package tech.relaycorp.veraid;

import java.security.PrivateKey;
import java.time.ZonedDateTime;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt;
import kotlin.collections.SetsKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.ranges.RangesKt;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.Attribute;
import org.jetbrains.annotations.NotNull;
import tech.relaycorp.veraid.dns.VeraDnssecChain;
import tech.relaycorp.veraid.pki.MemberIdBundle;
import tech.relaycorp.veraid.pki.OrgCertificate;
import tech.relaycorp.veraid.utils.asn1.ASN1Utils;
import tech.relaycorp.veraid.utils.cms.SignedData;
import tech.relaycorp.veraid.utils.x509.Certificate;

/* compiled from: SignatureBundle.kt */
@Metadata(mv = {1, 8, 0}, k = 1, xi = 48, d1 = {"��&\n\u0002\u0018\u0002\n\u0002\u0010��\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\b\n\u0002\u0010\u0012\n\u0002\b\u0002\u0018�� \u00112\u00020\u0001:\u0001\u0011B\u001f\b��\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007¢\u0006\u0002\u0010\bJ\u0006\u0010\u000f\u001a\u00020\u0010R\u0014\u0010\u0002\u001a\u00020\u0003X\u0080\u0004¢\u0006\b\n��\u001a\u0004\b\t\u0010\nR\u0014\u0010\u0004\u001a\u00020\u0005X\u0080\u0004¢\u0006\b\n��\u001a\u0004\b\u000b\u0010\fR\u0014\u0010\u0006\u001a\u00020\u0007X\u0080\u0004¢\u0006\b\n��\u001a\u0004\b\r\u0010\u000e¨\u0006\u0012"}, d2 = {"Ltech/relaycorp/veraid/SignatureBundle;", "", "chain", "Ltech/relaycorp/veraid/dns/VeraDnssecChain;", "orgCertificate", "Ltech/relaycorp/veraid/pki/OrgCertificate;", "signedData", "Ltech/relaycorp/veraid/utils/cms/SignedData;", "(Ltech/relaycorp/veraid/dns/VeraDnssecChain;Ltech/relaycorp/veraid/pki/OrgCertificate;Ltech/relaycorp/veraid/utils/cms/SignedData;)V", "getChain$veraid", "()Ltech/relaycorp/veraid/dns/VeraDnssecChain;", "getOrgCertificate$veraid", "()Ltech/relaycorp/veraid/pki/OrgCertificate;", "getSignedData$veraid", "()Ltech/relaycorp/veraid/utils/cms/SignedData;", "serialise", "", "Companion", "veraid"})
/* loaded from: input_file:tech/relaycorp/veraid/SignatureBundle.class */
public final class SignatureBundle {

    @NotNull
    public static final Companion Companion = new Companion(null);

    @NotNull
    private final VeraDnssecChain chain;

    @NotNull
    private final OrgCertificate orgCertificate;

    @NotNull
    private final SignedData signedData;

    /* compiled from: SignatureBundle.kt */
    @Metadata(mv = {1, 8, 0}, k = 1, xi = 48, d1 = {"��2\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0012\n��\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J8\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u0007\u001a\u00020\b2\u0006\u0010\t\u001a\u00020\n2\u0006\u0010\u000b\u001a\u00020\f2\u0006\u0010\r\u001a\u00020\u000e2\b\b\u0002\u0010\u000f\u001a\u00020\u000e¨\u0006\u0010"}, d2 = {"Ltech/relaycorp/veraid/SignatureBundle$Companion;", "", "()V", "generate", "Ltech/relaycorp/veraid/SignatureBundle;", "plaintext", "", "serviceOid", "", "memberIdBundle", "Ltech/relaycorp/veraid/pki/MemberIdBundle;", "signingKey", "Ljava/security/PrivateKey;", "expiryDate", "Ljava/time/ZonedDateTime;", "startDate", "veraid"})
    /* loaded from: input_file:tech/relaycorp/veraid/SignatureBundle$Companion.class */
    public static final class Companion {
        private Companion() {
        }

        @NotNull
        public final SignatureBundle generate(@NotNull byte[] bArr, @NotNull String str, @NotNull MemberIdBundle memberIdBundle, @NotNull PrivateKey privateKey, @NotNull ZonedDateTime zonedDateTime, @NotNull ZonedDateTime zonedDateTime2) {
            Intrinsics.checkNotNullParameter(bArr, "plaintext");
            Intrinsics.checkNotNullParameter(str, "serviceOid");
            Intrinsics.checkNotNullParameter(memberIdBundle, "memberIdBundle");
            Intrinsics.checkNotNullParameter(privateKey, "signingKey");
            Intrinsics.checkNotNullParameter(zonedDateTime, "expiryDate");
            Intrinsics.checkNotNullParameter(zonedDateTime2, "startDate");
            return new SignatureBundle(memberIdBundle.getDnssecChain$veraid(), memberIdBundle.getOrgCertificate$veraid(), SignedData.Companion.sign$default(SignedData.Companion, bArr, privateKey, memberIdBundle.getMemberCertificate$veraid(), SetsKt.setOf(new Certificate[]{memberIdBundle.getMemberCertificate$veraid(), memberIdBundle.getOrgCertificate$veraid()}), null, false, CollectionsKt.listOf(new Attribute(VeraOids.INSTANCE.getSIGNATURE_METADATA_ATTR(), new DERSet(new SignatureMetadata(new ASN1ObjectIdentifier(str), RangesKt.rangeTo(zonedDateTime2, zonedDateTime)).encode()))), 16, null));
        }

        public static /* synthetic */ SignatureBundle generate$default(Companion companion, byte[] bArr, String str, MemberIdBundle memberIdBundle, PrivateKey privateKey, ZonedDateTime zonedDateTime, ZonedDateTime zonedDateTime2, int i, Object obj) {
            if ((i & 32) != 0) {
                ZonedDateTime now = ZonedDateTime.now();
                Intrinsics.checkNotNullExpressionValue(now, "now()");
                zonedDateTime2 = now;
            }
            return companion.generate(bArr, str, memberIdBundle, privateKey, zonedDateTime, zonedDateTime2);
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    public SignatureBundle(@NotNull VeraDnssecChain veraDnssecChain, @NotNull OrgCertificate orgCertificate, @NotNull SignedData signedData) {
        Intrinsics.checkNotNullParameter(veraDnssecChain, "chain");
        Intrinsics.checkNotNullParameter(orgCertificate, "orgCertificate");
        Intrinsics.checkNotNullParameter(signedData, "signedData");
        this.chain = veraDnssecChain;
        this.orgCertificate = orgCertificate;
        this.signedData = signedData;
    }

    @NotNull
    public final VeraDnssecChain getChain$veraid() {
        return this.chain;
    }

    @NotNull
    public final OrgCertificate getOrgCertificate$veraid() {
        return this.orgCertificate;
    }

    @NotNull
    public final SignedData getSignedData$veraid() {
        return this.signedData;
    }

    @NotNull
    public final byte[] serialise() {
        return ASN1Utils.INSTANCE.serializeSequence(CollectionsKt.listOf(new ASN1Object[]{(ASN1Object) new ASN1Integer(0L), (ASN1Object) this.chain.encode$veraid(), (ASN1Object) this.orgCertificate.encode$veraid(), (ASN1Object) this.signedData.encode()}), false);
    }
}
