package com.aspose.email.internal.da;

import com.aspose.email.internal.b.an;
import com.aspose.email.system.DateTime;
import com.aspose.email.system.exceptions.ArgumentException;
import com.aspose.email.system.exceptions.CryptographicException;
import java.io.IOException;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Null;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.CMSAttributes;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.cms.SignerIdentifier;
import org.bouncycastle.asn1.cms.SignerInfo;
import org.bouncycastle.asn1.cms.Time;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.DigestInfo;
import org.bouncycastle.asn1.x509.X509Name;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.Signer;
import org.bouncycastle.crypto.engines.RSABlindedEngine;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.signers.PSSSigner;

/* loaded from: input_file:com/aspose/email/internal/da/p.class */
public class p {
    private static final ag a = ag.a;
    private o b = new o();
    private SignerInfo c;
    private AlgorithmIdentifier d;
    private AlgorithmIdentifier e;
    private final ASN1Set f;
    private final ASN1Set g;
    private y h;
    private byte[] i;
    private ASN1ObjectIdentifier j;
    private al k;
    private byte[] l;
    private AttributeTable m;
    private AttributeTable n;
    private final boolean o;

    public p(SignerInfo signerInfo, ASN1ObjectIdentifier aSN1ObjectIdentifier, y yVar, al alVar) {
        this.c = signerInfo;
        this.j = aSN1ObjectIdentifier;
        this.o = aSN1ObjectIdentifier == null;
        try {
            SignerIdentifier sid = signerInfo.getSID();
            if (sid.isTagged()) {
                this.b.b(ASN1OctetString.getInstance(sid.getId()).getEncoded());
            } else {
                IssuerAndSerialNumber issuerAndSerialNumber = IssuerAndSerialNumber.getInstance(sid.getId());
                this.b.a(X509Name.getInstance(issuerAndSerialNumber.getName()));
                this.b.a(issuerAndSerialNumber.getSerialNumber().getValue());
            }
            this.d = signerInfo.getDigestAlgorithm();
            this.f = signerInfo.getAuthenticatedAttributes();
            this.g = signerInfo.getUnauthenticatedAttributes();
            this.e = signerInfo.getDigestEncryptionAlgorithm();
            this.i = signerInfo.getEncryptedDigest().getOctets();
            this.h = yVar;
            this.k = alVar;
        } catch (IOException e) {
            throw new ArgumentException("invalid sid in SignerInfo");
        }
    }

    public o a() {
        return this.b;
    }

    public int b() {
        return this.c.getVersion().getValue().intValue();
    }

    public AlgorithmIdentifier c() {
        return this.d;
    }

    public String d() {
        return this.d.getObjectId().getId();
    }

    public String e() {
        return this.e.getObjectId().getId();
    }

    public AttributeTable f() {
        if (this.f != null && this.m == null) {
            this.m = new AttributeTable(this.f);
        }
        return this.m;
    }

    public AttributeTable g() {
        if (this.g != null && this.n == null) {
            this.n = new AttributeTable(this.g);
        }
        return this.n;
    }

    public byte[] h() {
        return (byte[]) this.i.clone();
    }

    public byte[] i() {
        try {
            if (this.f == null) {
                return null;
            }
            return this.f.getEncoded("DER");
        } catch (IOException e) {
            throw new CryptographicException(e.getMessage());
        }
    }

    private boolean a(AsymmetricKeyParameter asymmetricKeyParameter) {
        PSSSigner e;
        String a2 = a.a(d());
        Digest d = a.d(a2);
        ASN1ObjectIdentifier objectId = this.e.getObjectId();
        ASN1Encodable parameters = this.e.getParameters();
        if (!objectId.equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) {
            e = a.e(an.a(a2, "with", a.c(e())));
        } else {
            if (parameters == null) {
                throw new a("RSASSA-PSS signature must specify algorithm parameters");
            }
            try {
                RSASSAPSSparams rSASSAPSSparams = RSASSAPSSparams.getInstance(parameters.toASN1Primitive());
                if (!rSASSAPSSparams.getHashAlgorithm().getObjectId().equals(this.d.getObjectId())) {
                    throw new a("RSASSA-PSS signature parameters specified incorrect hash algorithm");
                }
                if (!rSASSAPSSparams.getMaskGenAlgorithm().getObjectId().equals(PKCSObjectIdentifiers.id_mgf1)) {
                    throw new a("RSASSA-PSS signature parameters specified unknown MGF");
                }
                Digest a3 = com.aspose.email.internal.dh.l.a(rSASSAPSSparams.getHashAlgorithm().getObjectId());
                int intValue = rSASSAPSSparams.getSaltLength().intValue();
                if (com.aspose.email.internal.eh.b.d(Byte.valueOf(com.aspose.email.internal.eh.b.a(Integer.valueOf(rSASSAPSSparams.getTrailerField().intValue()), 9)), 6) != 1) {
                    throw new a("RSASSA-PSS signature parameters must have trailerField of 1");
                }
                e = new PSSSigner(new RSABlindedEngine(), a3, intValue);
            } catch (RuntimeException e2) {
                throw new a("failed to set RSASSA-PSS signature parameters", e2);
            }
        }
        try {
            if (this.k != null) {
                this.l = this.k.a();
            } else {
                if (this.h != null) {
                    this.h.a(new ak(d));
                } else if (this.f == null) {
                    throw new a("data not encapsulated in signature - use detached constructor.");
                }
                this.l = com.aspose.email.internal.dh.l.a(d);
            }
            ASN1ObjectIdentifier a4 = a(CMSAttributes.contentType, "content-type");
            if (a4 != null) {
                if (this.o) {
                    throw new a("[For counter signatures,] the signedAttributes field MUST NOT contain a content-type attribute");
                }
                if (!com.aspose.email.internal.eh.b.b(a4, ASN1ObjectIdentifier.class)) {
                    throw new a("content-type attribute value not of ASN.1 type 'OBJECT IDENTIFIER'");
                }
                if (!a4.equals(this.j)) {
                    throw new a("content-type attribute value does not match eContentType");
                }
            } else if (!this.o && this.f != null) {
                throw new a("The content-type attribute type MUST be present whenever signed attributes are present in signed-data");
            }
            ASN1OctetString a5 = a(CMSAttributes.messageDigest, "message-digest");
            if (a5 != null) {
                if (!com.aspose.email.internal.eh.b.b(a5, ASN1OctetString.class)) {
                    throw new a("message-digest attribute value not of ASN.1 type 'OCTET STRING'");
                }
                if (!com.aspose.email.internal.dj.a.a(this.l, a5.getOctets())) {
                    throw new a("message-digest attribute value does not match calculated value");
                }
            } else if (this.f != null) {
                throw new a("the message-digest signed attribute type MUST be present when there are any signed attributes present");
            }
            AttributeTable f = f();
            if (f != null && f.getAll(CMSAttributes.counterSignature).size() > 0) {
                throw new a("A countersignature attribute MUST NOT be a signed attribute");
            }
            AttributeTable g = g();
            if (g != null) {
                ASN1EncodableVector all = g.getAll(CMSAttributes.counterSignature);
                for (int i = 0; i < all.size(); i++) {
                    if (all.get(i).getAttrValues().size() < 1) {
                        throw new a("A countersignature attribute MUST contain at least one AttributeValue");
                    }
                }
            }
            try {
                e.init(false, asymmetricKeyParameter);
                if (this.f != null) {
                    byte[] i2 = i();
                    e.update(i2, 0, i2.length);
                } else {
                    if (this.k != null) {
                        return a(this.l, asymmetricKeyParameter, h());
                    }
                    if (this.h != null) {
                        this.h.a(new n(e));
                    }
                }
                return e.verifySignature(h());
            } catch (com.aspose.email.internal.dh.b e3) {
                throw new a("key not appropriate to signature in message.", e3);
            } catch (com.aspose.email.internal.dh.e e4) {
                throw new a(an.a("invalid signature format in message: ", e4.getMessage()), e4);
            } catch (com.aspose.email.system.exceptions.IOException e5) {
                throw new a("can't process mime object to create signature.", e5);
            }
        } catch (com.aspose.email.system.exceptions.IOException e6) {
            throw new a("can't process mime object to create signature.", e6);
        }
    }

    private boolean a(ASN1Encodable aSN1Encodable) {
        return com.aspose.email.internal.eh.b.b(aSN1Encodable, ASN1Null.class) || aSN1Encodable == null;
    }

    private DigestInfo a(byte[] bArr) throws IOException {
        if (com.aspose.email.internal.eh.b.d(Byte.valueOf(bArr[0]), 6) != 48) {
            throw new com.aspose.email.system.exceptions.IOException("not a digest info object");
        }
        DigestInfo digestInfo = DigestInfo.getInstance(ASN1Primitive.fromByteArray(bArr));
        if (digestInfo.getEncoded().length != bArr.length) {
            throw new a("malformed RSA signature");
        }
        return digestInfo;
    }

    private boolean a(byte[] bArr, AsymmetricKeyParameter asymmetricKeyParameter, byte[] bArr2) {
        String c = a.c(e());
        try {
            if (!an.e(c, "RSA")) {
                if (!an.e(c, "DSA")) {
                    throw new a(an.a("algorithm: ", c, " not supported in base signatures."));
                }
                Signer b = com.aspose.email.internal.dh.q.b("NONEwithDSA");
                b.init(false, asymmetricKeyParameter);
                b.update(bArr, 0, bArr.length);
                return b.verifySignature(bArr2);
            }
            com.aspose.email.internal.dh.k kVar = new com.aspose.email.internal.dh.k(w.a.a("RSA/ECB/PKCS1Padding"));
            kVar.a(false, (CipherParameters) asymmetricKeyParameter);
            DigestInfo a2 = a(kVar.b(bArr2, 0, bArr2.length));
            if (a2.getAlgorithmId().getObjectId().equals(this.d.getObjectId()) && a(a2.getAlgorithmId().getParameters())) {
                return com.aspose.email.internal.dj.a.b(bArr, a2.getDigest());
            }
            return false;
        } catch (com.aspose.email.internal.dh.a e) {
            throw new a("Exception processing signature: " + e, e);
        } catch (IOException e2) {
            throw new a("Exception decoding signature: " + e2, e2);
        } catch (InvalidCipherTextException e3) {
            throw new a("Exception decoding signature: " + e3, e3);
        } catch (com.aspose.email.internal.dh.d e4) {
            throw e4;
        }
    }

    public boolean a(com.aspose.email.internal.p000do.c cVar) {
        Time k = k();
        if (k != null) {
            cVar.b(DateTime.fromJava(k.getDate()));
        }
        return a(cVar.n());
    }

    public SignerInfo j() {
        return this.c;
    }

    private ASN1Primitive a(ASN1ObjectIdentifier aSN1ObjectIdentifier, String str) {
        AttributeTable g = g();
        if (g != null && g.getAll(aSN1ObjectIdentifier).size() > 0) {
            throw new a(an.a("The ", str, " attribute MUST NOT be an unsigned attribute"));
        }
        AttributeTable f = f();
        if (f == null) {
            return null;
        }
        ASN1EncodableVector all = f.getAll(aSN1ObjectIdentifier);
        switch (all.size()) {
            case 0:
                return null;
            case 1:
                ASN1Set attrValues = all.get(0).getAttrValues();
                if (attrValues.size() != 1) {
                    throw new a(an.a("A ", str, " attribute MUST have a single attribute value"));
                }
                return attrValues.getObjectAt(0).toASN1Primitive();
            default:
                throw new a(an.a("The SignedAttributes in a signerInfo MUST NOT include multiple instances of the ", str, " attribute"));
        }
    }

    private Time k() {
        ASN1Primitive a2 = a(CMSAttributes.signingTime, "signing-time");
        if (a2 == null) {
            return null;
        }
        try {
            return Time.getInstance(a2);
        } catch (ArgumentException e) {
            throw new a("signing-time attribute value not a valid 'Time' structure");
        }
    }
}
