package com.telventi.afirma.cliente.utilidades;

import com.telventi.afirma.cliente.CryptographicConstants;
import com.telventi.afirma.cliente.common.AppletLogger;
import com.telventi.afirma.cliente.exceptions.ClienteFirmaException;
import com.telventi.afirma.cliente.signatureformat.signaturemanager.SignManagerException;
import iaik.asn1.ASN;
import iaik.asn1.ASN1Object;
import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.OCTET_STRING;
import iaik.asn1.ObjectID;
import iaik.asn1.PrintableString;
import iaik.asn1.structures.AlgorithmID;
import iaik.asn1.structures.Attribute;
import iaik.asn1.structures.AttributeValue;
import iaik.cms.CMSException;
import iaik.cms.CMSParsingException;
import iaik.cms.CertificateIdentifier;
import iaik.cms.ContentInfo;
import iaik.cms.EncryptedContentInfo;
import iaik.cms.EncryptedData;
import iaik.cms.EnvelopedData;
import iaik.cms.KeyTransRecipientInfo;
import iaik.cms.OriginatorInfo;
import iaik.cms.RecipientInfo;
import iaik.cms.SignedData;
import iaik.cms.SignerInfo;
import iaik.cms.attributes.CounterSignature;
import iaik.java.security.GeneralSecurityException;
import iaik.java.security.InvalidKeyException;
import iaik.java.security.NoSuchAlgorithmException;
import iaik.java.security.cert.Certificate;
import iaik.java.security.cert.CertificateEncodingException;
import iaik.java.security.cert.CertificateException;
import iaik.javax.crypto.SecretKey;
import iaik.utils.RFC2253NameParserException;
import iaik.x509.X509Certificate;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.EventListener;
import java.util.Vector;

/* loaded from: input_file:firmaFichero5/clienteFirmaAFirma5.jar:com/telventi/afirma/cliente/utilidades/CMSHelper.class */
public class CMSHelper {
    private static final AppletLogger logger = new AppletLogger("CMSHelper", 2);
    private static final CMSHelper INSTANCE = new CMSHelper();

    private CMSHelper() {
    }

    public static CMSHelper getInstance() {
        return INSTANCE;
    }

    public String[] getSignersStructure(byte[] bArr) throws IOException, CodingException, CMSException, ClienteFirmaException {
        SignedData signedData;
        ContentInfo contentInfo;
        if (bArr == null) {
            return new String[0];
        }
        ArrayList arrayList = new ArrayList();
        try {
            contentInfo = new ContentInfo(new ByteArrayInputStream(bArr));
        } catch (ClienteFirmaException e) {
            throw e;
        } catch (Exception e2) {
            signedData = new SignedData(new ByteArrayInputStream(bArr));
        }
        if (!new ObjectID(contentInfo.getContentType().getID()).equals(ObjectID.cms_signedData)) {
            throw new ClienteFirmaException("El CMS no contiene un SignedData.");
        }
        signedData = (SignedData) contentInfo.getContent();
        SignerInfo[] signerInfos = signedData.getSignerInfos();
        Certificate[] certificates = signedData.getCertificates();
        for (SignerInfo signerInfo : signerInfos) {
            arrayList.add(getName(signerInfo, certificates));
            arrayList.addAll(getCounterSignersStructure(1, getConcreteAttributes(signerInfo.getUnsignedAttributes(), ObjectID.countersignature, true), certificates));
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    private ArrayList getCounterSignersStructure(int i, Attribute[] attributeArr, Certificate[] certificateArr) throws CodingException, CMSException {
        if (attributeArr == null || attributeArr.length == 0) {
            return new ArrayList(0);
        }
        ArrayList arrayList = new ArrayList();
        for (Attribute attribute : attributeArr) {
            AttributeValue[] attributeValues = attribute.getAttributeValues();
            for (int i2 = 0; i2 < attributeValues.length; i2++) {
                if (attributeValues[i2].getAttributeType().equals(ObjectID.countersignature)) {
                    CounterSignature counterSignature = new CounterSignature(attributeValues[i2].toASN1Object());
                    arrayList.add(new StringBuffer().append(getTabs(i)).append(getName(counterSignature, certificateArr)).toString());
                    arrayList.addAll(getCounterSignersStructure(i + 1, getConcreteAttributes(counterSignature.getUnsignedAttributes(), ObjectID.countersignature, true), certificateArr));
                }
            }
        }
        return arrayList;
    }

    private Attribute[] getConcreteAttributes(Attribute[] attributeArr, ObjectID objectID, boolean z) {
        if (attributeArr == null) {
            return null;
        }
        Vector vector = new Vector();
        for (int i = 0; i < attributeArr.length; i++) {
            if (attributeArr[i].getType().equals(objectID) && z) {
                vector.addElement(attributeArr[i]);
            } else if (!attributeArr[i].getType().equals(objectID) && !z) {
                vector.addElement(attributeArr[i]);
            }
        }
        if (vector.isEmpty()) {
            return null;
        }
        Attribute[] attributeArr2 = new Attribute[vector.size()];
        vector.copyInto(attributeArr2);
        return attributeArr2;
    }

    private String getName(SignerInfo signerInfo, Certificate[] certificateArr) {
        X509Certificate certificate = getCertificate(signerInfo.getSignerIdentifier(), certificateArr);
        if (certificate != null) {
            try {
                return CertHelper.getInstance().getCN(certificate);
            } catch (CertificateEncodingException e) {
                logger.warn((Throwable) e);
            } catch (CertificateException e2) {
                logger.warn((Throwable) e2);
            } catch (RFC2253NameParserException e3) {
                logger.warn((Throwable) e3);
            } catch (java.security.cert.CertificateException e4) {
                logger.warn((Throwable) e4);
            }
        }
        return signerInfo.getSignerIdentifier().toString().replaceAll("(\\r\\n|\\n)", " - ");
    }

    private String getName(CounterSignature counterSignature, Certificate[] certificateArr) {
        String str = "";
        X509Certificate certificate = getCertificate(counterSignature.getSignerIdentifier(), certificateArr);
        if (certificate != null) {
            try {
                return CertHelper.getInstance().getCN(certificate);
            } catch (CertificateEncodingException e) {
                str = e.toString();
            } catch (CertificateException e2) {
                str = e2.toString();
            } catch (RFC2253NameParserException e3) {
                str = e3.toString();
            } catch (java.security.cert.CertificateException e4) {
                str = e4.toString();
            }
        }
        String replaceAll = counterSignature.getSignerIdentifier().toString().replaceAll("(\\r\\n|\\n)", " - ");
        logger.debug(new StringBuffer().append("No se pudo obtener common name debido a ").append(str).append("; id= ").append(replaceAll).toString());
        return replaceAll;
    }

    private X509Certificate getCertificate(CertificateIdentifier certificateIdentifier, Certificate[] certificateArr) {
        if (certificateArr == null) {
            return null;
        }
        X509Certificate x509Certificate = null;
        for (int i = 0; i < certificateArr.length && x509Certificate == null; i++) {
            try {
                X509Certificate x509Certificate2 = new X509Certificate(certificateArr[i].getEncoded());
                logger.debug(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>");
                logger.debug(new StringBuffer().append("Identifier: ").append(certificateIdentifier).append(" ").append(i).append(" / ").append(certificateArr.length).toString());
                logger.debug("");
                logger.debug(x509Certificate2.toString(false));
                logger.debug("");
                logger.debug(new StringBuffer().append("Identified: ").append(certificateIdentifier.identifiesCert(x509Certificate2)).toString());
                logger.debug("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<");
                if (certificateIdentifier.identifiesCert(x509Certificate2)) {
                    x509Certificate = x509Certificate2;
                }
            } catch (CertificateException e) {
                logger.warn((Throwable) e);
            }
        }
        return x509Certificate;
    }

    /* JADX WARN: Removed duplicated region for block: B:38:0x0126 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:44:0x00f3 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private boolean isCertificate(java.lang.String r7, iaik.java.security.cert.Certificate r8) {
        /*
            Method dump skipped, instructions count: 346
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.telventi.afirma.cliente.utilidades.CMSHelper.isCertificate(java.lang.String, iaik.java.security.cert.Certificate):boolean");
    }

    public Certificate getCertificateByName(String str, Certificate[] certificateArr) {
        if (certificateArr == null || str == null) {
            return null;
        }
        Certificate certificate = null;
        for (int i = 0; i < certificateArr.length && certificate == null; i++) {
            try {
                if (isCertificate(str, certificateArr[i])) {
                    certificate = certificateArr[i];
                }
            } catch (Exception e) {
            }
        }
        return certificate;
    }

    private String getTabs(int i) {
        StringBuffer stringBuffer = new StringBuffer(i);
        for (int i2 = 0; i2 < i; i2++) {
            stringBuffer.append('\t');
        }
        return stringBuffer.toString();
    }

    public Attribute[] createSignedAttributes(byte[] bArr, iaik.java.security.cert.X509Certificate x509Certificate) {
        return getAuthAttributes(bArr, x509Certificate.getSerialNumber().toString());
    }

    public byte[] encode(Attribute[] attributeArr) throws SignManagerException {
        try {
            return DerCoder.encode(ASN.createSetOf(attributeArr, true));
        } catch (CodingException e) {
            throw new SignManagerException("Error creando CMS", e);
        }
    }

    public Attribute[] getAuthAttributes(byte[] bArr, String str) {
        return new Attribute[]{new Attribute(ObjectID.contentType, new ASN1Object[]{ObjectID.pkcs7_signedData}), new Attribute(ObjectID.messageDigest, new ASN1Object[]{new OCTET_STRING(bArr)}), new Attribute(ObjectID.serialNumber, new ASN1Object[]{new PrintableString(str)})};
    }

    public Certificate[] getCertificates(byte[] bArr) throws CMSParsingException, IOException {
        return new SignedData(new ByteArrayInputStream(bArr)).getCertificates();
    }

    private RecipientInfo createRecipientInfo(SecretKey secretKey, Certificate certificate) throws CertificateEncodingException, CertificateException, CMSException {
        KeyTransRecipientInfo keyTransRecipientInfo = new KeyTransRecipientInfo(new X509Certificate(certificate.getEncoded()), AlgorithmID.rsaEncryption);
        keyTransRecipientInfo.encryptKey(secretKey);
        return keyTransRecipientInfo;
    }

    public byte[] getEnvelopedCMS(iaik.java.security.cert.X509Certificate x509Certificate, iaik.java.security.cert.X509Certificate[] x509CertificateArr, byte[] bArr, String str) throws CMSException, NoSuchAlgorithmException, CertificateException, CertificateException {
        AlgorithmID algorithmID = str.equals("AES") ? AlgorithmID.aes128_CBC : str.equals(CryptographicConstants.CAST5) ? AlgorithmID.cast5_CBC : str.equals(CryptographicConstants.IDEA) ? AlgorithmID.idea_CBC : str.equals(CryptographicConstants.TDES) ? AlgorithmID.des_EDE3_CBC : str.equals(CryptographicConstants.RC5) ? AlgorithmID.rc5_CBC : AlgorithmID.aes128_CBC;
        EncryptedContentInfo encryptedContentInfo = new EncryptedContentInfo(ObjectID.cms_encryptedData, bArr);
        SecretKey secretKey = encryptedContentInfo.setupCipher(algorithmID);
        if (x509CertificateArr == null || x509CertificateArr.length <= 0) {
            throw new CMSException("El número de receptores es 0 o nulo");
        }
        RecipientInfo[] recipientInfoArr = new RecipientInfo[x509CertificateArr.length];
        for (int i = 0; i < x509CertificateArr.length; i++) {
            recipientInfoArr[i] = createRecipientInfo(secretKey, x509CertificateArr[i]);
        }
        EnvelopedData envelopedData = new EnvelopedData(recipientInfoArr, encryptedContentInfo);
        if (x509Certificate != null) {
            OriginatorInfo originatorInfo = new OriginatorInfo();
            originatorInfo.setCertificates(new Certificate[]{x509Certificate});
            envelopedData.setOriginatorInfo(originatorInfo);
        }
        return new ContentInfo(ContentInfo.create(ObjectID.cms_envelopedData, envelopedData.toASN1Object())).getEncoded();
    }

    public byte[] getEnvelopedCMS(iaik.java.security.cert.X509Certificate[] x509CertificateArr, byte[] bArr, String str) throws NoSuchAlgorithmException, CMSException, CertificateException {
        return getEnvelopedCMS(null, x509CertificateArr, bArr, str);
    }

    public byte[] getEncryptedCMS(byte[] bArr, byte[] bArr2, String str) throws CMSException, InvalidKeyException, IOException {
        return new ContentInfo(ContentInfo.create(ObjectID.cms_encryptedData, new EncryptedData(new EncryptedContentInfo(new ByteArrayInputStream(getEncryptedContentInfo(bArr, bArr2, str)))).toASN1Object())).getEncoded();
    }

    private byte[] getEncryptedContentInfo(byte[] bArr, byte[] bArr2, String str) throws InvalidKeyException, CMSException {
        if (bArr2 == null || bArr2.length == 0) {
            throw new InvalidKeyException();
        }
        if (bArr == null || bArr.length == 0) {
            throw new CMSException();
        }
        iaik.security.cipher.SecretKey secretKey = new iaik.security.cipher.SecretKey(bArr2, "RAW");
        try {
            EncryptedContentInfo encryptedContentInfo = new EncryptedContentInfo(ObjectID.cms_data, bArr);
            AlgorithmID algorithmID = str.equals("AES") ? AlgorithmID.aes128_CBC : str.equals(CryptographicConstants.CAST5) ? AlgorithmID.cast5_CBC : str.equals(CryptographicConstants.IDEA) ? AlgorithmID.idea_CBC : str.equals(CryptographicConstants.TDES) ? AlgorithmID.des_EDE3_CBC : str.equals(CryptographicConstants.RC5) ? AlgorithmID.rc5_CBC : AlgorithmID.aes128_CBC;
            encryptedContentInfo.setupCipher(algorithmID, secretKey, algorithmID.getAlgorithmParameters());
            return encryptedContentInfo.getEncoded();
        } catch (GeneralSecurityException e) {
            logger.error("Especificaciones del algoritmo incorrectas");
            return null;
        } catch (InvalidKeyException e2) {
            logger.error("Clave inválida.");
            return null;
        } catch (NoSuchAlgorithmException e3) {
            logger.error("No existe el algoritmo");
            return null;
        }
    }

    public Object extractContent(byte[] bArr) throws CMSParsingException, IOException {
        EventListener eventListener;
        logger.debug("extractcontent");
        ContentInfo contentInfo = new ContentInfo(new ByteArrayInputStream(bArr));
        if (contentInfo.getContentType().equals(ObjectID.cms_encryptedData)) {
            logger.debug("encrypteddata");
            eventListener = (EncryptedData) contentInfo.getContent();
        } else {
            if (!contentInfo.getContentType().equals(ObjectID.cms_envelopedData)) {
                throw new CMSParsingException("Error. Actualmente sólo se admiten EncryptedData.");
            }
            logger.debug("envelopeddata");
            eventListener = (EnvelopedData) contentInfo.getContent();
        }
        return eventListener;
    }

    public Object decipherEncryptedData(byte[] bArr, Object obj) throws InvalidKeyException, CMSException, NoSuchAlgorithmException {
        byte[] content;
        if (obj instanceof EncryptedData) {
            EncryptedData encryptedData = (EncryptedData) obj;
            encryptedData.getEncryptedContentInfo().setupCipher(new iaik.security.cipher.SecretKey(bArr, "RAW"));
            content = encryptedData.getContent();
        } else {
            if (!(obj instanceof EncryptedContentInfo)) {
                throw new CMSException("El parámetro pasado no es EncryptedData.");
            }
            EncryptedContentInfo encryptedContentInfo = (EncryptedContentInfo) obj;
            encryptedContentInfo.setupCipher(new iaik.security.cipher.SecretKey(bArr, "RAW"));
            content = encryptedContentInfo.getContent();
        }
        return content;
    }
}
