package com.amazon.coral.internal.org.bouncycastle.tsp;

import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1Encodable;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1EncodableVector;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1ObjectIdentifier;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1Set;
import com.amazon.coral.internal.org.bouncycastle.asn1.cms.C$Attribute;
import com.amazon.coral.internal.org.bouncycastle.asn1.cms.C$AttributeTable;
import com.amazon.coral.internal.org.bouncycastle.asn1.cms.C$ContentInfo;
import com.amazon.coral.internal.org.bouncycastle.asn1.cryptopro.C$CryptoProObjectIdentifiers;
import com.amazon.coral.internal.org.bouncycastle.asn1.nist.C$NISTObjectIdentifiers;
import com.amazon.coral.internal.org.bouncycastle.asn1.oiw.C$OIWObjectIdentifiers;
import com.amazon.coral.internal.org.bouncycastle.asn1.pkcs.C$PKCSObjectIdentifiers;
import com.amazon.coral.internal.org.bouncycastle.asn1.teletrust.C$TeleTrusTObjectIdentifiers;
import com.amazon.coral.internal.org.bouncycastle.asn1.x509.C$ExtendedKeyUsage;
import com.amazon.coral.internal.org.bouncycastle.asn1.x509.C$Extension;
import com.amazon.coral.internal.org.bouncycastle.asn1.x509.C$Extensions;
import com.amazon.coral.internal.org.bouncycastle.asn1.x509.C$ExtensionsGenerator;
import com.amazon.coral.internal.org.bouncycastle.asn1.x509.C$KeyPurposeId;
import com.amazon.coral.internal.org.bouncycastle.cert.C$X509CertificateHolder;
import com.amazon.coral.internal.org.bouncycastle.cms.C$SignerInformation;
import com.amazon.coral.internal.org.bouncycastle.operator.C$DigestCalculator;
import com.amazon.coral.internal.org.bouncycastle.operator.C$DigestCalculatorProvider;
import com.amazon.coral.internal.org.bouncycastle.operator.C$OperatorCreationException;
import com.amazon.coral.internal.org.bouncycastle.pqc.jcajce.spec.C$McElieceCCA2ParameterSpec;
import com.amazon.coral.internal.org.bouncycastle.util.C$Arrays;
import com.amazon.coral.internal.org.bouncycastle.util.C$Integers;
import java.io.IOException;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/* renamed from: com.amazon.coral.internal.org.bouncycastle.tsp.$TSPUtil, reason: invalid class name */
/* loaded from: classes2.dex */
public class C$TSPUtil {
    private static List EMPTY_LIST = Collections.unmodifiableList(new ArrayList());
    private static final Map digestLengths = new HashMap();
    private static final Map digestNames = new HashMap();

    static {
        digestLengths.put(C$PKCSObjectIdentifiers.md5.getId(), C$Integers.valueOf(16));
        digestLengths.put(C$OIWObjectIdentifiers.idSHA1.getId(), C$Integers.valueOf(20));
        digestLengths.put(C$NISTObjectIdentifiers.id_sha224.getId(), C$Integers.valueOf(28));
        digestLengths.put(C$NISTObjectIdentifiers.id_sha256.getId(), C$Integers.valueOf(32));
        digestLengths.put(C$NISTObjectIdentifiers.id_sha384.getId(), C$Integers.valueOf(48));
        digestLengths.put(C$NISTObjectIdentifiers.id_sha512.getId(), C$Integers.valueOf(64));
        digestLengths.put(C$TeleTrusTObjectIdentifiers.ripemd128.getId(), C$Integers.valueOf(16));
        digestLengths.put(C$TeleTrusTObjectIdentifiers.ripemd160.getId(), C$Integers.valueOf(20));
        digestLengths.put(C$TeleTrusTObjectIdentifiers.ripemd256.getId(), C$Integers.valueOf(32));
        digestLengths.put(C$CryptoProObjectIdentifiers.gostR3411.getId(), C$Integers.valueOf(32));
        digestNames.put(C$PKCSObjectIdentifiers.md5.getId(), "MD5");
        digestNames.put(C$OIWObjectIdentifiers.idSHA1.getId(), "SHA1");
        digestNames.put(C$NISTObjectIdentifiers.id_sha224.getId(), "SHA224");
        digestNames.put(C$NISTObjectIdentifiers.id_sha256.getId(), C$McElieceCCA2ParameterSpec.DEFAULT_MD);
        digestNames.put(C$NISTObjectIdentifiers.id_sha384.getId(), "SHA384");
        digestNames.put(C$NISTObjectIdentifiers.id_sha512.getId(), "SHA512");
        digestNames.put(C$PKCSObjectIdentifiers.sha1WithRSAEncryption.getId(), "SHA1");
        digestNames.put(C$PKCSObjectIdentifiers.sha224WithRSAEncryption.getId(), "SHA224");
        digestNames.put(C$PKCSObjectIdentifiers.sha256WithRSAEncryption.getId(), C$McElieceCCA2ParameterSpec.DEFAULT_MD);
        digestNames.put(C$PKCSObjectIdentifiers.sha384WithRSAEncryption.getId(), "SHA384");
        digestNames.put(C$PKCSObjectIdentifiers.sha512WithRSAEncryption.getId(), "SHA512");
        digestNames.put(C$TeleTrusTObjectIdentifiers.ripemd128.getId(), "RIPEMD128");
        digestNames.put(C$TeleTrusTObjectIdentifiers.ripemd160.getId(), "RIPEMD160");
        digestNames.put(C$TeleTrusTObjectIdentifiers.ripemd256.getId(), "RIPEMD256");
        digestNames.put(C$CryptoProObjectIdentifiers.gostR3411.getId(), "GOST3411");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void addExtension(C$ExtensionsGenerator c$ExtensionsGenerator, C$ASN1ObjectIdentifier c$ASN1ObjectIdentifier, boolean z, C$ASN1Encodable c$ASN1Encodable) throws C$TSPIOException {
        try {
            c$ExtensionsGenerator.addExtension(c$ASN1ObjectIdentifier, z, c$ASN1Encodable);
        } catch (IOException e) {
            throw new C$TSPIOException("cannot encode extension: " + e.getMessage(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int getDigestLength(String str) throws C$TSPException {
        Integer num = (Integer) digestLengths.get(str);
        if (num != null) {
            return num.intValue();
        }
        throw new C$TSPException("digest algorithm cannot be found.");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static List getExtensionOIDs(C$Extensions c$Extensions) {
        return c$Extensions == null ? EMPTY_LIST : Collections.unmodifiableList(Arrays.asList(c$Extensions.getExtensionOIDs()));
    }

    public static Collection getSignatureTimestamps(C$SignerInformation c$SignerInformation, C$DigestCalculatorProvider c$DigestCalculatorProvider) throws C$TSPValidationException {
        ArrayList arrayList = new ArrayList();
        C$AttributeTable unsignedAttributes = c$SignerInformation.getUnsignedAttributes();
        if (unsignedAttributes != null) {
            C$ASN1EncodableVector all = unsignedAttributes.getAll(C$PKCSObjectIdentifiers.id_aa_signatureTimeStampToken);
            for (int i = 0; i < all.size(); i++) {
                C$ASN1Set attrValues = ((C$Attribute) all.get(i)).getAttrValues();
                for (int i2 = 0; i2 < attrValues.size(); i2++) {
                    try {
                        C$TimeStampToken c$TimeStampToken = new C$TimeStampToken(C$ContentInfo.getInstance(attrValues.getObjectAt(i2)));
                        C$TimeStampTokenInfo timeStampInfo = c$TimeStampToken.getTimeStampInfo();
                        C$DigestCalculator c$DigestCalculator = c$DigestCalculatorProvider.get(timeStampInfo.getHashAlgorithm());
                        OutputStream outputStream = c$DigestCalculator.getOutputStream();
                        outputStream.write(c$SignerInformation.getSignature());
                        outputStream.close();
                        if (!C$Arrays.constantTimeAreEqual(c$DigestCalculator.getDigest(), timeStampInfo.getMessageImprintDigest())) {
                            throw new C$TSPValidationException("Incorrect digest in message imprint");
                        }
                        arrayList.add(c$TimeStampToken);
                    } catch (C$OperatorCreationException e) {
                        throw new C$TSPValidationException("Unknown hash algorithm specified in timestamp");
                    } catch (Exception e2) {
                        throw new C$TSPValidationException("Timestamp could not be parsed");
                    }
                }
            }
        }
        return arrayList;
    }

    public static void validateCertificate(C$X509CertificateHolder c$X509CertificateHolder) throws C$TSPValidationException {
        if (c$X509CertificateHolder.toASN1Structure().getVersionNumber() != 3) {
            throw new IllegalArgumentException("Certificate must have an ExtendedKeyUsage extension.");
        }
        C$Extension extension = c$X509CertificateHolder.getExtension(C$Extension.extendedKeyUsage);
        if (extension == null) {
            throw new C$TSPValidationException("Certificate must have an ExtendedKeyUsage extension.");
        }
        if (!extension.isCritical()) {
            throw new C$TSPValidationException("Certificate must have an ExtendedKeyUsage extension marked as critical.");
        }
        C$ExtendedKeyUsage c$ExtendedKeyUsage = C$ExtendedKeyUsage.getInstance(extension.getParsedValue());
        if (!c$ExtendedKeyUsage.hasKeyPurposeId(C$KeyPurposeId.id_kp_timeStamping) || c$ExtendedKeyUsage.size() != 1) {
            throw new C$TSPValidationException("ExtendedKeyUsage not solely time stamping.");
        }
    }
}
