package CMS_samples;

import com.objsys.asn1j.runtime.Asn1BerDecodeBuffer;
import com.objsys.asn1j.runtime.Asn1BerEncodeBuffer;
import com.objsys.asn1j.runtime.Asn1Null;
import com.objsys.asn1j.runtime.Asn1ObjectIdentifier;
import com.objsys.asn1j.runtime.Asn1OctetString;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.CMSVersion;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.CertificateChoices;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.CertificateSet;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.ContentInfo;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.DigestAlgorithmIdentifier;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.DigestAlgorithmIdentifiers;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.EncapsulatedContentInfo;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.IssuerAndSerialNumber;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignatureAlgorithmIdentifier;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignatureValue;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignedData;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignerIdentifier;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignerInfo;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignerInfos;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.CertificateSerialNumber;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Name;
import ru.CryptoPro.JCP.params.OID;
import ru.CryptoPro.JCP.tools.AlgorithmUtility;
import ru.CryptoPro.JCP.tools.Array;

/* loaded from: classes.dex */
public class CMS {
    private static final String CMS_FILE = "cms_data_sgn";
    private static final String CMS_FILE_PATH = CMStools.TEST_PATH + CMStools.SEPAR + CMS_FILE + CMStools.CMS_EXT;
    private static final String CMS_FILE_PATH_2012_256 = CMStools.TEST_PATH + CMStools.SEPAR + CMS_FILE + "_2012_256" + CMStools.CMS_EXT;
    private static final String CMS_FILE_PATH_2012_512 = CMStools.TEST_PATH + CMStools.SEPAR + CMS_FILE + "_2012_512" + CMStools.CMS_EXT;
    private static final String CMS_FILE_D = "cms_data_d_sgn";
    private static final String CMS_FILE_D_PATH = CMStools.TEST_PATH + CMStools.SEPAR + CMS_FILE_D + CMStools.CMS_EXT;
    private static final String CMS_FILE_D_PATH_2012_256 = CMStools.TEST_PATH + CMStools.SEPAR + CMS_FILE_D + "_2012_256" + CMStools.CMS_EXT;
    private static final String CMS_FILE_D_PATH_2012_512 = CMStools.TEST_PATH + CMStools.SEPAR + CMS_FILE_D + "_2012_512" + CMStools.CMS_EXT;

    private CMS() {
    }

    public static byte[] CMSSign(byte[] bArr, PrivateKey privateKey, Certificate certificate, boolean z) throws Exception {
        return CMSSignEx(bArr, privateKey, certificate, z, "JCP");
    }

    public static byte[] CMSSignEx(byte[] bArr, PrivateKey privateKey, Certificate certificate, boolean z, String str) throws Exception {
        Signature signature = Signature.getInstance(AlgorithmUtility.keyAlgToSignatureOid(privateKey.getAlgorithm()), str);
        signature.initSign(privateKey);
        signature.update(bArr);
        return createCMSEx(bArr, signature.sign(), certificate, z);
    }

    public static void CMSVerify(byte[] bArr, Certificate certificate, byte[] bArr2) throws Exception {
        CMSVerifyEx(bArr, certificate, bArr2, "JCP");
    }

    public static void CMSVerifyEx(byte[] bArr, Certificate certificate, byte[] bArr2, String str) throws Exception {
        String algorithm = certificate.getPublicKey().getAlgorithm();
        String keyAlgToDigestOid = AlgorithmUtility.keyAlgToDigestOid(algorithm);
        String keyAlgToSignatureOid = AlgorithmUtility.keyAlgToSignatureOid(algorithm);
        Asn1BerDecodeBuffer asn1BerDecodeBuffer = new Asn1BerDecodeBuffer(bArr);
        ContentInfo contentInfo = new ContentInfo();
        contentInfo.decode(asn1BerDecodeBuffer);
        if (!new OID(CMStools.STR_CMS_OID_SIGNED).eq(contentInfo.contentType.value)) {
            throw new Exception("Not supported");
        }
        SignedData signedData = (SignedData) contentInfo.content;
        if (signedData.version.value != 1) {
            throw new Exception("Incorrect version");
        }
        if (!new OID(CMStools.STR_CMS_OID_DATA).eq(signedData.encapContentInfo.eContentType.value)) {
            throw new Exception("Nested not supported");
        }
        OID oid = null;
        if (bArr2 == null) {
            bArr2 = signedData.encapContentInfo.eContent != null ? signedData.encapContentInfo.eContent.value : null;
        }
        if (bArr2 == null) {
            throw new Exception("No content");
        }
        DigestAlgorithmIdentifier digestAlgorithmIdentifier = new DigestAlgorithmIdentifier(new OID(keyAlgToDigestOid).value);
        int i = 0;
        int i2 = 0;
        while (true) {
            if (i2 >= signedData.digestAlgorithms.elements.length) {
                break;
            }
            if (signedData.digestAlgorithms.elements[i2].algorithm.equals(digestAlgorithmIdentifier.algorithm)) {
                oid = new OID(signedData.digestAlgorithms.elements[i2].algorithm.value);
                break;
            }
            i2++;
        }
        if (oid == null) {
            throw new Exception("Unknown digest");
        }
        if (signedData.certificates != null) {
            while (true) {
                if (i >= signedData.certificates.elements.length) {
                    i = -1;
                    break;
                }
                Asn1BerEncodeBuffer asn1BerEncodeBuffer = new Asn1BerEncodeBuffer();
                signedData.certificates.elements[i].encode(asn1BerEncodeBuffer);
                if (Arrays.equals(asn1BerEncodeBuffer.getMsgCopy(), certificate.getEncoded())) {
                    System.out.println("Certificate: " + ((X509Certificate) certificate).getSubjectDN());
                    break;
                }
                i++;
            }
            if (i == -1) {
                throw new Exception("Not signed on certificate.");
            }
        } else if (certificate == null) {
            throw new Exception("No certificate found.");
        }
        SignerInfo signerInfo = signedData.signerInfos.elements[i];
        if (signerInfo.version.value != 1) {
            throw new Exception("Incorrect version");
        }
        if (!oid.equals(new OID(signerInfo.digestAlgorithm.algorithm.value))) {
            throw new Exception("Not signed on certificate.");
        }
        byte[] bArr3 = signerInfo.signature.value;
        Signature signature = Signature.getInstance(keyAlgToSignatureOid, str);
        signature.initVerify(certificate);
        signature.update(bArr2);
        if (!signature.verify(bArr3)) {
            throw new Exception("Invalid signature.");
        }
        if (CMStools.logger != null) {
            CMStools.logger.info("Valid signature");
        }
    }

    public static byte[] createCMS(byte[] bArr, byte[] bArr2, Certificate certificate, boolean z) throws Exception {
        return createCMSEx(bArr, bArr2, certificate, z);
    }

    public static byte[] createCMSEx(byte[] bArr, byte[] bArr2, Certificate certificate, boolean z) throws Exception {
        String algorithm = certificate.getPublicKey().getAlgorithm();
        String keyAlgToDigestOid = AlgorithmUtility.keyAlgToDigestOid(algorithm);
        String keyAlgToKeyAlgorithmOid = AlgorithmUtility.keyAlgToKeyAlgorithmOid(algorithm);
        ContentInfo contentInfo = new ContentInfo();
        contentInfo.contentType = new Asn1ObjectIdentifier(new OID(CMStools.STR_CMS_OID_SIGNED).value);
        SignedData signedData = new SignedData();
        contentInfo.content = signedData;
        signedData.version = new CMSVersion(1L);
        signedData.digestAlgorithms = new DigestAlgorithmIdentifiers(1);
        DigestAlgorithmIdentifier digestAlgorithmIdentifier = new DigestAlgorithmIdentifier(new OID(keyAlgToDigestOid).value);
        digestAlgorithmIdentifier.parameters = new Asn1Null();
        signedData.digestAlgorithms.elements[0] = digestAlgorithmIdentifier;
        if (z) {
            signedData.encapContentInfo = new EncapsulatedContentInfo(new Asn1ObjectIdentifier(new OID(CMStools.STR_CMS_OID_DATA).value), (Asn1OctetString) null);
        } else {
            signedData.encapContentInfo = new EncapsulatedContentInfo(new Asn1ObjectIdentifier(new OID(CMStools.STR_CMS_OID_DATA).value), new Asn1OctetString(bArr));
        }
        signedData.certificates = new CertificateSet(1);
        ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Certificate certificate2 = new ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Certificate();
        certificate2.decode(new Asn1BerDecodeBuffer(certificate.getEncoded()));
        signedData.certificates.elements = new CertificateChoices[1];
        signedData.certificates.elements[0] = new CertificateChoices();
        signedData.certificates.elements[0].set_certificate(certificate2);
        signedData.signerInfos = new SignerInfos(1);
        signedData.signerInfos.elements[0] = new SignerInfo();
        signedData.signerInfos.elements[0].version = new CMSVersion(1L);
        signedData.signerInfos.elements[0].sid = new SignerIdentifier();
        X509Certificate x509Certificate = (X509Certificate) certificate;
        Asn1BerDecodeBuffer asn1BerDecodeBuffer = new Asn1BerDecodeBuffer(x509Certificate.getIssuerX500Principal().getEncoded());
        Name name = new Name();
        name.decode(asn1BerDecodeBuffer);
        signedData.signerInfos.elements[0].sid.set_issuerAndSerialNumber(new IssuerAndSerialNumber(name, new CertificateSerialNumber(x509Certificate.getSerialNumber())));
        signedData.signerInfos.elements[0].digestAlgorithm = new DigestAlgorithmIdentifier(new OID(keyAlgToDigestOid).value);
        signedData.signerInfos.elements[0].digestAlgorithm.parameters = new Asn1Null();
        signedData.signerInfos.elements[0].signatureAlgorithm = new SignatureAlgorithmIdentifier(new OID(keyAlgToKeyAlgorithmOid).value);
        signedData.signerInfos.elements[0].signatureAlgorithm.parameters = new Asn1Null();
        signedData.signerInfos.elements[0].signature = new SignatureValue(bArr2);
        Asn1BerEncodeBuffer asn1BerEncodeBuffer = new Asn1BerEncodeBuffer();
        contentInfo.encode(asn1BerEncodeBuffer, true);
        return asn1BerEncodeBuffer.getMsgCopy();
    }

    private static void main(String str, char[] cArr, String str2, String str3, String str4) throws Exception {
        byte[] readFile = Array.readFile(CMStools.DATA_FILE_PATH);
        PrivateKey loadKey = CMStools.loadKey(str, cArr);
        Certificate loadCertificate = CMStools.loadCertificate(str);
        Array.writeFile(str2, CMSSignEx(readFile, loadKey, loadCertificate, false, str4));
        CMSVerifyEx(Array.readFile(str2), loadCertificate, null, str4);
        Array.writeFile(str3, CMSSignEx(readFile, loadKey, loadCertificate, true, str4));
        CMSVerifyEx(Array.readFile(str3), loadCertificate, readFile, str4);
    }

    public static void main(String[] strArr) throws Exception {
        main(CMStools.SIGN_KEY_NAME, CMStools.SIGN_KEY_PASSWORD, CMS_FILE_PATH, CMS_FILE_D_PATH, "JCP");
        main(CMStools.SIGN_KEY_NAME_2012_256, CMStools.SIGN_KEY_PASSWORD_2012_256, CMS_FILE_PATH_2012_256, CMS_FILE_D_PATH_2012_256, "JCP");
        main(CMStools.SIGN_KEY_NAME_2012_512, CMStools.SIGN_KEY_PASSWORD_2012_512, CMS_FILE_PATH_2012_512, CMS_FILE_D_PATH_2012_512, "JCP");
    }
}
