package sun.security.pkcs;

import com.facebook.react.views.textinput.ReactEditTextInputConnectionWrapper;
import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.X509Certificate;
import jd.wjlogin_sdk.util.ReplyCode;
import sun.misc.HexDumpEncoder;
import sun.security.util.Debug;
import sun.security.util.DerEncoder;
import sun.security.util.DerInputStream;
import sun.security.util.DerOutputStream;
import sun.security.util.DerValue;
import sun.security.util.ObjectIdentifier;
import sun.security.x509.AlgorithmId;
import sun.security.x509.KeyUsageExtension;
import sun.security.x509.X500Name;

/* loaded from: classes4.dex */
public class SignerInfo implements DerEncoder {

    /* renamed from: g, reason: collision with root package name */
    BigInteger f48013g;

    /* renamed from: h, reason: collision with root package name */
    X500Name f48014h;

    /* renamed from: i, reason: collision with root package name */
    BigInteger f48015i;

    /* renamed from: j, reason: collision with root package name */
    AlgorithmId f48016j;

    /* renamed from: k, reason: collision with root package name */
    AlgorithmId f48017k;

    /* renamed from: l, reason: collision with root package name */
    byte[] f48018l;

    /* renamed from: m, reason: collision with root package name */
    PKCS9Attributes f48019m;

    /* renamed from: n, reason: collision with root package name */
    PKCS9Attributes f48020n;

    public SignerInfo(DerInputStream derInputStream) throws IOException, ParsingException {
        this(derInputStream, false);
    }

    public SignerInfo(DerInputStream derInputStream, boolean z5) throws IOException, ParsingException {
        this.f48013g = derInputStream.b();
        DerValue[] m5 = derInputStream.m(2);
        this.f48014h = new X500Name(new DerValue((byte) 48, m5[0].D()));
        this.f48015i = m5[1].h();
        this.f48016j = AlgorithmId.parse(derInputStream.e());
        if (z5) {
            derInputStream.n(0);
        } else if (((byte) derInputStream.t()) == -96) {
            this.f48019m = new PKCS9Attributes(derInputStream);
        }
        this.f48017k = AlgorithmId.parse(derInputStream.e());
        this.f48018l = derInputStream.l();
        if (z5) {
            derInputStream.n(0);
        } else if (derInputStream.a() != 0 && ((byte) derInputStream.t()) == -95) {
            this.f48020n = new PKCS9Attributes(derInputStream, true);
        }
        if (derInputStream.a() != 0) {
            throw new ParsingException("extra data at the end");
        }
    }

    public X509Certificate a(PKCS7 pkcs7) throws IOException {
        return pkcs7.getCertificate(this.f48015i, this.f48014h);
    }

    public AlgorithmId b() {
        return this.f48016j;
    }

    public AlgorithmId c() {
        return this.f48017k;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignerInfo d(PKCS7 pkcs7, byte[] bArr) throws NoSuchAlgorithmException, SignatureException {
        byte[] bArr2;
        try {
            try {
                ContentInfo contentInfo = pkcs7.getContentInfo();
                if (bArr == null) {
                    bArr = contentInfo.c();
                }
                String name = b().getName();
                if (name.equalsIgnoreCase("SHA")) {
                    name = "SHA1";
                }
                PKCS9Attributes pKCS9Attributes = this.f48019m;
                if (pKCS9Attributes != null) {
                    ObjectIdentifier objectIdentifier = (ObjectIdentifier) pKCS9Attributes.f(PKCS9Attribute.f47993m);
                    if (objectIdentifier == null || !objectIdentifier.equals(contentInfo.f47987a) || (bArr2 = (byte[]) this.f48019m.f(PKCS9Attribute.f47994n)) == null) {
                        return null;
                    }
                    byte[] digest = MessageDigest.getInstance(name).digest(bArr);
                    if (bArr2.length != digest.length) {
                        return null;
                    }
                    for (int i5 = 0; i5 < bArr2.length; i5++) {
                        if (bArr2[i5] != digest[i5]) {
                            return null;
                        }
                    }
                    bArr = this.f48019m.g();
                }
                String name2 = c().getName();
                if (name2.equalsIgnoreCase("SHA1withDSA")) {
                    name2 = "DSA";
                }
                Signature signature = Signature.getInstance(name + "with" + name2);
                X509Certificate a6 = a(pkcs7);
                if (a6 == null) {
                    return null;
                }
                if (a6.hasUnsupportedCriticalExtension()) {
                    throw new SignatureException("Certificate has unsupported critical extension(s)");
                }
                boolean[] keyUsage = a6.getKeyUsage();
                if (keyUsage != null) {
                    try {
                        KeyUsageExtension keyUsageExtension = new KeyUsageExtension(keyUsage);
                        boolean booleanValue = ((Boolean) keyUsageExtension.g("digital_signature")).booleanValue();
                        boolean booleanValue2 = ((Boolean) keyUsageExtension.g("non_repudiation")).booleanValue();
                        if (!booleanValue && !booleanValue2) {
                            throw new SignatureException("Key usage restricted: cannot be used for digital signatures");
                        }
                    } catch (IOException unused) {
                        throw new SignatureException("Failed to parse keyUsage extension");
                    }
                }
                signature.initVerify(a6.getPublicKey());
                signature.update(bArr);
                if (signature.verify(this.f48018l)) {
                    return this;
                }
                return null;
            } catch (InvalidKeyException e6) {
                throw new SignatureException("InvalidKey: " + e6.getMessage());
            }
        } catch (IOException e7) {
            throw new SignatureException("IO error verifying signature:\n" + e7.getMessage());
        }
    }

    @Override // sun.security.util.DerEncoder
    public void derEncode(OutputStream outputStream) throws IOException {
        DerOutputStream derOutputStream = new DerOutputStream();
        derOutputStream.l(this.f48013g);
        DerOutputStream derOutputStream2 = new DerOutputStream();
        this.f48014h.b(derOutputStream2);
        derOutputStream2.l(this.f48015i);
        derOutputStream.y((byte) 48, derOutputStream2);
        this.f48016j.encode(derOutputStream);
        PKCS9Attributes pKCS9Attributes = this.f48019m;
        if (pKCS9Attributes != null) {
            pKCS9Attributes.c(ReplyCode.reply0xa0, derOutputStream);
        }
        this.f48017k.encode(derOutputStream);
        derOutputStream.q(this.f48018l);
        PKCS9Attributes pKCS9Attributes2 = this.f48020n;
        if (pKCS9Attributes2 != null) {
            pKCS9Attributes2.c((byte) -95, derOutputStream);
        }
        DerOutputStream derOutputStream3 = new DerOutputStream();
        derOutputStream3.y((byte) 48, derOutputStream);
        outputStream.write(derOutputStream3.toByteArray());
    }

    public String toString() {
        HexDumpEncoder hexDumpEncoder = new HexDumpEncoder();
        String str = ((("Signer Info for (issuer): " + this.f48014h + ReactEditTextInputConnectionWrapper.NEWLINE_RAW_VALUE) + "\tversion: " + Debug.g(this.f48013g) + ReactEditTextInputConnectionWrapper.NEWLINE_RAW_VALUE) + "\tcertificateSerialNumber: " + Debug.g(this.f48015i) + ReactEditTextInputConnectionWrapper.NEWLINE_RAW_VALUE) + "\tdigestAlgorithmId: " + this.f48016j + ReactEditTextInputConnectionWrapper.NEWLINE_RAW_VALUE;
        if (this.f48019m != null) {
            str = str + "\tauthenticatedAttributes: " + this.f48019m + ReactEditTextInputConnectionWrapper.NEWLINE_RAW_VALUE;
        }
        String str2 = (str + "\tdigestEncryptionAlgorithmId: " + this.f48017k + ReactEditTextInputConnectionWrapper.NEWLINE_RAW_VALUE) + "\tencryptedDigest: \n" + hexDumpEncoder.encodeBuffer(this.f48018l) + ReactEditTextInputConnectionWrapper.NEWLINE_RAW_VALUE;
        if (this.f48020n == null) {
            return str2;
        }
        return str2 + "\tunauthenticatedAttributes: " + this.f48020n + ReactEditTextInputConnectionWrapper.NEWLINE_RAW_VALUE;
    }
}
