package com.initech.pkcs.pkcs7;

import com.initech.cryptox.Cipher;
import com.initech.cryptox.SecretKeyFactory;
import com.initech.pki.asn1.ASN1Decoder;
import com.initech.pki.asn1.ASN1Encoder;
import com.initech.pki.asn1.ASN1Exception;
import com.initech.pki.asn1.ASN1OID;
import com.initech.pki.asn1.ASN1Tag;
import com.initech.pki.asn1.ASN1Type;
import com.initech.pki.asn1.DEREncoder;
import com.initech.pki.asn1.useful.AlgorithmID;
import com.initech.pki.util.ArrayComparator;
import com.initech.pki.x509.X509CRLImpl;
import com.initech.pki.x509.X509CertImpl;
import com.initech.vendor.netscape.NetscapeCertType;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.cert.CRLException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class SignedAndEnvelopedData extends PKCS7EncryptedType {
    private Vector certificates;
    private Vector crls;
    private int version = 1;
    private SecretKey secretKey = null;
    private Vector mds = new Vector();
    private Vector recipientInfos = new Vector();
    private Vector signerInfos = new Vector();

    public SignedAndEnvelopedData() {
        this.encryptedContentInfo = new EncryptedContentInfo();
    }

    private int extractValue(byte[] bArr) {
        if (bArr[1] == 128 || (bArr[1] & NetscapeCertType.SSL_CLIENT) == 0) {
            return 2;
        }
        return 2 + (bArr[1] & Byte.MAX_VALUE);
    }

    public static void sortDERSet(Vector vector, boolean z) throws ASN1Exception {
        if (z) {
            byte[][] bArr = new byte[vector.size()];
            for (int i = 0; i < vector.size(); i++) {
                DEREncoder dEREncoder = new DEREncoder();
                try {
                    ((ASN1Type) vector.elementAt(i)).encode(dEREncoder);
                    bArr[i] = dEREncoder.toByteArray();
                } catch (Exception e) {
                    throw new ASN1Exception(e.toString());
                }
            }
            for (int i2 = 0; i2 < vector.size() - 1; i2++) {
                for (int i3 = i2 + 1; i3 < vector.size(); i3++) {
                    if (ArrayComparator.compare(bArr[i2], bArr[i3]) > 0) {
                        byte[] bArr2 = bArr[i2];
                        bArr[i2] = bArr[i3];
                        bArr[i3] = bArr2;
                        Object elementAt = vector.elementAt(i2);
                        vector.setElementAt(vector.elementAt(i3), i2);
                        vector.setElementAt(elementAt, i3);
                    }
                }
            }
        }
    }

    public void addCRL(X509CRL x509crl) throws ASN1Exception {
        if (this.crls == null) {
            this.crls = new Vector();
        }
        if (x509crl instanceof X509CRLImpl) {
            this.crls.add(x509crl);
            return;
        }
        try {
            this.crls.add(new X509CRLImpl(x509crl.getEncoded()));
        } catch (CRLException e) {
            throw new ASN1Exception(e.toString());
        }
    }

    public void addCertificate(X509Certificate x509Certificate) throws ASN1Exception {
        if (this.certificates == null) {
            this.certificates = new Vector();
        }
        if (x509Certificate instanceof X509CertImpl) {
            this.certificates.add(x509Certificate);
            return;
        }
        try {
            this.certificates.add(new X509CertImpl(x509Certificate.getEncoded()));
        } catch (CertificateEncodingException e) {
            throw new ASN1Exception(e.toString());
        } catch (CertificateException e2) {
            throw new ASN1Exception(e2.toString());
        }
    }

    public void addMessageDigestAlgorithm(AlgorithmID algorithmID) {
        if (this.mds == null) {
            this.mds = new Vector();
            this.mds.add(algorithmID);
            return;
        }
        for (int i = 0; i < this.mds.size(); i++) {
            if (((AlgorithmID) this.mds.elementAt(i)).equals(algorithmID)) {
                return;
            }
        }
        this.mds.add(algorithmID);
    }

    public void addSignerInfo(SignerInfo signerInfo) {
        this.signerInfos.add(signerInfo);
    }

    @Override // com.initech.pki.asn1.ASN1Type
    public void decode(ASN1Decoder aSN1Decoder) throws ASN1Exception {
        int decodeSequence = aSN1Decoder.decodeSequence();
        this.version = aSN1Decoder.decodeIntegerAsInt();
        int decodeSetOf = aSN1Decoder.decodeSetOf();
        while (!aSN1Decoder.endOf(decodeSetOf)) {
            RecipientInfo recipientInfo = new RecipientInfo();
            recipientInfo.decode(aSN1Decoder);
            this.recipientInfos.add(recipientInfo);
        }
        this.mds.removeAllElements();
        int decodeSetOf2 = aSN1Decoder.decodeSetOf();
        while (!aSN1Decoder.endOf(decodeSetOf2)) {
            AlgorithmID algorithmID = new AlgorithmID();
            algorithmID.decode(aSN1Decoder);
            this.mds.add(algorithmID);
        }
        this.encryptedContentInfo.decode(aSN1Decoder);
        if (aSN1Decoder.nextIsOptional(ASN1Tag.makeContextTag(0))) {
            this.certificates = null;
        } else {
            aSN1Decoder.nextIsImplicit(ASN1Tag.makeContextTag(0));
            int decodeSetOf3 = aSN1Decoder.decodeSetOf();
            while (!aSN1Decoder.endOf(decodeSetOf3)) {
                X509CertImpl x509CertImpl = new X509CertImpl();
                x509CertImpl.decode(aSN1Decoder);
                addCertificate(x509CertImpl);
            }
        }
        if (aSN1Decoder.nextIsOptional(ASN1Tag.makeContextTag(1))) {
            this.crls = null;
        } else {
            aSN1Decoder.nextIsImplicit(ASN1Tag.makeContextTag(1));
            int decodeSetOf4 = aSN1Decoder.decodeSetOf();
            while (!aSN1Decoder.endOf(decodeSetOf4)) {
                X509CRLImpl x509CRLImpl = new X509CRLImpl();
                x509CRLImpl.decode(aSN1Decoder);
                addCRL(x509CRLImpl);
            }
        }
        int decodeSetOf5 = aSN1Decoder.decodeSetOf();
        while (!aSN1Decoder.endOf(decodeSetOf5)) {
            SignerInfo signerInfo = new SignerInfo();
            signerInfo.decode(aSN1Decoder);
            addSignerInfo(signerInfo);
        }
        aSN1Decoder.endOf(decodeSequence);
        this.status = 3;
    }

    @Override // com.initech.pki.asn1.ASN1EncType
    public void encode(ASN1Encoder aSN1Encoder) throws ASN1Exception {
        boolean z = aSN1Encoder instanceof DEREncoder;
        int encodeSequence = aSN1Encoder.encodeSequence(true);
        aSN1Encoder.encodeInteger(this.version);
        int encodeSetOf = aSN1Encoder.encodeSetOf(true);
        for (int i = 0; i < this.recipientInfos.size(); i++) {
            ((RecipientInfo) this.recipientInfos.elementAt(i)).encode(aSN1Encoder);
        }
        aSN1Encoder.endOf(encodeSetOf);
        sortDERSet(this.mds, z);
        int encodeSetOf2 = aSN1Encoder.encodeSetOf();
        for (int i2 = 0; i2 < this.mds.size(); i2++) {
            ((AlgorithmID) this.mds.elementAt(i2)).encode(aSN1Encoder);
        }
        aSN1Encoder.endOf(encodeSetOf2);
        this.encryptedContentInfo.encode(aSN1Encoder);
        if (this.certificates != null) {
            sortDERSet(this.certificates, z);
            aSN1Encoder.nextIsImplicit(ASN1Tag.makeContextTag(0));
            int encodeSetOf3 = aSN1Encoder.encodeSetOf();
            for (int i3 = 0; i3 < this.certificates.size(); i3++) {
                ((X509CertImpl) this.certificates.elementAt(i3)).encode(aSN1Encoder);
            }
            aSN1Encoder.endOf(encodeSetOf3);
        }
        if (this.crls != null) {
            sortDERSet(this.crls, z);
            aSN1Encoder.nextIsImplicit(ASN1Tag.makeContextTag(1));
            int encodeSetOf4 = aSN1Encoder.encodeSetOf();
            for (int i4 = 0; i4 < this.crls.size(); i4++) {
                ((X509CRLImpl) this.crls.elementAt(i4)).encode(aSN1Encoder);
            }
            aSN1Encoder.endOf(encodeSetOf4);
        }
        sortDERSet(this.signerInfos, z);
        int encodeSetOf5 = aSN1Encoder.encodeSetOf();
        for (int i5 = 0; i5 < this.signerInfos.size(); i5++) {
            ((SignerInfo) this.signerInfos.elementAt(i5)).encode(aSN1Encoder);
        }
        aSN1Encoder.endOf(encodeSetOf5);
        aSN1Encoder.endOf(encodeSequence);
    }

    public Enumeration getCRLs() {
        return this.crls.elements();
    }

    public Vector getCRLsAsVector() {
        return this.crls;
    }

    public Enumeration getCertificates() {
        return this.certificates.elements();
    }

    protected Vector getCertificatesAsVector() {
        return this.certificates;
    }

    public Enumeration getMessageDigestAlgorithm() {
        return this.mds.elements();
    }

    protected Vector getMessageDigestAlgorithmAsVector() {
        return this.mds;
    }

    public SecretKey getSecretKey() {
        return this.secretKey;
    }

    public Enumeration getSignerInfos() {
        return this.signerInfos.elements();
    }

    @Override // com.initech.pkcs.pkcs7.PKCS7Type
    public ASN1OID getType() {
        return PKCS7Factory.signedAndEnvelopedData;
    }

    public VerifyingSigner[] openAndVerify(PKCS7TrustManager pKCS7TrustManager, PKCS7KeyManager pKCS7KeyManager, PKCS7KeyManager pKCS7KeyManager2) throws PKCS7Exception {
        return openAndVerify(pKCS7TrustManager, pKCS7KeyManager, pKCS7KeyManager2, null);
    }

    public VerifyingSigner[] openAndVerify(PKCS7TrustManager pKCS7TrustManager, PKCS7KeyManager pKCS7KeyManager, PKCS7KeyManager pKCS7KeyManager2, String str) throws PKCS7Exception {
        if (3 != this.status) {
            throw new PKCS7Exception("The envelope is opened");
        }
        try {
            byte[] bArr = (byte[]) null;
            int i = 0;
            while (true) {
                if (i >= this.recipientInfos.size()) {
                    break;
                }
                RecipientInfo recipientInfo = (RecipientInfo) this.recipientInfos.elementAt(i);
                PrivateKey privateKey = pKCS7KeyManager.getPrivateKey(recipientInfo.getIssuerAndSerialNumber());
                if (privateKey != null) {
                    Cipher cipher = Cipher.getInstance(String.valueOf(recipientInfo.getKeyEncryptionAlgorithm().getAlgName()) + (str != null ? str : ""), "Initech");
                    cipher.init(2, privateKey);
                    bArr = cipher.doFinal(recipientInfo.getEncryptedKey());
                } else {
                    if (this.recipientInfos.size() - 1 == i) {
                        throw new PKCS7Exception("KeyManager have no PrivateKey for any recipient");
                    }
                    i++;
                }
            }
            com.initech.cryptox.SecretKey generateSecret = SecretKeyFactory.getInstance(this.encryptedContentInfo.getContentEncryptionAlgorithm().getAlgName(), "Initech").generateSecret(new SecretKeySpec(bArr, this.encryptedContentInfo.getContentEncryptionAlgorithm().getAlgName()));
            this.plainContent = this.encryptedContentInfo.decrypt(generateSecret);
            this.status = 2;
            DEREncoder dEREncoder = new DEREncoder();
            getContent().encode(dEREncoder);
            byte[] byteArray = dEREncoder.toByteArray();
            int extractValue = extractValue(byteArray);
            Hashtable hashtable = new Hashtable();
            for (int i2 = 0; i2 < this.mds.size(); i2++) {
                AlgorithmID algorithmID = (AlgorithmID) this.mds.elementAt(i2);
                MessageDigest messageDigest = MessageDigest.getInstance(algorithmID.getAlgName(), "Initech");
                messageDigest.update(byteArray, extractValue, byteArray.length - extractValue);
                hashtable.put(algorithmID.getAlgName(), messageDigest.digest());
            }
            VerifyingSigner[] verifyingSignerArr = new VerifyingSigner[this.signerInfos.size()];
            for (int i3 = 0; i3 < this.signerInfos.size(); i3++) {
                verifyingSignerArr[i3] = new VerifyingSigner((SignerInfo) this.signerInfos.elementAt(i3));
                verifyingSignerArr[i3].setCertificate(pKCS7KeyManager2, getCertificates());
                verifyingSignerArr[i3].setContentType(this.encryptedContentInfo.getContentType());
                verifyingSignerArr[i3].decryptAndVerify((byte[]) hashtable.get(verifyingSignerArr[i3].getDigestAlgorithm().getAlgName()), generateSecret, this.encryptedContentInfo.getContentEncryptionAlgorithm());
            }
            return verifyingSignerArr;
        } catch (Exception e) {
            e.printStackTrace();
            throw new PKCS7Exception(e.toString());
        }
    }

    public void signAndSeal(SigningSigner[] signingSignerArr, AlgorithmID algorithmID, Sealer[] sealerArr) throws PKCS7Exception {
        signAndSeal(signingSignerArr, algorithmID, sealerArr, null);
    }

    public void signAndSeal(SigningSigner[] signingSignerArr, AlgorithmID algorithmID, Sealer[] sealerArr, String str) throws PKCS7Exception {
        try {
            DEREncoder dEREncoder = new DEREncoder();
            getContent().encode(dEREncoder);
            byte[] byteArray = dEREncoder.toByteArray();
            int extractValue = extractValue(byteArray);
            Hashtable hashtable = new Hashtable();
            for (int i = 0; i < this.mds.size(); i++) {
                AlgorithmID algorithmID2 = (AlgorithmID) this.mds.elementAt(i);
                MessageDigest messageDigest = MessageDigest.getInstance(algorithmID2.getAlgName(), "Initech");
                messageDigest.update(byteArray, extractValue, byteArray.length - extractValue);
                hashtable.put(algorithmID2.getAlgName(), messageDigest.digest());
            }
            SecretKey generateKey = KeyGenerator.getInstance(algorithmID.getAlgName(), "Initech").generateKey();
            this.secretKey = generateKey;
            this.signerInfos = new Vector();
            for (int i2 = 0; i2 < signingSignerArr.length; i2++) {
                signingSignerArr[i2].setContentType(this.encryptedContentInfo.getContentType());
                signingSignerArr[i2].encryptAndSign((byte[]) hashtable.get(signingSignerArr[i2].getDigestAlgorithm().getAlgName()), generateKey, algorithmID);
                addCertificate(signingSignerArr[i2].getCertificate());
                this.signerInfos.add(signingSignerArr[i2].getSignerInfo());
            }
            this.encryptedContentInfo.setContentEncryptionAlgorithm(algorithmID);
            byte[] plainContent = getPlainContent();
            int extractValue2 = extractValue(plainContent);
            this.encryptedContentInfo.encrypt(generateKey, getPlainContent(), extractValue2, plainContent.length - extractValue2);
            this.status = 3;
            byte[] encoded = generateKey.getEncoded();
            for (int i3 = 0; i3 < sealerArr.length; i3++) {
                sealerArr[i3].encryptKey(encoded, str);
                this.recipientInfos.add(sealerArr[i3].getRecipientInfo());
            }
        } catch (Exception e) {
            e.printStackTrace();
            throw new PKCS7Exception(e.toString());
        }
    }
}
