package com.formosoft.jpki.util;

import com.formosoft.jpki.asn1.ASN1OctetString;
import com.formosoft.jpki.oid.ObjectIdentifier;
import com.formosoft.jpki.pkcs7.IssuerAndSerialNumber;
import com.formosoft.jpki.pkcs7.PKCS7;
import com.formosoft.jpki.pkcs7.SignedData;
import com.formosoft.jpki.pkcs7.SignerInfo;
import com.formosoft.jpki.security.BadPaddingException;
import com.formosoft.jpki.security.CRLInvalidException;
import com.formosoft.jpki.security.CRLNotValidException;
import com.formosoft.jpki.security.CertificateInvalidException;
import com.formosoft.jpki.security.CertificateNotValidException;
import com.formosoft.jpki.security.CertificateRevokedException;
import com.formosoft.jpki.security.SignatureVerifyException;
import com.formosoft.jpki.x500.X500Attribute;
import com.formosoft.jpki.x500.X500Name;
import com.formosoft.jpki.x500.X500RDN;
import com.formosoft.jpki.x509.SetOfX509Algorithm;
import com.formosoft.jpki.x509.X509Algorithm;
import com.formosoft.jpki.x509.X509Certificate;
import com.formosoft.jpki.x509.store.X509Store;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;

/* loaded from: input_file:com/formosoft/jpki/util/SignatureUtil.class */
public class SignatureUtil {
    protected X509Certificate signCert;
    protected ObjectIdentifier signAlgor;
    protected ObjectIdentifier digestAlgor;
    protected boolean detached;
    protected ByteArrayOutputStream bo;
    protected Signature sig;
    protected PKCS7 signature;
    protected boolean isUpdating;
    protected X509Store store;
    protected Date validDate;
    protected Map hmds;
    protected Collection mds;
    protected List signers;

    public SignatureUtil(X509Certificate x509Certificate, PrivateKey privateKey, String str, String str2) throws NoSuchAlgorithmException, InvalidKeyException {
        this.detached = true;
        this.isUpdating = false;
        this.sig = Signature.getInstance(str);
        this.sig.initSign(privateKey);
        this.signCert = x509Certificate;
        this.digestAlgor = JCAAlgorithm.getObjectIdentifier(str2);
        this.signAlgor = JCAAlgorithm.getObjectIdentifier(privateKey.getAlgorithm());
    }

    public SignatureUtil(PKCS7 pkcs7) throws SignatureVerifyException, NoSuchAlgorithmException, SignatureException, IOException {
        this.detached = true;
        this.isUpdating = false;
        this.signature = pkcs7;
        if (pkcs7.getType() != 2) {
            throw new SignatureVerifyException(new StringBuffer().append("Invalid PKCS7 type - ").append(pkcs7.getType()).toString(), 3);
        }
        SignedData signedData = pkcs7.getSignedData();
        this.hmds = new HashMap();
        SetOfX509Algorithm digestAlgorithms = signedData.getDigestAlgorithms();
        if (digestAlgorithms == null) {
            throw new SignatureVerifyException("No digest algorithm specified", 2);
        }
        for (int i = 0; i < digestAlgorithms.size(); i++) {
            ObjectIdentifier algorithm = digestAlgorithms.getAlgorithm(i).getAlgorithm();
            this.hmds.put(algorithm, MessageDigest.getInstance(JCAAlgorithm.getAlgorithm(algorithm)));
        }
        this.mds = this.hmds.values();
        this.validDate = new Date();
        this.isUpdating = false;
    }

    public void update(byte b) throws SignatureException, IOException {
        if (this.sig != null) {
            this.sig.update(b);
            if (!this.detached) {
                this.bo.write(b);
            }
        } else {
            Iterator it = this.mds.iterator();
            while (it.hasNext()) {
                ((MessageDigest) it.next()).update(b);
            }
        }
        this.isUpdating = true;
    }

    public void update(byte[] bArr) throws SignatureException, IOException {
        if (this.sig != null) {
            this.sig.update(bArr);
            if (!this.detached) {
                this.bo.write(bArr);
            }
        } else {
            Iterator it = this.mds.iterator();
            while (it.hasNext()) {
                ((MessageDigest) it.next()).update(bArr);
            }
        }
        this.isUpdating = true;
    }

    public void update(byte[] bArr, int i, int i2) throws SignatureException, IOException {
        if (this.sig != null) {
            this.sig.update(bArr, i, i2);
            if (!this.detached) {
                this.bo.write(bArr, i, i2);
            }
        } else {
            Iterator it = this.mds.iterator();
            while (it.hasNext()) {
                ((MessageDigest) it.next()).update(bArr, i, i2);
            }
        }
        this.isUpdating = true;
    }

    public void setStore(X509Store x509Store) {
        this.store = x509Store;
    }

    public void setDate(Date date) {
        this.validDate = date;
    }

    public void setDetached(boolean z) {
        this.detached = z;
        if (z) {
            return;
        }
        this.bo = new ByteArrayOutputStream();
    }

    public PKCS7 sign() throws SignatureException {
        SignerInfo signerInfo = new SignerInfo(1, new IssuerAndSerialNumber(this.signCert.getIssuer(), this.signCert.getSerialNumber()), null, new X509Algorithm(this.digestAlgor), new X509Algorithm(this.signAlgor), this.sig.sign(), null);
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.signCert);
        if (this.store != null) {
            arrayList.addAll(this.store.getCertPath(this.signCert));
        }
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(signerInfo);
        ArrayList arrayList3 = new ArrayList();
        arrayList3.add(new X509Algorithm(this.digestAlgor));
        return new PKCS7(new SignedData(arrayList3, new PKCS7(this.detached ? new ASN1OctetString(new byte[0]) : new ASN1OctetString(this.bo.toByteArray())), arrayList, null, arrayList2));
    }

    public boolean verify() throws SignatureVerifyException, CertificateNotValidException, CertificateInvalidException, BadPaddingException, InvalidKeyException, SignatureException, CertificateRevokedException, NoSuchProviderException {
        try {
            return verify(false);
        } catch (CRLInvalidException e) {
            throw new SignatureVerifyException("CRLInvalidException  unexpected", 1);
        } catch (CRLNotValidException e2) {
            throw new SignatureVerifyException("CRLNotValidException unexpected", 1);
        }
    }

    public boolean verifyFull() throws SignatureVerifyException, CertificateNotValidException, CertificateInvalidException, CRLNotValidException, CRLInvalidException, BadPaddingException, InvalidKeyException, SignatureException, CertificateRevokedException, NoSuchProviderException {
        return verify(true);
    }

    /* JADX WARN: Code restructure failed: missing block: B:103:0x0399, code lost:
    
        throw new com.formosoft.jpki.security.CertificateInvalidException(new java.lang.StringBuffer().append("Certificate ").append(r25.getSubject()).append(" verified fail.").toString());
     */
    /* JADX WARN: Code restructure failed: missing block: B:95:0x0491, code lost:
    
        throw new com.formosoft.jpki.security.CRLInvalidException(new java.lang.StringBuffer().append("CRL issued by ").append(r27.getIssuer()).append(" verified fail.").toString());
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected boolean verify(boolean r6) throws com.formosoft.jpki.security.SignatureVerifyException, com.formosoft.jpki.security.CertificateNotValidException, com.formosoft.jpki.security.CertificateInvalidException, com.formosoft.jpki.security.CRLNotValidException, com.formosoft.jpki.security.CRLInvalidException, com.formosoft.jpki.security.BadPaddingException, java.security.InvalidKeyException, java.security.SignatureException, com.formosoft.jpki.security.CertificateRevokedException, java.security.NoSuchProviderException {
        /*
            Method dump skipped, instructions count: 1443
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.formosoft.jpki.util.SignatureUtil.verify(boolean):boolean");
    }

    public List getSignerCertificates() {
        return this.signers;
    }

    public static boolean validateSubject(X509Certificate x509Certificate, String str) throws ParseException {
        X500Name x500Name = new X500Name(str);
        X500Name subject = x509Certificate.getSubject();
        ArrayList<X500Attribute> arrayList = new ArrayList();
        for (int i = 0; i < x500Name.size(); i++) {
            X500RDN rdn = x500Name.getRDN(i);
            for (int i2 = 0; i2 < rdn.size(); i2++) {
                arrayList.add(rdn.getAttribute(i2));
            }
        }
        HashMap hashMap = new HashMap();
        for (int i3 = 0; i3 < subject.size(); i3++) {
            X500RDN rdn2 = subject.getRDN(i3);
            for (int i4 = 0; i4 < rdn2.size(); i4++) {
                X500Attribute attribute = rdn2.getAttribute(i4);
                Set set = (Set) hashMap.get(attribute.getType());
                if (set == null) {
                    set = new HashSet();
                    hashMap.put(attribute.getType(), set);
                }
                set.add(attribute.getValue());
            }
        }
        for (X500Attribute x500Attribute : arrayList) {
            Set set2 = (Set) hashMap.get(x500Attribute.getType());
            if (set2 == null) {
                return false;
            }
            Iterator it = set2.iterator();
            String value = x500Attribute.getValue();
            boolean z = false;
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                String str2 = (String) it.next();
                int length = value.length();
                int i5 = value.startsWith("*") ? 0 + 1 : 0;
                if (value.endsWith("*")) {
                    length--;
                }
                if (i5 != 0 || length != value.length()) {
                    String substring = value.substring(i5, length);
                    if (i5 != 0) {
                        if (length != 0) {
                            if (str2.indexOf(substring) >= 0) {
                                z = true;
                                break;
                            }
                        } else {
                            if (str2.endsWith(substring)) {
                                z = true;
                                break;
                            }
                        }
                    } else {
                        if (str2.startsWith(substring)) {
                            z = true;
                            break;
                        }
                    }
                } else if (str2.equals(value)) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                return false;
            }
        }
        return true;
    }
}
