package cn.topca.security.bc.cms;

import cn.tca.TopBasicCrypto.asn1.DEROctetString;
import cn.tca.TopBasicCrypto.cert.X509CRLHolder;
import cn.tca.TopBasicCrypto.cert.X509CertificateHolder;
import cn.tca.TopBasicCrypto.cert.jcajce.JcaCRLStore;
import cn.tca.TopBasicCrypto.cert.jcajce.JcaCertStore;
import cn.tca.TopBasicCrypto.cms.CMSException;
import cn.tca.TopBasicCrypto.cms.CMSProcessableByteArray;
import cn.tca.TopBasicCrypto.cms.CMSSignedData;
import cn.tca.TopBasicCrypto.cms.CMSSignedDataGenerator;
import cn.tca.TopBasicCrypto.cms.SignerInformation;
import cn.tca.TopBasicCrypto.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import cn.tca.TopBasicCrypto.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
import cn.tca.TopBasicCrypto.jce.provider.BouncyCastleProvider;
import cn.tca.TopBasicCrypto.operator.OperatorCreationException;
import cn.tca.TopBasicCrypto.operator.jcajce.JcaContentSignerBuilder;
import cn.tca.TopBasicCrypto.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import cn.tca.TopBasicCrypto.util.Store;
import java.io.IOException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509CRL;
import java.util.ArrayList;

/* loaded from: classes.dex */
public class CMSSignedDataUtil {
    private static Provider provider;

    static {
        provider = Security.getProvider("BC");
        if (provider == null) {
            provider = new BouncyCastleProvider();
        }
        if (provider.getVersion() != 1.46d) {
            throw new RuntimeException("needs bouncy castale v1.46");
        }
        Security.addProvider(provider);
    }

    public static CMSSignedData genCMSSignedDate(byte[] bArr, String str, PrivateKey privateKey, Certificate certificate, Certificate[] certificateArr, CRL[] crlArr, Provider provider2) throws CertificateEncodingException, IOException, OperatorCreationException, CMSException, CRLException {
        if (provider2 == null) {
            provider2 = provider;
        }
        ArrayList arrayList = new ArrayList();
        if (bArr == null) {
            bArr = new byte[0];
        }
        CMSProcessableByteArray cMSProcessableByteArray = new CMSProcessableByteArray(bArr);
        X509CertificateHolder x509CertificateHolder = new X509CertificateHolder(certificate.getEncoded());
        arrayList.add(x509CertificateHolder);
        if (certificateArr != null) {
            for (Certificate certificate2 : certificateArr) {
                arrayList.add(new X509CertificateHolder(certificate2.getEncoded()));
            }
        }
        JcaCertStore jcaCertStore = new JcaCertStore(arrayList);
        CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
        cMSSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(provider2).build()).build(privateKey != null ? new JcaContentSignerBuilder(str).setProvider(provider2).build(privateKey) : null, x509CertificateHolder));
        cMSSignedDataGenerator.addCertificates(jcaCertStore);
        if (crlArr != null) {
            ArrayList arrayList2 = new ArrayList();
            for (CRL crl : crlArr) {
                arrayList2.add(new X509CRLHolder(((X509CRL) crl).getEncoded()));
            }
            cMSSignedDataGenerator.addCRLs(new JcaCRLStore(arrayList2));
        }
        return cMSSignedDataGenerator.generate(cMSProcessableByteArray, false);
    }

    public static void verifyCMSSignedData(byte[] bArr, CMSSignedData cMSSignedData, Provider provider2) throws OperatorCreationException, CertificateException, CMSException {
        DEROctetString content = cMSSignedData.getContentInfo().getContent();
        if (content != null) {
            content.getOctets();
        }
        System.out.println(new String("plaintext"));
        if (provider2 == null) {
            provider2 = provider;
        }
        Store certificates = cMSSignedData.getCertificates();
        int i = 0;
        int i2 = 0;
        for (SignerInformation signerInformation : cMSSignedData.getSignerInfos().getSigners()) {
            if (signerInformation.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(provider2).build((X509CertificateHolder) certificates.getMatches(signerInformation.getSID()).iterator().next()))) {
                i2++;
            }
            i++;
        }
        if (i2 != i) {
            throw new CMSException(i + " signer found, but " + i2 + " is verified.");
        }
    }
}
