgumentException {
        addSigner(privateKey, bArr, str, getEncOID(privateKey, str), new DefaultSignedAttributeTableGenerator(attributeTable), new SimpleAttributeTableGenerator(attributeTable2));
    }

    public void addSigner(PrivateKey privateKey, byte[] bArr, String str, String str2, AttributeTable attributeTable, AttributeTable attributeTable2) throws IllegalArgumentException {
        this.signerInfs.add(new SignerInf(privateKey, getSignerIdentifier(bArr), str2, str, new DefaultSignedAttributeTableGenerator(attributeTable), new SimpleAttributeTableGenerator(attributeTable2), attributeTable));
    }

    public void addSigner(PrivateKey privateKey, X509Certificate x509Certificate, String str, CMSAttributeTableGenerator cMSAttributeTableGenerator, CMSAttributeTableGenerator cMSAttributeTableGenerator2) throws IllegalArgumentException {
        addSigner(privateKey, x509Certificate, getEncOID(privateKey, str), str, cMSAttributeTableGenerator, cMSAttributeTableGenerator2);
    }

    public void addSigner(PrivateKey privateKey, X509Certificate x509Certificate, String str, String str2, CMSAttributeTableGenerator cMSAttributeTableGenerator, CMSAttributeTableGenerator cMSAttributeTableGenerator2) throws IllegalArgumentException {
        this.signerInfs.add(new SignerInf(privateKey, getSignerIdentifier(x509Certificate), str2, str, cMSAttributeTableGenerator, cMSAttributeTableGenerator2, null));
    }

    public void addSigner(PrivateKey privateKey, byte[] bArr, String str, CMSAttributeTableGenerator cMSAttributeTableGenerator, CMSAttributeTableGenerator cMSAttributeTableGenerator2) throws IllegalArgumentException {
        addSigner(privateKey, bArr, str, getEncOID(privateKey, str), cMSAttributeTableGenerator, cMSAttributeTableGenerator2);
    }

    public void addSigner(PrivateKey privateKey, byte[] bArr, String str, String str2, CMSAttributeTableGenerator cMSAttributeTableGenerator, CMSAttributeTableGenerator cMSAttributeTableGenerator2) throws IllegalArgumentException {
        this.signerInfs.add(new SignerInf(privateKey, getSignerIdentifier(bArr), str2, str, cMSAttributeTableGenerator, cMSAttributeTableGenerator2, null));
    }

    private byte[] generate(CMSProcessable cMSProcessable, String str, KeyGenerator keyGenerator, Provider provider) throws NoSuchAlgorithmException, CMSException {
        ASN1ObjectIdentifier aSN1ObjectIdentifier;
        ASN1ObjectIdentifier aSN1ObjectIdentifier2;
        Provider provider2 = keyGenerator.getProvider();
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        try {
            SecretKey generateKey = keyGenerator.generateKey();
            AlgorithmParameters generateParameters = generateParameters(str, generateKey, provider2);
            Cipher symmetricCipher = CMSEnvelopedHelper.INSTANCE.getSymmetricCipher(str, provider2, generateParameters == null);
            symmetricCipher.init(1, generateKey, generateParameters, this.rand);
            if (generateParameters == null) {
                generateParameters = symmetricCipher.getParameters();
            }
            AlgorithmIdentifier algorithmIdentifier = getAlgorithmIdentifier(str, generateParameters);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, symmetricCipher);
            cMSProcessable.write(cipherOutputStream);
            cipherOutputStream.close();
            BERConstructedOctetString bERConstructedOctetString = new BERConstructedOctetString(byteArrayOutputStream.toByteArray());
            boolean z = false;
            for (RecipientInfoGenerator recipientInfoGenerator : this.recipientInfoGenerators) {
                try {
                    aSN1EncodableVector.add(recipientInfoGenerator.generate(generateKey, this.rand, provider));
                    if (!z && recipientInfoGenerator.getCipherOID().startsWith(GBObjectIdentifiers.sm2.getId())) {
                        z = true;
                    }
                } catch (InvalidKeyException e) {
                    throw new CMSException("key inappropriate for algorithm.", e);
                } catch (GeneralSecurityException e2) {
                    throw new CMSException("error making encrypted content.", e2);
                }
            }
            if (z) {
                aSN1ObjectIdentifier = GBObjectIdentifiers.data;
                aSN1ObjectIdentifier2 = GBObjectIdentifiers.signedAndEnvelopedData;
            } else {
                aSN1ObjectIdentifier = CMSObjectIdentifiers.data;
                aSN1ObjectIdentifier2 = CMSObjectIdentifiers.signedAndEnvelopedData;
            }
            EncryptedContentInfo encryptedContentInfo = new EncryptedContentInfo(aSN1ObjectIdentifier, algorithmIdentifier, bERConstructedOctetString);
            SignedData generateSignedData = generateSignedData(cMSProcessable, true, provider);
            try {
                return new ContentInfo(aSN1ObjectIdentifier2, new SignedAndEnvelopedData(generateSignedData.getVersion(), new DERSet(aSN1EncodableVector), generateSignedData.getDigestAlgorithms(), encryptedContentInfo, generateSignedData.getCertificates(), generateSignedData.getCRLs(), generateSignedData.getSignerInfos())).getDEREncoded();
            } catch (IOException e3) {
                e3.printStackTrace();
                return null;
            }
        } catch (IOException e4) {
            throw new CMSException("exception decoding algorithm parameters.", e4);
        } catch (InvalidAlgorithmParameterException e5) {
            throw new CMSException("algorithm parameters invalid.", e5);
        } catch (InvalidKeyException e6) {
            throw new CMSException("key invalid in message.", e6);
        } catch (NoSuchPaddingException e7) {
            throw new CMSException("required padding not supported.", e7);
        }
    }

    public byte[] generate(CMSProcessable cMSProcessable, String str, String str2) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException {
        return generate(cMSProcessable, str, CMSUtils.getProvider(str2));
    }

    public byte[] generate(CMSProcessable cMSProcessable, String str, Provider provider) throws NoSuchAlgorithmException, CMSException {
        KeyGenerator createSymmetricKeyGenerator = CMSEnvelopedHelper.INSTANCE.createSymmetricKeyGenerator(str, provider);
        createSymmetricKeyGenerator.init(this.rand);
        return generate(cMSProcessable, str, createSymmetricKeyGenerator, provider);
    }

    public byte[] generate(CMSProcessable cMSProcessable, String str, int i, String str2) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException {
        return generate(cMSProcessable, str, i, CMSUtils.getProvider(str2));
    }

    public byte[] generate(CMSProcessable cMSProcessable, String str, int i, Provider provider) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException {
        KeyGenerator createSymmetricKeyGenerator = CMSEnvelopedHelper.INSTANCE.createSymmetricKeyGenerator(str, provider);
        createSymmetricKeyGenerator.init(i, this.rand);
        return generate(cMSProcessable, str, createSymmetricKeyGenerator, provider);
    }

    public SignedData generateSignedData(CMSProcessable cMSProcessable, String str) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException {
        return generateSignedData(cMSProcessable, CMSUtils.getProvider(str));
    }

    public SignedData generateSignedData(CMSProcessable cMSProcessable, Provider provider) throws NoSuchAlgorithmException, CMSException {
        return generateSignedData(cMSProcessable, false, provider);
    }

    public SignedData generateSignedData(String str, CMSProcessable cMSProcessable, boolean z, String str2) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException {
        return generateSignedData(str, cMSProcessable, z, CMSUtils.getProvider(str2), true);
    }

    public SignedData generateSignedData(String str, CMSProcessable cMSProcessable, boolean z, Provider provider) throws NoSuchAlgorithmException, CMSException {
        return generateSignedData(str, cMSProcessable, z, provider, true);
    }

    public SignedData generateSignedData(String str, CMSProcessable cMSProcessable, boolean z, String str2, boolean z2) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException {
        return generateSignedData(str, cMSProcessable, z, CMSUtils.getProvider(str2), z2);
    }

    public SignedData generateSignedData(CMSProcessable cMSProcessable, boolean z, String str) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException {
        return generateSignedData(DATA, cMSProcessable, z, str);
    }

    public SignedData generateSignedData(CMSProcessable cMSProcessable, boolean z, Provider provider) throws NoSuchAlgorithmException, CMSException {
        return generateSignedData(DATA, cMSProcessable, z, provider);
    }

    public SignerInformationStore generateCounterSigners(SignerInformation signerInformation, Provider provider) throws NoSuchAlgorithmException, CMSException {
        CMSProcessableByteArray cMSProcessableByteArray = new CMSProcessableByteArray(signerInformation.getSignature());
        return new CMSSignedData(cMSProcessableByteArray, new ContentInfo(CMSObjectIdentifiers.signedData, generateSignedData((String) null, (CMSProcessable) cMSProcessableByteArray, false, provider))).getSignerInfos();
    }

    public SignerInformationStore generateCounterSigners(SignerInformation signerInformation, String str) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException {
        CMSProcessableByteArray cMSProcessableByteArray = new CMSProcessableByteArray(signerInformation.getSignature());
        return new CMSSignedData(cMSProcessableByteArray, new ContentInfo(CMSObjectIdentifiers.signedData, generateSignedData((String) null, (CMSProcessable) cMSProcessableByteArray, false, CMSUtils.getProvider(str)))).getSignerInfos();
    }

    public SignedData generateSignedData(String str, CMSProcessable cMSProcessable, boolean z, Provider provider, boolean z2) throws NoSuchAlgorithmException, CMSException {
        ASN1ObjectIdentifier aSN1ObjectIdentifier;
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        this._digests.clear();
        for (SignerInformation signerInformation : this._signers) {
            aSN1EncodableVector.add(CMSSignedHelper.INSTANCE.fixAlgID(signerInformation.getDigestAlgorithmID()));
            aSN1EncodableVector2.add(signerInformation.toSignerInfo());
        }
        boolean z3 = str == null;
        ASN1ObjectIdentifier aSN1ObjectIdentifier2 = z3 ? CMSObjectIdentifiers.data : new ASN1ObjectIdentifier(str);
        for (SignerInf signerInf : this.signerInfs) {
            if (signerInf.encOID.startsWith(GBObjectIdentifiers.gmalg.getId())) {
                aSN1ObjectIdentifier = GBObjectIdentifiers.data;
                ASN1ObjectIdentifier aSN1ObjectIdentifier3 = GBObjectIdentifiers.signedData;
            } else {
                aSN1ObjectIdentifier = CMSObjectIdentifiers.data;
                ASN1ObjectIdentifier aSN1ObjectIdentifier4 = CMSObjectIdentifiers.signedData;
            }
            aSN1ObjectIdentifier2 = aSN1ObjectIdentifier;
            try {
                aSN1EncodableVector.add(signerInf.getDigestAlgorithmID());
                aSN1EncodableVector2.add(signerInf.toSignerInfo(aSN1ObjectIdentifier2, cMSProcessable, this.rand, provider, z2, z3));
            } catch (IOException e) {
                throw new CMSException("encoding error.", e);
            } catch (InvalidKeyException e2) {
                throw new CMSException("key inappropriate for signature.", e2);
            } catch (SignatureException e3) {
                throw new CMSException("error creating signature.", e3);
            } catch (CertificateEncodingException e4) {
                throw new CMSException("error creating sid.", e4);
            }
        }
        ASN1Set createBerSetFromList = this._certs.size() != 0 ? CMSUtils.createBerSetFromList(this._certs) : null;
        ASN1Set createBerSetFromList2 = this._crls.size() != 0 ? CMSUtils.createBerSetFromList(this._crls) : null;
        BERConstructedOctetString bERConstructedOctetString = null;
        if (z) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            if (cMSProcessable != null) {
                try {
                    cMSProcessable.write(byteArrayOutputStream);
                } catch (IOException e5) {
                    throw new CMSException("encapsulation error.", e5);
                }
            }
            bERConstructedOctetString = new BERConstructedOctetString(byteArrayOutputStream.toByteArray());
        }
        return new SignedData(new DERSet(aSN1EncodableVector), new ContentInfo(aSN1ObjectIdentifier2, bERConstructedOctetString), createBerSetFromList, createBerSetFromList2, new DERSet(aSN1EncodableVector2));
    }
}
