package CMS_samples;

import com.objsys.asn1j.runtime.Asn1BerDecodeBuffer;
import com.objsys.asn1j.runtime.Asn1BerEncodeBuffer;
import com.objsys.asn1j.runtime.Asn1ObjectIdentifier;
import com.objsys.asn1j.runtime.Asn1OctetString;
import com.objsys.asn1j.runtime.Asn1UTCTime;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import ru.CryptoPro.JCP.ASN.CertificateExtensions.GeneralName;
import ru.CryptoPro.JCP.ASN.CertificateExtensions.GeneralNames;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignerInfo;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.ALL_PKIX1Explicit88Values;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.AlgorithmIdentifier;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Attribute;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.CertHash;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.ESSCertIDv2;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.IssuerSerial;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.SigningCertificateV2;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Time;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88._SeqOfESSCertIDv2;
import ru.CryptoPro.JCP.JCP;
import ru.CryptoPro.JCP.params.OID;
import ru.CryptoPro.JCP.tools.Array;
import ru.CryptoPro.JCP.tools.CertReader.Extension;

/* loaded from: classes.dex */
public class CMSVerify {
    private static final String CMS_FILE = "cms_data_sgn";
    private static final String CMS_FILE_PATH = CMStools.TEST_PATH + CMStools.SEPAR + CMS_FILE + CMStools.CMS_EXT;
    private static StringBuffer out = new StringBuffer("");
    private static StringBuffer out1 = new StringBuffer("");

    private CMSVerify() {
    }

    public static void CMSVerify(byte[] bArr, Certificate[] certificateArr, byte[] bArr2) throws Exception {
        CMSVerifyEx(bArr, certificateArr, bArr2, "JCP");
    }

    /* JADX WARN: Removed duplicated region for block: B:53:0x01e2  */
    /* JADX WARN: Removed duplicated region for block: B:62:0x0224  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void CMSVerifyEx(byte[] r18, java.security.cert.Certificate[] r19, byte[] r20, java.lang.String r21) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 597
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: CMS_samples.CMSVerify.CMSVerifyEx(byte[], java.security.cert.Certificate[], byte[], java.lang.String):void");
    }

    public static void main(String[] strArr) throws Exception {
        CMSVerify(Array.readFile(CMS_FILE_PATH), new Certificate[]{CMStools.loadCertificate(CMStools.SIGN_KEY_NAME)}, null);
    }

    private static String validateSignatureAlgorithm(String str) {
        return (str.equalsIgnoreCase("GOST3411withGOST3410EL") || str.equalsIgnoreCase(JCP.GOST_DHEL_SIGN_NAME) || str.equalsIgnoreCase("GOST3411_2012_256withGOST3410_2012_256") || str.equalsIgnoreCase(JCP.GOST_SIGN_DH_2012_256_NAME) || str.equalsIgnoreCase("GOST3411_2012_512withGOST3410_2012_512") || str.equalsIgnoreCase(JCP.GOST_SIGN_DH_2012_512_NAME) || str.equalsIgnoreCase("1.2.643.2.2.3") || str.equalsIgnoreCase("1.2.643.7.1.1.3.2") || str.equalsIgnoreCase("1.2.643.7.1.1.3.3")) ? str : (str.equalsIgnoreCase("1.2.643.2.2.19") || str.equalsIgnoreCase("1.2.643.2.2.98") || str.equalsIgnoreCase("1.2.643.2.2.20")) ? "GOST3411withGOST3410EL" : (str.equalsIgnoreCase("1.2.643.7.1.1.1.1") || str.equalsIgnoreCase("1.2.643.7.1.1.6.1")) ? "GOST3411_2012_256withGOST3410_2012_256" : (str.equalsIgnoreCase("1.2.643.7.1.1.1.2") || str.equalsIgnoreCase("1.2.643.7.1.1.6.2")) ? "GOST3411_2012_512withGOST3410_2012_512" : str;
    }

    private static boolean verifyOnCert(X509Certificate x509Certificate, SignerInfo signerInfo, byte[] bArr, OID oid, boolean z, OID oid2, String str, String str2) throws Exception {
        byte[] msgCopy;
        byte[] bArr2 = signerInfo.signature.value;
        if (signerInfo.signedAttrs == null) {
            msgCopy = bArr;
        } else {
            Attribute[] attributeArr = signerInfo.signedAttrs.elements;
            Asn1ObjectIdentifier asn1ObjectIdentifier = new Asn1ObjectIdentifier(new OID(ALL_PKIX1Explicit88Values.id_aa_signingCertificateV2).value);
            Attribute attribute = null;
            Attribute attribute2 = null;
            for (int i = 0; i < attributeArr.length; i++) {
                if (attributeArr[i].type.equals(asn1ObjectIdentifier)) {
                    attribute2 = attributeArr[i];
                }
            }
            if (attribute2 != null) {
                _SeqOfESSCertIDv2 _seqofesscertidv2 = ((SigningCertificateV2) attribute2.values.elements[0]).certs;
                for (int i2 = 0; i2 < _seqofesscertidv2.elements.length; i2++) {
                    ESSCertIDv2 eSSCertIDv2 = _seqofesscertidv2.elements[i2];
                    CertHash certHash = eSSCertIDv2.certHash;
                    AlgorithmIdentifier algorithmIdentifier = eSSCertIDv2.hashAlgorithm;
                    eSSCertIDv2.issuerSerial.encode(new Asn1BerEncodeBuffer());
                    CertHash certHash2 = new CertHash(CMStools.digestm(x509Certificate.getEncoded(), new OID(algorithmIdentifier.algorithm.value).toString(), str2));
                    ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Certificate certificate = new ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Certificate();
                    certificate.decode(new Asn1BerDecodeBuffer(x509Certificate.getEncoded()));
                    IssuerSerial issuerSerial = new IssuerSerial(new GeneralNames(new GeneralName[]{new GeneralName((byte) 5, certificate.tbsCertificate.issuer)}), certificate.tbsCertificate.serialNumber);
                    Asn1BerEncodeBuffer asn1BerEncodeBuffer = new Asn1BerEncodeBuffer();
                    issuerSerial.encode(asn1BerEncodeBuffer);
                    if (!Arrays.equals(certHash2.value, certHash.value) || !Arrays.equals(asn1BerEncodeBuffer.getMsgCopy(), asn1BerEncodeBuffer.getMsgCopy())) {
                        System.out.println("Certificate stored in signing-certificateV2 is not equal to " + x509Certificate.getSubjectDN());
                        return false;
                    }
                }
            }
            Asn1ObjectIdentifier asn1ObjectIdentifier2 = new Asn1ObjectIdentifier(new OID(CMStools.STR_CMS_OID_CONT_TYP_ATTR).value);
            Attribute attribute3 = null;
            for (int i3 = 0; i3 < attributeArr.length; i3++) {
                if (attributeArr[i3].type.equals(asn1ObjectIdentifier2)) {
                    attribute3 = attributeArr[i3];
                }
            }
            if (attribute3 == null) {
                throw new Exception("content-type attribute not present");
            }
            if (!attribute3.values.elements[0].equals(new Asn1ObjectIdentifier(oid.value))) {
                throw new Exception("content-type attribute OID not equal eContentType OID");
            }
            Asn1ObjectIdentifier asn1ObjectIdentifier3 = new Asn1ObjectIdentifier(new OID(CMStools.STR_CMS_OID_DIGEST_ATTR).value);
            Attribute attribute4 = null;
            for (int i4 = 0; i4 < attributeArr.length; i4++) {
                if (attributeArr[i4].type.equals(asn1ObjectIdentifier3)) {
                    attribute4 = attributeArr[i4];
                }
            }
            if (attribute4 == null) {
                throw new Exception("message-digest attribute not present");
            }
            if (!Array.toHexString(CMStools.digestm(bArr, oid2.toString(), str2)).equals(Array.toHexString(((Asn1OctetString) attribute4.values.elements[0]).value))) {
                throw new Exception("message-digest attribute verify failed");
            }
            Asn1ObjectIdentifier asn1ObjectIdentifier4 = new Asn1ObjectIdentifier(new OID(CMStools.STR_CMS_OID_SIGN_TYM_ATTR).value);
            for (int i5 = 0; i5 < attributeArr.length; i5++) {
                if (attributeArr[i5].type.equals(asn1ObjectIdentifier4)) {
                    attribute = attributeArr[i5];
                }
            }
            if (attribute != null) {
                Asn1UTCTime asn1UTCTime = (Asn1UTCTime) ((Time) attribute.values.elements[0]).getElement();
                System.out.println("Signing Time: " + asn1UTCTime);
            }
            Asn1BerEncodeBuffer asn1BerEncodeBuffer2 = new Asn1BerEncodeBuffer();
            signerInfo.signedAttrs.needSortSignedAttributes = z;
            signerInfo.signedAttrs.encode(asn1BerEncodeBuffer2);
            msgCopy = asn1BerEncodeBuffer2.getMsgCopy();
        }
        Signature signature = str2 != null ? Signature.getInstance(str, str2) : Signature.getInstance(str);
        signature.initVerify(x509Certificate);
        signature.update(msgCopy);
        boolean verify = signature.verify(bArr2);
        return (verify || signerInfo.signedAttrs == null || !z) ? verify : verifyOnCert(x509Certificate, signerInfo, bArr, oid, false, oid2, str, str2);
    }

    private static void writeLog(boolean z, int i, int i2, X509Certificate x509Certificate) {
        if (z) {
            out.append("\n");
            out.append("sign[");
            out.append(i);
            out.append("] - Valid signature on cert[");
            out.append(i2);
            out.append("] (");
            out.append(x509Certificate.getSubjectX500Principal());
            out.append(Extension.C_BRAKE);
            return;
        }
        out1.append("\n");
        out1.append("sign[");
        out1.append(i);
        out1.append("] - Invalid signature on cert[");
        out1.append(i2);
        out1.append("] (");
        out1.append(x509Certificate.getSubjectX500Principal());
        out1.append(Extension.C_BRAKE);
    }
}
