package com.amazon.coral.internal.org.bouncycastle.cms;

import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1Encodable;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1EncodableVector;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1Encoding;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1ObjectIdentifier;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1OctetString;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1Primitive;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1Set;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$DERNull;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$DERSet;
import com.amazon.coral.internal.org.bouncycastle.asn1.cms.C$Attribute;
import com.amazon.coral.internal.org.bouncycastle.asn1.cms.C$AttributeTable;
import com.amazon.coral.internal.org.bouncycastle.asn1.cms.C$CMSAlgorithmProtection;
import com.amazon.coral.internal.org.bouncycastle.asn1.cms.C$CMSAttributes;
import com.amazon.coral.internal.org.bouncycastle.asn1.cms.C$IssuerAndSerialNumber;
import com.amazon.coral.internal.org.bouncycastle.asn1.cms.C$SignerIdentifier;
import com.amazon.coral.internal.org.bouncycastle.asn1.cms.C$SignerInfo;
import com.amazon.coral.internal.org.bouncycastle.asn1.cms.C$Time;
import com.amazon.coral.internal.org.bouncycastle.asn1.x509.C$AlgorithmIdentifier;
import com.amazon.coral.internal.org.bouncycastle.asn1.x509.C$DigestInfo;
import com.amazon.coral.internal.org.bouncycastle.operator.C$ContentVerifier;
import com.amazon.coral.internal.org.bouncycastle.operator.C$DigestCalculator;
import com.amazon.coral.internal.org.bouncycastle.operator.C$OperatorCreationException;
import com.amazon.coral.internal.org.bouncycastle.operator.C$RawContentVerifier;
import com.amazon.coral.internal.org.bouncycastle.util.C$Arrays;
import com.amazon.coral.internal.org.bouncycastle.util.io.C$TeeOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;

/* renamed from: com.amazon.coral.internal.org.bouncycastle.cms.$SignerInformation, reason: invalid class name */
/* loaded from: classes3.dex */
public class C$SignerInformation {
    private final C$CMSProcessable content;
    private final C$ASN1ObjectIdentifier contentType;
    protected final C$AlgorithmIdentifier digestAlgorithm;
    protected final C$AlgorithmIdentifier encryptionAlgorithm;
    protected final C$SignerInfo info;
    private final boolean isCounterSignature;
    private byte[] resultDigest;
    private final C$SignerId sid;
    private final byte[] signature;
    protected final C$ASN1Set signedAttributeSet;
    private C$AttributeTable signedAttributeValues;
    protected final C$ASN1Set unsignedAttributeSet;
    private C$AttributeTable unsignedAttributeValues;

    /* JADX INFO: Access modifiers changed from: package-private */
    public C$SignerInformation(C$SignerInfo c$SignerInfo, C$ASN1ObjectIdentifier c$ASN1ObjectIdentifier, C$CMSProcessable c$CMSProcessable, byte[] bArr) {
        this.info = c$SignerInfo;
        this.contentType = c$ASN1ObjectIdentifier;
        this.isCounterSignature = c$ASN1ObjectIdentifier == null;
        C$SignerIdentifier sid = c$SignerInfo.getSID();
        if (sid.isTagged()) {
            this.sid = new C$SignerId(C$ASN1OctetString.getInstance(sid.getId()).getOctets());
        } else {
            C$IssuerAndSerialNumber c$IssuerAndSerialNumber = C$IssuerAndSerialNumber.getInstance(sid.getId());
            this.sid = new C$SignerId(c$IssuerAndSerialNumber.getName(), c$IssuerAndSerialNumber.getSerialNumber().getValue());
        }
        this.digestAlgorithm = c$SignerInfo.getDigestAlgorithm();
        this.signedAttributeSet = c$SignerInfo.getAuthenticatedAttributes();
        this.unsignedAttributeSet = c$SignerInfo.getUnauthenticatedAttributes();
        this.encryptionAlgorithm = c$SignerInfo.getDigestEncryptionAlgorithm();
        this.signature = c$SignerInfo.getEncryptedDigest().getOctets();
        this.content = c$CMSProcessable;
        this.resultDigest = bArr;
    }

    protected C$SignerInformation(C$SignerInformation c$SignerInformation) {
        this.info = c$SignerInformation.info;
        this.contentType = c$SignerInformation.contentType;
        this.isCounterSignature = c$SignerInformation.isCounterSignature();
        this.sid = c$SignerInformation.getSID();
        this.digestAlgorithm = this.info.getDigestAlgorithm();
        this.signedAttributeSet = this.info.getAuthenticatedAttributes();
        this.unsignedAttributeSet = this.info.getUnauthenticatedAttributes();
        this.encryptionAlgorithm = this.info.getDigestEncryptionAlgorithm();
        this.signature = this.info.getEncryptedDigest().getOctets();
        this.content = c$SignerInformation.content;
        this.resultDigest = c$SignerInformation.resultDigest;
    }

    public static C$SignerInformation addCounterSigners(C$SignerInformation c$SignerInformation, C$SignerInformationStore c$SignerInformationStore) {
        C$SignerInfo c$SignerInfo = c$SignerInformation.info;
        C$AttributeTable unsignedAttributes = c$SignerInformation.getUnsignedAttributes();
        C$ASN1EncodableVector aSN1EncodableVector = unsignedAttributes != null ? unsignedAttributes.toASN1EncodableVector() : new C$ASN1EncodableVector();
        C$ASN1EncodableVector c$ASN1EncodableVector = new C$ASN1EncodableVector();
        Iterator<C$SignerInformation> it = c$SignerInformationStore.getSigners().iterator();
        while (it.hasNext()) {
            c$ASN1EncodableVector.add(it.next().toASN1Structure());
        }
        aSN1EncodableVector.add(new C$Attribute(C$CMSAttributes.counterSignature, new C$DERSet(c$ASN1EncodableVector)));
        return new C$SignerInformation(new C$SignerInfo(c$SignerInfo.getSID(), c$SignerInfo.getDigestAlgorithm(), c$SignerInfo.getAuthenticatedAttributes(), c$SignerInfo.getDigestEncryptionAlgorithm(), c$SignerInfo.getEncryptedDigest(), new C$DERSet(aSN1EncodableVector)), c$SignerInformation.contentType, c$SignerInformation.content, null);
    }

    private boolean doVerify(C$SignerInformationVerifier c$SignerInformationVerifier) throws C$CMSException {
        String encryptionAlgName = C$CMSSignedHelper.INSTANCE.getEncryptionAlgName(getEncryptionAlgOID());
        try {
            C$ContentVerifier contentVerifier = c$SignerInformationVerifier.getContentVerifier(this.encryptionAlgorithm, this.info.getDigestAlgorithm());
            try {
                OutputStream outputStream = contentVerifier.getOutputStream();
                if (this.resultDigest == null) {
                    C$DigestCalculator digestCalculator = c$SignerInformationVerifier.getDigestCalculator(getDigestAlgorithmID());
                    if (this.content != null) {
                        OutputStream outputStream2 = digestCalculator.getOutputStream();
                        if (this.signedAttributeSet != null) {
                            this.content.write(outputStream2);
                            outputStream.write(getEncodedSignedAttributes());
                        } else if (contentVerifier instanceof C$RawContentVerifier) {
                            this.content.write(outputStream2);
                        } else {
                            C$TeeOutputStream c$TeeOutputStream = new C$TeeOutputStream(outputStream2, outputStream);
                            this.content.write(c$TeeOutputStream);
                            c$TeeOutputStream.close();
                        }
                        outputStream2.close();
                    } else {
                        if (this.signedAttributeSet == null) {
                            throw new C$CMSException("data not encapsulated in signature - use detached constructor.");
                        }
                        outputStream.write(getEncodedSignedAttributes());
                    }
                    this.resultDigest = digestCalculator.getDigest();
                } else if (this.signedAttributeSet != null) {
                    outputStream.write(getEncodedSignedAttributes());
                } else if (this.content != null) {
                    this.content.write(outputStream);
                }
                outputStream.close();
                C$ASN1Primitive singleValuedSignedAttribute = getSingleValuedSignedAttribute(C$CMSAttributes.contentType, "content-type");
                if (singleValuedSignedAttribute != null) {
                    if (this.isCounterSignature) {
                        throw new C$CMSException("[For counter signatures,] the signedAttributes field MUST NOT contain a content-type attribute");
                    }
                    if (!(singleValuedSignedAttribute instanceof C$ASN1ObjectIdentifier)) {
                        throw new C$CMSException("content-type attribute value not of ASN.1 type 'OBJECT IDENTIFIER'");
                    }
                    if (!((C$ASN1ObjectIdentifier) singleValuedSignedAttribute).equals(this.contentType)) {
                        throw new C$CMSException("content-type attribute value does not match eContentType");
                    }
                } else if (!this.isCounterSignature && this.signedAttributeSet != null) {
                    throw new C$CMSException("The content-type attribute type MUST be present whenever signed attributes are present in signed-data");
                }
                C$AttributeTable signedAttributes = getSignedAttributes();
                C$AttributeTable unsignedAttributes = getUnsignedAttributes();
                if (unsignedAttributes != null && unsignedAttributes.getAll(C$CMSAttributes.cmsAlgorithmProtect).size() > 0) {
                    throw new C$CMSException("A cmsAlgorithmProtect attribute MUST be a signed attribute");
                }
                if (signedAttributes != null) {
                    C$ASN1EncodableVector all = signedAttributes.getAll(C$CMSAttributes.cmsAlgorithmProtect);
                    if (all.size() > 1) {
                        throw new C$CMSException("Only one instance of a cmsAlgorithmProtect attribute can be present");
                    }
                    if (all.size() > 0) {
                        C$Attribute c$Attribute = C$Attribute.getInstance(all.get(0));
                        if (c$Attribute.getAttrValues().size() != 1) {
                            throw new C$CMSException("A cmsAlgorithmProtect attribute MUST contain exactly one value");
                        }
                        C$CMSAlgorithmProtection c$CMSAlgorithmProtection = C$CMSAlgorithmProtection.getInstance(c$Attribute.getAttributeValues()[0]);
                        if (!C$CMSUtils.isEquivalent(c$CMSAlgorithmProtection.getDigestAlgorithm(), this.info.getDigestAlgorithm())) {
                            throw new C$CMSException("CMS Algorithm Identifier Protection check failed for digestAlgorithm");
                        }
                        if (!C$CMSUtils.isEquivalent(c$CMSAlgorithmProtection.getSignatureAlgorithm(), this.info.getDigestEncryptionAlgorithm())) {
                            throw new C$CMSException("CMS Algorithm Identifier Protection check failed for signatureAlgorithm");
                        }
                    }
                }
                C$ASN1Primitive singleValuedSignedAttribute2 = getSingleValuedSignedAttribute(C$CMSAttributes.messageDigest, "message-digest");
                if (singleValuedSignedAttribute2 != null) {
                    if (!(singleValuedSignedAttribute2 instanceof C$ASN1OctetString)) {
                        throw new C$CMSException("message-digest attribute value not of ASN.1 type 'OCTET STRING'");
                    }
                    if (!C$Arrays.constantTimeAreEqual(this.resultDigest, ((C$ASN1OctetString) singleValuedSignedAttribute2).getOctets())) {
                        final String str = "message-digest attribute value does not match calculated value";
                        throw new C$CMSException(str) { // from class: com.amazon.coral.internal.org.bouncycastle.cms.$CMSSignerDigestMismatchException
                        };
                    }
                } else if (this.signedAttributeSet != null) {
                    throw new C$CMSException("the message-digest signed attribute type MUST be present when there are any signed attributes present");
                }
                if (signedAttributes != null && signedAttributes.getAll(C$CMSAttributes.counterSignature).size() > 0) {
                    throw new C$CMSException("A countersignature attribute MUST NOT be a signed attribute");
                }
                C$AttributeTable unsignedAttributes2 = getUnsignedAttributes();
                if (unsignedAttributes2 != null) {
                    C$ASN1EncodableVector all2 = unsignedAttributes2.getAll(C$CMSAttributes.counterSignature);
                    for (int i = 0; i < all2.size(); i++) {
                        if (C$Attribute.getInstance(all2.get(i)).getAttrValues().size() < 1) {
                            throw new C$CMSException("A countersignature attribute MUST contain at least one AttributeValue");
                        }
                    }
                }
                try {
                    if (this.signedAttributeSet != null || this.resultDigest == null || !(contentVerifier instanceof C$RawContentVerifier)) {
                        return contentVerifier.verify(getSignature());
                    }
                    C$RawContentVerifier c$RawContentVerifier = (C$RawContentVerifier) contentVerifier;
                    return encryptionAlgName.equals("RSA") ? c$RawContentVerifier.verify(new C$DigestInfo(new C$AlgorithmIdentifier(this.digestAlgorithm.getAlgorithm(), C$DERNull.INSTANCE), this.resultDigest).getEncoded(C$ASN1Encoding.DER), getSignature()) : c$RawContentVerifier.verify(this.resultDigest, getSignature());
                } catch (IOException e) {
                    throw new C$CMSException("can't process mime object to create signature.", e);
                }
            } catch (C$OperatorCreationException e2) {
                throw new C$CMSException("can't create digest calculator: " + e2.getMessage(), e2);
            } catch (IOException e3) {
                throw new C$CMSException("can't process mime object to create signature.", e3);
            }
        } catch (C$OperatorCreationException e4) {
            throw new C$CMSException("can't create content verifier: " + e4.getMessage(), e4);
        }
    }

    private byte[] encodeObj(C$ASN1Encodable c$ASN1Encodable) throws IOException {
        if (c$ASN1Encodable != null) {
            return c$ASN1Encodable.toASN1Primitive().getEncoded();
        }
        return null;
    }

    private C$Time getSigningTime() throws C$CMSException {
        C$ASN1Primitive singleValuedSignedAttribute = getSingleValuedSignedAttribute(C$CMSAttributes.signingTime, "signing-time");
        if (singleValuedSignedAttribute == null) {
            return null;
        }
        try {
            return C$Time.getInstance(singleValuedSignedAttribute);
        } catch (IllegalArgumentException e) {
            throw new C$CMSException("signing-time attribute value not a valid 'Time' structure");
        }
    }

    private C$ASN1Primitive getSingleValuedSignedAttribute(C$ASN1ObjectIdentifier c$ASN1ObjectIdentifier, String str) throws C$CMSException {
        C$AttributeTable unsignedAttributes = getUnsignedAttributes();
        if (unsignedAttributes != null && unsignedAttributes.getAll(c$ASN1ObjectIdentifier).size() > 0) {
            throw new C$CMSException("The " + str + " attribute MUST NOT be an unsigned attribute");
        }
        C$AttributeTable signedAttributes = getSignedAttributes();
        if (signedAttributes == null) {
            return null;
        }
        C$ASN1EncodableVector all = signedAttributes.getAll(c$ASN1ObjectIdentifier);
        switch (all.size()) {
            case 0:
                return null;
            case 1:
                C$ASN1Set attrValues = ((C$Attribute) all.get(0)).getAttrValues();
                if (attrValues.size() != 1) {
                    throw new C$CMSException("A " + str + " attribute MUST have a single attribute value");
                }
                return attrValues.getObjectAt(0).toASN1Primitive();
            default:
                throw new C$CMSException("The SignedAttributes in a signerInfo MUST NOT include multiple instances of the " + str + " attribute");
        }
    }

    public static C$SignerInformation replaceUnsignedAttributes(C$SignerInformation c$SignerInformation, C$AttributeTable c$AttributeTable) {
        C$SignerInfo c$SignerInfo = c$SignerInformation.info;
        return new C$SignerInformation(new C$SignerInfo(c$SignerInfo.getSID(), c$SignerInfo.getDigestAlgorithm(), c$SignerInfo.getAuthenticatedAttributes(), c$SignerInfo.getDigestEncryptionAlgorithm(), c$SignerInfo.getEncryptedDigest(), c$AttributeTable != null ? new C$DERSet(c$AttributeTable.toASN1EncodableVector()) : null), c$SignerInformation.contentType, c$SignerInformation.content, null);
    }

    public byte[] getContentDigest() {
        if (this.resultDigest == null) {
            throw new IllegalStateException("method can only be called after verify.");
        }
        return C$Arrays.clone(this.resultDigest);
    }

    public C$ASN1ObjectIdentifier getContentType() {
        return this.contentType;
    }

    public C$SignerInformationStore getCounterSignatures() {
        int i = 0;
        C$AttributeTable unsignedAttributes = getUnsignedAttributes();
        if (unsignedAttributes == null) {
            return new C$SignerInformationStore(new ArrayList(0));
        }
        ArrayList arrayList = new ArrayList();
        C$ASN1EncodableVector all = unsignedAttributes.getAll(C$CMSAttributes.counterSignature);
        while (true) {
            int i2 = i;
            if (i2 >= all.size()) {
                return new C$SignerInformationStore(arrayList);
            }
            C$ASN1Set attrValues = ((C$Attribute) all.get(i2)).getAttrValues();
            if (attrValues.size() < 1) {
            }
            Enumeration objects = attrValues.getObjects();
            while (objects.hasMoreElements()) {
                arrayList.add(new C$SignerInformation(C$SignerInfo.getInstance(objects.nextElement()), null, new C$CMSProcessableByteArray(getSignature()), null));
            }
            i = i2 + 1;
        }
    }

    public String getDigestAlgOID() {
        return this.digestAlgorithm.getAlgorithm().getId();
    }

    public byte[] getDigestAlgParams() {
        try {
            return encodeObj(this.digestAlgorithm.getParameters());
        } catch (Exception e) {
            throw new RuntimeException("exception getting digest parameters " + e);
        }
    }

    public C$AlgorithmIdentifier getDigestAlgorithmID() {
        return this.digestAlgorithm;
    }

    public byte[] getEncodedSignedAttributes() throws IOException {
        if (this.signedAttributeSet != null) {
            return this.signedAttributeSet.getEncoded(C$ASN1Encoding.DER);
        }
        return null;
    }

    public String getEncryptionAlgOID() {
        return this.encryptionAlgorithm.getAlgorithm().getId();
    }

    public byte[] getEncryptionAlgParams() {
        try {
            return encodeObj(this.encryptionAlgorithm.getParameters());
        } catch (Exception e) {
            throw new RuntimeException("exception getting encryption parameters " + e);
        }
    }

    public C$SignerId getSID() {
        return this.sid;
    }

    public byte[] getSignature() {
        return C$Arrays.clone(this.signature);
    }

    public C$AttributeTable getSignedAttributes() {
        if (this.signedAttributeSet != null && this.signedAttributeValues == null) {
            this.signedAttributeValues = new C$AttributeTable(this.signedAttributeSet);
        }
        return this.signedAttributeValues;
    }

    public C$AttributeTable getUnsignedAttributes() {
        if (this.unsignedAttributeSet != null && this.unsignedAttributeValues == null) {
            this.unsignedAttributeValues = new C$AttributeTable(this.unsignedAttributeSet);
        }
        return this.unsignedAttributeValues;
    }

    public int getVersion() {
        return this.info.getVersion().getValue().intValue();
    }

    public boolean isCounterSignature() {
        return this.isCounterSignature;
    }

    public C$SignerInfo toASN1Structure() {
        return this.info;
    }

    public boolean verify(C$SignerInformationVerifier c$SignerInformationVerifier) throws C$CMSException {
        C$Time signingTime = getSigningTime();
        if (!c$SignerInformationVerifier.hasAssociatedCertificate() || signingTime == null || c$SignerInformationVerifier.getAssociatedCertificate().isValidOn(signingTime.getDate())) {
            return doVerify(c$SignerInformationVerifier);
        }
        final String str = "verifier not valid at signingTime";
        throw new C$CMSException(str) { // from class: com.amazon.coral.internal.org.bouncycastle.cms.$CMSVerifierCertificateNotValidException
        };
    }
}
