package oracle.security.crypto.cms;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import oracle.security.crypto.asn1.ASN1GenericConstructed;
import oracle.security.crypto.asn1.ASN1Integer;
import oracle.security.crypto.asn1.ASN1ObjectID;
import oracle.security.crypto.asn1.ASN1Sequence;
import oracle.security.crypto.asn1.ASN1SequenceInputStream;
import oracle.security.crypto.asn1.ASN1Set;
import oracle.security.crypto.asn1.ASN1SetInputStream;
import oracle.security.crypto.cert.AttributeSet;
import oracle.security.crypto.cert.CRL;
import oracle.security.crypto.cert.CertificateTrustPolicy;
import oracle.security.crypto.cert.CertificateVerifier;
import oracle.security.crypto.cert.IssuerAndSerialNo;
import oracle.security.crypto.cert.X509;
import oracle.security.crypto.core.AlgorithmIdentifier;
import oracle.security.crypto.core.AuthenticationException;
import oracle.security.crypto.util.FixedByteArrayOutputStream;
import oracle.security.crypto.util.InvalidInputException;
import oracle.security.crypto.util.StreamableOutputException;
import oracle.security.crypto.util.UnsyncByteArrayOutputStream;
import oracle.security.crypto.util.Utils;
import oracle.security.crypto.util.VersionException;

/* loaded from: input_file:oracle/security/crypto/cms/CMSSignedDataContentInfo.class */
public class CMSSignedDataContentInfo extends CMSContentInfo {
    private ASN1Integer version;
    private CMSContentInfo contentInfo;
    private Vector certificates;
    private Vector crls;
    private Hashtable sigTable;
    private boolean createExternalSignature;
    private byte[] exposedContent;

    public CMSSignedDataContentInfo() {
        super(CMS.id_signedData);
        this.createExternalSignature = false;
        this.exposedContent = null;
    }

    public CMSSignedDataContentInfo(CMSContentInfo cMSContentInfo) {
        super(CMS.id_signedData);
        this.createExternalSignature = false;
        this.exposedContent = null;
        if (cMSContentInfo == null) {
            throw new IllegalArgumentException("Null Content Info");
        }
        this.contentInfo = cMSContentInfo;
        this.sigTable = new Hashtable();
    }

    public CMSSignedDataContentInfo(InputStream inputStream) throws IOException {
        super(CMS.id_signedData);
        this.createExternalSignature = false;
        this.exposedContent = null;
        input(inputStream);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // oracle.security.crypto.cms.CMSContentInfo
    public void setExposedContent(byte[] bArr) {
        this.exposedContent = bArr;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // oracle.security.crypto.cms.CMSContentInfo
    public byte[] getExposedContent() {
        if (this.exposedContent == null) {
            if (this.contentInfo == null) {
                return null;
            }
            try {
                OutputStream unsyncByteArrayOutputStream = new UnsyncByteArrayOutputStream();
                boolean z = true;
                if (this.sigTable != null) {
                    Enumeration elements = this.sigTable.elements();
                    while (elements.hasMoreElements() && z) {
                        if (((CMSSignerInfo) elements.nextElement()).isSPKI()) {
                            z = false;
                        }
                    }
                }
                if (this.certificates != null && z) {
                    Enumeration elements2 = this.certificates.elements();
                    while (elements2.hasMoreElements() && z) {
                        if (!(((Certificate) elements2.nextElement()) instanceof X509Certificate)) {
                            z = false;
                        }
                    }
                }
                if (z && !this.contentInfo.getContentType().equals(CMS.id_data)) {
                    z = false;
                }
                if (z) {
                    this.version = new ASN1Integer(1L);
                } else {
                    this.version = new ASN1Integer(3L);
                }
                this.version.output(unsyncByteArrayOutputStream);
                Hashtable hashtable = new Hashtable();
                Enumeration elements3 = this.sigTable.elements();
                while (elements3.hasMoreElements()) {
                    hashtable.put(((CMSSignerInfo) elements3.nextElement()).getDigestAlgID(), "NOTHING");
                }
                new ASN1Set(hashtable.keys()).output(unsyncByteArrayOutputStream);
                new EncapsulatedContentInfo(this.contentInfo, !this.createExternalSignature).output(unsyncByteArrayOutputStream);
                Vector vector = null;
                if (this.certificates != null) {
                    vector = CMSUtils.toX509Vector(this.certificates);
                }
                if (vector != null) {
                    ASN1GenericConstructed.outputValue(unsyncByteArrayOutputStream, new ASN1Set(vector).elements(), 0);
                }
                if (this.crls != null) {
                    ASN1GenericConstructed.outputValue(unsyncByteArrayOutputStream, new ASN1Set(this.crls).elements(), 1);
                }
                new ASN1Set(this.sigTable.elements()).output(unsyncByteArrayOutputStream);
                byte[] byteArray = unsyncByteArrayOutputStream.toByteArray();
                byte[] bytes = Utils.toBytes(ASN1Sequence.makeHeader(byteArray.length));
                FixedByteArrayOutputStream fixedByteArrayOutputStream = new FixedByteArrayOutputStream(bytes.length + byteArray.length);
                fixedByteArrayOutputStream.write(bytes, 0, bytes.length);
                fixedByteArrayOutputStream.write(byteArray, 0, byteArray.length);
                this.exposedContent = fixedByteArrayOutputStream.toByteArray();
            } catch (IOException e) {
                throw new StreamableOutputException(e.toString());
            } catch (NullPointerException e2) {
                throw new StreamableOutputException("CMS Object is not initialized: " + e2.toString());
            } catch (CertificateEncodingException e3) {
                throw new StreamableOutputException("Error while encoding the Certificate");
            }
        }
        return this.exposedContent;
    }

    @Override // oracle.security.crypto.cms.CMSContentInfo
    public boolean isDegenerate() {
        return this.contentInfo != null && this.sigTable.size() == 0;
    }

    public boolean isExternalSignature() {
        if (this.contentInfo == null || this.sigTable.size() == 0) {
            return false;
        }
        return this.contentInfo.isDetached();
    }

    public void writeExternalSignature(boolean z) {
        this.createExternalSignature = z;
        update();
    }

    @Override // oracle.security.crypto.cms.CMSContentInfo
    public boolean isDetached() {
        if (this.contentInfo == null) {
            return true;
        }
        ASN1ObjectID contentType = this.contentInfo.getContentType();
        if (contentType.equals(CMS.id_digestedData) || contentType.equals(CMS.id_signedData) || contentType.equals(CMS.id_ct_authData) || contentType.equals(CMS.id_encryptedData) || contentType.equals(CMS.id_envelopedData)) {
            return false;
        }
        return this.contentInfo.isDetached();
    }

    public void setEnclosed(CMSContentInfo cMSContentInfo) {
        if (this.contentInfo == null) {
            throw new IllegalArgumentException("Null Content Info");
        }
        this.contentInfo = cMSContentInfo;
        update();
    }

    public CMSContentInfo getEnclosed() {
        return this.contentInfo;
    }

    public ASN1ObjectID getEnclosedContentType() {
        return this.contentInfo.getContentType();
    }

    public BigInteger getVersionNumber() {
        return this.version.getValue();
    }

    public ASN1Integer getVersion() {
        return this.version;
    }

    public Enumeration signers() {
        return this.sigTable.elements();
    }

    public String toString() {
        if (isDegenerate()) {
            return "degenerate CMS 'signed-data' object";
        }
        StringBuffer stringBuffer = new StringBuffer((isDetached() ? " Detached " : "") + (isDegenerate() ? " Degenerate " : "") + (isExternalSignature() ? " ExternalSignature " : "") + "CMS 'signedData' object, encloses \n");
        stringBuffer.append(this.contentInfo.toString());
        stringBuffer.append("Version: " + this.version.intValue() + "\n");
        stringBuffer.append(", " + Utils.plural(this.sigTable.size(), "signature"));
        if (this.certificates != null) {
            stringBuffer.append(", " + Utils.plural(this.certificates.size(), "certificate"));
        }
        if (this.crls != null) {
            stringBuffer.append(", " + Utils.plural(this.crls.size(), "CRL"));
        }
        return stringBuffer.toString();
    }

    public Vector getCertificates() {
        return this.certificates;
    }

    public Vector getCRLs() {
        return this.crls;
    }

    public CMSSignerInfo getSignerInfo(X509Certificate x509Certificate) throws NoSuchAlgorithmException, SignatureException, IOException, CertificateEncodingException {
        CMSSignerInfo cMSSignerInfo = (CMSSignerInfo) this.sigTable.get(new IssuerAndSerialNo(new X509(x509Certificate.getEncoded())));
        if (cMSSignerInfo == null) {
            cMSSignerInfo = (CMSSignerInfo) this.sigTable.get(Utils.toHexString(CMSUtils.generateSPKI160(x509Certificate)));
        }
        if (cMSSignerInfo == null) {
            cMSSignerInfo = (CMSSignerInfo) this.sigTable.get(Utils.toHexString(CMSUtils.generateSPKI64(x509Certificate)));
        }
        if (cMSSignerInfo == null) {
            throw new SignatureException("Signer is not present");
        }
        return cMSSignerInfo;
    }

    public int hashCode() {
        try {
            UnsyncByteArrayOutputStream unsyncByteArrayOutputStream = new UnsyncByteArrayOutputStream();
            output(unsyncByteArrayOutputStream);
            return new String(unsyncByteArrayOutputStream.toByteArray()).hashCode();
        } catch (IOException e) {
            throw new StreamableOutputException(e.toString());
        }
    }

    public boolean equals(Object obj) {
        return (obj instanceof CMSSignedDataContentInfo) && hashCode() == ((CMSSignedDataContentInfo) obj).hashCode();
    }

    public void addCertificate(X509Certificate x509Certificate) {
        if (this.certificates == null) {
            this.certificates = new Vector();
        }
        this.certificates.addElement(x509Certificate);
        update();
    }

    public void addCRL(CRL crl) {
        if (this.crls == null) {
            this.crls = new Vector();
        }
        this.crls.addElement(crl);
        update();
    }

    public void addCertificates(Vector vector) {
        if (vector != null) {
            if (this.certificates == null) {
                this.certificates = new Vector();
            }
            int size = vector.size();
            for (int i = 0; i < size; i++) {
                this.certificates.addElement(vector.elementAt(i));
            }
            update();
        }
    }

    public void addCRLs(Vector vector) {
        if (vector != null) {
            if (this.crls == null) {
                this.crls = new Vector();
            }
            int size = vector.size();
            for (int i = 0; i < size; i++) {
                this.crls.addElement(vector.elementAt(i));
            }
            update();
        }
    }

    public void addSignature(AttributeSet attributeSet, PrivateKey privateKey, X509Certificate x509Certificate, AlgorithmIdentifier algorithmIdentifier, AlgorithmIdentifier algorithmIdentifier2, AttributeSet attributeSet2) throws InvalidKeyException, SignatureException, NoSuchAlgorithmException, IOException, CertificateEncodingException {
        addSignerInfo(x509Certificate, new CMSSignerInfo(this.contentInfo, attributeSet, privateKey, x509Certificate, algorithmIdentifier, algorithmIdentifier2, attributeSet2));
    }

    public void addSignature(AttributeSet attributeSet, PrivateKey privateKey, X509Certificate x509Certificate, AlgorithmIdentifier algorithmIdentifier, AlgorithmIdentifier algorithmIdentifier2, AttributeSet attributeSet2, boolean z) throws InvalidKeyException, SignatureException, NoSuchAlgorithmException {
        addSignerInfo(x509Certificate, new CMSSignerInfo(this.contentInfo, attributeSet, privateKey, x509Certificate, algorithmIdentifier, algorithmIdentifier2, attributeSet2, z));
    }

    public void addSignerInfo(X509Certificate x509Certificate, CMSSignerInfo cMSSignerInfo) throws NoSuchAlgorithmException {
        if (cMSSignerInfo.isSPKI()) {
            this.sigTable.put(Utils.toHexString(cMSSignerInfo.getSPKI()), cMSSignerInfo);
        } else {
            this.sigTable.put(cMSSignerInfo.getIASN(), cMSSignerInfo);
        }
        update();
    }

    public void verifySignature(X509Certificate x509Certificate) throws AuthenticationException, NoSuchAlgorithmException, CertificateEncodingException, IOException, SignatureException {
        verifySignature(x509Certificate, this.contentInfo);
    }

    public void verifySignature(X509Certificate x509Certificate, CMSContentInfo cMSContentInfo) throws AuthenticationException, NoSuchAlgorithmException, IOException, CertificateEncodingException, SignatureException {
        getSignerInfo(x509Certificate).verifySignature(cMSContentInfo, x509Certificate.getPublicKey());
    }

    public void verify(CertificateTrustPolicy certificateTrustPolicy) throws AuthenticationException {
        verify(certificateTrustPolicy, this.contentInfo);
    }

    public void verify(CertificateTrustPolicy certificateTrustPolicy, CMSContentInfo cMSContentInfo) throws AuthenticationException {
        X509 validCertificate;
        AuthenticationException authenticationException = null;
        try {
            CertificateVerifier makeCertificateVerifier = certificateTrustPolicy.makeCertificateVerifier(CMSUtils.toX509Vector(this.certificates), this.crls);
            Enumeration signers = signers();
            while (signers.hasMoreElements()) {
                CMSSignerInfo cMSSignerInfo = (CMSSignerInfo) signers.nextElement();
                try {
                    validCertificate = makeCertificateVerifier.getValidCertificate(cMSSignerInfo.getIASN());
                } catch (NoSuchAlgorithmException e) {
                    throw new AuthenticationException(e.toString());
                } catch (SignatureException e2) {
                    throw new AuthenticationException(e2.toString());
                } catch (InvalidKeySpecException e3) {
                    throw new AuthenticationException(e3.toString());
                } catch (AuthenticationException e4) {
                    authenticationException = e4;
                }
                if (validCertificate != null) {
                    validCertificate.getPublicKey();
                    cMSSignerInfo.verifySignature(cMSContentInfo, CMSUtils.toJCEPublicKey(validCertificate.getPublicKey()));
                    return;
                }
                continue;
            }
            if (authenticationException != null) {
                throw authenticationException;
            }
            throw new AuthenticationException("Contains no signatures for which a certification path could be found.");
        } catch (CertificateEncodingException e5) {
            throw new AuthenticationException(e5.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // oracle.security.crypto.cms.CMSContentInfo
    public void inputContent(InputStream inputStream) throws IOException {
        ASN1SequenceInputStream aSN1SequenceInputStream = new ASN1SequenceInputStream(inputStream);
        this.version = new ASN1Integer(aSN1SequenceInputStream);
        if (!this.version.equals(1) && !this.version.equals(3)) {
            throw new VersionException("Expected Version 1 or 3 But Got " + this.version.getValue());
        }
        new ASN1SetInputStream(aSN1SequenceInputStream).terminate(true);
        this.contentInfo = new EncapsulatedContentInfo((InputStream) aSN1SequenceInputStream).getCMSContentInfo();
        if (aSN1SequenceInputStream.getCurrentTag() == 0) {
            aSN1SequenceInputStream.setCurrentTag(17);
            this.certificates = new Vector();
            ASN1SetInputStream aSN1SetInputStream = new ASN1SetInputStream(aSN1SequenceInputStream);
            while (aSN1SetInputStream.hasMoreData()) {
                try {
                    this.certificates.addElement(CMSUtils.toX509JCECertificate(new X509(aSN1SetInputStream)));
                } catch (CertificateException e) {
                    throw new IOException(e.toString());
                }
            }
            aSN1SetInputStream.terminate();
        } else {
            this.certificates = null;
        }
        if (aSN1SequenceInputStream.getCurrentTag() == 1) {
            aSN1SequenceInputStream.setCurrentTag(17);
            this.crls = new Vector();
            ASN1SetInputStream aSN1SetInputStream2 = new ASN1SetInputStream(aSN1SequenceInputStream);
            while (aSN1SetInputStream2.hasMoreData()) {
                this.crls.addElement(new CRL(aSN1SetInputStream2));
            }
            aSN1SetInputStream2.terminate();
        } else {
            this.crls = null;
        }
        this.sigTable = new Hashtable();
        ASN1SetInputStream aSN1SetInputStream3 = new ASN1SetInputStream(aSN1SequenceInputStream);
        while (aSN1SetInputStream3.hasMoreData()) {
            CMSSignerInfo cMSSignerInfo = new CMSSignerInfo(aSN1SetInputStream3);
            if (new ASN1Integer(cMSSignerInfo.getVersionNumber()).equals(1)) {
                if (cMSSignerInfo.getIASN() == null) {
                    throw new InvalidInputException("signed-data Version 1 must contain IASN as signer identifier");
                }
                this.sigTable.put(cMSSignerInfo.getIASN(), cMSSignerInfo);
            } else {
                if (cMSSignerInfo.getSPKI() == null) {
                    throw new InvalidInputException("signed-data Version 3 must contain SPKI as signer identifier");
                }
                this.sigTable.put(Utils.toHexString(cMSSignerInfo.getSPKI()), cMSSignerInfo);
            }
        }
        aSN1SetInputStream3.terminate();
        aSN1SequenceInputStream.terminate();
        if (this.contentInfo.isDetached()) {
            this.createExternalSignature = true;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // oracle.security.crypto.cms.CMSContentInfo
    public void update() {
        super.update();
        this.exposedContent = null;
    }
}
