package eu.europa.esig.dss.cades;

import eu.europa.esig.dss.cades.signature.CustomMessageDigestCalculatorProvider;
import eu.europa.esig.dss.cades.validation.PrecomputedDigestCalculatorProvider;
import eu.europa.esig.dss.enumerations.DigestAlgorithm;
import eu.europa.esig.dss.model.DSSDocument;
import eu.europa.esig.dss.model.DSSException;
import eu.europa.esig.dss.model.DigestDocument;
import eu.europa.esig.dss.model.FileDocument;
import eu.europa.esig.dss.model.InMemoryDocument;
import eu.europa.esig.dss.model.x509.CertificateToken;
import eu.europa.esig.dss.spi.DSSASN1Utils;
import eu.europa.esig.dss.spi.DSSUtils;
import eu.europa.esig.dss.spi.OID;
import eu.europa.esig.dss.utils.Utils;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Arrays;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1UTCTime;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DLSet;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.ess.ESSCertID;
import org.bouncycastle.asn1.ess.ESSCertIDv2;
import org.bouncycastle.asn1.ess.SigningCertificate;
import org.bouncycastle.asn1.ess.SigningCertificateV2;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.IssuerSerial;
import org.bouncycastle.cms.CMSAbsentContent;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSProcessableFile;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.CMSTypedData;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.SignerInformationStore;
import org.bouncycastle.operator.DigestCalculatorProvider;
import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/cades/CMSUtils.class */
public final class CMSUtils {
    private static final Logger LOG = LoggerFactory.getLogger(CMSUtils.class);
    public static final DigestAlgorithm DEFAULT_ARCHIVE_TIMESTAMP_HASH_ALGO = DigestAlgorithm.SHA256;
    private static final Date JANUARY_1950 = DSSUtils.getUtcDate(1950, 0, 1);
    private static final Date JANUARY_2050 = DSSUtils.getUtcDate(2050, 0, 1);

    private CMSUtils() {
    }

    public static CMSSignedData generateCMSSignedData(CMSSignedDataGenerator cMSSignedDataGenerator, CMSTypedData cMSTypedData, boolean z) {
        try {
            return cMSSignedDataGenerator.generate(cMSTypedData, z);
        } catch (CMSException e) {
            throw new DSSException("Unable to generate the CMSSignedData", e);
        }
    }

    public static SignerInformationStore generateCounterSigners(CMSSignedDataGenerator cMSSignedDataGenerator, SignerInformation signerInformation) {
        try {
            return cMSSignedDataGenerator.generateCounterSigners(signerInformation);
        } catch (CMSException e) {
            throw new DSSException("Unable to generate the SignerInformationStore for the counter-signature", e);
        }
    }

    public static CMSSignedData generateDetachedCMSSignedData(CMSSignedDataGenerator cMSSignedDataGenerator, CMSProcessableByteArray cMSProcessableByteArray) {
        return generateCMSSignedData(cMSSignedDataGenerator, cMSProcessableByteArray, false);
    }

    public static CMSSignedData populateDigestAlgorithmSet(CMSSignedData cMSSignedData, CMSSignedData cMSSignedData2) {
        if (cMSSignedData2 != null) {
            Iterator it = cMSSignedData2.getDigestAlgorithmIDs().iterator();
            while (it.hasNext()) {
                cMSSignedData = addDigestAlgorithm(cMSSignedData, (AlgorithmIdentifier) it.next());
            }
        }
        return cMSSignedData;
    }

    public static CMSSignedData addDigestAlgorithm(CMSSignedData cMSSignedData, AlgorithmIdentifier algorithmIdentifier) {
        return CMSSignedData.addDigestAlgorithm(cMSSignedData, algorithmIdentifier);
    }

    public static DERTaggedObject getDERSignedAttributes(SignerInformation signerInformation) {
        try {
            byte[] encodedSignedAttributes = signerInformation.getEncodedSignedAttributes();
            if (encodedSignedAttributes == null) {
                return null;
            }
            return new DERTaggedObject(false, 0, DSSASN1Utils.toASN1Primitive(encodedSignedAttributes));
        } catch (IOException e) {
            throw new DSSException(String.format("Unable to extract SignedAttributes. Reason : %s", e.getMessage()), e);
        }
    }

    public static byte[] getSignedContent(CMSTypedData cMSTypedData) {
        if (cMSTypedData == null) {
            throw new DSSException("CMSTypedData is null (should be a detached signature)");
        }
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                cMSTypedData.write(byteArrayOutputStream);
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                byteArrayOutputStream.close();
                return byteArray;
            } finally {
            }
        } catch (CMSException | IOException e) {
            throw new DSSException(e);
        }
    }

    public static AttributeTable getUnsignedAttributes(SignerInformation signerInformation) {
        return DSSASN1Utils.emptyIfNull(signerInformation.getUnsignedAttributes());
    }

    public static AttributeTable getSignedAttributes(SignerInformation signerInformation) {
        return DSSASN1Utils.emptyIfNull(signerInformation.getSignedAttributes());
    }

    public static AttributeTable getAttributesFromByteArray(byte[] bArr) {
        try {
            ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(bArr));
            try {
                DLSet readObject = aSN1InputStream.readObject();
                aSN1InputStream.close();
                return new AttributeTable(readObject);
            } finally {
            }
        } catch (IOException e) {
            throw new DSSException("Error while reading ASN.1 encoded attributes", e);
        }
    }

    public static void addSigningCertificateAttribute(ASN1EncodableVector aSN1EncodableVector, DigestAlgorithm digestAlgorithm, CertificateToken certificateToken) {
        Attribute attribute;
        IssuerSerial issuerSerial = DSSASN1Utils.getIssuerSerial(certificateToken);
        byte[] digest = certificateToken.getDigest(digestAlgorithm);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Adding Certificate Hash {} with algorithm {}", Utils.toHex(digest), digestAlgorithm.getName());
        }
        if (digestAlgorithm == DigestAlgorithm.SHA1) {
            attribute = new Attribute(PKCSObjectIdentifiers.id_aa_signingCertificate, new DERSet(new SigningCertificate(new ESSCertID(digest, issuerSerial))));
        } else {
            attribute = new Attribute(PKCSObjectIdentifiers.id_aa_signingCertificateV2, new DERSet(new SigningCertificateV2(DigestAlgorithm.SHA256 == digestAlgorithm ? new ESSCertIDv2((AlgorithmIdentifier) null, digest, issuerSerial) : new ESSCertIDv2(DSSASN1Utils.getAlgorithmIdentifier(digestAlgorithm), digest, issuerSerial))));
        }
        aSN1EncodableVector.add(attribute);
    }

    public static boolean isCMSSignedDataEqual(CMSSignedData cMSSignedData, CMSSignedData cMSSignedData2) throws IOException {
        return Arrays.equals(cMSSignedData.getEncoded(), cMSSignedData2.getEncoded());
    }

    public static Attribute getSignedAttribute(SignerInformation signerInformation, ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        AttributeTable signedAttributes = signerInformation.getSignedAttributes();
        if (signedAttributes == null) {
            return null;
        }
        return signedAttributes.get(aSN1ObjectIdentifier);
    }

    public static Attribute getUnsignedAttribute(SignerInformation signerInformation, ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes();
        if (unsignedAttributes == null) {
            return null;
        }
        return unsignedAttributes.get(aSN1ObjectIdentifier);
    }

    public static boolean isDetachedSignature(CMSSignedData cMSSignedData) {
        return cMSSignedData.isDetachedSignature();
    }

    public static DSSDocument getOriginalDocument(CMSSignedData cMSSignedData, List<DSSDocument> list) {
        CMSTypedData cMSTypedData = null;
        if (cMSSignedData != null) {
            cMSTypedData = cMSSignedData.getSignedContent();
        }
        if (cMSTypedData != null && !isDetachedSignature(cMSSignedData)) {
            return new InMemoryDocument(getSignedContent(cMSTypedData));
        }
        if (Utils.collectionSize(list) == 1) {
            return list.get(0);
        }
        throw new DSSException("Only enveloping and detached signatures are supported");
    }

    public static CMSTypedData getContentToBeSigned(DSSDocument dSSDocument) {
        Objects.requireNonNull(dSSDocument, "Document to be signed is missing");
        return dSSDocument instanceof DigestDocument ? new CMSAbsentContent() : dSSDocument instanceof FileDocument ? new CMSProcessableFile(((FileDocument) dSSDocument).getFile()) : new CMSProcessableByteArray(DSSUtils.toByteArray(dSSDocument));
    }

    public static DigestCalculatorProvider getDigestCalculatorProvider(DSSDocument dSSDocument, DigestAlgorithm digestAlgorithm) {
        return digestAlgorithm != null ? new CustomMessageDigestCalculatorProvider(digestAlgorithm, dSSDocument.getDigest(digestAlgorithm)) : dSSDocument instanceof DigestDocument ? new PrecomputedDigestCalculatorProvider((DigestDocument) dSSDocument) : new BcDigestCalculatorProvider();
    }

    public static boolean containsATSTv2(SignerInformation signerInformation) {
        for (Attribute attribute : getUnsignedAttributes(signerInformation).toASN1Structure().getAttributes()) {
            if (DSSASN1Utils.isAttributeOfType(attribute, OID.id_aa_ets_archiveTimestampV2)) {
                return true;
            }
        }
        return false;
    }

    public static Date readSigningDate(ASN1Encodable aSN1Encodable) {
        if (aSN1Encodable == null) {
            return null;
        }
        Date date = DSSASN1Utils.getDate(aSN1Encodable);
        if (date == null) {
            LOG.warn("Error when reading signing time. Unrecognized {}", aSN1Encodable.getClass());
            return null;
        }
        if (date.compareTo(JANUARY_1950) < 0 || !date.before(JANUARY_2050) || (aSN1Encodable.toASN1Primitive() instanceof ASN1UTCTime)) {
            return date;
        }
        LOG.warn("RFC 3852 states that dates between January 1, 1950 and December 31, 2049 (inclusive) MUST be encoded as UTCTime. Any dates with year values before 1950 or after 2049 MUST be encoded as GeneralizedTime. Date found is {} encoded as {}", date, aSN1Encodable.getClass());
        return null;
    }
}
