package eu.europa.ec.markt.dss.signature.cades;

import eu.europa.ec.markt.dss.signature.SignatureParameters;
import java.io.IOException;
import java.util.Hashtable;
import java.util.logging.Logger;
import org.apache.commons.io.output.ByteArrayOutputStream;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;

/* loaded from: input_file:applet/signature-client.jar:eu/europa/ec/markt/dss/signature/cades/CAdESProfileX.class */
public class CAdESProfileX extends CAdESProfileC {
    private static final Logger LOG = Logger.getLogger(CAdESProfileX.class.getName());
    AlgorithmIdentifier digestAlgorithm = new DefaultDigestAlgorithmIdentifierFinder().find(new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA"));
    protected int extendedValidationType = 1;

    public int getExtendedValidationType() {
        return this.extendedValidationType;
    }

    public void setExtendedValidationType(int i) {
        if (i != 1 && i != 2) {
            throw new IllegalArgumentException("The extended validation data type (CAdES-X type) shall be either 1 or 2");
        }
        this.extendedValidationType = i;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // eu.europa.ec.markt.dss.signature.cades.CAdESProfileC, eu.europa.ec.markt.dss.signature.cades.CAdESProfileT, eu.europa.ec.markt.dss.signature.cades.CAdESSignatureExtension
    public SignerInformation extendCMSSignature(CMSSignedData cMSSignedData, SignerInformation signerInformation, SignatureParameters signatureParameters) throws IOException {
        ASN1ObjectIdentifier aSN1ObjectIdentifier;
        SignerInformation extendCMSSignature = super.extendCMSSignature(cMSSignedData, signerInformation, signatureParameters);
        LOG.info(">>>CAdESProfileX::extendCMSSignature");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        switch (getExtendedValidationType()) {
            case 1:
                aSN1ObjectIdentifier = PKCSObjectIdentifiers.id_aa_ets_escTimeStamp;
                byteArrayOutputStream.write(extendCMSSignature.getSignature());
                byteArrayOutputStream.write(extendCMSSignature.getUnsignedAttributes().get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken).getAttrType().getDEREncoded());
                byteArrayOutputStream.write(extendCMSSignature.getUnsignedAttributes().get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken).getAttrValues().getDEREncoded());
                break;
            case 2:
                aSN1ObjectIdentifier = PKCSObjectIdentifiers.id_aa_ets_certCRLTimestamp;
                break;
            default:
                byteArrayOutputStream.close();
                throw new IllegalStateException("CAdES-X Profile: Extended validation is set but no valid type (1 or 2)");
        }
        byteArrayOutputStream.write(extendCMSSignature.getUnsignedAttributes().get(PKCSObjectIdentifiers.id_aa_ets_certificateRefs).getAttrType().getDEREncoded());
        byteArrayOutputStream.write(extendCMSSignature.getUnsignedAttributes().get(PKCSObjectIdentifiers.id_aa_ets_certificateRefs).getAttrValues().getDEREncoded());
        byteArrayOutputStream.write(extendCMSSignature.getUnsignedAttributes().get(PKCSObjectIdentifiers.id_aa_ets_revocationRefs).getAttrType().getDEREncoded());
        byteArrayOutputStream.write(extendCMSSignature.getUnsignedAttributes().get(PKCSObjectIdentifiers.id_aa_ets_revocationRefs).getAttrValues().getDEREncoded());
        Hashtable hashtable = extendCMSSignature.getUnsignedAttributes().toHashtable();
        hashtable.put(aSN1ObjectIdentifier, getTimeStampAttribute(aSN1ObjectIdentifier, getSignatureTsa(), this.digestAlgorithm, byteArrayOutputStream.toByteArray()));
        byteArrayOutputStream.close();
        return SignerInformation.replaceUnsignedAttributes(extendCMSSignature, new AttributeTable(hashtable));
    }
}
