package com.cfca.util.pki.pkcs;

import com.cfca.util.pki.PKIException;
import com.cfca.util.pki.Parser;
import com.cfca.util.pki.asn1.ASN1EncodableVector;
import com.cfca.util.pki.asn1.ASN1InputStream;
import com.cfca.util.pki.asn1.ASN1Sequence;
import com.cfca.util.pki.asn1.BERSet;
import com.cfca.util.pki.asn1.DERInteger;
import com.cfca.util.pki.asn1.DERObjectIdentifier;
import com.cfca.util.pki.asn1.DEROctetString;
import com.cfca.util.pki.asn1.DERSet;
import com.cfca.util.pki.asn1.pkcs.PKCSObjectIdentifiers;
import com.cfca.util.pki.asn1.pkcs.pkcs12.Pfx;
import com.cfca.util.pki.asn1.pkcs.pkcs7.ContentInfo;
import com.cfca.util.pki.asn1.pkcs.pkcs7.EncryptedContentInfo;
import com.cfca.util.pki.asn1.pkcs.pkcs7.IssuerAndSerialNumber;
import com.cfca.util.pki.asn1.pkcs.pkcs7.RecipientInfo;
import com.cfca.util.pki.asn1.pkcs.pkcs7.SignedAndEnvelopedData;
import com.cfca.util.pki.asn1.pkcs.pkcs7.SignerInfo;
import com.cfca.util.pki.asn1.x509.AlgorithmIdentifier;
import com.cfca.util.pki.asn1.x509.X509Name;
import com.cfca.util.pki.cert.X509Cert;
import com.cfca.util.pki.cipher.JCrypto;
import com.cfca.util.pki.cipher.JKey;
import com.cfca.util.pki.cipher.Mechanism;
import com.cfca.util.pki.cipher.Session;
import com.cfca.util.pki.cipher.lib.JSoftLib;
import com.cfca.util.pki.cipher.param.CBCParam;
import com.cfca.util.pki.encoders.Base64;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;

/* loaded from: input_file:com/cfca/util/pki/pkcs/PKCS7SignEnvData.class */
public class PKCS7SignEnvData {
    private Session session;
    private PKCS7EncryptedData encryptedData;
    private Mechanism contentEncryptMechanism = null;
    private SignedAndEnvelopedData signedAndEnvelopedData = null;

    public PKCS7SignEnvData(Session session) {
        this.session = null;
        this.encryptedData = null;
        this.session = session;
        this.encryptedData = new PKCS7EncryptedData(session);
    }

    public byte[] generateSigAndEnvelop(String str, byte[] bArr, Mechanism mechanism, X509Cert x509Cert, Pfx pfx, char[] cArr) throws PKIException {
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(pfx);
        pkcs12.decrypt(cArr);
        return generateSigAndEnvelop(str, bArr, mechanism, x509Cert, pkcs12.getCertificate(), pkcs12.getPrivateKey());
    }

    public byte[] generateSigAndEnvelop(String str, byte[] bArr, Mechanism mechanism, X509Cert x509Cert, X509Cert x509Cert2, JKey jKey) throws PKIException {
        JKey generateKey;
        if (x509Cert == null) {
            throw new PKIException(PKIException.NULL_P7_SIGNANDENVELOP_CERT_ERR, PKIException.NULL_P7_SIGNANDENVELOP_CERT_ERR_DES);
        }
        if (x509Cert2 == null) {
            throw new PKIException(PKIException.NULL_P7_SIGNANDENVELOP_CERT_ERR, PKIException.NULL_P7_SIGNANDENVELOP_CERT_ERR_DES);
        }
        this.contentEncryptMechanism = mechanism;
        String mechanismType = mechanism.getMechanismType();
        if (mechanismType.toUpperCase().indexOf("DESEDE") != -1) {
            generateKey = this.session.generateKey(new Mechanism("DESede"), 192);
        } else if (mechanismType.toUpperCase().indexOf("DES") != -1) {
            generateKey = this.session.generateKey(new Mechanism("DES"), 64);
        } else {
            if (mechanismType.toUpperCase().indexOf("RC4") == -1) {
                throw new PKIException(PKIException.UNSUPPORT_ENCRYPT_ALG_SIGNANDENVELOP_ERR, PKIException.UNSUPPORT_ENCRYPT_ALG_SIGNANDENVELOP_ERR_DES);
            }
            generateKey = this.session instanceof JSoftLib ? this.session.generateKey(new Mechanism("RC4"), 128) : this.session.generateKey(new Mechanism("RC4_KEY"), 128);
        }
        EncryptedContentInfo generateEncryptedContentInfo = this.encryptedData.generateEncryptedContentInfo(str, mechanism, bArr, generateKey);
        RecipientInfo generateRecipientInfo = generateRecipientInfo(new IssuerAndSerialNumber(new X509Name(x509Cert.getIssuer()), x509Cert.getSerialNumber()), new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption), generateKey.getKey(), x509Cert.getPublicKey());
        SignerInfo generateSignerInfo = generateSignerInfo(bArr, new IssuerAndSerialNumber(new X509Name(x509Cert2.getIssuer()), x509Cert2.getSerialNumber()), new Mechanism("SHA1withRSAEncryption"), mechanism, jKey, generateKey);
        DERInteger dERInteger = new DERInteger(1);
        DERSet dERSet = new DERSet(generateRecipientInfo.getDERObject());
        DERSet dERSet2 = new DERSet(new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1).getDERObject());
        DERSet dERSet3 = new DERSet(generateSignerInfo.getDERObject());
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(x509Cert2.getCertStructure());
        return Parser.writeDERObj2Bytes(new SignedAndEnvelopedData(dERInteger, dERSet, dERSet2, generateEncryptedContentInfo, new BERSet(aSN1EncodableVector), null, dERSet3));
    }

    public byte[] generateSigAndEnvelopExtendC(String str, byte[] bArr, Mechanism mechanism, X509Cert x509Cert, Pfx pfx, char[] cArr) throws PKIException {
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(pfx);
        pkcs12.decrypt(cArr);
        return generateSigAndEnvelopExtendC(str, bArr, mechanism, x509Cert, pkcs12.getCertificate(), pkcs12.getPrivateKey());
    }

    public byte[] generateSigAndEnvelopExtendC(String str, byte[] bArr, Mechanism mechanism, X509Cert x509Cert, X509Cert x509Cert2, JKey jKey) throws PKIException {
        JKey generateKey;
        if (x509Cert == null) {
            throw new PKIException(PKIException.NULL_P7_SIGNANDENVELOP_CERT_ERR, PKIException.NULL_P7_SIGNANDENVELOP_CERT_ERR_DES);
        }
        if (x509Cert2 == null) {
            throw new PKIException(PKIException.NULL_P7_SIGNANDENVELOP_CERT_ERR, PKIException.NULL_P7_SIGNANDENVELOP_CERT_ERR_DES);
        }
        this.contentEncryptMechanism = mechanism;
        String mechanismType = mechanism.getMechanismType();
        if (mechanismType.toUpperCase().indexOf("DESEDE") != -1) {
            generateKey = this.session.generateKey(new Mechanism("DESede"), 192);
        } else if (mechanismType.toUpperCase().indexOf("DES") != -1) {
            generateKey = this.session.generateKey(new Mechanism("DES"), 64);
        } else {
            if (mechanismType.toUpperCase().indexOf("RC4") == -1) {
                throw new PKIException(PKIException.UNSUPPORT_ENCRYPT_ALG_SIGNANDENVELOP_ERR, PKIException.UNSUPPORT_ENCRYPT_ALG_SIGNANDENVELOP_ERR_DES);
            }
            generateKey = this.session instanceof JSoftLib ? this.session.generateKey(new Mechanism("RC4"), 128) : this.session.generateKey(new Mechanism("RC4_KEY"), 128);
        }
        EncryptedContentInfo generateEncryptedContentInfo = this.encryptedData.generateEncryptedContentInfo(str, mechanism, bArr, generateKey);
        RecipientInfo generateRecipientInfo = generateRecipientInfo(new IssuerAndSerialNumber(new X509Name(x509Cert.getIssuer()), x509Cert.getSerialNumber()), new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption), generateKey.getKey(), x509Cert.getPublicKey());
        SignerInfo generateSignerInfoExtendC = generateSignerInfoExtendC(bArr, new IssuerAndSerialNumber(new X509Name(x509Cert2.getIssuer()), x509Cert2.getSerialNumber()), new Mechanism("SHA1withRSAEncryption"), mechanism, jKey, generateKey);
        DERInteger dERInteger = new DERInteger(1);
        DERSet dERSet = new DERSet(generateRecipientInfo.getDERObject());
        DERSet dERSet2 = new DERSet(new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1).getDERObject());
        DERSet dERSet3 = new DERSet(generateSignerInfoExtendC.getDERObject());
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(x509Cert2.getCertStructure());
        return Parser.writeDERObj2Bytes(new SignedAndEnvelopedData(dERInteger, dERSet, dERSet2, generateEncryptedContentInfo, new BERSet(aSN1EncodableVector), null, dERSet3));
    }

    public byte[] generateSignedAndEnvelopedDataContent(byte[] bArr) throws PKIException {
        return Parser.writeDERObj2Bytes(new ContentInfo(PKCSObjectIdentifiers.signedAndEnvelopedData, SignedAndEnvelopedData.getInstance(Parser.writeBytes2DERObj(bArr))));
    }

    public byte[] getSignEnvDataFromContentInfo(byte[] bArr) throws PKIException {
        ContentInfo contentInfo = ContentInfo.getInstance(Parser.writeBytes2DERObj(bArr));
        if (contentInfo.getContentType().equals(PKCSObjectIdentifiers.signedAndEnvelopedData)) {
            return Parser.writeDERObj2Bytes(SignedAndEnvelopedData.getInstance(contentInfo.getContent()));
        }
        throw new PKIException(PKIException.NOT_SIGN_ENV_DATA_TYPE_ERR, PKIException.NOT_SIGN_ENV_DATA_TYPE_ERR_DES);
    }

    private RecipientInfo generateRecipientInfo(IssuerAndSerialNumber issuerAndSerialNumber, AlgorithmIdentifier algorithmIdentifier, byte[] bArr, JKey jKey) throws PKIException {
        return new RecipientInfo(new DERInteger(0), issuerAndSerialNumber, algorithmIdentifier, new DEROctetString(this.session.encrypt(new Mechanism(Mechanism.RSA_PKCS), jKey, bArr)));
    }

    private SignerInfo generateSignerInfo(byte[] bArr, IssuerAndSerialNumber issuerAndSerialNumber, Mechanism mechanism, Mechanism mechanism2, JKey jKey, JKey jKey2) throws PKIException {
        byte[] doublyEncryption = doublyEncryption(this.session.sign(mechanism, jKey, bArr), mechanism2, jKey2);
        DERInteger dERInteger = new DERInteger(1);
        DEROctetString dEROctetString = new DEROctetString(doublyEncryption);
        if (issuerAndSerialNumber == null) {
            throw new PKIException(PKIException.FAIL_P7_SIGNANDENVELOP_GENERATE_ERR, PKIException.FAIL_P7_SIGNANDENVELOP_GENERATE_ERR_DES);
        }
        DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) PKCS7EnvelopedData.MECH_OID.get(this.contentEncryptMechanism.getMechanismType());
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(dERObjectIdentifier);
        Object param = mechanism2.getParam();
        if (param != null) {
            algorithmIdentifier = new AlgorithmIdentifier(dERObjectIdentifier, new DEROctetString(((CBCParam) param).getIv()));
        }
        return new SignerInfo(dERInteger, issuerAndSerialNumber, new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1), null, algorithmIdentifier, dEROctetString, null);
    }

    private SignerInfo generateSignerInfoExtendC(byte[] bArr, IssuerAndSerialNumber issuerAndSerialNumber, Mechanism mechanism, Mechanism mechanism2, JKey jKey, JKey jKey2) throws PKIException {
        byte[] sign = this.session.sign(mechanism, jKey, doublyEncryption(bArr, mechanism2, jKey2));
        DERInteger dERInteger = new DERInteger(1);
        DEROctetString dEROctetString = new DEROctetString(sign);
        if (issuerAndSerialNumber == null) {
            throw new PKIException(PKIException.FAIL_P7_SIGNANDENVELOP_GENERATE_ERR, PKIException.FAIL_P7_SIGNANDENVELOP_GENERATE_ERR_DES);
        }
        DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) PKCS7EnvelopedData.MECH_OID.get(this.contentEncryptMechanism.getMechanismType());
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(dERObjectIdentifier);
        Object param = mechanism2.getParam();
        if (param != null) {
            algorithmIdentifier = new AlgorithmIdentifier(dERObjectIdentifier, new DEROctetString(((CBCParam) param).getIv()));
        }
        return new SignerInfo(dERInteger, issuerAndSerialNumber, new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1), null, algorithmIdentifier, dEROctetString, null);
    }

    private byte[] doublyEncryption(byte[] bArr, Mechanism mechanism, JKey jKey) throws PKIException {
        return this.session.encrypt(mechanism, jKey, bArr);
    }

    public void load(byte[] bArr) throws PKIException {
        if (Parser.isBase64Encode(bArr)) {
            bArr = Base64.decode(Parser.convertBase64(bArr));
        }
        load(new ByteArrayInputStream(bArr));
    }

    public void load(InputStream inputStream) throws PKIException {
        ASN1InputStream aSN1InputStream = new ASN1InputStream(inputStream);
        try {
            SignedAndEnvelopedData signedAndEnvelopedData = SignedAndEnvelopedData.getInstance(ContentInfo.getInstance((ASN1Sequence) aSN1InputStream.readObject()).getContent());
            inputStream.close();
            aSN1InputStream.close();
            this.signedAndEnvelopedData = signedAndEnvelopedData;
        } catch (Exception e) {
            throw new PKIException(PKIException.FAIL_P7_SIGNANDENVELOP_PARSE_ERR, PKIException.FAIL_P7_SIGNANDENVELOP_PARSE_ERR_DES, e);
        }
    }

    public void load(SignedAndEnvelopedData signedAndEnvelopedData) throws PKIException {
        this.signedAndEnvelopedData = signedAndEnvelopedData;
    }

    public void load(String str) throws PKIException {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            byte[] bArr = new byte[fileInputStream.available()];
            fileInputStream.read(bArr);
            fileInputStream.close();
            load(bArr);
        } catch (Exception e) {
            throw new PKIException(PKIException.FAIL_P7_SIGNANDENVELOP_PARSE_ERR, PKIException.FAIL_P7_SIGNANDENVELOP_PARSE_ERR_DES, e);
        }
    }

    public byte[] getContent(Pfx pfx, char[] cArr, X509Cert x509Cert) throws PKIException {
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(pfx);
        pkcs12.decrypt(cArr);
        return getContent(pkcs12.getCertificate(), pkcs12.getPrivateKey(), x509Cert);
    }

    public byte[] getContent(X509Cert x509Cert, JKey jKey, X509Cert x509Cert2) throws PKIException {
        if (this.signedAndEnvelopedData == null) {
            throw new PKIException(PKIException.NULL_P7_SIGNANDENVELOP_DATA_ERR, PKIException.NULL_P7_SIGNANDENVELOP_DATA_ERR_DES);
        }
        if (x509Cert2 == null) {
            throw new PKIException(PKIException.NULL_P7_SIGNANDENVELOP_CERT_ERR, PKIException.NULL_P7_SIGNANDENVELOP_CERT_PARSER_ERR_DES);
        }
        if (x509Cert == null) {
            throw new PKIException(PKIException.NULL_P7_SIGNANDENVELOP_CERT_ERR, PKIException.NULL_P7_SIGNANDENVELOP_CERT_PARSER_ERR_DES);
        }
        EncryptedContentInfo encryptedContentInfo = this.signedAndEnvelopedData.getEncryptedContentInfo();
        RecipientInfo recipientInfo = RecipientInfo.getInstance(this.signedAndEnvelopedData.getRecipientInfos().getObjectAt(0));
        SignerInfo signerInfo = SignerInfo.getInstance(this.signedAndEnvelopedData.getSignerInfos().getObjectAt(0));
        if (!new IssuerAndSerialNumber(new X509Name(x509Cert.getIssuer()), x509Cert.getSerialNumber()).equals(recipientInfo.getIssuerAndSerialNumber())) {
            throw new PKIException(PKIException.SIGNEDANDENVELOP_CERTIFICATE_NOT_MATCH_ERR, PKIException.SIGNEDANDENVELOP_CERTIFICATE_NOT_MATCH_ERR_DES);
        }
        byte[] decrypt = this.session.decrypt(new Mechanism(Mechanism.RSA_PKCS), jKey, recipientInfo.getEncryptedKey().getOctets());
        AlgorithmIdentifier contentEncryptionAlgorithm = encryptedContentInfo.getContentEncryptionAlgorithm();
        DERObjectIdentifier objectId = contentEncryptionAlgorithm.getObjectId();
        byte[] octets = encryptedContentInfo.getEncryptedContent().getOctets();
        JKey jKey2 = null;
        Mechanism mechanism = null;
        String str = (String) PKCS7EnvelopedData.OID_MECH.get(objectId);
        if (str.indexOf("CBC") != -1) {
            DEROctetString dEROctetString = (DEROctetString) contentEncryptionAlgorithm.getParameters();
            CBCParam cBCParam = new CBCParam();
            cBCParam.setIv(dEROctetString.getOctets());
            if (str.equals(Mechanism.DES_CBC)) {
                mechanism = new Mechanism(Mechanism.DES_CBC, cBCParam);
                jKey2 = new JKey("DES", decrypt);
            } else if (str.equals(Mechanism.DES3_CBC)) {
                mechanism = new Mechanism(Mechanism.DES3_CBC, cBCParam);
                jKey2 = new JKey("DESede", decrypt);
            }
        } else {
            if (str.indexOf("ECB") == -1) {
                throw new PKIException(PKIException.UNSUPPORT_ENCRYPT_ALG_SIGNANDENVELOP_ERR, PKIException.UNSUPPORT_ENCRYPT_ALG_SIGNANDENVELOP_PARSER_ERR_DES);
            }
            if (str.equals(Mechanism.DES_ECB)) {
                mechanism = new Mechanism(Mechanism.DES_ECB);
                jKey2 = new JKey("DES", decrypt);
            } else if (str.equals(Mechanism.DES3_ECB)) {
                mechanism = new Mechanism(Mechanism.DES3_ECB);
                jKey2 = new JKey("DESede", decrypt);
            }
        }
        byte[] decrypt2 = this.session.decrypt(mechanism, jKey2, octets);
        byte[] decrypt3 = this.session.decrypt(mechanism, jKey2, signerInfo.getEncryptedDigest().getOctets());
        if (!new IssuerAndSerialNumber(new X509Name(x509Cert2.getIssuer()), x509Cert2.getSerialNumber()).equals(signerInfo.getIssuerAndSerialNumber())) {
            throw new PKIException(PKIException.FAIL_P7_SIGNANDENVELOP_PARSE_ERR, PKIException.FAIL_P7_SIGNANDENVELOP_PARSE_ERR_DES);
        }
        if (!signerInfo.getDigestAlgorithm().getObjectId().equals(PKCSObjectIdentifiers.sha1)) {
            throw new PKIException(PKIException.UNSUPPORT_ENCRYPT_ALG_SIGNANDENVELOP_ERR, PKIException.UNSUPPORT_ENCRYPT_ALG_SIGNANDENVELOP_PARSER_ERR_DES);
        }
        if (this.session.verifySign(new Mechanism("SHA1withRSAEncryption"), x509Cert2.getPublicKey(), decrypt2, decrypt3)) {
            return decrypt2;
        }
        throw new PKIException(PKIException.FAIL_P7_SIGNANDENVELOP_PARSE_ERR, PKIException.FAIL_P7_SIGNANDENVELOP_PARSE_ERR_DES);
    }

    public byte[] getContentExtendC(X509Cert x509Cert, JKey jKey, X509Cert x509Cert2) throws PKIException {
        if (this.signedAndEnvelopedData == null) {
            throw new PKIException(PKIException.NULL_P7_SIGNANDENVELOP_DATA_ERR, PKIException.NULL_P7_SIGNANDENVELOP_DATA_ERR_DES);
        }
        if (x509Cert2 == null) {
            throw new PKIException(PKIException.NULL_P7_SIGNANDENVELOP_CERT_ERR, PKIException.NULL_P7_SIGNANDENVELOP_CERT_PARSER_ERR_DES);
        }
        if (x509Cert == null) {
            throw new PKIException(PKIException.NULL_P7_SIGNANDENVELOP_CERT_ERR, PKIException.NULL_P7_SIGNANDENVELOP_CERT_PARSER_ERR_DES);
        }
        EncryptedContentInfo encryptedContentInfo = this.signedAndEnvelopedData.getEncryptedContentInfo();
        RecipientInfo recipientInfo = RecipientInfo.getInstance(this.signedAndEnvelopedData.getRecipientInfos().getObjectAt(0));
        SignerInfo signerInfo = SignerInfo.getInstance(this.signedAndEnvelopedData.getSignerInfos().getObjectAt(0));
        if (!new IssuerAndSerialNumber(new X509Name(x509Cert.getIssuer()), x509Cert.getSerialNumber()).equals(recipientInfo.getIssuerAndSerialNumber())) {
            throw new PKIException(PKIException.FAIL_P7_SIGNANDENVELOP_PARSE_ERR, PKIException.FAIL_P7_SIGNANDENVELOP_PARSE_ERR_DES);
        }
        byte[] decrypt = this.session.decrypt(new Mechanism(Mechanism.RSA_PKCS), jKey, recipientInfo.getEncryptedKey().getOctets());
        AlgorithmIdentifier contentEncryptionAlgorithm = encryptedContentInfo.getContentEncryptionAlgorithm();
        DERObjectIdentifier objectId = contentEncryptionAlgorithm.getObjectId();
        byte[] octets = encryptedContentInfo.getEncryptedContent().getOctets();
        JKey jKey2 = null;
        Mechanism mechanism = null;
        String str = (String) PKCS7EnvelopedData.OID_MECH.get(objectId);
        if (str.indexOf("CBC") != -1) {
            DEROctetString dEROctetString = (DEROctetString) contentEncryptionAlgorithm.getParameters();
            CBCParam cBCParam = new CBCParam();
            cBCParam.setIv(dEROctetString.getOctets());
            if (str.equals(Mechanism.DES_CBC)) {
                mechanism = new Mechanism(Mechanism.DES_CBC, cBCParam);
                jKey2 = new JKey("DES", decrypt);
            } else if (str.equals(Mechanism.DES3_CBC)) {
                mechanism = new Mechanism(Mechanism.DES3_CBC, cBCParam);
                jKey2 = new JKey("DESede", decrypt);
            }
        } else {
            if (str.indexOf("ECB") == -1) {
                throw new PKIException(PKIException.UNSUPPORT_ENCRYPT_ALG_SIGNANDENVELOP_ERR, PKIException.UNSUPPORT_ENCRYPT_ALG_SIGNANDENVELOP_PARSER_ERR_DES);
            }
            if (str.equals(Mechanism.DES_ECB)) {
                mechanism = new Mechanism(Mechanism.DES_ECB);
                jKey2 = new JKey("DES", decrypt);
            } else if (str.equals(Mechanism.DES3_ECB)) {
                mechanism = new Mechanism(Mechanism.DES3_ECB);
                jKey2 = new JKey("DESede", decrypt);
            }
        }
        byte[] decrypt2 = this.session.decrypt(mechanism, jKey2, octets);
        byte[] encrypt = this.session.encrypt(mechanism, jKey2, decrypt2);
        if (!new IssuerAndSerialNumber(new X509Name(x509Cert2.getIssuer()), x509Cert2.getSerialNumber()).equals(signerInfo.getIssuerAndSerialNumber())) {
            throw new PKIException(PKIException.FAIL_P7_SIGNANDENVELOP_PARSE_ERR, PKIException.FAIL_P7_SIGNANDENVELOP_PARSE_ERR_DES);
        }
        if (!signerInfo.getDigestAlgorithm().getObjectId().equals(PKCSObjectIdentifiers.sha1)) {
            throw new PKIException(PKIException.UNSUPPORT_ENCRYPT_ALG_SIGNANDENVELOP_ERR, PKIException.UNSUPPORT_ENCRYPT_ALG_SIGNANDENVELOP_PARSER_ERR_DES);
        }
        if (this.session.verifySign(new Mechanism("SHA1withRSAEncryption"), x509Cert2.getPublicKey(), encrypt, signerInfo.getEncryptedDigest().getOctets())) {
            return decrypt2;
        }
        throw new PKIException(PKIException.FAIL_P7_SIGNANDENVELOP_PARSE_ERR, PKIException.FAIL_P7_SIGNANDENVELOP_PARSE_ERR_DES);
    }

    public byte[] getContentExtendC(Pfx pfx, char[] cArr, X509Cert x509Cert) throws PKIException {
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(pfx);
        pkcs12.decrypt(cArr);
        return getContentExtendC(pkcs12.getCertificate(), pkcs12.getPrivateKey(), x509Cert);
    }

    public static void main(String[] strArr) {
        JCrypto jCrypto = JCrypto.getInstance();
        try {
            jCrypto.initialize(JCrypto.JSOFT_LIB, null);
            Session openSession = jCrypto.openSession(JCrypto.JSOFT_LIB);
            Mechanism mechanism = new Mechanism(Mechanism.DES_ECB);
            PKCS7SignEnvData pKCS7SignEnvData = new PKCS7SignEnvData(openSession);
            X509Cert x509Cert = new X509Cert(new FileInputStream("C:/asp.cer"));
            PKCS12 pkcs12 = new PKCS12();
            pkcs12.load("C:/ccb.pfx");
            pkcs12.decrypt("111".toCharArray());
            byte[] generateSignedAndEnvelopedDataContent = pKCS7SignEnvData.generateSignedAndEnvelopedDataContent(pKCS7SignEnvData.generateSigAndEnvelop(PKCS7SignedData.DATA, "abcd".getBytes(), mechanism, x509Cert, pkcs12.getPfx(), "111".toCharArray()));
            FileOutputStream fileOutputStream = new FileOutputStream("C:/SigAndEnvelopedData");
            fileOutputStream.write(generateSignedAndEnvelopedDataContent);
            fileOutputStream.close();
            PKCS12 pkcs122 = new PKCS12();
            pkcs122.load("C:/asp.pfx");
            pkcs122.decrypt("111".toCharArray());
            Pfx pfx = pkcs122.getPfx();
            X509Cert x509Cert2 = new X509Cert(new FileInputStream("C:/ccb.cer"));
            pKCS7SignEnvData.load("C:/SigAndEnvelopedData");
            byte[] content = pKCS7SignEnvData.getContent(pfx, "111".toCharArray(), x509Cert2);
            FileOutputStream fileOutputStream2 = new FileOutputStream("C:/SignAndEncSourceData");
            System.out.println("OK!");
            fileOutputStream2.write(content);
            fileOutputStream2.close();
        } catch (Exception e) {
            System.out.println(e.toString());
        }
    }
}
