package cn.win_trust_erpc;

import cn.sm2_cert_parse.PayConstants;
import cn.win_trust_erpc.bouncycastle.asn1.ASN1Encodable;
import cn.win_trust_erpc.bouncycastle.asn1.ASN1EncodableVector;
import cn.win_trust_erpc.bouncycastle.asn1.ASN1ObjectIdentifier;
import cn.win_trust_erpc.bouncycastle.asn1.ASN1Set;
import cn.win_trust_erpc.bouncycastle.asn1.BEROctetString;
import cn.win_trust_erpc.bouncycastle.asn1.BERSet;
import cn.win_trust_erpc.bouncycastle.asn1.DEROctetString;
import cn.win_trust_erpc.bouncycastle.asn1.DERSet;
import cn.win_trust_erpc.bouncycastle.asn1.DLSequence;
import cn.win_trust_erpc.bouncycastle.asn1.DLSet;
import cn.win_trust_erpc.bouncycastle.asn1.cms.CMSObjectIdentifiers;
import cn.win_trust_erpc.bouncycastle.asn1.cms.ContentInfo;
import cn.win_trust_erpc.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import cn.win_trust_erpc.bouncycastle.asn1.cms.SignedData;
import cn.win_trust_erpc.bouncycastle.asn1.cms.SignerIdentifier;
import cn.win_trust_erpc.bouncycastle.asn1.cms.SignerInfo;
import cn.win_trust_erpc.bouncycastle.asn1.x509.AlgorithmIdentifier;
import cn.win_trust_erpc.bouncycastle.asn1.x509.Certificate;
import cn.win_trust_erpc.bouncycastle.cert.X509CertificateHolder;
import cn.win_trust_erpc.bouncycastle.cert.jcajce.JcaCertStore;
import cn.win_trust_erpc.bouncycastle.cms.CMSProcessableByteArray;
import cn.win_trust_erpc.bouncycastle.cms.CMSSignedDataGenerator;
import cn.win_trust_erpc.bouncycastle.cms.SignerInfoGeneratorBuilder;
import cn.win_trust_erpc.bouncycastle.crypto.params.AsymmetricKeyParameter;
import cn.win_trust_erpc.bouncycastle.crypto.params.ECPrivateKeyParameters;
import cn.win_trust_erpc.bouncycastle.crypto.signers.SM2Signer;
import cn.win_trust_erpc.bouncycastle.jce.provider.BouncyCastleProvider;
import cn.win_trust_erpc.bouncycastle.operator.ContentSigner;
import cn.win_trust_erpc.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
import cn.win_trust_erpc.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
import cn.win_trust_erpc.bouncycastle.operator.bc.BcDigestCalculatorProvider;
import cn.win_trust_erpc.bouncycastle.operator.bc.BcSM2ContentSignerBuilder;
import cn.win_trust_erpc.bouncycastle.util.encoders.Base64;
import java.math.BigInteger;
import java.security.Security;
import java.util.ArrayList;
import java.util.LinkedHashSet;

/* loaded from: input_file:cn/win_trust_erpc/PKCS7Signer.class */
public class PKCS7Signer {
    public static byte[] generatePKCS7SignatureSM2(boolean z, byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        ECPrivateKeyParameters eCPrivateKeyParameters = new ECPrivateKeyParameters(new BigInteger(1, bArr3), SM2.Instance().ecdp);
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.156.10197.1.301.1"));
        AlgorithmIdentifier find = new DefaultDigestAlgorithmIdentifierFinder().find("SM3");
        X509CertificateHolder x509CertificateHolder = new X509CertificateHolder(bArr2);
        Certificate certificate = Certificate.getInstance(bArr2);
        SignerIdentifier signerIdentifier = new SignerIdentifier(new IssuerAndSerialNumber(x509CertificateHolder.toASN1Structure()));
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        ASN1ObjectIdentifier aSN1ObjectIdentifier = CMSObjectIdentifiers.dataSM2;
        SM2Signer sM2Signer = new SM2Signer();
        sM2Signer.init(true, eCPrivateKeyParameters);
        sM2Signer.update(bArr, 0, bArr.length);
        SignerInfo signerInfo = new SignerInfo(signerIdentifier, find, (ASN1Set) null, algorithmIdentifier, new DEROctetString(sM2Signer.generateSignature()), (ASN1Set) null);
        linkedHashSet.add(signerInfo.getDigestAlgorithm());
        aSN1EncodableVector.add(signerInfo);
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        aSN1EncodableVector2.add(certificate);
        return new ContentInfo(CMSObjectIdentifiers.signedDataSM2, new SignedData(new DLSet((AlgorithmIdentifier[]) linkedHashSet.toArray(new AlgorithmIdentifier[linkedHashSet.size()])), z ? new ContentInfo(aSN1ObjectIdentifier, new BEROctetString(bArr)) : new ContentInfo(aSN1ObjectIdentifier, null), new BERSet(aSN1EncodableVector2), null, new DERSet(aSN1EncodableVector))).getEncoded();
    }

    public static byte[] getItemPKCS7SignatureSM2(byte[] bArr, int i) throws Exception {
        ContentInfo contentInfo = ContentInfo.getInstance(bArr);
        contentInfo.getContentType();
        ASN1Encodable content = contentInfo.getContent();
        new DefaultDigestAlgorithmIdentifierFinder().find("SM3");
        new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.156.10197.1.301.1"));
        SignedData signedData = SignedData.getInstance(content);
        ASN1Set certificates = signedData.getCertificates();
        signedData.getDigestAlgorithms().getObjectAt(0);
        DLSequence dLSequence = (DLSequence) signedData.getSignerInfos().getObjectAt(0);
        DEROctetString dEROctetString = (DEROctetString) dLSequence.getObjectAt(4);
        DEROctetString dEROctetString2 = (DEROctetString) signedData.getEncapContentInfo().getContent();
        byte[] octets = dEROctetString.getOctets();
        byte[] encoded = ((DLSequence) certificates.getObjectAt(0)).getEncoded();
        if (1 == i) {
            if (dEROctetString2 != null) {
                return dEROctetString2.getOctets();
            }
            return null;
        }
        if (2 == i) {
            return encoded;
        }
        if (3 == i) {
            return octets;
        }
        return null;
    }

    public static byte[] constructPKCS7SignatureSM2(byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.156.10197.1.301.1"));
        AlgorithmIdentifier find = new DefaultDigestAlgorithmIdentifierFinder().find("SM3");
        X509CertificateHolder x509CertificateHolder = new X509CertificateHolder(bArr2);
        Certificate certificate = Certificate.getInstance(bArr2);
        SignerIdentifier signerIdentifier = new SignerIdentifier(new IssuerAndSerialNumber(x509CertificateHolder.toASN1Structure()));
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        ASN1ObjectIdentifier aSN1ObjectIdentifier = CMSObjectIdentifiers.dataSM2;
        SignerInfo signerInfo = new SignerInfo(signerIdentifier, find, (ASN1Set) null, algorithmIdentifier, new DEROctetString(bArr3), (ASN1Set) null);
        linkedHashSet.add(signerInfo.getDigestAlgorithm());
        aSN1EncodableVector.add(signerInfo);
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        aSN1EncodableVector2.add(certificate);
        return new ContentInfo(CMSObjectIdentifiers.signedDataSM2, new SignedData(new DLSet((AlgorithmIdentifier[]) linkedHashSet.toArray(new AlgorithmIdentifier[linkedHashSet.size()])), bArr != null ? new ContentInfo(aSN1ObjectIdentifier, new BEROctetString(bArr)) : new ContentInfo(aSN1ObjectIdentifier, null), new BERSet(aSN1EncodableVector2), null, new DERSet(aSN1EncodableVector))).getEncoded();
    }

    /* JADX WARN: Multi-variable type inference failed */
    static byte[] getrs(byte[] bArr) {
        byte[] bArr2;
        byte[] bArr3 = null;
        if (48 != bArr[0] || 2 != bArr[2]) {
            return null;
        }
        if (33 == bArr[3]) {
            bArr3 = new byte[32];
            System.arraycopy(bArr, 5, bArr3, 0, 32);
        } else if (32 == bArr[3]) {
            int i = 4;
            while (bArr[i] == 0 && ((bArr[i + 1] ? 1 : 0) & 255) < 128) {
                i++;
            }
            bArr3 = new byte[32 - (i - 4)];
            System.arraycopy(bArr, i, bArr3, 0, bArr3.length);
        } else if (32 > bArr[3]) {
            bArr3 = new byte[bArr[3]];
            System.arraycopy(bArr, 4, bArr3, 0, bArr[3] ? 1 : 0);
        }
        int i2 = 4 + (bArr[3] ? 1 : 0);
        if (2 != bArr[i2]) {
            return null;
        }
        int i3 = i2 + 1;
        if (33 == bArr[i3]) {
            bArr2 = new byte[32];
            System.arraycopy(bArr, i3 + 2, bArr2, 0, 32);
        } else if (32 == bArr[i3]) {
            int i4 = i3 + 1;
            while (bArr[i4] == 0 && ((bArr[i4 + 1] ? 1 : 0) & 255) < 128) {
                i4++;
            }
            bArr2 = new byte[32 - ((i4 - i3) - 1)];
            System.arraycopy(bArr, i4, bArr2, 0, bArr2.length);
        } else {
            if (32 <= bArr[i3]) {
                return null;
            }
            bArr2 = new byte[bArr[i3]];
            System.arraycopy(bArr, i3 + 1, bArr2, 0, bArr[i3] ? 1 : 0);
        }
        int length = bArr3.length + bArr2.length;
        if (bArr3.length == 32 && (bArr3[0] & 255) >= 128) {
            length++;
        }
        if (bArr2.length == 32 && (bArr2[0] & 255) >= 128) {
            length++;
        }
        int i5 = length + 6;
        byte[] bArr4 = new byte[i5];
        int i6 = 0 + 1;
        bArr4[0] = 48;
        int i7 = i6 + 1;
        bArr4[i6] = (byte) (i5 - 2);
        int i8 = i7 + 1;
        bArr4[i7] = 2;
        if (bArr3.length != 32 || (bArr3[0] & 255) < 128) {
            bArr4[i8] = (byte) bArr3.length;
        } else {
            i8++;
            bArr4[i8] = 33;
            bArr4[i8] = 0;
        }
        int i9 = i8 + 1;
        System.arraycopy(bArr3, 0, bArr4, i9, bArr3.length);
        int length2 = i9 + bArr3.length;
        int i10 = length2 + 1;
        bArr4[length2] = 2;
        if (bArr2.length != 32 || (bArr2[0] & 255) < 128) {
            bArr4[i10] = (byte) bArr2.length;
        } else {
            i10++;
            bArr4[i10] = 33;
            bArr4[i10] = 0;
        }
        int i11 = i10 + 1;
        System.arraycopy(bArr2, 0, bArr4, i11, bArr2.length);
        int length3 = i11 + bArr2.length;
        return bArr4;
    }

    public static boolean verifyPKCS7SignatureSM2(byte[] bArr, byte[] bArr2) throws Exception {
        ContentInfo contentInfo = ContentInfo.getInstance(bArr);
        contentInfo.getContentType();
        ASN1Encodable content = contentInfo.getContent();
        AlgorithmIdentifier find = new DefaultDigestAlgorithmIdentifierFinder().find("SM3");
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.156.10197.1.301.1"));
        SignedData signedData = SignedData.getInstance(content);
        ASN1Set certificates = signedData.getCertificates();
        find.equals(signedData.getDigestAlgorithms().getObjectAt(0));
        DLSequence dLSequence = (DLSequence) signedData.getSignerInfos().getObjectAt(0);
        DLSequence dLSequence2 = (DLSequence) dLSequence.getObjectAt(2);
        DLSequence dLSequence3 = (DLSequence) dLSequence.getObjectAt(3);
        DEROctetString dEROctetString = (DEROctetString) dLSequence.getObjectAt(4);
        algorithmIdentifier.equals(dLSequence3);
        find.equals(dLSequence2);
        DEROctetString dEROctetString2 = (DEROctetString) signedData.getEncapContentInfo().getContent();
        byte[] octets = dEROctetString.getOctets();
        System.out.println("***** signature: " + Util.byteToHex(octets) + "\n");
        byte[] rsVar = getrs(octets);
        System.out.println("***** signature: " + Util.byteToHex(rsVar) + "\n");
        byte[] encoded = ((DLSequence) certificates.getObjectAt(0)).getEncoded();
        return dEROctetString2 == null ? SM2Utils.VerifySinatureByCert(encoded, bArr2, rsVar) : SM2Utils.VerifySinatureByCert(encoded, dEROctetString2.getOctets(), rsVar);
    }

    CMSSignedDataGenerator genGenerator(Certificate[] certificateArr, byte[] bArr, AsymmetricKeyParameter asymmetricKeyParameter) throws Exception {
        Security.addProvider(new BouncyCastleProvider());
        ArrayList arrayList = new ArrayList();
        int length = certificateArr == null ? 0 : certificateArr.length;
        for (int i = 0; i < length; i++) {
            arrayList.add(certificateArr[i]);
        }
        JcaCertStore jcaCertStore = new JcaCertStore(arrayList);
        AlgorithmIdentifier find = new DefaultSignatureAlgorithmIdentifierFinder().find("SM3withSM2");
        ContentSigner build = new BcSM2ContentSignerBuilder(find, find).build(asymmetricKeyParameter);
        CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
        cMSSignedDataGenerator.addSignerInfoGenerator(new SignerInfoGeneratorBuilder(new BcDigestCalculatorProvider()).build(build, new X509CertificateHolder(bArr)));
        cMSSignedDataGenerator.addCertificates(jcaCertStore);
        return cMSSignedDataGenerator;
    }

    CMSSignedDataGenerator genGenerator(Certificate[] certificateArr, byte[] bArr, byte[] bArr2) throws Exception {
        return genGenerator(certificateArr, bArr, new ECPrivateKeyParameters(new BigInteger(1, bArr2), SM2.Instance().ecdp));
    }

    byte[] signPkcs7(byte[] bArr, CMSSignedDataGenerator cMSSignedDataGenerator) throws Exception {
        return cMSSignedDataGenerator.generate(new CMSProcessableByteArray(bArr), false).getEncoded();
    }

    public static void main(String[] strArr) throws Exception {
        new PKCS7Signer();
        byte[] generatePKCS7SignatureSM2 = generatePKCS7SignatureSM2(true, "1".getBytes(PayConstants.CHARSET_UTF_8), Util.hexToByte("308201B73082015EA00302010202021212300A06082A811CCF550183753034310B300906035504061302434E310B300906035504030C0241413118301606092A864886F70D010901160941414061612E636F6D301E170D3232303532363032323634335A170D3235303631303032323634335A3034310B300906035504061302434E310B300906035504030C0241413118301606092A864886F70D010901160941414061612E636F6D3059301306072A8648CE3D020106082A811CCF5501822D03420004B1392BA4C22535ACF42D2B029DA2A7CF0E6C7D7B7B498AA528D35004450CE0B2250C63516BF20FCDCC1671B37C4BBA02A330D2DCED4A5241E95F92494A123773A360305E300F0603551D130101FF040530030101FF301D0603551D0E041604146BAFBA6F30371CB22D0EEE69955944BA9BC02836301F0603551D230418301680146BAFBA6F30371CB22D0EEE69955944BA9BC02836300B0603551D0F0404030201FE300A06082A811CCF55018375034700304402201E8082A6F684E7349C26A1CFCBD54FB07D00175B6FC9F24C05BBECDF18E345A5022031D3F6141CCF0F29028BF08A432A2B1694B0794CC92690DC1ED1820A3620A763"), Util.hexToByte("1104B2C1C2D32C3AFEB001F42D0C2EBD0C4FF9C16FF77B85CD9D84027D72DDCE"));
        System.out.println("Signed Encoded Bytes: " + new String(Base64.encode(generatePKCS7SignatureSM2)));
        System.out.println("Signed Encoded Bytes: " + verifyPKCS7SignatureSM2(generatePKCS7SignatureSM2, "1".getBytes(PayConstants.CHARSET_UTF_8)));
        System.out.println("Signed Encoded Bytes: " + verifyPKCS7SignatureSM2(constructPKCS7SignatureSM2(getItemPKCS7SignatureSM2(generatePKCS7SignatureSM2, 1), getItemPKCS7SignatureSM2(generatePKCS7SignatureSM2, 2), getItemPKCS7SignatureSM2(generatePKCS7SignatureSM2, 3)), "1".getBytes(PayConstants.CHARSET_UTF_8)));
    }
}
