package es.gob.afirma.envelopers.cms;

import es.gob.afirma.core.ciphers.AOCipherConfig;
import es.gob.afirma.signers.pkcs7.P7ContentSignerParameters;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import java.util.Map;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERPrintableString;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERUTCTime;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.AuthEnvelopedData;
import org.bouncycastle.asn1.cms.CMSAttributes;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.cms.OriginatorInfo;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;

/* loaded from: input_file:es/gob/afirma/envelopers/cms/CMSAuthenticatedEnvelopedData.class */
public final class CMSAuthenticatedEnvelopedData {
    private CMSAuthenticatedEnvelopedData() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] genAuthenticatedEnvelopedData(P7ContentSignerParameters p7ContentSignerParameters, X509Certificate[] x509CertificateArr, String str, AOCipherConfig aOCipherConfig, X509Certificate[] x509CertificateArr2, String str2, boolean z, Map<String, byte[]> map, Map<String, byte[]> map2, Integer num) throws IOException, CertificateEncodingException, NoSuchAlgorithmException, InvalidKeyException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        SecretKey initEnvelopedData = Utils.initEnvelopedData(aOCipherConfig, x509CertificateArr2, num);
        byte[] content = p7ContentSignerParameters.getContent();
        ASN1Set fetchCertificatesList = Utils.fetchCertificatesList(x509CertificateArr);
        OriginatorInfo originatorInfo = null;
        if (x509CertificateArr.length != 0) {
            originatorInfo = new OriginatorInfo(fetchCertificatesList, SigUtils.createBerSetFromList(new ArrayList()));
        }
        Info initVariables = Utils.initVariables(content, aOCipherConfig, x509CertificateArr2, initEnvelopedData);
        ASN1Set generateSignedAtt = generateSignedAtt(str2, z, map);
        return new ContentInfo(PKCSObjectIdentifiers.id_ct_authEnvelopedData, new AuthEnvelopedData(originatorInfo, new DERSet(initVariables.getRecipientInfos()), initVariables.getEncInfo(), generateSignedAtt, new DEROctetString(Utils.genMac(str, genPack(generateSignedAtt.getEncoded(ASN1Encoding.DER), content), initEnvelopedData)), Utils.generateUnsignedAtt(map2))).getEncoded(ASN1Encoding.DER);
    }

    private static byte[] genPack(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        return bArr3;
    }

    private static ASN1Set generateSignedAtt(String str, boolean z, Map<String, byte[]> map) {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new Attribute(CMSAttributes.contentType, (ASN1Set) new DERSet(new DERObjectIdentifier(str))));
        if (z) {
            aSN1EncodableVector.add(new Attribute(CMSAttributes.signingTime, (ASN1Set) new DERSet(new DERUTCTime(new Date()))));
        }
        if (map.size() != 0) {
            for (Map.Entry<String, byte[]> entry : map.entrySet()) {
                aSN1EncodableVector.add(new Attribute(new ASN1ObjectIdentifier(entry.getKey().toString()), (ASN1Set) new DERSet(new DERPrintableString(new String(entry.getValue())))));
            }
        }
        return SigUtils.getAttributeSet(new AttributeTable(aSN1EncodableVector));
    }

    public static byte[] addOriginatorInfo(byte[] bArr, X509Certificate[] x509CertificateArr) throws IOException, CertificateEncodingException {
        ASN1InputStream aSN1InputStream = new ASN1InputStream(bArr);
        ASN1Sequence aSN1Sequence = (ASN1Sequence) aSN1InputStream.readObject();
        aSN1InputStream.close();
        Enumeration objects = aSN1Sequence.getObjects();
        if (!((DERObjectIdentifier) objects.nextElement()).equals(PKCSObjectIdentifiers.id_ct_authEnvelopedData)) {
            return null;
        }
        AuthEnvelopedData authEnvelopedData = new AuthEnvelopedData((ASN1Sequence) ((ASN1TaggedObject) objects.nextElement()).getObject());
        OriginatorInfo originatorInfo = authEnvelopedData.getOriginatorInfo();
        ASN1Set aSN1Set = null;
        if (originatorInfo != null) {
            aSN1Set = originatorInfo.getCertificates();
        }
        OriginatorInfo checkCertificates = Utils.checkCertificates(x509CertificateArr, aSN1Set);
        if (checkCertificates != null) {
            originatorInfo = checkCertificates;
        }
        return new ContentInfo(PKCSObjectIdentifiers.id_ct_authEnvelopedData, new AuthEnvelopedData(originatorInfo, authEnvelopedData.getRecipientInfos(), authEnvelopedData.getAuthEncryptedContentInfo(), authEnvelopedData.getAuthAttrs(), authEnvelopedData.getMac(), authEnvelopedData.getUnauthAttrs())).getEncoded(ASN1Encoding.DER);
    }
}
