package com.navercorp.nid.sign.legacy.te.cms;

import android.annotation.SuppressLint;
import android.annotation.TargetApi;
import android.content.Context;
import android.text.TextUtils;
import android.util.Base64;
import androidx.annotation.NonNull;
import com.navercorp.nid.log.NidLog;
import com.navercorp.nid.log.SafetyStackTracer;
import com.navercorp.nid.nelo.NidNeloManager;
import com.navercorp.nid.sc.operator.jcajce.JcaContentSignerBuilder;
import com.navercorp.nid.sign.legacy.network.vo.TransactionMeta;
import com.navercorp.nid.sign.legacy.te.EkycPreferenceManager;
import java.io.StringReader;
import java.io.StringWriter;
import java.nio.charset.StandardCharsets;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import org.spongycastle.asn1.ASN1EncodableVector;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.asn1.DERSet;
import org.spongycastle.asn1.DERUTCTime;
import org.spongycastle.asn1.cms.Attribute;
import org.spongycastle.asn1.cms.AttributeTable;
import org.spongycastle.asn1.cms.CMSAttributes;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.cert.jcajce.JcaCertStore;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import org.spongycastle.cms.CMSProcessableByteArray;
import org.spongycastle.cms.CMSSignedData;
import org.spongycastle.cms.CMSSignedDataGenerator;
import org.spongycastle.cms.CMSSignedGenerator;
import org.spongycastle.cms.DefaultSignedAttributeTableGenerator;
import org.spongycastle.cms.SignerInfoGenerator;
import org.spongycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.spongycastle.openssl.PEMParser;
import org.spongycastle.openssl.jcajce.JcaPEMWriter;
import org.spongycastle.operator.ContentSigner;
import org.spongycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;

@SuppressLint({"LongLogTag"})
@TargetApi(23)
/* loaded from: classes5.dex */
public final class a {

    /* renamed from: a, reason: collision with root package name */
    private final String f59552a;
    private final String b;

    /* renamed from: com.navercorp.nid.sign.legacy.te.cms.a$a, reason: collision with other inner class name */
    /* loaded from: classes5.dex */
    public static class C0574a {

        /* renamed from: a, reason: collision with root package name */
        private Context f59553a;
        private List<TransactionMeta> b;

        /* renamed from: c, reason: collision with root package name */
        private com.navercorp.nid.sign.a f59554c = null;
        private Signature d;

        public C0574a(Context context) {
            this.f59553a = context;
        }

        private static X509Certificate d(String str) {
            StringBuilder sb2 = new StringBuilder("-----BEGIN CERTIFICATE-----\n");
            sb2.append(str);
            if (!str.endsWith("\n")) {
                sb2.append("\n");
            }
            sb2.append("-----END CERTIFICATE-----");
            PEMParser pEMParser = new PEMParser(new StringReader(sb2.toString()));
            try {
                return new JcaX509CertificateConverter().getCertificate((X509CertificateHolder) pEMParser.readObject());
            } catch (Exception e) {
                SafetyStackTracer.print("EkycCryptographicMessageSyntax", e);
                return null;
            }
        }

        public final C0574a a(Signature signature) {
            this.d = signature;
            return this;
        }

        public final C0574a b(List<TransactionMeta> list) {
            this.b = list;
            return this;
        }

        public final a c() {
            String str;
            String str2;
            String userCertificate;
            String interCaCertificate;
            String rootCertificate;
            ContentSigner build;
            if (this.f59553a == null) {
                throw new NullPointerException("Context is null.");
            }
            if (this.f59554c == null) {
                throw new NullPointerException("NaverCertificate is null.");
            }
            if (this.b.isEmpty()) {
                new com.navercorp.nid.sign.exception.a("transactionMetaList is empty.");
                throw null;
            }
            com.navercorp.nid.sign.legacy.te.a.c().getClass();
            String b = com.navercorp.nid.sign.legacy.te.a.b();
            NidLog.d("EkycCryptographicMessageSyntax", "NaverSignLog | called createCryptographicMessageSyntax()");
            try {
                userCertificate = EkycPreferenceManager.getUserCertificate();
                interCaCertificate = EkycPreferenceManager.getInterCaCertificate();
                rootCertificate = EkycPreferenceManager.getRootCertificate();
            } catch (Exception e) {
                e = e;
                str = b;
            }
            try {
            } catch (Exception e9) {
                e = e9;
                SafetyStackTracer.print("EkycCryptographicMessageSyntax", this.f59553a, "createCryptographicMessageSyntax", e);
                str2 = null;
                return new a(str, str2);
            }
            if (!TextUtils.isEmpty(userCertificate) && !TextUtils.isEmpty(interCaCertificate) && !TextUtils.isEmpty(rootCertificate)) {
                if (this.b.isEmpty()) {
                    NidNeloManager.request(this.f59553a, "EkycCryptographicMessageSyntax::createCryptographicMessageSyntax() - transactionMetaList is empty", null);
                    str = b;
                    str2 = null;
                    return new a(str, str2);
                }
                X509Certificate d = d(userCertificate);
                X509Certificate d9 = d(interCaCertificate);
                X509Certificate d10 = d(rootCertificate);
                ArrayList arrayList = new ArrayList();
                arrayList.add(d);
                arrayList.add(d9);
                arrayList.add(d10);
                TransactionMeta transactionMeta = this.b.get(0);
                JcaCertStore jcaCertStore = new JcaCertStore(arrayList);
                CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
                if (this.d == null) {
                    NidLog.d("EkycCryptographicMessageSyntax", "NaverSignLog |  createCryptographicMessageSyntax() | build(privateKey)");
                    com.navercorp.nid.sign.legacy.te.a.c().getClass();
                    build = new JcaContentSignerBuilder(transactionMeta.getCmsAttrSignAlgorithm()).build(com.navercorp.nid.sign.legacy.te.a.d());
                } else {
                    NidLog.d("EkycCryptographicMessageSyntax", "NaverSignLog |  createCryptographicMessageSyntax() | build(signature)");
                    build = new JcaContentSignerBuilder(transactionMeta.getCmsAttrSignAlgorithm()).build(this.d);
                }
                JcaSignerInfoGeneratorBuilder jcaSignerInfoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build());
                ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                if (transactionMeta.getRequiredCompatibility()) {
                    str = b;
                } else {
                    str = b;
                    aSN1EncodableVector.add(new Attribute(CMSAttributes.signingTime, new DERSet(new DERUTCTime(new Date()))));
                }
                if (transactionMeta.getHashed()) {
                    aSN1EncodableVector.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(Base64.decode(transactionMeta.getTransactionContent().getBytes(StandardCharsets.UTF_8), 9)))));
                }
                jcaSignerInfoGeneratorBuilder.setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(aSN1EncodableVector)));
                SignerInfoGenerator build2 = jcaSignerInfoGeneratorBuilder.setDirectSignature(transactionMeta.getRequiredCompatibility()).build(build, d);
                cMSSignedDataGenerator.addSignerInfoGenerator(build2);
                cMSSignedDataGenerator.addCertificates(jcaCertStore);
                CMSProcessableByteArray cMSProcessableByteArray = transactionMeta.getHashed() ? new CMSProcessableByteArray(build2.generate(new ASN1ObjectIdentifier(CMSSignedGenerator.DATA)).getEncoded()) : new CMSProcessableByteArray(transactionMeta.getTransactionContent().getBytes(StandardCharsets.UTF_8));
                CMSSignedData generate = transactionMeta.getDetached() ? cMSSignedDataGenerator.generate(cMSProcessableByteArray) : cMSSignedDataGenerator.generate(cMSProcessableByteArray, true);
                StringWriter stringWriter = new StringWriter();
                JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
                jcaPEMWriter.writeObject(generate.toASN1Structure());
                jcaPEMWriter.flush();
                jcaPEMWriter.close();
                NidLog.d("EkycCryptographicMessageSyntax", "NaverSignLog |  create CMS !!");
                NidLog.d("EkycCryptographicMessageSyntax", "NaverSignLog | " + stringWriter.toString());
                str2 = stringWriter.toString().replace("-----BEGIN PKCS7-----", "").replace("-----END PKCS7-----", "").replace("\n", "");
                return new a(str, str2);
            }
            str = b;
            NidLog.d("EkycCryptographicMessageSyntax", "NaverSignLog | createCryptographicMessageSyntax() | cert is null");
            str2 = null;
            return new a(str, str2);
        }

        public final C0574a e() {
            this.f59554c = com.navercorp.nid.sign.a.d;
            return this;
        }
    }

    public a(String str, String str2) {
        this.f59552a = str;
        this.b = str2;
    }

    public final String a() {
        return this.b;
    }

    public final String b() {
        return this.f59552a;
    }

    @NonNull
    public final String toString() {
        return "keyId : " + this.f59552a + "\ncms : " + this.b;
    }
}
