package ru.CryptoPro.XAdES;

import java.security.NoSuchProviderException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Set;
import javax.xml.crypto.KeySelector;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import org.w3c.dom.Element;
import ru.CryptoPro.AdES.Options;
import ru.CryptoPro.AdES.exception.AdESException;
import ru.CryptoPro.AdES.exception.IAdESException;
import ru.CryptoPro.AdES.external.decode.AdESAttributeDecoder;
import ru.CryptoPro.AdES.tools.AdESUtility;
import ru.CryptoPro.JCP.tools.CertReader.Extension;
import ru.CryptoPro.JCP.tools.JCPLogger;
import ru.CryptoPro.XAdES.exception.XAdESException;

/* loaded from: classes3.dex */
public class XAdESSignerBinaryImpl extends XAdESSigner {

    /* renamed from: g, reason: collision with root package name */
    protected AdESAttributeDecoder f18126g;

    protected XAdESSignerBinaryImpl(Element element) {
        this(element, XAdESParameters.XML_DSIG);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public XAdESSignerBinaryImpl(Element element, Integer num) {
        super(element, num);
        this.f18126g = null;
        f();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // ru.CryptoPro.XAdES.XAdESSigner
    public void a(String str, Options options) {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // ru.CryptoPro.XAdES.XAdESSigner
    public void a(cl_31 cl_31Var) {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // ru.CryptoPro.XAdES.XAdESSigner
    public void a(cl_31 cl_31Var, String str, String str2) {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void b(X509Certificate x509Certificate) {
        boolean z10;
        JCPLogger.subEnter();
        if (!AdESUtility.ifKeyUsageIsSignatureInCertificate(x509Certificate)) {
            throw new XAdESException(IAdESException.ecWrongKeyUsage);
        }
        DOMValidateContext dOMValidateContext = new DOMValidateContext(KeySelector.singletonKeySelector(x509Certificate.getPublicKey()), this.f18122c);
        try {
            try {
                XMLSignature unmarshalXMLSignature = d().unmarshalXMLSignature(dOMValidateContext);
                try {
                    z10 = unmarshalXMLSignature.validate(dOMValidateContext);
                } catch (XMLSignatureException e10) {
                    JCPLogger.warning("Invalid signature", (Throwable) e10);
                    z10 = false;
                }
                if (z10) {
                    JCPLogger.subExit();
                    return;
                }
                try {
                    if (!unmarshalXMLSignature.getSignatureValue().validate(dOMValidateContext)) {
                        throw new XAdESException(IAdESException.ecSignatureInvalid);
                    }
                    for (Reference reference : unmarshalXMLSignature.getSignedInfo().getReferences()) {
                        try {
                            if (!reference.validate(dOMValidateContext)) {
                                JCPLogger.warning("Invalid signature reference uri " + reference.getURI() + " (id: " + reference.getId() + Extension.C_BRAKE);
                            }
                        } catch (XMLSignatureException e11) {
                            throw new XAdESException((Exception) e11, IAdESException.ecSignatureInvalid);
                        }
                    }
                    throw new XAdESException(IAdESException.ecSignatureInvalid);
                } catch (XMLSignatureException e12) {
                    throw new XAdESException((Exception) e12, IAdESException.ecSignatureInvalid);
                }
            } catch (MarshalException e13) {
                throw new XAdESException((Exception) e13, IAdESException.ecSignatureMarshallingFailed);
            }
        } catch (NoSuchProviderException e14) {
            throw new XAdESException(e14, IAdESException.ecInternal);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // ru.CryptoPro.XAdES.XAdESSigner
    public void c() {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // ru.CryptoPro.XAdES.XAdESSigner
    public void e() {
        ArrayList arrayList;
        JCPLogger.subEnter();
        JCPLogger.fine("Decoding XML DSig signature...");
        this.f18126g.setProvider(this.provider);
        this.f18126g.decode();
        this.signatureCertificates.addAll(((ru.CryptoPro.XAdES.pc_1.pc_0.cl_0) this.f18126g).a());
        this.signatureCertificates.addAll(this.f18126g.getExistingCertificateValues());
        AdESAttributeDecoder adESAttributeDecoder = this.f18126g;
        if (adESAttributeDecoder instanceof ru.CryptoPro.XAdES.pc_1.pc_0.cl_6) {
            List<X509Certificate> certificateValues = ((ru.CryptoPro.XAdES.pc_1.pc_0.cl_6) adESAttributeDecoder).getCertificateValues();
            this.signatureCertificates.addAll(certificateValues);
            arrayList = new ArrayList();
            arrayList.addAll(certificateValues);
        } else {
            arrayList = null;
        }
        try {
            findSignerCertificate(arrayList, this.signatureCertificates);
        } catch (AdESException e10) {
            JCPLogger.ignoredException(e10);
        }
        JCPLogger.subExit();
    }

    @Override // ru.CryptoPro.XAdES.XAdESSigner, ru.CryptoPro.XAdES.interfaces.external.IXAdESSigner
    public XAdESSigner enhance(String str, String str2, List<X509Certificate> list, String str3, Integer num) {
        return enhance(str, str2, list, null, str3, num);
    }

    @Override // ru.CryptoPro.XAdES.XAdESSigner, ru.CryptoPro.XAdES.interfaces.external.IXAdESSigner
    public XAdESSigner enhance(String str, String str2, List<X509Certificate> list, Set<X509CRL> set, String str3, Integer num) {
        throw new XAdESException("Unsupported method", IAdESException.ecInternal);
    }

    protected void f() {
        this.f18126g = new ru.CryptoPro.XAdES.pc_1.pc_0.cl_2(this.f18122c);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // ru.CryptoPro.AdES.external.signature.AdESSigner
    public void findSignerCertificate(Collection<X509Certificate> collection, Collection<X509Certificate> collection2) {
        JCPLogger.subEnter();
        this.signerCertificateChain.clear();
        Set<X509Certificate> a10 = ((ru.CryptoPro.XAdES.pc_1.pc_0.cl_0) this.f18126g).a();
        if (a10.isEmpty()) {
            if (!this.signatureCertificates.isEmpty()) {
                a10 = this.signatureCertificates;
            }
            JCPLogger.subExit();
        }
        this.signerCertificateChain.add(a10.iterator().next());
        JCPLogger.subExit();
    }

    @Override // ru.CryptoPro.AdES.external.signature.AdESSigner
    protected Date getBuildingDate() {
        return null;
    }

    @Override // ru.CryptoPro.AdES.external.signature.AdESSigner
    protected Date getExternalDate() {
        return null;
    }

    @Override // ru.CryptoPro.AdES.external.signature.AdESSigner
    protected Date getInternalDate() {
        return null;
    }

    @Override // ru.CryptoPro.AdES.external.signature.AdESSigner
    protected Date getPkupValidationDate() {
        return null;
    }

    @Override // ru.CryptoPro.AdES.external.signature.AdESSigner
    protected Date getValidationDate() {
        return null;
    }

    @Override // ru.CryptoPro.XAdES.XAdESSigner, ru.CryptoPro.AdES.external.signature.AdESSigner, ru.CryptoPro.AdES.external.interfaces.IAdESSigner
    public void verify(Set<X509Certificate> set, Set<X509CRL> set2) {
        verify(set, set2, null, false);
    }

    @Override // ru.CryptoPro.XAdES.XAdESSigner, ru.CryptoPro.AdES.external.signature.AdESSigner, ru.CryptoPro.AdES.external.interfaces.IAdESSigner
    public void verify(Set<X509Certificate> set, Set<X509CRL> set2, Integer num, boolean z10) {
        JCPLogger.subEnter();
        JCPLogger.fine("Basic signature validation...");
        if (set == null) {
            set = Collections.emptySet();
        }
        Set unmodifiableSet = Collections.unmodifiableSet(this.signatureCertificates);
        this.signatureCertificates.addAll(set);
        if (set2 == null) {
            set2 = Collections.emptySet();
        }
        this.signatureCRLs.addAll(set2);
        X509Certificate signerCertificate = getSignerCertificate();
        if (signerCertificate == null) {
            try {
                findSignerCertificate(unmodifiableSet, set);
                signerCertificate = getSignerCertificate();
                if (signerCertificate == null) {
                    throw new XAdESException("Signer certificate not found", IAdESException.ecSignerCertificateIsNull);
                }
            } catch (AdESException e10) {
                throw new XAdESException(e10, e10.getErrorCode());
            }
        }
        JCPLogger.fine("Verifying XML signature...");
        b(signerCertificate);
        c();
        try {
            this.signerCertificateChain.clear();
            this.signerCertificateChain.addAll(build(signerCertificate, this.provider, getBuildingDate()));
            validate(this.signerCertificateChain, this.provider, getValidationDate());
            JCPLogger.fine("Basic signature validation completed.");
            JCPLogger.subExit();
        } catch (AdESException e11) {
            throw new XAdESException(e11, e11.getErrorCode());
        }
    }
}
