package com.google.code.jscep.pkcs7;

import com.google.code.jscep.util.AlgorithmDictionary;
import com.google.code.jscep.util.LoggingUtil;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CRLException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.logging.Logger;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DEREncodableVector;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.cms.SignedData;
import org.bouncycastle.asn1.cms.SignerIdentifier;
import org.bouncycastle.asn1.cms.SignerInfo;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.X509Name;

/* loaded from: input_file:com/google/code/jscep/pkcs7/SignedDataGenerator.class */
public class SignedDataGenerator {
    private static Logger LOGGER = LoggingUtil.getLogger("com.google.code.jscep.pkcs7");
    private final String digestAlgorithm = "MD5";
    private final List<X509Certificate> certs = new LinkedList();
    private final List<X509CRL> crls = new LinkedList();

    public void addCertificate(X509Certificate x509Certificate) {
        this.certs.add(x509Certificate);
    }

    public void addCRL(X509CRL x509crl) {
        this.crls.add(x509crl);
    }

    public SignedData generate() throws IOException {
        LOGGER.entering(getClass().getName(), "generate");
        try {
            SignedData signedData = new SignedData(getDigestAlgorithmIdentifiers(), getContentInfo(), getCertificates(), getCRLs(), getSignerInfos());
            LOGGER.exiting(getClass().getName(), "generate", signedData);
            return signedData;
        } catch (NoSuchAlgorithmException e) {
            throw new IOException(e);
        }
    }

    private ContentInfo getContentInfo() {
        return new ContentInfo(getContentType(), getContent());
    }

    private DEREncodable getContent() {
        return new DEROctetString(new byte[0]);
    }

    private DERObjectIdentifier getContentType() {
        return CMSObjectIdentifiers.data;
    }

    private DERSet getDigestAlgorithmIdentifiers() {
        return new DERSet();
    }

    private DERSet getSignerInfos() throws NoSuchAlgorithmException {
        return new DERSet(getSignerInfoVector());
    }

    private DEREncodableVector getSignerInfoVector() throws NoSuchAlgorithmException {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        for (X509Certificate x509Certificate : this.certs) {
            aSN1EncodableVector.add(new SignerInfo(getSignerIdentifier(x509Certificate), getDigestAlgorithm(), getAuthenticatedAttributes(), getDigestEncryptionAlgorithm(x509Certificate), getEncryptedDigest(), getUnauthenticatedAttributes()));
        }
        return aSN1EncodableVector;
    }

    private DERSet getCertificates() throws IOException {
        return new DERSet(getCertificatesVector());
    }

    private DEREncodableVector getCertificatesVector() throws IOException {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        Iterator<X509Certificate> it = this.certs.iterator();
        while (it.hasNext()) {
            try {
                aSN1EncodableVector.add(ASN1Object.fromByteArray(it.next().getEncoded()));
            } catch (CertificateEncodingException e) {
                throw new IOException(e);
            }
        }
        return aSN1EncodableVector;
    }

    private DERSet getCRLs() throws IOException {
        return new DERSet(getCRLsVector());
    }

    private DEREncodableVector getCRLsVector() throws IOException {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        Iterator<X509CRL> it = this.crls.iterator();
        while (it.hasNext()) {
            try {
                aSN1EncodableVector.add(ASN1Object.fromByteArray(it.next().getEncoded()));
            } catch (CRLException e) {
                throw new IOException(e);
            }
        }
        return aSN1EncodableVector;
    }

    private SignerIdentifier getSignerIdentifier(X509Certificate x509Certificate) {
        return new SignerIdentifier(getIssuerAndSerialNumber(x509Certificate));
    }

    private IssuerAndSerialNumber getIssuerAndSerialNumber(X509Certificate x509Certificate) {
        return new IssuerAndSerialNumber(getIssuerName(x509Certificate), x509Certificate.getSerialNumber());
    }

    private X509Name getIssuerName(X509Certificate x509Certificate) {
        return new X509Name(x509Certificate.getIssuerDN().getName());
    }

    private AlgorithmIdentifier getDigestAlgorithm() {
        return AlgorithmDictionary.getAlgId("MD5");
    }

    private DERSet getAuthenticatedAttributes() {
        return new DERSet();
    }

    private AlgorithmIdentifier getDigestEncryptionAlgorithm(X509Certificate x509Certificate) {
        return AlgorithmDictionary.getAlgId(x509Certificate.getPublicKey().getAlgorithm());
    }

    private byte[] getMessageDigest() throws NoSuchAlgorithmException {
        return MessageDigest.getInstance("MD5").digest();
    }

    private ASN1OctetString getEncryptedDigest() throws NoSuchAlgorithmException {
        getMessageDigest();
        return null;
    }

    private DERSet getUnauthenticatedAttributes() {
        return new DERSet();
    }
}
