package CMS_samples;

import com.objsys.asn1j.runtime.Asn1BerDecodeBuffer;
import com.objsys.asn1j.runtime.Asn1BerEncodeBuffer;
import com.objsys.asn1j.runtime.Asn1Null;
import com.objsys.asn1j.runtime.Asn1ObjectIdentifier;
import com.objsys.asn1j.runtime.Asn1OctetString;
import com.objsys.asn1j.runtime.Asn1UTCTime;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import ru.CryptoPro.JCP.ASN.CertificateExtensions.GeneralName;
import ru.CryptoPro.JCP.ASN.CertificateExtensions.GeneralNames;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.CMSVersion;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.CertificateChoices;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.CertificateSet;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.ContentInfo;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.DigestAlgorithmIdentifier;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.DigestAlgorithmIdentifiers;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.EncapsulatedContentInfo;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.IssuerAndSerialNumber;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignatureAlgorithmIdentifier;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignatureValue;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignedAttributes;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignedData;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignerIdentifier;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignerInfo;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignerInfos;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.ALL_PKIX1Explicit88Values;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Attribute;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Attribute_values;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.CertHash;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.CertificateSerialNumber;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.ESSCertIDv2;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.IssuerSerial;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Name;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.SigningCertificateV2;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Time;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88._SeqOfESSCertIDv2;
import ru.CryptoPro.JCP.params.OID;
import ru.CryptoPro.JCP.tools.AlgorithmUtility;
import ru.CryptoPro.JCP.tools.Array;

/* loaded from: classes.dex */
public class CMSSign {
    private static final boolean CAdES_BES_SIGN = true;
    private static final boolean LOW_SIGN = true;
    private static final boolean SF_SIGN = true;
    private static final String CMS_FILE_LOW = "cms_data_low_sgn";
    private static final String CMS_FILE_LOW_PATH = CMStools.TEST_PATH + CMStools.SEPAR + CMS_FILE_LOW + CMStools.CMS_EXT;
    private static final String CMS_FILE_SF = "cms_data_sf_sgn";
    private static final String CMS_FILE_SF_PATH = CMStools.TEST_PATH + CMStools.SEPAR + CMS_FILE_SF + CMStools.CMS_EXT;
    private static final String CMS_FILE_CAdES_BES = "cms_data_cades_bes_sgn";
    private static final String CMS_FILE_CAdES_BES_PATH = CMStools.TEST_PATH + CMStools.SEPAR + CMS_FILE_CAdES_BES + CMStools.CMS_EXT;

    private CMSSign() {
    }

    public static byte[] createCMS(byte[] bArr, PrivateKey[] privateKeyArr, Certificate[] certificateArr, String str, boolean z) throws Exception {
        return createCMSEx(bArr, privateKeyArr, certificateArr, str, z, "JCP");
    }

    public static byte[] createCMSEx(byte[] bArr, PrivateKey[] privateKeyArr, Certificate[] certificateArr, String str, boolean z, String str2) throws Exception {
        String algorithm = privateKeyArr[0].getAlgorithm();
        String keyAlgToDigestOid = AlgorithmUtility.keyAlgToDigestOid(algorithm);
        String keyAlgToKeyAlgorithmOid = AlgorithmUtility.keyAlgToKeyAlgorithmOid(algorithm);
        String keyAlgToSignatureOid = AlgorithmUtility.keyAlgToSignatureOid(algorithm);
        ContentInfo contentInfo = new ContentInfo();
        contentInfo.contentType = new Asn1ObjectIdentifier(new OID(CMStools.STR_CMS_OID_SIGNED).value);
        SignedData signedData = new SignedData();
        contentInfo.content = signedData;
        long j = 1;
        signedData.version = new CMSVersion(1L);
        signedData.digestAlgorithms = new DigestAlgorithmIdentifiers(1);
        DigestAlgorithmIdentifier digestAlgorithmIdentifier = new DigestAlgorithmIdentifier(new OID(keyAlgToDigestOid).value);
        digestAlgorithmIdentifier.parameters = new Asn1Null();
        signedData.digestAlgorithms.elements[0] = digestAlgorithmIdentifier;
        if (z) {
            signedData.encapContentInfo = new EncapsulatedContentInfo(new Asn1ObjectIdentifier(new OID(CMStools.STR_CMS_OID_DATA).value), (Asn1OctetString) null);
        } else {
            signedData.encapContentInfo = new EncapsulatedContentInfo(new Asn1ObjectIdentifier(new OID(CMStools.STR_CMS_OID_DATA).value), new Asn1OctetString(bArr));
        }
        int length = certificateArr.length;
        signedData.certificates = new CertificateSet(length);
        signedData.certificates.elements = new CertificateChoices[length];
        for (int i = 0; i < signedData.certificates.elements.length; i++) {
            ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Certificate certificate = new ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Certificate();
            certificate.decode(new Asn1BerDecodeBuffer(certificateArr[i].getEncoded()));
            signedData.certificates.elements[i] = new CertificateChoices();
            signedData.certificates.elements[i].set_certificate(certificate);
        }
        Signature signature = Signature.getInstance(keyAlgToSignatureOid, str2);
        signedData.signerInfos = new SignerInfos(privateKeyArr.length);
        int i2 = 0;
        while (i2 < signedData.signerInfos.elements.length) {
            signature.initSign(privateKeyArr[i2]);
            signature.update(bArr);
            byte[] sign = signature.sign();
            signedData.signerInfos.elements[i2] = new SignerInfo();
            signedData.signerInfos.elements[i2].version = new CMSVersion(j);
            signedData.signerInfos.elements[i2].sid = new SignerIdentifier();
            Asn1BerDecodeBuffer asn1BerDecodeBuffer = new Asn1BerDecodeBuffer(((X509Certificate) certificateArr[i2]).getIssuerX500Principal().getEncoded());
            Name name = new Name();
            name.decode(asn1BerDecodeBuffer);
            signedData.signerInfos.elements[i2].sid.set_issuerAndSerialNumber(new IssuerAndSerialNumber(name, new CertificateSerialNumber(((X509Certificate) certificateArr[i2]).getSerialNumber())));
            signedData.signerInfos.elements[i2].digestAlgorithm = new DigestAlgorithmIdentifier(new OID(keyAlgToDigestOid).value);
            signedData.signerInfos.elements[i2].digestAlgorithm.parameters = new Asn1Null();
            signedData.signerInfos.elements[i2].signatureAlgorithm = new SignatureAlgorithmIdentifier(new OID(keyAlgToKeyAlgorithmOid).value);
            signedData.signerInfos.elements[i2].signatureAlgorithm.parameters = new Asn1Null();
            signedData.signerInfos.elements[i2].signature = new SignatureValue(sign);
            i2++;
            j = 1;
        }
        Asn1BerEncodeBuffer asn1BerEncodeBuffer = new Asn1BerEncodeBuffer();
        contentInfo.encode(asn1BerEncodeBuffer, true);
        if (str != null) {
            Array.writeFile(str, asn1BerEncodeBuffer.getMsgCopy());
        }
        return asn1BerEncodeBuffer.getMsgCopy();
    }

    public static byte[] createHashCMS(byte[] bArr, PrivateKey[] privateKeyArr, Certificate[] certificateArr, String str, boolean z) throws Exception {
        return createHashCMSEx(bArr, false, privateKeyArr, certificateArr, str, z, false);
    }

    public static byte[] createHashCMSEx(byte[] bArr, boolean z, PrivateKey[] privateKeyArr, Certificate[] certificateArr, String str, boolean z2, boolean z3) throws Exception {
        return createHashCMSEx(bArr, z, privateKeyArr, certificateArr, str, z2, z3, "JCP");
    }

    public static byte[] createHashCMSEx(byte[] bArr, boolean z, PrivateKey[] privateKeyArr, Certificate[] certificateArr, String str, boolean z2, boolean z3, String str2) throws Exception {
        String algorithm = privateKeyArr[0].getAlgorithm();
        String keyAlgToDigestOid = AlgorithmUtility.keyAlgToDigestOid(algorithm);
        String keyAlgToKeyAlgorithmOid = AlgorithmUtility.keyAlgToKeyAlgorithmOid(algorithm);
        String keyAlgToSignatureOid = AlgorithmUtility.keyAlgToSignatureOid(algorithm);
        ContentInfo contentInfo = new ContentInfo();
        contentInfo.contentType = new Asn1ObjectIdentifier(new OID(CMStools.STR_CMS_OID_SIGNED).value);
        SignedData signedData = new SignedData();
        contentInfo.content = signedData;
        signedData.version = new CMSVersion(1L);
        signedData.digestAlgorithms = new DigestAlgorithmIdentifiers(1);
        DigestAlgorithmIdentifier digestAlgorithmIdentifier = new DigestAlgorithmIdentifier(new OID(keyAlgToDigestOid).value);
        digestAlgorithmIdentifier.parameters = new Asn1Null();
        signedData.digestAlgorithms.elements[0] = digestAlgorithmIdentifier;
        if (z && !z2) {
            throw new Exception("Signature is attached but external digest is available only (not data)");
        }
        if (z2) {
            signedData.encapContentInfo = new EncapsulatedContentInfo(new Asn1ObjectIdentifier(new OID(CMStools.STR_CMS_OID_DATA).value), (Asn1OctetString) null);
        } else {
            signedData.encapContentInfo = new EncapsulatedContentInfo(new Asn1ObjectIdentifier(new OID(CMStools.STR_CMS_OID_DATA).value), new Asn1OctetString(bArr));
        }
        int length = certificateArr.length;
        signedData.certificates = new CertificateSet(length);
        signedData.certificates.elements = new CertificateChoices[length];
        for (int i = 0; i < signedData.certificates.elements.length; i++) {
            ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Certificate certificate = new ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Certificate();
            certificate.decode(new Asn1BerDecodeBuffer(certificateArr[i].getEncoded()));
            signedData.certificates.elements[i] = new CertificateChoices();
            signedData.certificates.elements[i].set_certificate(certificate);
        }
        Signature signature = Signature.getInstance(keyAlgToSignatureOid, str2);
        signedData.signerInfos = new SignerInfos(privateKeyArr.length);
        int i2 = 0;
        while (i2 < signedData.signerInfos.elements.length) {
            signedData.signerInfos.elements[i2] = new SignerInfo();
            signedData.signerInfos.elements[i2].version = new CMSVersion(1L);
            signedData.signerInfos.elements[i2].sid = new SignerIdentifier();
            Asn1BerDecodeBuffer asn1BerDecodeBuffer = new Asn1BerDecodeBuffer(((X509Certificate) certificateArr[i2]).getIssuerX500Principal().getEncoded());
            Name name = new Name();
            name.decode(asn1BerDecodeBuffer);
            CertificateSerialNumber certificateSerialNumber = new CertificateSerialNumber(((X509Certificate) certificateArr[i2]).getSerialNumber());
            signedData.signerInfos.elements[i2].sid.set_issuerAndSerialNumber(new IssuerAndSerialNumber(name, certificateSerialNumber));
            signedData.signerInfos.elements[i2].digestAlgorithm = new DigestAlgorithmIdentifier(new OID(keyAlgToDigestOid).value);
            signedData.signerInfos.elements[i2].digestAlgorithm.parameters = new Asn1Null();
            signedData.signerInfos.elements[i2].signatureAlgorithm = new SignatureAlgorithmIdentifier(new OID(keyAlgToKeyAlgorithmOid).value);
            signedData.signerInfos.elements[i2].signatureAlgorithm.parameters = new Asn1Null();
            signedData.signerInfos.elements[i2].signedAttrs = new SignedAttributes(z3 ? 4 : 3);
            String str3 = keyAlgToKeyAlgorithmOid;
            ContentInfo contentInfo2 = contentInfo;
            signedData.signerInfos.elements[i2].signedAttrs.elements[0] = new Attribute(new OID(CMStools.STR_CMS_OID_CONT_TYP_ATTR).value, new Attribute_values(1));
            signedData.signerInfos.elements[i2].signedAttrs.elements[0].values.elements[0] = new Asn1ObjectIdentifier(new OID(CMStools.STR_CMS_OID_DATA).value);
            signedData.signerInfos.elements[i2].signedAttrs.elements[1] = new Attribute(new OID(CMStools.STR_CMS_OID_SIGN_TYM_ATTR).value, new Attribute_values(1));
            Time time = new Time();
            Asn1UTCTime asn1UTCTime = new Asn1UTCTime();
            asn1UTCTime.setTime(Calendar.getInstance());
            time.set_utcTime(asn1UTCTime);
            signedData.signerInfos.elements[i2].signedAttrs.elements[1].values.elements[0] = time.getElement();
            signedData.signerInfos.elements[i2].signedAttrs.elements[2] = new Attribute(new OID(CMStools.STR_CMS_OID_DIGEST_ATTR).value, new Attribute_values(1));
            signedData.signerInfos.elements[i2].signedAttrs.elements[2].values.elements[0] = new Asn1OctetString(z ? bArr : z2 ? CMStools.digestm(bArr, keyAlgToDigestOid, str2) : CMStools.digestm(signedData.encapContentInfo.eContent.value, keyAlgToDigestOid, str2));
            if (z3) {
                signedData.signerInfos.elements[i2].signedAttrs.elements[3] = new Attribute(new OID(ALL_PKIX1Explicit88Values.id_aa_signingCertificateV2).value, new Attribute_values(1));
                DigestAlgorithmIdentifier digestAlgorithmIdentifier2 = new DigestAlgorithmIdentifier(new OID(keyAlgToDigestOid).value);
                CertHash certHash = new CertHash(CMStools.digestm(certificateArr[i2].getEncoded(), keyAlgToDigestOid, str2));
                GeneralName generalName = new GeneralName();
                generalName.set_directoryName(name);
                GeneralNames generalNames = new GeneralNames();
                generalNames.elements = new GeneralName[1];
                generalNames.elements[0] = generalName;
                ESSCertIDv2 eSSCertIDv2 = new ESSCertIDv2(digestAlgorithmIdentifier2, certHash, new IssuerSerial(generalNames, certificateSerialNumber));
                _SeqOfESSCertIDv2 _seqofesscertidv2 = new _SeqOfESSCertIDv2(1);
                _seqofesscertidv2.elements = new ESSCertIDv2[1];
                _seqofesscertidv2.elements[0] = eSSCertIDv2;
                signedData.signerInfos.elements[i2].signedAttrs.elements[3].values.elements[0] = new SigningCertificateV2(_seqofesscertidv2);
            }
            Asn1BerEncodeBuffer asn1BerEncodeBuffer = new Asn1BerEncodeBuffer();
            signedData.signerInfos.elements[i2].signedAttrs.encode(asn1BerEncodeBuffer);
            byte[] msgCopy = asn1BerEncodeBuffer.getMsgCopy();
            signature.initSign(privateKeyArr[i2]);
            signature.update(msgCopy);
            signedData.signerInfos.elements[i2].signature = new SignatureValue(signature.sign());
            i2++;
            keyAlgToKeyAlgorithmOid = str3;
            contentInfo = contentInfo2;
        }
        Asn1BerEncodeBuffer asn1BerEncodeBuffer2 = new Asn1BerEncodeBuffer();
        contentInfo.encode(asn1BerEncodeBuffer2, true);
        if (str != null) {
            Array.writeFile(str, asn1BerEncodeBuffer2.getMsgCopy());
        }
        return asn1BerEncodeBuffer2.getMsgCopy();
    }

    public static byte[] hashSignCMS(byte[] bArr, PrivateKey[] privateKeyArr, Certificate[] certificateArr, String str, byte[] bArr2) throws Exception {
        return hashSignCMSEx(bArr, privateKeyArr, certificateArr, str, bArr2, "JCP");
    }

    public static byte[] hashSignCMSEx(byte[] bArr, PrivateKey[] privateKeyArr, Certificate[] certificateArr, String str, byte[] bArr2, String str2) throws Exception {
        OID oid;
        byte[] bArr3;
        byte[] digestm;
        Certificate[] certificateArr2 = certificateArr;
        String algorithm = privateKeyArr[0].getAlgorithm();
        String keyAlgToDigestOid = AlgorithmUtility.keyAlgToDigestOid(algorithm);
        String keyAlgToKeyAlgorithmOid = AlgorithmUtility.keyAlgToKeyAlgorithmOid(algorithm);
        String keyAlgToSignatureOid = AlgorithmUtility.keyAlgToSignatureOid(algorithm);
        Asn1BerDecodeBuffer asn1BerDecodeBuffer = new Asn1BerDecodeBuffer(bArr);
        ContentInfo contentInfo = new ContentInfo();
        contentInfo.decode(asn1BerDecodeBuffer);
        if (!new OID(CMStools.STR_CMS_OID_SIGNED).eq(contentInfo.contentType.value)) {
            throw new Exception("Not supported");
        }
        SignedData signedData = (SignedData) contentInfo.content;
        if (signedData.version.value != 1) {
            throw new Exception("Incorrect version");
        }
        if (!new OID(CMStools.STR_CMS_OID_DATA).eq(signedData.encapContentInfo.eContentType.value)) {
            throw new Exception("Nested not supported");
        }
        DigestAlgorithmIdentifier digestAlgorithmIdentifier = new DigestAlgorithmIdentifier(new OID(keyAlgToDigestOid).value);
        int i = 0;
        while (true) {
            if (i >= signedData.digestAlgorithms.elements.length) {
                oid = null;
                break;
            }
            if (signedData.digestAlgorithms.elements[i].algorithm.equals(digestAlgorithmIdentifier.algorithm)) {
                oid = new OID(signedData.digestAlgorithms.elements[i].algorithm.value);
                break;
            }
            i++;
        }
        if (oid == null) {
            throw new Exception("Unknown digest");
        }
        int length = signedData.certificates.elements.length;
        CertificateChoices[] certificateChoicesArr = new CertificateChoices[length];
        for (int i2 = 0; i2 < signedData.certificates.elements.length; i2++) {
            certificateChoicesArr[i2] = signedData.certificates.elements[i2];
        }
        int length2 = certificateArr2.length + length;
        signedData.certificates = new CertificateSet(length2);
        signedData.certificates.elements = new CertificateChoices[length2];
        for (int i3 = 0; i3 < length; i3++) {
            signedData.certificates.elements[i3] = certificateChoicesArr[i3];
        }
        for (int i4 = 0; i4 < signedData.certificates.elements.length - length; i4++) {
            ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Certificate certificate = new ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Certificate();
            certificate.decode(new Asn1BerDecodeBuffer(certificateArr2[i4].getEncoded()));
            int i5 = i4 + length;
            signedData.certificates.elements[i5] = new CertificateChoices();
            signedData.certificates.elements[i5].set_certificate(certificate);
        }
        Signature signature = Signature.getInstance(keyAlgToSignatureOid, str2);
        int length3 = signedData.signerInfos.elements.length;
        SignerInfo[] signerInfoArr = new SignerInfo[length3];
        for (int i6 = 0; i6 < signedData.signerInfos.elements.length; i6++) {
            signerInfoArr[i6] = signedData.signerInfos.elements[i6];
        }
        signedData.signerInfos = new SignerInfos(privateKeyArr.length + length3);
        for (int i7 = 0; i7 < length3; i7++) {
            signedData.signerInfos.elements[i7] = signerInfoArr[i7];
        }
        int i8 = 0;
        while (i8 < signedData.signerInfos.elements.length - length3) {
            int i9 = i8 + length3;
            signedData.signerInfos.elements[i9] = new SignerInfo();
            Signature signature2 = signature;
            signedData.signerInfos.elements[i9].version = new CMSVersion(1L);
            signedData.signerInfos.elements[i9].sid = new SignerIdentifier();
            Asn1BerDecodeBuffer asn1BerDecodeBuffer2 = new Asn1BerDecodeBuffer(((X509Certificate) certificateArr2[i8]).getIssuerX500Principal().getEncoded());
            Name name = new Name();
            name.decode(asn1BerDecodeBuffer2);
            signedData.signerInfos.elements[i9].sid.set_issuerAndSerialNumber(new IssuerAndSerialNumber(name, new CertificateSerialNumber(((X509Certificate) certificateArr2[i8]).getSerialNumber())));
            signedData.signerInfos.elements[i9].digestAlgorithm = new DigestAlgorithmIdentifier(new OID(oid).value);
            signedData.signerInfos.elements[i9].digestAlgorithm.parameters = new Asn1Null();
            signedData.signerInfos.elements[i9].signatureAlgorithm = new SignatureAlgorithmIdentifier(new OID(keyAlgToKeyAlgorithmOid).value);
            signedData.signerInfos.elements[i9].signatureAlgorithm.parameters = new Asn1Null();
            signedData.signerInfos.elements[i9].signedAttrs = new SignedAttributes(3);
            signedData.signerInfos.elements[i9].signedAttrs.elements[0] = new Attribute(new OID(CMStools.STR_CMS_OID_CONT_TYP_ATTR).value, new Attribute_values(1));
            signedData.signerInfos.elements[i9].signedAttrs.elements[0].values.elements[0] = new Asn1ObjectIdentifier(new OID(CMStools.STR_CMS_OID_DATA).value);
            signedData.signerInfos.elements[i9].signedAttrs.elements[1] = new Attribute(new OID(CMStools.STR_CMS_OID_SIGN_TYM_ATTR).value, new Attribute_values(1));
            Time time = new Time();
            Asn1UTCTime asn1UTCTime = new Asn1UTCTime();
            asn1UTCTime.setTime(Calendar.getInstance());
            time.set_utcTime(asn1UTCTime);
            signedData.signerInfos.elements[i9].signedAttrs.elements[1].values.elements[0] = time.getElement();
            signedData.signerInfos.elements[i9].signedAttrs.elements[2] = new Attribute(new OID(CMStools.STR_CMS_OID_DIGEST_ATTR).value, new Attribute_values(1));
            if (signedData.encapContentInfo.eContent.value != null) {
                digestm = CMStools.digestm(signedData.encapContentInfo.eContent.value, keyAlgToDigestOid, str2);
                bArr3 = bArr2;
            } else {
                bArr3 = bArr2;
                if (bArr3 == null) {
                    throw new Exception("No content");
                }
                digestm = CMStools.digestm(bArr3, keyAlgToDigestOid, str2);
            }
            signedData.signerInfos.elements[i9].signedAttrs.elements[2].values.elements[0] = new Asn1OctetString(digestm);
            Asn1BerEncodeBuffer asn1BerEncodeBuffer = new Asn1BerEncodeBuffer();
            signedData.signerInfos.elements[i9].signedAttrs.encode(asn1BerEncodeBuffer);
            byte[] msgCopy = asn1BerEncodeBuffer.getMsgCopy();
            signature = signature2;
            signature.initSign(privateKeyArr[i8]);
            signature.update(msgCopy);
            signedData.signerInfos.elements[i9].signature = new SignatureValue(signature.sign());
            i8++;
            certificateArr2 = certificateArr;
        }
        Asn1BerEncodeBuffer asn1BerEncodeBuffer2 = new Asn1BerEncodeBuffer();
        contentInfo.encode(asn1BerEncodeBuffer2, true);
        if (str != null) {
            Array.writeFile(str, asn1BerEncodeBuffer2.getMsgCopy());
        }
        return asn1BerEncodeBuffer2.getMsgCopy();
    }

    public static void main(String[] strArr) throws Exception {
        byte[] readFile = Array.readFile(CMStools.DATA_FILE_PATH);
        boolean z = true;
        PrivateKey[] privateKeyArr = {CMStools.loadKey(CMStools.SIGN_KEY_NAME, CMStools.SIGN_KEY_PASSWORD)};
        Certificate[] certificateArr = {CMStools.loadCertificate(CMStools.SIGN_KEY_NAME)};
        try {
            new ContentInfo().decode(new Asn1BerDecodeBuffer(readFile));
        } catch (Exception unused) {
            if (CMStools.logger != null) {
                CMStools.logger.info("Create CMS (low)");
            }
            createCMS(readFile, privateKeyArr, certificateArr, CMS_FILE_LOW_PATH, false);
            if (CMStools.logger != null) {
                CMStools.logger.info("Create CMS (sf)");
            }
            createHashCMS(readFile, privateKeyArr, certificateArr, CMS_FILE_SF_PATH, false);
            if (CMStools.logger != null) {
                CMStools.logger.info("Create CAdES-BES CMS with digest of the data");
            }
            createHashCMSEx(CMStools.digestm(readFile, "GOST3411"), true, privateKeyArr, certificateArr, CMS_FILE_CAdES_BES_PATH, true, true);
            z = false;
        }
        if (z) {
            if (CMStools.logger != null) {
                CMStools.logger.info("Sign CMS (low)");
            }
            signCMS(readFile, privateKeyArr, certificateArr, CMS_FILE_LOW_PATH, null);
            if (CMStools.logger != null) {
                CMStools.logger.info("Sign CMS (sf)");
            }
            hashSignCMS(readFile, privateKeyArr, certificateArr, CMS_FILE_SF_PATH, null);
        }
        byte[] readFile2 = Array.readFile(CMS_FILE_LOW_PATH);
        if (CMStools.logger != null) {
            CMStools.logger.info("Verify created or signed CMS (LOW):");
        }
        CMSVerify.CMSVerify(readFile2, certificateArr, null);
        byte[] readFile3 = Array.readFile(CMS_FILE_SF_PATH);
        if (CMStools.logger != null) {
            CMStools.logger.info("Verify created or signed CMS (SF):");
        }
        CMSVerify.CMSVerify(readFile3, certificateArr, null);
        byte[] readFile4 = Array.readFile(CMS_FILE_CAdES_BES_PATH);
        if (CMStools.logger != null) {
            CMStools.logger.info("Verify created CAdES-BES CMS:");
        }
        CMSVerify.CMSVerify(readFile4, certificateArr, readFile);
    }

    public static byte[] signCMS(byte[] bArr, PrivateKey[] privateKeyArr, Certificate[] certificateArr, String str, byte[] bArr2) throws Exception {
        return signCMSEx(bArr, privateKeyArr, certificateArr, str, bArr2, "JCP");
    }

    public static byte[] signCMSEx(byte[] bArr, PrivateKey[] privateKeyArr, Certificate[] certificateArr, String str, byte[] bArr2, String str2) throws Exception {
        byte[] bArr3;
        PrivateKey[] privateKeyArr2 = privateKeyArr;
        String algorithm = privateKeyArr2[0].getAlgorithm();
        String keyAlgToDigestOid = AlgorithmUtility.keyAlgToDigestOid(algorithm);
        String keyAlgToKeyAlgorithmOid = AlgorithmUtility.keyAlgToKeyAlgorithmOid(algorithm);
        String keyAlgToSignatureOid = AlgorithmUtility.keyAlgToSignatureOid(algorithm);
        Asn1BerDecodeBuffer asn1BerDecodeBuffer = new Asn1BerDecodeBuffer(bArr);
        ContentInfo contentInfo = new ContentInfo();
        contentInfo.decode(asn1BerDecodeBuffer);
        if (!new OID(CMStools.STR_CMS_OID_SIGNED).eq(contentInfo.contentType.value)) {
            throw new Exception("Not supported");
        }
        SignedData signedData = (SignedData) contentInfo.content;
        long j = 1;
        if (signedData.version.value != 1) {
            throw new Exception("Incorrect version");
        }
        if (!new OID(CMStools.STR_CMS_OID_DATA).eq(signedData.encapContentInfo.eContentType.value)) {
            throw new Exception("Nested not supported");
        }
        if (signedData.encapContentInfo.eContent != null) {
            bArr3 = signedData.encapContentInfo.eContent.value;
        } else {
            if (bArr2 == null) {
                throw new Exception("No content");
            }
            bArr3 = bArr2;
        }
        OID oid = null;
        DigestAlgorithmIdentifier digestAlgorithmIdentifier = new DigestAlgorithmIdentifier(new OID(keyAlgToDigestOid).value);
        int i = 0;
        while (true) {
            if (i >= signedData.digestAlgorithms.elements.length) {
                break;
            }
            if (signedData.digestAlgorithms.elements[i].algorithm.equals(digestAlgorithmIdentifier.algorithm)) {
                oid = new OID(signedData.digestAlgorithms.elements[i].algorithm.value);
                break;
            }
            i++;
        }
        if (oid == null) {
            throw new Exception("Unknown digest");
        }
        int length = signedData.certificates.elements.length;
        CertificateChoices[] certificateChoicesArr = new CertificateChoices[length];
        for (int i2 = 0; i2 < signedData.certificates.elements.length; i2++) {
            certificateChoicesArr[i2] = signedData.certificates.elements[i2];
        }
        int length2 = certificateArr.length + length;
        signedData.certificates = new CertificateSet(length2);
        signedData.certificates.elements = new CertificateChoices[length2];
        for (int i3 = 0; i3 < length; i3++) {
            signedData.certificates.elements[i3] = certificateChoicesArr[i3];
        }
        for (int i4 = 0; i4 < signedData.certificates.elements.length - length; i4++) {
            ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Certificate certificate = new ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Certificate();
            certificate.decode(new Asn1BerDecodeBuffer(certificateArr[i4].getEncoded()));
            int i5 = i4 + length;
            signedData.certificates.elements[i5] = new CertificateChoices();
            signedData.certificates.elements[i5].set_certificate(certificate);
        }
        Signature signature = Signature.getInstance(keyAlgToSignatureOid, str2);
        int length3 = signedData.signerInfos.elements.length;
        SignerInfo[] signerInfoArr = new SignerInfo[length3];
        for (int i6 = 0; i6 < signedData.signerInfos.elements.length; i6++) {
            signerInfoArr[i6] = signedData.signerInfos.elements[i6];
        }
        signedData.signerInfos = new SignerInfos(privateKeyArr2.length + length3);
        for (int i7 = 0; i7 < length3; i7++) {
            signedData.signerInfos.elements[i7] = signerInfoArr[i7];
        }
        int i8 = 0;
        while (i8 < signedData.signerInfos.elements.length - length3) {
            signature.initSign(privateKeyArr2[i8]);
            signature.update(bArr3);
            byte[] sign = signature.sign();
            int i9 = i8 + length3;
            signedData.signerInfos.elements[i9] = new SignerInfo();
            signedData.signerInfos.elements[i9].version = new CMSVersion(j);
            signedData.signerInfos.elements[i9].sid = new SignerIdentifier();
            Asn1BerDecodeBuffer asn1BerDecodeBuffer2 = new Asn1BerDecodeBuffer(((X509Certificate) certificateArr[i8]).getIssuerX500Principal().getEncoded());
            Name name = new Name();
            name.decode(asn1BerDecodeBuffer2);
            signedData.signerInfos.elements[i9].sid.set_issuerAndSerialNumber(new IssuerAndSerialNumber(name, new CertificateSerialNumber(((X509Certificate) certificateArr[i8]).getSerialNumber())));
            signedData.signerInfos.elements[i9].digestAlgorithm = new DigestAlgorithmIdentifier(new OID(oid).value);
            signedData.signerInfos.elements[i9].digestAlgorithm.parameters = new Asn1Null();
            signedData.signerInfos.elements[i9].signatureAlgorithm = new SignatureAlgorithmIdentifier(new OID(keyAlgToKeyAlgorithmOid).value);
            signedData.signerInfos.elements[i9].signatureAlgorithm.parameters = new Asn1Null();
            signedData.signerInfos.elements[i9].signature = new SignatureValue(sign);
            i8++;
            privateKeyArr2 = privateKeyArr;
            j = 1;
        }
        Asn1BerEncodeBuffer asn1BerEncodeBuffer = new Asn1BerEncodeBuffer();
        contentInfo.encode(asn1BerEncodeBuffer, true);
        if (str != null) {
            Array.writeFile(str, asn1BerEncodeBuffer.getMsgCopy());
        }
        return asn1BerEncodeBuffer.getMsgCopy();
    }
}
