package cn.com.jit.ida.util.pki.asn1.x509;

import cn.com.jit.ida.util.pki.PKIConstant;
import cn.com.jit.ida.util.pki.PKIException;
import cn.com.jit.ida.util.pki.Parser;
import cn.com.jit.ida.util.pki.asn1.ASN1Encodable;
import cn.com.jit.ida.util.pki.asn1.ASN1EncodableVector;
import cn.com.jit.ida.util.pki.asn1.DERBitString;
import cn.com.jit.ida.util.pki.asn1.DERGeneralizedTime;
import cn.com.jit.ida.util.pki.asn1.DERInteger;
import cn.com.jit.ida.util.pki.asn1.DERNull;
import cn.com.jit.ida.util.pki.asn1.DERObjectIdentifier;
import cn.com.jit.ida.util.pki.asn1.DERSequence;
import cn.com.jit.ida.util.pki.asn1.DERSet;
import cn.com.jit.ida.util.pki.cipher.JKey;
import cn.com.jit.ida.util.pki.cipher.Mechanism;
import cn.com.jit.ida.util.pki.cipher.Session;
import org.w3c.dom.Element;

/* loaded from: classes2.dex */
public class V2X509AttCertGenerator {
    private V2AttributeCertificateInfoGenerator v2AttCert;
    private AttributeCertificateInfo attCertInfo = null;
    private Mechanism mechanism = null;
    private String deviceName = null;
    private AlgorithmIdentifier sigAlg = null;
    private JKey pubKey = null;
    private DERBitString signature = null;

    public V2X509AttCertGenerator() {
        this.v2AttCert = null;
        this.v2AttCert = new V2AttributeCertificateInfoGenerator();
    }

    public static String generateMechanisNameByOID(String str) {
        if ("1.2.840.113549.1.1.5".equals(str)) {
            return "SHA1withRSAEncryption";
        }
        return null;
    }

    private void generateSignature(JKey jKey, Session session) throws PKIException {
        try {
            this.attCertInfo = this.v2AttCert.generateAttributeCertificateInfo();
            signCertInfo(jKey, session);
        } catch (Exception e) {
            throw new PKIException(PKIException.ATTRIBUTE_CERTCREAT_ERROR, "属性证书产生过程出现异常:" + e.getMessage());
        }
    }

    public void addAttribute(Attribute attribute) {
        this.v2AttCert.addAttribute(attribute);
    }

    public void addAttribute(String str, ASN1Encodable aSN1Encodable) {
        this.v2AttCert.addAttribute(new Attribute(new DERObjectIdentifier(str), new DERSet(aSN1Encodable)));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] constructAttCertificate() throws PKIException {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(this.attCertInfo);
        aSN1EncodableVector.add(this.sigAlg);
        aSN1EncodableVector.add(this.signature);
        try {
            return Parser.writeDERObj2Bytes(new DERSequence(aSN1EncodableVector).getDERObject());
        } catch (Exception e) {
            throw new PKIException(PKIException.CERT_BYTES, PKIException.CERT_BYTES_DES, e);
        }
    }

    public byte[] generateX509AttCert(JKey jKey, Session session) throws PKIException {
        generateSignature(jKey, session);
        return constructAttCertificate();
    }

    public byte[] generateX509AttCert(JKey jKey, Session session, Element element) throws PKIException {
        this.attCertInfo = new AttributeCertificateInfo(element);
        setSignatureAlg(generateMechanisNameByOID(this.attCertInfo.getSignature().getObjectId().getId()));
        signCertInfo(jKey, session);
        return constructAttCertificate();
    }

    public AttributeCertificateInfo getAttCertInfo() {
        return this.attCertInfo;
    }

    public String getDeviceName() {
        return this.deviceName;
    }

    public Mechanism getMechanism() {
        return this.mechanism;
    }

    public JKey getPubKey() {
        return this.pubKey;
    }

    public AlgorithmIdentifier getSigAlg() {
        return this.sigAlg;
    }

    public DERBitString getSignature() {
        return this.signature;
    }

    public V2AttributeCertificateInfoGenerator getV2AttCert() {
        return this.v2AttCert;
    }

    public void setAttCertInfo(AttributeCertificateInfo attributeCertificateInfo) {
        this.attCertInfo = attributeCertificateInfo;
    }

    public void setDeviceName(String str) {
        this.deviceName = str;
    }

    public void setEndDate(DERGeneralizedTime dERGeneralizedTime) {
        this.v2AttCert.setEndDate(dERGeneralizedTime);
    }

    public void setExtensions(X509Extensions x509Extensions) {
        this.v2AttCert.setExtensions(x509Extensions);
    }

    public void setHolder(Holder holder) {
        this.v2AttCert.setHolder(holder);
    }

    public void setIssuer(AttCertIssuer attCertIssuer) {
        this.v2AttCert.setIssuer(attCertIssuer);
    }

    public void setIssuerUniqueID(DERBitString dERBitString) {
        this.v2AttCert.setIssuerUniqueID(dERBitString);
    }

    public void setIssuerUniqueID(byte[] bArr) {
        if (bArr != null) {
            this.v2AttCert.setIssuerUniqueID(new DERBitString(bArr));
        }
    }

    public void setMechanism(Mechanism mechanism) {
        this.mechanism = mechanism;
    }

    public void setPubKey(JKey jKey) {
        this.pubKey = jKey;
    }

    public void setSerialNumber(DERInteger dERInteger) throws PKIException {
        if (dERInteger == null) {
            throw new PKIException(PKIException.SN_NULL, PKIException.SN_NULL_DES);
        }
        this.v2AttCert.setSerialNumber(dERInteger);
    }

    public void setSigAlg(AlgorithmIdentifier algorithmIdentifier) {
        this.sigAlg = algorithmIdentifier;
    }

    public void setSignature(DERBitString dERBitString) {
        this.signature = dERBitString;
    }

    public void setSignatureAlg(String str) throws PKIException {
        if (str == null) {
            throw new PKIException(PKIException.SIG_ALG_NULL, PKIException.SIG_ALG_NULL_DES);
        }
        if (str.equals("MD2withRSAEncryption")) {
            this.mechanism = new Mechanism("MD2withRSAEncryption");
        } else if (str.equals("MD5withRSAEncryption")) {
            this.mechanism = new Mechanism("MD5withRSAEncryption");
        } else if (str.equals("SHA1withRSAEncryption")) {
            this.mechanism = new Mechanism("SHA1withRSAEncryption");
        } else if (str.endsWith("SHA1withECDSA")) {
            this.mechanism = new Mechanism("SHA1withECDSA");
        } else if (str.endsWith("SHA1withDSA")) {
            this.mechanism = new Mechanism("SHA1withDSA");
        } else {
            if (!str.endsWith("SM3withSM2Encryption")) {
                throw new PKIException(PKIException.NONSUPPORT_SIGALG, "不支持的签名算法: " + str);
            }
            this.mechanism = new Mechanism("SM3withSM2Encryption");
        }
        this.sigAlg = new AlgorithmIdentifier((DERObjectIdentifier) PKIConstant.sigAlgName2OID.get(str), new DERNull());
        this.v2AttCert.setSignature(this.sigAlg);
    }

    public void setStartDate(DERGeneralizedTime dERGeneralizedTime) {
        this.v2AttCert.setStartDate(dERGeneralizedTime);
    }

    public void setV2AttCert(V2AttributeCertificateInfoGenerator v2AttributeCertificateInfoGenerator) {
        this.v2AttCert = v2AttributeCertificateInfoGenerator;
    }

    public void signCertInfo(JKey jKey, Session session) throws PKIException {
        try {
            try {
                this.signature = new DERBitString(session.sign(this.mechanism, jKey, Parser.writeDERObj2Bytes(this.attCertInfo.getDERObject())));
            } catch (Exception e) {
                throw new PKIException("5", PKIException.SIGN_DES, e);
            }
        } catch (Exception e2) {
            throw new PKIException(PKIException.TBSCERT_BYTES, PKIException.TBSCERT_BYTES_DES, e2);
        }
    }
}
