package com.gdca.cms.test;

import com.gdca.asn1.ASN1EncodableVector;
import com.gdca.asn1.DERSequence;
import com.gdca.asn1.DERUTF8String;
import com.gdca.asn1.cms.Attribute;
import com.gdca.asn1.cms.CMSAttributes;
import com.gdca.asn1.cms.CMSObjectIdentifiers;
import com.gdca.asn1.pkcs.PKCSObjectIdentifiers;
import com.gdca.cms.CMSEnvelopedData;
import com.gdca.cms.CMSEnvelopedDataGenerator;
import com.gdca.cms.CMSEnvelopedDataParser;
import com.gdca.cms.CMSException;
import com.gdca.cms.CMSProcessableByteArray;
import com.gdca.cms.CMSSignedData;
import com.gdca.cms.CMSSignedDataParser;
import com.gdca.cms.CMSTypedStream;
import com.gdca.cms.RecipientInformation;
import com.gdca.cms.RecipientInformationStore;
import com.gdca.cms.SignerInformation;
import com.gdca.cms.SignerInformationStore;
import com.gdca.cms.jcajce.JcaX509CertSelectorConverter;
import com.gdca.jce.provider.BouncyCastleProvider;
import com.gdca.util.encoders.Hex;
import com.gdca.util.io.Streams;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.CRL;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import junit.framework.Test;
import junit.framework.TestCase;
import junit.framework.TestSuite;
import junit.textui.TestRunner;

/* loaded from: classes.dex */
public class Rfc4134Test extends TestCase {
    private static final String TEST_DATA_HOME = "bc.test.data.home";
    static Class class$0;
    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
    private static byte[] exContent = getRfc4134Data("ExContent.bin");
    private static byte[] sha1 = Hex.decode("406aec085279ba6e16022d9e0629c0229687dd48");
    private static final JcaX509CertSelectorConverter selectorConverter = new JcaX509CertSelectorConverter();

    public Rfc4134Test(String str) {
        super(str);
    }

    private SignerInformation getFirstSignerInfo(SignerInformationStore signerInformationStore) {
        return (SignerInformation) signerInformationStore.getSigners().iterator().next();
    }

    private PublicKey getInheritedKey(DSAPublicKey dSAPublicKey) throws Exception {
        DSAParams params = ((DSAPublicKey) ((X509Certificate) CertificateFactory.getInstance("X.509", BC).generateCertificate(new ByteArrayInputStream(getRfc4134Data("CarlDSSSelf.cer")))).getPublicKey()).getParams();
        return KeyFactory.getInstance("DSA", BC).generatePublic(new DSAPublicKeySpec(dSAPublicKey.getY(), params.getP(), params.getQ(), params.getG()));
    }

    private static byte[] getRfc4134Data(String str) {
        String property = System.getProperty(TEST_DATA_HOME);
        if (property == null) {
            throw new IllegalStateException("bc.test.data.home property not set");
        }
        try {
            return Streams.readAll(new FileInputStream(new StringBuffer(String.valueOf(property)).append("/rfc4134/").append(str).toString()));
        } catch (IOException e) {
            throw new RuntimeException(e.toString());
        }
    }

    public static void main(String[] strArr) {
        Security.addProvider(new BouncyCastleProvider());
        Class<?> cls = class$0;
        if (cls == null) {
            try {
                cls = Class.forName("com.gdca.cms.test.Rfc4134Test");
                class$0 = cls;
            } catch (ClassNotFoundException e) {
                throw new NoClassDefFoundError(e.getMessage());
            }
        }
        TestRunner.run(cls);
    }

    public static Test suite() throws Exception {
        Class<?> cls = class$0;
        if (cls == null) {
            try {
                cls = Class.forName("com.gdca.cms.test.Rfc4134Test");
                class$0 = cls;
            } catch (ClassNotFoundException e) {
                throw new NoClassDefFoundError(e.getMessage());
            }
        }
        return new CMSTestSetup(new TestSuite(cls));
    }

    private void verifyContentHint(SignerInformation signerInformation) {
        Attribute attribute = signerInformation.getUnsignedAttributes().get(CMSAttributes.contentHint);
        assertEquals(1, attribute.getAttrValues().size());
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new DERUTF8String("Content Hints Description Buffer"));
        aSN1EncodableVector.add(CMSObjectIdentifiers.data);
        assertTrue(attribute.getAttrValues().getObjectAt(0).equals(new DERSequence(aSN1EncodableVector)));
    }

    private void verifyCounterSignature(SignerInformation signerInformation, byte[] bArr) throws Exception {
        assertTrue(((SignerInformation) signerInformation.getCounterSignatures().getSigners().iterator().next()).verify((X509Certificate) CertificateFactory.getInstance("X.509", BC).generateCertificate(new ByteArrayInputStream(bArr)), BC));
    }

    private void verifyEnvelopedData(CMSEnvelopedData cMSEnvelopedData, String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException, CMSException {
        PrivateKey generatePrivate = KeyFactory.getInstance("RSA", BC).generatePrivate(new PKCS8EncodedKeySpec(getRfc4134Data("BobPrivRSAEncrypt.pri")));
        RecipientInformationStore recipientInfos = cMSEnvelopedData.getRecipientInfos();
        assertEquals(cMSEnvelopedData.getEncryptionAlgOID(), str);
        Collection recipients = recipientInfos.getRecipients();
        assertTrue(recipients.size() >= 1 && recipients.size() <= 2);
        Iterator it = recipients.iterator();
        verifyRecipient((RecipientInformation) it.next(), generatePrivate);
        if (recipients.size() == 2) {
            assertEquals(PKCSObjectIdentifiers.id_alg_CMSRC2wrap.getId(), ((RecipientInformation) it.next()).getKeyEncryptionAlgOID());
        }
    }

    private void verifyEnvelopedData(CMSEnvelopedDataParser cMSEnvelopedDataParser, String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException, CMSException {
        PrivateKey generatePrivate = KeyFactory.getInstance("RSA", BC).generatePrivate(new PKCS8EncodedKeySpec(getRfc4134Data("BobPrivRSAEncrypt.pri")));
        RecipientInformationStore recipientInfos = cMSEnvelopedDataParser.getRecipientInfos();
        assertEquals(cMSEnvelopedDataParser.getEncryptionAlgOID(), str);
        Collection recipients = recipientInfos.getRecipients();
        assertTrue(recipients.size() >= 1 && recipients.size() <= 2);
        Iterator it = recipients.iterator();
        verifyRecipient((RecipientInformation) it.next(), generatePrivate);
        if (recipients.size() == 2) {
            assertEquals(PKCSObjectIdentifiers.id_alg_CMSRC2wrap.getId(), ((RecipientInformation) it.next()).getKeyEncryptionAlgOID());
        }
    }

    private void verifyRecipient(RecipientInformation recipientInformation, PrivateKey privateKey) throws CMSException, NoSuchProviderException {
        assertEquals(recipientInformation.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
        assertEquals(true, Arrays.equals(exContent, recipientInformation.getContent(privateKey, BC)));
    }

    private void verifySignatures(CMSSignedData cMSSignedData) throws Exception {
        verifySignatures(cMSSignedData, null);
    }

    private void verifySignatures(CMSSignedData cMSSignedData, byte[] bArr) throws Exception {
        CertStore certificatesAndCRLs = cMSSignedData.getCertificatesAndCRLs("Collection", BC);
        for (SignerInformation signerInformation : cMSSignedData.getSignerInfos().getSigners()) {
            verifySigner(signerInformation, (X509Certificate) certificatesAndCRLs.getCertificates(selectorConverter.getCertSelector(signerInformation.getSID())).iterator().next());
            if (bArr != null) {
                assertTrue(MessageDigest.isEqual(bArr, signerInformation.getContentDigest()));
            }
        }
        Collection<? extends Certificate> certificates = certificatesAndCRLs.getCertificates(null);
        Collection<? extends CRL> cRLs = certificatesAndCRLs.getCRLs(null);
        assertEquals(certificates.size(), cMSSignedData.getCertificates("Collection", BC).getMatches(null).size());
        assertEquals(cRLs.size(), cMSSignedData.getCRLs("Collection", BC).getMatches(null).size());
    }

    private void verifySignatures(CMSSignedDataParser cMSSignedDataParser) throws Exception {
        CMSTypedStream signedContent = cMSSignedDataParser.getSignedContent();
        if (signedContent != null) {
            signedContent.drain();
        }
        CertStore certificatesAndCRLs = cMSSignedDataParser.getCertificatesAndCRLs("Collection", BC);
        for (SignerInformation signerInformation : cMSSignedDataParser.getSignerInfos().getSigners()) {
            verifySigner(signerInformation, (X509Certificate) certificatesAndCRLs.getCertificates(selectorConverter.getCertSelector(signerInformation.getSID())).iterator().next());
        }
    }

    private void verifySigner(SignerInformation signerInformation, X509Certificate x509Certificate) throws Exception {
        if (!(x509Certificate.getPublicKey() instanceof DSAPublicKey)) {
            assertEquals(true, signerInformation.verify(x509Certificate, BC));
            return;
        }
        DSAPublicKey dSAPublicKey = (DSAPublicKey) x509Certificate.getPublicKey();
        if (dSAPublicKey.getParams() == null) {
            assertEquals(true, signerInformation.verify(getInheritedKey(dSAPublicKey), BC));
        } else {
            assertEquals(true, signerInformation.verify(x509Certificate, BC));
        }
    }

    private void verifySignerInfo4_4(SignerInformation signerInformation, byte[] bArr) throws Exception {
        verifyCounterSignature(signerInformation, bArr);
        verifyContentHint(signerInformation);
    }

    public void test4_1() throws Exception {
        byte[] rfc4134Data = getRfc4134Data("4.1.bin");
        verifySignatures(new CMSSignedData(rfc4134Data));
        verifySignatures(new CMSSignedDataParser(rfc4134Data));
    }

    public void test4_2() throws Exception {
        byte[] rfc4134Data = getRfc4134Data("4.2.bin");
        verifySignatures(new CMSSignedData(rfc4134Data));
        verifySignatures(new CMSSignedDataParser(rfc4134Data));
    }

    public void test4_4() throws Exception {
        byte[] rfc4134Data = getRfc4134Data("4.4.bin");
        byte[] rfc4134Data2 = getRfc4134Data("AliceRSASignByCarl.cer");
        CMSSignedData cMSSignedData = new CMSSignedData(rfc4134Data);
        verifySignatures(cMSSignedData, sha1);
        verifySignerInfo4_4(getFirstSignerInfo(cMSSignedData.getSignerInfos()), rfc4134Data2);
        CMSSignedDataParser cMSSignedDataParser = new CMSSignedDataParser(rfc4134Data);
        verifySignatures(cMSSignedDataParser);
        verifySignerInfo4_4(getFirstSignerInfo(cMSSignedDataParser.getSignerInfos()), rfc4134Data2);
    }

    public void test4_5() throws Exception {
        byte[] rfc4134Data = getRfc4134Data("4.5.bin");
        verifySignatures(new CMSSignedData(rfc4134Data));
        verifySignatures(new CMSSignedDataParser(rfc4134Data));
    }

    public void test4_6() throws Exception {
        byte[] rfc4134Data = getRfc4134Data("4.6.bin");
        verifySignatures(new CMSSignedData(rfc4134Data));
        verifySignatures(new CMSSignedDataParser(rfc4134Data));
    }

    public void test4_7() throws Exception {
        byte[] rfc4134Data = getRfc4134Data("4.7.bin");
        verifySignatures(new CMSSignedData(rfc4134Data));
        verifySignatures(new CMSSignedDataParser(rfc4134Data));
    }

    public void test5_1() throws Exception {
        byte[] rfc4134Data = getRfc4134Data("5.1.bin");
        verifyEnvelopedData(new CMSEnvelopedData(rfc4134Data), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
        verifyEnvelopedData(new CMSEnvelopedDataParser(rfc4134Data), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
    }

    public void test5_2() throws Exception {
        byte[] rfc4134Data = getRfc4134Data("5.2.bin");
        verifyEnvelopedData(new CMSEnvelopedData(rfc4134Data), CMSEnvelopedDataGenerator.RC2_CBC);
        verifyEnvelopedData(new CMSEnvelopedDataParser(rfc4134Data), CMSEnvelopedDataGenerator.RC2_CBC);
    }

    public void testRfc4_3() throws Exception {
        byte[] rfc4134Data = getRfc4134Data("4.3.bin");
        verifySignatures(new CMSSignedData(new CMSProcessableByteArray(exContent), rfc4134Data), sha1);
        verifySignatures(new CMSSignedDataParser(new CMSTypedStream(new ByteArrayInputStream(exContent)), rfc4134Data));
    }
}
