package es.gob.jmulticard.asn1.icao;

import es.gob.jmulticard.CryptoHelper;
import es.gob.jmulticard.HexUtils;
import es.gob.jmulticard.JmcLogger;
import es.gob.jmulticard.asn1.Asn1Exception;
import es.gob.jmulticard.asn1.DecoderObject;
import es.gob.jmulticard.asn1.Tlv;
import es.gob.jmulticard.asn1.TlvException;
import java.io.IOException;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

/* loaded from: classes.dex */
public final class Sod extends DecoderObject {
    private static final byte TAG = 119;
    private final CryptoHelper cryptoHelper;
    private byte[] ldsSecurityObjectBytes = null;
    private LdsSecurityObject ldsSecurityObject = null;
    private X509Certificate[] certificateChain = null;

    public Sod(CryptoHelper cryptoHelper) {
        this.cryptoHelper = cryptoHelper;
    }

    @Override // es.gob.jmulticard.asn1.DecoderObject
    public void decodeValue() throws Asn1Exception, TlvException {
        checkTag(new Tlv(getBytes()).getTag());
    }

    public X509Certificate[] getCertificateChain() throws TlvException, Asn1Exception, SignatureException, CertificateException, IOException {
        if (this.certificateChain == null) {
            validateSignature();
        }
        return (X509Certificate[]) this.certificateChain.clone();
    }

    @Override // es.gob.jmulticard.asn1.DecoderObject
    public byte getDefaultTag() {
        return TAG;
    }

    public LdsSecurityObject getLdsSecurityObject() throws TlvException, Asn1Exception, IOException, SignatureException, CertificateException {
        if (this.ldsSecurityObject == null) {
            validateSignature();
        }
        return this.ldsSecurityObject;
    }

    public byte[] getLdsSecurityObjectBytes() throws SignatureException, CertificateException, TlvException, IOException, Asn1Exception {
        if (this.ldsSecurityObjectBytes == null) {
            validateSignature();
        }
        return this.ldsSecurityObjectBytes;
    }

    public String toString() {
        StringBuilder sb2 = new StringBuilder("SOD ICAO");
        try {
            sb2.append("\nFirmado por: " + getCertificateChain()[0].getSubjectX500Principal());
            sb2.append("\n  Con huellas para los siguientes grupos de datos\n");
            for (DataGroupHash dataGroupHash : this.ldsSecurityObject.getDataGroupHashes()) {
                sb2.append("    DG");
                sb2.append(dataGroupHash.getDataGroupNumber());
                sb2.append(" = ");
                sb2.append(HexUtils.hexify(dataGroupHash.getDataGroupHashValue(), false));
                sb2.append('\n');
            }
            return sb2.toString();
        } catch (Exception e10) {
            JmcLogger.warning("No se ha podido obtener la cadena de certificados de firma del SOD: " + e10);
            return sb2.toString();
        }
    }

    public void validateSignature() throws TlvException, SignatureException, CertificateException, IOException, Asn1Exception {
        Tlv tlv = new Tlv(getBytes());
        this.certificateChain = this.cryptoHelper.validateCmsSignature(tlv.getValue());
        this.ldsSecurityObjectBytes = this.cryptoHelper.getCmsSignatureSignedContent(tlv.getValue());
        LdsSecurityObject ldsSecurityObject = new LdsSecurityObject();
        this.ldsSecurityObject = ldsSecurityObject;
        ldsSecurityObject.setDerValue(this.ldsSecurityObjectBytes);
    }
}
