package org.spongycastle.tsp;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.spongycastle.asn1.ASN1Encodable;
import org.spongycastle.asn1.ASN1EncodableVector;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.ASN1OctetString;
import org.spongycastle.asn1.ASN1Set;
import org.spongycastle.asn1.cms.Attribute;
import org.spongycastle.asn1.cms.AttributeTable;
import org.spongycastle.asn1.cms.ContentInfo;
import org.spongycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
import org.spongycastle.asn1.nist.NISTObjectIdentifiers;
import org.spongycastle.asn1.oiw.OIWObjectIdentifiers;
import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.spongycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
import org.spongycastle.asn1.x509.ExtendedKeyUsage;
import org.spongycastle.asn1.x509.Extension;
import org.spongycastle.asn1.x509.Extensions;
import org.spongycastle.asn1.x509.ExtensionsGenerator;
import org.spongycastle.asn1.x509.KeyPurposeId;
import org.spongycastle.asn1.x509.X509Extensions;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.cms.SignerInformation;
import org.spongycastle.operator.DigestCalculator;
import org.spongycastle.operator.DigestCalculatorProvider;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.util.Arrays;

/* loaded from: classes2.dex */
public class TSPUtil {

    /* renamed from: a, reason: collision with root package name */
    private static Set f4960a = Collections.unmodifiableSet(new HashSet());
    private static List b = Collections.unmodifiableList(new ArrayList());
    private static final Map c = new HashMap();
    private static final Map d = new HashMap();

    static {
        c.put(PKCSObjectIdentifiers.G.d(), new Integer(16));
        c.put(OIWObjectIdentifiers.i.d(), new Integer(20));
        c.put(NISTObjectIdentifiers.e.d(), new Integer(28));
        c.put(NISTObjectIdentifiers.b.d(), new Integer(32));
        c.put(NISTObjectIdentifiers.c.d(), new Integer(48));
        c.put(NISTObjectIdentifiers.d.d(), new Integer(64));
        c.put(TeleTrusTObjectIdentifiers.c.d(), new Integer(16));
        c.put(TeleTrusTObjectIdentifiers.b.d(), new Integer(20));
        c.put(TeleTrusTObjectIdentifiers.d.d(), new Integer(32));
        c.put(CryptoProObjectIdentifiers.b.d(), new Integer(32));
        d.put(PKCSObjectIdentifiers.G.d(), "MD5");
        d.put(OIWObjectIdentifiers.i.d(), "SHA1");
        d.put(NISTObjectIdentifiers.e.d(), "SHA224");
        d.put(NISTObjectIdentifiers.b.d(), "SHA256");
        d.put(NISTObjectIdentifiers.c.d(), "SHA384");
        d.put(NISTObjectIdentifiers.d.d(), "SHA512");
        d.put(PKCSObjectIdentifiers.i_.d(), "SHA1");
        d.put(PKCSObjectIdentifiers.p_.d(), "SHA224");
        d.put(PKCSObjectIdentifiers.m_.d(), "SHA256");
        d.put(PKCSObjectIdentifiers.n_.d(), "SHA384");
        d.put(PKCSObjectIdentifiers.o_.d(), "SHA512");
        d.put(TeleTrusTObjectIdentifiers.c.d(), "RIPEMD128");
        d.put(TeleTrusTObjectIdentifiers.b.d(), "RIPEMD160");
        d.put(TeleTrusTObjectIdentifiers.d.d(), "RIPEMD256");
        d.put(CryptoProObjectIdentifiers.b.d(), "GOST3411");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String a(String str) {
        String str2 = (String) d.get(str);
        return str2 != null ? str2 : str;
    }

    static MessageDigest a(String str, Provider provider) throws NoSuchAlgorithmException {
        String a2 = a(str);
        if (provider != null) {
            try {
                return MessageDigest.getInstance(a2, provider);
            } catch (NoSuchAlgorithmException e) {
            }
        }
        return MessageDigest.getInstance(a2);
    }

    public static Collection a(SignerInformation signerInformation, Provider provider) throws TSPValidationException {
        ArrayList arrayList = new ArrayList();
        AttributeTable l = signerInformation.l();
        if (l != null) {
            ASN1EncodableVector b2 = l.b(PKCSObjectIdentifiers.aO);
            for (int i = 0; i < b2.a(); i++) {
                ASN1Set e = ((Attribute) b2.a(i)).e();
                for (int i2 = 0; i2 < e.e(); i2++) {
                    try {
                        TimeStampToken timeStampToken = new TimeStampToken(ContentInfo.a(e.a(i2)));
                        TimeStampTokenInfo a2 = timeStampToken.a();
                        if (!Arrays.b(a(a2.j().d(), provider).digest(signerInformation.m()), a2.k())) {
                            throw new TSPValidationException("Incorrect digest in message imprint");
                        }
                        arrayList.add(timeStampToken);
                    } catch (NoSuchAlgorithmException e2) {
                        throw new TSPValidationException("Unknown hash algorithm specified in timestamp");
                    } catch (Exception e3) {
                        throw new TSPValidationException("Timestamp could not be parsed");
                    }
                }
            }
        }
        return arrayList;
    }

    public static Collection a(SignerInformation signerInformation, DigestCalculatorProvider digestCalculatorProvider) throws TSPValidationException {
        ArrayList arrayList = new ArrayList();
        AttributeTable l = signerInformation.l();
        if (l != null) {
            ASN1EncodableVector b2 = l.b(PKCSObjectIdentifiers.aO);
            for (int i = 0; i < b2.a(); i++) {
                ASN1Set e = ((Attribute) b2.a(i)).e();
                for (int i2 = 0; i2 < e.e(); i2++) {
                    try {
                        TimeStampToken timeStampToken = new TimeStampToken(ContentInfo.a(e.a(i2)));
                        TimeStampTokenInfo a2 = timeStampToken.a();
                        DigestCalculator a3 = digestCalculatorProvider.a(a2.i());
                        OutputStream b3 = a3.b();
                        b3.write(signerInformation.m());
                        b3.close();
                        if (!Arrays.b(a3.c(), a2.k())) {
                            throw new TSPValidationException("Incorrect digest in message imprint");
                        }
                        arrayList.add(timeStampToken);
                    } catch (OperatorCreationException e2) {
                        throw new TSPValidationException("Unknown hash algorithm specified in timestamp");
                    } catch (Exception e3) {
                        throw new TSPValidationException("Timestamp could not be parsed");
                    }
                }
            }
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static List a(Extensions extensions) {
        return extensions == null ? b : Collections.unmodifiableList(java.util.Arrays.asList(extensions.e()));
    }

    static Set a(X509Extensions x509Extensions) {
        return x509Extensions == null ? f4960a : Collections.unmodifiableSet(new HashSet(java.util.Arrays.asList(x509Extensions.g())));
    }

    public static void a(X509Certificate x509Certificate) throws TSPValidationException {
        if (x509Certificate.getVersion() != 3) {
            throw new IllegalArgumentException("Certificate must have an ExtendedKeyUsage extension.");
        }
        byte[] extensionValue = x509Certificate.getExtensionValue(X509Extensions.u.d());
        if (extensionValue == null) {
            throw new TSPValidationException("Certificate must have an ExtendedKeyUsage extension.");
        }
        if (!x509Certificate.getCriticalExtensionOIDs().contains(X509Extensions.u.d())) {
            throw new TSPValidationException("Certificate must have an ExtendedKeyUsage extension marked as critical.");
        }
        try {
            ExtendedKeyUsage a2 = ExtendedKeyUsage.a(new ASN1InputStream(new ByteArrayInputStream(((ASN1OctetString) new ASN1InputStream(new ByteArrayInputStream(extensionValue)).d()).f())).d());
            if (a2.a(KeyPurposeId.j) && a2.e() == 1) {
            } else {
                throw new TSPValidationException("ExtendedKeyUsage not solely time stamping.");
            }
        } catch (IOException e) {
            throw new TSPValidationException("cannot process ExtendedKeyUsage extension");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void a(ExtensionsGenerator extensionsGenerator, ASN1ObjectIdentifier aSN1ObjectIdentifier, boolean z, ASN1Encodable aSN1Encodable) throws TSPIOException {
        try {
            extensionsGenerator.a(aSN1ObjectIdentifier, z, aSN1Encodable);
        } catch (IOException e) {
            throw new TSPIOException("cannot encode extension: " + e.getMessage(), e);
        }
    }

    public static void a(X509CertificateHolder x509CertificateHolder) throws TSPValidationException {
        if (x509CertificateHolder.m().f() != 3) {
            throw new IllegalArgumentException("Certificate must have an ExtendedKeyUsage extension.");
        }
        Extension a2 = x509CertificateHolder.a(Extension.u);
        if (a2 == null) {
            throw new TSPValidationException("Certificate must have an ExtendedKeyUsage extension.");
        }
        if (!a2.b()) {
            throw new TSPValidationException("Certificate must have an ExtendedKeyUsage extension marked as critical.");
        }
        ExtendedKeyUsage a3 = ExtendedKeyUsage.a(a2.d());
        if (!a3.a(KeyPurposeId.j) || a3.e() != 1) {
            throw new TSPValidationException("ExtendedKeyUsage not solely time stamping.");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int b(String str) throws TSPException {
        Integer num = (Integer) c.get(str);
        if (num != null) {
            return num.intValue();
        }
        throw new TSPException("digest algorithm cannot be found.");
    }

    static Set b(X509Extensions x509Extensions) {
        return x509Extensions == null ? f4960a : Collections.unmodifiableSet(new HashSet(java.util.Arrays.asList(x509Extensions.f())));
    }
}
