package com.adobe.internal.pdftoolkit.services.digsig.cryptoprovider.impl;

import com.adobe.internal.pdftoolkit.core.exceptions.PDFSignatureException;
import com.adobe.internal.pdftoolkit.services.digsig.spi.RevocationInfoProvider;
import com.rsa.asn1.ASN1;
import com.rsa.asn1.ASN1Container;
import com.rsa.asn1.ASN_Exception;
import com.rsa.asn1.EncodedContainer;
import com.rsa.asn1.EndContainer;
import com.rsa.asn1.OfContainer;
import com.rsa.asn1.SequenceContainer;
import com.rsa.certj.cert.X501Attributes;
import com.rsa.certj.cert.attributes.NonStandardAttribute;
import com.rsa.certj.pkcs7.PKCS7Exception;
import com.rsa.certj.pkcs7.SignedData;
import com.rsa.certj.pkcs7.SignerInfo;
import java.util.Enumeration;
import java.util.Vector;

/* loaded from: input_file:com/adobe/internal/pdftoolkit/services/digsig/cryptoprovider/impl/RSARevInfoUtil.class */
public final class RSARevInfoUtil {
    public static X501Attributes createAdobeRevocationInfo(RevocationInfoProvider revocationInfoProvider) throws PDFSignatureException {
        X501Attributes x501Attributes = new X501Attributes();
        x501Attributes.addAttribute(createAdobeRevocationInfoAttribute(revocationInfoProvider));
        return x501Attributes;
    }

    public static NonStandardAttribute createAdobeRevocationInfoAttribute(RevocationInfoProvider revocationInfoProvider) throws PDFSignatureException {
        NonStandardAttribute nonStandardAttribute = new NonStandardAttribute();
        byte[] bArr = {42, -122, 72, -122, -9, 47, 1, 1, 8};
        nonStandardAttribute.setOID(bArr, 0, bArr.length);
        byte[] createASN = createASN(revocationInfoProvider);
        nonStandardAttribute.setValue(createASN, 0, createASN.length);
        return nonStandardAttribute;
    }

    private static byte[] createASN(RevocationInfoProvider revocationInfoProvider) throws PDFSignatureException {
        try {
            boolean embedCRL = revocationInfoProvider.embedCRL();
            boolean embedOCSP = revocationInfoProvider.embedOCSP();
            boolean embedOtherRevInfo = revocationInfoProvider.embedOtherRevInfo();
            byte[][] oCSPResponses = revocationInfoProvider.getOCSPResponses();
            byte[][] crls = revocationInfoProvider.getCRLS();
            byte[][] otherRevInfo = revocationInfoProvider.getOtherRevInfo();
            ASN1Container sequenceContainer = new SequenceContainer(0, true, 0);
            ASN1Container endContainer = new EndContainer();
            ASN1Container ofContainer = new OfContainer(10551296, embedCRL, 0, 12288, new EncodedContainer(12288));
            if (!embedCRL) {
                ofContainer.addContainer(new EncodedContainer(0, embedCRL, 0, (byte[]) null, 0, 0));
            } else {
                if (crls.length <= 0) {
                    throw new PDFSignatureException("No crl response provided for embedding into the signature");
                }
                for (int i = 0; i < crls.length; i++) {
                    ofContainer.addContainer(new EncodedContainer(0, embedCRL, 0, crls[i], 0, crls[i].length));
                }
            }
            ASN1Container ofContainer2 = new OfContainer(10551297, embedOCSP, 0, 12288, new EncodedContainer(12288));
            if (!embedOCSP) {
                ofContainer2.addContainer(new EncodedContainer(0, embedOCSP, 0, (byte[]) null, 0, 0));
            } else {
                if (oCSPResponses.length <= 0) {
                    throw new PDFSignatureException("No ocsp response provided for embedding into the signature");
                }
                for (int i2 = 0; i2 < oCSPResponses.length; i2++) {
                    ofContainer2.addContainer(new EncodedContainer(0, embedOCSP, 0, oCSPResponses[i2], 0, oCSPResponses[i2].length));
                }
            }
            ASN1Container ofContainer3 = new OfContainer(10551298, embedOtherRevInfo, 0, 12288, new EncodedContainer(12288));
            if (!embedOtherRevInfo) {
                ofContainer3.addContainer(new EncodedContainer(0, embedOtherRevInfo, 0, (byte[]) null, 0, 0));
            } else {
                if (otherRevInfo.length <= 0) {
                    throw new PDFSignatureException("No other rev info provided for embedding into the signature");
                }
                for (int i3 = 0; i3 < otherRevInfo.length; i3++) {
                    ofContainer3.addContainer(new EncodedContainer(0, embedOtherRevInfo, 0, otherRevInfo[i3], 0, otherRevInfo[i3].length));
                }
            }
            return ASN1.derEncode(new ASN1Container[]{sequenceContainer, ofContainer, ofContainer2, ofContainer3, endContainer});
        } catch (ASN_Exception e) {
            throw new PDFSignatureException("Problem encountered when DER encoding the Adobe Revocation Information Archival attribute", e);
        }
    }

    public static void addRevocationAttributeToSignerInfo(SignedData signedData, RevocationInfoProvider revocationInfoProvider) throws PDFSignatureException {
        if (revocationInfoProvider == null) {
            throw new PDFSignatureException("No revocation provider has been registered with the SignatureManager");
        }
        Vector signerInfos = signedData.getSignerInfos();
        NonStandardAttribute createAdobeRevocationInfoAttribute = createAdobeRevocationInfoAttribute(revocationInfoProvider);
        Enumeration elements = signerInfos.elements();
        while (elements.hasMoreElements()) {
            try {
                RSASigningUtils.addAuthenticatedAttribute((SignerInfo) elements.nextElement(), createAdobeRevocationInfoAttribute);
            } catch (PKCS7Exception e) {
                throw new PDFSignatureException("Could not set the revocation information as an authenticated attribute of SignerInfo", e);
            }
        }
    }
}
