package cn.eseals.seal.data.gm;

import cn.eseals.certificate.CertificateAuthority;
import cn.eseals.crypto.ICryptoProvider;
import cn.eseals.crypto.IHash;
import cn.eseals.crypto.ISignature;
import cn.eseals.data.ex.DerEncoding;
import cn.eseals.data.ex.DerMember;
import cn.eseals.data.ex.DerObject;
import cn.eseals.security.spec.CommonAlgorithmId;
import java.util.Arrays;
import java.util.Date;

@DerObject
/* loaded from: input_file:cn/eseals/seal/data/gm/SesSignature.class */
public class SesSignature {

    @DerMember(index = 0)
    private TbsSign toSign;

    @DerMember(index = 1)
    private byte[] signData;

    public SesSignature(TbsSign tbsSign, byte[] bArr) {
        this.toSign = tbsSign;
        this.signData = bArr;
    }

    public SesSignature() {
    }

    public TbsSign getToSign() {
        return this.toSign;
    }

    public byte[] getSignData() {
        return this.signData;
    }

    public void verify(byte[] bArr, CertificateAuthority certificateAuthority) throws Exception {
        String str;
        Date date = (Date) DerEncoding.decode(this.toSign.getTimeInfo(), Date.class);
        ICryptoProvider iCryptoProvider = ICryptoProvider.getInstance("default");
        verify(iCryptoProvider);
        this.toSign.getCert().verify(date, certificateAuthority);
        String sigAlgName = this.toSign.getCert().getSigAlgName();
        if (sigAlgName.equals("SM3withSM2")) {
            str = CommonAlgorithmId.ALGORITHM_SM3;
        } else {
            if (!sigAlgName.equals(CommonAlgorithmId.ALGORITHM_SHA1WITHRSA)) {
                throw new Exception("未知的算法：" + sigAlgName);
            }
            str = "SHA1";
        }
        IHash createHash = iCryptoProvider.createHash(str);
        createHash.update(bArr);
        if (!Arrays.equals(createHash.doFinal(), this.toSign.getDataHash())) {
            throw new Exception("文档内容已被篡改，印章《" + this.toSign.getSeal().getSealInfo().getProperty().getName() + "》验证失败。");
        }
        this.toSign.getSeal().verify(date, certificateAuthority);
        if (!this.toSign.isValidSigner()) {
            throw new Exception("不是合法的签章者。");
        }
    }

    public void verify() throws Exception {
        verify(ICryptoProvider.getInstance("default"));
    }

    public void verify(ICryptoProvider iCryptoProvider) throws Exception {
        ISignature createVerifier = this.toSign.getCert().createVerifier(iCryptoProvider);
        createVerifier.update(DerEncoding.encode(this.toSign));
        createVerifier.verify(this.signData);
    }
}
