package com.koalii.kgsp.core.pkcs;

import com.koalii.kgsp.bc.asn1.ASN1InputStream;
import com.koalii.kgsp.bc.asn1.ASN1ObjectIdentifier;
import com.koalii.kgsp.bc.asn1.ASN1OctetString;
import com.koalii.kgsp.bc.asn1.ASN1Set;
import com.koalii.kgsp.bc.asn1.cms.Attribute;
import com.koalii.kgsp.bc.asn1.cms.ContentInfo;
import com.koalii.kgsp.bc.asn1.cms.SignedData;
import com.koalii.kgsp.bc.asn1.cms.SignerInfo;
import com.koalii.kgsp.bc.asn1.pkcs.IssuerAndSerialNumber;
import com.koalii.kgsp.bc.asn1.pkcs.PKCSObjectIdentifiers;
import com.koalii.kgsp.bc.asn1.x509.AlgorithmIdentifier;
import com.koalii.kgsp.bc.asn1.x509.Certificate;
import com.koalii.kgsp.bc.cert.X509CertificateHolder;
import com.koalii.kgsp.bc.util.encoders.Base64;
import com.koalii.kgsp.core.exception.KcErrors;
import com.koalii.kgsp.core.exception.KcException;
import com.koalii.kgsp.core.util.StringUtil;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;

/* loaded from: input_file:com/koalii/kgsp/core/pkcs/Pkcs7SignParser.class */
public class Pkcs7SignParser {
    private byte[] oriData;
    private ASN1ObjectIdentifier dataContentType;
    private ASN1ObjectIdentifier contentType;
    private List<Pkcs7SignInfo> signInfos = new ArrayList();

    /* loaded from: input_file:com/koalii/kgsp/core/pkcs/Pkcs7SignParser$Pkcs7SignInfo.class */
    public class Pkcs7SignInfo {
        protected X509CertificateHolder signCert;
        protected byte[] signData;
        protected AlgorithmIdentifier digestAid;
        protected AlgorithmIdentifier encryptDigestAid;
        protected byte[] authAttrData;
        protected byte[] oriDigestData;
        protected byte[] unauthAttrData;

        public Pkcs7SignInfo() {
        }

        public Pkcs7SignInfo(SignerInfo signerInfo) throws KcException {
            this.signData = signerInfo.getEncryptedDigest().getOctets();
            this.digestAid = signerInfo.getDigestAlgorithm();
            this.encryptDigestAid = signerInfo.getDigestEncryptionAlgorithm();
            ASN1Set authenticatedAttributes = signerInfo.getAuthenticatedAttributes();
            if (null != authenticatedAttributes) {
                int size = authenticatedAttributes.size();
                for (int i = 0; i < size; i++) {
                    Attribute attribute = Attribute.getInstance(authenticatedAttributes.getObjectAt(i));
                    if (PKCSObjectIdentifiers.pkcs_9_at_messageDigest.equals(attribute.getAttrType())) {
                        this.oriDigestData = ASN1OctetString.getInstance(attribute.getAttributeValues()[0]).getOctets();
                    }
                }
                try {
                    this.authAttrData = authenticatedAttributes.getEncoded();
                } catch (Exception e) {
                    throw new KcException(KcErrors.ERROR_CORE_PKCS7_SIGN_ENCODE, "parse p7 sign: get auth attrs encode failed");
                }
            }
            ASN1Set unauthenticatedAttributes = signerInfo.getUnauthenticatedAttributes();
            if (null != unauthenticatedAttributes) {
                try {
                    this.unauthAttrData = unauthenticatedAttributes.getEncoded();
                } catch (Exception e2) {
                    throw new KcException(KcErrors.ERROR_CORE_PKCS7_SIGN_ENCODE, "parse p7 sign: get unauth attrs encode failed");
                }
            }
        }

        public void setSignCert(X509CertificateHolder x509CertificateHolder) {
            this.signCert = x509CertificateHolder;
        }

        public void setSignData(byte[] bArr) {
            this.signData = bArr;
        }

        public void setDigestAid(AlgorithmIdentifier algorithmIdentifier) {
            this.digestAid = algorithmIdentifier;
        }

        public void setEncryptDigestAid(AlgorithmIdentifier algorithmIdentifier) {
            this.encryptDigestAid = algorithmIdentifier;
        }

        public void setAuthAttrData(byte[] bArr) {
            this.authAttrData = bArr;
        }

        public void setOriDigestData(byte[] bArr) {
            this.oriDigestData = bArr;
        }

        public X509CertificateHolder getSignCert() {
            return this.signCert;
        }

        public byte[] getSignData() {
            return this.signData;
        }

        public AlgorithmIdentifier getDigestAid() {
            return this.digestAid;
        }

        public AlgorithmIdentifier getEncryptDigestAid() {
            return this.encryptDigestAid;
        }

        public byte[] getAuthAttrData() {
            return this.authAttrData;
        }

        public byte[] getOriDigestData() {
            return this.oriDigestData;
        }

        public byte[] getUnauthAttrData() {
            return this.unauthAttrData;
        }

        public void setUnauthAttrData(byte[] bArr) {
            this.unauthAttrData = bArr;
        }
    }

    public byte[] getOriData() {
        return this.oriData;
    }

    public ASN1ObjectIdentifier getDataContentType() {
        return this.dataContentType;
    }

    public ASN1ObjectIdentifier getContentType() {
        return this.contentType;
    }

    public List<Pkcs7SignInfo> getSignInfos() {
        return this.signInfos;
    }

    public void parse(byte[] bArr) throws KcException {
        clear();
        if (null == bArr) {
            throw new KcException(KcErrors.ERROR_CORE_ARG_EMPTY, "parse p7 sign: sign data is empty");
        }
        if (bArr[0] == 77) {
            bArr = Base64.decode(bArr);
        }
        try {
            ContentInfo contentInfo = ContentInfo.getInstance(new ASN1InputStream(bArr).readObject());
            this.contentType = contentInfo.getContentType();
            SignedData signedData = SignedData.getInstance(contentInfo.getContent());
            ContentInfo encapContentInfo = signedData.getEncapContentInfo();
            this.dataContentType = encapContentInfo.getContentType();
            this.oriData = parseOriData(encapContentInfo);
            int size = signedData.getSignerInfos().size();
            for (int i = 0; i < size; i++) {
                SignerInfo signerInfo = SignerInfo.getInstance(signedData.getSignerInfos().getObjectAt(i));
                ASN1Set certificates = signedData.getCertificates();
                Pkcs7SignInfo pkcs7SignInfo = new Pkcs7SignInfo(signerInfo);
                if (certificates != null) {
                    pkcs7SignInfo.setSignCert(findSignCert(signerInfo, certificates));
                }
                this.signInfos.add(pkcs7SignInfo);
            }
        } catch (IOException e) {
            throw new KcException(KcErrors.ERROR_CORE_PKCS7_SIGN_PARSE, "parse p7 sign: parse sign data failed", e);
        }
    }

    protected void clear() {
        this.signInfos.clear();
        this.oriData = null;
        this.contentType = null;
        this.dataContentType = null;
    }

    protected byte[] parseOriData(ContentInfo contentInfo) {
        ASN1OctetString aSN1OctetString = ASN1OctetString.getInstance(contentInfo.getContent());
        if (null == aSN1OctetString) {
            return null;
        }
        return aSN1OctetString.getOctets();
    }

    protected X509CertificateHolder findSignCert(SignerInfo signerInfo, ASN1Set aSN1Set) throws KcException {
        if (null == aSN1Set) {
            return null;
        }
        IssuerAndSerialNumber issuerAndSerialNumber = IssuerAndSerialNumber.getInstance(signerInfo.getSID().getId());
        X509CertificateHolder x509CertificateHolder = null;
        Enumeration objects = aSN1Set.getObjects();
        while (objects.hasMoreElements()) {
            x509CertificateHolder = new X509CertificateHolder(Certificate.getInstance(objects.nextElement()));
            if (issuerAndSerialNumber.getCertificateSerialNumber().getValue().equals(x509CertificateHolder.getSerialNumber()) && issuerAndSerialNumber.getName().equals(x509CertificateHolder.getIssuer())) {
                break;
            }
            x509CertificateHolder = null;
        }
        return x509CertificateHolder;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("content-type: " + this.contentType.getId() + "\n");
        stringBuffer.append("data-content-type: " + this.dataContentType.getId() + "\n");
        stringBuffer.append("oridata: ");
        if (StringUtil.isNotEmpty(this.oriData)) {
            stringBuffer.append(new String(this.oriData));
        }
        stringBuffer.append("\n");
        return stringBuffer.toString();
    }
}
