package by.avest.crypto.conscrypt.pkcs7;

import by.avest.crypto.conscrypt.NativeCrypto;
import by.avest.crypto.conscrypt.OpenSSLBIOInputStream;
import by.avest.crypto.conscrypt.OpenSSLKey;
import by.avest.crypto.conscrypt.OpenSSLKeyHolder;
import by.avest.crypto.conscrypt.OpenSSLX509CertificateHolder;
import by.avest.crypto.conscrypt.ref.OpenSSLContext;
import by.avest.crypto.conscrypt.ref.OpenSSLNativeResourceFinalizer;
import by.avest.crypto.conscrypt.x509.AlgorithmId;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.List;
import java.util.TimeZone;

/* loaded from: classes2.dex */
public class SignerInfo implements OpenSSLContext {
    private List<PKCS9Attribute> attributes;
    private AlgorithmId digestAlgorithmId;
    private OpenSSLX509CertificateHolder issuerCert;
    boolean need_del;
    private transient long pkcs7SICtx;
    byte[] prehashedDigest;
    private OpenSSLKey privateKey;
    private List<PKCS9Attribute> signedAttributes;

    /* loaded from: classes2.dex */
    private static class MyResourceFinalizer extends OpenSSLNativeResourceFinalizer {
        public MyResourceFinalizer(SignerInfo signerInfo) {
            super(signerInfo);
        }

        @Override // by.avest.crypto.conscrypt.ref.OpenSSLNativeResourceFinalizer
        public void resourceFree(long j) throws Throwable {
            SignerInfo.free(j);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignerInfo(long j) {
        this.pkcs7SICtx = j;
        if (this.pkcs7SICtx != 0) {
            loadSignedAttributes();
            dummyTouch();
        }
    }

    public SignerInfo(X509Certificate x509Certificate, PrivateKey privateKey, AlgorithmId algorithmId, List<PKCS9Attribute> list, List<PKCS9Attribute> list2, byte[] bArr) throws CertificateEncodingException, InvalidKeyException, NoSuchAlgorithmException {
        setIssuerCert(x509Certificate);
        setPrivateKey(privateKey);
        setDigestAlgorithmId(algorithmId);
        this.prehashedDigest = bArr;
        this.pkcs7SICtx = NativeCrypto.PKCS7_SIGNER_INFO_new();
        new MyResourceFinalizer(this);
        long EVP_get_digestbynid = NativeCrypto.EVP_get_digestbynid(algorithmId.getOID().getNid());
        if (EVP_get_digestbynid == 0) {
            throw new NoSuchAlgorithmException("Can not find message digest " + algorithmId);
        }
        NativeCrypto.PKCS7_SIGNER_INFO_set(this.pkcs7SICtx, this.issuerCert.getContext(), this.privateKey.getNativeRef().getNativeRef(), EVP_get_digestbynid);
        this.privateKey.getNativeRef().dummyTouch();
        this.issuerCert.dummyTouch();
        setSignedAttributes(list);
        setAttribues(list2);
        dummyTouch();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void free(long j) throws Throwable {
        if (j != 0) {
            NativeCrypto.PKCS7_SIGNER_INFO_free(j);
        }
    }

    private void setAttribues(List<PKCS9Attribute> list) {
        this.attributes = list;
        for (PKCS9Attribute pKCS9Attribute : list) {
            NativeCrypto.PKCS7_add_attribute(this.pkcs7SICtx, pKCS9Attribute.getOid().getNid(), pKCS9Attribute.getAttributeType(), pKCS9Attribute.getDataRef());
        }
        dummyTouch();
    }

    private void setDigestAlgorithmId(AlgorithmId algorithmId) {
        this.digestAlgorithmId = algorithmId;
    }

    private void setPrivateKey(PrivateKey privateKey) throws InvalidKeyException {
        if (privateKey instanceof OpenSSLKeyHolder) {
            this.privateKey = ((OpenSSLKeyHolder) privateKey).getOpenSSLKey();
        } else {
            this.privateKey = OpenSSLKey.fromPrivateKey(privateKey);
        }
    }

    private void setSignedAttributes(List<PKCS9Attribute> list) {
        this.signedAttributes = list;
        for (PKCS9Attribute pKCS9Attribute : list) {
            NativeCrypto.PKCS7_add_signed_attribute(this.pkcs7SICtx, pKCS9Attribute.getOid().getNid(), pKCS9Attribute.getAttributeType(), pKCS9Attribute.getDataRef());
        }
        dummyTouch();
    }

    private SignerInfo verifyAttached(PKCS7 pkcs7) {
        long j = 0;
        try {
            try {
                OpenSSLX509CertificateHolder certificateHolder = OpenSSLX509CertificateHolder.getCertificateHolder(getCertificate(pkcs7));
                j = NativeCrypto.PKCS7_dataInit(pkcs7.getPKCS7Context(), 0L);
                int PKCS7_signatureVerify = NativeCrypto.PKCS7_signatureVerify(j, pkcs7.getPKCS7Context(), this.pkcs7SICtx, certificateHolder.getContext());
                certificateHolder.dummyTouch();
                pkcs7.getPKCS7Context().dummyTouch();
                dummyTouch();
                return PKCS7_signatureVerify == 1 ? this : null;
            } catch (CertificateEncodingException e) {
                throw new IllegalArgumentException("Can not parse certificate from passed PKCS7", e);
            }
        } finally {
            if (j != 0) {
                NativeCrypto.BIO_free_all(j);
            }
        }
    }

    private SignerInfo verifyDetached(PKCS7 pkcs7, byte[] bArr) throws PKCS7Exception {
        long j = 0;
        OpenSSLBIOInputStream openSSLBIOInputStream = null;
        try {
            try {
                openSSLBIOInputStream = new OpenSSLBIOInputStream(new ByteArrayInputStream(bArr), true);
                long PKCS7_dataInit = NativeCrypto.PKCS7_dataInit(pkcs7.getPKCS7Context(), openSSLBIOInputStream.getBioContext());
                try {
                    X509Certificate certificate = getCertificate(pkcs7);
                    OpenSSLX509CertificateHolder openSSLX509CertificateHolder = certificate instanceof OpenSSLX509CertificateHolder ? (OpenSSLX509CertificateHolder) certificate : new OpenSSLX509CertificateHolder(certificate);
                    try {
                        int PKCS7_signatureVerify = NativeCrypto.PKCS7_signatureVerify(PKCS7_dataInit, pkcs7.getPKCS7Context(), this.pkcs7SICtx, openSSLX509CertificateHolder.getContext());
                        openSSLX509CertificateHolder.dummyTouch();
                        pkcs7.getPKCS7Context().dummyTouch();
                        dummyTouch();
                        SignerInfo signerInfo = PKCS7_signatureVerify == 1 ? this : null;
                        try {
                            openSSLBIOInputStream.close();
                            NativeCrypto.BIO_free_all(PKCS7_dataInit);
                            return signerInfo;
                        } catch (IOException e) {
                            throw new RuntimeException(e);
                        }
                    } catch (CertificateEncodingException e2) {
                        e = e2;
                        j = PKCS7_dataInit;
                        try {
                            e.printStackTrace();
                            try {
                                openSSLBIOInputStream.close();
                                NativeCrypto.BIO_free_all(j);
                                return null;
                            } catch (IOException e3) {
                                throw new RuntimeException(e3);
                            }
                        } catch (Throwable th) {
                            th = th;
                            try {
                                openSSLBIOInputStream.close();
                                NativeCrypto.BIO_free_all(j);
                                throw th;
                            } catch (IOException e4) {
                                throw new RuntimeException(e4);
                            }
                        }
                    } catch (Throwable th2) {
                        th = th2;
                        j = PKCS7_dataInit;
                        openSSLBIOInputStream.close();
                        NativeCrypto.BIO_free_all(j);
                        throw th;
                    }
                } catch (CertificateEncodingException e5) {
                    e = e5;
                } catch (Throwable th3) {
                    th = th3;
                }
            } catch (CertificateEncodingException e6) {
                e = e6;
            } catch (Throwable th4) {
                th = th4;
            }
        } catch (CertificateEncodingException e7) {
            e = e7;
        } catch (Throwable th5) {
            th = th5;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void dummyTouch() {
        this.pkcs7SICtx = NativeCrypto.DUMMY_touch(this.pkcs7SICtx);
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        return obj != null && getClass() == obj.getClass() && this.pkcs7SICtx == ((SignerInfo) obj).pkcs7SICtx;
    }

    public List<PKCS9Attribute> getAttributes() {
        return this.attributes;
    }

    public X509Certificate getCertificate(PKCS7 pkcs7) {
        return pkcs7.getCertificate(this);
    }

    public PKCS7ContentType getContentType() {
        PKCS7ContentType pKCS7ContentType = null;
        long PKCS7_get_signed_attribute = NativeCrypto.PKCS7_get_signed_attribute(this.pkcs7SICtx, PKCS9Attribute.CONTENT_TYPE_OID.getNid());
        if (PKCS7_get_signed_attribute != 0 && NativeCrypto.ASN1_TYPE_get(PKCS7_get_signed_attribute) == 6) {
            pKCS7ContentType = PKCS7ContentType.getByNid(NativeCrypto.OBJ_obj2nid(NativeCrypto.ASN1_TYPE_get_ASN1_OBJECT(PKCS7_get_signed_attribute)));
        }
        dummyTouch();
        return pKCS7ContentType;
    }

    @Override // by.avest.crypto.conscrypt.ref.OpenSSLContext
    public long getContext() {
        return this.pkcs7SICtx;
    }

    public byte[] getDigest() {
        return this.prehashedDigest;
    }

    public AlgorithmId getDigestAlgorithmId() {
        return this.digestAlgorithmId;
    }

    public byte[] getIssuer() {
        byte[] PKCS7_issuer_from_signer_info = NativeCrypto.PKCS7_issuer_from_signer_info(this.pkcs7SICtx);
        dummyTouch();
        return PKCS7_issuer_from_signer_info;
    }

    public X509Certificate getIssuerCert() {
        return this.issuerCert;
    }

    public byte[] getSerialNumber() {
        byte[] PKCS7_serial_from_signer_info = NativeCrypto.PKCS7_serial_from_signer_info(this.pkcs7SICtx);
        dummyTouch();
        return PKCS7_serial_from_signer_info;
    }

    public List<PKCS9Attribute> getSignedAttributes() {
        return this.signedAttributes;
    }

    public Date getSigningTime() {
        Date date = null;
        long PKCS7_get_signed_attribute = NativeCrypto.PKCS7_get_signed_attribute(this.pkcs7SICtx, PKCS9Attribute.SIGNING_TIME_OID.getNid());
        if (PKCS7_get_signed_attribute != 0 && NativeCrypto.ASN1_TYPE_get(PKCS7_get_signed_attribute) == 23) {
            long ASN1_TYPE_get_ASN1_UTCTIME = NativeCrypto.ASN1_TYPE_get_ASN1_UTCTIME(PKCS7_get_signed_attribute);
            if (ASN1_TYPE_get_ASN1_UTCTIME != 0) {
                Calendar calendar = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
                NativeCrypto.ASN1_TIME_to_Calendar(ASN1_TYPE_get_ASN1_UTCTIME, calendar);
                date = calendar.getTime();
            }
        }
        dummyTouch();
        return date;
    }

    public byte[] getSubjectKeyIdentifier() {
        byte[] PKCS7_skid_from_signer_info = NativeCrypto.PKCS7_skid_from_signer_info(this.pkcs7SICtx);
        dummyTouch();
        return PKCS7_skid_from_signer_info;
    }

    public int hashCode() {
        return (1 * 31) + ((int) (this.pkcs7SICtx ^ (this.pkcs7SICtx >>> 32)));
    }

    public void loadSignedAttributes() {
        this.signedAttributes = new ArrayList();
        long PKCS7_get_signed_attribute = NativeCrypto.PKCS7_get_signed_attribute(this.pkcs7SICtx, PKCS9Attribute.MESSAGE_DIGEST_OID.getNid());
        if (PKCS7_get_signed_attribute != 0) {
            this.signedAttributes.add(new PKCS9Attribute(PKCS9Attribute.MESSAGE_DIGEST_OID, 4, PKCS7_get_signed_attribute));
        }
        long PKCS7_get_signed_attribute2 = NativeCrypto.PKCS7_get_signed_attribute(this.pkcs7SICtx, PKCS9Attribute.CONTENT_TYPE_OID.getNid());
        if (PKCS7_get_signed_attribute2 != 0) {
            this.signedAttributes.add(new PKCS9Attribute(PKCS9Attribute.CONTENT_TYPE_OID, 6, PKCS7_get_signed_attribute2));
        }
    }

    public void setIssuerCert(X509Certificate x509Certificate) throws CertificateEncodingException {
        this.issuerCert = new OpenSSLX509CertificateHolder(x509Certificate);
        if (this.pkcs7SICtx != 0) {
            NativeCrypto.PKCS7_SIGNER_INFO_set_signer_identifier(this.pkcs7SICtx, this.issuerCert.getContext());
        }
        this.issuerCert.dummyTouch();
    }

    SignerInfo verify(PKCS7 pkcs7) throws PKCS7Exception, SignatureException {
        return verify(pkcs7, null);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignerInfo verify(PKCS7 pkcs7, byte[] bArr) throws PKCS7Exception, SignatureException {
        if (pkcs7.isDetached() && bArr == null) {
            throw new IllegalArgumentException("No data to verify signature. Data can not be null with detached sign");
        }
        if (pkcs7.isDetached() || bArr == null) {
            return bArr == null ? verifyAttached(pkcs7) : verifyDetached(pkcs7, bArr);
        }
        throw new IllegalArgumentException("Two sets of data. Data should be null with attached sign");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignerInfo verifyWithoutHashComparing(PKCS7 pkcs7) {
        long j;
        Throwable th;
        CertificateEncodingException e;
        try {
            OpenSSLX509CertificateHolder certificateHolder = OpenSSLX509CertificateHolder.getCertificateHolder(getCertificate(pkcs7));
            j = NativeCrypto.PKCS7_dataInit(pkcs7.getPKCS7Context(), 0L);
            try {
                try {
                    int PKCS7_signatureVerifyWithoutHashComparing = NativeCrypto.PKCS7_signatureVerifyWithoutHashComparing(j, pkcs7.getPKCS7Context(), this.pkcs7SICtx, certificateHolder.getContext());
                    certificateHolder.dummyTouch();
                    pkcs7.getPKCS7Context().dummyTouch();
                    dummyTouch();
                    if (certificateHolder.getVersion() == 999) {
                        NativeCrypto.BIO_free_all(j);
                        return null;
                    }
                    SignerInfo signerInfo = PKCS7_signatureVerifyWithoutHashComparing == 1 ? this : null;
                    NativeCrypto.BIO_free_all(j);
                    return signerInfo;
                } catch (CertificateEncodingException e2) {
                    e = e2;
                    throw new IllegalArgumentException("Can not parse certificate from passed PKCS7", e);
                }
            } catch (Throwable th2) {
                th = th2;
                NativeCrypto.BIO_free_all(j);
                throw th;
            }
        } catch (CertificateEncodingException e3) {
            j = 0;
            e = e3;
        } catch (Throwable th3) {
            j = 0;
            th = th3;
            NativeCrypto.BIO_free_all(j);
            throw th;
        }
    }
}
