package org.bouncycastle.jce;

import com.itextpdf.text.pdf.security.SecurityConstants;
import com.itextpdf.text.pdf.security.SecurityIDs;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.pkcs.ContentInfo;
import org.bouncycastle.asn1.pkcs.IssuerAndSerialNumber;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.SignedData;
import org.bouncycastle.asn1.pkcs.SignerInfo;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.CertificateList;
import org.bouncycastle.asn1.x509.X509CertificateStructure;
import org.bouncycastle.asn1.x509.X509Name;
import org.bouncycastle.jce.provider.X509CRLObject;
import org.bouncycastle.jce.provider.X509CertificateObject;

/* loaded from: classes5.dex */
public class PKCS7SignedData implements PKCSObjectIdentifiers {
    private X509Certificate Z2;
    private byte[] a3;
    private String b3;

    /* renamed from: c, reason: collision with root package name */
    private int f22028c;
    private String c3;

    /* renamed from: d, reason: collision with root package name */
    private int f22029d;
    private Signature d3;
    private transient PrivateKey e3;
    private final String f3;
    private final String g3;
    private final String h3;
    private final String i3;
    private final String j3;
    private final String k3;
    private final String l3;
    private Set q;
    private Collection x;
    private Collection y;

    public PKCS7SignedData(PrivateKey privateKey, Certificate[] certificateArr, String str) throws SecurityException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException {
        this(privateKey, certificateArr, str, "BC");
    }

    public PKCS7SignedData(PrivateKey privateKey, Certificate[] certificateArr, String str, String str2) throws SecurityException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException {
        this(privateKey, certificateArr, null, str, str2);
    }

    public PKCS7SignedData(PrivateKey privateKey, Certificate[] certificateArr, CRL[] crlArr, String str, String str2) throws SecurityException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException {
        this.f3 = SecurityIDs.ID_PKCS7_DATA;
        this.g3 = SecurityIDs.ID_PKCS7_SIGNED_DATA;
        this.h3 = "1.2.840.113549.2.5";
        this.i3 = "1.2.840.113549.2.2";
        this.j3 = "1.3.14.3.2.26";
        this.k3 = SecurityIDs.ID_RSA;
        this.l3 = SecurityIDs.ID_DSA;
        this.e3 = privateKey;
        if (str.equals("MD5")) {
            this.b3 = "1.2.840.113549.2.5";
        } else if (str.equals("MD2")) {
            this.b3 = "1.2.840.113549.2.2";
        } else {
            if (!str.equals("SHA") && !str.equals(SecurityConstants.SHA1)) {
                throw new NoSuchAlgorithmException("Unknown Hash Algorithm " + str);
            }
            this.b3 = "1.3.14.3.2.26";
        }
        this.f22029d = 1;
        this.f22028c = 1;
        this.x = new ArrayList();
        this.y = new ArrayList();
        HashSet hashSet = new HashSet();
        this.q = hashSet;
        hashSet.add(this.b3);
        this.Z2 = (X509Certificate) certificateArr[0];
        for (Certificate certificate : certificateArr) {
            this.x.add(certificate);
        }
        if (crlArr != null) {
            for (CRL crl : crlArr) {
                this.y.add(crl);
            }
        }
        String algorithm = privateKey.getAlgorithm();
        this.c3 = algorithm;
        if (algorithm.equals("RSA")) {
            this.c3 = SecurityIDs.ID_RSA;
        } else {
            if (!this.c3.equals(SecurityConstants.DSA)) {
                throw new NoSuchAlgorithmException("Unknown Key Algorithm " + this.c3);
            }
            this.c3 = SecurityIDs.ID_DSA;
        }
        Signature signature = Signature.getInstance(c(), str2);
        this.d3 = signature;
        signature.initSign(privateKey);
    }

    public PKCS7SignedData(byte[] bArr) throws SecurityException, CRLException, InvalidKeyException, CertificateException, NoSuchProviderException, NoSuchAlgorithmException {
        this(bArr, "BC");
    }

    public PKCS7SignedData(byte[] bArr, String str) throws SecurityException, CRLException, InvalidKeyException, CertificateException, NoSuchProviderException, NoSuchAlgorithmException {
        this.f3 = SecurityIDs.ID_PKCS7_DATA;
        this.g3 = SecurityIDs.ID_PKCS7_SIGNED_DATA;
        this.h3 = "1.2.840.113549.2.5";
        this.i3 = "1.2.840.113549.2.2";
        this.j3 = "1.3.14.3.2.26";
        this.k3 = SecurityIDs.ID_RSA;
        this.l3 = SecurityIDs.ID_DSA;
        try {
            DERObject d2 = new ASN1InputStream(new ByteArrayInputStream(bArr)).d();
            if (!(d2 instanceof ASN1Sequence)) {
                throw new SecurityException("Not a valid PKCS#7 object - not a sequence");
            }
            ContentInfo a2 = ContentInfo.a(d2);
            if (!a2.e().equals(PKCSObjectIdentifiers.G0)) {
                throw new SecurityException("Not a valid PKCS#7 signed-data object - wrong header " + a2.e().d());
            }
            SignedData a3 = SignedData.a(a2.d());
            this.x = new ArrayList();
            if (a3.e() != null) {
                Enumeration d3 = ASN1Set.a((Object) a3.e()).d();
                while (d3.hasMoreElements()) {
                    this.x.add(new X509CertificateObject(X509CertificateStructure.a(d3.nextElement())));
                }
            }
            this.y = new ArrayList();
            if (a3.d() != null) {
                Enumeration d4 = ASN1Set.a((Object) a3.d()).d();
                while (d4.hasMoreElements()) {
                    this.y.add(new X509CRLObject(CertificateList.a(d4.nextElement())));
                }
            }
            this.f22028c = a3.i().e().intValue();
            this.q = new HashSet();
            Enumeration d5 = a3.g().d();
            while (d5.hasMoreElements()) {
                this.q.add(((DERObjectIdentifier) ((ASN1Sequence) d5.nextElement()).a(0)).d());
            }
            ASN1Set h = a3.h();
            if (h.e() != 1) {
                throw new SecurityException("This PKCS#7 object has multiple SignerInfos - only one is supported at this time");
            }
            SignerInfo a4 = SignerInfo.a(h.a(0));
            this.f22029d = a4.j().e().intValue();
            IssuerAndSerialNumber h2 = a4.h();
            BigInteger e2 = h2.d().e();
            X509Principal x509Principal = new X509Principal(h2.e());
            Iterator it = this.x.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                X509Certificate x509Certificate = (X509Certificate) it.next();
                if (e2.equals(x509Certificate.getSerialNumber()) && x509Principal.equals(x509Certificate.getIssuerDN())) {
                    this.Z2 = x509Certificate;
                    break;
                }
            }
            if (this.Z2 == null) {
                throw new SecurityException("Can't find signing certificate with serial " + e2.toString(16));
            }
            this.b3 = a4.e().d().d();
            this.a3 = a4.g().d();
            this.c3 = a4.f().d().d();
            Signature signature = Signature.getInstance(c(), str);
            this.d3 = signature;
            signature.initVerify(this.Z2.getPublicKey());
        } catch (IOException unused) {
            throw new SecurityException("can't decode PKCS7SignedData object");
        }
    }

    private DERObject a(byte[] bArr) {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(bArr)).d();
            return (DERObject) aSN1Sequence.a(aSN1Sequence.a(0) instanceof DERTaggedObject ? 3 : 2);
        } catch (IOException e2) {
            throw new Error("IOException reading from ByteArray: " + e2);
        }
    }

    public Collection a() {
        return this.y;
    }

    public void a(byte b2) throws SignatureException {
        this.d3.update(b2);
    }

    public void a(byte[] bArr, int i, int i2) throws SignatureException {
        this.d3.update(bArr, i, i2);
    }

    public Certificate[] b() {
        return (X509Certificate[]) this.x.toArray(new X509Certificate[0]);
    }

    public String c() {
        String str = this.b3;
        String str2 = this.c3;
        if (str.equals("1.2.840.113549.2.5")) {
            str = "MD5";
        } else if (this.b3.equals("1.2.840.113549.2.2")) {
            str = "MD2";
        } else if (this.b3.equals("1.3.14.3.2.26")) {
            str = SecurityConstants.SHA1;
        }
        if (this.c3.equals(SecurityIDs.ID_RSA)) {
            str2 = "RSA";
        } else if (this.c3.equals(SecurityIDs.ID_DSA)) {
            str2 = SecurityConstants.DSA;
        }
        return str + "with" + str2;
    }

    public byte[] d() {
        try {
            this.a3 = this.d3.sign();
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            Iterator it = this.q.iterator();
            while (it.hasNext()) {
                aSN1EncodableVector.a(new AlgorithmIdentifier(new DERObjectIdentifier((String) it.next()), null));
            }
            DERSet dERSet = new DERSet(aSN1EncodableVector);
            DERSequence dERSequence = new DERSequence(new DERObjectIdentifier(SecurityIDs.ID_PKCS7_DATA));
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            Iterator it2 = this.x.iterator();
            while (it2.hasNext()) {
                aSN1EncodableVector2.a(new ASN1InputStream(new ByteArrayInputStream(((X509Certificate) it2.next()).getEncoded())).d());
            }
            DERSet dERSet2 = new DERSet(aSN1EncodableVector2);
            ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
            aSN1EncodableVector3.a(new DERInteger(this.f22029d));
            aSN1EncodableVector3.a(new IssuerAndSerialNumber(new X509Name((ASN1Sequence) a(this.Z2.getTBSCertificate())), new DERInteger(this.Z2.getSerialNumber())));
            aSN1EncodableVector3.a(new AlgorithmIdentifier(new DERObjectIdentifier(this.b3), new DERNull()));
            aSN1EncodableVector3.a(new AlgorithmIdentifier(new DERObjectIdentifier(this.c3), new DERNull()));
            aSN1EncodableVector3.a(new DEROctetString(this.a3));
            ASN1EncodableVector aSN1EncodableVector4 = new ASN1EncodableVector();
            aSN1EncodableVector4.a(new DERInteger(this.f22028c));
            aSN1EncodableVector4.a(dERSet);
            aSN1EncodableVector4.a(dERSequence);
            aSN1EncodableVector4.a(new DERTaggedObject(false, 0, dERSet2));
            if (this.y.size() > 0) {
                ASN1EncodableVector aSN1EncodableVector5 = new ASN1EncodableVector();
                Iterator it3 = this.y.iterator();
                while (it3.hasNext()) {
                    aSN1EncodableVector5.a(new ASN1InputStream(new ByteArrayInputStream(((X509CRL) it3.next()).getEncoded())).d());
                }
                aSN1EncodableVector4.a(new DERTaggedObject(false, 1, new DERSet(aSN1EncodableVector5)));
            }
            aSN1EncodableVector4.a(new DERSet(new DERSequence(aSN1EncodableVector3)));
            ASN1EncodableVector aSN1EncodableVector6 = new ASN1EncodableVector();
            aSN1EncodableVector6.a(new DERObjectIdentifier(SecurityIDs.ID_PKCS7_SIGNED_DATA));
            aSN1EncodableVector6.a(new DERTaggedObject(0, new DERSequence(aSN1EncodableVector4)));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
            dEROutputStream.a(new DERSequence(aSN1EncodableVector6));
            dEROutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e2) {
            throw new RuntimeException(e2.toString());
        }
    }

    public X509Certificate e() {
        return this.Z2;
    }

    public int f() {
        return this.f22029d;
    }

    public int g() {
        return this.f22028c;
    }

    public void h() {
        try {
            if (this.e3 == null) {
                this.d3.initVerify(this.Z2.getPublicKey());
            } else {
                this.d3.initSign(this.e3);
            }
        } catch (Exception e2) {
            throw new RuntimeException(e2.toString());
        }
    }

    public boolean i() throws SignatureException {
        return this.d3.verify(this.a3);
    }
}
