package org.jmrtd.lds;

import com.baidu.mapauto.auth.util.RSAUtil;
import com.eidlink.idocr.e.b4;
import com.eidlink.idocr.e.d1;
import com.eidlink.idocr.e.d4;
import com.eidlink.idocr.e.e3;
import com.eidlink.idocr.e.e4;
import com.eidlink.idocr.e.e5;
import com.eidlink.idocr.e.f4;
import com.eidlink.idocr.e.g1;
import com.eidlink.idocr.e.g4;
import com.eidlink.idocr.e.h1;
import com.eidlink.idocr.e.l3;
import com.eidlink.idocr.e.l5;
import com.eidlink.idocr.e.m1;
import com.eidlink.idocr.e.m3;
import com.eidlink.idocr.e.m5;
import com.eidlink.idocr.e.n1;
import com.eidlink.idocr.e.p1;
import com.eidlink.idocr.e.r4;
import com.eidlink.idocr.e.s5;
import com.eidlink.idocr.e.t1;
import com.eidlink.idocr.e.v2;
import com.eidlink.idocr.e.w4;
import com.eidlink.idocr.e.y0;
import com.eidlink.idocr.e.z0;
import com.eidlink.idocr.e.z3;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.PSSParameterSpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.jmrtd.Util;

/* loaded from: classes3.dex */
public final class SignedDataUtil {
    public static final String IEEE_P1363_SHA1_OID = "1.3.14.3.2.26";
    public static final Logger LOGGER = Logger.getLogger("org.jmrtd");
    public static final String PKCS1_MD2_WITH_RSA_OID = "1.2.840.113549.1.1.2";
    public static final String PKCS1_MD4_WITH_RSA_OID = "1.2.840.113549.1.1.3";
    public static final String PKCS1_MD5_WITH_RSA_OID = "1.2.840.113549.1.1.4";
    public static final String PKCS1_MGF1 = "1.2.840.113549.1.1.8";
    public static final String PKCS1_RSASSA_PSS_OID = "1.2.840.113549.1.1.10";
    public static final String PKCS1_RSA_OID = "1.2.840.113549.1.1.1";
    public static final String PKCS1_SHA1_WITH_RSA_OID = "1.2.840.113549.1.1.5";
    public static final String PKCS1_SHA224_WITH_RSA_OID = "1.2.840.113549.1.1.14";
    public static final String PKCS1_SHA256_WITH_RSA_OID = "1.2.840.113549.1.1.11";
    public static final String PKCS1_SHA384_WITH_RSA_OID = "1.2.840.113549.1.1.12";
    public static final String PKCS1_SHA512_WITH_RSA_OID = "1.2.840.113549.1.1.13";
    public static final String RFC_3369_CONTENT_TYPE_OID = "1.2.840.113549.1.9.3";
    public static final String RFC_3369_MESSAGE_DIGEST_OID = "1.2.840.113549.1.9.4";
    public static final String RFC_3369_SIGNED_DATA_OID = "1.2.840.113549.1.7.2";
    public static final String X9_SHA1_WITH_ECDSA_OID = "1.2.840.10045.4.1";
    public static final String X9_SHA224_WITH_ECDSA_OID = "1.2.840.10045.4.3.1";
    public static final String X9_SHA256_WITH_ECDSA_OID = "1.2.840.10045.4.3.2";
    public static final String X9_SHA384_WITH_ECDSA_OID = "1.2.840.10045.4.3.3";
    public static final String X9_SHA512_WITH_ECDSA_OID = "1.2.840.10045.4.3.4";

    public static void checkEContent(Collection<z3> collection, String str, byte[] bArr) {
        for (z3 z3Var : collection) {
            if (RFC_3369_MESSAGE_DIGEST_OID.equals(z3Var.f().k())) {
                p1 g = z3Var.g();
                if (g.k() != 1) {
                    LOGGER.warning("Expected only one attribute value in signedAttribute message digest in eContent!");
                }
                byte[] j = ((v2) g.a(0)).j();
                if (j == null) {
                    LOGGER.warning("Error extracting signedAttribute message digest in eContent!");
                }
                if (!Arrays.equals(j, MessageDigest.getInstance(str).digest(bArr))) {
                    throw new SignatureException("Error checking signedAttribute message digest in eContent!");
                }
            }
        }
    }

    public static p1 createAuthenticatedAttributes(String str, String str2, b4 b4Var) {
        if ("SHA256".equals(str)) {
            str = "SHA-256";
        }
        return new m3(new g1[]{new z3(new h1(RFC_3369_CONTENT_TYPE_OID), createSingletonSet(new h1(str2))).b(), new z3(new h1(RFC_3369_MESSAGE_DIGEST_OID), createSingletonSet(new v2(Util.getMessageDigest(str).digest(((v2) b4Var.f()).j())))).b()});
    }

    public static n1 createCertificate(X509Certificate x509Certificate) {
        try {
            d1 d1Var = new d1(x509Certificate.getEncoded());
            try {
                return (n1) d1Var.d();
            } finally {
                try {
                    d1Var.close();
                } catch (IOException e) {
                    LOGGER.log(Level.FINE, "Error closing stream", (Throwable) e);
                }
            }
        } catch (IOException e2) {
            throw new CertificateException("Could not construct certificate byte stream", e2);
        }
    }

    public static n1 createDigestAlgorithms(String str) {
        h1 h1Var = new h1(lookupOIDByMnemonic(str));
        z0 z0Var = new z0();
        z0Var.a(h1Var);
        return new l3(z0Var);
    }

    public static e4 createSignedData(String str, String str2, String str3, b4 b4Var, byte[] bArr, X509Certificate x509Certificate) {
        return new e4(createSingletonSet(createDigestAlgorithms(str)), b4Var, createSingletonSet(createCertificate(x509Certificate)), null, createSingletonSet(createSignerInfo(str, str2, str3, b4Var, bArr, x509Certificate).b()));
    }

    public static g4 createSignerInfo(String str, String str2, String str3, b4 b4Var, byte[] bArr, X509Certificate x509Certificate) {
        return new g4(new f4(new d4(new e5(x509Certificate.getIssuerX500Principal().getName("RFC2253")), x509Certificate.getSerialNumber())), new l5(new h1(lookupOIDByMnemonic(str))), createAuthenticatedAttributes(str, str3, b4Var), new l5(new h1(lookupOIDByMnemonic(str2))), new v2(bArr), null);
    }

    public static p1 createSingletonSet(g1 g1Var) {
        return new m3(new y0[]{g1Var});
    }

    public static X509Certificate decodeCertificate(m5 m5Var) {
        return (X509Certificate) CertificateFactory.getInstance("X.509", Util.getBouncyCastleProvider()).generateCertificate(new ByteArrayInputStream(m5Var.a("DER")));
    }

    public static List<z3> getAttributes(p1 p1Var) {
        ArrayList list = Collections.list(p1Var.j());
        ArrayList arrayList = new ArrayList(list.size());
        Iterator it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(z3.a((n1) it.next()));
        }
        return arrayList;
    }

    public static List<X509Certificate> getCertificates(e4 e4Var) {
        p1 f = e4Var.f();
        int k = f == null ? 0 : f.k();
        ArrayList arrayList = new ArrayList(k);
        if (k <= 0) {
            return arrayList;
        }
        for (int i = 0; i < k; i++) {
            try {
                arrayList.add(decodeCertificate(m5.a(f.a(i))));
            } catch (Exception e) {
                LOGGER.log(Level.WARNING, "Exception in decoding certificate", (Throwable) e);
            }
        }
        return arrayList;
    }

    /* JADX WARN: Not initialized variable reg: 2, insn: 0x004b: MOVE (r1 I:??[OBJECT, ARRAY]) = (r2 I:??[OBJECT, ARRAY]), block:B:25:0x004b */
    /* JADX WARN: Removed duplicated region for block: B:28:0x004e A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static com.eidlink.idocr.e.m1 getContent(com.eidlink.idocr.e.e4 r6) {
        /*
            java.lang.String r0 = "Exception closing input stream"
            com.eidlink.idocr.e.b4 r6 = r6.g()
            com.eidlink.idocr.e.y0 r6 = r6.f()
            com.eidlink.idocr.e.v2 r6 = (com.eidlink.idocr.e.v2) r6
            r1 = 0
            com.eidlink.idocr.e.d1 r2 = new com.eidlink.idocr.e.d1     // Catch: java.lang.Throwable -> L2e java.io.IOException -> L30
            java.io.ByteArrayInputStream r3 = new java.io.ByteArrayInputStream     // Catch: java.lang.Throwable -> L2e java.io.IOException -> L30
            byte[] r6 = r6.j()     // Catch: java.lang.Throwable -> L2e java.io.IOException -> L30
            r3.<init>(r6)     // Catch: java.lang.Throwable -> L2e java.io.IOException -> L30
            r2.<init>(r3)     // Catch: java.lang.Throwable -> L2e java.io.IOException -> L30
            com.eidlink.idocr.e.m1 r6 = r2.d()     // Catch: java.io.IOException -> L2c java.lang.Throwable -> L4a
            r2.close()     // Catch: java.io.IOException -> L23
            goto L2b
        L23:
            r1 = move-exception
            java.util.logging.Logger r2 = org.jmrtd.lds.SignedDataUtil.LOGGER
            java.util.logging.Level r3 = java.util.logging.Level.FINE
            r2.log(r3, r0, r1)
        L2b:
            return r6
        L2c:
            r6 = move-exception
            goto L32
        L2e:
            r6 = move-exception
            goto L4c
        L30:
            r6 = move-exception
            r2 = r1
        L32:
            java.util.logging.Logger r3 = org.jmrtd.lds.SignedDataUtil.LOGGER     // Catch: java.lang.Throwable -> L4a
            java.util.logging.Level r4 = java.util.logging.Level.WARNING     // Catch: java.lang.Throwable -> L4a
            java.lang.String r5 = "Unexpected exception"
            r3.log(r4, r5, r6)     // Catch: java.lang.Throwable -> L4a
            if (r2 == 0) goto L49
            r2.close()     // Catch: java.io.IOException -> L41
            goto L49
        L41:
            r6 = move-exception
            java.util.logging.Logger r2 = org.jmrtd.lds.SignedDataUtil.LOGGER
            java.util.logging.Level r3 = java.util.logging.Level.FINE
            r2.log(r3, r0, r6)
        L49:
            return r1
        L4a:
            r6 = move-exception
            r1 = r2
        L4c:
            if (r1 == 0) goto L5a
            r1.close()     // Catch: java.io.IOException -> L52
            goto L5a
        L52:
            r1 = move-exception
            java.util.logging.Logger r2 = org.jmrtd.lds.SignedDataUtil.LOGGER
            java.util.logging.Level r3 = java.util.logging.Level.FINE
            r2.log(r3, r0, r1)
        L5a:
            throw r6
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jmrtd.lds.SignedDataUtil.getContent(com.eidlink.idocr.e.e4):com.eidlink.idocr.e.m1");
    }

    public static String getDigestEncryptionAlgorithm(e4 e4Var) {
        try {
            String k = getSignerInfo(e4Var).h().f().k();
            if (k != null) {
                return lookupMnemonicByOID(k);
            }
            LOGGER.warning("Could not determine digest encryption algorithm OID");
            return null;
        } catch (NoSuchAlgorithmException e) {
            LOGGER.log(Level.WARNING, "No such algorithm", (Throwable) e);
            return null;
        }
    }

    public static AlgorithmParameterSpec getDigestEncryptionAlgorithmParams(e4 e4Var) {
        try {
            l5 h = getSignerInfo(e4Var).h();
            y0 g = h.g();
            if (PKCS1_RSASSA_PSS_OID.equals(h.f().k())) {
                return toAlgorithmParameterSpec(w4.a(g));
            }
            return null;
        } catch (Exception e) {
            LOGGER.log(Level.WARNING, "Exception", (Throwable) e);
            return null;
        }
    }

    public static X509Certificate getDocSigningCertificate(e4 e4Var) {
        List<X509Certificate> certificates = getCertificates(e4Var);
        if (certificates == null || certificates.isEmpty()) {
            return null;
        }
        int size = certificates.size();
        if (size != 1) {
            LOGGER.warning("Found " + size + " certificates, interpreting last one as document signer certificate");
        }
        return certificates.get(size - 1);
    }

    public static byte[] getEContent(e4 e4Var) {
        g4 signerInfo = getSignerInfo(e4Var);
        p1 f = signerInfo.f();
        byte[] j = ((v2) e4Var.g().f()).j();
        if (f.k() == 0) {
            return j;
        }
        String k = signerInfo.g().f().k();
        byte[] bArr = null;
        try {
            bArr = f.a("DER");
            checkEContent(getAttributes(f), k, j);
            return bArr;
        } catch (IOException e) {
            LOGGER.log(Level.WARNING, "Error getting signedAttributes", (Throwable) e);
            return bArr;
        } catch (NoSuchAlgorithmException e2) {
            LOGGER.log(Level.WARNING, "Error checking signedAttributes in eContent! No such algorithm: \"" + k, (Throwable) e2);
            return bArr;
        }
    }

    public static byte[] getEncryptedDigest(e4 e4Var) {
        return getSignerInfo(e4Var).i().j();
    }

    public static d4 getIssuerAndSerialNumber(e4 e4Var) {
        d4 a = d4.a(getSignerInfo(e4Var).j().f());
        return new d4(a.f(), a.g().k());
    }

    public static m1 getObjectFromTaggedObject(y0 y0Var) {
        if (!(y0Var instanceof t1)) {
            throw new IOException("Was expecting an ASN1TaggedObject, found " + y0Var.getClass().getCanonicalName());
        }
        t1 t1Var = (t1) y0Var;
        int k = t1Var.k();
        if (k == 0) {
            return t1Var.j();
        }
        throw new IOException("Was expecting tag 0, found " + Integer.toHexString(k));
    }

    public static g4 getSignerInfo(e4 e4Var) {
        p1 h = e4Var.h();
        if (h == null || h.k() <= 0) {
            throw new IllegalArgumentException("No signer info in signed data");
        }
        if (h.k() > 1) {
            LOGGER.warning("Found " + h.k() + " signerInfos");
        }
        return g4.a(h.a(0));
    }

    public static String getSignerInfoDigestAlgorithm(e4 e4Var) {
        try {
            return lookupMnemonicByOID(getSignerInfo(e4Var).g().f().k());
        } catch (NoSuchAlgorithmException e) {
            LOGGER.log(Level.WARNING, "No such algorithm" + e);
            return null;
        }
    }

    public static String lookupMnemonicByOID(String str) {
        if (str == null) {
            return null;
        }
        if (str.equals(s5.e.k())) {
            return "O";
        }
        if (str.equals(s5.f.k())) {
            return "OU";
        }
        if (str.equals(s5.a.k())) {
            return "CN";
        }
        if (str.equals(s5.b.k())) {
            return "C";
        }
        if (str.equals(s5.d.k())) {
            return "ST";
        }
        if (str.equals(s5.c.k())) {
            return "L";
        }
        if (str.equals(s5.j.k())) {
            return "SHA-1";
        }
        if (str.equals(r4.f.k())) {
            return "SHA-224";
        }
        if (str.equals(r4.c.k())) {
            return "SHA-256";
        }
        if (str.equals(r4.d.k())) {
            return "SHA-384";
        }
        if (str.equals(r4.e.k())) {
            return "SHA-512";
        }
        if (str.equals(X9_SHA1_WITH_ECDSA_OID)) {
            return "SHA1withECDSA";
        }
        if (str.equals(X9_SHA224_WITH_ECDSA_OID)) {
            return "SHA224withECDSA";
        }
        if (str.equals(X9_SHA256_WITH_ECDSA_OID)) {
            return "SHA256withECDSA";
        }
        if (str.equals(X9_SHA384_WITH_ECDSA_OID)) {
            return "SHA384withECDSA";
        }
        if (str.equals(X9_SHA512_WITH_ECDSA_OID)) {
            return "SHA512withECDSA";
        }
        if (str.equals(PKCS1_RSA_OID)) {
            return "RSA";
        }
        if (str.equals(PKCS1_MD2_WITH_RSA_OID)) {
            return "MD2withRSA";
        }
        if (str.equals(PKCS1_MD4_WITH_RSA_OID)) {
            return "MD4withRSA";
        }
        if (str.equals(PKCS1_MD5_WITH_RSA_OID)) {
            return "MD5withRSA";
        }
        if (str.equals(PKCS1_SHA1_WITH_RSA_OID)) {
            return "SHA1withRSA";
        }
        if (str.equals(PKCS1_SHA256_WITH_RSA_OID)) {
            return RSAUtil.SIGNATURE_ALGORITHM;
        }
        if (str.equals(PKCS1_SHA384_WITH_RSA_OID)) {
            return "SHA384withRSA";
        }
        if (str.equals(PKCS1_SHA512_WITH_RSA_OID)) {
            return "SHA512withRSA";
        }
        if (str.equals(PKCS1_SHA224_WITH_RSA_OID)) {
            return "SHA224withRSA";
        }
        if (str.equals(IEEE_P1363_SHA1_OID)) {
            return "SHA-1";
        }
        if (str.equals(PKCS1_RSASSA_PSS_OID)) {
            return "SSAwithRSA/PSS";
        }
        if (str.equals(PKCS1_MGF1)) {
            return "MGF1";
        }
        throw new NoSuchAlgorithmException("Unknown OID " + str);
    }

    public static String lookupOIDByMnemonic(String str) {
        if ("O".equals(str)) {
            return s5.e.k();
        }
        if ("OU".equals(str)) {
            return s5.f.k();
        }
        if ("CN".equals(str)) {
            return s5.a.k();
        }
        if ("C".equals(str)) {
            return s5.b.k();
        }
        if ("ST".equals(str)) {
            return s5.d.k();
        }
        if ("L".equals(str)) {
            return s5.c.k();
        }
        if ("SHA-1".equalsIgnoreCase(str) || "SHA1".equalsIgnoreCase(str)) {
            return s5.j.k();
        }
        if ("SHA-224".equalsIgnoreCase(str) || "SHA224".equalsIgnoreCase(str)) {
            return r4.f.k();
        }
        if ("SHA-256".equalsIgnoreCase(str) || "SHA256".equalsIgnoreCase(str)) {
            return r4.c.k();
        }
        if ("SHA-384".equalsIgnoreCase(str) || "SHA384".equalsIgnoreCase(str)) {
            return r4.d.k();
        }
        if ("SHA-512".equalsIgnoreCase(str) || "SHA512".equalsIgnoreCase(str)) {
            return r4.e.k();
        }
        if ("RSA".equalsIgnoreCase(str)) {
            return PKCS1_RSA_OID;
        }
        if ("MD2withRSA".equalsIgnoreCase(str)) {
            return PKCS1_MD2_WITH_RSA_OID;
        }
        if ("MD4withRSA".equalsIgnoreCase(str)) {
            return PKCS1_MD4_WITH_RSA_OID;
        }
        if ("MD5withRSA".equalsIgnoreCase(str)) {
            return PKCS1_MD5_WITH_RSA_OID;
        }
        if ("SHA1withRSA".equalsIgnoreCase(str)) {
            return PKCS1_SHA1_WITH_RSA_OID;
        }
        if (RSAUtil.SIGNATURE_ALGORITHM.equalsIgnoreCase(str)) {
            return PKCS1_SHA256_WITH_RSA_OID;
        }
        if ("SHA384withRSA".equalsIgnoreCase(str)) {
            return PKCS1_SHA384_WITH_RSA_OID;
        }
        if ("SHA512withRSA".equalsIgnoreCase(str)) {
            return PKCS1_SHA512_WITH_RSA_OID;
        }
        if ("SHA224withRSA".equalsIgnoreCase(str)) {
            return PKCS1_SHA224_WITH_RSA_OID;
        }
        if ("SHA1withECDSA".equalsIgnoreCase(str)) {
            return X9_SHA1_WITH_ECDSA_OID;
        }
        if ("SHA224withECDSA".equalsIgnoreCase(str)) {
            return X9_SHA224_WITH_ECDSA_OID;
        }
        if ("SHA256withECDSA".equalsIgnoreCase(str)) {
            return X9_SHA256_WITH_ECDSA_OID;
        }
        if ("SHA384withECDSA".equalsIgnoreCase(str)) {
            return X9_SHA384_WITH_ECDSA_OID;
        }
        if ("SHA512withECDSA".equalsIgnoreCase(str)) {
            return X9_SHA512_WITH_ECDSA_OID;
        }
        if ("SAwithRSA/PSS".equalsIgnoreCase(str) || "SSAwithRSA/PSS".equalsIgnoreCase(str) || "RSASSA-PSS".equalsIgnoreCase(str)) {
            return PKCS1_RSASSA_PSS_OID;
        }
        if ("MGF1".equalsIgnoreCase(str) || "SHA256withRSAandMGF1".equalsIgnoreCase(str) || "SHA512withRSAandMGF1".equalsIgnoreCase(str)) {
            return PKCS1_MGF1;
        }
        throw new NoSuchAlgorithmException("Unknown name " + str);
    }

    public static e4 readSignedData(InputStream inputStream) {
        n1 n1Var = (n1) new d1(inputStream).d();
        if (n1Var.k() != 2) {
            throw new IOException("Was expecting a DER sequence of length 2, found a DER sequence of length " + n1Var.k());
        }
        String k = ((h1) n1Var.a(0)).k();
        if (!RFC_3369_SIGNED_DATA_OID.equals(k)) {
            throw new IOException("Was expecting signed-data content type OID (1.2.840.113549.1.7.2), found " + k);
        }
        m1 objectFromTaggedObject = getObjectFromTaggedObject(n1Var.a(1));
        if (objectFromTaggedObject instanceof n1) {
            return e4.a(objectFromTaggedObject);
        }
        throw new IOException("Was expecting an ASN.1 sequence as content");
    }

    public static byte[] signData(String str, String str2, String str3, b4 b4Var, PrivateKey privateKey, String str4) {
        try {
            byte[] a = createAuthenticatedAttributes(str, str3, b4Var).a("DER");
            Signature signature = str4 != null ? Signature.getInstance(str2, str4) : Signature.getInstance(str2);
            signature.initSign(privateKey);
            signature.update(a);
            return signature.sign();
        } catch (Exception e) {
            LOGGER.log(Level.WARNING, "Exception", (Throwable) e);
            return null;
        }
    }

    public static AlgorithmParameterSpec toAlgorithmParameterSpec(w4 w4Var) {
        String k = w4Var.f().f().k();
        l5 g = w4Var.g();
        String k2 = g.f().k();
        return new PSSParameterSpec(lookupMnemonicByOID(k), lookupMnemonicByOID(k2), toMaskGenAlgorithmParameterSpec(g), w4Var.h().intValue(), w4Var.i().intValue());
    }

    public static AlgorithmParameterSpec toMaskGenAlgorithmParameterSpec(l5 l5Var) {
        try {
            y0 g = l5Var.g();
            if (g != null) {
                return new MGF1ParameterSpec(lookupMnemonicByOID(l5.a(g).f().k()));
            }
        } catch (Exception e) {
            LOGGER.log(Level.WARNING, "Exception", (Throwable) e);
        }
        return new MGF1ParameterSpec("SHA-1");
    }

    public static void writeData(e4 e4Var, OutputStream outputStream) {
        z0 z0Var = new z0();
        z0Var.a(new h1(RFC_3369_SIGNED_DATA_OID));
        z0Var.a(new e3(0, e4Var));
        outputStream.write(new l3(z0Var).a("DER"));
    }
}
