package com.xdja.pkcs7.dataHandler;

import com.xdja.asn1.ASN1Sequence;
import com.xdja.pkcs7.AlgorithmIdentifier;
import com.xdja.pkcs7.ContentInfo;
import com.xdja.pkcs7.DigestAndDigestEncryptAlgorithmOIDs;
import com.xdja.pkcs7.PKCS7ObjectIdentifiers;
import com.xdja.pkcs7.SignedData;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.X509Certificate;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:com/xdja/pkcs7/dataHandler/SignedDataHandler.class */
public class SignedDataHandler {
    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    public byte[] assembleSignedData(byte[] bArr, byte[] bArr2, AlgorithmIdentifier algorithmIdentifier, AlgorithmIdentifier algorithmIdentifier2, BigInteger bigInteger, String str) throws IOException {
        return new ContentInfo(PKCS7ObjectIdentifiers.signedData, new AssembleSignedData().assembleData(new SignedDataBean(bArr, bArr2, algorithmIdentifier, algorithmIdentifier2, bigInteger, str))).getDEREncoded();
    }

    public SignedDataBean parseSignedData(byte[] bArr) throws IOException {
        if (bArr == null || bArr.length < 1) {
            throw new IllegalArgumentException("seq can not be empty");
        }
        return new ParseSignedData().parseSignData(ContentInfo.getInstance(ASN1Sequence.getInstance(bArr)).getContent().getDERObject().getEncoded());
    }

    public SignedDataBean parseSignedData(ContentInfo contentInfo) throws IOException {
        return new ParseSignedData().parseSignData(SignedData.getInstance(ASN1Sequence.getInstance(contentInfo.getContent())));
    }

    public boolean verify(byte[] bArr) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature;
        if (bArr == null || bArr.length < 1) {
            throw new IllegalArgumentException("seq and cert can not be null");
        }
        SignedDataBean parseSignedData = parseSignedData(bArr);
        X509Certificate queryCertByIssuerSN = queryCertByIssuerSN(parseSignedData.getIssuer(), parseSignedData.getSN());
        if (queryCertByIssuerSN == null) {
            throw new IllegalArgumentException("sign certificate not exist");
        }
        try {
            signature = Signature.getInstance(String.valueOf(parseSignedData.getDigestAlgorithm().getAlgorithm().getId()) + "with" + parseSignedData.getDigestencryptAlgorithm().getAlgorithm().getId());
        } catch (NoSuchAlgorithmException e) {
            signature = Signature.getInstance(DigestAndDigestEncryptAlgorithmOIDs.OID_SM3_SM2_SIGN);
        }
        signature.initVerify(queryCertByIssuerSN);
        signature.update(parseSignedData.getOriginalData());
        return signature.verify(parseSignedData.getSignedData());
    }

    private X509Certificate queryCertByIssuerSN(String str, BigInteger bigInteger) {
        return null;
    }

    public boolean verify(SignedDataBean signedDataBean, X509Certificate x509Certificate) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature;
        if (!compairIssuerDN(x509Certificate.getIssuerDN().getName(), signedDataBean.getIssuer())) {
            throw new IllegalArgumentException("singer of the signedData not matching the cert");
        }
        try {
            signature = Signature.getInstance(String.valueOf(signedDataBean.getDigestAlgorithm().getAlgorithm().getId()) + "with" + signedDataBean.getDigestencryptAlgorithm().getAlgorithm().getId());
        } catch (NoSuchAlgorithmException e) {
            signature = Signature.getInstance(DigestAndDigestEncryptAlgorithmOIDs.OID_SM3_SM2_SIGN);
        }
        signature.initVerify(x509Certificate);
        signature.update(signedDataBean.getOriginalData());
        return signature.verify(signedDataBean.getSignedData());
    }

    private boolean compairIssuerDN(String str, String str2) {
        if (str == null || str2 == null) {
            return false;
        }
        if (str.equals(str2)) {
            return true;
        }
        for (String str3 : str.split(",")) {
            if (str2.indexOf(str3.trim()) == -1) {
                return false;
            }
        }
        return true;
    }
}
