package com.timevale.esign.sdk.tech.v3.util;

import com.timevale.tgtext.bouncycastle.asn1.DEROutputStream;
import com.timevale.tgtext.bouncycastle.asn1.cms.ContentInfo;
import com.timevale.tgtext.bouncycastle.asn1.gm.GMObjectIdentifiers;
import com.timevale.tgtext.bouncycastle.cert.X509CertificateHolder;
import com.timevale.tgtext.bouncycastle.cms.CMSException;
import com.timevale.tgtext.bouncycastle.cms.CMSProcessableByteArray;
import com.timevale.tgtext.bouncycastle.cms.CMSSignedData;
import com.timevale.tgtext.bouncycastle.cms.CMSSignedDataGenerator;
import com.timevale.tgtext.bouncycastle.cms.SignerInformation;
import com.timevale.tgtext.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import com.timevale.tgtext.bouncycastle.jcajce.provider.digest.SM3;
import com.timevale.tgtext.bouncycastle.jce.provider.BouncyCastleProvider;
import com.timevale.tgtext.bouncycastle.operator.ContentSigner;
import com.timevale.tgtext.bouncycastle.operator.OperatorCreationException;
import com.timevale.tgtext.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import com.timevale.tgtext.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import esign.utils.exception.SuperException;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Arrays;

/* compiled from: SignatureTemplate.java */
/* loaded from: input_file:com/timevale/esign/sdk/tech/v3/util/aa.class */
public class aa {

    /* compiled from: SignatureTemplate.java */
    /* loaded from: input_file:com/timevale/esign/sdk/tech/v3/util/aa$a.class */
    public static class a extends RuntimeException {
        public a(String str) {
            super(str);
        }
    }

    public static byte[] a(byte[] bArr, y yVar) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance(yVar.c());
        signature.initSign(yVar.a());
        signature.update(bArr);
        return signature.sign();
    }

    public static boolean a(byte[] bArr, byte[] bArr2, byte[] bArr3, y yVar) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, SuperException {
        if (!a(bArr, bArr2, yVar)) {
            throw new a("验证失败，签名结果验签失败");
        }
        if (bArr3 == null || bArr3.length == 0 || com.timevale.timestamp.utils.e.a(bArr2, bArr3)) {
            return true;
        }
        throw new a("验证失败，时间戳签名值验证失败。");
    }

    public static boolean a(byte[] bArr, byte[] bArr2, y yVar) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance(yVar.c());
        signature.initVerify(yVar.e());
        signature.update(bArr);
        return signature.verify(bArr2);
    }

    public static byte[] b(byte[] bArr, y yVar) throws CMSException, IOException, OperatorCreationException {
        CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
        ContentSigner build = new JcaContentSignerBuilder(yVar.c()).setProvider(yVar.b()).build(yVar.a());
        X509CertificateHolder x509CertificateHolder = new X509CertificateHolder(yVar.d());
        cMSSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(yVar.b()).build()).build(build, x509CertificateHolder));
        cMSSignedDataGenerator.addCertificate(x509CertificateHolder);
        ContentInfo aSN1Structure = cMSSignedDataGenerator.generate(new CMSProcessableByteArray(bArr), true).toASN1Structure();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            new DEROutputStream(byteArrayOutputStream).writeObject(aSN1Structure);
            return byteArrayOutputStream.toByteArray();
        } finally {
            try {
                byteArrayOutputStream.close();
            } catch (IOException unused) {
            }
        }
    }

    public static boolean a(byte[] bArr, byte[] bArr2) throws CMSException, IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, SuperException {
        CMSSignedData cMSSignedData = new CMSSignedData(bArr2);
        SignerInformation signerInformation = (SignerInformation) cMSSignedData.getSignerInfos().getSigners().toArray()[0];
        boolean a2 = a(signerInformation.getEncodedSignedAttributes(), signerInformation.getSignature(), z.a(signerInformation.getEncryptionAlgOID(), ((X509CertificateHolder) cMSSignedData.getCertificates().iterator().next()).getEncoded()));
        boolean z = a2;
        if (!a2) {
            throw new a("验证失败，签名结果验签失败");
        }
        if (bArr.length > 0) {
            z = Arrays.equals(bArr, (byte[]) cMSSignedData.getSignedContent().getContent());
        }
        if (z) {
            return true;
        }
        throw new a("验证失败，签名结果验签失败");
    }

    static {
        Security.removeProvider("BC");
        Security.removeProvider("SM");
        x xVar = new x();
        xVar.put("MessageDigest.SM3", SM3.class.getName() + "$Digest");
        xVar.put("Alg.Alias.MessageDigest.SM3", "SM3");
        xVar.put("Alg.Alias.MessageDigest.1.2.156.197.1.401", "SM3");
        xVar.put("Alg.Alias.MessageDigest." + GMObjectIdentifiers.sm3, "SM3");
        Security.addProvider(xVar);
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
