package cn.com.gfa.pki.cms;

import cn.com.gfa.pki.SystemException;
import cn.com.gfa.pki.crypto.CryptoToken;
import cn.com.gfa.pki.crypto.CryptoTokenManager;
import cn.com.gfa.pki.crypto.NoSuchCryptoTypeException;
import cn.com.gfa.pki.crypto.PKICryptoException;
import cn.com.gfa.pki.crypto.param.CBCParam;
import cn.com.gfa.pki.crypto.params.CipherParams;
import cn.com.gfa.pki.crypto.params.DigestParams;
import cn.com.gfa.pki.crypto.params.GeneratorKeyParams;
import cn.com.gfa.pki.crypto.params.SignParams;
import cn.com.gfa.pki.crypto.params.VerifySignParams;
import cn.com.gfa.pki.pkcs.SignedAndEnvelopedData;
import cn.com.gfa.pki.util.Base64;
import cn.com.gfa.pki.x509.cert.X509Cert;
import cn.com.gfa.pki.x509.cert.X509CertException;
import cn.com.gfa.pki.x509.crl.X509CRL;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertStore;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Iterator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERUTCTime;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.CMSAttributes;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.cms.EncryptedContentInfo;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.cms.RecipientInfo;
import org.bouncycastle.asn1.cms.SignerIdentifier;
import org.bouncycastle.asn1.cms.SignerInfo;
import org.bouncycastle.asn1.cms.Time;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.bouncycastle.asn1.x509.TBSCertificateStructure;
import org.bouncycastle.ocsp.CertificateID;

/* loaded from: classes.dex */
public class DigitalEnvelope {
    private ASN1EncodableVector certs;
    private ASN1EncodableVector clrs;
    private byte[] msg;
    private SignedAndEnvelopedData signedAndEnvelopedData;
    private ArrayList signers;
    private CryptoToken token;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class Signer {
        X509Cert cert;
        PrivateKey privateKey;
        AttributeTable sAttr;
        String sign_Mechanism;
        CryptoToken token;
        AttributeTable unsAttr;

        Signer(CryptoToken cryptoToken, SignParams signParams, X509Cert x509Cert) {
            this.privateKey = null;
            this.cert = null;
            this.sAttr = null;
            this.unsAttr = null;
            this.token = null;
            this.token = cryptoToken;
            this.privateKey = signParams.getPrivateKey();
            this.cert = x509Cert;
            this.sign_Mechanism = signParams.getAlgorithm();
        }

        Signer(CryptoToken cryptoToken, SignParams signParams, X509Cert x509Cert, AttributeTable attributeTable, AttributeTable attributeTable2) {
            this.privateKey = null;
            this.cert = null;
            this.sAttr = null;
            this.unsAttr = null;
            this.token = null;
            this.token = cryptoToken;
            this.privateKey = signParams.getPrivateKey();
            this.cert = x509Cert;
            this.sign_Mechanism = signParams.getAlgorithm();
            this.sAttr = attributeTable;
            this.unsAttr = attributeTable2;
        }

        private String GetSignatureAlgTypeOID() {
            String str = this.sign_Mechanism;
            if (str.equals("SHA1WithRSAEncryption")) {
                return "1.2.840.113549.1.1.5";
            }
            if (str.equals("SHA256WithRSAEncryption")) {
                return "1.2.840.113549.1.1.11";
            }
            if (str.equals("SHA384WithRSAEncryption")) {
                return "1.2.840.113549.1.1.12";
            }
            if (str.equals("SHA512WithRSAEncryption")) {
                return "1.2.840.113549.1.1.13";
            }
            if (str.equals("MD5WithRSAEncryption")) {
                return "1.2.840.113549.1.1.4";
            }
            if (str.equals("MD2WithRSAEncryption")) {
                return "1.2.840.113549.1.1.2";
            }
            if (str.equals("SHA1WITHECDSA")) {
                return "1.2.840.10045.4.1";
            }
            if (str.equals("SHA224WithECDSA")) {
                return "1.2.840.10045.4.3.1";
            }
            if (str.equals("SHA256WithECDSA")) {
                return "1.2.840.10045.4.3.2";
            }
            if (str.equals("SHA1WithDSA")) {
                return "1.2.840.10040.4.3";
            }
            if (str.equals("SHA224WithDSA")) {
                return "2.16.840.1.101.3.4.3.1";
            }
            if (str.equals("SHA256WithDSA")) {
                return "2.16.840.1.101.3.4.3.2";
            }
            if (str.equals("SM3WithSM2")) {
                return "1.2.156.10197.1.501";
            }
            return null;
        }

        String GetDigestTypeName() throws SystemException {
            if (this.sign_Mechanism.equals("MD2WithRSAEncryption")) {
                return DigestParams.DIGEST_MD2;
            }
            if (this.sign_Mechanism.equals("MD5WithRSAEncryption")) {
                return "MD5";
            }
            if (!this.sign_Mechanism.equals("SHA1WithRSAEncryption") && !this.sign_Mechanism.equals("SHA1WithDSA")) {
                if (this.sign_Mechanism.equals("SHA256WithRSAEncryption")) {
                    return "SHA256";
                }
                if (this.sign_Mechanism.equals("SHA384WithRSAEncryption")) {
                    return DigestParams.DIGEST_SHA384;
                }
                if (this.sign_Mechanism.equals("SHA512WithRSAEncryption")) {
                    return DigestParams.DIGEST_SHA512;
                }
                if (!this.sign_Mechanism.equals("SHA1WITHECDSA")) {
                    if (this.sign_Mechanism.equals("SHA224WithECDSA")) {
                        return DigestParams.DIGEST_SHA224;
                    }
                    if (this.sign_Mechanism.equals("SHA256WithECDSA")) {
                        return "SHA256";
                    }
                    throw new SystemException("sign_algorithm_error");
                }
            }
            return "SHA1";
        }

        String GetDigestTypeOID() throws SystemException {
            if (this.sign_Mechanism.equals("MD2WithRSAEncryption")) {
                return "1.2.840.113549.2.2";
            }
            if (this.sign_Mechanism.equals("MD5WithRSAEncryption")) {
                return "1.2.840.113549.2.5";
            }
            if (!this.sign_Mechanism.equals("SHA1WithRSAEncryption") && !this.sign_Mechanism.equals("SHA1WithDSA")) {
                if (!this.sign_Mechanism.equals("SHA256WithRSAEncryption")) {
                    if (this.sign_Mechanism.equals("SHA384WithRSAEncryption") || this.sign_Mechanism.equals("SHA512WithRSAEncryption")) {
                        return "2.16.840.1.101.3.4.2.2";
                    }
                    if (!this.sign_Mechanism.equals("SHA1WITHECDSA")) {
                        if (this.sign_Mechanism.equals("SHA224WithECDSA")) {
                            return "2.16.840.1.101.3.4.2.4";
                        }
                        if (!this.sign_Mechanism.equals("SHA256WithECDSA")) {
                            if (this.sign_Mechanism.equals("SHA224WithDSA")) {
                                return "2.16.840.1.101.3.4.2.4";
                            }
                            if (!this.sign_Mechanism.equals("SHA256WithDSA")) {
                                if (this.sign_Mechanism.equals("SM3WithSM2")) {
                                    return "1.2.156.10197.1.401";
                                }
                                throw new SystemException("");
                            }
                        }
                    }
                }
                return "2.16.840.1.101.3.4.2.1";
            }
            return CertificateID.HASH_SHA1;
        }

        String GetEncTypeName() throws SystemException {
            if (this.sign_Mechanism.equals("MD2WithRSAEncryption")) {
                return DigestParams.DIGEST_MD2;
            }
            if (this.sign_Mechanism.equals("MD5WithRSAEncryption") || this.sign_Mechanism.equals("SHA1WithRSAEncryption") || this.sign_Mechanism.equals("SHA1WithDSA") || this.sign_Mechanism.equals("SHA256WithRSAEncryption") || this.sign_Mechanism.equals("SHA384WithRSAEncryption") || this.sign_Mechanism.equals("SHA512WithRSAEncryption")) {
                return CipherParams.CIPHER_RSA_PKCS;
            }
            if (this.sign_Mechanism.equals("SHA1WITHECDSA") || this.sign_Mechanism.equals("SHA224WithECDSA") || this.sign_Mechanism.equals("SHA256WithECDSA")) {
                return "ECIES";
            }
            throw new SystemException("enc_algorithm_error");
        }

        String GetEncTypeOID() throws SystemException {
            if (this.sign_Mechanism.equals("MD2WithRSAEncryption") || this.sign_Mechanism.equals("MD5WithRSAEncryption") || this.sign_Mechanism.equals("SHA1WithRSAEncryption")) {
                return "1.2.840.113549.1.1.1";
            }
            if (this.sign_Mechanism.equals("SHA1WithDSA")) {
                return "1.2.840.10040.4.3";
            }
            if (this.sign_Mechanism.equals("SHA256WithRSAEncryption") || this.sign_Mechanism.equals("SHA384WithRSAEncryption") || this.sign_Mechanism.equals("SHA512WithRSAEncryption")) {
                return "1.2.840.113549.1.1.1";
            }
            if (this.sign_Mechanism.equals("SHA1WITHECDSA")) {
                return "1.2.840.10045.4.1";
            }
            if (this.sign_Mechanism.equals("SHA224WithECDSA")) {
                return "1.2.840.10045.4.3.1";
            }
            if (this.sign_Mechanism.equals("SHA256WithECDSA")) {
                return "1.2.840.10045.4.3.2";
            }
            if (this.sign_Mechanism.equals("SHA224WithDSA")) {
                return "2.16.840.1.101.3.4.3.1";
            }
            if (this.sign_Mechanism.equals("SHA256WithDSA")) {
                return "2.16.840.1.101.3.4.3.2";
            }
            if (this.sign_Mechanism.equals("SM3WithSM2")) {
                return "1.2.156.10197.1.301";
            }
            throw new SystemException("");
        }

        X509Cert getCertificate() {
            return this.cert;
        }

        PrivateKey getKey() {
            return this.privateKey;
        }

        String getSignMechanism() {
            return this.sign_Mechanism;
        }

        AttributeTable getSignedAttributes() {
            return this.sAttr;
        }

        AttributeTable getUnsignedAttributes() {
            return this.unsAttr;
        }

        SignerInfo toSignerInfo(DERObjectIdentifier dERObjectIdentifier, byte[] bArr, boolean z, boolean z2) throws SystemException, IOException, CertificateEncodingException, NoSuchAlgorithmException, PKICryptoException {
            DERSet dERSet;
            DERSet dERSet2;
            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(new DERObjectIdentifier(GetDigestTypeOID()), new DERNull());
            AlgorithmIdentifier algorithmIdentifier2 = GetEncTypeOID().equals("1.2.840.10040.4.3") ? new AlgorithmIdentifier(new DERObjectIdentifier(GetEncTypeOID())) : new AlgorithmIdentifier(new DERObjectIdentifier(GetEncTypeOID()), new DERNull());
            AlgorithmIdentifier algorithmIdentifier3 = new AlgorithmIdentifier(new DERObjectIdentifier(GetSignatureAlgTypeOID()), new DERNull());
            byte[] digest = this.token.digest(bArr, DigestParams.getInstance(GetDigestTypeName()));
            AttributeTable signedAttributes = getSignedAttributes();
            if (signedAttributes != null) {
                ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                if (signedAttributes.get(CMSAttributes.contentType) == null) {
                    aSN1EncodableVector.add(new Attribute(CMSAttributes.contentType, new DERSet(dERObjectIdentifier)));
                } else {
                    aSN1EncodableVector.add(signedAttributes.get(CMSAttributes.contentType));
                }
                if (signedAttributes.get(CMSAttributes.signingTime) == null) {
                    aSN1EncodableVector.add(new Attribute(CMSAttributes.signingTime, new DERSet(new Time(new Date()))));
                } else {
                    aSN1EncodableVector.add(signedAttributes.get(CMSAttributes.signingTime));
                }
                aSN1EncodableVector.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(digest))));
                Hashtable hashtable = signedAttributes.toHashtable();
                hashtable.remove(CMSAttributes.contentType);
                hashtable.remove(CMSAttributes.signingTime);
                hashtable.remove(CMSAttributes.messageDigest);
                Iterator it = hashtable.values().iterator();
                while (it.hasNext()) {
                    aSN1EncodableVector.add(Attribute.getInstance(it.next()));
                }
                dERSet = new DERSet(aSN1EncodableVector);
            } else if (z) {
                ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
                aSN1EncodableVector2.add(new Attribute(CMSAttributes.contentType, new DERSet(dERObjectIdentifier)));
                aSN1EncodableVector2.add(new Attribute(CMSAttributes.signingTime, new DERSet(new DERUTCTime(new Date()))));
                aSN1EncodableVector2.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(digest))));
                dERSet = new DERSet(aSN1EncodableVector2);
            } else {
                dERSet = null;
            }
            AttributeTable unsignedAttributes = getUnsignedAttributes();
            if (unsignedAttributes != null) {
                Iterator it2 = unsignedAttributes.toHashtable().values().iterator();
                ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
                while (it2.hasNext()) {
                    aSN1EncodableVector3.add(Attribute.getInstance(it2.next()));
                }
                dERSet2 = new DERSet(aSN1EncodableVector3);
            } else {
                dERSet2 = null;
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            if (dERSet != null) {
                DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
                dEROutputStream.writeObject(dERSet);
                dEROutputStream.flush();
                dEROutputStream.close();
            } else {
                byteArrayOutputStream.write(bArr);
            }
            DEROctetString dEROctetString = new DEROctetString(this.token.sign(SignParams.getInstance(this.sign_Mechanism, this.privateKey), byteArrayOutputStream.toByteArray()));
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.cert.getX509Certificate().getTBSCertificate());
            ASN1InputStream aSN1InputStream = new ASN1InputStream(byteArrayInputStream);
            TBSCertificateStructure tBSCertificateStructure = TBSCertificateStructure.getInstance(aSN1InputStream.readObject());
            SignerInfo signerInfo = z2 ? new SignerInfo(new SignerIdentifier(new IssuerAndSerialNumber(tBSCertificateStructure.getIssuer(), tBSCertificateStructure.getSerialNumber().getValue())), algorithmIdentifier, dERSet, algorithmIdentifier3, dEROctetString, dERSet2) : new SignerInfo(new SignerIdentifier((ASN1OctetString) new SubjectKeyIdentifier(this.cert.getCertStructure().getSubjectPublicKeyInfo()).getDERObject()), algorithmIdentifier, dERSet, algorithmIdentifier2, dEROctetString, dERSet2);
            byteArrayOutputStream.flush();
            byteArrayOutputStream.close();
            aSN1InputStream.close();
            byteArrayInputStream.close();
            return signerInfo;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class SignerId extends X509CertSelector {
        private SignerId() {
        }

        public boolean equals(Object obj) {
            if (!(obj instanceof SignerId)) {
                return false;
            }
            SignerId signerId = (SignerId) obj;
            if (signerId.getSerialNumber() != null && !signerId.getSerialNumber().equals(getSerialNumber())) {
                return false;
            }
            if (signerId.getIssuerAsString() != null && !signerId.getIssuerAsString().equals(getIssuerAsString())) {
                return false;
            }
            byte[] subjectKeyIdentifier = getSubjectKeyIdentifier();
            if (subjectKeyIdentifier == null) {
                return true;
            }
            byte[] subjectKeyIdentifier2 = signerId.getSubjectKeyIdentifier();
            return subjectKeyIdentifier2 != null && Arrays.equals(subjectKeyIdentifier, subjectKeyIdentifier2);
        }

        public int hashCode() {
            int hashCode = getSerialNumber() != null ? getSerialNumber().hashCode() ^ 0 : 0;
            if (getIssuerAsString() != null) {
                hashCode ^= getIssuerAsString().hashCode();
            }
            byte[] subjectKeyIdentifier = getSubjectKeyIdentifier();
            if (subjectKeyIdentifier != null) {
                for (int i = 0; i != subjectKeyIdentifier.length; i++) {
                    hashCode ^= (subjectKeyIdentifier[i] & 255) << (i % 4);
                }
            }
            return hashCode;
        }
    }

    private DigitalEnvelope() {
        this.certs = new ASN1EncodableVector();
        this.clrs = new ASN1EncodableVector();
        this.signers = new ArrayList();
        this.token = null;
        this.signedAndEnvelopedData = null;
        this.msg = null;
    }

    public DigitalEnvelope(CryptoToken cryptoToken) {
        this.certs = new ASN1EncodableVector();
        this.clrs = new ASN1EncodableVector();
        this.signers = new ArrayList();
        this.token = null;
        this.signedAndEnvelopedData = null;
        this.msg = null;
        if (cryptoToken == null) {
            throw new IllegalStateException("Token is not initialised!");
        }
        this.token = cryptoToken;
    }

    private String GetDigestTypeName(String str) throws SystemException {
        if (str.equals("MD2WithRSAEncryption")) {
            return DigestParams.DIGEST_MD2;
        }
        if (str.equals("MD5WithRSAEncryption")) {
            return "MD5";
        }
        if (!str.equals("SHA1WithRSAEncryption") && !str.equals("SHA1WithDSA")) {
            if (!str.equals("SHA256WithRSAEncryption")) {
                if (str.equals("SHA384WithRSAEncryption")) {
                    return DigestParams.DIGEST_SHA384;
                }
                if (str.equals("SHA512WithRSAEncryption")) {
                    return DigestParams.DIGEST_SHA512;
                }
                if (!str.equals("SHA1WITHECDSA")) {
                    if (str.equals("SHA224WithECDSA")) {
                        return DigestParams.DIGEST_SHA224;
                    }
                    if (!str.equals("SHA256WithECDSA")) {
                        if (!str.equals("SHA1WithDSA")) {
                            if (str.equals("SHA224WithDSA")) {
                                return DigestParams.DIGEST_SHA224;
                            }
                            if (!str.equals("SHA256WithDSA")) {
                                throw new SystemException("error_sign_error");
                            }
                        }
                    }
                }
            }
            return "SHA256";
        }
        return "SHA1";
    }

    private String GetSignMechanism(SignerInfo signerInfo) {
        String id = signerInfo.getDigestEncryptionAlgorithm().getAlgorithm().getId();
        if (id.equals("1.2.840.113549.1.1.5")) {
            return "SHA1WithRSAEncryption";
        }
        if (id.equals("1.2.840.113549.1.1.11")) {
            return "SHA256WithRSAEncryption";
        }
        if (id.equals("1.2.840.113549.1.1.12")) {
            return "SHA384WithRSAEncryption";
        }
        if (id.equals("1.2.840.113549.1.1.13")) {
            return "SHA512WithRSAEncryption";
        }
        if (id.equals("1.2.840.113549.1.1.4")) {
            return "MD5WithRSAEncryption";
        }
        if (id.equals("1.2.840.113549.1.1.2")) {
            return "MD2WithRSAEncryption";
        }
        if (id.equals("1.2.840.10045.4.1")) {
            return "SHA1WITHECDSA";
        }
        if (id.equals("1.2.840.10045.4.3.1")) {
            return "SHA224WithECDSA";
        }
        if (id.equals("1.2.840.10045.4.3.2")) {
            return "SHA256WithECDSA";
        }
        if (id.equals("1.2.840.10040.4.3")) {
            return "SHA1WithDSA";
        }
        if (id.equals("2.16.840.1.101.3.4.3.1")) {
            return "SHA224WithDSA";
        }
        if (id.equals("2.16.840.1.101.3.4.3.2")) {
            return "SHA256WithDSA";
        }
        if (id.equals("1.2.156.10197.1.501")) {
            return "SM3WithSM2";
        }
        return null;
    }

    private boolean doVerify(PublicKey publicKey, AttributeTable attributeTable, String str, ASN1Set aSN1Set, byte[] bArr, byte[] bArr2) {
        if (str == null) {
            return false;
        }
        try {
            VerifySignParams verifySignParams = VerifySignParams.getInstance(str, publicKey);
            if (attributeTable == null) {
                return this.token.verifySign(verifySignParams, bArr, bArr2);
            }
            byte[] digest = this.token.digest(bArr, DigestParams.getInstance(GetDigestTypeName(str)));
            Attribute attribute = attributeTable.get(CMSAttributes.messageDigest);
            Attribute attribute2 = attributeTable.get(CMSAttributes.contentType);
            if (attribute == null || attribute2 == null || !MessageDigest.isEqual(digest, ((ASN1OctetString) attribute.getAttrValues().getObjectAt(0)).getOctets())) {
                return false;
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
            dEROutputStream.writeObject(aSN1Set);
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            dEROutputStream.flush();
            dEROutputStream.close();
            byteArrayOutputStream.flush();
            byteArrayOutputStream.close();
            VerifySignParams.getInstance(str, publicKey);
            return this.token.verifySign(verifySignParams, byteArray, bArr2);
        } catch (SystemException | PKICryptoException | IOException | NoSuchAlgorithmException unused) {
            return false;
        }
    }

    private String getCipherParams(String str) {
        return "1.2.840.113549.3.4".equals(str) ? "RC4" : "2.16.840.1.101.3.4.1".equals(str) ? "AES" : "1.3.14.3.2.7".equals(str) ? "DES" : "1.2.840.113549.3.7".equals(str) ? CipherParams.CIPHER_DESEDE_CBC : "RC4";
    }

    private String getGeneratorKeyParams(String str) {
        return "1.2.840.113549.3.4".equals(str) ? "RC4" : "1.2.840.113549.3.2".equals(str) ? GeneratorKeyParams.RC2_KEY : "2.16.840.1.101.3.4.1".equals(str) ? "AES" : "1.3.14.3.2.7".equals(str) ? "DES" : "1.2.840.113549.3.7".equals(str) ? "DESEDE" : "RC4";
    }

    /* JADX WARN: Not initialized variable reg: 4, insn: 0x00c4: MOVE (r2 I:??[OBJECT, ARRAY]) = (r4 I:??[OBJECT, ARRAY]), block:B:53:0x00c4 */
    public static void main(String[] strArr) {
        BufferedInputStream bufferedInputStream;
        BufferedInputStream bufferedInputStream2;
        System.out.println("sdfg");
        try {
            X509Cert x509Cert = new X509Cert("d:\\jdtest.cer");
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            BufferedInputStream bufferedInputStream3 = null;
            r2 = null;
            byte[] bArr = null;
            try {
                try {
                    bufferedInputStream = new BufferedInputStream(new FileInputStream("d:\\jdimg.jpg"));
                    try {
                        byte[] bArr2 = new byte[1024];
                        for (int read = bufferedInputStream.read(bArr2); read != -1; read = bufferedInputStream.read(bArr2)) {
                            byteArrayOutputStream.write(bArr2, 0, read);
                        }
                        bArr = byteArrayOutputStream.toByteArray();
                        try {
                            bufferedInputStream.close();
                            byteArrayOutputStream.close();
                        } catch (IOException e) {
                            e = e;
                            e.printStackTrace();
                            byte[] bArr3 = bArr;
                            System.out.println(x509Cert.getSubjectDN());
                            try {
                                try {
                                    try {
                                        CryptoToken cryptoToken = CryptoTokenManager.getCryptoToken(CryptoToken.BC_SOFT_CRYPT);
                                        DigitalEnvelope digitalEnvelope = new DigitalEnvelope(cryptoToken);
                                        X509Cert x509Cert2 = new X509Cert(x509Cert.getX509Certificate().getEncoded());
                                        digitalEnvelope.AddCert(x509Cert2);
                                        digitalEnvelope.Generate(new X509Cert[]{x509Cert2}, cryptoToken.generatorKey(GeneratorKeyParams.getInstance("RC4", 128)), bArr3, false, true);
                                        System.out.println(new String(Base64.encode(digitalEnvelope.GetSignedDataForByte())));
                                    } catch (SystemException e2) {
                                        e2.printStackTrace();
                                        return;
                                    }
                                } catch (Exception e3) {
                                    e3.printStackTrace();
                                    return;
                                }
                            } catch (PKICryptoException e4) {
                                e4.printStackTrace();
                                return;
                            } catch (CertificateEncodingException e5) {
                                e5.printStackTrace();
                                return;
                            }
                        }
                    } catch (Exception e6) {
                        e = e6;
                        e.printStackTrace();
                        try {
                            bufferedInputStream.close();
                            byteArrayOutputStream.close();
                        } catch (IOException e7) {
                            e = e7;
                            e.printStackTrace();
                            byte[] bArr32 = bArr;
                            System.out.println(x509Cert.getSubjectDN());
                            CryptoToken cryptoToken2 = CryptoTokenManager.getCryptoToken(CryptoToken.BC_SOFT_CRYPT);
                            DigitalEnvelope digitalEnvelope2 = new DigitalEnvelope(cryptoToken2);
                            X509Cert x509Cert22 = new X509Cert(x509Cert.getX509Certificate().getEncoded());
                            digitalEnvelope2.AddCert(x509Cert22);
                            digitalEnvelope2.Generate(new X509Cert[]{x509Cert22}, cryptoToken2.generatorKey(GeneratorKeyParams.getInstance("RC4", 128)), bArr32, false, true);
                            System.out.println(new String(Base64.encode(digitalEnvelope2.GetSignedDataForByte())));
                        }
                        byte[] bArr322 = bArr;
                        System.out.println(x509Cert.getSubjectDN());
                        CryptoToken cryptoToken22 = CryptoTokenManager.getCryptoToken(CryptoToken.BC_SOFT_CRYPT);
                        DigitalEnvelope digitalEnvelope22 = new DigitalEnvelope(cryptoToken22);
                        X509Cert x509Cert222 = new X509Cert(x509Cert.getX509Certificate().getEncoded());
                        digitalEnvelope22.AddCert(x509Cert222);
                        digitalEnvelope22.Generate(new X509Cert[]{x509Cert222}, cryptoToken22.generatorKey(GeneratorKeyParams.getInstance("RC4", 128)), bArr322, false, true);
                        System.out.println(new String(Base64.encode(digitalEnvelope22.GetSignedDataForByte())));
                    }
                } catch (Throwable th) {
                    th = th;
                    bufferedInputStream3 = bufferedInputStream2;
                    try {
                        bufferedInputStream3.close();
                        byteArrayOutputStream.close();
                    } catch (IOException e8) {
                        e8.printStackTrace();
                    }
                    throw th;
                }
            } catch (Exception e9) {
                e = e9;
                bufferedInputStream = null;
            } catch (Throwable th2) {
                th = th2;
                bufferedInputStream3.close();
                byteArrayOutputStream.close();
                throw th;
            }
            byte[] bArr3222 = bArr;
            System.out.println(x509Cert.getSubjectDN());
            try {
                CryptoToken cryptoToken222 = CryptoTokenManager.getCryptoToken(CryptoToken.BC_SOFT_CRYPT);
                DigitalEnvelope digitalEnvelope222 = new DigitalEnvelope(cryptoToken222);
                X509Cert x509Cert2222 = new X509Cert(x509Cert.getX509Certificate().getEncoded());
                digitalEnvelope222.AddCert(x509Cert2222);
                digitalEnvelope222.Generate(new X509Cert[]{x509Cert2222}, cryptoToken222.generatorKey(GeneratorKeyParams.getInstance("RC4", 128)), bArr3222, false, true);
                System.out.println(new String(Base64.encode(digitalEnvelope222.GetSignedDataForByte())));
            } catch (IOException e10) {
                e10.printStackTrace();
            } catch (NoSuchAlgorithmException e11) {
                e11.printStackTrace();
            }
        } catch (X509CertException e12) {
            e12.printStackTrace();
        }
    }

    private void setCBCParam(CipherParams cipherParams, AlgorithmIdentifier algorithmIdentifier) {
        byte[] octets = ((ASN1OctetString) algorithmIdentifier.getParameters()).getOctets();
        if (cipherParams.getAlgorithm().indexOf("CBC") != -1) {
            byte[] iv = new IvParameterSpec(octets).getIV();
            CBCParam cBCParam = new CBCParam();
            cBCParam.setIv(iv);
            cipherParams.setParam(cBCParam);
        }
    }

    private boolean verifySignerInfo(byte[] bArr, X509Certificate x509Certificate, SignerInfo signerInfo, boolean z) {
        Attribute attribute;
        AttributeTable attributeTable = new AttributeTable(signerInfo.getAuthenticatedAttributes());
        if (z && (attribute = attributeTable.get(CMSAttributes.signingTime)) != null) {
            try {
                x509Certificate.checkValidity(Time.getInstance(attribute.getAttrValues().getObjectAt(0).getDERObject()).getDate());
            } catch (CertificateExpiredException | CertificateNotYetValidException unused) {
                return false;
            }
        }
        return doVerify(x509Certificate.getPublicKey(), attributeTable, GetSignMechanism(signerInfo), signerInfo.getAuthenticatedAttributes(), bArr, signerInfo.getEncryptedDigest().getOctets());
    }

    private boolean verifySignerInfo(byte[] bArr, ArrayList arrayList) {
        try {
            CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList));
            ASN1Set signerInfos = this.signedAndEnvelopedData.getSignerInfos();
            for (int i = 0; i < signerInfos.size(); i++) {
                SignerInfo signerInfo = SignerInfo.getInstance(signerInfos.getObjectAt(i));
                SignerId signerId = new SignerId();
                SignerIdentifier sid = signerInfo.getSID();
                if (sid.isTagged()) {
                    signerId.setSubjectKeyIdentifier(ASN1OctetString.getInstance(sid.getId()).getOctets());
                } else {
                    IssuerAndSerialNumber issuerAndSerialNumber = IssuerAndSerialNumber.getInstance(sid.getId());
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    ASN1OutputStream aSN1OutputStream = new ASN1OutputStream(byteArrayOutputStream);
                    aSN1OutputStream.writeObject(issuerAndSerialNumber.getName());
                    signerId.setIssuer(byteArrayOutputStream.toByteArray());
                    aSN1OutputStream.flush();
                    aSN1OutputStream.close();
                    byteArrayOutputStream.flush();
                    byteArrayOutputStream.close();
                    signerId.setSerialNumber(issuerAndSerialNumber.getSerialNumber().getValue());
                }
                if (!verifySignerInfo(bArr, (X509Certificate) certStore.getCertificates(signerId).iterator().next(), signerInfo, true)) {
                    return false;
                }
            }
            return true;
        } catch (IOException | Exception unused) {
            return false;
        }
    }

    private static byte[] writeDERObj2Bytes(DEREncodable dEREncodable) throws SystemException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
        try {
            dEROutputStream.writeObject(dEREncodable);
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            dEROutputStream.flush();
            dEROutputStream.close();
            byteArrayOutputStream.flush();
            byteArrayOutputStream.close();
            return byteArray;
        } catch (Exception e) {
            throw new SystemException("write_der_error", e);
        }
    }

    public void AddCRL(X509CRL x509crl) {
        this.clrs.add(x509crl.getCertList());
    }

    public void AddCert(X509Cert x509Cert) {
        this.certs.add(x509Cert.getCertStructure());
    }

    public void AddSigner(SignParams signParams, X509Cert x509Cert) {
        this.signers.add(new Signer(this.token, signParams, x509Cert));
    }

    public void Generate(X509Cert[] x509CertArr, SecretKey secretKey, String str, byte[] bArr, boolean z) throws SystemException, IOException, CertificateEncodingException, NoSuchAlgorithmException, PKICryptoException {
        Generate(x509CertArr, secretKey, str, bArr, true, z);
    }

    public void Generate(X509Cert[] x509CertArr, SecretKey secretKey, String str, byte[] bArr, boolean z, boolean z2) throws SystemException, IOException, CertificateEncodingException, NoSuchAlgorithmException, PKICryptoException {
        if (this.msg == null || this.signedAndEnvelopedData == null) {
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
            EnvelopedRecipientCipher envelopedRecipientCipher = new EnvelopedRecipientCipher(this.token);
            ASN1ObjectIdentifier aSN1ObjectIdentifier = new ASN1ObjectIdentifier(str);
            Iterator it = this.signers.iterator();
            while (it.hasNext()) {
                Signer signer = (Signer) it.next();
                aSN1EncodableVector.add(new AlgorithmIdentifier(new DERObjectIdentifier(signer.GetDigestTypeOID()), new DERNull()));
                aSN1EncodableVector2.add(signer.toSignerInfo(aSN1ObjectIdentifier, bArr, z, z2));
            }
            for (X509Cert x509Cert : x509CertArr) {
                aSN1EncodableVector3.add(envelopedRecipientCipher.toRecipientInfo(x509Cert, secretKey));
            }
            this.signedAndEnvelopedData = new SignedAndEnvelopedData(new DERInteger(0), new DERSet(aSN1EncodableVector3), new DERSet(aSN1EncodableVector), new EnvelopedContentCipher(this.token, secretKey).encryptedContentInfo(bArr), new DERSet(this.certs), new DERSet(this.clrs), new DERSet(aSN1EncodableVector2));
            this.msg = bArr;
        }
    }

    public void Generate(X509Cert[] x509CertArr, SecretKey secretKey, byte[] bArr, boolean z) throws SystemException, IOException, CertificateEncodingException, NoSuchAlgorithmException, PKICryptoException {
        Generate(x509CertArr, secretKey, PKCSObjectIdentifiers.data.getId(), bArr, z);
    }

    public void Generate(X509Cert[] x509CertArr, SecretKey secretKey, byte[] bArr, boolean z, boolean z2) throws SystemException, IOException, CertificateEncodingException, NoSuchAlgorithmException, PKICryptoException {
        Generate(x509CertArr, secretKey, "1.2.840.113549.1.7.1", bArr, z, z2);
    }

    public SignedAndEnvelopedData GetSignedData() throws SystemException {
        return this.signedAndEnvelopedData;
    }

    public byte[] GetSignedDataForByte() throws SystemException, IOException {
        if (this.signedAndEnvelopedData == null) {
            return null;
        }
        ContentInfo contentInfo = new ContentInfo(PKCSObjectIdentifiers.signedAndEnvelopedData, this.signedAndEnvelopedData);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
        dEROutputStream.writeObject(contentInfo);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        dEROutputStream.flush();
        dEROutputStream.close();
        byteArrayOutputStream.flush();
        byteArrayOutputStream.close();
        return byteArray;
    }

    public void GetSignedDataForFile(String str) throws SystemException, IOException {
        FileOutputStream fileOutputStream = new FileOutputStream(str);
        fileOutputStream.write(GetSignedDataForByte());
        fileOutputStream.flush();
        fileOutputStream.close();
    }

    public InputStream GetSignedDataForInputStream() throws SystemException, IOException {
        return new ByteArrayInputStream(GetSignedDataForByte());
    }

    public byte[] getContent(PrivateKey privateKey) throws SystemException {
        SignedAndEnvelopedData signedAndEnvelopedData;
        byte[] bArr = this.msg;
        if (bArr == null && this.signedAndEnvelopedData == null) {
            return null;
        }
        if (bArr != null || (signedAndEnvelopedData = this.signedAndEnvelopedData) == null) {
            if (bArr != null) {
            }
            return bArr;
        }
        RecipientInfo recipientInfo = RecipientInfo.getInstance(signedAndEnvelopedData.getRecipientInfos().getObjectAt(0));
        EncryptedContentInfo encryptedContentInfo = this.signedAndEnvelopedData.getEncryptedContentInfo();
        byte[] octets = encryptedContentInfo.getEncryptedContent().getOctets();
        AlgorithmIdentifier contentEncryptionAlgorithm = encryptedContentInfo.getContentEncryptionAlgorithm();
        String id = contentEncryptionAlgorithm.getAlgorithm().getId();
        System.out.println(id);
        try {
            CipherParams cipherParams = CipherParams.getInstance(getCipherParams(id), new EnvelopedRecipientCipher(this.token).getSecretKey(recipientInfo, privateKey, getGeneratorKeyParams(id)));
            setCBCParam(cipherParams, contentEncryptionAlgorithm);
            this.msg = CryptoTokenManager.getCryptoToken(CryptoToken.BC_SOFT_CRYPT).decrypt(cipherParams, octets);
        } catch (NoSuchCryptoTypeException e) {
            e.printStackTrace();
        } catch (PKICryptoException e2) {
            e2.printStackTrace();
            throw new SystemException(e2.getMessage());
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
            throw new SystemException(e3.getMessage());
        }
        return this.msg;
    }

    public void load(SignedAndEnvelopedData signedAndEnvelopedData) throws SystemException {
        this.signedAndEnvelopedData = signedAndEnvelopedData;
        this.msg = null;
    }

    public void load(InputStream inputStream) throws SystemException {
        ASN1InputStream aSN1InputStream = new ASN1InputStream(inputStream);
        try {
            this.signedAndEnvelopedData = SignedAndEnvelopedData.getInstance(ContentInfo.getInstance(aSN1InputStream.readObject()).getContent());
            inputStream.close();
            aSN1InputStream.close();
            this.msg = null;
        } catch (Exception e) {
            e.printStackTrace();
            throw new SystemException("load_error", e);
        }
    }

    public void load(String str) throws SystemException {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            byte[] bArr = new byte[fileInputStream.available()];
            fileInputStream.read(bArr);
            fileInputStream.close();
            load(bArr);
        } catch (Exception e) {
            throw new SystemException("load_error", e);
        }
    }

    public void load(byte[] bArr) throws SystemException {
        if (Base64.isBase64Encode(bArr)) {
            bArr = Base64.decode(Base64.convert(bArr));
        }
        load(new ByteArrayInputStream(bArr));
    }

    public boolean verify(byte[] bArr) {
        ArrayList arrayList = new ArrayList();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ASN1OutputStream aSN1OutputStream = new ASN1OutputStream(byteArrayOutputStream);
        ASN1Set certificates = this.signedAndEnvelopedData.getCertificates();
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            if (certificates != null) {
                Enumeration objects = certificates.getObjects();
                while (objects.hasMoreElements()) {
                    aSN1OutputStream.writeObject(objects.nextElement());
                    arrayList.add(certificateFactory.generateCertificate(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())));
                    byteArrayOutputStream.reset();
                }
            }
            aSN1OutputStream.flush();
            aSN1OutputStream.close();
            byteArrayOutputStream.flush();
            byteArrayOutputStream.close();
            return verifySignerInfo(bArr, arrayList);
        } catch (IOException | CertificateException unused) {
            return false;
        }
    }

    public boolean verify(byte[] bArr, X509Cert x509Cert, SignerInfo signerInfo) {
        try {
            return verifySignerInfo(bArr, (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(x509Cert.getCertStructure().getEncoded())), signerInfo, true);
        } catch (IOException | CertificateException unused) {
            return false;
        }
    }

    public boolean verify(byte[] bArr, X509Cert[] x509CertArr) {
        ArrayList arrayList = new ArrayList();
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            for (int i = 0; i < x509CertArr.length; i++) {
                if (x509CertArr[i] != null) {
                    arrayList.add(certificateFactory.generateCertificate(new ByteArrayInputStream(x509CertArr[i].getX509Certificate().getEncoded())));
                }
            }
            return verifySignerInfo(bArr, arrayList);
        } catch (CertificateException unused) {
            return false;
        }
    }

    public boolean verify(X509Cert[] x509CertArr) {
        return verify(null, x509CertArr);
    }
}
