package nbcb.cn.com.infosec.netsign.base.util;

import java.security.Principal;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Vector;
import nbcb.cn.com.infosec.asn1.ASN1Set;
import nbcb.cn.com.infosec.asn1.DEROctetString;
import nbcb.cn.com.infosec.asn1.cms.Attribute;
import nbcb.cn.com.infosec.asn1.cms.ContentInfo;
import nbcb.cn.com.infosec.asn1.cms.IssuerAndSerialNumber;
import nbcb.cn.com.infosec.asn1.cms.SignedData;
import nbcb.cn.com.infosec.asn1.cms.SignerInfo;
import nbcb.cn.com.infosec.asn1.tsp.MessageImprint;
import nbcb.cn.com.infosec.asn1.tsp.TSTInfo;
import nbcb.cn.com.infosec.asn1.x509.X509Name;
import nbcb.cn.com.infosec.asn1.x509.X509NameTokenizer;
import nbcb.cn.com.infosec.netsign.base.ErrorInfoRes;
import nbcb.cn.com.infosec.netsign.exceptions.DERDecodeException;
import nbcb.cn.com.infosec.netsign.exceptions.TsaTokenException;

/* loaded from: input_file:sdklib/nbcb-netsignapi-1.0.jar:nbcb/cn/com/infosec/netsign/base/util/TimeStampToken.class */
public class TimeStampToken {
    private ASN1Set signers;
    private TSTInfo tstoken;
    private X509Certificate signerCert;
    private byte[] btoken;

    public TimeStampToken(byte[] bArr) throws TsaTokenException, DERDecodeException {
        ContentInfo contentInfo = ContentInfo.getInstance(DERUtil.derDecode(bArr));
        if (!TsaIDs.signedData.getId().equals(contentInfo.getContentType().getId()) && !TsaIDs.OID_signedData.getId().equals(contentInfo.getContentType().getId())) {
            throw new TsaTokenException(ErrorInfoRes.NO_SIGNED_DATA_IN_TOKEN);
        }
        SignedData signedData = SignedData.getInstance(contentInfo.getContent());
        ContentInfo encapContentInfo = signedData.getEncapContentInfo();
        if (!TsaIDs.id_ct_TSTInfo.equals(encapContentInfo.getContentType())) {
            throw new TsaTokenException(ErrorInfoRes.NO_TSTINFO_IN_TOKEN);
        }
        this.btoken = bArr;
        this.tstoken = TSTInfo.getInstance(DERUtil.derDecode(((DEROctetString) encapContentInfo.getContent()).getOctets()));
        MessageImprint messageImprint = this.tstoken.getMessageImprint();
        if (messageImprint.getHashedMessage().length != TsaIDs.getHashByteSize(messageImprint.getHashAlgorithm().getObjectId())) {
            throw new TsaTokenException(ErrorInfoRes.UNMATCH_DIGEST_SIZE_IN_TOKEN);
        }
        this.signers = signedData.getSignerInfos();
    }

    public byte[] getHashedMessage() {
        return this.tstoken.getMessageImprint().getHashedMessage();
    }

    public byte[] getMessageDigest() throws TsaTokenException {
        ASN1Set authenticatedAttributes = getSignerInfo(this.signerCert).getAuthenticatedAttributes();
        byte[] bArr = (byte[]) null;
        for (int i = 0; i < authenticatedAttributes.size(); i++) {
            Attribute attribute = Attribute.getInstance(authenticatedAttributes.getObjectAt(i));
            if (attribute.getAttrType().equals(TsaIDs.id_messageDigest)) {
                bArr = DEROctetString.getInstance(attribute.getAttrValues().getObjectAt(0)).getOctets();
            }
        }
        return bArr;
    }

    public String getSignDigestAlg() throws TsaTokenException {
        return TsaIDs.getAlgName(getSignerInfo(this.signerCert).getDigestAlgorithm().getObjectId());
    }

    public String getMessageHashAlg() {
        return TsaIDs.getAlgName(this.tstoken.getMessageImprint().getHashAlgorithm().getObjectId());
    }

    public String getSignEncryptAlg() throws TsaTokenException {
        return TsaIDs.getAlgName(getSignerInfo(this.signerCert).getDigestEncryptionAlgorithm().getObjectId());
    }

    public byte[] getSignature() throws TsaTokenException {
        return getSignerInfo(this.signerCert).getEncryptedDigest().getOctets();
    }

    public Date getGenTime() throws TsaTokenException {
        try {
            return new SimpleDateFormat("yyyyMMddHHmmssZ").parse(this.tstoken.getGenTime().getTime());
        } catch (ParseException e) {
            throw new TsaTokenException(ErrorInfoRes.PARSE_TOKEN_TIME_ERROR);
        }
    }

    public SignerInfo getSignerInfo(X509Certificate x509Certificate) throws TsaTokenException {
        if (this.signers.size() <= 0) {
            throw new TsaTokenException(ErrorInfoRes.NO_TRUSTED_SIGNER_IN_TOKEN);
        }
        SignerInfo signerInfo = null;
        int i = 0;
        while (i < this.signers.size()) {
            signerInfo = SignerInfo.getInstance(this.signers.getObjectAt(i));
            IssuerAndSerialNumber issuerAndSerialNumber = IssuerAndSerialNumber.getInstance(signerInfo.getSID().getId());
            if (compareX509Name(issuerAndSerialNumber.getName(), x509Certificate.getIssuerDN()) && issuerAndSerialNumber.getSerialNumber().getValue().equals(x509Certificate.getSerialNumber())) {
                break;
            }
            i++;
        }
        if (i == this.signers.size()) {
            throw new TsaTokenException(ErrorInfoRes.NO_TRUSTED_SIGNER_IN_TOKEN);
        }
        return signerInfo;
    }

    public static boolean compareX509Name(X509Name x509Name, Principal principal) {
        return compareX509Name(x509Name, new X509Name(principal.toString()));
    }

    public static boolean compareX509Name(X509Name x509Name, X509Name x509Name2) {
        if (x509Name.equals(x509Name2)) {
            return true;
        }
        Vector vector = new Vector();
        X509NameTokenizer x509NameTokenizer = new X509NameTokenizer(x509Name.toString());
        while (x509NameTokenizer.hasMoreTokens()) {
            vector.add(x509NameTokenizer.nextToken());
        }
        String[] strArr = (String[]) vector.toArray(new String[vector.size()]);
        X509NameTokenizer x509NameTokenizer2 = new X509NameTokenizer(x509Name2.toString());
        vector.clear();
        while (x509NameTokenizer2.hasMoreTokens()) {
            vector.add(x509NameTokenizer2.nextToken());
        }
        String[] strArr2 = (String[]) vector.toArray(new String[vector.size()]);
        if (strArr.length != strArr2.length || strArr.length == 0) {
            return false;
        }
        int length = strArr.length;
        for (String str : strArr) {
            boolean z = false;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                if (str.equals(strArr2[i])) {
                    z = true;
                    break;
                }
                i++;
            }
            if (!z) {
                return false;
            }
        }
        return true;
    }

    public void setSigners(ASN1Set aSN1Set) {
        this.signers = aSN1Set;
    }

    public ASN1Set getSigners() {
        return this.signers;
    }

    public void setTstoken(TSTInfo tSTInfo) {
        this.tstoken = tSTInfo;
    }

    public TSTInfo getTstoken() {
        return this.tstoken;
    }

    public void setBtoken(byte[] bArr) {
        this.btoken = bArr;
    }

    public byte[] getBtoken() {
        return this.btoken;
    }

    public void setSignerCert(X509Certificate x509Certificate) {
        this.signerCert = x509Certificate;
    }

    public X509Certificate getSignerCert() {
        return this.signerCert;
    }
}
