package com.telventi.afirma.cliente.signatureformat;

import com.telventi.afirma.cliente.certmanager.CertManagerException;
import com.telventi.afirma.cliente.exceptions.ClienteFirmaException;
import com.telventi.afirma.cliente.signatureformat.signaturemanager.AlgoritmoDeFirmaNoSoportado;
import com.telventi.afirma.cliente.signatureformat.signaturemanager.SignManagerException;
import com.telventi.afirma.cliente.utilidades.AlgorithmHelper;
import com.telventi.afirma.cliente.utilidades.Base64Helper;
import com.telventi.afirma.cliente.utilidades.HexHelper;
import iaik.asn1.ASN;
import iaik.asn1.ASN1Object;
import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.OCTET_STRING;
import iaik.asn1.ObjectID;
import iaik.asn1.PrintableString;
import iaik.asn1.structures.AlgorithmID;
import iaik.asn1.structures.Attribute;
import iaik.asn1.structures.AttributeValue;
import iaik.cms.CMSException;
import iaik.cms.CertificateIdentifier;
import iaik.cms.ContentInfo;
import iaik.cms.IaikProvider;
import iaik.cms.IssuerAndSerialNumber;
import iaik.cms.SecurityProvider;
import iaik.cms.SignedData;
import iaik.cms.SignerInfo;
import iaik.cms.attributes.CMSContentType;
import iaik.cms.attributes.CounterSignature;
import iaik.cms.attributes.SigningTime;
import iaik.java.security.MessageDigest;
import iaik.java.security.NoSuchAlgorithmException;
import iaik.java.security.SignatureException;
import iaik.x509.X509Certificate;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.TreeSet;
import java.util.Vector;

/* loaded from: input_file:firmaFichero5/clienteFirmaAFirma5.jar:com/telventi/afirma/cliente/signatureformat/CMSSignatureFormat.class */
public class CMSSignatureFormat extends AESignatureFormat implements ESignatureFormat {
    private static final CMSSignatureFormat INSTANCE;
    static Class class$java$util$Properties;

    protected CMSSignatureFormat() {
    }

    public static CMSSignatureFormat getInstance() {
        return INSTANCE;
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] signImplicitHash(byte[] bArr, byte[] bArr2, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException, CertManagerException {
        try {
            SignedData signedData = new SignedData(bArr2, ObjectID.cms_data, 1);
            signedData.setCertificates(new X509Certificate[]{x509Certificate});
            signedData.addSignerInfo(createSignedInfo(x509Certificate, algorithmID, bArr));
            return new ContentInfo(ContentInfo.create(ObjectID.cms_signedData, signedData.toASN1Object())).getEncoded();
        } catch (CodingException e) {
            throw new ESignatureFormatException(new StringBuffer().append("Error firmando en modo Implicit: ").append(e.getMessage()).toString(), e);
        } catch (CMSException e2) {
            throw new ESignatureFormatException(new StringBuffer().append("Error firmando en modo Implicit: ").append(e2.getMessage()).toString(), e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new AlgoritmoDeFirmaNoSoportado(new StringBuffer().append("El algoritmo de firma ").append(algorithmID.getName()).append(" no está soportado.").toString(), e3);
        }
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] signImplicitData(InputStream inputStream, int i, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException, CertManagerException {
        byte[] calculateHash = hashHelper.calculateHash(inputStream, i, hashHelper.getHashAlgorithm(algorithmID.getName()));
        byte[] bArr = new byte[i];
        try {
            inputStream.read(bArr, 0, i);
            return signImplicitHash(calculateHash, bArr, x509Certificate, algorithmID);
        } catch (IOException e) {
            throw new SignManagerException("Error al leer el archivo de origen.", e);
        }
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] signImplicitData(byte[] bArr, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException, CertManagerException {
        return signImplicitHash(hashHelper.calculateHash(bArr, hashHelper.getHashAlgorithm(algorithmID.getName())), bArr, x509Certificate, algorithmID);
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] coSignImplicitHash(byte[] bArr, byte[] bArr2, byte[] bArr3, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException {
        byte[] signImplicitHash;
        try {
            SignedData signedData = (SignedData) getESignature(bArr);
            if (signedData.getSignerInfos() == null || signedData.getSignerInfos().length == 0) {
                signImplicitHash = signImplicitHash(bArr2, bArr3, x509Certificate, algorithmID);
            } else {
                AlgorithmID algorithmID2 = algHelper.getAlgorithmID(hashHelper.getHashAlgorithm(algorithmID.getName()), false);
                if (signedData.getMode() == 2) {
                    byte[] messageDigest = signedData.getMessageDigest(algorithmID2);
                    if (!messageDigest.equals(hashHelper.calculateHash(bArr3, hashHelper.getHashAlgorithm(algorithmID.getName()))) || !messageDigest.equals(bArr2)) {
                        throw new SignManagerException("Los datos especificados no se corresponden a los contenidos en el mensaje.");
                    }
                } else if (!signedData.getSignerInfos()[0].getDigest().equals(bArr2)) {
                    throw new SignManagerException("Hash no corresponde al contenido del mensaje.");
                }
                signedData.addCertificates(new X509Certificate[]{x509Certificate});
                signedData.addSignerInfo(createSignedInfo(x509Certificate, algorithmID, bArr2));
                signedData.setMessageDigest(algorithmID2, bArr2);
                signImplicitHash = getESignature(signedData);
            }
            return signImplicitHash;
        } catch (ClienteFirmaException e) {
            throw new ESignatureFormatException(new StringBuffer().append("Error CMSException en coSign: ").append(e.getMessage()).toString(), e);
        } catch (CodingException e2) {
            throw new ESignatureFormatException(new StringBuffer().append("Error CodingException en coSign: ").append(e2.getMessage()).toString(), e2);
        } catch (CMSException e3) {
            throw new ESignatureFormatException(new StringBuffer().append("Error CMSException en coSign: ").append(e3.getMessage()).toString(), e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new AlgoritmoDeFirmaNoSoportado(new StringBuffer().append("El algoritmo de firma ").append(algorithmID.getName()).append(" no está soportado.").toString(), e4);
        } catch (IOException e5) {
            throw new ESignatureFormatException(new StringBuffer().append("Error CMSException en coSign: ").append(e5.getMessage()).toString(), e5);
        }
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] coSignImplicitData(byte[] bArr, byte[] bArr2, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException {
        return coSignImplicitHash(bArr, hashHelper.calculateHash(bArr2, hashHelper.getHashAlgorithm(algorithmID.getName())), bArr2, x509Certificate, algorithmID);
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] coSignImplicitData(byte[] bArr, InputStream inputStream, int i, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException {
        byte[] bArr2 = new byte[i];
        try {
            inputStream.read(bArr2);
            return coSignImplicitHash(bArr, hashHelper.calculateHash(inputStream, i, hashHelper.getHashAlgorithm(algorithmID.getName())), bArr2, x509Certificate, algorithmID);
        } catch (IOException e) {
            throw new SignManagerException("Error al leer el archivo de entrada.", e);
        }
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] signExplicitHash(byte[] bArr, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException, CertManagerException {
        try {
            SignedData signedData = new SignedData(new byte[0], 2);
            signedData.setCertificates(new X509Certificate[]{x509Certificate});
            signedData.addSignerInfo(createSignedInfo(x509Certificate, algorithmID, bArr));
            return new ContentInfo(ContentInfo.create(ObjectID.cms_signedData, signedData.toASN1Object())).getEncoded();
        } catch (CodingException e) {
            throw new ESignatureFormatException(new StringBuffer().append("Error firmando en modo EXPLICIT: ").append(e.getMessage()).toString(), e);
        } catch (CMSException e2) {
            throw new ESignatureFormatException(new StringBuffer().append("Error firmando en modo EXPLICIT: ").append(e2.getMessage()).toString(), e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new AlgoritmoDeFirmaNoSoportado(new StringBuffer().append("El algoritmo de firma ").append(algorithmID.getName()).append(" no está soportado.").toString(), e3);
        }
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] signExplicitData(InputStream inputStream, int i, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException, CertManagerException {
        byte[] calculateHash = hashHelper.calculateHash(inputStream, i, hashHelper.getHashAlgorithm(algorithmID.getName()));
        logger.debug(new StringBuffer().append("Hash calculado del input stream(hex): ").append(HexHelper.getInstance().toString(calculateHash)).toString());
        logger.debug(new StringBuffer().append("Hash calculado del input stream(b64): ").append(Base64Helper.getInstance().encodeBytes(calculateHash)).toString());
        return signExplicitHash(calculateHash, x509Certificate, algorithmID);
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] signExplicitData(byte[] bArr, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException, CertManagerException {
        return signExplicitHash(hashHelper.calculateHash(bArr, hashHelper.getHashAlgorithm(algorithmID.getName())), x509Certificate, algorithmID);
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] coSignExplicitHash(byte[] bArr, byte[] bArr2, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException {
        byte[] signExplicitHash;
        try {
            SignedData signedData = (SignedData) getESignature(bArr);
            if (signedData.getSignerInfos() == null || signedData.getSignerInfos().length == 0) {
                signExplicitHash = signExplicitHash(bArr2, x509Certificate, algorithmID);
            } else {
                signedData.addCertificates(new X509Certificate[]{x509Certificate});
                signedData.addSignerInfo(createSignedInfo(x509Certificate, algorithmID, bArr2));
                signedData.setMessageDigest(algHelper.getAlgorithmID(hashHelper.getHashAlgorithm(algorithmID.getName()), false), bArr2);
                signExplicitHash = getESignature(signedData);
            }
            return signExplicitHash;
        } catch (ClienteFirmaException e) {
            throw new ESignatureFormatException(new StringBuffer().append("Error CMSException en coSign: ").append(e.getMessage()).toString(), e);
        } catch (CodingException e2) {
            throw new ESignatureFormatException(new StringBuffer().append("Error CodingException en coSign: ").append(e2.getMessage()).toString(), e2);
        } catch (CMSException e3) {
            throw new ESignatureFormatException(new StringBuffer().append("Error CMSException en coSign: ").append(e3.getMessage()).toString(), e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new AlgoritmoDeFirmaNoSoportado(new StringBuffer().append("El algoritmo de firma ").append(algorithmID.getName()).append(" no está soportado.").toString(), e4);
        } catch (IOException e5) {
            throw new ESignatureFormatException(new StringBuffer().append("Error CMSException en coSign: ").append(e5.getMessage()).toString(), e5);
        }
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] coSignExplicitData(byte[] bArr, byte[] bArr2, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException, CertManagerException {
        return coSignExplicitHash(bArr, hashHelper.calculateHash(bArr2, hashHelper.getHashAlgorithm(algorithmID.getName())), x509Certificate, algorithmID);
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] coSignExplicitData(byte[] bArr, InputStream inputStream, int i, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException, CertManagerException {
        return coSignExplicitHash(bArr, hashHelper.calculateHash(inputStream, i, hashHelper.getHashAlgorithm(algorithmID.getName())), x509Certificate, algorithmID);
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] counterSignSigners(byte[] bArr, X509Certificate[] x509CertificateArr, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException, CertManagerException {
        try {
            SignedData signedData = (SignedData) getESignature(bArr);
            if (signedData.getSignerInfos() == null || signedData.getSignerInfos().length == 0) {
                throw new ESignatureFormatException("No se puede realizar la firma counterSign. La firma recibida no posee ningún firmante");
            }
            MessageDigest messageDigestInstance = hashHelper.getHashAlgorithmIdUsed(hashHelper.getHashAlgorithm(algorithmID.getName())).getMessageDigestInstance();
            for (SignerInfo signerInfo : signedData.getSignerInfos()) {
                counterSignSingleSigner(signerInfo, x509CertificateArr, x509Certificate, messageDigestInstance, algorithmID);
            }
            addSignerCertificate(signedData, x509Certificate);
            return getESignature(signedData);
        } catch (ClienteFirmaException e) {
            throw new ESignatureFormatException(new StringBuffer().append("Error CMSException en coSign: ").append(e.getMessage()).toString(), e);
        } catch (CodingException e2) {
            throw new ESignatureFormatException(new StringBuffer().append("Error CodingException en coSign: ").append(e2.getMessage()).toString(), e2);
        } catch (CMSException e3) {
            throw new ESignatureFormatException(new StringBuffer().append("Error CMSException en coSign: ").append(e3.getMessage()).toString(), e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new AlgoritmoDeFirmaNoSoportado(new StringBuffer().append("El algoritmo de firma ").append(algorithmID.getName()).append(" no está soportado.").toString(), e4);
        } catch (SignatureException e5) {
            throw new ESignatureFormatException(new StringBuffer().append("Error SignatureException en coSign: ").append(e5.getMessage()).toString(), e5);
        } catch (IOException e6) {
            throw new ESignatureFormatException(new StringBuffer().append("Error IOException en coSign: ").append(e6.getMessage()).toString(), e6);
        } catch (IllegalArgumentException e7) {
            throw new ESignatureFormatException(new StringBuffer().append("Error IllegalArgumentException en coSign: ").append(e7.getMessage()).toString(), e7);
        }
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] counterSignNodes(byte[] bArr, Set set, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException, CertManagerException {
        Class<?> cls;
        try {
            Class<?> cls2 = getClass();
            Class<?>[] clsArr = new Class[1];
            if (class$java$util$Properties == null) {
                cls = class$("java.util.Properties");
                class$java$util$Properties = cls;
            } else {
                cls = class$java$util$Properties;
            }
            clsArr[0] = cls;
            Method method = cls2.getMethod("_counterSignNodes", clsArr);
            Properties properties = new Properties();
            properties.put("eSignature", bArr);
            properties.put("indexesToCounterSign", set);
            logger.debug(new StringBuffer().append("Se desean firmar ").append(set.toString()).toString());
            properties.put("signerCertificate", x509Certificate);
            properties.put("signAlgorithm", algorithmID);
            try {
                marcarNodos(bArr, properties);
                SignedData recorre = recorre(bArr, properties, method, (Object) this, true);
                addSignerCertificate(recorre, x509Certificate);
                return getESignature(recorre);
            } catch (InvocationTargetException e) {
                throw e.getCause();
            }
        } catch (CertManagerException e2) {
            throw e2;
        } catch (SignManagerException e3) {
            throw e3;
        } catch (NoSuchAlgorithmException e4) {
            throw new AlgoritmoDeFirmaNoSoportado(new StringBuffer().append("El algoritmo de firma ").append(algorithmID.getName()).append(" no está soportado.").toString(), e4);
        } catch (RuntimeException e5) {
            throw e5;
        } catch (Exception e6) {
            throw new CertManagerException(new StringBuffer().append("Error en coSign: ").append(e6.getMessage()).toString(), e6);
        } catch (Throwable th) {
            throw new CertManagerException(new StringBuffer().append("Error en coSign: ").append(th.getMessage()).toString(), th);
        }
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] counterSignTree(byte[] bArr, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException, CertManagerException {
        Class<?> cls;
        try {
            Class<?> cls2 = getClass();
            Class<?>[] clsArr = new Class[1];
            if (class$java$util$Properties == null) {
                cls = class$("java.util.Properties");
                class$java$util$Properties = cls;
            } else {
                cls = class$java$util$Properties;
            }
            clsArr[0] = cls;
            Method method = cls2.getMethod("_counterSignTree", clsArr);
            Properties properties = new Properties();
            properties.put("eSignature", bArr);
            properties.put("signerCertificate", x509Certificate);
            properties.put("signAlgorithm", algorithmID);
            try {
                SignedData recorre = recorre(bArr, properties, method, (Object) this, false);
                addSignerCertificate(recorre, x509Certificate);
                return getESignature(recorre);
            } catch (InvocationTargetException e) {
                throw e.getCause();
            }
        } catch (CertManagerException e2) {
            throw e2;
        } catch (SignManagerException e3) {
            throw e3;
        } catch (NoSuchAlgorithmException e4) {
            throw new AlgoritmoDeFirmaNoSoportado(new StringBuffer().append("El algoritmo de firma ").append(algorithmID.getName()).append(" no está soportado.").toString(), e4);
        } catch (RuntimeException e5) {
            throw e5;
        } catch (Exception e6) {
            throw new CertManagerException(new StringBuffer().append("Error en coSign: ").append(e6.getMessage()).toString(), e6);
        } catch (Throwable th) {
            throw new CertManagerException(new StringBuffer().append("Error en coSign: ").append(th.getMessage()).toString(), th);
        }
    }

    @Override // com.telventi.afirma.cliente.signatureformat.ESignatureFormat
    public byte[] counterSignLeafs(byte[] bArr, X509Certificate x509Certificate, AlgorithmID algorithmID) throws SignManagerException, CertManagerException {
        Class<?> cls;
        try {
            Class<?> cls2 = getClass();
            Class<?>[] clsArr = new Class[1];
            if (class$java$util$Properties == null) {
                cls = class$("java.util.Properties");
                class$java$util$Properties = cls;
            } else {
                cls = class$java$util$Properties;
            }
            clsArr[0] = cls;
            Method method = cls2.getMethod("_counterSignLeaf", clsArr);
            Properties properties = new Properties();
            properties.put("eSignature", bArr);
            properties.put("signerCertificate", x509Certificate);
            properties.put("signAlgorithm", algorithmID);
            try {
                SignedData recorre = recorre(bArr, properties, method, (Object) this, false);
                addSignerCertificate(recorre, x509Certificate);
                return getESignature(recorre);
            } catch (InvocationTargetException e) {
                throw e.getCause();
            }
        } catch (CertManagerException e2) {
            throw e2;
        } catch (SignManagerException e3) {
            throw e3;
        } catch (NoSuchAlgorithmException e4) {
            throw new AlgoritmoDeFirmaNoSoportado(new StringBuffer().append("El algoritmo de firma ").append(algorithmID.getName()).append(" no está soportado.").toString(), e4);
        } catch (RuntimeException e5) {
            throw e5;
        } catch (Exception e6) {
            throw new CertManagerException(new StringBuffer().append("Error en coSign: ").append(e6.getMessage()).toString(), e6);
        } catch (Throwable th) {
            throw new CertManagerException(new StringBuffer().append("Error en coSign: ").append(th.getMessage()).toString(), th);
        }
    }

    public void _counterSignLeaf(Properties properties) throws NoSuchAlgorithmException, SignManagerException, CertManagerException, CodingException, SignatureException {
        logger.debug(new StringBuffer().append("Invocado _counterSignTree sobre indice ").append((Integer) properties.get("index")).toString());
        Object obj = properties.get("nodo");
        if (isLeaf(obj)) {
            X509Certificate x509Certificate = (X509Certificate) properties.get("signerCertificate");
            AlgorithmID algorithmID = (AlgorithmID) properties.get("signAlgorithm");
            MessageDigest messageDigestInstance = hashHelper.getHashAlgorithmIdUsed(hashHelper.getHashAlgorithm(algorithmID.getName())).getMessageDigestInstance();
            if (obj instanceof SignerInfo) {
                counterSignLeaf((SignerInfo) obj, x509Certificate, messageDigestInstance, algorithmID);
            } else {
                counterSignLeaf((CounterSignature) obj, x509Certificate, messageDigestInstance, algorithmID);
            }
        }
    }

    public void _counterSignTree(Properties properties) throws NoSuchAlgorithmException, SignManagerException, CertManagerException, CodingException, SignatureException {
        logger.debug(new StringBuffer().append("Invocado _counterSignTree sobre indice ").append((Integer) properties.get("index")).toString());
        X509Certificate x509Certificate = (X509Certificate) properties.get("signerCertificate");
        AlgorithmID algorithmID = (AlgorithmID) properties.get("signAlgorithm");
        Object obj = properties.get("nodo");
        MessageDigest messageDigestInstance = hashHelper.getHashAlgorithmIdUsed(hashHelper.getHashAlgorithm(algorithmID.getName())).getMessageDigestInstance();
        if (obj instanceof SignerInfo) {
            counterSignLeaf((SignerInfo) obj, x509Certificate, messageDigestInstance, algorithmID);
        } else {
            counterSignLeaf((CounterSignature) obj, x509Certificate, messageDigestInstance, algorithmID);
        }
    }

    private boolean isLeaf(Object obj) {
        Attribute[] concreteAttributes = getConcreteAttributes(obj instanceof SignerInfo ? ((SignerInfo) obj).getUnsignedAttributes() : ((CounterSignature) obj).getUnsignedAttributes(), ObjectID.countersignature, true);
        return concreteAttributes == null || concreteAttributes.length == 0;
    }

    public void _counterSignNodes(Properties properties) throws NoSuchAlgorithmException, SignManagerException, CertManagerException, CodingException, SignatureException {
        Integer num = (Integer) properties.get("index");
        Object obj = properties.get("nodo");
        TreeSet treeSet = (TreeSet) properties.get("indices");
        byte[] bArr = null;
        if (obj instanceof SignerInfo) {
            bArr = ((SignerInfo) obj).getSignatureValue();
        } else if (obj instanceof CounterSignature) {
            bArr = ((CounterSignature) obj).getSignatureValue();
        }
        if (treeSet.contains(Base64Helper.getInstance().encodeBytes(bArr))) {
            logger.debug(new StringBuffer().append("Indice ").append(num).append(", nivel ").append((Integer) properties.get("level")).append(" seleccionado para contrafirmar.").toString());
            X509Certificate x509Certificate = (X509Certificate) properties.get("signerCertificate");
            AlgorithmID algorithmID = (AlgorithmID) properties.get("signAlgorithm");
            MessageDigest messageDigestInstance = hashHelper.getHashAlgorithmIdUsed(hashHelper.getHashAlgorithm(algorithmID.getName())).getMessageDigestInstance();
            if (obj instanceof SignerInfo) {
                counterSignLeaf((SignerInfo) obj, x509Certificate, messageDigestInstance, algorithmID);
            } else {
                counterSignLeaf((CounterSignature) obj, x509Certificate, messageDigestInstance, algorithmID);
            }
        }
    }

    private SignedData recorre(byte[] bArr, Properties properties, Method method, Object obj, boolean z) throws IllegalArgumentException, IllegalAccessException, InvocationTargetException, CodingException, CMSException, NoSuchAlgorithmException, ClienteFirmaException, IOException {
        SignedData signedData = (SignedData) getESignature(bArr);
        SignerInfo[] signerInfos = signedData.getSignerInfos();
        properties.put("index", new Integer(0));
        properties.put("level", new Integer(0));
        for (SignerInfo signerInfo : signerInfos) {
            recorre(signerInfo, properties, method, obj, z);
            properties.put("index", new Integer(((Integer) properties.get("index")).intValue() + 1));
        }
        return signedData;
    }

    private Object invokeNode(Object obj, Properties properties, Method method, Object obj2) throws IllegalArgumentException, IllegalAccessException, InvocationTargetException {
        properties.put("nodo", obj);
        method.invoke(obj2, properties);
        return properties.get("nodo");
    }

    private void invokeDescendants(Object obj, Properties properties, Method method, Object obj2, boolean z) throws IllegalArgumentException, IllegalAccessException, InvocationTargetException, CodingException {
        Integer num = (Integer) properties.get("index");
        Integer num2 = new Integer(((Integer) properties.get("level")).intValue() + 1);
        properties.put("level", num2);
        Attribute[] unsignedAttributes = obj instanceof SignerInfo ? ((SignerInfo) obj).getUnsignedAttributes() : ((CounterSignature) obj).getUnsignedAttributes();
        Attribute[] concreteAttributes = unsignedAttributes != null ? getConcreteAttributes(unsignedAttributes, ObjectID.countersignature, true) : null;
        if (concreteAttributes != null) {
            Attribute[] attributeArr = new Attribute[concreteAttributes.length];
            for (int i = 0; i < concreteAttributes.length; i++) {
                AttributeValue[] attributeValues = concreteAttributes[i].getAttributeValues();
                attributeArr[i] = new Attribute();
                for (AttributeValue attributeValue : attributeValues) {
                    properties.put("index", new Integer(num.intValue() + 1));
                    attributeArr[i].addAttributeValue((CounterSignature) recorre((CounterSignature) attributeValue, properties, method, obj2, z));
                    num = (Integer) properties.get("index");
                    properties.put("level", num2);
                }
            }
            if (obj instanceof SignerInfo) {
                SignerInfo signerInfo = (SignerInfo) obj;
                signerInfo.removeUnSignedAttribute(ObjectID.countersignature);
                signerInfo.addUnsignedAttributes(attributeArr);
            } else {
                CounterSignature counterSignature = (CounterSignature) obj;
                Attribute[] concreteAttributes2 = getConcreteAttributes(unsignedAttributes, ObjectID.countersignature, false);
                counterSignature.setUnsignedAttributes(attributeArr);
                if (concreteAttributes2 != null) {
                    counterSignature.addSignedAttributes(concreteAttributes2);
                }
            }
        }
    }

    private Object recorre(Object obj, Properties properties, Method method, Object obj2, boolean z) throws IllegalArgumentException, IllegalAccessException, InvocationTargetException, CodingException {
        Object invokeNode;
        Integer num = (Integer) properties.get("index");
        logger.debug(new StringBuffer().append("Recorriendo SignerInfo nodo ").append(num).append(", nivel ").append((Integer) properties.get("level")).toString());
        if (z) {
            invokeNode = invokeNode(obj, properties, method, obj2);
            invokeDescendants(invokeNode, properties, method, obj2, z);
        } else {
            invokeDescendants(obj, properties, method, obj2, z);
            invokeNode = invokeNode(obj, properties, method, obj2);
        }
        return invokeNode;
    }

    private Object getESignature(byte[] bArr) throws CMSException, NoSuchAlgorithmException, ClienteFirmaException, IOException {
        SignedData signedData;
        ContentInfo contentInfo;
        if (bArr == null) {
            throw new NullPointerException("Error en el parámetro de entrada");
        }
        try {
            contentInfo = new ContentInfo(new ByteArrayInputStream(bArr));
        } catch (ClienteFirmaException e) {
            throw e;
        } catch (Exception e2) {
            signedData = new SignedData(new ByteArrayInputStream(bArr));
        }
        if (!new ObjectID(contentInfo.getContentType().getID()).equals(ObjectID.cms_signedData)) {
            throw new ClienteFirmaException("El CMS no contiene un SignedData.");
        }
        signedData = (SignedData) contentInfo.getContent();
        if (signedData.getMode() == 1) {
            SignerInfo[] signerInfos = signedData.getSignerInfos();
            for (int i = 0; i < signerInfos.length; i++) {
                signedData.setMessageDigest(signedData.getSignerInfos()[i].getDigestAlgorithm(), signedData.getSignedDigest(i));
            }
        }
        return signedData;
    }

    private byte[] getESignature(Object obj) throws CMSException {
        if (obj instanceof SignedData) {
            return new ContentInfo(ContentInfo.create(ObjectID.cms_signedData, ((SignedData) obj).toASN1Object())).getEncoded();
        }
        if (obj instanceof ContentInfo) {
            return ((ContentInfo) obj).getEncoded();
        }
        logger.error("Error: Estructura CMS no reconocida.");
        throw new CMSException("Estructura CMS no reconocida.");
    }

    private void counterSignSingleSigner(SignerInfo signerInfo, X509Certificate[] x509CertificateArr, X509Certificate x509Certificate, MessageDigest messageDigest, AlgorithmID algorithmID) throws SignatureException, SignManagerException, CertManagerException, CodingException, IllegalArgumentException {
        logger.verbose(new StringBuffer().append("Contrafirmando ").append(signerInfo.toString(true)).toString());
        Attribute[] unsignedAttributes = signerInfo.getUnsignedAttributes(ObjectID.countersignature);
        if (unsignedAttributes == null) {
            if (isIdentified(signerInfo.getSignerIdentifier(), x509CertificateArr)) {
                counterSignLeaf(signerInfo, x509Certificate, messageDigest, algorithmID);
                return;
            }
            return;
        }
        Attribute[] attributeArr = new Attribute[unsignedAttributes.length];
        for (int i = 0; i < unsignedAttributes.length; i++) {
            for (AttributeValue attributeValue : unsignedAttributes[i].getAttributeValues()) {
                attributeArr[i] = new Attribute(counterSignSingleCounterSigner(new CounterSignature(attributeValue.toASN1Object()), x509CertificateArr, x509Certificate, messageDigest, algorithmID));
            }
        }
        signerInfo.removeUnSignedAttribute(ObjectID.countersignature);
        signerInfo.addUnsignedAttributes(attributeArr);
        if (isIdentified(signerInfo.getSignerIdentifier(), x509CertificateArr)) {
            counterSignLeaf(signerInfo, x509Certificate, messageDigest, algorithmID);
        }
    }

    private AttributeValue counterSignSingleCounterSigner(CounterSignature counterSignature, X509Certificate[] x509CertificateArr, X509Certificate x509Certificate, MessageDigest messageDigest, AlgorithmID algorithmID) throws SignatureException, SignManagerException, CertManagerException, CodingException {
        Attribute[] unsignedAttributes = counterSignature.getUnsignedAttributes();
        Attribute[] concreteAttributes = getConcreteAttributes(unsignedAttributes, ObjectID.countersignature, false);
        Attribute[] concreteAttributes2 = getConcreteAttributes(unsignedAttributes, ObjectID.countersignature, true);
        if (concreteAttributes2 != null) {
            Attribute[] attributeArr = new Attribute[unsignedAttributes.length];
            int i = 0;
            if (concreteAttributes != null) {
                i = 0;
                while (i < concreteAttributes.length) {
                    attributeArr[i] = concreteAttributes[i];
                    i++;
                }
            }
            for (int i2 = 0; i2 < concreteAttributes2.length; i2++) {
                for (AttributeValue attributeValue : concreteAttributes2[i2].getAttributeValues()) {
                    attributeArr[i + i2] = new Attribute(counterSignSingleCounterSigner(new CounterSignature(attributeValue.toASN1Object()), x509CertificateArr, x509Certificate, messageDigest, algorithmID));
                }
            }
            counterSignature.setUnsignedAttributes(attributeArr);
            if (isIdentified(counterSignature.getSignerIdentifier(), x509CertificateArr)) {
                counterSignLeaf(counterSignature, x509Certificate, messageDigest, algorithmID);
            }
        } else if (isIdentified(counterSignature.getSignerIdentifier(), x509CertificateArr)) {
            counterSignLeaf(counterSignature, x509Certificate, messageDigest, algorithmID);
        }
        return counterSignature;
    }

    private void counterSignLeaf(Object obj, X509Certificate x509Certificate, MessageDigest messageDigest, AlgorithmID algorithmID) throws CodingException, SignatureException, SignManagerException, CertManagerException {
        byte[] bArr = null;
        IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(x509Certificate);
        if (obj instanceof SignerInfo) {
            bArr = ((SignerInfo) obj).getSignatureValue();
        } else if (obj instanceof CounterSignature) {
            bArr = ((CounterSignature) obj).getSignatureValue();
        }
        byte[] digest = messageDigest.digest(bArr);
        CounterSignature counterSignature = new CounterSignature(issuerAndSerialNumber, AlgorithmHelper.getInstance().getAlgorithmID(hashHelper.getHashAlgorithm(algorithmID.getName()), false), algorithmID, null);
        Attribute[] createSignedAttributes = createSignedAttributes(x509Certificate, digest, this.Attributes);
        counterSignature.setSignedAttributes(createSignedAttributes);
        counterSignature.setSignatureValue(signManager.signDigitally(DerCoder.encode(ASN.createSetOf(createSignedAttributes, true)), algorithmID.getName(), x509Certificate, digest));
        counterSignature.counterSign(bArr);
        Attribute[] attributeArr = null;
        if (this.Attributes != null && this.Attributes.containsKey("inUnsignedAttributes")) {
            HashMap hashMap = (HashMap) this.Attributes.get("inUnsignedAttributes");
            if (hashMap.size() > 0) {
                ArrayList arrayList = new ArrayList();
                if (hashMap != null && !hashMap.isEmpty()) {
                    for (Map.Entry entry : hashMap.entrySet()) {
                        String str = (String) entry.getKey();
                        if (ObjectID.countersignature.equals(ObjectID.getObjectID(str))) {
                            logger.error("No se puede especificar contrafirmas como atributos.");
                        } else {
                            ArrayList arrayList2 = (ArrayList) entry.getValue();
                            if (arrayList2 != null && arrayList2.size() > 0) {
                                ASN1Object[] aSN1ObjectArr = new ASN1Object[arrayList2.size()];
                                for (int i = 0; i < arrayList2.size(); i++) {
                                    aSN1ObjectArr[i] = new PrintableString((String) arrayList2.get(i));
                                }
                                arrayList.add(new Attribute(ObjectID.getObjectID(str), aSN1ObjectArr));
                            }
                        }
                    }
                }
                attributeArr = new Attribute[arrayList.size() + 1];
                for (int i2 = 0; i2 < arrayList.size(); i2++) {
                    attributeArr[i2] = (Attribute) arrayList.get(i2);
                }
            }
        }
        if (attributeArr != null) {
            attributeArr[attributeArr.length] = new Attribute(counterSignature);
        } else {
            attributeArr = new Attribute[]{new Attribute(counterSignature)};
        }
        if (obj instanceof SignerInfo) {
            ((SignerInfo) obj).addUnsignedAttributes(attributeArr);
        } else if (obj instanceof CounterSignature) {
            ((CounterSignature) obj).addUnsignedAttributes(attributeArr);
        }
    }

    private Attribute[] getConcreteAttributes(Attribute[] attributeArr, ObjectID objectID, boolean z) {
        if (attributeArr == null) {
            return null;
        }
        Vector vector = new Vector();
        for (int i = 0; i < attributeArr.length; i++) {
            if (attributeArr[i].getType().equals(objectID) && z) {
                vector.addElement(attributeArr[i]);
            } else if (!attributeArr[i].getType().equals(objectID) && !z) {
                vector.addElement(attributeArr[i]);
            }
        }
        if (vector.isEmpty()) {
            return null;
        }
        Attribute[] attributeArr2 = new Attribute[vector.size()];
        vector.copyInto(attributeArr2);
        return attributeArr2;
    }

    private void addSignerCertificate(SignedData signedData, X509Certificate x509Certificate) {
        boolean z;
        try {
            z = signedData.getCertificate(new IssuerAndSerialNumber(x509Certificate)) != null;
        } catch (CMSException e) {
            z = false;
        }
        if (z) {
            logger.debug(new StringBuffer().append("Certificado encontrado: ").append(x509Certificate.toString(false)).toString());
        } else {
            logger.debug(new StringBuffer().append("Añadiendo certificado ").append(x509Certificate.toString(false)).toString());
            signedData.addCertificates(new X509Certificate[]{x509Certificate});
        }
    }

    private boolean isIdentified(CertificateIdentifier certificateIdentifier, X509Certificate[] x509CertificateArr) {
        if (certificateIdentifier == null || x509CertificateArr == null) {
            return false;
        }
        for (X509Certificate x509Certificate : x509CertificateArr) {
            if (certificateIdentifier.identifiesCert(x509Certificate)) {
                return true;
            }
        }
        return false;
    }

    private Attribute[] createSignedAttributes(X509Certificate x509Certificate, byte[] bArr, HashMap hashMap) throws CodingException {
        HashMap hashMap2;
        ArrayList arrayList = new ArrayList();
        if (hashMap != null && (hashMap2 = (HashMap) hashMap.get("inSignedAttributes")) != null && !hashMap2.isEmpty()) {
            for (Map.Entry entry : hashMap2.entrySet()) {
                String str = (String) entry.getKey();
                ObjectID objectID = ObjectID.getObjectID(str);
                if (objectID == ObjectID.messageDigest || objectID == ObjectID.serialNumber || objectID == ObjectID.signingTime || objectID == ObjectID.cms_data) {
                    logger.warn(new StringBuffer().append("El atributo ").append(str).append(" no debe ser especificado explicitamente.").toString());
                } else {
                    arrayList.add(new Attribute(ObjectID.getObjectID(str), new ASN1Object[]{new PrintableString((String) entry.getValue())}));
                }
            }
        }
        Attribute[] attributeArr = new Attribute[4 + arrayList.size()];
        attributeArr[0] = new Attribute(new CMSContentType(ObjectID.cms_data));
        attributeArr[1] = new Attribute(ObjectID.messageDigest, new ASN1Object[]{new OCTET_STRING(bArr)});
        attributeArr[2] = new Attribute(ObjectID.serialNumber, new ASN1Object[]{new PrintableString(x509Certificate.getSerialNumber().toString())});
        attributeArr[3] = new Attribute(new SigningTime(new Date()));
        for (int i = 0; i < arrayList.size(); i++) {
            attributeArr[4 + i] = (Attribute) arrayList.get(i);
        }
        return attributeArr;
    }

    private Attribute[] createUnsignedAttributes(HashMap hashMap) {
        if (hashMap == null) {
            return null;
        }
        HashMap hashMap2 = (HashMap) hashMap.get("inUnsignedAttributes");
        if (hashMap2.size() <= 0) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        if (hashMap2 != null && !hashMap2.isEmpty()) {
            for (Map.Entry entry : hashMap2.entrySet()) {
                String str = (String) entry.getKey();
                if (ObjectID.countersignature.equals(ObjectID.getObjectID(str))) {
                    logger.error("No se puede especificar contrafirmas como atributos.");
                } else {
                    ArrayList arrayList2 = (ArrayList) entry.getValue();
                    if (arrayList2 != null && arrayList2.size() > 0) {
                        ASN1Object[] aSN1ObjectArr = new ASN1Object[arrayList2.size()];
                        for (int i = 0; i < arrayList2.size(); i++) {
                            aSN1ObjectArr[i] = new PrintableString((String) arrayList2.get(i));
                        }
                        arrayList.add(new Attribute(ObjectID.getObjectID(str), aSN1ObjectArr));
                    }
                }
            }
        }
        Attribute[] attributeArr = new Attribute[arrayList.size()];
        for (int i2 = 0; i2 < arrayList.size(); i2++) {
            attributeArr[i2] = (Attribute) arrayList.get(i2);
        }
        return attributeArr;
    }

    private SignerInfo createSignedInfo(X509Certificate x509Certificate, AlgorithmID algorithmID, byte[] bArr) throws CodingException, SignManagerException, CertManagerException {
        Attribute[] attributeArr = null;
        if (this.Attributes != null && !this.Attributes.isEmpty() && this.Attributes.containsKey("inUnsignedAttributes")) {
            attributeArr = createUnsignedAttributes(this.Attributes);
        }
        Attribute[] createSignedAttributes = createSignedAttributes(x509Certificate, bArr, this.Attributes);
        byte[] signDigitally = signManager.signDigitally(DerCoder.encode(ASN.createSetOf(createSignedAttributes, true)), algorithmID.getName(), x509Certificate, bArr);
        SignerInfo signerInfo = new SignerInfo(new IssuerAndSerialNumber(x509Certificate), hashHelper.getHashAlgorithmIdUsed(hashHelper.getHashAlgorithm(algorithmID.getName())), null);
        signerInfo.setSignedAttributes(createSignedAttributes);
        signerInfo.setSignatureValue(signDigitally);
        if (attributeArr != null && attributeArr.length > 0) {
            signerInfo.setUnsignedAttributes(attributeArr);
        }
        return signerInfo;
    }

    private void marcarNodos(byte[] bArr, Properties properties) {
        Class<?> cls;
        try {
            Class<?> cls2 = getClass();
            Class<?>[] clsArr = new Class[1];
            if (class$java$util$Properties == null) {
                cls = class$("java.util.Properties");
                class$java$util$Properties = cls;
            } else {
                cls = class$java$util$Properties;
            }
            clsArr[0] = cls;
            Method method = cls2.getMethod("_markNodes", clsArr);
            properties.put("indices", new TreeSet());
            recorre(bArr, properties, method, (Object) this, true);
        } catch (ClienteFirmaException e) {
            e.printStackTrace();
        } catch (CodingException e2) {
            e2.printStackTrace();
        } catch (CMSException e3) {
            e3.printStackTrace();
        } catch (NoSuchAlgorithmException e4) {
            e4.printStackTrace();
        } catch (IOException e5) {
            e5.printStackTrace();
        } catch (IllegalAccessException e6) {
            e6.printStackTrace();
        } catch (IllegalArgumentException e7) {
            e7.printStackTrace();
        } catch (NoSuchMethodException e8) {
            e8.printStackTrace();
        } catch (SecurityException e9) {
            e9.printStackTrace();
        } catch (InvocationTargetException e10) {
            e10.printStackTrace();
        }
    }

    public void _markNodes(Properties properties) {
        Integer num = (Integer) properties.get("index");
        Set set = (Set) properties.get("indexesToCounterSign");
        TreeSet treeSet = (TreeSet) properties.get("indices");
        if (set.contains(num)) {
            Object obj = properties.get("nodo");
            byte[] signatureValue = obj instanceof SignerInfo ? ((SignerInfo) obj).getSignatureValue() : ((CounterSignature) obj).getSignatureValue();
            logger.debug(new StringBuffer().append("Indice ").append(num).append(" seleccionado para contrafirmar. ").append(Base64Helper.getInstance().encodeBytes(signatureValue)).toString());
            treeSet.add(Base64Helper.getInstance().encodeBytes(signatureValue));
            properties.put("indices", treeSet);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        SecurityProvider.setSecurityProvider(new IaikProvider());
        INSTANCE = new CMSSignatureFormat();
    }
}
