package de.brendamour.jpasskit.signing;

import com.fasterxml.jackson.annotation.JsonFilter;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.ObjectWriter;
import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.databind.ser.impl.SimpleBeanPropertyFilter;
import com.fasterxml.jackson.databind.ser.impl.SimpleFilterProvider;
import com.fasterxml.jackson.databind.util.ISO8601DateFormat;
import de.brendamour.jpasskit.PKBarcode;
import de.brendamour.jpasskit.PKPass;
import java.io.File;
import java.nio.charset.Charset;
import java.security.Security;
import java.util.ArrayList;
import java.util.Date;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERUTCTime;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.CMSAttributes;
import org.bouncycastle.asn1.x509.Attribute;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.CMSTypedData;
import org.bouncycastle.cms.DefaultSignedAttributeTableGenerator;
import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;

/* loaded from: input_file:de/brendamour/jpasskit/signing/PKAbstractSigningUtil.class */
public abstract class PKAbstractSigningUtil implements IPKSigningUtil {
    protected static final String MANIFEST_JSON_FILE_NAME = "manifest.json";
    protected static final String PASS_JSON_FILE_NAME = "pass.json";
    protected static final String PERSONALIZATION_JSON_FILE_NAME = "personalization.json";
    protected static final String SIGNATURE_FILE_NAME = "signature";
    protected ObjectWriter objectWriter;

    @JsonFilter("barcodeFilter")
    /* loaded from: input_file:de/brendamour/jpasskit/signing/PKAbstractSigningUtil$BarcodeFilterMixIn.class */
    protected class BarcodeFilterMixIn {
        protected BarcodeFilterMixIn() {
        }
    }

    @JsonFilter("charsetFilter")
    /* loaded from: input_file:de/brendamour/jpasskit/signing/PKAbstractSigningUtil$CharsetFilterMixIn.class */
    protected class CharsetFilterMixIn {
        protected CharsetFilterMixIn() {
        }
    }

    @JsonFilter("pkPassFilter")
    /* loaded from: input_file:de/brendamour/jpasskit/signing/PKAbstractSigningUtil$PkPassFilterMixIn.class */
    protected class PkPassFilterMixIn {
        protected PkPassFilterMixIn() {
        }
    }

    @JsonFilter("validateFilter")
    /* loaded from: input_file:de/brendamour/jpasskit/signing/PKAbstractSigningUtil$ValidateFilterMixIn.class */
    protected class ValidateFilterMixIn {
        protected ValidateFilterMixIn() {
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PKAbstractSigningUtil(ObjectMapper objectMapper) {
        addBCProvider();
        this.objectWriter = configureObjectMapper(objectMapper);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PKAbstractSigningUtil(ObjectWriter objectWriter) {
        addBCProvider();
        this.objectWriter = objectWriter;
    }

    @Override // de.brendamour.jpasskit.signing.IPKSigningUtil
    public byte[] signManifestFile(byte[] bArr, PKSigningInformation pKSigningInformation) throws PKSigningException {
        if (bArr == null) {
            throw new IllegalArgumentException("manifestJSON has tobe present");
        }
        return signManifestUsingContent(pKSigningInformation, new CMSProcessableByteArray(bArr));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] signManifestUsingContent(PKSigningInformation pKSigningInformation, CMSTypedData cMSTypedData) throws PKSigningException {
        if (pKSigningInformation == null || !pKSigningInformation.isValid()) {
            throw new IllegalArgumentException("Signing information not valid");
        }
        try {
            CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
            ContentSigner build = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(pKSigningInformation.getSigningPrivateKey());
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(new Attribute(CMSAttributes.signingTime, new DERSet(new DERUTCTime(new Date()))));
            cMSSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()).setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(aSN1EncodableVector))).build(build, pKSigningInformation.getSigningCert()));
            ArrayList arrayList = new ArrayList();
            arrayList.add(pKSigningInformation.getAppleWWDRCACert());
            arrayList.add(pKSigningInformation.getSigningCert());
            cMSSignedDataGenerator.addCertificates(new JcaCertStore(arrayList));
            return cMSSignedDataGenerator.generate(cMSTypedData, false).getEncoded();
        } catch (Exception e) {
            throw new PKSigningException("Error when signing manifest", e);
        }
    }

    protected ObjectWriter configureObjectMapper(ObjectMapper objectMapper) {
        objectMapper.configure(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS, false);
        objectMapper.setDateFormat(new ISO8601DateFormat());
        SimpleFilterProvider simpleFilterProvider = new SimpleFilterProvider();
        simpleFilterProvider.addFilter("validateFilter", SimpleBeanPropertyFilter.serializeAllExcept(new String[]{"valid", "validationErrors"}));
        simpleFilterProvider.addFilter("pkPassFilter", SimpleBeanPropertyFilter.serializeAllExcept(new String[]{"valid", "validationErrors", "foregroundColorAsObject", "backgroundColorAsObject", "labelColorAsObject", "passThatWasSet"}));
        simpleFilterProvider.addFilter("barcodeFilter", SimpleBeanPropertyFilter.serializeAllExcept(new String[]{"valid", "validationErrors", "messageEncodingAsString", "validInIosVersionsBefore9"}));
        simpleFilterProvider.addFilter("charsetFilter", SimpleBeanPropertyFilter.filterOutAllExcept(new String[]{"name"}));
        objectMapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
        objectMapper.addMixIn(Object.class, ValidateFilterMixIn.class);
        objectMapper.addMixIn(PKPass.class, PkPassFilterMixIn.class);
        objectMapper.addMixIn(PKBarcode.class, BarcodeFilterMixIn.class);
        objectMapper.addMixIn(Charset.class, CharsetFilterMixIn.class);
        return objectMapper.writer(simpleFilterProvider);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getRelativePathOfZipEntry(String str, String str2) {
        String substring = str.substring(str2.length());
        if (File.separatorChar != '/') {
            substring = substring.replace(File.separatorChar, '/');
        }
        return substring;
    }

    private void addBCProvider() {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
