package ru.CryptoPro.CAdES.timestamp.external;

import java.io.IOException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.HashSet;
import java.util.Set;
import org.bouncycastle.tsp.TimeStampToken;
import ru.CryptoPro.AdES.AdESParameters;
import ru.CryptoPro.AdES.Options;
import ru.CryptoPro.AdES.exception.AdESException;
import ru.CryptoPro.AdES.exception.IAdESException;
import ru.CryptoPro.AdES.external.decode.AdESXLongType1AttributeDecoder;
import ru.CryptoPro.AdES.external.decode.EnhancedArchiveTimeStampCAdESSignerParameters;
import ru.CryptoPro.AdES.external.decode.EnhancedInternalTimeStampAdESSignerParameters;
import ru.CryptoPro.AdES.external.decode.InternalTimeStampCAdESSignerParameters;
import ru.CryptoPro.AdES.external.timestamp.TSPTimeStampValidationProcess;
import ru.CryptoPro.AdES.external.timestamp.data.TSPData;
import ru.CryptoPro.AdES.tools.AdESUtility;
import ru.CryptoPro.CAdES.BufferedCAdESSignature;
import ru.CryptoPro.CAdES.CAdESSigner;
import ru.CryptoPro.CAdES.cl_10;
import ru.CryptoPro.CAdES.cl_11;
import ru.CryptoPro.CAdES.cl_12;
import ru.CryptoPro.CAdES.cl_13;
import ru.CryptoPro.CAdES.cl_2;
import ru.CryptoPro.CAdES.cl_9;
import ru.CryptoPro.CAdES.exception.CAdESException;
import ru.CryptoPro.JCP.tools.JCPLogger;

/* loaded from: classes3.dex */
public class InternalTimeStampValidationProcessImpl implements TSPTimeStampValidationProcess {

    /* renamed from: c, reason: collision with root package name */
    protected Date f16047c;

    /* renamed from: g, reason: collision with root package name */
    private final TimeStampToken f16051g;

    /* renamed from: h, reason: collision with root package name */
    private final TSPData f16052h;

    /* renamed from: a, reason: collision with root package name */
    protected Date f16045a = null;

    /* renamed from: b, reason: collision with root package name */
    protected boolean f16046b = false;

    /* renamed from: d, reason: collision with root package name */
    protected final Set<X509Certificate> f16048d = new HashSet();

    /* renamed from: e, reason: collision with root package name */
    protected final Set<X509CRL> f16049e = new HashSet();

    /* renamed from: f, reason: collision with root package name */
    protected AdESXLongType1AttributeDecoder f16050f = null;

    /* renamed from: i, reason: collision with root package name */
    private Options f16053i = null;

    public InternalTimeStampValidationProcessImpl(TSPData tSPData, TimeStampToken timeStampToken) {
        this.f16052h = tSPData;
        this.f16051g = timeStampToken;
    }

    private void a(X509Certificate x509Certificate) {
        JCPLogger.subEnter();
        if (x509Certificate == null) {
            throw new AdESException("TSP certificate not found", IAdESException.ecSignerCertificateIsNull);
        }
        if (AdESUtility.hasExtension(x509Certificate, "1.3.6.1.5.5.7.3.8")) {
            JCPLogger.subExit();
            return;
        }
        throw new AdESException("TSP certificate: sn " + x509Certificate.getSerialNumber().toString(16) + ", subject " + x509Certificate.getSubjectDN() + ", issuer " + x509Certificate.getIssuerDN() + " doesn't have id-kp-timeStamping extension", IAdESException.ecRevocationWrongCertificateConstraints);
    }

    protected Integer a() {
        return AdESParameters.TSA_SIGNATURE_TIME_STAMP_SIMPLE;
    }

    protected Date b() {
        return this.f16045a;
    }

    @Override // ru.CryptoPro.AdES.external.timestamp.TSPTimeStampValidationProcess
    public TSPData getData() {
        return this.f16052h;
    }

    @Override // ru.CryptoPro.AdES.external.timestamp.TSPTimeStampValidationProcess
    public TimeStampToken getTimeStampToken() {
        return this.f16051g;
    }

    @Override // ru.CryptoPro.AdES.external.timestamp.TSPTimeStampValidationProcess, ru.CryptoPro.AdES.tools.CRLUtility
    public void setCRLs(Set<X509CRL> set) {
        this.f16049e.addAll(set);
    }

    @Override // ru.CryptoPro.AdES.external.timestamp.TSPTimeStampValidationProcess, ru.CryptoPro.AdES.tools.CertificateUtility
    public void setCertificateValues(Set<X509Certificate> set) {
        this.f16048d.addAll(set);
    }

    @Override // ru.CryptoPro.AdES.external.timestamp.TSPTimeStampValidationProcess
    public void setExternalDate(Date date) {
        this.f16045a = date;
    }

    public void setNeedValidateTailChain(boolean z10) {
        this.f16046b = z10;
    }

    @Override // ru.CryptoPro.AdES.external.timestamp.TSPTimeStampValidationProcess, ru.CryptoPro.AdES.SignatureOptions
    public void setOptions(Options options) {
        this.f16053i = options;
    }

    public void setTailBuildingDate(Date date) {
        this.f16047c = date;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // ru.CryptoPro.AdES.external.timestamp.TSPTimeStampValidationProcess
    public void validate() {
        JCPLogger.subEnter();
        JCPLogger.fine("Validating timestamp...");
        try {
            byte[] encoded = this.f16051g.toCMSSignedData().getEncoded();
            JCPLogger.fine("Decoding timestamp signature...");
            BufferedCAdESSignature bufferedCAdESSignature = new BufferedCAdESSignature(encoded, null, a());
            if (bufferedCAdESSignature.getCAdESSignerInfos().length > 1) {
                throw new CAdESException("Invalid singer count", IAdESException.ecTimestampInvalid);
            }
            CAdESSigner cAdESSignerInfo = bufferedCAdESSignature.getCAdESSignerInfo(0);
            cAdESSignerInfo.setProvider(this.f16052h.getProvider());
            Integer a10 = a();
            Integer num = AdESParameters.TSA_SIGNATURE_TIME_STAMP_SIMPLE;
            if (a10.equals(num) && !(cAdESSignerInfo instanceof cl_13)) {
                throw new AdESException("Signer must be simple internal timestamp", IAdESException.ecTimestampInvalid);
            }
            if (a().equals(AdESParameters.TSA_CAdESC_TIME_STAMP_SIMPLE) && !(cAdESSignerInfo instanceof cl_12)) {
                throw new AdESException("Signer must be external timestamp", IAdESException.ecTimestampInvalid);
            }
            if (a().equals(AdESParameters.TSA_CAdESC_TIME_STAMP) && !(cAdESSignerInfo instanceof cl_10)) {
                throw new AdESException("Signer must be enhanced external timestamp", IAdESException.ecTimestampInvalid);
            }
            if (a().equals(AdESParameters.TSA_SIGNATURE_TIME_STAMP) && !(cAdESSignerInfo instanceof cl_11)) {
                throw new AdESException("Signer must be enhanced internal timestamp", IAdESException.ecTimestampInvalid);
            }
            if (a().equals(AdESParameters.TSA_ARCHIVE_TIME_STAMP_SIMPLE) && !(cAdESSignerInfo instanceof cl_2)) {
                throw new AdESException("Signer must be archive timestamp", IAdESException.ecTimestampInvalid);
            }
            if (a().equals(AdESParameters.TSA_ARCHIVE_TIME_STAMP) && !(cAdESSignerInfo instanceof cl_9)) {
                throw new AdESException("Signer must be enhanced archive timestamp", IAdESException.ecTimestampInvalid);
            }
            ((InternalTimeStampCAdESSignerParameters) cAdESSignerInfo).setExternalDate(b());
            if (cAdESSignerInfo instanceof EnhancedInternalTimeStampAdESSignerParameters) {
                JCPLogger.fine("Setting special parameters to enhanced internal timestamp...");
                ((EnhancedInternalTimeStampAdESSignerParameters) cAdESSignerInfo).setParentalDecoder(this.f16050f);
                ((EnhancedInternalTimeStampAdESSignerParameters) cAdESSignerInfo).updateIfNeed();
            }
            if (cAdESSignerInfo instanceof EnhancedArchiveTimeStampCAdESSignerParameters) {
                JCPLogger.fine("Setting special parameters to enhanced archive timestamp...");
                ((EnhancedArchiveTimeStampCAdESSignerParameters) cAdESSignerInfo).setNeedValidateChain(this.f16046b);
                ((EnhancedArchiveTimeStampCAdESSignerParameters) cAdESSignerInfo).setTailBuildingDate(this.f16047c);
            }
            if (a().equals(num) && (cAdESSignerInfo instanceof cl_13)) {
                JCPLogger.fine("Setting special signature options to internal timestamp...");
                ((cl_13) cAdESSignerInfo).setOptions(this.f16053i);
            }
            cAdESSignerInfo.verify(this.f16048d, this.f16049e);
            if (cAdESSignerInfo instanceof cl_11) {
                JCPLogger.fine("Reading certificate values from enhanced internal timestamp...");
                this.f16048d.addAll(((cl_11) cAdESSignerInfo).getCertificateValues());
            }
            a(cAdESSignerInfo.getSignerCertificate());
            JCPLogger.subExit();
        } catch (IOException e10) {
            throw new AdESException(e10, IAdESException.ecTimestampInvalid);
        }
    }
}
