package defpackage;

import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.CRLException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Optional;
import java.util.TimeZone;
import java.util.UUID;
import java.util.function.Consumer;
import java.util.function.Supplier;
import javax.xml.crypto.MarshalException;
import org.apache.xml.security.c14n.Canonicalizer;
import org.apache.xmlbeans.XmlException;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.cert.ocsp.BasicOCSPResp;
import org.bouncycastle.cert.ocsp.OCSPResp;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* compiled from: XAdESXLSignatureFacet.java */
/* loaded from: classes9.dex */
public class jvl implements wwj {
    public static final rbg h = ibg.getLogger((Class<?>) jvl.class);
    public final CertificateFactory g;

    public jvl() {
        try {
            this.g = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e) {
            throw new RuntimeException("X509 JCA error: " + e.getMessage(), e);
        }
    }

    public static byte[] l(List<Node> list, String str) {
        try {
            ucl uclVar = new ucl();
            try {
                Iterator<Node> it = list.iterator();
                while (it.hasNext()) {
                    Canonicalizer.getInstance(str).canonicalizeSubtree(it.next(), uclVar);
                }
                byte[] byteArray = uclVar.toByteArray();
                uclVar.close();
                return byteArray;
            } catch (Throwable th) {
                try {
                    throw th;
                } catch (Throwable th2) {
                    try {
                        uclVar.close();
                    } catch (Throwable th3) {
                        th.addSuppressed(th3);
                    }
                    throw th2;
                }
            }
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            throw new RuntimeException("c14n error: " + e2.getMessage(), e2);
        }
    }

    public static /* synthetic */ void o(j6b j6bVar, uwj uwjVar, X509Certificate x509Certificate) {
        evl.n(j6bVar.addNewCert(), uwjVar, false, x509Certificate);
    }

    public final void b(dal dalVar, uwj uwjVar) {
        r6b addNewCertificateValues = dalVar.addNewCertificateValues();
        Iterator<X509Certificate> it = uwjVar.getSigningCertificateChain().iterator();
        while (it.hasNext()) {
            try {
                addNewCertificateValues.addNewEncapsulatedX509Certificate().setByteArrayValue(it.next().getEncoded());
            } catch (CertificateEncodingException e) {
                throw new RuntimeException("certificate encoding error: " + e.getMessage(), e);
            }
        }
    }

    public final void c(uob uobVar, uwj uwjVar, r0j r0jVar) {
        if (r0jVar.hasCRLs()) {
            rj0 addNewCRLRefs = uobVar.addNewCRLRefs();
            uobVar.setCRLRefs(addNewCRLRefs);
            for (byte[] bArr : r0jVar.getCRLs()) {
                qj0 addNewCRLRef = addNewCRLRefs.addNewCRLRef();
                try {
                    X509CRL x509crl = (X509CRL) this.g.generateCRL(new scl(bArr));
                    pj0 addNewCRLIdentifier = addNewCRLRef.addNewCRLIdentifier();
                    addNewCRLIdentifier.setIssuer(x509crl.getIssuerX500Principal().getName().replace(",", xqf.h));
                    Calendar calendar = Calendar.getInstance(TimeZone.getTimeZone("Z"), Locale.ROOT);
                    calendar.setTime(x509crl.getThisUpdate());
                    addNewCRLIdentifier.setIssueTime(calendar);
                    addNewCRLIdentifier.setNumber(m(x509crl));
                    evl.o(addNewCRLRef.addNewDigestAlgAndValue(), bArr, uwjVar.getDigestAlgo());
                } catch (CRLException e) {
                    throw new RuntimeException("CRL parse error: " + e.getMessage(), e);
                }
            }
        }
    }

    public final void d(uob uobVar, uwj uwjVar, r0j r0jVar) {
        if (r0jVar.hasOCSPs()) {
            hch addNewOCSPRefs = uobVar.addNewOCSPRefs();
            for (byte[] bArr : r0jVar.getOCSPs()) {
                try {
                    gch addNewOCSPRef = addNewOCSPRefs.addNewOCSPRef();
                    evl.o(addNewOCSPRef.addNewDigestAlgAndValue(), bArr, uwjVar.getDigestAlgo());
                    fch addNewOCSPIdentifier = addNewOCSPRef.addNewOCSPIdentifier();
                    BasicOCSPResp basicOCSPResp = (BasicOCSPResp) new OCSPResp(bArr).getResponseObject();
                    Calendar calendar = Calendar.getInstance(TimeZone.getTimeZone("Z"), Locale.ROOT);
                    calendar.setTime(basicOCSPResp.getProducedAt());
                    addNewOCSPIdentifier.setProducedAt(calendar);
                    rui addNewResponderID = addNewOCSPIdentifier.addNewResponderID();
                    DERTaggedObject aSN1Primitive = basicOCSPResp.getResponderId().toASN1Primitive().toASN1Primitive();
                    if (2 == aSN1Primitive.getTagNo()) {
                        addNewResponderID.setByKey(aSN1Primitive.getObject().getOctets());
                    } else {
                        addNewResponderID.setByName(X500Name.getInstance(aSN1Primitive.getObject()).toString());
                    }
                } catch (Exception e) {
                    throw new RuntimeException("OCSP decoding error: " + e.getMessage(), e);
                }
            }
        }
    }

    public final fvl e(NodeList nodeList, cxj cxjVar, dal dalVar) {
        if (nodeList.getLength() != 1) {
            throw new IllegalArgumentException("SignatureValue is not set.");
        }
        r0j r0jVar = new r0j();
        h.atDebug().log("creating XAdES-T time-stamp");
        fvl j = j(cxjVar, Collections.singletonList(nodeList.item(0)), r0jVar);
        dalVar.addNewSignatureTimeStamp().set(j);
        if (r0jVar.hasRevocationDataEntries()) {
            evl.l(dalVar, i(r0jVar));
        }
        return j;
    }

    public final void f(dal dalVar, cxj cxjVar, NodeList nodeList, fvl fvlVar, tob tobVar, uob uobVar) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(nodeList.item(0));
        arrayList.add(fvlVar.getDomNode());
        arrayList.add(tobVar.getDomNode());
        arrayList.add(uobVar.getDomNode());
        r0j r0jVar = new r0j();
        h.atDebug().log("creating XAdES-X time-stamp");
        fvl j = j(cxjVar, arrayList, r0jVar);
        if (r0jVar.hasRevocationDataEntries()) {
            evl.l(dalVar, i(r0jVar));
        }
        dalVar.addNewSigAndRefsTimeStamp().set(j);
    }

    public final tob g(dal dalVar, final uwj uwjVar) {
        tob addNewCompleteCertificateRefs = dalVar.addNewCompleteCertificateRefs();
        final j6b addNewCertRefs = addNewCompleteCertificateRefs.addNewCertRefs();
        uwjVar.getSigningCertificateChain().stream().skip(1L).forEachOrdered(new Consumer() { // from class: gvl
            @Override // java.util.function.Consumer
            public final void accept(Object obj) {
                jvl.o(j6b.this, uwjVar, (X509Certificate) obj);
            }
        });
        return addNewCompleteCertificateRefs;
    }

    public final void h(t0j t0jVar, r0j r0jVar) {
        if (r0jVar.hasCRLs()) {
            xj0 addNewCRLValues = t0jVar.addNewCRLValues();
            Iterator<byte[]> it = r0jVar.getCRLs().iterator();
            while (it.hasNext()) {
                addNewCRLValues.addNewEncapsulatedCRLValue().setByteArrayValue(it.next());
            }
        }
        if (r0jVar.hasOCSPs()) {
            nch addNewOCSPValues = t0jVar.addNewOCSPValues();
            Iterator<byte[]> it2 = r0jVar.getOCSPs().iterator();
            while (it2.hasNext()) {
                addNewOCSPValues.addNewEncapsulatedOCSPValue().setByteArrayValue(it2.next());
            }
        }
    }

    public final gfl i(r0j r0jVar) {
        gfl newInstance = gfl.nE.newInstance();
        h(newInstance.addNewRevocationValues(), r0jVar);
        return newInstance;
    }

    public final fvl j(cxj cxjVar, List<Node> list, r0j r0jVar) {
        return k(cxjVar, l(list, cxjVar.getSignatureConfig().getXadesCanonicalizationMethod()), r0jVar);
    }

    public final fvl k(cxj cxjVar, byte[] bArr, r0j r0jVar) {
        uwj signatureConfig = cxjVar.getSignatureConfig();
        try {
            byte[] timeStamp = signatureConfig.getTspService().timeStamp(cxjVar, bArr, r0jVar);
            fvl newInstance = fvl.zE.newInstance();
            newInstance.setId("time-stamp-" + UUID.randomUUID());
            newInstance.addNewCanonicalizationMethod().setAlgorithm(signatureConfig.getXadesCanonicalizationMethod());
            c9d addNewEncapsulatedTimeStamp = newInstance.addNewEncapsulatedTimeStamp();
            addNewEncapsulatedTimeStamp.setByteArrayValue(timeStamp);
            addNewEncapsulatedTimeStamp.setId("time-stamp-token-" + UUID.randomUUID());
            return newInstance;
        } catch (Exception e) {
            throw new RuntimeException("error while creating a time-stamp: " + e.getMessage(), e);
        }
    }

    public final BigInteger m(X509CRL x509crl) {
        byte[] extensionValue = x509crl.getExtensionValue(Extension.cRLNumber.getId());
        if (extensionValue == null) {
            return null;
        }
        try {
            ASN1InputStream aSN1InputStream = new ASN1InputStream(extensionValue);
            try {
                ASN1InputStream aSN1InputStream2 = new ASN1InputStream(aSN1InputStream.readObject().getOctets());
                try {
                    BigInteger positiveValue = aSN1InputStream2.readObject().getPositiveValue();
                    aSN1InputStream2.close();
                    aSN1InputStream.close();
                    return positiveValue;
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            throw new RuntimeException("I/O error: " + e.getMessage(), e);
        }
    }

    public final pgi n(NodeList nodeList) throws MarshalException {
        if (nodeList.getLength() != 1) {
            throw new MarshalException("no XAdES-BES extension present");
        }
        try {
            return ogi.iu.parse(nodeList.item(0), mth.e).getQualifyingProperties();
        } catch (XmlException e) {
            throw new MarshalException(e);
        }
    }

    @Override // defpackage.wwj
    public void postSign(cxj cxjVar, Document document) throws MarshalException {
        h.atDebug().log("XAdES-X-L post sign phase");
        uwj signatureConfig = cxjVar.getSignatureConfig();
        NodeList elementsByTagNameNS = document.getElementsByTagNameNS(wwj.e, "QualifyingProperties");
        final pgi n = n(elementsByTagNameNS);
        final cal calVar = (cal) Optional.ofNullable(n.getUnsignedProperties()).orElseGet(new Supplier() { // from class: hvl
            @Override // java.util.function.Supplier
            public final Object get() {
                return pgi.this.addNewUnsignedProperties();
            }
        });
        dal dalVar = (dal) Optional.ofNullable(calVar.getUnsignedSignatureProperties()).orElseGet(new Supplier() { // from class: ivl
            @Override // java.util.function.Supplier
            public final Object get() {
                return cal.this.addNewUnsignedSignatureProperties();
            }
        });
        NodeList elementsByTagNameNS2 = document.getElementsByTagNameNS(wwj.b, "SignatureValue");
        fvl e = e(elementsByTagNameNS2, cxjVar, dalVar);
        s0j revocationDataService = signatureConfig.getRevocationDataService();
        if (revocationDataService != null) {
            tob g = g(dalVar, signatureConfig);
            r0j revocationData = revocationDataService.getRevocationData(signatureConfig.getSigningCertificateChain());
            uob addNewCompleteRevocationRefs = dalVar.addNewCompleteRevocationRefs();
            c(addNewCompleteRevocationRefs, signatureConfig, revocationData);
            d(addNewCompleteRevocationRefs, signatureConfig, revocationData);
            f(dalVar, cxjVar, elementsByTagNameNS2, e, g, addNewCompleteRevocationRefs);
            b(dalVar, signatureConfig);
            h(dalVar.addNewRevocationValues(), revocationData);
        }
        elementsByTagNameNS.item(0).getParentNode().replaceChild(document.importNode(n.getDomNode(), true), elementsByTagNameNS.item(0));
    }
}
