package com.sg.openews.api.pkcs7;

import com.kica.security.asn1.ASN1Object;
import com.kica.security.asn1.ASN1Set;
import com.kica.security.asn1.DERObjectIdentifier;
import com.kica.security.asn1.DEROctetString;
import com.kica.security.asn1.DERSet;
import com.kica.security.asn1.cms.CMSObjectIdentifiers;
import com.kica.security.asn1.cms.ContentInfo;
import com.kica.security.asn1.cms.EncryptedContentInfo;
import com.kica.security.asn1.cms.IssuerAndSerialNumber;
import com.kica.security.asn1.cms.KeyTransRecipientInfo;
import com.kica.security.asn1.cms.RecipientIdentifier;
import com.kica.security.asn1.cms.RecipientInfo;
import com.kica.security.asn1.cms.SignedAndEnvelopedData;
import com.kica.security.asn1.kisa.KISAObjectIdentifiers;
import com.kica.security.asn1.pkcs.PKCSObjectIdentifiers;
import com.kica.security.asn1.x509.AlgorithmIdentifier;
import com.kica.security.util.OID;
import com.sg.openews.api.crypto.SGAlgorithmParameter;
import com.sg.openews.api.crypto.SGBlockCipher;
import com.sg.openews.api.crypto.SGMessageDigest;
import com.sg.openews.api.crypto.SGRsaCipher;
import com.sg.openews.api.crypto.SGSecretKey;
import com.sg.openews.api.crypto.SGSecretKeyFactory;
import com.sg.openews.api.crypto.SGSigner;
import com.sg.openews.api.exception.SGCryptoException;
import com.sg.openews.api.exception.SGException;
import com.sg.openews.api.exception.SGPkcs7Exception;
import com.sg.openews.api.key.SGCertificate;
import com.sg.openews.api.key.SGCertificateSet;
import com.sg.openews.api.key.SGPrivateKey;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

/* loaded from: classes.dex */
public class SGSignedAndEnvelopedDataGenerator extends SignedDataCommon {
    public static final int ATTACHED = 0;
    public static final int ATTACHED_NO_ATTRIBUTE = 2;
    public static final int DETACHED = 1;
    public static final int DETACHED_NO_ATTRIBUTE = 3;
    private SGBlockCipher cipher;
    private ByteArrayOutputStream contents;
    private String digestAlgorithm;
    private SGMessageDigest digester;
    private String encAlgorithm;
    private EncryptedContentInfo encryptedContentInfo;
    private boolean initialized;
    private ASN1Set recipientInfos;
    private List recipients;
    private SignedAndEnvelopedData saeData;
    private SGSecretKey secretKey;
    private List signerCerts;
    private List signers;
    private int type;

    public SGSignedAndEnvelopedDataGenerator() {
        this(new SGBlockCipher().getAlgorithm());
    }

    public SGSignedAndEnvelopedDataGenerator(String str) {
        this(str, SGAlgorithmParameter.SHA1);
    }

    public SGSignedAndEnvelopedDataGenerator(String str, String str2) {
        this.type = 0;
        this.contents = new ByteArrayOutputStream();
        this.cipher = null;
        this.signerCerts = new ArrayList();
        this.digester = null;
        this.signers = null;
        this.initialized = false;
        this.encAlgorithm = str;
        this.digestAlgorithm = str2;
        this.cipher = new SGBlockCipher(str);
        this.recipients = new ArrayList();
    }

    private ASN1Set getRecipientInfos(byte[] bArr) throws SGPkcs7Exception {
        DERSet dERSet = new DERSet();
        try {
            SGRsaCipher sGRsaCipher = new SGRsaCipher(SGAlgorithmParameter.RSA);
            for (int i = 0; i < this.recipients.size(); i++) {
                SGCertificate sGCertificate = (SGCertificate) this.recipients.get(i);
                IssuerAndSerialNumber issuerAndSerialNumber = P7Utillities.getIssuerAndSerialNumber(sGCertificate);
                AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption);
                sGRsaCipher.init(sGCertificate);
                byte[] doFinal = sGRsaCipher.doFinal(bArr);
                if (doFinal == null) {
                    throw new SGPkcs7Exception("sg.pkcs7.sysmetricKeyEncryptionFail");
                }
                dERSet.addObject(new RecipientInfo(new KeyTransRecipientInfo(new RecipientIdentifier(issuerAndSerialNumber), algorithmIdentifier, new DEROctetString(doFinal))));
            }
            return dERSet;
        } catch (SGCryptoException e) {
            e.printStackTrace();
            throw new SGPkcs7Exception("sg.pkcs7.sysmetricKeyEncryptionFail");
        }
    }

    public void addRecipient(SGCertificate sGCertificate) throws IllegalArgumentException {
        this.recipients.add(sGCertificate);
    }

    public void addSignerCertificate(SGCertificate sGCertificate, SGPrivateKey sGPrivateKey) throws SGCryptoException {
        SGCertificateSet sGCertificateSet = new SGCertificateSet();
        sGCertificateSet.setSignCertificate(sGCertificate);
        sGCertificateSet.setSignPrivateKey(sGPrivateKey);
        this.signerCerts.add(sGCertificateSet);
        if (this.type == 2 || this.type == 3) {
            if (this.signers == null) {
                this.signers = new ArrayList();
            }
            SGSigner sGSigner = new SGSigner(String.valueOf(this.digestAlgorithm) + "with" + sGCertificate.getKeyAlgorithm());
            sGSigner.init(sGPrivateKey, sGCertificate);
            this.signers.add(sGSigner);
        }
    }

    public byte[] doFinal() throws SGPkcs7Exception {
        try {
            byte[] doFinal = this.cipher.doFinal();
            if (this.type != 0 && this.type != 2) {
                return doFinal;
            }
            this.contents.write(doFinal);
            return null;
        } catch (SGCryptoException e) {
            throw new SGPkcs7Exception("sg.pkcs7.sysmetricKeyEncryptionFail", e);
        } catch (SGException e2) {
            throw new SGPkcs7Exception("sg.pkcs7.sysmetricKeyEncryptionFail", e2);
        } catch (IOException e3) {
            throw new SGPkcs7Exception("sg.pkcs7.sysmetricKeyEncryptionFail", e3);
        }
    }

    public byte[] doFinal(byte[] bArr) throws SGPkcs7Exception {
        return doFinal(bArr, 0, bArr.length);
    }

    public byte[] doFinal(byte[] bArr, int i, int i2) throws SGPkcs7Exception {
        try {
            try {
                if (this.type == 2 || this.type == 3) {
                    for (int i3 = 0; i3 < this.signers.size(); i3++) {
                        try {
                            ((SGSigner) this.signers.get(0)).update(bArr, i, i2);
                        } catch (SGCryptoException e) {
                            throw new SGPkcs7Exception(e);
                        } catch (SGException e2) {
                            throw new SGPkcs7Exception(e2);
                        }
                    }
                } else {
                    this.digester.update(bArr, i, i2);
                }
                byte[] doFinal = this.cipher.doFinal(bArr, i, i2);
                if (this.type != 0 && this.type != 2) {
                    return doFinal;
                }
                this.contents.write(doFinal);
                return null;
            } catch (IOException e3) {
                throw new SGPkcs7Exception("sg.pkcs7.sysmetricKeyEncryptionFail", e3);
            }
        } catch (SGCryptoException e4) {
            throw new SGPkcs7Exception("sg.pkcs7.sysmetricKeyEncryptionFail", e4);
        } catch (SGException e5) {
            throw new SGPkcs7Exception("sg.pkcs7.sysmetricKeyEncryptionFail", e5);
        }
    }

    public byte[] getEncoded() throws SGPkcs7Exception {
        AlgorithmIdentifier algorithmIdentifier = null;
        try {
            if (this.encAlgorithm.equals(SGAlgorithmParameter.SEED_CBC_PKCS5)) {
                algorithmIdentifier = new AlgorithmIdentifier(KISAObjectIdentifiers.id_seedCBC, new DEROctetString(this.secretKey.getIv()));
            } else if (this.encAlgorithm.equals(SGAlgorithmParameter.ARIA_CBC_PKCS5)) {
                algorithmIdentifier = new AlgorithmIdentifier(new DERObjectIdentifier("1.2.410.200004.5.2.100.2"), new DEROctetString(this.secretKey.getIv()));
            } else {
                if (!this.encAlgorithm.equals("ARIA")) {
                    throw new SGPkcs7Exception("sg.common.noSuchAlgorithm");
                }
                new AlgorithmIdentifier(new DERObjectIdentifier("1.2.410.200004.5.2.100.2"), new DEROctetString(this.secretKey.getIv()));
            }
            this.encryptedContentInfo = new EncryptedContentInfo(CMSObjectIdentifiers.data, algorithmIdentifier, (this.type == 0 || this.type == 2) ? new DEROctetString(this.contents.toByteArray()) : null);
            this.recipientInfos = getRecipientInfos(this.secretKey.getKey());
            byte[] digest = this.digester == null ? null : this.digester.digest();
            DERSet dERSet = new DERSet();
            DERSet dERSet2 = new DERSet();
            for (int i = 0; i < this.signerCerts.size(); i++) {
                SGCertificateSet sGCertificateSet = (SGCertificateSet) this.signerCerts.get(i);
                try {
                    dERSet.addObject(ASN1Object.fromByteArray(sGCertificateSet.getSignCertificate().getEncoded()));
                    try {
                        byte[] sign = (this.type == 2 || this.type == 3) ? ((SGSigner) this.signers.get(i)).sign() : null;
                        SGBlockCipher sGBlockCipher = new SGBlockCipher(this.encAlgorithm);
                        sGBlockCipher.init(1, this.secretKey);
                        dERSet2.addObject(getSignerInfo(sGBlockCipher, sGCertificateSet.getSignCertificate(), sGCertificateSet.getSignPrivateKey(), this.digestAlgorithm, digest, sign));
                    } catch (SGCryptoException e) {
                        throw new SGPkcs7Exception(e);
                    } catch (SGException e2) {
                        throw new SGPkcs7Exception(e2);
                    }
                } catch (IOException e3) {
                    throw new SGPkcs7Exception(e3);
                }
            }
            DERSet dERSet3 = new DERSet();
            dERSet3.addObject(new AlgorithmIdentifier(new DERObjectIdentifier(OID.getAlgOid(this.digestAlgorithm))));
            this.saeData = new SignedAndEnvelopedData(this.recipientInfos, dERSet3, this.encryptedContentInfo, dERSet, null, dERSet2);
            return new ContentInfo(CMSObjectIdentifiers.signedAndEnvelopedData, this.saeData).getDEREncoded();
        } catch (Exception e4) {
            throw new SGPkcs7Exception("sg.pkcs7.encodeingFail", new Object[]{"SGEnvelopedData"}, e4);
        }
    }

    public String getEncodedString() throws SGPkcs7Exception {
        return P7Utillities.toPEM(getEncoded());
    }

    public EncryptedContentInfo getEncryptedContentInfo() {
        return this.encryptedContentInfo;
    }

    public SGCertificate getRecipient(int i) {
        return (SGCertificate) this.recipients.get(i);
    }

    public ASN1Set getRecipientInfos() {
        return this.recipientInfos;
    }

    public List getRecipientList() {
        return this.recipients;
    }

    public void init() throws SGPkcs7Exception {
        init(0);
    }

    public void init(int i) throws SGPkcs7Exception {
        init(i, SGSecretKeyFactory.getInstance().generate(16, 16));
    }

    public void init(int i, SGSecretKey sGSecretKey) throws SGPkcs7Exception {
        this.type = i;
        this.secretKey = sGSecretKey;
        try {
            this.cipher.init(1, sGSecretKey);
            if (i == 0 || i == 1) {
                this.digester = new SGMessageDigest(this.digestAlgorithm);
            }
            this.initialized = true;
        } catch (SGCryptoException e) {
            throw new SGPkcs7Exception("sg.pkcs7.sysmetricKeyEncryptionFail", e);
        } catch (SGException e2) {
            throw new SGPkcs7Exception("sg.pkcs7.sysmetricKeyEncryptionFail", e2);
        }
    }

    public void reset() {
        this.type = 0;
        this.recipients = new ArrayList();
        this.contents.reset();
        this.cipher.reset();
        this.secretKey = null;
        this.encryptedContentInfo = null;
        this.recipientInfos = null;
        this.initialized = false;
    }

    public void setDigestAlgorithm(String str) {
        if (this.initialized) {
            throw new IllegalStateException("Already Initialized!");
        }
        this.digestAlgorithm = str;
    }

    public void setEncAlgorithm(String str) {
        if (this.initialized) {
            throw new IllegalStateException("Already Initialized!");
        }
        this.encAlgorithm = str;
        this.cipher = new SGBlockCipher(str);
    }

    public byte[] update(byte[] bArr) throws SGPkcs7Exception {
        return update(bArr, 0, bArr.length);
    }

    public byte[] update(byte[] bArr, int i, int i2) throws SGPkcs7Exception {
        try {
            try {
                if (this.type == 2 || this.type == 3) {
                    for (int i3 = 0; i3 < this.signers.size(); i3++) {
                        try {
                            ((SGSigner) this.signers.get(0)).update(bArr, i, i2);
                        } catch (SGCryptoException e) {
                            throw new SGPkcs7Exception(e);
                        } catch (SGException e2) {
                            throw new SGPkcs7Exception(e2);
                        }
                    }
                } else {
                    this.digester.update(bArr, i, i2);
                }
                byte[] update = this.cipher.update(bArr, i, i2);
                if (this.type != 0 && this.type != 2) {
                    return update;
                }
                this.contents.write(update);
                return null;
            } catch (IOException e3) {
                throw new SGPkcs7Exception("sg.pkcs7.sysmetricKeyEncryptionFail", e3);
            }
        } catch (SGCryptoException e4) {
            throw new SGPkcs7Exception("sg.pkcs7.sysmetricKeyEncryptionFail", e4);
        } catch (SGException e5) {
            throw new SGPkcs7Exception("sg.pkcs7.sysmetricKeyEncryptionFail", e5);
        }
    }
}
