package cn.unitid.easypki.pkcs7;

import cn.unitid.a.a.a.a.d.m;
import cn.unitid.a.a.a.c.a.f;
import cn.unitid.a.a.a.c.ao;
import cn.unitid.a.a.a.c.b;
import cn.unitid.a.a.a.c.bb;
import cn.unitid.a.a.a.c.h;
import cn.unitid.a.a.a.c.i;
import cn.unitid.a.a.a.c.l;
import cn.unitid.a.a.a.c.n;
import cn.unitid.a.a.a.h.o;
import cn.unitid.easypki.pkcs7.envelope.EPKeyTransEnvelopedRecipient;
import cn.unitid.easypki.pkcs7.envelope.EPKeyTransRecipientInfoGenerator;
import cn.unitid.easypki.pkcs7.envelope.IssuerAndSerialNumber;
import java.io.IOException;
import java.math.BigInteger;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public class EnvelopedDataGenerator {
    private IssuerAndSerialNumber issuerAndSerialNumber;
    private X509Certificate recipient = null;
    private PrivateKey recipientPrivateKey;

    private byte[] envelopeOpenImpl(byte[] bArr, Object obj) throws l, IOException {
        EPKeyTransEnvelopedRecipient ePKeyTransEnvelopedRecipient = obj instanceof PrivateKey ? new EPKeyTransEnvelopedRecipient((PrivateKey) obj) : new EPKeyTransEnvelopedRecipient((o) obj);
        Iterator<bb> it = new i(bArr).a().a().iterator();
        if (!it.hasNext()) {
            return null;
        }
        bb next = it.next();
        ao aoVar = (ao) next.b();
        m mVar = new m(aoVar.a(), aoVar.b());
        this.issuerAndSerialNumber = new IssuerAndSerialNumber(mVar.a(), mVar.b().d());
        return next.b(ePKeyTransEnvelopedRecipient);
    }

    public byte[] envelopeOpen(byte[] bArr) throws l, IOException {
        if (this.recipient == null) {
            throw new RuntimeException("接收者的公钥证书不能为空");
        }
        if (this.recipientPrivateKey == null) {
            throw new RuntimeException("接收者的私钥未初始化，不能为空");
        }
        byte[] bArr2 = null;
        Iterator<bb> it = new i(bArr).a().a().iterator();
        boolean z = false;
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            bb next = it.next();
            ao aoVar = (ao) next.b();
            m mVar = new m(aoVar.a(), aoVar.b());
            BigInteger serialNumber = this.recipient.getSerialNumber();
            BigInteger d = mVar.b().d();
            X500Principal x500Principal = new X500Principal(mVar.a().getEncoded());
            X500Principal issuerX500Principal = this.recipient.getIssuerX500Principal();
            if (serialNumber.equals(d) && x500Principal.equals(issuerX500Principal)) {
                z = true;
                this.issuerAndSerialNumber = new IssuerAndSerialNumber(mVar.a(), mVar.b().d());
                bArr2 = next.b(new EPKeyTransEnvelopedRecipient(this.recipientPrivateKey));
                break;
            }
        }
        if (z) {
            return bArr2;
        }
        throw new l("接收者证书与数字信封不匹配，无法解包数字信封");
    }

    public byte[] envelopeOpen(byte[] bArr, o oVar) throws l, IOException {
        return envelopeOpenImpl(bArr, oVar);
    }

    public byte[] envelopeSeal(byte[] bArr) throws IOException, l, CertificateEncodingException {
        X509Certificate x509Certificate = this.recipient;
        if (x509Certificate != null) {
            return envelopeSeal(bArr, x509Certificate);
        }
        throw new RuntimeException("接收者的公钥证书不能为空");
    }

    public byte[] envelopeSeal(byte[] bArr, X509Certificate x509Certificate) throws IOException, l, CertificateEncodingException {
        this.recipient = x509Certificate;
        n nVar = new n(bArr);
        h hVar = new h();
        hVar.a(new EPKeyTransRecipientInfoGenerator(this.recipient));
        return hVar.a(nVar, new f(b.f).a()).getEncoded();
    }

    public IssuerAndSerialNumber getIssuer() {
        return this.issuerAndSerialNumber;
    }

    public void initRecipient(X509Certificate x509Certificate) {
        this.recipient = x509Certificate;
    }

    public void initRecipient(X509Certificate x509Certificate, PrivateKey privateKey) {
        this.recipient = x509Certificate;
        this.recipientPrivateKey = privateKey;
    }
}
