package es.gob.jmulticard.asn1.icao;

import es.gob.jmulticard.CryptoHelper;
import es.gob.jmulticard.HexUtils;
import es.gob.jmulticard.asn1.Asn1Exception;
import es.gob.jmulticard.asn1.DecoderObject;
import es.gob.jmulticard.asn1.Tlv;
import es.gob.jmulticard.asn1.TlvException;
import java.io.IOException;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.logging.Logger;

/* loaded from: input_file:es/gob/jmulticard/asn1/icao/Sod.class */
public final class Sod extends DecoderObject {
    private final transient CryptoHelper cryptoHelper;
    private static final byte TAG = 119;
    private transient byte[] ldsSecurityObjectBytes = null;
    private transient LdsSecurityObject ldsSecurityObject = null;
    private transient X509Certificate[] certificateChain = null;

    public Sod(CryptoHelper cryptoHelper) {
        this.cryptoHelper = cryptoHelper;
    }

    @Override // es.gob.jmulticard.asn1.DecoderObject
    protected void decodeValue() throws Asn1Exception, TlvException {
        checkTag(new Tlv(getRawDerValue()).getTag());
    }

    public void validateSignature() throws TlvException, SignatureException, CertificateException, IOException, Asn1Exception {
        Tlv tlv = new Tlv(getRawDerValue());
        this.certificateChain = this.cryptoHelper.validateCmsSignature(tlv.getValue());
        this.ldsSecurityObjectBytes = this.cryptoHelper.getCmsSignatureSignedContent(tlv.getValue());
        this.ldsSecurityObject = new LdsSecurityObject();
        this.ldsSecurityObject.setDerValue(this.ldsSecurityObjectBytes);
    }

    @Override // es.gob.jmulticard.asn1.DecoderObject
    protected byte getDefaultTag() {
        return (byte) 119;
    }

    public byte[] getLdsSecurityObjectBytes() throws SignatureException, CertificateException, TlvException, IOException, Asn1Exception {
        if (this.ldsSecurityObjectBytes == null) {
            validateSignature();
        }
        return this.ldsSecurityObjectBytes;
    }

    public LdsSecurityObject getLdsSecurityObject() throws TlvException, Asn1Exception, IOException, SignatureException, CertificateException {
        if (this.ldsSecurityObject == null) {
            validateSignature();
        }
        return this.ldsSecurityObject;
    }

    public X509Certificate[] getCertificateChain() throws TlvException, Asn1Exception, SignatureException, CertificateException, IOException {
        if (this.certificateChain == null) {
            validateSignature();
        }
        return (X509Certificate[]) this.certificateChain.clone();
    }

    public String toString() {
        StringBuilder sb = new StringBuilder("SOD ICAO");
        try {
            sb.append("\nFirmado por: " + getCertificateChain()[0].getSubjectX500Principal());
            sb.append("\n  Con huellas para los siguientes grupos de datos\n");
            for (DataGroupHash dataGroupHash : this.ldsSecurityObject.getDataGroupHashes()) {
                sb.append("    DG");
                sb.append(dataGroupHash.getDataGroupNumber());
                sb.append(" = ");
                sb.append(HexUtils.hexify(dataGroupHash.getDataGroupHashValue(), false));
                sb.append('\n');
            }
            return sb.toString();
        } catch (Exception e) {
            Logger.getLogger("es.gob.jmulticard").warning("No se ha podido obtener la cadena de certificados de firma del SOD: " + e);
            return sb.toString();
        }
    }
}
