package iaik.cms;

import iaik.asn1.ASN1Object;
import iaik.asn1.CON_SPEC;
import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.DerInputStream;
import iaik.asn1.INTEGER;
import iaik.asn1.OCTET_STRING;
import iaik.asn1.ObjectID;
import iaik.asn1.SEQUENCE;
import iaik.asn1.SET;
import iaik.asn1.structures.AlgorithmID;
import iaik.asn1.structures.Attribute;
import iaik.asn1.structures.AttributeValue;
import iaik.cms.attributes.CMSContentType;
import iaik.cms.attributes.CMSMessageDigest;
import iaik.utils.CryptoUtils;
import iaik.utils.Util;
import iaik.x509.X509Certificate;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Enumeration;
import javax.crypto.SecretKey;

/* loaded from: classes.dex */
public class AuthenticatedData extends AuthenticatedDataStream implements Content {
    private byte[] v;

    protected AuthenticatedData() {
        this.o = -1;
    }

    public AuthenticatedData(ObjectID objectID, byte[] bArr, AlgorithmID algorithmID, int i, AlgorithmParameterSpec algorithmParameterSpec, int i2) {
        this(objectID, bArr, algorithmID, i, algorithmParameterSpec, null, i2, null);
    }

    public AuthenticatedData(ObjectID objectID, byte[] bArr, AlgorithmID algorithmID, int i, AlgorithmParameterSpec algorithmParameterSpec, int i2, SecurityProvider securityProvider) {
        this(objectID, bArr, algorithmID, i, algorithmParameterSpec, null, i2, securityProvider);
    }

    public AuthenticatedData(ObjectID objectID, byte[] bArr, AlgorithmID algorithmID, int i, AlgorithmParameterSpec algorithmParameterSpec, AlgorithmID algorithmID2, int i2) {
        this(objectID, bArr, algorithmID, i, algorithmParameterSpec, algorithmID2, i2, null);
    }

    public AuthenticatedData(ObjectID objectID, byte[] bArr, AlgorithmID algorithmID, int i, AlgorithmParameterSpec algorithmParameterSpec, AlgorithmID algorithmID2, int i2, SecurityProvider securityProvider) {
        this();
        if (objectID == null) {
            throw new NullPointerException("Cannot create AuthenticatedData. Missing encapsulated content type!");
        }
        if (i2 != 1 && i2 != 2) {
            throw new IllegalArgumentException(new StringBuffer("Illegal mode specification: ").append(i2).append("! Expected 1 (implicit) or 2 (explicit)").toString());
        }
        if (algorithmID == null) {
            throw new NullPointerException("Cannot create AuthenticatedData from null mac algorithm!");
        }
        this.i = objectID;
        this.v = bArr;
        this.e = algorithmID;
        this.g = i;
        this.f = algorithmParameterSpec;
        this.h = algorithmID2;
        this.p = securityProvider;
        this.f2709a = i2;
        SecurityProvider securityProvider2 = this.p;
        this.n = (securityProvider2 == null ? SecurityProvider.getSecurityProvider() : securityProvider2).generateKey(this.e, this.g);
        this.r = true;
    }

    public AuthenticatedData(ObjectID objectID, byte[] bArr, AlgorithmID algorithmID, byte[] bArr2, AlgorithmID algorithmID2, int i) {
        this();
        if (objectID == null) {
            throw new NullPointerException("Cannot create AuthenticatedData. Missing encapsulated content type!");
        }
        if (algorithmID == null) {
            throw new NullPointerException("Cannot create AuthenticatedData from null mac algorithm!");
        }
        if (i != 1 && i != 2) {
            throw new IllegalArgumentException(new StringBuffer("Illegal mode specification: ").append(i).append("! Expected 1 (implicit) or 2 (explicit)").toString());
        }
        this.i = objectID;
        this.v = bArr;
        this.e = algorithmID;
        this.l = bArr2;
        this.h = algorithmID2;
        this.r = false;
        this.f2709a = i;
    }

    public AuthenticatedData(InputStream inputStream) {
        this(inputStream, null);
    }

    public AuthenticatedData(InputStream inputStream, SecurityProvider securityProvider) {
        this();
        this.p = securityProvider;
        decode(inputStream);
    }

    @Override // iaik.cms.Content
    public void decode(ASN1Object aSN1Object) {
        try {
            decode(new ByteArrayInputStream(DerCoder.encode(aSN1Object)));
        } catch (IOException e) {
            throw new CMSParsingException(e.getMessage());
        }
    }

    @Override // iaik.cms.AuthenticatedDataStream, iaik.cms.ContentStream
    public void decode(InputStream inputStream) {
        KeyAgreeRecipientInfo keyAgreeRecipientInfo;
        KeyIdentifier originator;
        this.s = true;
        DerInputStream readSequence = ((DerInputStream) (!(inputStream instanceof DerInputStream) ? new DerInputStream(inputStream) : inputStream)).readSequence();
        if (readSequence.nextTag() != 6) {
            this.q = readSequence;
        } else {
            if (!readSequence.readObjectID().equals(ObjectID.cms_authData)) {
                throw new CMSParsingException("Content type not AutheticatedData!");
            }
            this.q = readSequence.readContextSpecific().readSequence();
        }
        this.f2710b = this.q.readInteger().intValue();
        if (this.q.nextIsContextSpecific()) {
            int readContextSpecific = this.q.readContextSpecific(16);
            if (readContextSpecific != 0) {
                throw new CMSParsingException(new StringBuffer("Invalid OriginatorInfo tag: ").append(readContextSpecific).append("(Expected 0)").toString());
            }
            this.f2711c = new OriginatorInfo(this.q);
        }
        RecipientInfo[] parseRecipientInfos = RecipientInfo.parseRecipientInfos(this.q, this.p);
        this.f2712d = Util.getVector(parseRecipientInfos);
        if (this.f2711c != null && !this.f2711c.isEmpty()) {
            int i = 0;
            while (true) {
                int i2 = i;
                if (i2 >= parseRecipientInfos.length) {
                    break;
                }
                if (parseRecipientInfos[i2].getRecipientInfoType() == 1 && (originator = (keyAgreeRecipientInfo = (KeyAgreeRecipientInfo) parseRecipientInfos[i2]).getOriginator()) != null && originator.getKeyIdType() != 4) {
                    try {
                        X509Certificate certificate = this.f2711c.getCertificate((CertificateIdentifier) originator);
                        if (certificate != null) {
                            keyAgreeRecipientInfo.a(certificate.getPublicKey(), (PrivateKey) null);
                        }
                    } catch (Exception e) {
                    }
                }
                i = i2 + 1;
            }
        }
        this.e = new AlgorithmID(this.q);
        if (this.q.nextIsContextSpecific()) {
            int readContextSpecific2 = this.q.readContextSpecific(16);
            if (readContextSpecific2 != 1) {
                throw new CMSParsingException(new StringBuffer("Invalid digestAlgorithm tag: ").append(readContextSpecific2).append("(Expected 1)").toString());
            }
            this.h = new AlgorithmID(this.q);
        }
        this.j = new EncapsulatedContentInfo(this.q);
        this.i = this.j.getContentType();
        if (this.j.hasContent()) {
            this.v = ((EncapsulatedContentInfo) this.j).getContent();
        } else {
            this.f2709a = 2;
        }
        notifyEOF();
    }

    public byte[] getContent() {
        return this.v;
    }

    public byte[] getEncoded() {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            DerCoder.encodeTo(toASN1Object(), byteArrayOutputStream);
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            throw new CMSException(e.getMessage());
        }
    }

    @Override // iaik.cms.AuthenticatedDataStream
    public InputStream getInputStream() {
        if (this.v == null) {
            return null;
        }
        return new ByteArrayInputStream(this.v);
    }

    public void setContent(byte[] bArr) {
        this.v = bArr;
    }

    @Override // iaik.cms.AuthenticatedDataStream
    public void setInputStream(InputStream inputStream) {
        if (inputStream != null) {
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                Utils.copyStream(inputStream, byteArrayOutputStream, null);
                this.v = byteArrayOutputStream.toByteArray();
            } catch (Exception e) {
                throw new CMSRuntimeException("Error reading from stream!", e);
            }
        }
    }

    @Override // iaik.cms.AuthenticatedDataStream
    public void setupMac(SecretKey secretKey) {
        this.n = secretKey;
    }

    @Override // iaik.cms.AuthenticatedDataStream
    protected ASN1Object toASN1Object(int i) {
        SecurityProvider securityProvider = this.p;
        SecurityProvider securityProvider2 = securityProvider == null ? SecurityProvider.getSecurityProvider() : securityProvider;
        if (i <= 0) {
            i = this.o;
        }
        if (this.i == null) {
            throw new NullPointerException("Encapsulated content type not set.");
        }
        if (this.f2712d == null || this.f2712d.size() == 0) {
            throw new NullPointerException("No recipients specified.");
        }
        if (this.e == null) {
            throw new NullPointerException("No Mac algorithm specified.");
        }
        if (this.n != null && this.r) {
            Enumeration elements = this.f2712d.elements();
            while (elements.hasMoreElements()) {
                ((RecipientInfo) elements.nextElement()).encryptKey(this.n);
            }
            this.r = false;
        }
        SEQUENCE sequence = new SEQUENCE(i > 0);
        sequence.addComponent(new INTEGER(this.f2710b));
        if (this.f2711c != null && !this.f2711c.isEmpty()) {
            sequence.addComponent(new CON_SPEC(0, this.f2711c.toASN1Object(), true));
        }
        sequence.addComponent(RecipientInfo.createRecipientInfos(this.f2712d));
        if (this.e.getParameter() == null) {
            this.e.encodeAbsentParametersAsNull(false);
        }
        sequence.addComponent(this.e.toASN1Object());
        if (this.h != null) {
            sequence.addComponent(new CON_SPEC(1, this.h.toASN1Object(), true));
        }
        if (this.f2709a != 1 || this.v == null) {
            this.j = new EncapsulatedContentInfo(this.i);
        } else {
            this.j = new EncapsulatedContentInfo(this.v, this.i);
            this.j.setBlockSize(i);
        }
        sequence.addComponent(this.j.toASN1Object());
        SET set = null;
        if (this.k.size() > 0) {
            if (this.h == null) {
                throw new NullPointerException("Digest algorithm not allowed to be null when auth attributes are present!");
            }
            if (this.k.getAttribute(ObjectID.messageDigest) == null) {
                try {
                    this.k.addAttribute(new Attribute(new CMSMessageDigest(securityProvider2.getHash(this.h, this.v))));
                } catch (CodingException e) {
                    throw new CMSException(new StringBuffer("Cannot create MessageDigest attribute: ").append(e.getMessage()).toString());
                } catch (NoSuchAlgorithmException e2) {
                    throw new CMSException(new StringBuffer("Cannot calculate MessageDigest attribute! Algorithm ").append(this.h.getAlgorithm().getName()).append(" not supported!").toString());
                }
            }
            try {
                set = this.k.toAsn1SET(true);
                sequence.addComponent(new CON_SPEC(2, set, true));
            } catch (CodingException e3) {
                throw new CMSException(new StringBuffer("Cannot create ASN.1 set of authenticated attributes: ").append(e3.getMessage()).toString());
            }
        }
        if (this.l == null) {
            try {
                this.l = securityProvider2.calculateMac(this.e, this.n, this.f, set != null ? DerCoder.encode(set) : this.v);
            } catch (Exception e4) {
                throw new CMSException(new StringBuffer("Mac calculation error: ").append(e4.toString()).toString());
            }
        }
        sequence.addComponent(new OCTET_STRING(this.l));
        if (this.m.size() > 0) {
            try {
                sequence.addComponent(new CON_SPEC(3, this.m.toAsn1SET(), true));
            } catch (CodingException e5) {
                throw new CMSException(new StringBuffer("Cannot create ASN.1 set of unauthenticated attributes: ").append(e5.getMessage()).toString());
            }
        }
        return sequence;
    }

    @Override // iaik.cms.AuthenticatedDataStream
    public boolean verifyMac() {
        AttributeValue attributeValue;
        SecurityProvider securityProvider = this.p;
        SecurityProvider securityProvider2 = securityProvider == null ? SecurityProvider.getSecurityProvider() : securityProvider;
        if (this.e == null) {
            throw new NullPointerException("Cannot verify Mac. Mac algorithm not allowed to be null!");
        }
        if (this.n == null) {
            throw new NullPointerException("Cannot verify Mac. Mac key is null!");
        }
        if (this.v == null) {
            throw new NullPointerException("Cannot verify Mac from null content!");
        }
        try {
            this.f = securityProvider2.getAlgorithmParameterSpec(this.e);
        } catch (Exception e) {
        }
        try {
            if (this.k.size() <= 0) {
                return CryptoUtils.equalsBlock(this.l, securityProvider2.calculateMac(this.e, this.n, this.f, this.v));
            }
            Attribute attribute = this.k.getAttribute(CMSContentType.oid);
            if (attribute != null && (attributeValue = attribute.getAttributeValue()) != null) {
                if (!(attributeValue instanceof CMSContentType ? (CMSContentType) attributeValue : new CMSContentType(attributeValue.toASN1Object())).get().equals(this.i)) {
                    throw new InvalidContentTypeException();
                }
            }
            if (this.h == null) {
                throw new NullPointerException("Cannot verify Mac. Digest algorithm not allowed to be null when auth attributes are present!");
            }
            if (CryptoUtils.equalsBlock(securityProvider2.getHash(this.h, this.v), getAuthenticatedDigest())) {
                return CryptoUtils.equalsBlock(this.l, securityProvider2.calculateMac(this.e, this.n, this.f, DerCoder.encode(this.k.toAsn1SET(!this.s))));
            }
            throw new InvalidContentHashException();
        } catch (CodingException e2) {
            throw new CMSMacException(new StringBuffer("Error encoding authenticated attributes: ").append(e2.toString()).toString());
        } catch (Exception e3) {
            throw new CMSMacException(e3.toString());
        }
    }
}
