package com.koalii.svs;

import com.koalii.bc.asn1.ASN1InputStream;
import com.koalii.bc.asn1.ASN1OctetString;
import com.koalii.bc.asn1.cms.ContentInfo;
import com.koalii.bc.asn1.cms.SignedData;
import com.koalii.bc.asn1.cms.SignerInfo;
import com.koalii.bc.asn1.x509.AlgorithmIdentifier;
import com.koalii.cert.X509CertParser;
import com.koalii.crypto.SignUtil;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;

/* loaded from: input_file:com/koalii/svs/SvsVerify.class */
public class SvsVerify extends SvsBase {
    public static final int VERIFY_FAILED = 1;
    public static final int NO_SUCH_ALG_EXP = 1010;
    public static final int NO_DIGEST_ALG_EXP = 1011;
    public static final int NO_SIGN_ALG_EXP = 1012;
    public static final int B64_DECODE_IO_EXP = 1021;
    public static final int FILE_IO_EXP = 1022;
    public static final int PKCS7_PARSE_EXP = 1031;
    public static final int PKCS7_NO_SIGN_CERT = 1032;
    public static final int INVALID_KEY_EXP = 1041;
    public static final int SIGN_EXP = 1042;
    public static final int OTHER_EXP = 2000;

    public int verifySign(byte[] bArr, int i, int i2, String str) {
        try {
            Signature signature = Signature.getInstance(String.valueOf(this.digestAlg) + "with" + this.cryptAlg);
            signature.initVerify(this.signCert);
            signature.update(bArr, i, i2);
            return signature.verify(base64Decode(str)) ? 0 : 1;
        } catch (IOException e) {
            return B64_DECODE_IO_EXP;
        } catch (InvalidKeyException e2) {
            return INVALID_KEY_EXP;
        } catch (NoSuchAlgorithmException e3) {
            return NO_SIGN_ALG_EXP;
        } catch (SignatureException e4) {
            return SIGN_EXP;
        } catch (Exception e5) {
            return OTHER_EXP;
        }
    }

    public int verifySign(byte[] bArr, String str) {
        return verifySign(bArr, 0, bArr.length, str);
    }

    public int verifyFileSign(String str, String str2) throws Exception {
        byte[] digestFile = digestFile(str, this.digestAlg);
        return verifySign(digestFile, 0, digestFile.length, str2);
    }

    public int verifyPkcs7Sign(byte[] bArr, String str) {
        byte[] octets;
        if (bArr == null || str == null) {
            return -1;
        }
        try {
            try {
                SignedData signedData = SignedData.getInstance(ContentInfo.getInstance(new ASN1InputStream(base64Decode(str)).readObject()).getContent());
                ASN1OctetString aSN1OctetString = ASN1OctetString.getInstance(signedData.getEncapContentInfo().getContent());
                if (aSN1OctetString == null) {
                    if (bArr == null) {
                        throw new IllegalArgumentException("no oridata");
                    }
                    octets = bArr;
                } else if (bArr != null) {
                    octets = aSN1OctetString.getOctets();
                    if (octets.length != bArr.length) {
                        return 1;
                    }
                    for (int i = 0; i < octets.length; i++) {
                        if (octets[i] != bArr[i]) {
                            return 1;
                        }
                    }
                } else {
                    octets = aSN1OctetString.getOctets();
                }
                SignerInfo signerInfo = SignerInfo.getInstance(signedData.getSignerInfos().getObjectAt(0));
                if (!signerInfo.getDigestAlgorithm().equals(new AlgorithmIdentifier("1.3.14.3.2.26"))) {
                    return NO_SIGN_ALG_EXP;
                }
                if (signedData.getCertificates() == null || signedData.getCertificates().size() <= 0) {
                    return PKCS7_NO_SIGN_CERT;
                }
                try {
                    if (SignUtil.sha1WithRsaVerify(octets, signerInfo.getEncryptedDigest().getOctets(), X509CertParser.parseDerCert(signedData.getCertificates().getObjectAt(0).getDERObject().getDEREncoded())[0].getPublicKey())) {
                        return 0;
                    }
                    return SIGN_EXP;
                } catch (Exception e) {
                    return OTHER_EXP;
                }
            } catch (IOException e2) {
                return PKCS7_PARSE_EXP;
            }
        } catch (IOException e3) {
            return B64_DECODE_IO_EXP;
        }
    }

    public int verifyPkcs7SignFile(String str, String str2) {
        try {
            try {
                SignedData signedData = SignedData.getInstance(ContentInfo.getInstance(new ASN1InputStream(base64Decode(str2)).readObject()).getContent());
                ASN1OctetString.getInstance(signedData.getEncapContentInfo().getContent());
                if (!SignerInfo.getInstance(signedData.getSignerInfos().getObjectAt(0)).getDigestAlgorithm().equals(new AlgorithmIdentifier("1.3.14.3.2.26"))) {
                    return NO_SIGN_ALG_EXP;
                }
                try {
                    return verifyPkcs7Sign(base64Encode(digestFile(str, "1.3.14.3.2.26")).getBytes(), str2);
                } catch (IOException e) {
                    return FILE_IO_EXP;
                } catch (NoSuchAlgorithmException e2) {
                    return NO_DIGEST_ALG_EXP;
                }
            } catch (IOException e3) {
                return PKCS7_PARSE_EXP;
            }
        } catch (IOException e4) {
            return B64_DECODE_IO_EXP;
        }
    }

    public static int verify(byte[] bArr, String str, String str2) throws Exception {
        SvsVerify svsVerify = new SvsVerify();
        svsVerify.initSignCertFile(str2);
        return svsVerify.verifySign(bArr, str);
    }
}
