package com.dstc.security.cms;

import com.dstc.security.asn1.Asn1Exception;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Vector;

/* loaded from: input_file:com/dstc/security/cms/CMSSignature.class */
public class CMSSignature {
    private static final int UNINITIALIZED = 0;
    private static final int SIGN_MODE = 1;
    private static final int VERIFY_MODE = 2;
    private int state;
    private Vector trustedCerts;
    private Vector certStore;
    private PrivateKey priv;
    private X509Certificate[] certChain;
    private String digestAlg;
    private boolean encapContent;
    private InputStream src;
    private CMSTypedDataInputStream sigSrc;
    private InputStream msg;
    private byte[] buf = new byte[128];
    private ByteArrayOutputStream baos = new ByteArrayOutputStream();
    private boolean delayVerify;

    /* loaded from: input_file:com/dstc/security/cms/CMSSignature$VerResult.class */
    class VerResult implements VerificationResult {
        private final CMSSignature this$0;
        private CMSTypedDataInputStream in;
        private SignedDataImpl sd;
        private TwoInputStream underlying;

        VerResult(CMSSignature cMSSignature, TwoInputStream twoInputStream, SignedDataImpl signedDataImpl) {
            this.this$0 = cMSSignature;
            this.underlying = twoInputStream;
            this.in = new CMSTypedDataInputStream(signedDataImpl.getEncapsulatedContentType(), this.underlying);
            this.sd = signedDataImpl;
        }

        @Override // com.dstc.security.cms.VerificationResult
        public SignedData getCMSSignedData() throws CMSException {
            if (!this.sd.isVerified()) {
                this.this$0.forceVerify(this.underlying);
            }
            return this.sd;
        }

        @Override // com.dstc.security.cms.VerificationResult
        public CMSTypedDataInputStream getVerified() {
            return this.in;
        }
    }

    public CMSSignature() {
        this.delayVerify = false;
        String property = System.getProperty("jcsi.cms.delayverify");
        if (property == null || !property.equals("true")) {
            return;
        }
        this.delayVerify = true;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void forceVerify(TwoInputStream twoInputStream) throws CMSException {
        try {
            this.baos.reset();
            while (true) {
                int read = twoInputStream.read(this.buf);
                if (read == -1) {
                    twoInputStream.setSecondStream(new ByteArrayInputStream(this.baos.toByteArray()));
                    return;
                }
                this.baos.write(this.buf, 0, read);
            }
        } catch (IOException e) {
            throw new CMSException(new StringBuffer("Verification error: nested exception is ").append(e.toString()).toString());
        }
    }

    public void initSign(PrivateKey privateKey, X509Certificate[] x509CertificateArr, String str) throws CMSException {
        if (privateKey == null) {
            throw new CMSException("Cannot sign with a null key");
        }
        if (!privateKey.getAlgorithm().equals("DSA") && !privateKey.getAlgorithm().equals("RSA")) {
            throw new CMSException(new StringBuffer("Cannot sign with key algorithm: ").append(privateKey.getAlgorithm()).toString());
        }
        if (str == null) {
            throw new CMSException("Cannot sign with a null digest algorithm");
        }
        if (!str.equals("MD5") && !str.startsWith("SHA")) {
            throw new CMSException(new StringBuffer("Digest algorithm ").append(str).append(" not supported in CMS").toString());
        }
        this.state = 1;
        this.priv = privateKey;
        this.certChain = x509CertificateArr;
        this.digestAlg = str;
    }

    public void initVerify(Vector vector, Vector vector2) throws CMSException {
        this.state = 2;
        if (vector == null) {
            throw new CMSException("Trusted certs cannot be null");
        }
        this.trustedCerts = vector;
        this.certStore = vector2;
    }

    public void setDataToBeSigned(CMSTypedDataInputStream cMSTypedDataInputStream, boolean z) throws CMSException {
        if (this.state != 1) {
            throw new CMSException("Not initialized for signing");
        }
        this.sigSrc = cMSTypedDataInputStream;
        this.encapContent = z;
    }

    public void setDataToBeVerified(InputStream inputStream) throws CMSException {
        if (this.state != 2) {
            throw new CMSException("Not initialized for verification");
        }
        this.src = inputStream;
        this.msg = null;
    }

    public void setDataToBeVerified(InputStream inputStream, InputStream inputStream2) throws CMSException {
        if (this.state != 2) {
            throw new CMSException("Not initialized for verification");
        }
        this.src = inputStream;
        this.msg = inputStream2;
    }

    public CMSTypedDataInputStream sign() throws CMSException, IOException {
        if (this.state != 1) {
            throw new CMSException("Not initialized for signing");
        }
        if (this.sigSrc == null) {
            throw new CMSException("Data to be signed not yet set");
        }
        SignedDataImpl signedDataImpl = new SignedDataImpl(this.priv, this.certChain, this.digestAlg, this.encapContent, this.sigSrc);
        this.sigSrc = null;
        return signedDataImpl.getSigned();
    }

    public VerificationResult verify() throws CMSException, IOException {
        if (this.state != 2) {
            throw new CMSException("Not initialized for verification");
        }
        if (this.src == null) {
            throw new CMSException("Data to be verified not yet set");
        }
        try {
            SignedDataImpl signedDataImpl = new SignedDataImpl(this.src, this.certStore, this.trustedCerts, this.msg);
            this.src = null;
            this.msg = null;
            if (!this.delayVerify) {
                forceVerify(signedDataImpl.getVerified());
            }
            return new VerResult(this, signedDataImpl.getVerified(), signedDataImpl);
        } catch (Asn1Exception e) {
            throw new CMSException(new StringBuffer("Bad encoding: ").append(e.getMessage()).toString());
        } catch (CMSException e2) {
            throw e2;
        } catch (Exception e3) {
            throw new CMSException(new StringBuffer("Verification error: nested exception is ").append(e3.toString()).toString());
        }
    }
}
