package eu.europa.ec.markt.dss.signature.cades;

import eu.europa.ec.markt.dss.DigestAlgorithm;
import eu.europa.ec.markt.dss.signature.SignatureParameters;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.Hashtable;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.esf.SignerAttribute;
import org.bouncycastle.asn1.ess.ESSCertID;
import org.bouncycastle.asn1.ess.ESSCertIDv2;
import org.bouncycastle.asn1.ess.SigningCertificate;
import org.bouncycastle.asn1.ess.SigningCertificateV2;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.Time;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:applet/signature-client.jar:eu/europa/ec/markt/dss/signature/cades/CAdESProfileBES.class */
public class CAdESProfileBES {
    private boolean padesUsage;

    public CAdESProfileBES() {
        this(false);
    }

    public CAdESProfileBES(boolean z) {
        this.padesUsage = z;
    }

    private Attribute makeSigningCertificateAttribute(SignatureParameters signatureParameters) {
        try {
            byte[] digest = MessageDigest.getInstance(signatureParameters.getDigestAlgorithm().getName(), new BouncyCastleProvider()).digest(signatureParameters.getSigningCertificate().getEncoded());
            return signatureParameters.getDigestAlgorithm() == DigestAlgorithm.SHA1 ? new Attribute(PKCSObjectIdentifiers.id_aa_signingCertificate, new DERSet(new SigningCertificate(new ESSCertID(digest)))) : new Attribute(PKCSObjectIdentifiers.id_aa_signingCertificateV2, new DERSet(new SigningCertificateV2(new ESSCertIDv2[]{new ESSCertIDv2(new AlgorithmIdentifier(signatureParameters.getDigestAlgorithm().getOid()), digest)})));
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        } catch (CertificateException e2) {
            throw new RuntimeException(e2);
        }
    }

    private Attribute makeSigningTimeAttribute(SignatureParameters signatureParameters) {
        return new Attribute(PKCSObjectIdentifiers.pkcs_9_at_signingTime, new DERSet(new Time(signatureParameters.getSigningDate())));
    }

    private Attribute makeSignerAttrAttribute(SignatureParameters signatureParameters) {
        return new Attribute(PKCSObjectIdentifiers.id_aa_ets_signerAttr, new DERSet(new SignerAttribute((ASN1Sequence) new DERSequence(new DEROctetString[]{new DEROctetString(signatureParameters.getClaimedSignerRole().getBytes())}))));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Hashtable<ASN1ObjectIdentifier, ASN1Encodable> getSignedAttributes(SignatureParameters signatureParameters) {
        Hashtable<ASN1ObjectIdentifier, ASN1Encodable> hashtable = new Hashtable<>();
        Attribute makeSigningCertificateAttribute = makeSigningCertificateAttribute(signatureParameters);
        hashtable.put((ASN1ObjectIdentifier) makeSigningCertificateAttribute.getAttrType(), makeSigningCertificateAttribute);
        if (!this.padesUsage) {
            hashtable.put(PKCSObjectIdentifiers.pkcs_9_at_signingTime, makeSigningTimeAttribute(signatureParameters));
        }
        if (!this.padesUsage && signatureParameters.getClaimedSignerRole() != null) {
            hashtable.put(PKCSObjectIdentifiers.id_aa_ets_signerAttr, makeSignerAttrAttribute(signatureParameters));
        }
        return hashtable;
    }

    public Hashtable<ASN1ObjectIdentifier, ASN1Encodable> getUnsignedAttributes(SignatureParameters signatureParameters) {
        return new Hashtable<>();
    }
}
