package es.gob.afirma.triphase.signer.cades;

import es.gob.afirma.core.signers.AOSignConstants;
import es.gob.afirma.signers.cades.CAdESParameters;
import es.gob.afirma.signers.cades.CAdESUtils;
import es.gob.afirma.signers.pkcs7.AOAlgorithmID;
import es.gob.afirma.signers.pkcs7.SigUtils;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import org.spongycastle.asn1.ASN1Encodable;
import org.spongycastle.asn1.ASN1EncodableVector;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.ASN1Primitive;
import org.spongycastle.asn1.ASN1Sequence;
import org.spongycastle.asn1.ASN1Set;
import org.spongycastle.asn1.ASN1TaggedObject;
import org.spongycastle.asn1.BEROctetString;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.asn1.DERSet;
import org.spongycastle.asn1.cms.AttributeTable;
import org.spongycastle.asn1.cms.ContentInfo;
import org.spongycastle.asn1.cms.IssuerAndSerialNumber;
import org.spongycastle.asn1.cms.SignedData;
import org.spongycastle.asn1.cms.SignerIdentifier;
import org.spongycastle.asn1.cms.SignerInfo;
import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x509.AlgorithmIdentifier;
import org.spongycastle.asn1.x509.Certificate;
import org.spongycastle.asn1.x509.TBSCertificate;
import org.spongycastle.cms.CMSException;
import org.spongycastle.cms.CMSProcessableByteArray;

/* loaded from: input_file:es/gob/afirma/triphase/signer/cades/AOCAdESTriPhaseCoSigner.class */
public final class AOCAdESTriPhaseCoSigner {
    private AOCAdESTriPhaseCoSigner() {
    }

    public static byte[] preCoSign(byte[] bArr, String str, X509Certificate[] x509CertificateArr, CAdESParameters cAdESParameters) throws CertificateEncodingException, NoSuchAlgorithmException, IOException {
        return SigUtils.getAttributeSet(new AttributeTable(CAdESUtils.generateSignedAttributes(x509CertificateArr[0], cAdESParameters, false))).getEncoded("DER");
    }

    public static byte[] postCoSign(byte[] bArr, byte[] bArr2, byte[] bArr3, String str, X509Certificate[] x509CertificateArr, byte[] bArr4) throws IOException, CertificateEncodingException {
        DEROctetString dEROctetString = new DEROctetString(bArr);
        TBSCertificate tBSCertificate = TBSCertificate.getInstance(ASN1Primitive.fromByteArray(x509CertificateArr[0].getTBSCertificate()));
        SignerIdentifier signerIdentifier = new SignerIdentifier(new IssuerAndSerialNumber(X500Name.getInstance(tBSCertificate.getIssuer()), tBSCertificate.getSerialNumber().getValue()));
        AlgorithmIdentifier makeAlgId = SigUtils.makeAlgId(AOAlgorithmID.getOID("RSA"));
        AlgorithmIdentifier makeAlgId2 = SigUtils.makeAlgId(AOAlgorithmID.getOID(AOSignConstants.getDigestAlgorithmName(str)));
        SignedData signedData = SignedData.getInstance(getContentSignedData(bArr4));
        Enumeration objects = signedData.getCertificates().getObjects();
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        while (objects.hasMoreElements()) {
            aSN1EncodableVector.add((ASN1Encodable) objects.nextElement());
        }
        ASN1Set aSN1Set = null;
        if (x509CertificateArr.length != 0) {
            ArrayList arrayList = new ArrayList();
            for (X509Certificate x509Certificate : x509CertificateArr) {
                arrayList.add(Certificate.getInstance(ASN1Primitive.fromByteArray(x509Certificate.getEncoded())));
            }
            aSN1Set = SigUtils.fillRestCerts(arrayList, aSN1EncodableVector);
        }
        ASN1Set signerInfos = signedData.getSignerInfos();
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        for (int i = 0; i < signerInfos.size(); i++) {
            aSN1EncodableVector2.add(SignerInfo.getInstance(signerInfos.getObjectAt(i)));
        }
        aSN1EncodableVector2.add(new SignerInfo(signerIdentifier, makeAlgId2, ASN1Set.getInstance(bArr2), makeAlgId, dEROctetString, (ASN1Set) null));
        return new ContentInfo(PKCSObjectIdentifiers.signedData, new SignedData(signedData.getDigestAlgorithms(), getContentInfoFromContent(bArr3), aSN1Set, (ASN1Set) null, new DERSet(aSN1EncodableVector2))).getEncoded("DER");
    }

    private static ContentInfo getContentInfoFromContent(byte[] bArr) throws IOException {
        ASN1ObjectIdentifier aSN1ObjectIdentifier = new ASN1ObjectIdentifier(PKCSObjectIdentifiers.data.getId());
        if (bArr == null) {
            return new ContentInfo(aSN1ObjectIdentifier, (ASN1Encodable) null);
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            new CMSProcessableByteArray(bArr).write(byteArrayOutputStream);
            return new ContentInfo(aSN1ObjectIdentifier, new BEROctetString(byteArrayOutputStream.toByteArray()));
        } catch (CMSException e) {
            throw new IOException("Error en la escritura del procesable CMS: " + e, e);
        }
    }

    private static ASN1Sequence getContentSignedData(byte[] bArr) {
        Enumeration objects = ASN1Sequence.getInstance(bArr).getObjects();
        objects.nextElement();
        return ((ASN1TaggedObject) objects.nextElement()).getObject();
    }
}
