package es.gob.afirma.envelopers.cms;

import es.gob.afirma.core.ciphers.AOCipherConfig;
import es.gob.afirma.core.signers.AOSignConstants;
import es.gob.afirma.signers.pkcs7.AOAlgorithmID;
import es.gob.afirma.signers.pkcs7.P7ContentSignerParameters;
import es.gob.afirma.signers.pkcs7.SignedAndEnvelopedData;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DERPrintableString;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.cms.SignerIdentifier;
import org.bouncycastle.asn1.cms.SignerInfo;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.style.RFC4519Style;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.TBSCertificateStructure;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:es/gob/afirma/envelopers/cms/CMSSignedAndEnvelopedData.class */
public final class CMSSignedAndEnvelopedData {
    private ASN1Set signedAttr2;

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] genSignedAndEnvelopedData(P7ContentSignerParameters p7ContentSignerParameters, X509Certificate[] x509CertificateArr, AOCipherConfig aOCipherConfig, X509Certificate[] x509CertificateArr2, String str, KeyStore.PrivateKeyEntry privateKeyEntry, Map<String, byte[]> map, Map<String, byte[]> map2, Integer num) throws IOException, CertificateEncodingException, NoSuchAlgorithmException, InvalidKeyException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, SignatureException {
        SecretKey initEnvelopedData = Utils.initEnvelopedData(aOCipherConfig, x509CertificateArr2, num);
        String signatureAlgorithm = p7ContentSignerParameters.getSignatureAlgorithm();
        String digestAlgorithmName = AOSignConstants.getDigestAlgorithmName(signatureAlgorithm);
        AlgorithmIdentifier makeAlgId = SigUtils.makeAlgId(AOAlgorithmID.getOID(digestAlgorithmName));
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(makeAlgId);
        ASN1Set fetchCertificatesList = Utils.fetchCertificatesList(x509CertificateArr);
        byte[] content = p7ContentSignerParameters.getContent();
        Info initVariables = Utils.initVariables(content, aOCipherConfig, x509CertificateArr2, initEnvelopedData);
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        TBSCertificateStructure tBSCertificateStructure = TBSCertificateStructure.getInstance(ASN1Primitive.fromByteArray(x509CertificateArr[0].getTBSCertificate()));
        aSN1EncodableVector2.add(new SignerInfo(new SignerIdentifier(new IssuerAndSerialNumber(X500Name.getInstance(tBSCertificateStructure.getIssuer()), tBSCertificateStructure.getSerialNumber().getValue())), makeAlgId, generateSignerInfo(x509CertificateArr[0], digestAlgorithmName, content, str, map), SigUtils.makeAlgId(AOAlgorithmID.getOID("RSA")), Utils.firma(signatureAlgorithm, privateKeyEntry, this.signedAttr2), generateUnsignerInfo(map2)));
        return new ContentInfo(PKCSObjectIdentifiers.signedAndEnvelopedData, new SignedAndEnvelopedData(new DERSet(initVariables.getRecipientInfos()), new DERSet(aSN1EncodableVector), initVariables.getEncInfo(), fetchCertificatesList, null, new DERSet(aSN1EncodableVector2))).getEncoded(ASN1Encoding.DER);
    }

    private ASN1Set generateSignerInfo(X509Certificate x509Certificate, String str, byte[] bArr, String str2, Map<String, byte[]> map) throws NoSuchAlgorithmException {
        ASN1EncodableVector initContexExpecific = Utils.initContexExpecific(str, bArr, str2, null);
        initContexExpecific.add(new Attribute(RFC4519Style.serialNumber, (ASN1Set) new DERSet(new DERPrintableString(x509Certificate.getSerialNumber().toString()))));
        if (map.size() != 0) {
            for (Map.Entry<String, byte[]> entry : map.entrySet()) {
                initContexExpecific.add(new Attribute(new ASN1ObjectIdentifier(entry.getKey().toString()), (ASN1Set) new DERSet(new DERPrintableString(new String(entry.getValue())))));
            }
        }
        this.signedAttr2 = SigUtils.getAttributeSet(new AttributeTable(initContexExpecific));
        return SigUtils.getAttributeSet(new AttributeTable(initContexExpecific));
    }

    private static ASN1Set generateUnsignerInfo(Map<String, byte[]> map) {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        if (map.size() == 0) {
            return null;
        }
        for (Map.Entry<String, byte[]> entry : map.entrySet()) {
            aSN1EncodableVector.add(new Attribute(new ASN1ObjectIdentifier(entry.getKey().toString()), (ASN1Set) new DERSet(new DERPrintableString(new String(entry.getValue())))));
        }
        return SigUtils.getAttributeSet(new AttributeTable(aSN1EncodableVector));
    }
}
