package tw.com.chttl;

import java.io.ByteArrayInputStream;
import java.security.Provider;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.cert.jcajce.JcaCertStore;
import org.spongycastle.cms.CMSAlgorithm;
import org.spongycastle.cms.CMSEnvelopedDataGenerator;
import org.spongycastle.cms.CMSEnvelopedDataParser;
import org.spongycastle.cms.CMSProcessableByteArray;
import org.spongycastle.cms.CMSSignedDataGenerator;
import org.spongycastle.cms.CMSSignedDataParser;
import org.spongycastle.cms.CMSTypedStream;
import org.spongycastle.cms.RecipientInformation;
import org.spongycastle.cms.SignerInfoGeneratorBuilder;
import org.spongycastle.cms.SignerInformation;
import org.spongycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
import org.spongycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.spongycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.operator.bc.BcDigestCalculatorProvider;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;
import org.spongycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.spongycastle.util.Store;
import tw.com.chttl.TokenException;
import tw.com.chttl.provider.ChungHwaProvider;

/* loaded from: classes.dex */
public class P7Utility {
    public static Provider bcProvider;

    static {
        bcProvider = null;
        if (Security.getProvider("SC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
        bcProvider = new BouncyCastleProvider();
        Security.addProvider(new ChungHwaProvider());
    }

    public static byte[] decryptData(ChtRsaPrivateKey chtRsaPrivateKey, X509Certificate x509Certificate, byte[] bArr) {
        if (a.b()) {
            throw TokenException.a;
        }
        Iterator it = new CMSEnvelopedDataParser(bArr).getRecipientInfos().getRecipients().iterator();
        if (it.hasNext()) {
            return ((RecipientInformation) it.next()).getContent(new TLRecipient(chtRsaPrivateKey));
        }
        return null;
    }

    public static byte[] envelopedData(X509Certificate x509Certificate, String str) {
        if (a.b()) {
            throw TokenException.a;
        }
        CMSProcessableByteArray cMSProcessableByteArray = new CMSProcessableByteArray(str.getBytes());
        CMSEnvelopedDataGenerator cMSEnvelopedDataGenerator = new CMSEnvelopedDataGenerator();
        cMSEnvelopedDataGenerator.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(x509Certificate).setProvider(bcProvider));
        return cMSEnvelopedDataGenerator.generate(cMSProcessableByteArray, new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(bcProvider).build()).toASN1Structure().getEncoded("DER");
    }

    public static void main(String[] strArr) {
        if (System.getProperty("os.name").startsWith("Windows")) {
            if (System.getProperty("sun.arch.data.model").equals("32")) {
                Module.initialize(".\\nativelib\\HiCOSPKCS11v32.dll");
            } else {
                Module.initialize(".\\nativelib\\HiCOSPKCS11v64.dll");
            }
        } else if (System.getProperty("os.name").startsWith("Linux")) {
            System.err.println("only run in Windows system");
            return;
        }
        Module module = Module.getInstance();
        int[] tokens = module.getTokens();
        if (tokens.length == 0) {
            System.err.println("there is no token present");
            return;
        }
        P11PrivateKey p11PrivateKey = new P11PrivateKey(module, tokens[0], "SIGN", "KEYX");
        P12PrivateKey p12PrivateKey = new P12PrivateKey("D:\\temp\\james.pfx", "12345678");
        testPKCS7(p11PrivateKey, p11PrivateKey.getSignCertificate(), p11PrivateKey.getEncCertificate());
        testPKCS7(p12PrivateKey, p12PrivateKey.getCertificate(), p12PrivateKey.getCertificate());
    }

    public static byte[] signedData(ChtRsaPrivateKey chtRsaPrivateKey, X509Certificate x509Certificate, byte[] bArr) {
        if (a.b()) {
            throw TokenException.a;
        }
        return signedData(chtRsaPrivateKey, new X509Certificate[]{x509Certificate}, x509Certificate, bArr);
    }

    public static byte[] signedData(ChtRsaPrivateKey chtRsaPrivateKey, X509Certificate x509Certificate, byte[] bArr, boolean z) {
        if (a.b()) {
            throw TokenException.a;
        }
        return signedData(chtRsaPrivateKey, new X509Certificate[]{x509Certificate}, x509Certificate, bArr, z);
    }

    public static byte[] signedData(ChtRsaPrivateKey chtRsaPrivateKey, X509Certificate[] x509CertificateArr, X509Certificate x509Certificate, byte[] bArr) {
        return signedData(chtRsaPrivateKey, x509CertificateArr, x509Certificate, bArr, true);
    }

    public static byte[] signedData(ChtRsaPrivateKey chtRsaPrivateKey, X509Certificate[] x509CertificateArr, X509Certificate x509Certificate, byte[] bArr, boolean z) {
        if (a.b()) {
            throw TokenException.a;
        }
        ArrayList arrayList = new ArrayList();
        CMSProcessableByteArray cMSProcessableByteArray = new CMSProcessableByteArray(bArr);
        for (X509Certificate x509Certificate2 : x509CertificateArr) {
            arrayList.add(x509Certificate2);
        }
        JcaCertStore jcaCertStore = new JcaCertStore(arrayList);
        CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
        cMSSignedDataGenerator.addSignerInfoGenerator(new SignerInfoGeneratorBuilder(new BcDigestCalculatorProvider()).build(new JcaContentSignerBuilder("SHA1withRSA").setProvider("CHT").build(chtRsaPrivateKey), new X509CertificateHolder(x509Certificate.getEncoded())));
        cMSSignedDataGenerator.addCertificates(jcaCertStore);
        return cMSSignedDataGenerator.generate(cMSProcessableByteArray, z).toASN1Structure().getEncoded("DER");
    }

    public static void testPKCS7(ChtRsaPrivateKey chtRsaPrivateKey, X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        System.out.println("********* PKCS#7 Test { *********");
        if (chtRsaPrivateKey.login("12345678")) {
            System.out.println(String.valueOf(1) + ". login success");
            if (verifyData(signedData(chtRsaPrivateKey, x509Certificate, "Test Text (to be signed)".getBytes()))) {
                System.out.println(String.valueOf(2) + ". PKCS#7 signature verify ok");
            } else {
                System.err.println(String.valueOf(2) + ". PKCS#7 signature verify fail");
            }
            if (new String(decryptData(chtRsaPrivateKey, x509Certificate2, envelopedData(x509Certificate2, "Test Text (to be decrypted)"))).equals("Test Text (to be decrypted)")) {
                System.out.println(String.valueOf(3) + ". PKCS#7 decryption verify ok");
            } else {
                System.err.println(String.valueOf(3) + ". PKCS#7 decryption verify fail");
            }
            chtRsaPrivateKey.logout();
        } else {
            System.err.println(String.valueOf(1) + ". login fail");
        }
        System.out.println("********* PKCS#7 Test } *********");
    }

    public static boolean verifyData(CMSSignedDataParser cMSSignedDataParser) {
        if (a.b()) {
            throw TokenException.a;
        }
        if (!new Double(1.47d).equals(Double.valueOf(bcProvider.getVersion()))) {
            throw new TokenException(TokenException.HiSecureError.COMMON_WRONG_BC_JCE_VERSION, "", " BC version = " + bcProvider.getVersion());
        }
        try {
            cMSSignedDataParser.getSignedContent().drain();
            Store certificates = cMSSignedDataParser.getCertificates();
            for (SignerInformation signerInformation : cMSSignedDataParser.getSignerInfos().getSigners()) {
                try {
                    if (!signerInformation.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(bcProvider).build((X509CertificateHolder) certificates.getMatches(signerInformation.getSID()).iterator().next()))) {
                        return false;
                    }
                } catch (Exception e) {
                    e.printStackTrace();
                    return false;
                }
            }
            return true;
        } catch (Exception e2) {
            e2.printStackTrace();
            return false;
        }
    }

    public static boolean verifyData(byte[] bArr) {
        try {
            return verifyData(new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(bcProvider).build(), bArr));
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    public static boolean verifyData(byte[] bArr, byte[] bArr2) {
        try {
            return verifyData(new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(bcProvider).build(), new CMSTypedStream(new ByteArrayInputStream(bArr)), bArr2));
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }
}
