package es.gob.afirma.signers.cades;

import bj.e;
import bj.h;
import bj.y;
import bj.z;
import es.gob.afirma.core.AOException;
import es.gob.afirma.core.misc.AOUtil;
import es.gob.afirma.core.signers.AOSignConstants;
import es.gob.afirma.signers.pkcs7.AOAlgorithmID;
import es.gob.afirma.signers.pkcs7.SigUtils;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.logging.Logger;
import mj.b;
import org.bouncycastle.asn1.ASN1Encoding;
import rj.d;
import tj.a;
import tj.x;
import yi.e0;
import yi.e1;
import yi.f;
import yi.m;
import yi.n;
import yi.s;
import yi.t;
import yi.v;
import yi.y0;

/* loaded from: classes.dex */
public final class CAdESTriPhaseSigner {
    private CAdESTriPhaseSigner() {
    }

    public static byte[] postSign(String str, byte[] bArr, Certificate[] certificateArr, byte[] bArr2, byte[] bArr3) throws AOException {
        e eVar;
        if (certificateArr == null || certificateArr.length == 0) {
            throw new IllegalArgumentException("La cadena de certificados debe contener al menos una entrada");
        }
        String digestAlgorithmName = AOSignConstants.getDigestAlgorithmName(str);
        try {
            m g10 = s.g(((X509Certificate) certificateArr[0]).getTBSCertificate());
            x xVar = g10 instanceof x ? (x) g10 : g10 != null ? new x(t.p(g10)) : null;
            y yVar = new y(new h(d.a(xVar.f22668e), xVar.f22666c.t()));
            try {
                a makeAlgId = SigUtils.makeAlgId(AOAlgorithmID.getOID(digestAlgorithmName));
                try {
                    a makeAlgId2 = SigUtils.makeAlgId(AOAlgorithmID.getOID(str.contains("withRSA") ? "RSA" : str));
                    y0 y0Var = new y0(bArr2);
                    try {
                        v vVar = (v) s.g(bArr3);
                        f fVar = new f();
                        fVar.a(new z(yVar, makeAlgId, vVar, makeAlgId2, y0Var, null));
                        if (bArr != null) {
                            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                            new xj.f(bArr);
                            try {
                                byteArrayOutputStream.write(bArr);
                                eVar = new e(new n(b.F0.f27999a), new e0(byteArrayOutputStream.toByteArray()));
                            } catch (Exception e10) {
                                throw new AOException("Error en la escritura del contenido implicito en el ContentInfo", e10);
                            }
                        } else {
                            eVar = new e(new n(b.F0.f27999a), null);
                        }
                        e eVar2 = eVar;
                        ArrayList arrayList = new ArrayList();
                        for (Certificate certificate : certificateArr) {
                            try {
                                arrayList.add(tj.f.a(s.g(certificate.getEncoded())));
                            } catch (Exception e11) {
                                Logger.getLogger("es.gob.afirma").severe("Error insertando el certificado '" + AOUtil.getCN((X509Certificate) certificate) + "' en la cadena de confianza: " + e11);
                            }
                        }
                        v createBerSetFromList = SigUtils.createBerSetFromList(arrayList);
                        f fVar2 = new f();
                        fVar2.a(makeAlgId);
                        try {
                            return new e(b.G0, new bj.x(new e1(fVar2), eVar2, createBerSetFromList, new e1(fVar))).getEncoded(ASN1Encoding.DER);
                        } catch (IOException e12) {
                            throw new AOException(androidx.activity.f.d("Error creando el ContentInfo de CAdES: ", e12), e12);
                        }
                    } catch (IOException e13) {
                        throw new AOException("Error en la inclusion de la recuperacion de los SignedAttibutes", e13);
                    }
                } catch (Exception e14) {
                    throw new AOException(cj.a.e("Error al codificar el algoritmo de cifrado: ", e14), e14);
                }
            } catch (Exception e15) {
                throw new AOException(cj.a.e("Error obteniendo el OID en ASN.1 del algoritmo de huella digital: ", e15), e15);
            }
        } catch (Exception e16) {
            throw new AOException("No se ha podido crear la estructura de certificados", e16);
        }
    }

    public static byte[] preSign(Certificate[] certificateArr, Date date, CAdESParameters cAdESParameters) throws AOException {
        if (certificateArr == null || certificateArr.length == 0) {
            throw new IllegalArgumentException("La cadena de certificados debe contener al menos una entrada");
        }
        try {
            try {
                return SigUtils.getAttributeSet(new bj.b(CAdESUtils.generateSignedAttributes(certificateArr[0], cAdESParameters, false))).getEncoded(ASN1Encoding.DER);
            } catch (Exception e10) {
                throw new AOException("Error al codificar los datos ASN.1 a firmar finalmente", e10);
            }
        } catch (Exception e11) {
            throw new AOException(cj.a.e("Error obteniendo los atributos a firmar: ", e11), e11);
        }
    }
}
