package org.jruby.ext.openssl.impl;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.CertificateException;
import java.security.cert.X509CRL;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DLSequence;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.Certificate;
import org.jruby.ext.openssl.x509store.X509AuxCertificate;

/* loaded from: input_file:BOOT-INF/lib/jruby-stdlib-9.2.20.1.jar:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/impl/Signed.class */
public class Signed {
    private int version;
    private Collection<X509CRL> crl = new ArrayList();
    private Collection<X509AuxCertificate> cert = new ArrayList();
    private Set<AlgorithmIdentifier> mdAlgs = new HashSet();
    private Collection<SignerInfoWithPkey> signerInfo = new ArrayList();
    PKCS7 contents;

    public final int getVersion() {
        return this.version;
    }

    public final void setVersion(int i) {
        this.version = i;
    }

    public final Collection<SignerInfoWithPkey> getSignerInfo() {
        return this.signerInfo;
    }

    public final void setSignerInfo(Collection<SignerInfoWithPkey> collection) {
        this.signerInfo = collection;
    }

    public final Set<AlgorithmIdentifier> getMdAlgs() {
        return this.mdAlgs;
    }

    public final void setMdAlgs(Set<AlgorithmIdentifier> set) {
        this.mdAlgs = set;
    }

    public final PKCS7 getContents() {
        return this.contents;
    }

    public final void setContents(PKCS7 pkcs7) {
        this.contents = pkcs7;
    }

    public final Collection<X509AuxCertificate> getCert() {
        return this.cert;
    }

    public final void setCert(Collection<X509AuxCertificate> collection) {
        this.cert = collection;
    }

    public final Collection<X509CRL> getCrl() {
        return this.crl;
    }

    public final void setCrl(Collection<X509CRL> collection) {
        this.crl = collection;
    }

    public String toString() {
        return "#<Signed version=" + this.version + " mdAlgs=" + this.mdAlgs + " content=" + this.contents + " cert=" + this.cert + " crls=" + this.crl + " signerInfos=" + this.signerInfo + ">";
    }

    public ASN1Encodable asASN1() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ASN1Integer(BigInteger.valueOf(this.version)));
        aSN1EncodableVector.add(digestAlgorithmsToASN1Set());
        if (this.contents == null) {
            this.contents = PKCS7.newEmpty();
        }
        aSN1EncodableVector.add(this.contents.asASN1());
        if (this.cert != null && this.cert.size() > 0) {
            if (this.cert.size() > 1) {
                aSN1EncodableVector.add(new DERTaggedObject(false, 0, certificatesToASN1Set()));
            } else {
                aSN1EncodableVector.add(new DERTaggedObject(true, 0, firstCertificatesToASN1()));
            }
        }
        if (this.crl != null && this.crl.size() > 0) {
            aSN1EncodableVector.add(new DERTaggedObject(false, 1, crlsToASN1Set()));
        }
        aSN1EncodableVector.add(signerInfosToASN1Set());
        return new DLSequence(aSN1EncodableVector);
    }

    private ASN1Set digestAlgorithmsToASN1Set() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        Iterator<AlgorithmIdentifier> it = this.mdAlgs.iterator();
        while (it.hasNext()) {
            aSN1EncodableVector.add(it.next().toASN1Primitive());
        }
        return new DERSet(aSN1EncodableVector);
    }

    private ASN1Set certificatesToASN1Set() {
        try {
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            Iterator<X509AuxCertificate> it = this.cert.iterator();
            while (it.hasNext()) {
                aSN1EncodableVector.add(new ASN1InputStream(new ByteArrayInputStream(it.next().getEncoded())).readObject());
            }
            return new DERSet(aSN1EncodableVector);
        } catch (Exception e) {
            return null;
        }
    }

    private ASN1Sequence firstCertificatesToASN1() {
        try {
            return (ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(this.cert.iterator().next().getEncoded())).readObject();
        } catch (Exception e) {
            return null;
        }
    }

    private ASN1Set crlsToASN1Set() {
        throw new RuntimeException("TODO: implement CRL part");
    }

    private ASN1Set signerInfosToASN1Set() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        Iterator<SignerInfoWithPkey> it = this.signerInfo.iterator();
        while (it.hasNext()) {
            aSN1EncodableVector.add(it.next().toASN1Object());
        }
        return new DERSet(aSN1EncodableVector);
    }

    public static Signed fromASN1(ASN1Encodable aSN1Encodable) throws PKCS7Exception {
        ASN1Sequence aSN1Sequence = (ASN1Sequence) aSN1Encodable;
        ASN1Integer aSN1Integer = (ASN1Integer) aSN1Sequence.getObjectAt(0);
        ASN1Set aSN1Set = (ASN1Set) aSN1Sequence.getObjectAt(1);
        ASN1Encodable objectAt = aSN1Sequence.getObjectAt(2);
        ASN1Primitive aSN1Primitive = null;
        ASN1Primitive aSN1Primitive2 = null;
        int i = 3;
        ASN1Encodable objectAt2 = aSN1Sequence.getObjectAt(3);
        if ((objectAt2 instanceof ASN1TaggedObject) && ((ASN1TaggedObject) objectAt2).getTagNo() == 0) {
            aSN1Primitive = ((ASN1TaggedObject) objectAt2).getObject();
            i = 3 + 1;
        }
        ASN1Encodable objectAt3 = aSN1Sequence.getObjectAt(i);
        if ((objectAt3 instanceof ASN1TaggedObject) && ((ASN1TaggedObject) objectAt3).getTagNo() == 1) {
            aSN1Primitive2 = ((ASN1TaggedObject) objectAt3).getObject();
            i++;
        }
        ASN1Set aSN1Set2 = (ASN1Set) aSN1Sequence.getObjectAt(i);
        Signed signed = new Signed();
        signed.setVersion(aSN1Integer.getValue().intValue());
        signed.setMdAlgs(algorithmIdentifiersFromASN1Set(aSN1Set));
        signed.setContents(PKCS7.fromASN1(objectAt));
        if (aSN1Primitive != null) {
            signed.setCert(certificatesFromASN1Set(aSN1Primitive));
        }
        if (aSN1Primitive2 != null) {
            throw new RuntimeException("TODO: implement CRL part");
        }
        signed.setSignerInfo(signerInfosFromASN1Set(aSN1Set2));
        return signed;
    }

    private static Collection<X509AuxCertificate> certificatesFromASN1Set(ASN1Encodable aSN1Encodable) throws PKCS7Exception {
        ArrayList arrayList = new ArrayList();
        if (aSN1Encodable instanceof ASN1Sequence) {
            try {
                Enumeration objects = ((ASN1Sequence) aSN1Encodable).getObjects();
                while (objects.hasMoreElements()) {
                    arrayList.add(certificateFromASN1((ASN1Encodable) objects.nextElement()));
                }
            } catch (IllegalArgumentException e) {
                arrayList.add(certificateFromASN1(aSN1Encodable));
            }
        } else {
            if (!(aSN1Encodable instanceof ASN1Set)) {
                throw new PKCS7Exception(120, 117, "unknown certificates format");
            }
            Enumeration objects2 = ((ASN1Set) aSN1Encodable).getObjects();
            while (objects2.hasMoreElements()) {
                arrayList.add(certificateFromASN1((ASN1Encodable) objects2.nextElement()));
            }
        }
        return arrayList;
    }

    private static X509AuxCertificate certificateFromASN1(ASN1Encodable aSN1Encodable) throws PKCS7Exception {
        try {
            return new X509AuxCertificate(Certificate.getInstance(aSN1Encodable));
        } catch (IOException e) {
            throw new PKCS7Exception(120, 117, e);
        } catch (CertificateException e2) {
            throw new PKCS7Exception(120, 117, e2);
        }
    }

    private static Set<AlgorithmIdentifier> algorithmIdentifiersFromASN1Set(ASN1Encodable aSN1Encodable) {
        HashSet hashSet = new HashSet();
        Enumeration objects = ((ASN1Set) aSN1Encodable).getObjects();
        while (objects.hasMoreElements()) {
            hashSet.add(AlgorithmIdentifier.getInstance(objects.nextElement()));
        }
        return hashSet;
    }

    private static Collection<SignerInfoWithPkey> signerInfosFromASN1Set(ASN1Encodable aSN1Encodable) {
        ArrayList arrayList = new ArrayList();
        Enumeration objects = ((ASN1Set) aSN1Encodable).getObjects();
        while (objects.hasMoreElements()) {
            arrayList.add(SignerInfoWithPkey.getInstance(objects.nextElement()));
        }
        return arrayList;
    }
}
