package mx.gob.sat.sgi.SgiCripto.sobre;

import com.sun.jna.platform.win32.WinError;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Hashtable;
import mx.gob.sat.sgi.SgiCripto.SgiCertificado;
import mx.gob.sat.sgi.SgiCripto.SgiCriptoException;
import mx.gob.sat.sgi.SgiCripto.SgiDigest;
import mx.gob.sat.sgi.SgiCripto.SgiLlavePrivada;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
import org.bouncycastle.asn1.cms.SignedDataParser;
import org.bouncycastle.asn1.pkcs.ContentInfo;
import org.bouncycastle.asn1.pkcs.IssuerAndSerialNumber;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.SignedData;
import org.bouncycastle.asn1.pkcs.SignerInfo;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.X509CertificateStructure;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataParser;
import org.bouncycastle.cms.CMSSignedDataStreamGenerator;
import org.bouncycastle.cms.CMSSignedGenerator;
import org.bouncycastle.jce.cert.CertStore;
import org.bouncycastle.jce.cert.CertStoreException;
import org.bouncycastle.jce.cert.CollectionCertStoreParameters;
import org.bouncycastle.util.io.Streams;

/* loaded from: input_file:mx/gob/sat/sgi/SgiCripto/sobre/Firmado.class */
public class Firmado {
    private Hashtable tabla_de_hashes;
    private SignedData s_data;
    private SignedDataParser s_data_P;
    protected DelegadoDeFirmas delegado;
    protected byte[] data_bytes;
    private boolean bGenerar;

    public void setGenerar(boolean z) {
        this.bGenerar = z;
    }

    private void ver_Firmado() {
    }

    public Firmado() {
        this.tabla_de_hashes = null;
        this.s_data = null;
        this.s_data_P = null;
        this.delegado = null;
        this.data_bytes = null;
        this.bGenerar = false;
        this.tabla_de_hashes = new Hashtable();
    }

    public Firmado(DelegadoDeFirmas delegadoDeFirmas) {
        this.tabla_de_hashes = null;
        this.s_data = null;
        this.s_data_P = null;
        this.delegado = null;
        this.data_bytes = null;
        this.bGenerar = false;
        this.delegado = delegadoDeFirmas;
        this.tabla_de_hashes = new Hashtable();
    }

    public boolean generaFirmado(SgiCertificado[] sgiCertificadoArr, SgiLlavePrivada[] sgiLlavePrivadaArr, int[] iArr, InputStream inputStream, OutputStream outputStream) throws SgiCriptoException, IOException {
        this.bGenerar = true;
        try {
            ArrayList arrayList = new ArrayList();
            X509Certificate x509_Certificate = sgiCertificadoArr[0].getX509_Certificate();
            CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList), "BC");
            arrayList.add(x509_Certificate);
            CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator = new CMSSignedDataStreamGenerator();
            cMSSignedDataStreamGenerator.addSigner(sgiLlavePrivadaArr[0].getLlave(), x509_Certificate, CMSSignedGenerator.DIGEST_SHA1, "BC");
            cMSSignedDataStreamGenerator.addCertificatesAndCRLs(certStore);
            OutputStream open = cMSSignedDataStreamGenerator.open(outputStream, true);
            Streams.pipeAll(inputStream, open);
            open.close();
            return true;
        } catch (IllegalArgumentException e) {
            throw new SgiCriptoException(e.getMessage(), 1);
        } catch (InvalidAlgorithmParameterException e2) {
            throw new SgiCriptoException(e2.getMessage(), 1);
        } catch (InvalidKeyException e3) {
            throw new SgiCriptoException(e3.getMessage(), 1);
        } catch (NoSuchAlgorithmException e4) {
            throw new SgiCriptoException(e4.getMessage(), 1);
        } catch (NoSuchProviderException e5) {
            throw new SgiCriptoException(e5.getMessage(), 1);
        } catch (SgiCriptoException e6) {
            throw new SgiCriptoException(e6.getMessage(), 1);
        } catch (CMSException e7) {
            throw new SgiCriptoException(e7.getMessage(), 1);
        } catch (CertStoreException e8) {
            throw new SgiCriptoException(e8.getMessage(), 1);
        }
    }

    public SignedData getSignedData(ASN1EncodableVector aSN1EncodableVector, ASN1EncodableVector aSN1EncodableVector2, ASN1EncodableVector aSN1EncodableVector3, InputStream inputStream) throws IOException {
        return new SignedData(new DERInteger(1), new DERSet(aSN1EncodableVector), new ContentInfo(PKCSObjectIdentifiers.data, new DEROctetString(readDatos(inputStream))), new DERSet(aSN1EncodableVector3), null, new DERSet(aSN1EncodableVector2));
    }

    public byte[] getEncryptedDigest(BufferedInputStream bufferedInputStream, AlgorithmIdentifier algorithmIdentifier, SgiLlavePrivada sgiLlavePrivada) throws IOException, SgiCriptoException {
        byte[] bArr = new byte[bufferedInputStream.available()];
        bufferedInputStream.read(bArr);
        byte[] digest = getDigest(bArr, algorithmIdentifier);
        if (digest == null) {
            return null;
        }
        FirmaRSA firmaRSA = null;
        if (0 == 0) {
            firmaRSA = new FirmaRSA();
        }
        return firmaRSA.getFirmaCifrada(digest, algorithmIdentifier, sgiLlavePrivada);
    }

    protected byte[] readDatos(InputStream inputStream) throws IOException {
        byte[] bArr = null;
        if (0 == 0) {
            bArr = new byte[inputStream.available()];
            inputStream.read(bArr);
        }
        return bArr;
    }

    protected byte[] readDatosEnPartes(InputStream inputStream, long j) throws IOException {
        byte[] bArr = null;
        long available = inputStream.available() / j;
        if (0 == 0) {
            bArr = new byte[(int) available];
            inputStream.read(bArr);
        }
        return bArr;
    }

    public byte[] getDigest(byte[] bArr, AlgorithmIdentifier algorithmIdentifier) throws SgiCriptoException {
        byte[] bytes;
        String str = (String) this.tabla_de_hashes.get(algorithmIdentifier);
        if (str == null) {
            bytes = new SgiDigest().genDigest(SgiDigest.getAlgoritmoId(algorithmIdentifier), bArr, bArr.length);
            this.tabla_de_hashes.put(algorithmIdentifier, new String(bytes));
        } else {
            bytes = str.getBytes();
        }
        return bytes;
    }

    public boolean verifica(byte[] bArr, AlgorithmIdentifier algorithmIdentifier, byte[] bArr2, X509CertificateStructure x509CertificateStructure) throws IOException, SgiCriptoException {
        SgiCertificado sgiCertificado = SgiCertificado.getInstance();
        sgiCertificado.inicia(1, new ByteArrayInputStream(x509CertificateStructure.getDEREncoded()));
        this.delegado = new FirmaRSA();
        return Arrays.equals(this.delegado.getFirmaPlana(bArr2, sgiCertificado), getDigest(bArr, algorithmIdentifier));
    }

    public boolean inicia(CMSSignedDataParser cMSSignedDataParser) {
        try {
            cMSSignedDataParser.getVersion();
            this.s_data = new SignedData(ASN1Sequence.getInstance(new ASN1InputStream(cMSSignedDataParser.getSignedContent().getContentStream()).readObject()));
            return true;
        } catch (IOException e) {
            e.printStackTrace();
            return false;
        }
    }

    public boolean inicia(DEREncodable dEREncodable) throws IOException, SgiCriptoException {
        this.s_data = new SignedData((ASN1Sequence) dEREncodable);
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean procesaFirma(byte[] bArr, X509CertificateStructure x509CertificateStructure, SignerInfo signerInfo) throws IOException, SgiCriptoException {
        AlgorithmIdentifier digestAlgorithm = signerInfo.getDigestAlgorithm();
        byte[] octets = signerInfo.getEncryptedDigest().getOctets();
        ASN1Set authenticatedAttributes = signerInfo.getAuthenticatedAttributes();
        return authenticatedAttributes == null ? verifica(bArr, digestAlgorithm, octets, x509CertificateStructure) : verifica(authenticatedAttributes.getDEREncoded(), digestAlgorithm, octets, x509CertificateStructure);
    }

    public boolean procesa(OutputStream outputStream, X509CertificateStructure x509CertificateStructure) throws IOException, SgiCriptoException {
        X509CertificateStructure x509CertificateStructure2;
        ContentInfo contentInfo = this.s_data.getContentInfo();
        if (!contentInfo.getContentType().equals(CMSObjectIdentifiers.data)) {
            return false;
        }
        if (x509CertificateStructure != null) {
            x509CertificateStructure2 = x509CertificateStructure;
        } else {
            if (extraerCertificados(null).length <= 0) {
                throw new SgiCriptoException("El sobre no contiene certificados.", WinError.ERROR_ENCRYPTION_FAILED);
            }
            x509CertificateStructure2 = extraerCertificados(null)[0];
        }
        this.data_bytes = ((ASN1OctetString) contentInfo.getContent()).getOctets();
        SignerInfo[] extraerSigners = extraerSigners(this.s_data.getSignerInfos());
        IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(x509CertificateStructure2.getIssuer(), x509CertificateStructure2.getSerialNumber());
        for (int i = 0; i < extraerSigners.length; i++) {
            if (extraerSigners[i].getIssuerAndSerialNumber().equals(issuerAndSerialNumber)) {
                if (!procesaFirma(this.data_bytes, x509CertificateStructure2, extraerSigners[i])) {
                    return false;
                }
                outputStream.write(this.data_bytes);
                return true;
            }
        }
        return false;
    }

    /* JADX WARN: Code restructure failed: missing block: B:15:0x006a, code lost:
    
        return r9;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.bouncycastle.asn1.x509.X509CertificateStructure[] extraerCertificados(org.bouncycastle.asn1.ASN1Set r7) throws java.io.IOException, mx.gob.sat.sgi.SgiCripto.SgiCriptoException {
        /*
            r6 = this;
            r0 = 0
            r8 = r0
            r0 = 0
            r9 = r0
            r0 = r6
            org.bouncycastle.asn1.pkcs.SignedData r0 = r0.s_data
            if (r0 == 0) goto L16
            r0 = r6
            org.bouncycastle.asn1.pkcs.SignedData r0 = r0.s_data
            org.bouncycastle.asn1.ASN1Set r0 = r0.getCertificates()
            r8 = r0
            goto L1c
        L16:
            r0 = r7
            if (r0 == 0) goto L1c
            r0 = r7
            r8 = r0
        L1c:
            r0 = r8
            int r0 = r0.size()     // Catch: java.lang.NullPointerException -> L52 java.lang.Throwable -> L5f
            org.bouncycastle.asn1.x509.X509CertificateStructure[] r0 = new org.bouncycastle.asn1.x509.X509CertificateStructure[r0]     // Catch: java.lang.NullPointerException -> L52 java.lang.Throwable -> L5f
            r9 = r0
            r0 = 0
            r10 = r0
            goto L45
        L2a:
            r0 = r8
            r1 = r10
            org.bouncycastle.asn1.DEREncodable r0 = r0.getObjectAt(r1)     // Catch: java.lang.NullPointerException -> L52 java.lang.Throwable -> L5f
            org.bouncycastle.asn1.DERSequence r0 = (org.bouncycastle.asn1.DERSequence) r0     // Catch: java.lang.NullPointerException -> L52 java.lang.Throwable -> L5f
            r11 = r0
            r0 = r9
            r1 = r10
            org.bouncycastle.asn1.x509.X509CertificateStructure r2 = new org.bouncycastle.asn1.x509.X509CertificateStructure     // Catch: java.lang.NullPointerException -> L52 java.lang.Throwable -> L5f
            r3 = r2
            r4 = r11
            r3.<init>(r4)     // Catch: java.lang.NullPointerException -> L52 java.lang.Throwable -> L5f
            r0[r1] = r2     // Catch: java.lang.NullPointerException -> L52 java.lang.Throwable -> L5f
            int r10 = r10 + 1
        L45:
            r0 = r10
            r1 = r9
            int r1 = r1.length     // Catch: java.lang.NullPointerException -> L52 java.lang.Throwable -> L5f
            if (r0 < r1) goto L2a
            r0 = jsr -> L67
        L4f:
            goto L6b
        L52:
            r10 = move-exception
            r0 = 0
            org.bouncycastle.asn1.x509.X509CertificateStructure[] r0 = new org.bouncycastle.asn1.x509.X509CertificateStructure[r0]     // Catch: java.lang.Throwable -> L5f
            r9 = r0
            r0 = jsr -> L67
        L5c:
            goto L6b
        L5f:
            r12 = move-exception
            r0 = jsr -> L67
        L64:
            r1 = r12
            throw r1
        L67:
            r13 = r0
            r0 = r9
            return r0
        L6b:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: mx.gob.sat.sgi.SgiCripto.sobre.Firmado.extraerCertificados(org.bouncycastle.asn1.ASN1Set):org.bouncycastle.asn1.x509.X509CertificateStructure[]");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SignerInfo[] extraerSigners(ASN1Set aSN1Set) {
        SignerInfo[] signerInfoArr = new SignerInfo[aSN1Set.size()];
        for (int i = 0; i < signerInfoArr.length; i++) {
            signerInfoArr[i] = new SignerInfo((DERSequence) aSN1Set.getObjectAt(i));
        }
        return signerInfoArr;
    }

    public SignerInfo getSignerInfo(X509CertificateStructure x509CertificateStructure, SgiLlavePrivada sgiLlavePrivada, AlgorithmIdentifier algorithmIdentifier, BufferedInputStream bufferedInputStream) throws IOException, SgiCriptoException {
        DERInteger dERInteger = new DERInteger(1);
        IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(x509CertificateStructure.getIssuer(), x509CertificateStructure.getSerialNumber());
        AlgorithmIdentifier algorithmIdentifier2 = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, null);
        DEROctetString dEROctetString = new DEROctetString(getEncryptedDigest(bufferedInputStream, algorithmIdentifier, sgiLlavePrivada));
        System.out.println("getSignerInfo");
        return new SignerInfo(dERInteger, issuerAndSerialNumber, algorithmIdentifier, null, algorithmIdentifier2, dEROctetString, null);
    }

    public ASN1EncodableVector getSignerInfos(ASN1EncodableVector aSN1EncodableVector, SgiLlavePrivada[] sgiLlavePrivadaArr, ASN1EncodableVector aSN1EncodableVector2, BufferedInputStream bufferedInputStream) throws IOException, SgiCriptoException {
        ASN1EncodableVector aSN1EncodableVector3 = null;
        if (sgiLlavePrivadaArr.length > 0 && aSN1EncodableVector.size() == sgiLlavePrivadaArr.length) {
            aSN1EncodableVector3 = new ASN1EncodableVector();
            for (int i = 0; i < sgiLlavePrivadaArr.length; i++) {
                aSN1EncodableVector3.add(getSignerInfo((X509CertificateStructure) aSN1EncodableVector.get(i), sgiLlavePrivadaArr[i], (AlgorithmIdentifier) aSN1EncodableVector2.get(i), bufferedInputStream));
            }
        }
        System.gc();
        return aSN1EncodableVector3;
    }

    public CMSSignedData getSignedData(SgiCertificado[] sgiCertificadoArr, SgiLlavePrivada[] sgiLlavePrivadaArr, int[] iArr, InputStream inputStream) throws SgiCriptoException {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ArrayList arrayList = new ArrayList();
            CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList), "BC");
            CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator = new CMSSignedDataStreamGenerator();
            for (SgiCertificado sgiCertificado : sgiCertificadoArr) {
                X509Certificate x509_Certificate = sgiCertificado.getX509_Certificate();
                arrayList.add(x509_Certificate);
                cMSSignedDataStreamGenerator.addSigner(sgiLlavePrivadaArr[0].getLlave(), x509_Certificate, CMSSignedGenerator.DIGEST_SHA1, "BC");
            }
            cMSSignedDataStreamGenerator.addCertificatesAndCRLs(certStore);
            OutputStream open = cMSSignedDataStreamGenerator.open(byteArrayOutputStream, true);
            Streams.pipeAll(inputStream, open);
            open.close();
            return new CMSSignedData(new BufferedInputStream(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())));
        } catch (IOException e) {
            throw new SgiCriptoException(new StringBuffer().append("Error IO. ").append(e.getMessage()).toString(), WinError.ERROR_ENCRYPTION_FAILED);
        } catch (IllegalArgumentException e2) {
            throw new SgiCriptoException(new StringBuffer().append("Argumentos inválidos. ").append(e2.getMessage()).toString(), WinError.ERROR_ENCRYPTION_FAILED);
        } catch (InvalidAlgorithmParameterException e3) {
            throw new SgiCriptoException(new StringBuffer().append("Parametros del algoritmo invalidos. ").append(e3.getMessage()).toString(), WinError.ERROR_ENCRYPTION_FAILED);
        } catch (InvalidKeyException e4) {
            throw new SgiCriptoException(new StringBuffer().append("Llave inválida. ").append(e4.getMessage()).toString(), WinError.ERROR_ENCRYPTION_FAILED);
        } catch (NoSuchAlgorithmException e5) {
            throw new SgiCriptoException(new StringBuffer().append("No se encontró algoritmo. ").append(e5.getMessage()).toString(), WinError.ERROR_ENCRYPTION_FAILED);
        } catch (NoSuchProviderException e6) {
            throw new SgiCriptoException(new StringBuffer().append("No se cargo el proveedor. ").append(e6.getMessage()).toString(), WinError.ERROR_ENCRYPTION_FAILED);
        } catch (CMSException e7) {
            throw new SgiCriptoException(new StringBuffer().append("Error al generar el sobre. ").append(e7.getMessage()).toString(), WinError.ERROR_ENCRYPTION_FAILED);
        } catch (CertStoreException e8) {
            throw new SgiCriptoException(new StringBuffer().append("Error en el certStore. ").append(e8.getMessage()).toString(), WinError.ERROR_ENCRYPTION_FAILED);
        }
    }
}
