package org.bouncycastle.cms;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.DigestOutputStream;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.BEROctetStringGenerator;
import org.bouncycastle.asn1.BERSequenceGenerator;
import org.bouncycastle.asn1.BERTaggedObject;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.cms.SignerIdentifier;
import org.bouncycastle.asn1.cms.SignerInfo;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.TBSCertificateStructure;

/* JADX WARN: Classes with same name are omitted:
  input_file:fk-ui-war-2.0.7.war:WEB-INF/lib/bcmail-jdk14-1.38.jar:org/bouncycastle/cms/CMSSignedDataStreamGenerator.class
 */
/* loaded from: input_file:fk-ui-war-2.0.7.war:WEB-INF/lib/bcmail-jdk14-138.jar:org/bouncycastle/cms/CMSSignedDataStreamGenerator.class */
public class CMSSignedDataStreamGenerator extends CMSSignedGenerator {
    private List _signerInfs = new ArrayList();
    private List _messageDigests = new ArrayList();
    private int _bufferSize;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:fk-ui-war-2.0.7.war:WEB-INF/lib/bcmail-jdk14-1.38.jar:org/bouncycastle/cms/CMSSignedDataStreamGenerator$1.class
     */
    /* renamed from: org.bouncycastle.cms.CMSSignedDataStreamGenerator$1, reason: invalid class name */
    /* loaded from: input_file:fk-ui-war-2.0.7.war:WEB-INF/lib/bcmail-jdk14-138.jar:org/bouncycastle/cms/CMSSignedDataStreamGenerator$1.class */
    public static class AnonymousClass1 {
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:fk-ui-war-2.0.7.war:WEB-INF/lib/bcmail-jdk14-1.38.jar:org/bouncycastle/cms/CMSSignedDataStreamGenerator$CmsSignedDataOutputStream.class
     */
    /* loaded from: input_file:fk-ui-war-2.0.7.war:WEB-INF/lib/bcmail-jdk14-138.jar:org/bouncycastle/cms/CMSSignedDataStreamGenerator$CmsSignedDataOutputStream.class */
    public class CmsSignedDataOutputStream extends OutputStream {
        private OutputStream _out;
        private DERObjectIdentifier _contentOID;
        private BERSequenceGenerator _sGen;
        private BERSequenceGenerator _sigGen;
        private BERSequenceGenerator _eiGen;
        private final CMSSignedDataStreamGenerator this$0;

        public CmsSignedDataOutputStream(CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator, OutputStream outputStream, String str, BERSequenceGenerator bERSequenceGenerator, BERSequenceGenerator bERSequenceGenerator2, BERSequenceGenerator bERSequenceGenerator3) {
            this.this$0 = cMSSignedDataStreamGenerator;
            this._out = outputStream;
            this._contentOID = new DERObjectIdentifier(str);
            this._sGen = bERSequenceGenerator;
            this._sigGen = bERSequenceGenerator2;
            this._eiGen = bERSequenceGenerator3;
        }

        @Override // java.io.OutputStream
        public void write(int i) throws IOException {
            this._out.write(i);
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr, int i, int i2) throws IOException {
            this._out.write(bArr, i, i2);
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr) throws IOException {
            this._out.write(bArr);
        }

        @Override // java.io.OutputStream, java.io.Closeable, java.lang.AutoCloseable
        public void close() throws IOException {
            this._out.close();
            this._eiGen.close();
            this.this$0._digests.clear();
            if (this.this$0._certs.size() != 0) {
                this._sigGen.getRawOutputStream().write(new BERTaggedObject(false, 0, CMSUtils.createBerSetFromList(this.this$0._certs)).getEncoded());
            }
            if (this.this$0._crls.size() != 0) {
                this._sigGen.getRawOutputStream().write(new BERTaggedObject(false, 1, CMSUtils.createBerSetFromList(this.this$0._crls)).getEncoded());
            }
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            Iterator it = this.this$0._signers.iterator();
            while (it.hasNext()) {
                aSN1EncodableVector.add(((SignerInformation) it.next()).toSignerInfo());
            }
            Iterator it2 = this.this$0._signerInfs.iterator();
            while (it2.hasNext()) {
                try {
                    aSN1EncodableVector.add(((SignerInf) it2.next()).toSignerInfo(this._contentOID));
                } catch (IOException e) {
                    throw new IOException(new StringBuffer().append("encoding error.").append(e).toString());
                } catch (SignatureException e2) {
                    throw new IOException(new StringBuffer().append("error creating signature.").append(e2).toString());
                } catch (CertificateEncodingException e3) {
                    throw new IOException(new StringBuffer().append("error creating sid.").append(e3).toString());
                }
            }
            this._sigGen.getRawOutputStream().write(new DERSet(aSN1EncodableVector).getEncoded());
            this._sigGen.close();
            this._sGen.close();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:fk-ui-war-2.0.7.war:WEB-INF/lib/bcmail-jdk14-1.38.jar:org/bouncycastle/cms/CMSSignedDataStreamGenerator$NullOutputStream.class
     */
    /* loaded from: input_file:fk-ui-war-2.0.7.war:WEB-INF/lib/bcmail-jdk14-138.jar:org/bouncycastle/cms/CMSSignedDataStreamGenerator$NullOutputStream.class */
    public class NullOutputStream extends OutputStream {
        private final CMSSignedDataStreamGenerator this$0;

        private NullOutputStream(CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator) {
            this.this$0 = cMSSignedDataStreamGenerator;
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr) throws IOException {
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr, int i, int i2) throws IOException {
        }

        @Override // java.io.OutputStream
        public void write(int i) throws IOException {
        }

        NullOutputStream(CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator, AnonymousClass1 anonymousClass1) {
            this(cMSSignedDataStreamGenerator);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:fk-ui-war-2.0.7.war:WEB-INF/lib/bcmail-jdk14-1.38.jar:org/bouncycastle/cms/CMSSignedDataStreamGenerator$SignerInf.class
     */
    /* loaded from: input_file:fk-ui-war-2.0.7.war:WEB-INF/lib/bcmail-jdk14-138.jar:org/bouncycastle/cms/CMSSignedDataStreamGenerator$SignerInf.class */
    public class SignerInf {
        PrivateKey _key;
        X509Certificate _cert;
        String _digestOID;
        String _encOID;
        CMSAttributeTableGenerator _sAttr;
        CMSAttributeTableGenerator _unsAttr;
        MessageDigest _digest;
        Signature _signature;
        private final CMSSignedDataStreamGenerator this$0;

        SignerInf(CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator, PrivateKey privateKey, X509Certificate x509Certificate, String str, String str2, CMSAttributeTableGenerator cMSAttributeTableGenerator, CMSAttributeTableGenerator cMSAttributeTableGenerator2, MessageDigest messageDigest, Signature signature) {
            this.this$0 = cMSSignedDataStreamGenerator;
            this._key = privateKey;
            this._cert = x509Certificate;
            this._digestOID = str;
            this._encOID = str2;
            this._sAttr = cMSAttributeTableGenerator;
            this._unsAttr = cMSAttributeTableGenerator2;
            this._digest = messageDigest;
            this._signature = signature;
        }

        PrivateKey getKey() {
            return this._key;
        }

        X509Certificate getCertificate() {
            return this._cert;
        }

        String getDigestAlgOID() {
            return this._digestOID;
        }

        byte[] getDigestAlgParams() {
            return null;
        }

        String getEncryptionAlgOID() {
            return this._encOID;
        }

        SignerInfo toSignerInfo(DERObjectIdentifier dERObjectIdentifier) throws IOException, SignatureException, CertificateEncodingException {
            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(new DERObjectIdentifier(getDigestAlgOID()), new DERNull());
            AlgorithmIdentifier encAlgorithmIdentifier = this.this$0.getEncAlgorithmIdentifier(getEncryptionAlgOID());
            byte[] digest = this._digest.digest();
            this.this$0._digests.put(this._digestOID, digest.clone());
            ASN1Set attributeSet = this.this$0.getAttributeSet(this._sAttr != null ? this._sAttr.getAttributes(Collections.unmodifiableMap(this.this$0.getBaseParameters(dERObjectIdentifier, algorithmIdentifier, digest))) : null);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            if (attributeSet == null) {
                throw new RuntimeException("signatures without signed attributes not implemented.");
            }
            new DEROutputStream(byteArrayOutputStream).writeObject(attributeSet);
            this._signature.update(byteArrayOutputStream.toByteArray());
            DEROctetString dEROctetString = new DEROctetString(this._signature.sign());
            Map baseParameters = this.this$0.getBaseParameters(dERObjectIdentifier, algorithmIdentifier, digest);
            baseParameters.put(CMSAttributeTableGenerator.SIGNATURE, dEROctetString.getOctets().clone());
            ASN1Set attributeSet2 = this.this$0.getAttributeSet(this._unsAttr != null ? this._unsAttr.getAttributes(Collections.unmodifiableMap(baseParameters)) : null);
            TBSCertificateStructure tBSCertificateStructure = TBSCertificateStructure.getInstance(new ASN1InputStream(getCertificate().getTBSCertificate()).readObject());
            return new SignerInfo(new SignerIdentifier(new IssuerAndSerialNumber(tBSCertificateStructure.getIssuer(), tBSCertificateStructure.getSerialNumber().getValue())), algorithmIdentifier, attributeSet, encAlgorithmIdentifier, dEROctetString, attributeSet2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:fk-ui-war-2.0.7.war:WEB-INF/lib/bcmail-jdk14-1.38.jar:org/bouncycastle/cms/CMSSignedDataStreamGenerator$TeeOutputStream.class
     */
    /* loaded from: input_file:fk-ui-war-2.0.7.war:WEB-INF/lib/bcmail-jdk14-138.jar:org/bouncycastle/cms/CMSSignedDataStreamGenerator$TeeOutputStream.class */
    public class TeeOutputStream extends OutputStream {
        private OutputStream s1;
        private OutputStream s2;
        private final CMSSignedDataStreamGenerator this$0;

        public TeeOutputStream(CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator, OutputStream outputStream, OutputStream outputStream2) {
            this.this$0 = cMSSignedDataStreamGenerator;
            this.s1 = outputStream;
            this.s2 = outputStream2;
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr) throws IOException {
            this.s1.write(bArr);
            this.s2.write(bArr);
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr, int i, int i2) throws IOException {
            this.s1.write(bArr, i, i2);
            this.s2.write(bArr, i, i2);
        }

        @Override // java.io.OutputStream
        public void write(int i) throws IOException {
            this.s1.write(i);
            this.s2.write(i);
        }

        @Override // java.io.OutputStream, java.io.Closeable, java.lang.AutoCloseable
        public void close() throws IOException {
            this.s1.close();
            this.s2.close();
        }
    }

    public void setBufferSize(int i) {
        this._bufferSize = i;
    }

    public void addSigner(PrivateKey privateKey, X509Certificate x509Certificate, String str, String str2) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
        addSigner(privateKey, x509Certificate, str, new DefaultSignedAttributeTableGenerator(), (CMSAttributeTableGenerator) null, str2);
    }

    public void addSigner(PrivateKey privateKey, X509Certificate x509Certificate, String str, AttributeTable attributeTable, AttributeTable attributeTable2, String str2) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
        addSigner(privateKey, x509Certificate, str, new DefaultSignedAttributeTableGenerator(attributeTable), new SimpleAttributeTableGenerator(attributeTable2), str2);
    }

    public void addSigner(PrivateKey privateKey, X509Certificate x509Certificate, String str, CMSAttributeTableGenerator cMSAttributeTableGenerator, CMSAttributeTableGenerator cMSAttributeTableGenerator2, String str2) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
        String encOID = getEncOID(privateKey, str);
        String digestAlgName = CMSSignedHelper.INSTANCE.getDigestAlgName(str);
        Signature signatureInstance = CMSSignedHelper.INSTANCE.getSignatureInstance(new StringBuffer().append(digestAlgName).append("with").append(CMSSignedHelper.INSTANCE.getEncryptionAlgName(encOID)).toString(), str2);
        MessageDigest digestInstance = CMSSignedHelper.INSTANCE.getDigestInstance(digestAlgName, str2);
        signatureInstance.initSign(privateKey);
        this._signerInfs.add(new SignerInf(this, privateKey, x509Certificate, str, encOID, cMSAttributeTableGenerator, cMSAttributeTableGenerator2, digestInstance, signatureInstance));
        this._messageDigests.add(digestInstance);
    }

    private DERObject makeObj(byte[] bArr) throws IOException {
        if (bArr == null) {
            return null;
        }
        return new ASN1InputStream(bArr).readObject();
    }

    private AlgorithmIdentifier makeAlgId(String str, byte[] bArr) throws IOException {
        return bArr != null ? new AlgorithmIdentifier(new DERObjectIdentifier(str), makeObj(bArr)) : new AlgorithmIdentifier(new DERObjectIdentifier(str), new DERNull());
    }

    public OutputStream open(OutputStream outputStream) throws IOException {
        return open(outputStream, false);
    }

    public OutputStream open(OutputStream outputStream, boolean z) throws IOException {
        return open(outputStream, DATA, z);
    }

    public OutputStream open(OutputStream outputStream, boolean z, OutputStream outputStream2) throws IOException {
        return open(outputStream, DATA, z, outputStream2);
    }

    public OutputStream open(OutputStream outputStream, String str, boolean z) throws IOException {
        return open(outputStream, str, z, null);
    }

    public OutputStream open(OutputStream outputStream, String str, boolean z, OutputStream outputStream2) throws IOException {
        OutputStream nullOutputStream;
        BERSequenceGenerator bERSequenceGenerator = new BERSequenceGenerator(outputStream);
        bERSequenceGenerator.addObject(CMSObjectIdentifiers.signedData);
        BERSequenceGenerator bERSequenceGenerator2 = new BERSequenceGenerator(bERSequenceGenerator.getRawOutputStream(), 0, true);
        bERSequenceGenerator2.addObject(calculateVersion(str));
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        for (SignerInformation signerInformation : this._signers) {
            aSN1EncodableVector.add(makeAlgId(signerInformation.getDigestAlgOID(), signerInformation.getDigestAlgParams()));
        }
        for (SignerInf signerInf : this._signerInfs) {
            aSN1EncodableVector.add(makeAlgId(signerInf.getDigestAlgOID(), signerInf.getDigestAlgParams()));
        }
        bERSequenceGenerator2.getRawOutputStream().write(new DERSet(aSN1EncodableVector).getEncoded());
        BERSequenceGenerator bERSequenceGenerator3 = new BERSequenceGenerator(bERSequenceGenerator2.getRawOutputStream());
        bERSequenceGenerator3.addObject(new DERObjectIdentifier(str));
        if (z) {
            BEROctetStringGenerator bEROctetStringGenerator = new BEROctetStringGenerator(bERSequenceGenerator3.getRawOutputStream(), 0, true);
            nullOutputStream = this._bufferSize != 0 ? bEROctetStringGenerator.getOctetOutputStream(new byte[this._bufferSize]) : bEROctetStringGenerator.getOctetOutputStream();
            if (outputStream2 != null) {
                nullOutputStream = new TeeOutputStream(this, outputStream2, nullOutputStream);
            }
        } else {
            nullOutputStream = outputStream2 != null ? outputStream2 : new NullOutputStream(this, null);
        }
        Iterator it = this._messageDigests.iterator();
        while (it.hasNext()) {
            nullOutputStream = new DigestOutputStream(nullOutputStream, (MessageDigest) it.next());
        }
        return new CmsSignedDataOutputStream(this, nullOutputStream, str, bERSequenceGenerator, bERSequenceGenerator2, bERSequenceGenerator3);
    }

    private DERInteger calculateVersion(String str) {
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        if (this._certs != null) {
            for (Object obj : this._certs) {
                if (obj instanceof ASN1TaggedObject) {
                    ASN1TaggedObject aSN1TaggedObject = (ASN1TaggedObject) obj;
                    if (aSN1TaggedObject.getTagNo() == 1) {
                        z3 = true;
                    } else if (aSN1TaggedObject.getTagNo() == 2) {
                        z4 = true;
                    } else if (aSN1TaggedObject.getTagNo() == 3) {
                        z = true;
                    }
                }
            }
        }
        if (z) {
            return new DERInteger(5);
        }
        if (this._crls != null && !z) {
            Iterator it = this._crls.iterator();
            while (it.hasNext()) {
                if (it.next() instanceof ASN1TaggedObject) {
                    z2 = true;
                }
            }
        }
        if (z2) {
            return new DERInteger(5);
        }
        if (z4) {
            return new DERInteger(4);
        }
        if (!z3 && str.equals(DATA) && !checkForVersion3(this._signers)) {
            return new DERInteger(1);
        }
        return new DERInteger(3);
    }

    private boolean checkForVersion3(List list) {
        Iterator it = list.iterator();
        while (it.hasNext()) {
            if (SignerInfo.getInstance(((SignerInformation) it.next()).toSignerInfo()).getVersion().getValue().intValue() == 3) {
                return true;
            }
        }
        return false;
    }
}
