package cn.com.infosec.pkcs;

import cn.com.infosec.asn1.ASN1OctetString;
import cn.com.infosec.asn1.ASN1Set;
import cn.com.infosec.asn1.DERConstructedSequence;
import cn.com.infosec.asn1.DERConstructedSet;
import cn.com.infosec.asn1.DEREncodable;
import cn.com.infosec.asn1.DERInputStream;
import cn.com.infosec.asn1.DERInteger;
import cn.com.infosec.asn1.DERObject;
import cn.com.infosec.asn1.DERObjectIdentifier;
import cn.com.infosec.asn1.DEROctetString;
import cn.com.infosec.asn1.DEROutputStream;
import cn.com.infosec.asn1.DERTaggedObject;
import cn.com.infosec.asn1.pkcs.PKCSObjectIdentifiers;
import cn.com.infosec.asn1.x509.AlgorithmIdentifier;
import cn.com.infosec.jce.X509Principal;
import cn.com.infosec.netsign.asn1.x509.InfosecCertificate;
import cn.com.infosec.netsign.crypto.util.CryptoUtil;
import cn.com.infosec.oscca.OID;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.CRLException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;

/* loaded from: input_file:cn/com/infosec/pkcs/PKCS7SignedData.class */
public class PKCS7SignedData implements PKCSObjectIdentifiers {
    private int version;
    private int signerversion;
    private Set digestalgos;
    private Collection certs;
    private InfosecCertificate signCert;
    private byte[] digest;
    private String digestAlgorithm;
    private String digestEncryptionAlgorithm;
    private byte[] contentData;
    private byte[] signCertTBS;
    DERObject[] certChainEncoded;
    private final String ID_PKCS7_DATA = "1.2.840.113549.1.7.1";
    private final String ID_PKCS7_SIGNED_DATA = "1.2.840.113549.1.7.2";
    private final String ID_SM3 = "1.2.156.197.1.401";
    private final String ID_SM2 = "1.2.156.197.1.301.1";
    private int keyIndex;
    private String passwd;
    private cn.com.infosec.asn1.pkcs.IssuerAndSerialNumber issuerAndSN;

    public PKCS7SignedData(byte[] bArr) throws SecurityException, CRLException, InvalidKeyException, CertificateException, NoSuchAlgorithmException, IOException {
        this.ID_PKCS7_DATA = "1.2.840.113549.1.7.1";
        this.ID_PKCS7_SIGNED_DATA = "1.2.840.113549.1.7.2";
        this.ID_SM3 = OID.OID_SM3;
        this.ID_SM2 = OID.OID_SM2_1;
        try {
            DERObject readObject = new DERInputStream(new ByteArrayInputStream(bArr)).readObject();
            if (!(readObject instanceof DERConstructedSequence)) {
                throw new SecurityException("Not a valid PKCS#7 object - not a sequence");
            }
            cn.com.infosec.asn1.pkcs.ContentInfo contentInfo = cn.com.infosec.asn1.pkcs.ContentInfo.getInstance(readObject);
            if (!contentInfo.getContentType().equals(signedData)) {
                throw new SecurityException(new StringBuffer("Not a valid PKCS#7 signed-data object - wrong header ").append(contentInfo.getContentType().getId()).toString());
            }
            cn.com.infosec.asn1.pkcs.SignedData signedData = cn.com.infosec.asn1.pkcs.SignedData.getInstance(contentInfo.getContent());
            this.certs = new ArrayList();
            if (signedData.getCertificates() != null) {
                Enumeration objects = ASN1Set.getInstance(signedData.getCertificates()).getObjects();
                while (objects.hasMoreElements()) {
                    this.certs.add(InfosecCertificate.getInstance(new ByteArrayInputStream(((DERObject) objects.nextElement()).getEncoded())));
                }
            }
            CryptoUtil.debug(new StringBuffer("Size of certs:").append(this.certs.size()).toString());
            this.version = signedData.getVersion().getValue().intValue();
            ASN1OctetString content = signedData.getContentInfo().getContent();
            if (content != null) {
                this.contentData = content.getOctets();
            } else {
                this.contentData = null;
            }
            this.digestalgos = new HashSet();
            Enumeration objects2 = signedData.getDigestAlgorithms().getObjects();
            while (objects2.hasMoreElements()) {
                this.digestalgos.add(((DERConstructedSequence) objects2.nextElement()).getObjectAt(0).getId());
            }
            DERConstructedSet signerInfos = signedData.getSignerInfos();
            if (signerInfos.getSize() != 1) {
                throw new SecurityException("This PKCS#7 object has multiple SignerInfos - only one is supported at this time");
            }
            cn.com.infosec.asn1.pkcs.SignerInfo signerInfo = cn.com.infosec.asn1.pkcs.SignerInfo.getInstance(signerInfos.getObjectAt(0));
            this.signerversion = signerInfo.getVersion().getValue().intValue();
            cn.com.infosec.asn1.pkcs.IssuerAndSerialNumber issuerAndSerialNumber = signerInfo.getIssuerAndSerialNumber();
            BigInteger value = issuerAndSerialNumber.getCertificateSerialNumber().getValue();
            X509Principal x509Principal = new X509Principal(issuerAndSerialNumber.getName());
            Iterator it = this.certs.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                InfosecCertificate infosecCertificate = (InfosecCertificate) it.next();
                if (value.equals(infosecCertificate.getSerialNumber()) && x509Principal.toString().equals(infosecCertificate.getIssuerDNStr())) {
                    this.signCert = infosecCertificate;
                    break;
                }
            }
            if (this.signCert == null) {
                throw new SecurityException(new StringBuffer("Can't find signing certificate with  ").append(x509Principal).append(" ").append(value.toString(16)).toString());
            }
            this.digestAlgorithm = signerInfo.getDigestAlgorithm().getObjectId().getId();
            this.digest = signerInfo.getEncryptedDigest().getOctets();
            this.digestEncryptionAlgorithm = signerInfo.getDigestEncryptionAlgorithm().getObjectId().getId();
            this.signCertTBS = this.signCert.getTBSCertificate();
        } catch (IOException e) {
            throw new SecurityException("can't decode PKCS7SignedData object");
        }
    }

    public byte[] getSignCertTBS() {
        return this.signCertTBS;
    }

    public PKCS7SignedData(int i, String str, InfosecCertificate[] infosecCertificateArr, DERObject[] dERObjectArr, cn.com.infosec.asn1.pkcs.IssuerAndSerialNumber issuerAndSerialNumber) throws SecurityException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException {
        this.ID_PKCS7_DATA = "1.2.840.113549.1.7.1";
        this.ID_PKCS7_SIGNED_DATA = "1.2.840.113549.1.7.2";
        this.ID_SM3 = OID.OID_SM3;
        this.ID_SM2 = OID.OID_SM2_1;
        this.digestAlgorithm = OID.OID_SM3;
        this.signerversion = 1;
        this.version = 1;
        this.certs = new ArrayList();
        this.digestalgos = new HashSet();
        this.digestalgos.add(this.digestAlgorithm);
        this.signCert = infosecCertificateArr[0];
        for (InfosecCertificate infosecCertificate : infosecCertificateArr) {
            this.certs.add(infosecCertificate);
        }
        this.certChainEncoded = dERObjectArr;
        this.digestEncryptionAlgorithm = OID.OID_SM2_1;
        this.keyIndex = i;
        this.passwd = str;
        this.issuerAndSN = issuerAndSerialNumber;
    }

    public String getDigestAlgorithm() {
        String str = this.digestAlgorithm;
        String str2 = this.digestEncryptionAlgorithm;
        if (this.digestAlgorithm.equals(OID.OID_SM3)) {
            str = "SM3";
        }
        if (this.digestEncryptionAlgorithm.equals(OID.OID_SM2_1)) {
            str2 = "ECC";
        }
        return new StringBuffer(String.valueOf(str)).append("/").append(str2).toString();
    }

    public InfosecCertificate[] getCertificates() {
        return (InfosecCertificate[]) this.certs.toArray(new InfosecCertificate[0]);
    }

    public InfosecCertificate getSigningCertificate() {
        return this.signCert;
    }

    public int getVersion() {
        return this.version;
    }

    public int getSigningInfoVersion() {
        return this.signerversion;
    }

    public byte[] getContentData() {
        return this.contentData;
    }

    public boolean verify() throws SignatureException {
        return false;
    }

    public byte[] getSignature() {
        return this.digest;
    }

    private DERObject getIssuer(byte[] bArr) {
        try {
            DERConstructedSequence readObject = new DERInputStream(new ByteArrayInputStream(bArr)).readObject();
            return readObject.getObjectAt(readObject.getObjectAt(0) instanceof DERTaggedObject ? 3 : 2);
        } catch (IOException e) {
            throw new Error(new StringBuffer("IOException reading from ByteArray: ").append(e).toString());
        }
    }

    public byte[] getEncoded() {
        return getEncoded(null);
    }

    public void update(byte[] bArr) {
        this.contentData = bArr;
    }

    public byte[] getEncoded(byte[] bArr) {
        try {
            DERConstructedSet dERConstructedSet = new DERConstructedSet();
            Iterator it = this.digestalgos.iterator();
            while (it.hasNext()) {
                dERConstructedSet.addObject(new AlgorithmIdentifier(new DERObjectIdentifier((String) it.next()), (DEREncodable) null));
            }
            DERConstructedSequence dERConstructedSequence = new DERConstructedSequence();
            dERConstructedSequence.addObject(new DERObjectIdentifier("1.2.840.113549.1.7.1"));
            if (bArr != null) {
                dERConstructedSequence.addObject(new DERTaggedObject(0, new DEROctetString(bArr)));
            }
            DERConstructedSet dERConstructedSet2 = new DERConstructedSet();
            int length = this.certChainEncoded.length;
            for (int i = 0; i < length; i++) {
                dERConstructedSet2.addObject(this.certChainEncoded[i]);
            }
            DERConstructedSequence dERConstructedSequence2 = new DERConstructedSequence();
            dERConstructedSequence2.addObject(new DERInteger(this.signerversion));
            dERConstructedSequence2.addObject(this.issuerAndSN);
            dERConstructedSequence2.addObject(new AlgorithmIdentifier(new DERObjectIdentifier(this.digestAlgorithm), (DEREncodable) null));
            dERConstructedSequence2.addObject(new AlgorithmIdentifier(new DERObjectIdentifier(this.digestEncryptionAlgorithm), (DEREncodable) null));
            dERConstructedSequence2.addObject(new DEROctetString(this.digest));
            DERConstructedSequence dERConstructedSequence3 = new DERConstructedSequence();
            dERConstructedSequence3.addObject(new DERInteger(this.version));
            dERConstructedSequence3.addObject(dERConstructedSet);
            dERConstructedSequence3.addObject(dERConstructedSequence);
            dERConstructedSequence3.addObject(new DERTaggedObject(false, 0, dERConstructedSet2));
            DERConstructedSet dERConstructedSet3 = new DERConstructedSet();
            dERConstructedSet3.addObject(dERConstructedSequence2);
            dERConstructedSequence3.addObject(dERConstructedSet3);
            DERConstructedSequence dERConstructedSequence4 = new DERConstructedSequence();
            dERConstructedSequence4.addObject(new DERObjectIdentifier("1.2.840.113549.1.7.2"));
            dERConstructedSequence4.addObject(new DERTaggedObject(0, dERConstructedSequence3));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
            dEROutputStream.writeObject(dERConstructedSequence4);
            dEROutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            e.printStackTrace();
            throw new RuntimeException(e.toString());
        }
    }
}
