package com.koalii.pkcs7;

import com.koalii.bc.asn1.ASN1EncodableVector;
import com.koalii.bc.asn1.ASN1InputStream;
import com.koalii.bc.asn1.DEROctetString;
import com.koalii.bc.asn1.DERSet;
import com.koalii.bc.asn1.cms.CMSObjectIdentifiers;
import com.koalii.bc.asn1.cms.ContentInfo;
import com.koalii.bc.asn1.cms.EncryptedContentInfo;
import com.koalii.bc.asn1.cms.EnvelopedData;
import com.koalii.bc.asn1.cms.IssuerAndSerialNumber;
import com.koalii.bc.asn1.cms.KeyTransRecipientInfo;
import com.koalii.bc.asn1.cms.RecipientIdentifier;
import com.koalii.bc.asn1.cms.RecipientInfo;
import com.koalii.bc.asn1.x509.AlgorithmIdentifier;
import com.koalii.bc.asn1.x509.X509Name;
import com.koalii.cert.SecretStore;
import com.koalii.cert.X509NameUtil;
import com.koalii.crypto.DESUtil;
import com.koalii.crypto.RSAUtil;
import java.math.BigInteger;
import java.security.cert.X509Certificate;

/* loaded from: input_file:BOOT-INF/lib/koalii_kgsp-1.0.jar:com/koalii/pkcs7/PKCS7EnvelopUtil.class */
public class PKCS7EnvelopUtil {
    private SecretStore decryptStore;

    public PKCS7EnvelopUtil(SecretStore secretStore) {
        this.decryptStore = secretStore;
    }

    public static byte[] createEnvelop(X509Certificate x509Certificate, byte[] bArr) throws PKCS7Exception {
        if (x509Certificate == null || bArr == null) {
            throw new IllegalArgumentException();
        }
        IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(X509NameUtil.toX509Name(x509Certificate.getIssuerDN()), x509Certificate.getSerialNumber());
        byte[] generateKey = DESUtil.generateKey(null);
        try {
            KeyTransRecipientInfo keyTransRecipientInfo = new KeyTransRecipientInfo(new RecipientIdentifier(issuerAndSerialNumber), new AlgorithmIdentifier(CMSObjectIdentifiers.rsaEncryption), new DEROctetString(RSAUtil.pubKeyEncrypt(x509Certificate.getPublicKey(), generateKey)));
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(new RecipientInfo(keyTransRecipientInfo));
            try {
                return new ContentInfo(CMSObjectIdentifiers.envelopedData, new EnvelopedData(null, new DERSet(aSN1EncodableVector), new EncryptedContentInfo(CMSObjectIdentifiers.data, new AlgorithmIdentifier(CMSObjectIdentifiers.des_EDE3_CBC), new DEROctetString(DESUtil.encrypt(generateKey, bArr))), null)).getDEREncoded();
            } catch (Exception e) {
                throw new PKCS7Exception(e);
            }
        } catch (Exception e2) {
            throw new PKCS7Exception(e2);
        }
    }

    public byte[] parseEnvelop(byte[] bArr) throws PKCS7Exception {
        if (bArr == null) {
            throw new IllegalArgumentException();
        }
        if (this.decryptStore == null) {
            throw new PKCS7Exception("not find decrypt store");
        }
        try {
            ContentInfo contentInfo = ContentInfo.getInstance(new ASN1InputStream(bArr).readObject());
            if (!contentInfo.getContentType().equals(CMSObjectIdentifiers.envelopedData)) {
                throw new PKCS7Exception(new StringBuffer("illegal content type ").append(contentInfo.getContentType().getId()).toString());
            }
            EnvelopedData envelopedData = EnvelopedData.getInstance(contentInfo.getContent());
            if (envelopedData == null) {
                throw new PKCS7Exception("parse envelopedData error");
            }
            if (envelopedData.getVersion().getValue().intValue() != 0) {
                throw new PKCS7Exception(new StringBuffer("unsupported envelopedData version ").append(envelopedData.getVersion().getValue().intValue()).toString());
            }
            KeyTransRecipientInfo keyTransRecipientInfo = KeyTransRecipientInfo.getInstance(envelopedData.getRecipientInfos().getObjectAt(0));
            if (!keyTransRecipientInfo.getKeyEncryptionAlgorithm().getObjectId().equals(CMSObjectIdentifiers.rsaEncryption)) {
                throw new PKCS7Exception(new StringBuffer("unsupported encrypt key alg ").append(keyTransRecipientInfo.getKeyEncryptionAlgorithm().getObjectId()).toString());
            }
            try {
                byte[] privKeyDecrypt = RSAUtil.privKeyDecrypt(this.decryptStore.getPrivKey(), keyTransRecipientInfo.getEncryptedKey().getOctets());
                EncryptedContentInfo encryptedContentInfo = envelopedData.getEncryptedContentInfo();
                if (!encryptedContentInfo.getContentEncryptionAlgorithm().getObjectId().equals(CMSObjectIdentifiers.des_EDE3_CBC)) {
                    throw new PKCS7Exception(new StringBuffer("unsupported encrypt content alg ").append(encryptedContentInfo.getContentEncryptionAlgorithm().getObjectId()).toString());
                }
                try {
                    return DESUtil.decrypt(privKeyDecrypt, encryptedContentInfo.getEncryptedContent().getOctets());
                } catch (Exception e) {
                    throw new PKCS7Exception(e);
                }
            } catch (Exception e2) {
                throw new PKCS7Exception(e2);
            }
        } catch (Exception e3) {
            throw new PKCS7Exception(e3);
        }
    }

    public static byte[] parseEnvelop(SecretStore secretStore, byte[] bArr) throws PKCS7Exception {
        return new PKCS7EnvelopUtil(secretStore).parseEnvelop(bArr);
    }

    public static X509Name getRecipientIssuerDN(byte[] bArr) throws PKCS7Exception {
        return getIssuerDnAndSN(bArr).getName();
    }

    public static BigInteger getRecipientSN(byte[] bArr) throws PKCS7Exception {
        return getIssuerDnAndSN(bArr).getSerialNumber().getPositiveValue();
    }

    protected static IssuerAndSerialNumber getIssuerDnAndSN(byte[] bArr) throws PKCS7Exception {
        if (bArr == null) {
            throw new IllegalArgumentException();
        }
        try {
            ContentInfo contentInfo = ContentInfo.getInstance(new ASN1InputStream(bArr).readObject());
            if (!contentInfo.getContentType().equals(CMSObjectIdentifiers.envelopedData)) {
                throw new PKCS7Exception(new StringBuffer("illegal content type ").append(contentInfo.getContentType().getId()).toString());
            }
            EnvelopedData envelopedData = EnvelopedData.getInstance(contentInfo.getContent());
            if (envelopedData == null) {
                throw new PKCS7Exception("parse envelopedData error");
            }
            if (envelopedData.getVersion().getValue().intValue() != 0) {
                throw new PKCS7Exception(new StringBuffer("unsupported envelopedData version ").append(envelopedData.getVersion().getValue().intValue()).toString());
            }
            try {
                return IssuerAndSerialNumber.getInstance(new ASN1InputStream(KeyTransRecipientInfo.getInstance(envelopedData.getRecipientInfos().getObjectAt(0)).getRecipientIdentifier().getDEREncoded()).readObject());
            } catch (Exception e) {
                throw new PKCS7Exception(e);
            }
        } catch (Exception e2) {
            throw new PKCS7Exception(e2);
        }
    }
}
