package org.bouncycastle.jce;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.bouncycastle.a.aq;
import org.bouncycastle.a.as;
import org.bouncycastle.a.at;
import org.bouncycastle.a.aw;
import org.bouncycastle.a.ay;
import org.bouncycastle.a.ba;
import org.bouncycastle.a.be;
import org.bouncycastle.a.c;
import org.bouncycastle.a.d;
import org.bouncycastle.a.j;
import org.bouncycastle.a.j.e;
import org.bouncycastle.a.j.i;
import org.bouncycastle.a.j.l;
import org.bouncycastle.a.j.t;
import org.bouncycastle.a.j.u;
import org.bouncycastle.a.n.a;
import org.bouncycastle.a.n.ap;
import org.bouncycastle.a.n.au;
import org.bouncycastle.jce.provider.X509CRLObject;
import org.bouncycastle.jce.provider.X509CertificateObject;

/* loaded from: classes2.dex */
public class PKCS7SignedData implements l {
    private final String ID_DSA;
    private final String ID_MD2;
    private final String ID_MD5;
    private final String ID_PKCS7_DATA;
    private final String ID_PKCS7_SIGNED_DATA;
    private final String ID_RSA;
    private final String ID_SHA1;
    private Collection certs;
    private Collection crls;
    private byte[] digest;
    private String digestAlgorithm;
    private String digestEncryptionAlgorithm;
    private Set digestalgos;
    private transient PrivateKey privKey;
    private Signature sig;
    private X509Certificate signCert;
    private int signerversion;
    private int version;

    public PKCS7SignedData(PrivateKey privateKey, Certificate[] certificateArr, String str) throws SecurityException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException {
        this(privateKey, certificateArr, str, "BC");
    }

    public PKCS7SignedData(PrivateKey privateKey, Certificate[] certificateArr, String str, String str2) throws SecurityException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException {
        this(privateKey, certificateArr, null, str, str2);
    }

    public PKCS7SignedData(PrivateKey privateKey, Certificate[] certificateArr, CRL[] crlArr, String str, String str2) throws SecurityException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException {
        this.ID_PKCS7_DATA = "1.2.840.113549.1.7.1";
        this.ID_PKCS7_SIGNED_DATA = "1.2.840.113549.1.7.2";
        this.ID_MD5 = "1.2.840.113549.2.5";
        this.ID_MD2 = "1.2.840.113549.2.2";
        this.ID_SHA1 = "1.3.14.3.2.26";
        this.ID_RSA = "1.2.840.113549.1.1.1";
        this.ID_DSA = "1.2.840.10040.4.1";
        this.privKey = privateKey;
        if (str.equals("MD5")) {
            this.digestAlgorithm = "1.2.840.113549.2.5";
        } else if (str.equals("MD2")) {
            this.digestAlgorithm = "1.2.840.113549.2.2";
        } else if (str.equals("SHA")) {
            this.digestAlgorithm = "1.3.14.3.2.26";
        } else {
            if (!str.equals("SHA1")) {
                throw new NoSuchAlgorithmException("Unknown Hash Algorithm " + str);
            }
            this.digestAlgorithm = "1.3.14.3.2.26";
        }
        this.signerversion = 1;
        this.version = 1;
        this.certs = new ArrayList();
        this.crls = new ArrayList();
        this.digestalgos = new HashSet();
        this.digestalgos.add(this.digestAlgorithm);
        this.signCert = (X509Certificate) certificateArr[0];
        for (Certificate certificate : certificateArr) {
            this.certs.add(certificate);
        }
        if (crlArr != null) {
            for (CRL crl : crlArr) {
                this.crls.add(crl);
            }
        }
        this.digestEncryptionAlgorithm = privateKey.getAlgorithm();
        if (this.digestEncryptionAlgorithm.equals("RSA")) {
            this.digestEncryptionAlgorithm = "1.2.840.113549.1.1.1";
        } else {
            if (!this.digestEncryptionAlgorithm.equals("DSA")) {
                throw new NoSuchAlgorithmException("Unknown Key Algorithm " + this.digestEncryptionAlgorithm);
            }
            this.digestEncryptionAlgorithm = "1.2.840.10040.4.1";
        }
        this.sig = Signature.getInstance(getDigestAlgorithm(), str2);
        this.sig.initSign(privateKey);
    }

    public PKCS7SignedData(byte[] bArr) throws SecurityException, CRLException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException {
        this(bArr, "BC");
    }

    public PKCS7SignedData(byte[] bArr, String str) throws SecurityException, CRLException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException {
        this.ID_PKCS7_DATA = "1.2.840.113549.1.7.1";
        this.ID_PKCS7_SIGNED_DATA = "1.2.840.113549.1.7.2";
        this.ID_MD5 = "1.2.840.113549.2.5";
        this.ID_MD2 = "1.2.840.113549.2.2";
        this.ID_SHA1 = "1.3.14.3.2.26";
        this.ID_RSA = "1.2.840.113549.1.1.1";
        this.ID_DSA = "1.2.840.10040.4.1";
        try {
            as pn = new d(new ByteArrayInputStream(bArr)).pn();
            if (!(pn instanceof j)) {
                throw new SecurityException("Not a valid PKCS#7 object - not a sequence");
            }
            e D = e.D(pn);
            if (!D.pO().equals(aeM)) {
                throw new SecurityException("Not a valid PKCS#7 signed-data object - wrong header " + D.pO().getId());
            }
            t J = t.J(D.pP());
            this.certs = new ArrayList();
            if (J.qs() != null) {
                Enumeration pq = org.bouncycastle.a.l.s(J.qs()).pq();
                while (pq.hasMoreElements()) {
                    try {
                        this.certs.add(new X509CertificateObject(ap.aq(pq.nextElement())));
                    } catch (CertificateParsingException e) {
                        throw new SecurityException(e.toString());
                    }
                }
            }
            this.crls = new ArrayList();
            if (J.qt() != null) {
                Enumeration pq2 = org.bouncycastle.a.l.s(J.qt()).pq();
                while (pq2.hasMoreElements()) {
                    this.crls.add(new X509CRLObject(org.bouncycastle.a.n.l.U(pq2.nextElement())));
                }
            }
            this.version = J.qq().getValue().intValue();
            this.digestalgos = new HashSet();
            Enumeration pq3 = J.qr().pq();
            while (pq3.hasMoreElements()) {
                this.digestalgos.add(((at) ((j) pq3.nextElement()).bQ(0)).getId());
            }
            org.bouncycastle.a.l qu = J.qu();
            if (qu.size() != 1) {
                throw new SecurityException("This PKCS#7 object has multiple SignerInfos - only one is supported at this time");
            }
            u K = u.K(qu.bQ(0));
            this.signerversion = K.qq().getValue().intValue();
            i qv = K.qv();
            BigInteger value = qv.pU().getValue();
            X509Principal x509Principal = new X509Principal(qv.pT());
            Iterator it = this.certs.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                X509Certificate x509Certificate = (X509Certificate) it.next();
                if (value.equals(x509Certificate.getSerialNumber()) && x509Principal.equals(x509Certificate.getIssuerDN())) {
                    this.signCert = x509Certificate;
                    break;
                }
            }
            if (this.signCert == null) {
                throw new SecurityException("Can't find signing certificate with serial " + value.toString(16));
            }
            this.digestAlgorithm = K.qw().qB().getId();
            this.digest = K.qx().pp();
            this.digestEncryptionAlgorithm = K.qy().qB().getId();
            this.sig = Signature.getInstance(getDigestAlgorithm(), str);
            this.sig.initVerify(this.signCert.getPublicKey());
        } catch (IOException e2) {
            throw new SecurityException("can't decode PKCS7SignedData object");
        }
    }

    private as getIssuer(byte[] bArr) {
        try {
            j jVar = (j) new d(new ByteArrayInputStream(bArr)).pn();
            return (as) jVar.bQ(jVar.bQ(0) instanceof be ? 3 : 2);
        } catch (IOException e) {
            throw new Error("IOException reading from ByteArray: " + e);
        }
    }

    public Collection getCRLs() {
        return this.crls;
    }

    public Certificate[] getCertificates() {
        return (X509Certificate[]) this.certs.toArray(new X509Certificate[this.certs.size()]);
    }

    public String getDigestAlgorithm() {
        String str = this.digestAlgorithm;
        String str2 = this.digestEncryptionAlgorithm;
        if (this.digestAlgorithm.equals("1.2.840.113549.2.5")) {
            str = "MD5";
        } else if (this.digestAlgorithm.equals("1.2.840.113549.2.2")) {
            str = "MD2";
        } else if (this.digestAlgorithm.equals("1.3.14.3.2.26")) {
            str = "SHA1";
        }
        if (this.digestEncryptionAlgorithm.equals("1.2.840.113549.1.1.1")) {
            str2 = "RSA";
        } else if (this.digestEncryptionAlgorithm.equals("1.2.840.10040.4.1")) {
            str2 = "DSA";
        }
        return str + "with" + str2;
    }

    public byte[] getEncoded() {
        try {
            this.digest = this.sig.sign();
            c cVar = new c();
            Iterator it = this.digestalgos.iterator();
            while (it.hasNext()) {
                cVar.c(new a(new at((String) it.next()), null));
            }
            ba baVar = new ba(cVar);
            ay ayVar = new ay(new at("1.2.840.113549.1.7.1"));
            c cVar2 = new c();
            Iterator it2 = this.certs.iterator();
            while (it2.hasNext()) {
                cVar2.c(new d(new ByteArrayInputStream(((X509Certificate) it2.next()).getEncoded())).pn());
            }
            ba baVar2 = new ba(cVar2);
            c cVar3 = new c();
            cVar3.c(new org.bouncycastle.a.ap(this.signerversion));
            cVar3.c(new i(new au((j) getIssuer(this.signCert.getTBSCertificate())), new org.bouncycastle.a.ap(this.signCert.getSerialNumber())));
            cVar3.c(new a(new at(this.digestAlgorithm), new aq()));
            cVar3.c(new a(new at(this.digestEncryptionAlgorithm), new aq()));
            cVar3.c(new org.bouncycastle.a.au(this.digest));
            c cVar4 = new c();
            cVar4.c(new org.bouncycastle.a.ap(this.version));
            cVar4.c(baVar);
            cVar4.c(ayVar);
            cVar4.c(new be(false, 0, baVar2));
            if (this.crls.size() > 0) {
                c cVar5 = new c();
                Iterator it3 = this.crls.iterator();
                while (it3.hasNext()) {
                    cVar5.c(new d(new ByteArrayInputStream(((X509CRL) it3.next()).getEncoded())).pn());
                }
                cVar4.c(new be(false, 1, new ba(cVar5)));
            }
            cVar4.c(new ba(new ay(cVar3)));
            c cVar6 = new c();
            cVar6.c(new at("1.2.840.113549.1.7.2"));
            cVar6.c(new be(0, new ay(cVar4)));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            aw awVar = new aw(byteArrayOutputStream);
            awVar.writeObject(new ay(cVar6));
            awVar.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            throw new RuntimeException(e.toString());
        }
    }

    public X509Certificate getSigningCertificate() {
        return this.signCert;
    }

    public int getSigningInfoVersion() {
        return this.signerversion;
    }

    public int getVersion() {
        return this.version;
    }

    public void reset() {
        try {
            if (this.privKey == null) {
                this.sig.initVerify(this.signCert.getPublicKey());
            } else {
                this.sig.initSign(this.privKey);
            }
        } catch (Exception e) {
            throw new RuntimeException(e.toString());
        }
    }

    public void update(byte b) throws SignatureException {
        this.sig.update(b);
    }

    public void update(byte[] bArr, int i, int i2) throws SignatureException {
        this.sig.update(bArr, i, i2);
    }

    public boolean verify() throws SignatureException {
        return this.sig.verify(this.digest);
    }
}
