package CMS_samples;

import com.objsys.asn1j.runtime.Asn1BerDecodeBuffer;
import com.objsys.asn1j.runtime.Asn1BerEncodeBuffer;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.ContentInfo;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.DigestAlgorithmIdentifier;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignedData;
import ru.CryptoPro.JCP.ASN.CryptographicMessageSyntax.SignerInfo;
import ru.CryptoPro.JCP.JCP;
import ru.CryptoPro.JCP.params.OID;
import ru.CryptoPro.JCP.tools.Array;

/* loaded from: classes.dex */
public class DetachedSignatureFileExample {
    public static final String alias = "gost_exch";
    public static final String fileName = "C:\\TESTS\\CMS\\data.exe";
    public static final char[] password = "Pass1234".toCharArray();

    public static void main(String[] strArr) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("HDImageStore");
        keyStore.load(null, null);
        PrivateKey privateKey = (PrivateKey) keyStore.getKey("gost_exch", password);
        X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate("gost_exch");
        Signature signature = Signature.getInstance(JCP.GOST_DHEL_SIGN_NAME);
        signature.initSign(privateKey);
        readAndHash(signature, fileName);
        byte[] createCMS = CMS.createCMS(null, signature.sign(), x509Certificate, true);
        Array.writeFile("C:\\jcp_sig_64_data_exe.dat", createCMS);
        Signature signature2 = Signature.getInstance(JCP.GOST_DHEL_SIGN_NAME);
        signature2.initVerify(x509Certificate.getPublicKey());
        readAndHash(signature2, fileName);
        verify(createCMS, x509Certificate, signature2);
    }

    public static Signature readAndHash(Signature signature, String str) throws Exception {
        FileInputStream fileInputStream = new FileInputStream(new File(str));
        while (true) {
            int read = fileInputStream.read();
            if (read == -1) {
                fileInputStream.close();
                return signature;
            }
            signature.update((byte) read);
        }
    }

    public static void verify(byte[] bArr, X509Certificate x509Certificate, Signature signature) throws Exception {
        Asn1BerDecodeBuffer asn1BerDecodeBuffer = new Asn1BerDecodeBuffer(bArr);
        ContentInfo contentInfo = new ContentInfo();
        contentInfo.decode(asn1BerDecodeBuffer);
        if (!new OID(CMStools.STR_CMS_OID_SIGNED).eq(contentInfo.contentType.value)) {
            throw new Exception("Not supported");
        }
        SignedData signedData = (SignedData) contentInfo.content;
        if (signedData.version.value != 1) {
            throw new Exception("Incorrect version");
        }
        if (!new OID(CMStools.STR_CMS_OID_DATA).eq(signedData.encapContentInfo.eContentType.value)) {
            throw new Exception("Nested not supported");
        }
        OID oid = null;
        DigestAlgorithmIdentifier digestAlgorithmIdentifier = new DigestAlgorithmIdentifier(new OID("1.2.643.2.2.9").value);
        int i = 0;
        int i2 = 0;
        while (true) {
            if (i2 >= signedData.digestAlgorithms.elements.length) {
                break;
            }
            if (signedData.digestAlgorithms.elements[i2].algorithm.equals(digestAlgorithmIdentifier.algorithm)) {
                oid = new OID(signedData.digestAlgorithms.elements[i2].algorithm.value);
                break;
            }
            i2++;
        }
        if (oid == null) {
            throw new Exception("Unknown digest");
        }
        while (true) {
            if (i >= signedData.certificates.elements.length) {
                i = -1;
                break;
            }
            Asn1BerEncodeBuffer asn1BerEncodeBuffer = new Asn1BerEncodeBuffer();
            signedData.certificates.elements[i].encode(asn1BerEncodeBuffer);
            byte[] msgCopy = asn1BerEncodeBuffer.getMsgCopy();
            System.out.println(((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(msgCopy))).getSubjectDN());
            System.out.println(x509Certificate.getSubjectDN());
            if (Arrays.equals(msgCopy, x509Certificate.getEncoded())) {
                break;
            } else {
                i++;
            }
        }
        if (i == -1) {
            throw new Exception("Not signed on certificate.");
        }
        SignerInfo signerInfo = signedData.signerInfos.elements[i];
        if (signerInfo.version.value != 1) {
            throw new Exception("Incorrect version");
        }
        if (!oid.equals(new OID(signerInfo.digestAlgorithm.algorithm.value))) {
            throw new Exception("Not signed on certificate.");
        }
        if (!signature.verify(signerInfo.signature.value)) {
            throw new Exception("Invalid signature.");
        }
        if (CMStools.logger != null) {
            CMStools.logger.info("Valid signature");
        }
    }
}
