package com.baltimore.jpkiplus.pkcs7.content;

import com.baltimore.jcrypto.asn1.ASN1;
import com.baltimore.jcrypto.asn1.ASN1ContextSpecific;
import com.baltimore.jcrypto.asn1.ASN1Exception;
import com.baltimore.jcrypto.asn1.ASN1Integer;
import com.baltimore.jcrypto.asn1.ASN1Object;
import com.baltimore.jcrypto.asn1.ASN1ObjectIdentifier;
import com.baltimore.jcrypto.asn1.ASN1Sequence;
import com.baltimore.jcrypto.asn1.ASN1SetOf;
import com.baltimore.jcrypto.coders.BERCoder;
import com.baltimore.jcrypto.coders.CoderException;
import com.baltimore.jcrypto.coders.DERCoder;
import com.baltimore.jcrypto.coders.DERInterface;
import com.baltimore.jcrypto.pkcs.AlgorithmIdentifier;
import com.baltimore.jcrypto.pkcs.PKCSException;
import com.baltimore.jcrypto.utils.OIDException;
import com.baltimore.jcrypto.utils.OIDs;
import com.baltimore.jpkiplus.pkcs7.CertificateChain;
import com.baltimore.jpkiplus.pkcs7.ContentInfo;
import com.baltimore.jpkiplus.pkcs7.SignerInfo;
import com.baltimore.jpkiplus.pkcs7.SignerInfos;
import com.baltimore.jpkiplus.x509.JCRYPTO_X509CRL;
import com.baltimore.jpkiplus.x509.JCRYPTO_X509Certificate;
import com.baltimore.jpkiplus.x509.Name;
import com.baltimore.jpkiplus.x509.utils.IssuerAndSerialNumber;
import com.baltimore.jpkiplus.x509.utils.PKIOIDs;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Vector;

/* compiled from: [DashoPro-V1.3-013000] */
/* loaded from: input_file:com/baltimore/jpkiplus/pkcs7/content/SignedData.class */
public class SignedData extends Content implements DERInterface {
    private Content c;
    private CertificateChain d;
    private int a = 1;
    private AlgorithmIdentifier b = null;
    private SignerInfo e = null;
    private Vector f = new Vector();
    private SignerInfos g = new SignerInfos();
    private byte[] h = null;
    private Vector i = new Vector();

    public SignedData() throws ASN1Exception, CoderException, NoSuchAlgorithmException {
        super.a = OIDs.signedData;
        setDigestAlgorithm("SHA-1");
    }

    public SignedData(ASN1Object aSN1Object) throws ASN1Exception {
        super.a = OIDs.signedData;
        fromASN1Object(aSN1Object);
    }

    public SignedData(AlgorithmIdentifier algorithmIdentifier) throws ASN1Exception, CoderException, OIDException {
        super.a = OIDs.signedData;
        setDigestAlgorithm(algorithmIdentifier);
    }

    public SignedData(String str) throws ASN1Exception, CoderException, NoSuchAlgorithmException {
        super.a = OIDs.signedData;
        if (str.toLowerCase().equals("none")) {
            return;
        }
        setDigestAlgorithm(str);
    }

    public SignedData(byte[] bArr) throws ASN1Exception, CoderException {
        super.a = OIDs.signedData;
        fromDER(bArr);
    }

    public void addCertificates(CertificateChain certificateChain) {
        if (this.d == null) {
            setCertificates(certificateChain);
        } else {
            this.d.addCertificateChain(certificateChain);
        }
    }

    @Override // com.baltimore.jpkiplus.pkcs7.content.Content, com.baltimore.jcrypto.asn1.ASN1Interface
    public void fromASN1Object(ASN1Object aSN1Object) throws ASN1Exception {
        ASN1Sequence aSN1Sequence;
        this.h = null;
        ASN1Sequence aSN1Sequence2 = (ASN1Sequence) aSN1Object;
        if (!((ASN1ObjectIdentifier) aSN1Sequence2.getComponent(0)).equals(OIDs.signedData)) {
            throw new ASN1Exception("SignedData::fromASN1Object - the ASN.1 object been parsed into the SignedData object is not a SignedData object.");
        }
        try {
            aSN1Sequence = (ASN1Sequence) DERCoder.decodeExplicit(aSN1Sequence2.getComponent(1));
        } catch (Exception unused) {
            aSN1Sequence = (ASN1Sequence) ((ASN1ContextSpecific) aSN1Sequence2.getComponent(1)).getValue();
            aSN1Sequence.setExplicit(0);
        }
        if (aSN1Sequence.taggedContext() != 2 || aSN1Sequence.taggedValue() != 0) {
            throw new ASN1Exception("SignedData::fromASN1Object - the content component of the ASN.1 Signed Data object is not  explicitly tagged 0.");
        }
        if (((ASN1Integer) aSN1Sequence.getComponent(0)).getIntValue() != 1) {
            throw new ASN1Exception("SignedData::fromASN1Object - the version the ASN.1 Signed Data object is not 1.");
        }
        ASN1SetOf aSN1SetOf = (ASN1SetOf) aSN1Sequence.getComponent(1);
        int i = 0;
        this.i.removeAllElements();
        while (i < aSN1SetOf.getNumberOfComponents()) {
            int i2 = i;
            i++;
            this.i.addElement(new AlgorithmIdentifier(aSN1SetOf.getComponent(i2)));
        }
        ASN1Sequence aSN1Sequence3 = (ASN1Sequence) aSN1Sequence.getComponent(2);
        try {
            Content content = (Content) PKIOIDs.getInstance((ASN1ObjectIdentifier) aSN1Sequence3.getComponent(0), "Content");
            setContent(content);
            if (aSN1Sequence3.getNumberOfComponents() > 1) {
                content.fromASN1Object(aSN1Sequence3);
            }
            try {
                ASN1SetOf aSN1SetOf2 = (ASN1SetOf) DERCoder.decodeImplicit(aSN1Sequence.getComponent(3), ASN1.SET);
                int i3 = aSN1SetOf2 != null ? 3 + 1 : 3;
                if (aSN1SetOf2.taggedContext() == 1 && aSN1SetOf2.taggedValue() == 0) {
                    setCertificates(new CertificateChain(aSN1SetOf2));
                    aSN1SetOf2 = (ASN1SetOf) DERCoder.decodeImplicit(aSN1Sequence.getComponent(i3), ASN1.SET);
                    if (aSN1SetOf2 != null) {
                        i3++;
                    }
                }
                if (aSN1SetOf2 != null && aSN1SetOf2.taggedContext() == 1 && aSN1SetOf2.taggedValue() == 1) {
                    this.f.removeAllElements();
                    for (int i4 = 0; i4 < aSN1SetOf2.getNumberOfComponents(); i4++) {
                        JCRYPTO_X509CRL jcrypto_x509crl = new JCRYPTO_X509CRL();
                        jcrypto_x509crl.fromASN1Object(aSN1SetOf2.getComponent(i4));
                        this.f.addElement(jcrypto_x509crl);
                    }
                    aSN1SetOf2 = (ASN1SetOf) aSN1Sequence.getComponent(i3);
                }
                ASN1SetOf aSN1SetOf3 = aSN1SetOf2;
                int i5 = 0;
                this.g.removeAllSignerInfoObjects();
                while (i5 < aSN1SetOf3.getNumberOfComponents()) {
                    int i6 = i5;
                    i5++;
                    this.g.addSignerInfo(new SignerInfo(aSN1SetOf3.getComponent(i6)));
                }
            } catch (CoderException e) {
                throw new ASN1Exception(new StringBuffer("DERCoder.decodeImplicit(): ").append(e).toString());
            }
        } catch (OIDException e2) {
            throw new ASN1Exception(new StringBuffer("PKIOIDs.getInstance(): ").append(e2).toString());
        }
    }

    @Override // com.baltimore.jcrypto.coders.DERInterface
    public void fromDER(byte[] bArr) throws ASN1Exception, CoderException {
        fromASN1Object(BERCoder.decode(bArr));
        try {
            byte[] component = DERCoder.getComponent(DERCoder.getComponent(DERCoder.getComponent(bArr, 1), 0), 3);
            component[0] = 49;
            this.d = new CertificateChain(component);
        } catch (Exception unused) {
        }
        this.h = bArr;
    }

    public CertificateChain getCertificates() {
        return this.d;
    }

    public Content getContent() {
        return this.c;
    }

    public Vector getCrls() {
        return this.f;
    }

    @Override // com.baltimore.jpkiplus.pkcs7.content.Content
    public MessageDigest getDigest() {
        return super.e;
    }

    public AlgorithmIdentifier getDigestAlgorithm() {
        return this.b;
    }

    public byte[] getSignature() {
        return null;
    }

    public byte[] getSignature(JCRYPTO_X509Certificate jCRYPTO_X509Certificate) throws PKCSException {
        if (jCRYPTO_X509Certificate == null) {
            return null;
        }
        try {
            if (this.g.getSignerInfo(new IssuerAndSerialNumber(new Name(jCRYPTO_X509Certificate.getIssuerDN()), jCRYPTO_X509Certificate.getSerialNumberMPA())) == null) {
                throw new PKCSException("SignedData::getSignature(certificate)");
            }
            return this.e.getEncryptedDigestInfo();
        } catch (Exception e) {
            throw new PKCSException(e.getMessage());
        }
    }

    public AlgorithmIdentifier getSignatureAlgorithm() {
        return null;
    }

    public AlgorithmIdentifier getSignatureAlgorithm(JCRYPTO_X509Certificate jCRYPTO_X509Certificate) throws PKCSException {
        if (jCRYPTO_X509Certificate == null) {
            return null;
        }
        try {
            if (this.g.getSignerInfo(new IssuerAndSerialNumber(new Name(jCRYPTO_X509Certificate.getIssuerDN()), jCRYPTO_X509Certificate.getSerialNumberMPA())) == null) {
                throw new PKCSException("SignedData::getSignatureAlgorithm(certificate)");
            }
            return this.e.getDigestAlgorithm();
        } catch (Exception e) {
            throw new PKCSException(e.getMessage());
        }
    }

    public SignerInfo getSignerInfo() {
        return this.g.getSignerInfo();
    }

    public JCRYPTO_X509Certificate getSigningCertificate() {
        return this.d.getCertificate(this.g.getSignerInfo().getIssuerAndSerialNumber());
    }

    public byte[] getTBSData() throws CoderException, ASN1Exception {
        return null;
    }

    public byte[] getTBSData(JCRYPTO_X509Certificate jCRYPTO_X509Certificate) throws Exception {
        byte[] bArr = null;
        MessageDigest messageDigest = null;
        SignerInfo signerInfo = this.g.getSignerInfo(new IssuerAndSerialNumber(new Name(jCRYPTO_X509Certificate.getIssuerDN()), jCRYPTO_X509Certificate.getSerialNumberMPA()));
        if (this.e == null) {
            throw new PKCSException("SignedData::getTBSData");
        }
        this.e = signerInfo;
        setDigestAlgorithm(signerInfo.getDigestAlgorithm());
        this.e.setContent(getContent());
        this.e.setDigest(getDigest());
        super.e.reset();
        if (!this.c.getContentType().equals(OIDs.data)) {
            throw new PKCSException("SignedData::verify(Content content) - only the Data content type is supported.");
        }
        super.e.update(((Data) this.c).getData());
        if (this.e.getAuthenticatedAttributes() != null) {
            super.e.update(DERCoder.encode(this.e.getAuthenticatedAttributes()));
            messageDigest.digest();
            messageDigest.reset();
        } else {
            bArr = null;
        }
        return bArr;
    }

    public boolean isSigned() {
        return false;
    }

    private void a() throws CoderException, IOException, ASN1Exception {
        ASN1SetOf aSN1SetOf = new ASN1SetOf(ASN1.SEQUENCE);
        for (int i = 0; i < this.i.size(); i++) {
            aSN1SetOf.addComponent((AlgorithmIdentifier) this.i.elementAt(i));
        }
        super.c = DERCoder.encode(aSN1SetOf);
        super.b.write(super.c, 0, super.c.length);
        this.c.getBERStream().writeTo(super.b);
        super.b.write(0);
        super.b.write(0);
        if (!this.c.isContentNull()) {
            super.b.write(0);
            super.b.write(0);
        }
        super.c = DERCoder.encode(this.d.toASN1Object());
        super.c[0] = -96;
        super.b.write(super.c, 0, super.c.length);
        if (this.f.size() != 0) {
            ASN1SetOf aSN1SetOf2 = new ASN1SetOf(ASN1.SEQUENCE);
            for (int i2 = 0; i2 < this.f.size(); i2++) {
                aSN1SetOf2.addComponent((JCRYPTO_X509CRL) this.f.elementAt(i2));
            }
            super.c = DERCoder.encode(aSN1SetOf2);
            super.c[0] = -95;
            super.b.write(super.c, 0, super.c.length);
        }
        ASN1SetOf aSN1SetOf3 = new ASN1SetOf(ASN1.SEQUENCE);
        int i3 = 0;
        SignerInfo[] signerInfos = this.g.getSignerInfos();
        while (i3 < signerInfos.length) {
            int i4 = i3;
            i3++;
            aSN1SetOf3.addComponent(signerInfos[i4]);
        }
        super.c = DERCoder.encode(aSN1SetOf3);
        super.b.write(super.c, 0, super.c.length);
        super.b.write(0);
        super.b.write(0);
        super.b.write(0);
        super.b.write(0);
        super.b.write(0);
        super.b.write(0);
    }

    public void setCRLs(JCRYPTO_X509CRL jcrypto_x509crl) {
        this.f.addElement(jcrypto_x509crl);
    }

    public void setCertificates(CertificateChain certificateChain) {
        this.d = certificateChain;
    }

    public void setClearSigned(boolean z) {
        if (z) {
            this.c.setContentNull();
        }
    }

    public void setContent(Content content) {
        this.c = content;
        this.c.setDigest(super.e);
    }

    public void setContentInfo(ContentInfo contentInfo) {
        this.c = contentInfo.getContent();
        this.c.setDigest(super.e);
    }

    @Override // com.baltimore.jpkiplus.pkcs7.content.Content
    public void setDigest(MessageDigest messageDigest) {
        super.e = messageDigest;
    }

    public void setDigestAlgorithm(AlgorithmIdentifier algorithmIdentifier) throws CoderException, OIDException, ASN1Exception {
        this.b = algorithmIdentifier;
        this.i.addElement(algorithmIdentifier);
        String stringFromOID = OIDs.getStringFromOID(algorithmIdentifier.getAlgorithm());
        if (stringFromOID == null) {
            throw new ASN1Exception("EncryptedData::fromASN1Object(ASN1Object) - The Signature Algorithm is not one of the available signature algorithms.");
        }
        try {
            setDigest(MessageDigest.getInstance(stringFromOID));
            b();
        } catch (NoSuchAlgorithmException e) {
            throw new OIDException(e.getMessage());
        }
    }

    public void setDigestAlgorithm(String str) throws NoSuchAlgorithmException, CoderException, ASN1Exception {
        if (str.toLowerCase().equals("md2")) {
            this.b = AlgorithmIdentifier.md2;
        } else if (str.toLowerCase().equals("md5")) {
            this.b = AlgorithmIdentifier.md5;
        } else if (str.toLowerCase().equals("sha1") || str.toLowerCase().equals("sha-1")) {
            this.b = AlgorithmIdentifier.sha1;
        }
        this.i.addElement(this.b);
        setDigest(MessageDigest.getInstance(str.toUpperCase()));
        b();
    }

    public void setSignature(byte[] bArr) {
    }

    public void setSignature(byte[] bArr, JCRYPTO_X509Certificate jCRYPTO_X509Certificate) throws PKCSException {
        if (jCRYPTO_X509Certificate != null) {
            try {
                if (this.g.addEncryptedDigest(new IssuerAndSerialNumber(new Name(jCRYPTO_X509Certificate.getIssuerDN()), jCRYPTO_X509Certificate.getSerialNumberMPA()), bArr)) {
                } else {
                    throw new PKCSException("SignedData::setSignature( bytes, certificate)");
                }
            } catch (Exception e) {
                throw new PKCSException(e.getMessage());
            }
        }
    }

    public void setSignatureAlgorithm(AlgorithmIdentifier algorithmIdentifier) {
    }

    public void setSignerInfo(SignerInfo signerInfo) {
        this.e = signerInfo;
        this.e.setDigestAlgorithm(getDigestAlgorithm());
        this.e.setContent(this.c);
        this.e.setDigest(super.e);
        this.g.addSignerInfo(signerInfo);
    }

    private void b() throws CoderException, ASN1Exception {
        super.d = false;
        super.b = new ByteArrayOutputStream();
        super.b.write(48);
        super.b.write(-128);
        super.c = DERCoder.encode(super.a);
        super.b.write(super.c, 0, super.c.length);
        super.b.write(160);
        super.b.write(-128);
        super.b.write(48);
        super.b.write(-128);
        super.c = DERCoder.encode(new ASN1Integer(this.a));
        super.b.write(super.c, 0, super.c.length);
    }

    public void sign(PrivateKey privateKey) throws Exception {
        this.e.sign(privateKey);
        a();
    }

    @Override // com.baltimore.jpkiplus.pkcs7.content.Content, com.baltimore.jcrypto.asn1.ASN1Interface
    public ASN1Object toASN1Object() throws ASN1Exception {
        ASN1Sequence aSN1Sequence = new ASN1Sequence();
        aSN1Sequence.addComponent(super.a);
        ASN1Sequence aSN1Sequence2 = new ASN1Sequence();
        aSN1Sequence2.addComponent(new ASN1Integer(this.a));
        ASN1SetOf aSN1SetOf = new ASN1SetOf(ASN1.SEQUENCE);
        for (int i = 0; i < this.i.size(); i++) {
            aSN1SetOf.addComponent((AlgorithmIdentifier) this.i.elementAt(i));
        }
        aSN1Sequence2.addComponent(aSN1SetOf);
        aSN1Sequence2.addComponent(this.c);
        int i2 = 3;
        if (this.d != null) {
            aSN1Sequence2.addComponent(this.d.toASN1Object());
            i2 = 3 + 1;
            aSN1Sequence2.setComponentImplicit(3, 0);
        }
        if (this.f.size() != 0) {
            ASN1SetOf aSN1SetOf2 = new ASN1SetOf(ASN1.SEQUENCE);
            for (int i3 = 0; i3 < this.f.size(); i3++) {
                aSN1SetOf2.addComponent((JCRYPTO_X509CRL) this.f.elementAt(i3));
            }
            aSN1Sequence2.addComponent(aSN1SetOf2);
            int i4 = i2;
            int i5 = i2 + 1;
            aSN1Sequence2.setComponentImplicit(i4, 1);
        }
        ASN1SetOf aSN1SetOf3 = new ASN1SetOf(ASN1.SEQUENCE);
        SignerInfo[] signerInfos = this.g.getSignerInfos();
        int i6 = 0;
        while (i6 < signerInfos.length) {
            int i7 = i6;
            i6++;
            aSN1SetOf3.addComponent(signerInfos[i7]);
        }
        aSN1Sequence2.addComponent(aSN1SetOf3);
        aSN1Sequence.addComponent(aSN1Sequence2);
        aSN1Sequence.setComponentExplicit(1, 0);
        aSN1Sequence.setBERBytes(this.h);
        return aSN1Sequence;
    }

    public boolean verify() throws Exception {
        boolean z = false;
        for (SignerInfo signerInfo : this.g.getSignerInfos()) {
            this.e = signerInfo;
            setDigestAlgorithm(signerInfo.getDigestAlgorithm());
            this.e.setContent(getContent());
            this.e.setDigest(getDigest());
            super.e.reset();
            if (!this.c.getContentType().equals(OIDs.data)) {
                throw new PKCSException("SignedData::verify(Content content) - only the Data content type is supported.");
            }
            super.e.update(((Data) this.c).getData());
            if (signerInfo == null) {
                throw new Exception("SignedData::verify() - the SignerInfo for this SignedData object is null.");
            }
            IssuerAndSerialNumber issuerAndSerialNumber = signerInfo.getIssuerAndSerialNumber();
            if (this.d.getNumberOfCerts() == 0) {
                throw new Exception("SignedData::verify() - there is no certificate chain for this object.");
            }
            JCRYPTO_X509Certificate certificate = this.d.getCertificate(issuerAndSerialNumber);
            if (certificate == null) {
                throw new Exception(new StringBuffer("SignedData::verify() - cannot find a cert in the cert chain that corresponds with the following IssuerAndSerialNumber ").append(issuerAndSerialNumber).toString());
            }
            z = verify(certificate);
            if (!z) {
                throw new Exception("SignedData::verify() - SignerInfo doesnt verify");
            }
        }
        return z;
    }

    public boolean verify(Content content) throws Exception {
        return verify(content, this.g.getSignerInfo());
    }

    public boolean verify(Content content, SignerInfo signerInfo) throws Exception {
        setDigestAlgorithm(signerInfo.getDigestAlgorithm());
        this.c = content;
        super.e.reset();
        if (!content.getContentType().equals(OIDs.data)) {
            throw new PKCSException("SignedData::verify(Content content) - only the Data content type is supported.");
        }
        super.e.update(((Data) content).getData());
        if (this.d.getNumberOfCerts() == 0) {
            throw new Exception("SignedData::verify() - there is no certificate chain for this object.");
        }
        IssuerAndSerialNumber issuerAndSerialNumber = signerInfo.getIssuerAndSerialNumber();
        JCRYPTO_X509Certificate certificate = this.d.getCertificate(issuerAndSerialNumber);
        if (certificate == null) {
            throw new Exception(new StringBuffer("SignedData::verify() - cannot find a cert in the cert chain that corresponds with the following IssuerAndSerialNumber ").append(issuerAndSerialNumber).toString());
        }
        return verify(certificate.getPublicKey(), signerInfo);
    }

    public boolean verify(JCRYPTO_X509Certificate jCRYPTO_X509Certificate) throws Exception {
        if (this.e == null) {
            IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(jCRYPTO_X509Certificate);
            SignerInfo signerInfo = this.g.getSignerInfo(issuerAndSerialNumber);
            if (signerInfo == null) {
                throw new PKCSException(new StringBuffer("SignedData::verify() - cannot find a cert in the cert chain that corresponds with the following IssuerAndSerialNumber ").append(issuerAndSerialNumber).toString());
            }
            this.e = signerInfo;
            setDigestAlgorithm(signerInfo.getDigestAlgorithm());
            this.e.setContent(getContent());
            this.e.setDigest(getDigest());
            super.e.reset();
            if (!this.c.getContentType().equals(OIDs.data)) {
                throw new PKCSException("SignedData::verify(Content content) - only the Data content type is supported.");
            }
            super.e.update(((Data) this.c).getData());
        }
        return verify(jCRYPTO_X509Certificate.getPublicKey(), (SignerInfo) null);
    }

    public boolean verify(PublicKey publicKey, SignerInfo signerInfo) throws Exception {
        if (signerInfo == null) {
            if (this.e != null) {
                return this.e.verify(publicKey);
            }
            throw new Exception("SignedData::verify(PublicKey pubKey) - the SignerInfo for this SignedData object is null.");
        }
        this.e = signerInfo;
        this.e.setDigestAlgorithm(signerInfo.getDigestAlgorithm());
        this.e.setContent(getContent());
        this.e.setDigest(getDigest());
        return this.e.verify(publicKey);
    }
}
