package com.koalii.kgsp.core.pkcs;

import com.koalii.kgsp.bc.asn1.ASN1EncodableVector;
import com.koalii.kgsp.bc.asn1.ASN1Encoding;
import com.koalii.kgsp.bc.asn1.ASN1InputStream;
import com.koalii.kgsp.bc.asn1.ASN1ObjectIdentifier;
import com.koalii.kgsp.bc.asn1.ASN1Set;
import com.koalii.kgsp.bc.asn1.DEROctetString;
import com.koalii.kgsp.bc.asn1.DERSet;
import com.koalii.kgsp.bc.asn1.cms.CMSObjectIdentifiers;
import com.koalii.kgsp.bc.asn1.cms.ContentInfo;
import com.koalii.kgsp.bc.asn1.cms.IssuerAndSerialNumber;
import com.koalii.kgsp.bc.asn1.cms.SignedData;
import com.koalii.kgsp.bc.asn1.cms.SignerIdentifier;
import com.koalii.kgsp.bc.asn1.cms.SignerInfo;
import com.koalii.kgsp.bc.cert.X509CertificateHolder;
import com.koalii.kgsp.core.crypto.KcSigner;
import com.koalii.kgsp.core.exception.KcErrors;
import com.koalii.kgsp.core.exception.KcException;
import com.koalii.kgsp.core.util.StringUtil;
import java.io.IOException;

/* loaded from: input_file:com/koalii/kgsp/core/pkcs/Pkcs7SignBuilder.class */
public class Pkcs7SignBuilder {
    public byte[] buildAttach(byte[] bArr, byte[] bArr2, X509CertificateHolder x509CertificateHolder, KcSigner kcSigner) throws KcException {
        return build(bArr, bArr2, x509CertificateHolder, kcSigner, false);
    }

    public byte[] buildDetach(byte[] bArr, byte[] bArr2, X509CertificateHolder x509CertificateHolder, KcSigner kcSigner) throws KcException {
        return build(bArr, bArr2, x509CertificateHolder, kcSigner, true);
    }

    public byte[] build(byte[] bArr, byte[] bArr2, X509CertificateHolder x509CertificateHolder, KcSigner kcSigner, boolean z) throws KcException {
        if (!z && StringUtil.isEmpty(bArr)) {
            throw new KcException(KcErrors.ERROR_CORE_PKCS7_SIGN_BUILD_NO_ORIDATA, "p7 sign builder: no origin data");
        }
        if (StringUtil.isEmpty(bArr2)) {
            throw new KcException(KcErrors.ERROR_CORE_PKCS7_SIGN_BUILD_NO_SIGNDATA, "p7 sign builder: no sign data");
        }
        if (null == x509CertificateHolder) {
            throw new KcException(KcErrors.ERROR_CORE_PKCS7_SIGN_BUILD_NO_CERT, "p7 sign builder: no sign cert");
        }
        if (null == kcSigner) {
            throw new KcException(KcErrors.ERROR_CORE_PKCS7_SIGN_BUILD_NO_SIGNER, "p7 sign builder: no signer info");
        }
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(kcSigner.getDigestAlgId());
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        try {
            aSN1EncodableVector2.add(new ASN1InputStream(x509CertificateHolder.getEncoded()).readObject());
            ContentInfo contentInfo = z ? new ContentInfo(getDataContentType(), null) : new ContentInfo(getDataContentType(), new DEROctetString(bArr));
            SignerInfo signerInfo = new SignerInfo(new SignerIdentifier(new IssuerAndSerialNumber(x509CertificateHolder.getIssuer(), x509CertificateHolder.getSerialNumber())), kcSigner.getDigestAlgId(), ASN1Set.getInstance(null), kcSigner.getEncryptAlgId(), new DEROctetString(bArr2), (ASN1Set) null);
            ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
            aSN1EncodableVector3.add(signerInfo);
            try {
                return new ContentInfo(getContentType(), new SignedData(new DERSet(aSN1EncodableVector), contentInfo, new DERSet(aSN1EncodableVector2), null, new DERSet(aSN1EncodableVector3))).getEncoded(ASN1Encoding.DER);
            } catch (IOException e) {
                throw new KcException(KcErrors.ERROR_CORE_PKCS7_SIGN_BUILD, "p7 sign build failed", e);
            }
        } catch (Exception e2) {
            throw new KcException(KcErrors.ERROR_CORE_PKCS7_SIGN_BUILD_CERT, "p7 sign builder: add sign cert failed", e2);
        }
    }

    public byte[] build(byte[] bArr, X509CertificateHolder x509CertificateHolder, KcSigner kcSigner, SignerInfo signerInfo, boolean z) throws KcException {
        if (!z && StringUtil.isEmpty(bArr)) {
            throw new KcException(KcErrors.ERROR_CORE_PKCS7_SIGN_BUILD_NO_ORIDATA, "p7 sign builder: no origin data");
        }
        if (null == x509CertificateHolder) {
            throw new KcException(KcErrors.ERROR_CORE_PKCS7_SIGN_BUILD_NO_CERT, "p7 sign builder: no sign cert");
        }
        if (null == kcSigner) {
            throw new KcException(KcErrors.ERROR_CORE_PKCS7_SIGN_BUILD_NO_SIGNER, "p7 sign builder: no signer info");
        }
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(kcSigner.getDigestAlgId());
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        try {
            aSN1EncodableVector2.add(new ASN1InputStream(x509CertificateHolder.getEncoded()).readObject());
            ContentInfo contentInfo = z ? new ContentInfo(getDataContentType(), null) : new ContentInfo(getDataContentType(), new DEROctetString(bArr));
            ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
            aSN1EncodableVector3.add(signerInfo);
            try {
                return new ContentInfo(getContentType(), new SignedData(new DERSet(aSN1EncodableVector), contentInfo, new DERSet(aSN1EncodableVector2), null, new DERSet(aSN1EncodableVector3))).getEncoded(ASN1Encoding.DER);
            } catch (IOException e) {
                throw new KcException(KcErrors.ERROR_CORE_PKCS7_SIGN_BUILD, "p7 sign build failed", e);
            }
        } catch (Exception e2) {
            throw new KcException(KcErrors.ERROR_CORE_PKCS7_SIGN_BUILD_CERT, "p7 sign builder: add sign cert failed", e2);
        }
    }

    protected ASN1ObjectIdentifier getContentType() {
        return CMSObjectIdentifiers.signedData;
    }

    protected ASN1ObjectIdentifier getDataContentType() {
        return CMSObjectIdentifiers.data;
    }
}
