package kz.gov.pki.knca;

import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Hashtable;
import javax.swing.UIManager;
import kz.gov.pki.kalkan.asn1.DERSet;
import kz.gov.pki.kalkan.asn1.cms.Attribute;
import kz.gov.pki.kalkan.asn1.cms.AttributeTable;
import kz.gov.pki.kalkan.asn1.ess.ESSCertIDv2;
import kz.gov.pki.kalkan.asn1.ess.SigningCertificateV2;
import kz.gov.pki.kalkan.asn1.knca.KNCAObjectIdentifiers;
import kz.gov.pki.kalkan.asn1.pkcs.PKCSObjectIdentifiers;
import kz.gov.pki.kalkan.asn1.x509.AlgorithmIdentifier;
import kz.gov.pki.kalkan.jce.provider.cms.CMSException;
import kz.gov.pki.kalkan.jce.provider.cms.CMSProcessableByteArray;
import kz.gov.pki.kalkan.jce.provider.cms.CMSSignedData;
import kz.gov.pki.kalkan.jce.provider.cms.CMSSignedDataGenerator;
import kz.gov.pki.provider.exception.ProviderUtilException;
import kz.gov.pki.provider.exception.ProviderUtilExceptionCode;
import kz.gov.pki.provider.utils.CMSUtil;
import kz.gov.pki.provider.utils.model.SigningEntity;
import kz.gov.pki.provider.utils.model.TSAProfile;

/* loaded from: input_file:kz/gov/pki/knca/a.class */
public class a {
    public a() {
        try {
            if (System.getProperty("os.name").toLowerCase().contains("mac os")) {
                UIManager.setLookAndFeel(UIManager.getCrossPlatformLookAndFeelClassName());
            } else {
                UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
            }
        } catch (Exception e) {
            BundleLog.LOG.error(e.getMessage(), e);
        }
    }

    public static byte[] a(SigningEntity signingEntity, byte[] bArr, byte[] bArr2) {
        String str;
        CMSProcessableByteArray cMSProcessableByteArray;
        try {
            PrivateKey key = signingEntity.getKey();
            X509Certificate x509Certificate = (X509Certificate) signingEntity.getCertificateChain().get(0);
            ArrayList arrayList = new ArrayList();
            arrayList.add(x509Certificate);
            CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList), "KALKAN");
            if (x509Certificate.getSigAlgOID().equals(PKCSObjectIdentifiers.sha256WithRSAEncryption.getId())) {
                str = CMSSignedDataGenerator.DIGEST_SHA256;
            } else {
                if (!x509Certificate.getSigAlgOID().equals(KNCAObjectIdentifiers.gost34311_95_with_gost34310_2004.getId())) {
                    throw new ProviderUtilException(ProviderUtilExceptionCode.UNKNOWN_ALGORITHM);
                }
                str = CMSSignedDataGenerator.DIGEST_GOST34311_95;
            }
            Hashtable hashtable = new Hashtable();
            Attribute attribute = new Attribute(PKCSObjectIdentifiers.id_aa_signingCertificateV2, new DERSet(new SigningCertificateV2(new ESSCertIDv2[]{new ESSCertIDv2((AlgorithmIdentifier) null, MessageDigest.getInstance("SHA-256", "KALKAN").digest(x509Certificate.getEncoded()))})));
            hashtable.put(attribute.getAttrType(), attribute);
            AttributeTable attributeTable = new AttributeTable(hashtable);
            CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
            cMSSignedDataGenerator.addSigner(key, x509Certificate, str, attributeTable, (AttributeTable) null);
            cMSSignedDataGenerator.addCertificatesAndCRLs(certStore);
            if (bArr2 != null) {
                CMSSignedData parseAsCMS = CMSUtil.parseAsCMS(bArr2);
                cMSProcessableByteArray = new CMSProcessableByteArray(bArr);
                cMSSignedDataGenerator.addSigners(parseAsCMS.getSignerInfos());
                cMSSignedDataGenerator.addCertificatesAndCRLs(parseAsCMS.getCertificatesAndCRLs("Collection", "KALKAN"));
            } else {
                cMSProcessableByteArray = new CMSProcessableByteArray(bArr);
            }
            return CMSUtil.applyCAdEST(cMSSignedDataGenerator.generate(cMSProcessableByteArray, false, "KALKAN"), signingEntity, new TSAProfile(), Security.getProvider("KALKAN")).getEncoded();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException | CertStoreException | CertificateEncodingException e) {
            throw new ProviderUtilException(ProviderUtilExceptionCode.PROVIDER_INVOCATION_FAILURE, e);
        } catch (CMSException | IOException e2) {
            throw new ProviderUtilException(ProviderUtilExceptionCode.CMS_PROCESSING_FAILURE, e2);
        }
    }
}
