package jp.co.amano.etiming.atss3161;

import com.datum.tti.DataImprint;
import com.datum.tti.DecodingException;
import com.datum.tti.EncodingException;
import com.datum.tti.InvalidCertificateException;
import com.datum.tti.SignerKind;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Collection;
import java.util.Date;
import java.util.EnumSet;
import java.util.Vector;

/* loaded from: input_file:jp/co/amano/etiming/atss3161/TimeStampToken.class */
public class TimeStampToken {
    com.datum.tti.TimeStampToken m_tsToken;
    CertificateFactory m_factory = null;

    public TimeStampToken(byte[] bArr) throws ATSSDERParsingException {
        this.m_tsToken = null;
        try {
            this.m_tsToken = new com.datum.tti.TimeStampToken(bArr);
        } catch (IOException e) {
            throw new ATSSDERParsingException(e.getMessage());
        } catch (DecodingException e2) {
            throw new ATSSDERParsingException(e2.getMessage());
        }
    }

    public boolean equals(Object obj) {
        if (obj instanceof TimeStampToken) {
            return Arrays.equals(getEncoded(), ((TimeStampToken) obj).getEncoded());
        }
        return false;
    }

    public byte[] getEncoded() {
        return (byte[]) this.m_tsToken.getEncodedTST().clone();
    }

    public X509Certificate getSignerCertificate() throws CertificateException {
        try {
            return this.m_tsToken.getSignerCertificate(EnumSet.of(SignerKind.ESSCERTID, SignerKind.ESSCERTIDV2));
        } catch (InvalidCertificateException e) {
            throw new CertificateParsingException(e.getMessage());
        } catch (NullPointerException e2) {
            return null;
        } catch (NoSuchAlgorithmException e3) {
            throw new CertificateParsingException(e3.getMessage());
        } catch (CertificateException e4) {
            throw new CertificateParsingException(e4.getMessage());
        } catch (EncodingException e5) {
            throw new CertificateParsingException(e5.getMessage());
        }
    }

    public TimeAttributeCertificate getTimeAttributeCertificate() throws CertificateException {
        try {
            byte[] encodedTimeAttributeCertificate = this.m_tsToken.getEncodedTimeAttributeCertificate(EnumSet.of(SignerKind.ESSCERTID, SignerKind.ESSCERTIDV2));
            if (encodedTimeAttributeCertificate == null) {
                return null;
            }
            return new TimeAttributeCertificate(encodedTimeAttributeCertificate);
        } catch (NullPointerException e) {
            return null;
        } catch (EncodingException e2) {
            throw new CertificateParsingException(e2.getMessage());
        } catch (InvalidCertificateException e3) {
            throw new CertificateParsingException(e3.getMessage());
        } catch (NoSuchAlgorithmException e4) {
            throw new CertificateParsingException(e4.getMessage());
        }
    }

    public TSTInfo getTSTInfo() {
        return new TSTInfo(this.m_tsToken);
    }

    public int hashCode() {
        return new BigInteger(getEncoded()).hashCode();
    }

    public static byte[] removeTimeAttributeCertificate(byte[] bArr) throws ATSSDERParsingException {
        try {
            return (byte[]) com.datum.tti.TimeStampToken.removeTimeAttributeCertificate(bArr).clone();
        } catch (IOException e) {
            throw new ATSSDERParsingException(e.getMessage());
        } catch (DecodingException e2) {
            throw new ATSSDERParsingException(e2.getMessage());
        }
    }

    public void validate(MessageImprint messageImprint, X509Certificate x509Certificate, Collection collection, Collection collection2) throws TSTFieldVerificationException, GeneralSecurityException {
        validate(messageImprint, x509Certificate, collection, collection2, (String) null);
    }

    public void validate(MessageImprint messageImprint, X509Certificate x509Certificate, Collection collection, Collection collection2, Date date) throws TSTFieldVerificationException, GeneralSecurityException {
        validate(messageImprint, x509Certificate, collection, collection2, date, null);
    }

    public void validate(MessageImprint messageImprint, X509Certificate x509Certificate, Collection collection, Collection collection2, Date date, String str) throws TSTFieldVerificationException, GeneralSecurityException {
        boolean verifySignature;
        if (messageImprint == null) {
            throw new NullPointerException("Indispensable MessageImprint isn't Settting of validate");
        }
        if (collection == null && collection2 != null) {
            throw new IllegalArgumentException("Indispensable item isn't Settting of validate");
        }
        if (collection == null && date != null) {
            throw new IllegalArgumentException("Indispensable item isn't Settting of validate");
        }
        if (date == null) {
            date = Calendar.getInstance().getTime();
        }
        this.m_factory = CertificateFactory.getInstance("X.509");
        try {
            System.getProperty("java.version").substring(0, 3);
            ProviderManagement.addProvider();
            EnumSet of = EnumSet.of(SignerKind.ESSCERTID, SignerKind.ESSCERTIDV2);
            if (x509Certificate != null) {
                verifySignature = this.m_tsToken.verifySignature(x509Certificate, of);
            } else {
                if (getSignerCertificate() == null) {
                    throw new TSACertificateNotFoundException("TSACertificate doesn't exist", null);
                }
                verifySignature = this.m_tsToken.verifySignature(of);
            }
            if (!verifySignature) {
                throw new SignatureException("Token VerifySignature Error");
            }
            checkMessageImprint(messageImprint);
            X509Certificate x509Certificate2 = (X509Certificate) this.m_factory.generateCertificate(new ByteArrayInputStream((x509Certificate != null ? x509Certificate : getSignerCertificate()).getEncoded()));
            if (x509Certificate2 == null) {
                throw new TSACertificateNotFoundException("TSACertificate doesn't exist", null);
            }
            X509Certificate x509Certificate3 = null;
            Collection collection3 = null;
            if (collection == null) {
                x509Certificate3 = x509Certificate2;
            } else {
                collection3 = certsFormatUnion(collection);
            }
            X509Certificate checkCertificate = checkCertificate(x509Certificate2, x509Certificate3, collection3, str, date);
            X509Certificate x509Certificate4 = x509Certificate2;
            while (!x509Certificate2.getSubjectDN().equals(x509Certificate2.getIssuerDN()) && collection3 != null) {
                x509Certificate2 = checkCertificate;
                checkCertificate = checkCertificate(x509Certificate2, null, collection3, str, date);
                if (checkCertificate.equals(x509Certificate2) && !x509Certificate2.getSubjectDN().equals(x509Certificate2.getIssuerDN())) {
                    throw new ATSSCertPathValidationException("Certificate Path verification Error", null, x509Certificate2);
                }
                try {
                    X509CRL checkCRL = checkCRL(x509Certificate2, collection2, date, str);
                    if (checkCRL != null) {
                        X509CRLEntry revokedCertificate = checkCRL.getRevokedCertificate(x509Certificate4.getSerialNumber());
                        if (revokedCertificate != null && date.getTime() > revokedCertificate.getRevocationDate().getTime()) {
                            ATSSCertificateRevokedException aTSSCertificateRevokedException = new ATSSCertificateRevokedException("Certificate is lapses", checkCRL);
                            throw new ATSSCertPathValidationException(aTSSCertificateRevokedException.getMessage(), aTSSCertificateRevokedException, x509Certificate4);
                        }
                        x509Certificate4 = x509Certificate2;
                    }
                } catch (ATSSCRLProcessingException e) {
                    throw new ATSSCertPathValidationException(e.getMessage(), e, x509Certificate4);
                }
            }
        } catch (InvalidCertificateException e2) {
            throw new CertificateException(e2.getMessage());
        } catch (EncodingException e3) {
            throw new CertificateException(e3.getMessage());
        }
    }

    public void validate(MessageImprint messageImprint, X509Certificate x509Certificate, Collection collection, Collection collection2, String str) throws TSTFieldVerificationException, GeneralSecurityException {
        validate(messageImprint, x509Certificate, collection, collection2, null, str);
    }

    X509Certificate checkCertificate(X509Certificate x509Certificate, X509Certificate x509Certificate2, Collection collection, String str, Date date) throws ATSSCertPathValidationException {
        X509Certificate x509Certificate3 = x509Certificate2;
        if (collection == null) {
            return x509Certificate3;
        }
        if (collection.size() == 0 || x509Certificate.getIssuerDN().equals(x509Certificate.getSubjectDN())) {
            x509Certificate3 = x509Certificate;
        } else {
            Vector vector = new Vector(collection);
            X509Certificate[] x509CertificateArr = new X509Certificate[collection.size()];
            vector.copyInto(x509CertificateArr);
            int i = 0;
            while (true) {
                if (i >= x509CertificateArr.length) {
                    break;
                }
                if (x509Certificate.getIssuerDN().equals(x509CertificateArr[i].getSubjectDN())) {
                    x509Certificate3 = x509CertificateArr[i];
                    try {
                        if (str == null) {
                            x509Certificate.verify(x509Certificate3.getPublicKey());
                        } else {
                            x509Certificate.verify(x509Certificate3.getPublicKey(), str);
                        }
                        x509Certificate.checkValidity(date);
                    } catch (GeneralSecurityException e) {
                        throw new ATSSCertPathValidationException(e.getMessage(), e, x509Certificate);
                    }
                } else {
                    i++;
                }
            }
            if (x509Certificate3 == null) {
                throw new ATSSCertPathValidationException("issuer certificate doesn't exist in certificates", null, x509Certificate);
            }
        }
        return x509Certificate3;
    }

    X509CRL checkCRL(X509Certificate x509Certificate, Collection collection, Date date, String str) throws ATSSCRLProcessingException {
        if (collection == null) {
            return null;
        }
        Collection crlsFormatUnion = crlsFormatUnion(collection);
        long time = date.getTime();
        X509CRL x509crl = null;
        Vector vector = new Vector(crlsFormatUnion);
        X509CRL[] x509crlArr = new X509CRL[crlsFormatUnion.size()];
        vector.copyInto(x509crlArr);
        for (int i = 0; i < x509crlArr.length; i++) {
            if (x509crlArr[i].getIssuerDN().equals(x509Certificate.getSubjectDN()) && time <= x509crlArr[i].getNextUpdate().getTime()) {
                if (str == null) {
                    try {
                        x509crlArr[i].verify(x509Certificate.getPublicKey());
                    } catch (Exception e) {
                    }
                } else {
                    x509crlArr[i].verify(x509Certificate.getPublicKey(), str);
                }
                x509crl = x509crlArr[i];
            }
        }
        if (x509crl == null) {
            throw new ATSSCRLProcessingException("Target crl is Not Found in crls");
        }
        return x509crl;
    }

    void checkMessageImprint(MessageImprint messageImprint) throws InvalidMessageImprintException {
        DataImprint dataImprint = this.m_tsToken.getTSTInfo().getDataImprint();
        MessageImprint messageImprint2 = new MessageImprint(new AlgorithmIdentifier(dataImprint.getHashAlgorithm().getValue()), dataImprint.getHashedData());
        if (!messageImprint.getHashAlgorithm().getAlgorithm().equals(messageImprint2.getHashAlgorithm().getAlgorithm()) || !Arrays.equals(messageImprint.getHashedMessage(), messageImprint2.getHashedMessage())) {
            throw new InvalidMessageImprintException("MessagegetImprint Comparison Error", null, messageImprint, messageImprint2);
        }
    }

    Collection certsFormatUnion(Collection collection) {
        ArrayList arrayList = new ArrayList();
        try {
            Vector vector = new Vector(collection);
            X509Certificate[] x509CertificateArr = new X509Certificate[collection.size()];
            vector.copyInto(x509CertificateArr);
            for (X509Certificate x509Certificate : x509CertificateArr) {
                arrayList.add((X509Certificate) this.m_factory.generateCertificate(new ByteArrayInputStream(x509Certificate.getEncoded())));
            }
        } catch (Exception e) {
        }
        return arrayList;
    }

    Collection crlsFormatUnion(Collection collection) {
        ArrayList arrayList = new ArrayList();
        try {
            Vector vector = new Vector(collection);
            X509CRL[] x509crlArr = new X509CRL[collection.size()];
            vector.copyInto(x509crlArr);
            for (X509CRL x509crl : x509crlArr) {
                arrayList.add((X509CRL) this.m_factory.generateCRL(new ByteArrayInputStream(x509crl.getEncoded())));
            }
        } catch (Exception e) {
        }
        return arrayList;
    }
}
