package org.eclipse.andmore.android.certmanager.packaging.sign;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.CMSTypedData;
import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.eclipse.andmore.android.certmanager.CertificateManagerActivator;
import org.eclipse.andmore.android.certmanager.exception.KeyStoreManagerException;
import org.eclipse.andmore.android.certmanager.ui.model.IKeyStoreEntry;
import org.eclipse.andmore.android.common.log.AndmoreLogger;

/* loaded from: input_file:org/eclipse/andmore/android/certmanager/packaging/sign/SignatureBlockFile.class */
public class SignatureBlockFile {
    private SignatureFile signatureFile;
    private IKeyStoreEntry keystoreEntry;
    private String keyEntryPassword;

    public SignatureBlockFile(SignatureFile signatureFile, IKeyStoreEntry iKeyStoreEntry, String str) {
        this.keyEntryPassword = str;
        this.keystoreEntry = iKeyStoreEntry;
        this.signatureFile = signatureFile;
    }

    public String toString() {
        String str = new String();
        try {
            str = CertificateManagerActivator.METAFILES_DIR + CertificateManagerActivator.JAR_SEPARATOR + ISignConstants.SIGNATURE_FILE_NAME + "." + getBlockAlgorithm();
        } catch (KeyStoreException unused) {
            AndmoreLogger.error("Could not generate signature block file name.");
        } catch (NoSuchAlgorithmException unused2) {
            AndmoreLogger.error("Could not generate signature block file name.");
        } catch (UnrecoverableKeyException unused3) {
            AndmoreLogger.error("Could not generate signature block file name.");
        } catch (KeyStoreManagerException unused4) {
            AndmoreLogger.error("Could not generate signature block file name.");
        }
        return str;
    }

    private String getBlockAlgorithm() throws UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException, KeyStoreManagerException {
        return this.keystoreEntry.getKey(this.keyEntryPassword).getAlgorithm();
    }

    public void write(OutputStream outputStream) throws IOException, SignException, UnrecoverableKeyException, KeyStoreException, KeyStoreManagerException, NoSuchAlgorithmException, InvalidKeyException, CertificateEncodingException, OperatorCreationException, CMSException {
        X509Certificate[] x509CertificateArr = {this.keystoreEntry.getX509Certificate()};
        if (x509CertificateArr.length > 0) {
            X509Certificate x509Certificate = x509CertificateArr[0];
            PrivateKey privateKey = this.keystoreEntry.getPrivateKey(this.keyEntryPassword);
            String blockAlgorithm = getBlockAlgorithm();
            if (!blockAlgorithm.equalsIgnoreCase(ISignConstants.DSA) && !blockAlgorithm.equalsIgnoreCase(ISignConstants.RSA)) {
                AndmoreLogger.error(SignatureBlockFile.class, "Signing block algorithm not supported. Key algorithm must be DSA or RSA");
                throw new SignException("Signing block algorithm not supported");
            }
            String str = "SHA1with" + blockAlgorithm;
            Security.addProvider(new BouncyCastleProvider());
            ArrayList arrayList = new ArrayList();
            arrayList.add(x509Certificate);
            JcaCertStore jcaCertStore = new JcaCertStore(arrayList);
            ContentSigner build = new JcaContentSignerBuilder(str).build(privateKey);
            CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
            cMSSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()).setDirectSignature(true).build(build, x509Certificate));
            cMSSignedDataGenerator.addCertificates(jcaCertStore);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            this.signatureFile.write(byteArrayOutputStream);
            ASN1InputStream aSN1InputStream = new ASN1InputStream(cMSSignedDataGenerator.generate((CMSTypedData) new CMSProcessableByteArray(byteArrayOutputStream.toByteArray()), false).getEncoded());
            DEROutputStream dEROutputStream = new DEROutputStream(outputStream);
            dEROutputStream.writeObject(aSN1InputStream.readObject());
            dEROutputStream.flush();
            dEROutputStream.close();
            aSN1InputStream.close();
        }
        AndmoreLogger.info(SignatureBlockFile.class, "Created signature block file");
    }
}
