package cn.com.jit.ida.util.pki.pkcs;

import cn.com.jit.ida.util.pki.PKIException;
import cn.com.jit.ida.util.pki.Parser;
import cn.com.jit.ida.util.pki.asn1.ASN1InputStream;
import cn.com.jit.ida.util.pki.asn1.ASN1OctetString;
import cn.com.jit.ida.util.pki.asn1.ASN1Sequence;
import cn.com.jit.ida.util.pki.asn1.DERObjectIdentifier;
import cn.com.jit.ida.util.pki.asn1.pkcs.PKCSObjectIdentifiers;
import cn.com.jit.ida.util.pki.asn1.pkcs.pkcs7.ContentInfo;
import cn.com.jit.ida.util.pki.asn1.pkcs.pkcs7.IssuerAndSerialNumber;
import cn.com.jit.ida.util.pki.asn1.pkcs.pkcs7.SignedData;
import cn.com.jit.ida.util.pki.asn1.pkcs.pkcs7.SignerInfo;
import cn.com.jit.ida.util.pki.asn1.x509.X509Name;
import cn.com.jit.ida.util.pki.cert.X509Cert;
import cn.com.jit.ida.util.pki.cipher.Mechanism;
import cn.com.jit.ida.util.pki.cipher.Session;
import cn.com.jit.ida.util.pki.encoders.Base64;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.InputStream;

/* loaded from: classes.dex */
public class PKCS7SignedData {
    private Session session;
    private SignedData signedData = null;

    public PKCS7SignedData(Session session) {
        this.session = null;
        this.session = session;
    }

    public byte[] getContent(X509Cert x509Cert) {
        byte[] octets;
        ContentInfo contentInfo = this.signedData.getContentInfo();
        if (!contentInfo.getContentType().equals(PKCSObjectIdentifiers.data) && !contentInfo.getContentType().equals(PKCSObjectIdentifiers.id_ct_TSTInfo)) {
            octets = Parser.writeDERObj2Bytes(contentInfo.getContent().getDERObject());
        } else {
            if (contentInfo.getContent() == null) {
                throw new PKIException("8175", "parsing PKCS7 signature packet failed parsing PKCS7 signature packet failed", new Exception("no sourceData to be verify."));
            }
            octets = ((ASN1OctetString) contentInfo.getContent()).getOctets();
        }
        if (verifySignerInfo(octets, SignerInfo.getInstance(this.signedData.getSignerInfos().getObjectAt(0)), x509Cert)) {
            return octets;
        }
        throw new PKIException("8175", "parsing PKCS7 signature packet failed Verification PKCS7 signature failed");
    }

    public void load(SignedData signedData) {
        this.signedData = signedData;
    }

    public void load(InputStream inputStream) {
        ASN1InputStream aSN1InputStream = new ASN1InputStream(inputStream);
        try {
            SignedData signedData = SignedData.getInstance(ContentInfo.getInstance((ASN1Sequence) aSN1InputStream.readObject()).getContent());
            inputStream.close();
            aSN1InputStream.close();
            this.signedData = signedData;
        } catch (Exception e) {
            throw new PKIException("8175", PKIException.PARSE_P7_SIGNEDDATA_ERR_DES, e);
        } catch (Throwable th) {
            throw new PKIException("8175", PKIException.PARSE_P7_SIGNEDDATA_ERR_DES, (Exception) th);
        }
    }

    public void load(String str) {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            byte[] bArr = new byte[fileInputStream.available()];
            fileInputStream.read(bArr);
            fileInputStream.close();
            load(bArr);
        } catch (Exception e) {
            throw new PKIException("8175", PKIException.PARSE_P7_SIGNEDDATA_ERR_DES, e);
        }
    }

    public void load(byte[] bArr) {
        byte[] decodePem = Parser.decodePem(bArr);
        if (Parser.isBase64Encode(decodePem)) {
            decodePem = Base64.decode(decodePem);
        }
        load(new ByteArrayInputStream(decodePem));
    }

    public boolean verifyP7SignedData(X509Cert x509Cert) {
        byte[] octets;
        ContentInfo contentInfo = this.signedData.getContentInfo();
        if (!contentInfo.getContentType().equals(PKCSObjectIdentifiers.data) && !contentInfo.getContentType().equals(PKCSObjectIdentifiers.id_ct_TSTInfo)) {
            octets = Parser.writeDERObj2Bytes(contentInfo.getContent().getDERObject());
        } else {
            if (contentInfo.getContent() == null) {
                throw new PKIException("8175", "parsing PKCS7 signature packet failed parsing PKCS7 signature packet failed", new Exception("no sourceData to be verify."));
            }
            octets = ((ASN1OctetString) contentInfo.getContent()).getOctets();
        }
        return verifySignerInfo(octets, SignerInfo.getInstance(this.signedData.getSignerInfos().getObjectAt(0)), x509Cert);
    }

    public boolean verifyP7SignedData(InputStream inputStream, X509Cert x509Cert) {
        this.signedData.getContentInfo();
        return verifySignerInfo(inputStream, SignerInfo.getInstance(this.signedData.getSignerInfos().getObjectAt(0)), x509Cert);
    }

    public boolean verifyP7SignedData(byte[] bArr, X509Cert x509Cert) {
        this.signedData.getContentInfo();
        return verifySignerInfo(bArr, SignerInfo.getInstance(this.signedData.getSignerInfos().getObjectAt(0)), x509Cert);
    }

    public boolean verifySignerInfo(InputStream inputStream, SignerInfo signerInfo, X509Cert x509Cert) {
        Mechanism mechanism;
        try {
            String issuer = x509Cert.getIssuer();
            if (!new IssuerAndSerialNumber(new X509Name(issuer), x509Cert.getSerialNumber()).equals(signerInfo.getIssuerAndSerialNumber()) || !signerInfo.getDigestEncryptionAlgorithm().getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption)) {
                return false;
            }
            DERObjectIdentifier objectId = signerInfo.getDigestAlgorithm().getObjectId();
            if (objectId.equals(PKCSObjectIdentifiers.md2)) {
                mechanism = new Mechanism("MD2withRSAEncryption");
            } else if (objectId.equals(PKCSObjectIdentifiers.md5)) {
                mechanism = new Mechanism("MD5withRSAEncryption");
            } else if (objectId.equals(PKCSObjectIdentifiers.sha1)) {
                mechanism = new Mechanism("SHA1withRSAEncryption");
            } else {
                if (!objectId.equals(PKCSObjectIdentifiers.SM2) && !objectId.equals(PKCSObjectIdentifiers.SM2_SIGN) && !objectId.equals(PKCSObjectIdentifiers.SM2_CHANGE)) {
                    if (objectId.equals(PKCSObjectIdentifiers.sha224)) {
                        mechanism = new Mechanism("SHA224withRSAEncryption");
                    } else if (objectId.equals(PKCSObjectIdentifiers.sha256)) {
                        mechanism = new Mechanism("SHA256withRSAEncryption");
                    } else if (objectId.equals(PKCSObjectIdentifiers.sha384)) {
                        mechanism = new Mechanism("SHA384withRSAEncryption");
                    } else {
                        if (!objectId.equals(PKCSObjectIdentifiers.sha512)) {
                            return false;
                        }
                        mechanism = new Mechanism("SHA512withRSAEncryption");
                    }
                }
                mechanism = new Mechanism("SM3withSM2Encryption");
            }
            byte[] octets = signerInfo.getEncryptedDigest().getOctets();
            return this.session.verifySign(mechanism, x509Cert.getPublicKey(), inputStream, octets);
        } catch (Exception unused) {
            return false;
        }
    }

    public boolean verifySignerInfo(byte[] bArr, SignerInfo signerInfo, X509Cert x509Cert) {
        Mechanism mechanism;
        try {
            String issuer = x509Cert.getIssuer();
            if (!new IssuerAndSerialNumber(new X509Name(issuer), x509Cert.getSerialNumber()).equals(signerInfo.getIssuerAndSerialNumber())) {
                return false;
            }
            DERObjectIdentifier objectId = signerInfo.getDigestEncryptionAlgorithm().getObjectId();
            if (!objectId.equals(PKCSObjectIdentifiers.rsaEncryption) && !objectId.equals(PKCSObjectIdentifiers.SM2)) {
                return false;
            }
            signerInfo.getDigestEncryptionAlgorithm().getObjectId();
            DERObjectIdentifier objectId2 = signerInfo.getDigestAlgorithm().getObjectId();
            if (objectId2.equals(PKCSObjectIdentifiers.md2)) {
                mechanism = new Mechanism("MD2withRSAEncryption");
            } else if (objectId2.equals(PKCSObjectIdentifiers.md5)) {
                mechanism = new Mechanism("MD5withRSAEncryption");
            } else if (objectId2.equals(PKCSObjectIdentifiers.sha1)) {
                mechanism = new Mechanism("SHA1withRSAEncryption");
            } else {
                if (!objectId2.equals(PKCSObjectIdentifiers.SM2) && !objectId2.equals(PKCSObjectIdentifiers.SM2_SIGN) && !objectId2.equals(PKCSObjectIdentifiers.SM2_CHANGE)) {
                    if (objectId2.equals(PKCSObjectIdentifiers.sha224)) {
                        mechanism = new Mechanism("SHA224withRSAEncryption");
                    } else if (objectId2.equals(PKCSObjectIdentifiers.sha256)) {
                        mechanism = new Mechanism("SHA256withRSAEncryption");
                    } else if (objectId2.equals(PKCSObjectIdentifiers.sha384)) {
                        mechanism = new Mechanism("SHA384withRSAEncryption");
                    } else {
                        if (!objectId2.equals(PKCSObjectIdentifiers.sha512)) {
                            return false;
                        }
                        mechanism = new Mechanism("SHA512withRSAEncryption");
                    }
                }
                mechanism = new Mechanism("SM3withSM2Encryption");
            }
            byte[] octets = signerInfo.getEncryptedDigest().getOctets();
            return this.session.verifySign(mechanism, x509Cert.getPublicKey(), bArr, octets);
        } catch (Exception unused) {
            return false;
        }
    }
}
