package cmbc.cfca.sm2rsa.common;

import cfca.org.slf4j.Logger;
import cfca.org.slf4j.LoggerFactory;
import cmbc.cfca.asn1.parser.ASN1Node;
import cmbc.cfca.asn1.parser.PKCS7SignFileParser;
import cmbc.cfca.internal.tool.BigIntegerUtil;
import cmbc.cfca.org.bouncycastle.asn1.ASN1Encodable;
import cmbc.cfca.org.bouncycastle.asn1.ASN1EncodableVector;
import cmbc.cfca.org.bouncycastle.asn1.ASN1Integer;
import cmbc.cfca.org.bouncycastle.asn1.ASN1ObjectIdentifier;
import cmbc.cfca.org.bouncycastle.asn1.ASN1Primitive;
import cmbc.cfca.org.bouncycastle.asn1.ASN1Set;
import cmbc.cfca.org.bouncycastle.asn1.BERSet;
import cmbc.cfca.org.bouncycastle.asn1.DERNull;
import cmbc.cfca.org.bouncycastle.asn1.DEROctetString;
import cmbc.cfca.org.bouncycastle.asn1.DEROutputStream;
import cmbc.cfca.org.bouncycastle.asn1.DERSet;
import cmbc.cfca.org.bouncycastle.asn1.DERTaggedObject;
import cmbc.cfca.org.bouncycastle.asn1.pkcs.ContentInfo;
import cmbc.cfca.org.bouncycastle.asn1.pkcs.IssuerAndSerialNumber;
import cmbc.cfca.org.bouncycastle.asn1.pkcs.SignedData;
import cmbc.cfca.org.bouncycastle.asn1.pkcs.SignerInfo;
import cmbc.cfca.org.bouncycastle.asn1.x500.X500Name;
import cmbc.cfca.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import cmbc.cfca.org.bouncycastle.asn1.x509.Certificate;
import cmbc.cfca.rsa.signature.RSASignUtil;
import cmbc.cfca.sadk32.org.bouncycastle.asn1.sm2.ASN1SM2Signature;
import cmbc.cfca.sadk32.signature.sm2.SM2PackageUtil;
import cmbc.cfca.sm2.signature.SM2HashUtil;
import cmbc.cfca.sm2.signature.SM2PublicKey;
import cmbc.cfca.sm2.signature.SM2SignerInfo;
import cmbc.cfca.sm2.signature.SM2SignerInfo2;
import cmbc.cfca.sm2.signature.SM2SignerInfox;
import cmbc.cfca.system.Debugger;
import cmbc.cfca.util.cipher.lib.BCSoftLib;
import cmbc.cfca.util.cipher.lib.JNISoftLib;
import cmbc.cfca.util.cipher.lib.Session;
import cmbc.cfca.x509.certificate.X509Cert;
import java.io.File;
import java.io.FileOutputStream;
import java.math.BigInteger;
import java.security.PublicKey;
import java.util.Enumeration;

/* loaded from: input_file:cmbc/cfca/sm2rsa/common/PKCS7SignedFile.class */
public class PKCS7SignedFile {
    static final Logger logger = LoggerFactory.getLogger(PKCS7SignedFile.class);
    private String digestAlgorithm;
    private byte[] signature;
    private byte[] sourceData;
    private X509Cert signerCert;
    private final Session session;

    public PKCS7SignedFile(Session session) {
        this.session = session == null ? new BCSoftLib() : session;
    }

    private X509Cert getSignerCert(X509Cert[] x509CertArr, IssuerAndSerialNumber issuerAndSerialNumber) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("getSignerCert::>>>>>>Running");
            stringBuffer.append("\n certs: ");
            stringBuffer.append(Debugger.dump(x509CertArr));
            stringBuffer.append("\n issuerAndSN: ");
            stringBuffer.append(Debugger.dump(issuerAndSerialNumber));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (x509CertArr == null) {
                throw new PKIException("null not allowed for certs");
            }
            if (issuerAndSerialNumber == null) {
                throw new PKIException("null not allowed for issuerAndSN");
            }
            String x500Name = issuerAndSerialNumber.getName().toString();
            BigInteger value = issuerAndSerialNumber.getCertificateSerialNumber().getValue();
            for (int i = 0; i < x509CertArr.length; i++) {
                if (x509CertArr[i] != null) {
                    X500Name issuerX500Name = x509CertArr[i].getIssuerX500Name();
                    BigInteger serialNumber = x509CertArr[i].getSerialNumber();
                    if (issuerX500Name.toString().equals(x500Name) && serialNumber.compareTo(value) == 0) {
                        if (logger.isDebugEnabled()) {
                            StringBuffer stringBuffer2 = new StringBuffer();
                            stringBuffer2.append("getSignerCert::<<<<<<Finished");
                            stringBuffer2.append("\n match cert: ");
                            stringBuffer2.append(Debugger.dump(x509CertArr[i]));
                            logger.debug(stringBuffer2.toString());
                        }
                        return x509CertArr[i];
                    }
                }
            }
            if (!logger.isErrorEnabled()) {
                return null;
            }
            StringBuffer stringBuffer3 = new StringBuffer();
            stringBuffer3.append("getSignerCert::<<<<<<NO NOT FIND SignerCert");
            stringBuffer3.append("\n certs: ");
            stringBuffer3.append(Debugger.dump(x509CertArr));
            stringBuffer3.append("\n issuerAndSN: ");
            stringBuffer3.append(Debugger.dump(issuerAndSerialNumber));
            logger.error(stringBuffer3.toString());
            return null;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer4 = new StringBuffer();
                stringBuffer4.append("getSignerCert::<<<<<<Failure");
                stringBuffer4.append("\n certs: ");
                stringBuffer4.append(Debugger.dump(x509CertArr));
                stringBuffer4.append("\n issuerAndSN: ");
                stringBuffer4.append(Debugger.dump(issuerAndSerialNumber));
                logger.error(stringBuffer4.toString(), e);
            }
            throw e;
        } catch (Exception e2) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer5 = new StringBuffer();
                stringBuffer5.append("getSignerCert::<<<<<<Failure");
                stringBuffer5.append("\n certs: ");
                stringBuffer5.append(Debugger.dump(x509CertArr));
                stringBuffer5.append("\n issuerAndSN: ");
                stringBuffer5.append(Debugger.dump(issuerAndSerialNumber));
                logger.error(stringBuffer5.toString(), e2);
            }
            throw new PKIException(e2);
        }
    }

    public final boolean verifyP7SignedFile(String str, String str2) throws Exception {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("verifyP7SignedFile>>>>>>Running");
            stringBuffer.append("\n signFile: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n saveSrcFilePath: ");
            stringBuffer.append(Debugger.dump(str2));
            logger.debug(stringBuffer.toString());
        }
        if (str == null) {
            logger.error("verifyP7SignedFile<<<<<<Failure: null not allowed for signFile");
            throw new IllegalArgumentException("null not allowed for signFile");
        }
        try {
            PKCS7SignFileParser pKCS7SignFileParser = new PKCS7SignFileParser(new File(str));
            pKCS7SignFileParser.parser();
            logger.debug("verifyP7SignedFile::::::Parser Okay");
            X509Cert x509Cert = new X509Cert(Certificate.getInstance(ASN1Set.getInstance(DERTaggedObject.getInstance(pKCS7SignFileParser.getCertificate_node().getData()), false).getObjectAt(0)));
            if (x509Cert.isSM2Cert()) {
                logger.debug("verifyP7SignedFile::::::verifySM2P7SignedFile");
                return verifySM2P7SignedFile(str, str2, true, null, pKCS7SignFileParser);
            }
            if (!x509Cert.isRSACert()) {
                throw new SecurityException("Invalid signCert[RSA/SM2]");
            }
            logger.debug("verifyP7SignedFile:::::verifyRSAP7SignedFile");
            return verifyRSAP7SignedFile(str, str2, pKCS7SignFileParser);
        } catch (Exception e) {
            logger.error("verifyP7SignedFile<<<<<<Failure", e);
            throw e;
        }
    }

    private boolean verifySM2P7SignedFile(String str, String str2, boolean z, byte[] bArr, PKCS7SignFileParser pKCS7SignFileParser) throws Exception {
        SM2SignerInfox sM2SignerInfo;
        byte[] hashFile;
        boolean verifyByBC;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("verifySM2P7SignedFile>>>>>>Running");
            stringBuffer.append("\n signFile: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n saveSrcFilePath: ");
            stringBuffer.append(Debugger.dump(str2));
            stringBuffer.append("\n ifZValue: " + z);
            stringBuffer.append("\n userId: ");
            stringBuffer.append(Debugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        try {
            ASN1Node aSN1Node = (ASN1Node) ((ASN1Node) pKCS7SignFileParser.getSourceData_node().childNodes.get(1)).childNodes.get(0);
            if (aSN1Node.childNodes.size() == 1) {
                logger.debug("verifySM2P7SignedFile::::::ASN1Node[sourceData]: size==1");
                aSN1Node = (ASN1Node) aSN1Node.childNodes.get(0);
            } else {
                logger.debug("verifySM2P7SignedFile::::::ASN1Node[sourceData]: size!=1");
            }
            ASN1Node certificate_node = pKCS7SignFileParser.getCertificate_node();
            ASN1Set aSN1Set = ASN1Set.getInstance(pKCS7SignFileParser.getSingerinfo_node().getData());
            ASN1Set aSN1Set2 = ASN1Set.getInstance(DERTaggedObject.getInstance(certificate_node.getData()), false);
            X509Cert[] x509CertArr = new X509Cert[aSN1Set2.size()];
            for (int i = 0; i < aSN1Set2.size(); i++) {
                x509CertArr[i] = new X509Cert(Certificate.getInstance(aSN1Set2.getObjectAt(i)));
            }
            Enumeration objects = aSN1Set.getObjects();
            if (!objects.hasMoreElements()) {
                logger.debug("verifySM2P7SignedFile<<<<<<Finished: False");
                return false;
            }
            if (isNewFormat()) {
                logger.debug("verifySM2P7SignedFile::::::isNewFormat=True");
                sM2SignerInfo = SM2SignerInfo2.getInstance(objects.nextElement());
            } else {
                logger.debug("verifySM2P7SignedFile::::::isNewFormat=False");
                sM2SignerInfo = SM2SignerInfo.getInstance(objects.nextElement());
            }
            IssuerAndSerialNumber issuerAndSerialNumber = sM2SignerInfo.getIssuerAndSerialNumber();
            X509Cert signerCert = getSignerCert(x509CertArr, issuerAndSerialNumber);
            this.signerCert = signerCert;
            if (signerCert == null) {
                if (logger.isErrorEnabled()) {
                    StringBuffer stringBuffer2 = new StringBuffer();
                    stringBuffer2.append("verifySM2P7SignedFile<<<<<<Failure: DO NOT FIND SignerCert");
                    stringBuffer2.append("\n issuerAndSN: ");
                    stringBuffer2.append(Debugger.dump(issuerAndSerialNumber));
                    stringBuffer2.append("\n certs: ");
                    stringBuffer2.append(Debugger.dump(x509CertArr));
                    logger.error(stringBuffer2.toString());
                }
                throw new PKIException(PKIException.VERIFY_P7_SIGNEDDATA_CERT_NOTFUND_ERR, PKIException.VERIFY_P7_SIGNEDDATA_CERT_NOTFUND_ERR_DES);
            }
            PublicKey publicKey = signerCert.getPublicKey();
            byte[] asUnsigned32ByteArray = BigIntegerUtil.asUnsigned32ByteArray(sM2SignerInfo.getEncryptedDigestR().getPositiveValue());
            byte[] asUnsigned32ByteArray2 = BigIntegerUtil.asUnsigned32ByteArray(sM2SignerInfo.getEncryptedDigestS().getPositiveValue());
            byte[] bArr2 = new byte[64];
            System.arraycopy(asUnsigned32ByteArray, 0, bArr2, 0, 32);
            System.arraycopy(asUnsigned32ByteArray2, 0, bArr2, 32, 32);
            this.digestAlgorithm = Mechanism.SM3;
            this.signature = bArr2;
            this.sourceData = "source file is too big, will not display,please see the sourceFilePath attribute".getBytes("UTF8");
            long j = aSN1Node.valueStartPos;
            long j2 = aSN1Node.valueLength;
            if (z) {
                logger.debug("verifySM2P7SignedFile::::::ifZValue=True");
                hashFile = SM2HashUtil.hashFile(true, bArr, aSN1Node.f.getAbsolutePath(), j, j2, publicKey, str2, this.session);
            } else {
                logger.debug("verifySM2P7SignedFile::::::ifZValue=False");
                hashFile = SM2HashUtil.hashFile(false, null, aSN1Node.f.getAbsolutePath(), j, j2, null, str2, this.session);
            }
            if (this.session instanceof JNISoftLib) {
                logger.debug("verifySM2P7SignedFile::::::verifyByJNI Running");
                SM2PublicKey sM2PublicKey = (SM2PublicKey) publicKey;
                verifyByBC = SM2PackageUtil.verifyByJNI(hashFile, bArr2, sM2PublicKey.getPubX(), sM2PublicKey.getPubY());
                logger.debug("verifySM2P7SignedFile::::::verifyByJNI Finished");
            } else {
                logger.debug("verifySM2P7SignedFile::::::verifyByBC Running");
                verifyByBC = SM2PackageUtil.verifyByBC(hashFile, bArr2, publicKey);
                logger.debug("verifySM2P7SignedFile::::::verifyByBC Finished");
            }
            if (logger.isDebugEnabled()) {
                logger.debug("verifySM2P7SignedFile<<<<<<Finished: verifyResult=" + verifyByBC);
            }
            return verifyByBC;
        } catch (Exception e) {
            logger.error("verifySM2P7SignedFile<<<<<<Failure", e);
            throw new PKIException(PKIException.PARSE_P7_SIGNEDDATA_ERR, PKIException.VERIFY_P7_SIGNEDDATA_ERR_DES, e);
        }
    }

    private boolean verifyRSAP7SignedFile(String str, String str2, PKCS7SignFileParser pKCS7SignFileParser) throws Exception {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("verifyRSAP7SignedFile>>>>>>Running");
            stringBuffer.append("\n signFile: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n saveSrcFilePath: ");
            stringBuffer.append(Debugger.dump(str2));
            logger.debug(stringBuffer.toString());
        }
        try {
            ASN1Node aSN1Node = (ASN1Node) ((ASN1Node) pKCS7SignFileParser.getSourceData_node().childNodes.get(1)).childNodes.get(0);
            if (aSN1Node.childNodes.size() == 1) {
                logger.debug("verifyRSAP7SignedFile::::::ASN1Node[sourceData]: size==1");
                aSN1Node = (ASN1Node) aSN1Node.childNodes.get(0);
            } else {
                logger.debug("verifyRSAP7SignedFile::::::ASN1Node[sourceData]: size!=1");
            }
            ASN1Node certificate_node = pKCS7SignFileParser.getCertificate_node();
            ASN1Set aSN1Set = ASN1Set.getInstance(pKCS7SignFileParser.getSingerinfo_node().getData());
            ASN1Set aSN1Set2 = ASN1Set.getInstance(DERTaggedObject.getInstance(certificate_node.getData()), false);
            X509Cert[] x509CertArr = new X509Cert[aSN1Set2.size()];
            for (int i = 0; i < aSN1Set2.size(); i++) {
                x509CertArr[i] = new X509Cert(Certificate.getInstance(aSN1Set2.getObjectAt(i)));
            }
            Enumeration objects = aSN1Set.getObjects();
            if (!objects.hasMoreElements()) {
                logger.debug("verifyRSAP7SignedFile<<<<<<Finished: False");
                return false;
            }
            SignerInfo signerInfo = SignerInfo.getInstance(objects.nextElement());
            IssuerAndSerialNumber issuerAndSerialNumber = signerInfo.getIssuerAndSerialNumber();
            X509Cert signerCert = getSignerCert(x509CertArr, issuerAndSerialNumber);
            if (signerCert == null) {
                if (logger.isErrorEnabled()) {
                    StringBuffer stringBuffer2 = new StringBuffer();
                    stringBuffer2.append("verifyRSAP7SignedFile<<<<<<Failure: DO NOT FIND SignerCert");
                    stringBuffer2.append("\n issuerAndSN: ");
                    stringBuffer2.append(Debugger.dump(issuerAndSerialNumber));
                    stringBuffer2.append("\n certs: ");
                    stringBuffer2.append(Debugger.dump(x509CertArr));
                    logger.error(stringBuffer2.toString());
                }
                throw new PKIException(PKIException.VERIFY_P7_SIGNEDDATA_CERT_NOTFUND_ERR, PKIException.VERIFY_P7_SIGNEDDATA_CERT_NOTFUND_ERR_DES);
            }
            this.signerCert = signerCert;
            ASN1ObjectIdentifier algorithm = signerInfo.getDigestEncryptionAlgorithm().getAlgorithm();
            if (algorithm.equals(PKCSObjectIdentifiers.rsaEncryption) || algorithm.equals(PKCSObjectIdentifiers.md5WithRSAEncryption) || algorithm.equals(PKCSObjectIdentifiers.sha1WithRSAEncryption) || algorithm.equals(PKCSObjectIdentifiers.sha256WithRSAEncryption) || algorithm.equals(PKCSObjectIdentifiers.sha512WithRSAEncryption)) {
                String GetDigestAlgorithm = RSASignUtil.GetDigestAlgorithm(signerInfo.getDigestAlgorithm().getAlgorithm());
                this.digestAlgorithm = GetDigestAlgorithm;
                PublicKey publicKey = signerCert.getPublicKey();
                byte[] octets = signerInfo.getEncryptedDigest().getOctets();
                this.signature = octets;
                this.sourceData = "source file is too big, will not display".getBytes("UTF8");
                if (logger.isDebugEnabled()) {
                    logger.debug("verifyRSAP7SignedFile::::::verifySignFile Running signature=" + Debugger.dump(octets));
                }
                boolean verifySignFile = RSASignUtil.verifySignFile(GetDigestAlgorithm, publicKey, aSN1Node.f.getAbsolutePath(), aSN1Node.valueStartPos, aSN1Node.valueLength, octets, str2, this.session);
                logger.debug("verifyRSAP7SignedFile::::::verifySignFile Finished");
                if (logger.isDebugEnabled()) {
                    logger.debug("verifyRSAP7SignedFile<<<<<<Finished: verifyResult=" + verifySignFile);
                }
                return verifySignFile;
            }
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer3 = new StringBuffer();
                stringBuffer3.append("verifyRSAP7SignedFile<<<<<<Failure: DO NOT SUPPORT DigestEncryptionAlgorithm");
                stringBuffer3.append("\n encryptionId: ");
                stringBuffer3.append(Debugger.dump((ASN1Primitive) algorithm));
                stringBuffer3.append("\n Valid DigestEncryptionAlgorithm : ");
                stringBuffer3.append("\n ").append(Debugger.dump((ASN1Primitive) PKCSObjectIdentifiers.rsaEncryption));
                stringBuffer3.append("\n ").append(Debugger.dump((ASN1Primitive) PKCSObjectIdentifiers.md5WithRSAEncryption));
                stringBuffer3.append("\n ").append(Debugger.dump((ASN1Primitive) PKCSObjectIdentifiers.sha1WithRSAEncryption));
                stringBuffer3.append("\n ").append(Debugger.dump((ASN1Primitive) PKCSObjectIdentifiers.sha256WithRSAEncryption));
                stringBuffer3.append("\n ").append(Debugger.dump((ASN1Primitive) PKCSObjectIdentifiers.sha512WithRSAEncryption));
                logger.error(stringBuffer3.toString());
            }
            throw new PKIException(PKIException.UNSUPPORT_ENCRYPT_ALG_SIGNANDENVELOP_ERR, PKIException.UNSUPPORT_SIGNED_ALG_SIGNANDENVELOP_ERR_DES);
        } catch (Exception e) {
            logger.error("verifyRSAP7SignedFile<<<<<<Failure", e);
            throw new PKIException(PKIException.PARSE_P7_SIGNEDDATA_ERR, PKIException.VERIFY_P7_SIGNEDDATA_ERR_DES, e);
        }
    }

    public final void packageRSASignedFile(String str, String str2, String str3, byte[] bArr, Mechanism mechanism, X509Cert[] x509CertArr) throws PKIException {
        ContentInfo contentInfo;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("packageRSASignedFile>>>>>>Running");
            stringBuffer.append("\n contentType: " + str);
            stringBuffer.append("\n sourceFile: ");
            stringBuffer.append(Debugger.dump(str2));
            stringBuffer.append("\n signFile: ");
            stringBuffer.append(Debugger.dump(str3));
            stringBuffer.append("\n signature: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(Debugger.dump(mechanism));
            stringBuffer.append("\n certs: ");
            stringBuffer.append(Debugger.dump(x509CertArr));
            logger.debug(stringBuffer.toString());
        }
        if (x509CertArr == null || x509CertArr.length == 0) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append("packageRSASignedFile<<<<<<Failure: Required certs");
                stringBuffer2.append("\n certs: ");
                stringBuffer2.append(Debugger.dump(x509CertArr));
                logger.error(stringBuffer2.toString());
            }
            throw new PKIException(PKIException.NULL_ENCRYPT_CERTS_ERR, PKIException.NULL_ENCRYPT_CERTS_ERR_DES);
        }
        try {
            DEROctetString dEROctetString = new DEROctetString(bArr);
            IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(x509CertArr[0].getIssuerX500Name(), x509CertArr[0].getSerialNumber());
            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, (ASN1Encodable) new DERNull());
            AlgorithmIdentifier algorithmIdentifier2 = null;
            String mechanismType = mechanism.getMechanismType();
            if (mechanismType.equals("MD5withRSAEncryption")) {
                algorithmIdentifier2 = new AlgorithmIdentifier(PKCSObjectIdentifiers.md5, (ASN1Encodable) new DERNull());
            } else if (mechanismType.equals("SHA1withRSAEncryption")) {
                algorithmIdentifier2 = new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1, (ASN1Encodable) new DERNull());
            } else if (mechanismType.equals("SHA256withRSAEncryption")) {
                algorithmIdentifier2 = new AlgorithmIdentifier(PKCSObjectIdentifiers.sha256, (ASN1Encodable) new DERNull());
            } else if (mechanismType.equals("SHA512withRSA")) {
                algorithmIdentifier2 = new AlgorithmIdentifier(PKCSObjectIdentifiers.sha512, (ASN1Encodable) new DERNull());
            }
            SignerInfo signerInfo = new SignerInfo(new ASN1Integer(1), issuerAndSerialNumber, algorithmIdentifier2, null, algorithmIdentifier, dEROctetString, null);
            PKCS7AttachSourceFile pKCS7AttachSourceFile = new PKCS7AttachSourceFile(new File(str2));
            if (str == null) {
                if (logger.isDebugEnabled()) {
                    logger.debug("packageRSASignedFile::::::contentType=RFC(" + PKCSObjectIdentifiers.data.getId() + ")");
                }
                contentInfo = new ContentInfo(PKCSObjectIdentifiers.data, pKCS7AttachSourceFile);
            } else {
                if (logger.isDebugEnabled()) {
                    logger.debug("packageRSASignedFile::::::contentType=" + str);
                }
                contentInfo = new ContentInfo(new ASN1ObjectIdentifier(str), pKCS7AttachSourceFile);
            }
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(algorithmIdentifier2);
            BERSet bERSet = new BERSet(aSN1EncodableVector);
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            aSN1EncodableVector2.add(signerInfo);
            DERSet dERSet = new DERSet(aSN1EncodableVector2);
            ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
            for (X509Cert x509Cert : x509CertArr) {
                aSN1EncodableVector3.add(x509Cert.getCertStructure());
            }
            ContentInfo contentInfo2 = new ContentInfo(PKCSObjectIdentifiers.signedData, new SignedData(new ASN1Integer(1), bERSet, contentInfo, new BERSet(aSN1EncodableVector3), null, dERSet));
            File file = new File(str3);
            if (!file.exists()) {
                file.createNewFile();
            }
            DEROutputStream dEROutputStream = new DEROutputStream(new FileOutputStream(str3));
            dEROutputStream.writeObject(contentInfo2);
            dEROutputStream.close();
            logger.debug("packageRSASignedFile<<<<<<Finished");
        } catch (Exception e) {
            logger.error("packageRSASignedFile<<<<<<Failure", e);
            throw new PKIException(e);
        }
    }

    public final void packageSM2SignedFile(String str, String str2, String str3, byte[] bArr, X509Cert[] x509CertArr) throws PKIException {
        SM2SignerInfox sM2SignerInfo;
        ContentInfo contentInfo;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("packageSM2SignedFile>>>>>>Running");
            stringBuffer.append("\n contentType: " + str);
            stringBuffer.append("\n sourceFile: ");
            stringBuffer.append(Debugger.dump(str2));
            stringBuffer.append("\n signFile: ");
            stringBuffer.append(Debugger.dump(str3));
            stringBuffer.append("\n signature: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n certs: ");
            stringBuffer.append(Debugger.dump(x509CertArr));
            logger.debug(stringBuffer.toString());
        }
        if (x509CertArr == null || x509CertArr.length == 0) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append("packageSM2SignedFile<<<<<<Failure: Required certs");
                stringBuffer2.append("\n certs: ");
                stringBuffer2.append(Debugger.dump(x509CertArr));
                logger.error(stringBuffer2.toString());
            }
            throw new PKIException(PKIException.NULL_ENCRYPT_CERTS_ERR, PKIException.NULL_ENCRYPT_CERTS_ERR_DES);
        }
        if (bArr == null || bArr.length != 64) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer3 = new StringBuffer();
                stringBuffer3.append("packageSM2SignedFile<<<<<<Failure: Required signature MUST BE 64Bytes");
                stringBuffer3.append("\n signature: ");
                stringBuffer3.append(Debugger.dump(bArr));
                logger.error(stringBuffer3.toString());
            }
            throw new PKIException("signature of SM2 MUST BE NOT NULL AND LENGTH MUST BE 64");
        }
        try {
            ASN1SM2Signature aSN1SM2Signature = new ASN1SM2Signature(bArr);
            ASN1Integer r = aSN1SM2Signature.getR();
            ASN1Integer s = aSN1SM2Signature.getS();
            IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(x509CertArr[0].getIssuerX500Name(), x509CertArr[0].getSerialNumber());
            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.SM2_sign, (ASN1Encodable) new DERNull());
            AlgorithmIdentifier algorithmIdentifier2 = new AlgorithmIdentifier(PKCSObjectIdentifiers.sm3, (ASN1Encodable) new DERNull());
            if (isNewFormat()) {
                logger.debug("packageSM2SignedFile::::::isNewFormat=True");
                sM2SignerInfo = new SM2SignerInfo2(new ASN1Integer(1), issuerAndSerialNumber, algorithmIdentifier2, null, algorithmIdentifier, ASN1Integer.getInstance(r), ASN1Integer.getInstance(s), null);
            } else {
                logger.debug("packageSM2SignedFile::::::isNewFormat=False");
                sM2SignerInfo = new SM2SignerInfo(new ASN1Integer(1), issuerAndSerialNumber, algorithmIdentifier2, null, algorithmIdentifier, ASN1Integer.getInstance(r), ASN1Integer.getInstance(s), null);
            }
            PKCS7AttachSourceFile pKCS7AttachSourceFile = new PKCS7AttachSourceFile(new File(str2));
            if (str == null) {
                if (logger.isDebugEnabled()) {
                    logger.debug("packageSM2SignedFile::::::contentType=SM2(" + PKCSObjectIdentifiers.sm2Data.getId() + ")");
                }
                contentInfo = new ContentInfo(PKCSObjectIdentifiers.sm2Data, pKCS7AttachSourceFile);
            } else {
                if (logger.isDebugEnabled()) {
                    logger.debug("packageSM2SignedFile::::::contentType=" + str);
                }
                contentInfo = new ContentInfo(new ASN1ObjectIdentifier(str), pKCS7AttachSourceFile);
            }
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(algorithmIdentifier2);
            DERSet dERSet = new DERSet(aSN1EncodableVector);
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            aSN1EncodableVector2.add(sM2SignerInfo);
            DERSet dERSet2 = new DERSet(aSN1EncodableVector2);
            ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
            for (X509Cert x509Cert : x509CertArr) {
                aSN1EncodableVector3.add(x509Cert.getCertStructure());
            }
            ContentInfo contentInfo2 = new ContentInfo(PKCSObjectIdentifiers.sm2SignedData, new SignedData(new ASN1Integer(1), dERSet, contentInfo, new BERSet(aSN1EncodableVector3), null, dERSet2));
            File file = new File(str3);
            if (!file.exists()) {
                file.createNewFile();
            }
            DEROutputStream dEROutputStream = new DEROutputStream(new FileOutputStream(str3));
            dEROutputStream.writeObject(contentInfo2);
            dEROutputStream.close();
            logger.debug("packageSM2SignedFile<<<<<<Finished");
        } catch (Exception e) {
            logger.error("packageSM2SignedFile<<<<<<Failure", e);
            throw new PKIException(e);
        }
    }

    public final void packageSignedFile(String str, String str2, String str3, byte[] bArr, Mechanism mechanism, X509Cert[] x509CertArr) throws PKIException {
        if (x509CertArr == null || x509CertArr.length == 0 || x509CertArr[0] == null) {
            logger.error("packageSignedFile<<<<<<Failure: Required certs");
            throw new PKIException(PKIException.NULL_ENCRYPT_CERTS_ERR, "产生签名数据，证书集合为空: RequiredCerts");
        }
        if (x509CertArr[0].isSM2Cert()) {
            logger.debug("packageSignedFile:::::::packageSM2SignedFile");
            packageSM2SignedFile(str, str2, str3, bArr, x509CertArr);
        } else {
            if (!x509CertArr[0].isRSACert()) {
                throw new PKIException(PKIException.NULL_ENCRYPT_CERTS_ERR, "产生签名数据，证书集合为空: RequiredCerts[RSA/SM2]");
            }
            logger.debug("packageSignedFile:::::::packageRSASignedFile");
            packageRSASignedFile(str, str2, str3, bArr, mechanism, x509CertArr);
        }
    }

    public final String getDigestAlgorithm() {
        return this.digestAlgorithm;
    }

    public final byte[] getSignature() {
        return this.signature;
    }

    public final byte[] getSourceData() {
        return this.sourceData;
    }

    public final X509Cert getSignerX509Cert() {
        return this.signerCert;
    }

    boolean isNewFormat() {
        return false;
    }
}
