package org.jruby.ext.openssl.impl;

import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.X509CRL;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.TimeZone;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DERUTCTime;
import org.bouncycastle.asn1.DLSequence;
import org.bouncycastle.asn1.pkcs.IssuerAndSerialNumber;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.jruby.RubyTime;
import org.jruby.ext.openssl.SecurityHelper;
import org.jruby.ext.openssl.x509store.Name;
import org.jruby.ext.openssl.x509store.Store;
import org.jruby.ext.openssl.x509store.StoreContext;
import org.jruby.ext.openssl.x509store.X509AuxCertificate;
import org.jruby.ext.openssl.x509store.X509Utils;
import org.springframework.util.AntPathMatcher;

/* loaded from: input_file:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/impl/PKCS7.class */
public class PKCS7 {
    private static final String EMPTY_PKCS7_OID = "0.0";
    private PKCS7Data data;
    public static final int S_HEADER = 0;
    public static final int S_BODY = 1;
    public static final int S_TAIL = 2;
    public static final int OP_SET_DETACHED_SIGNATURE = 1;
    public static final int OP_GET_DETACHED_SIGNATURE = 2;
    public static final int TEXT = 1;
    public static final int NOCERTS = 2;
    public static final int NOSIGS = 4;
    public static final int NOCHAIN = 8;
    public static final int NOINTERN = 16;
    public static final int NOVERIFY = 32;
    public static final int DETACHED = 64;
    public static final int BINARY = 128;
    public static final int NOATTR = 256;
    public static final int NOSMIMECAP = 512;
    public static final int NOOLDMIMETYPE = 1024;
    public static final int CRLFEOL = 2048;
    public static final int STREAM = 4096;
    public static final int NOCRL = 8192;
    public static final int PARTIAL = 16384;
    public static final int REUSE_DIGEST = 32768;
    public static final int SMIME_TEXT = 1;
    public static final int SMIME_NOCERTS = 2;
    public static final int SMIME_NOSIGS = 4;
    public static final int SMIME_NOCHAIN = 8;
    public static final int SMIME_NOINTERN = 16;
    public static final int SMIME_NOVERIFY = 32;
    public static final int SMIME_DETACHED = 64;
    public static final int SMIME_BINARY = 128;
    public static final int SMIME_NOATTR = 256;
    public static final int SMIME_OLDMIME = 1024;
    public static final int SMIME_CRLFEOL = 2048;
    public static final int F_B64_READ_PKCS7 = 120;
    public static final int F_B64_WRITE_PKCS7 = 121;
    public static final int F_PKCS7_ADD_ATTRIB_SMIMECAP = 118;
    public static final int F_PKCS7_ADD_CERTIFICATE = 100;
    public static final int F_PKCS7_ADD_CRL = 101;
    public static final int F_PKCS7_ADD_RECIPIENT_INFO = 102;
    public static final int F_PKCS7_ADD_SIGNER = 103;
    public static final int F_PKCS7_BIO_ADD_DIGEST = 125;
    public static final int F_PKCS7_CTRL = 104;
    public static final int F_PKCS7_DATADECODE = 112;
    public static final int F_PKCS7_DATAFINAL = 128;
    public static final int F_PKCS7_DATAINIT = 105;
    public static final int F_PKCS7_DATASIGN = 106;
    public static final int F_PKCS7_DATAVERIFY = 107;
    public static final int F_PKCS7_DECRYPT = 114;
    public static final int F_PKCS7_ENCRYPT = 115;
    public static final int F_PKCS7_FIND_DIGEST = 127;
    public static final int F_PKCS7_GET0_SIGNERS = 124;
    public static final int F_PKCS7_SET_CIPHER = 108;
    public static final int F_PKCS7_SET_CONTENT = 109;
    public static final int F_PKCS7_SET_DIGEST = 126;
    public static final int F_PKCS7_SET_TYPE = 110;
    public static final int F_PKCS7_SIGN = 116;
    public static final int F_PKCS7_SIGNATUREVERIFY = 113;
    public static final int F_PKCS7_SIMPLE_SMIMECAP = 119;
    public static final int F_PKCS7_VERIFY = 117;
    public static final int F_SMIME_READ_PKCS7 = 122;
    public static final int F_SMIME_TEXT = 123;
    public static final int R_CERTIFICATE_VERIFY_ERROR = 117;
    public static final int R_CIPHER_HAS_NO_OBJECT_IDENTIFIER = 144;
    public static final int R_CIPHER_NOT_INITIALIZED = 116;
    public static final int R_CONTENT_AND_DATA_PRESENT = 118;
    public static final int R_DECODE_ERROR = 130;
    public static final int R_DECRYPTED_KEY_IS_WRONG_LENGTH = 100;
    public static final int R_DECRYPT_ERROR = 119;
    public static final int R_DIGEST_FAILURE = 101;
    public static final int R_ERROR_ADDING_RECIPIENT = 120;
    public static final int R_ERROR_SETTING_CIPHER = 121;
    public static final int R_INVALID_MIME_TYPE = 131;
    public static final int R_INVALID_NULL_POINTER = 143;
    public static final int R_MIME_NO_CONTENT_TYPE = 132;
    public static final int R_MIME_PARSE_ERROR = 133;
    public static final int R_MIME_SIG_PARSE_ERROR = 134;
    public static final int R_MISSING_CERIPEND_INFO = 103;
    public static final int R_NO_CONTENT = 122;
    public static final int R_NO_CONTENT_TYPE = 135;
    public static final int R_NO_MULTIPART_BODY_FAILURE = 136;
    public static final int R_NO_MULTIPART_BOUNDARY = 137;
    public static final int R_NO_RECIPIENT_MATCHES_CERTIFICATE = 115;
    public static final int R_NO_RECIPIENT_MATCHES_KEY = 146;
    public static final int R_NO_SIGNATURES_ON_DATA = 123;
    public static final int R_NO_SIGNERS = 142;
    public static final int R_NO_SIG_CONTENT_TYPE = 138;
    public static final int R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE = 104;
    public static final int R_PKCS7_ADD_SIGNATURE_ERROR = 124;
    public static final int R_PKCS7_DATAFINAL = 126;
    public static final int R_PKCS7_DATAFINAL_ERROR = 125;
    public static final int R_PKCS7_DATASIGN = 145;
    public static final int R_PKCS7_PARSE_ERROR = 139;
    public static final int R_PKCS7_SIG_PARSE_ERROR = 140;
    public static final int R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE = 127;
    public static final int R_SIGNATURE_FAILURE = 105;
    public static final int R_SIGNER_CERTIFICATE_NOT_FOUND = 128;
    public static final int R_SIG_INVALID_MIME_TYPE = 141;
    public static final int R_SMIME_TEXT_ERROR = 129;
    public static final int R_UNABLE_TO_FIND_CERTIFICATE = 106;
    public static final int R_UNABLE_TO_FIND_MEM_BIO = 107;
    public static final int R_UNABLE_TO_FIND_MESSAGE_DIGEST = 108;
    public static final int R_UNKNOWN_DIGEST_TYPE = 109;
    public static final int R_UNKNOWN_OPERATION = 110;
    public static final int R_UNSUPPORTED_CIPHER_TYPE = 111;
    public static final int R_UNSUPPORTED_CONTENT_TYPE = 112;
    public static final int R_WRONG_CONTENT_TYPE = 113;
    public static final int R_WRONG_PKCS7_TYPE = 114;
    public static final ASN1ObjectIdentifier OID_pkcs7_data = new ASN1ObjectIdentifier(ASN1Registry.OBJ_pkcs7_data);
    static final ASN1ObjectIdentifier OID_des_ede3_cbc = new ASN1ObjectIdentifier(ASN1Registry.OBJ_des_ede3_cbc);
    static final ASN1ObjectIdentifier OID_rc2_cbc = new ASN1ObjectIdentifier(ASN1Registry.OBJ_rc2_cbc);
    static final ASN1ObjectIdentifier OID_des_cbc = new ASN1ObjectIdentifier(ASN1Registry.OBJ_des_cbc);
    private static final BigInteger BI_128 = BigInteger.valueOf(128);
    private static final BigInteger BI_64 = BigInteger.valueOf(64);
    private static final BigInteger BI_40 = BigInteger.valueOf(40);
    private static final byte[] PEM_STRING_PKCS7_START = "-----BEGIN PKCS7-----".getBytes();

    public Object ctrl(int i, Object obj, Object obj2) throws PKCS7Exception {
        return this.data.ctrl(i, obj, obj2);
    }

    public void setDetached(int i) throws PKCS7Exception {
        ctrl(1, Integer.valueOf(i), null);
    }

    public int getDetached() throws PKCS7Exception {
        return ((Integer) ctrl(2, null, null)).intValue();
    }

    public boolean isDetached() throws PKCS7Exception {
        return isSigned() && getDetached() != 0;
    }

    private void initiateWith(int i, ASN1Encodable aSN1Encodable) throws PKCS7Exception {
        this.data = PKCS7Data.fromASN1(i, aSN1Encodable);
    }

    public static PKCS7 newEmpty() {
        PKCS7 pkcs7 = new PKCS7();
        pkcs7.data = new PKCS7DataData();
        return pkcs7;
    }

    public static PKCS7 fromASN1(ASN1Encodable aSN1Encodable) throws PKCS7Exception {
        PKCS7 pkcs7 = new PKCS7();
        try {
            int size = ((ASN1Sequence) aSN1Encodable).size();
            if (size == 0) {
                return pkcs7;
            }
            ASN1ObjectIdentifier aSN1ObjectIdentifier = (ASN1ObjectIdentifier) ((ASN1Sequence) aSN1Encodable).getObjectAt(0);
            if (EMPTY_PKCS7_OID.equals(aSN1ObjectIdentifier.getId())) {
                pkcs7.setType(0);
            } else {
                int intValue = ASN1Registry.oid2nid(aSN1ObjectIdentifier).intValue();
                ASN1Encodable objectAt = size == 1 ? null : ((ASN1Sequence) aSN1Encodable).getObjectAt(1);
                if (objectAt != null && (objectAt instanceof ASN1TaggedObject) && ((ASN1TaggedObject) objectAt).getTagNo() == 0) {
                    objectAt = ((ASN1TaggedObject) objectAt).getObject();
                }
                pkcs7.initiateWith(intValue, objectAt);
            }
            return pkcs7;
        } catch (ClassCastException e) {
            throw new IllegalArgumentException("not a PKCS7 Object", e);
        }
    }

    public static PKCS7 fromASN1(BIO bio) throws IOException, PKCS7Exception {
        return fromASN1(new ASN1InputStream(BIO.asInputStream(bio)).readObject());
    }

    public ASN1Encodable asASN1() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(this.data == null ? new ASN1ObjectIdentifier(EMPTY_PKCS7_OID) : ASN1Registry.nid2obj(getType()));
        if (this.data != null) {
            aSN1EncodableVector.add(new DERTaggedObject(0, this.data.asASN1()));
        }
        return new DLSequence(aSN1EncodableVector);
    }

    public byte[] toASN1() throws IOException {
        return asASN1().toASN1Primitive().getEncoded();
    }

    public SignerInfoWithPkey addSignature(X509AuxCertificate x509AuxCertificate, PrivateKey privateKey, MessageDigest messageDigest) throws PKCS7Exception {
        SignerInfoWithPkey signerInfoWithPkey = new SignerInfoWithPkey();
        signerInfoWithPkey.set(x509AuxCertificate, privateKey, messageDigest);
        addSigner(signerInfoWithPkey);
        return signerInfoWithPkey;
    }

    public static X509AuxCertificate findByIssuerAndSerial(Collection<X509AuxCertificate> collection, X500Name x500Name, BigInteger bigInteger) {
        Name name = new Name(x500Name);
        for (X509AuxCertificate x509AuxCertificate : collection) {
            if (name.equalTo(x509AuxCertificate.getIssuerX500Principal()) && bigInteger.equals(x509AuxCertificate.getSerialNumber())) {
                return x509AuxCertificate;
            }
        }
        return null;
    }

    public List<X509AuxCertificate> getSigners(Collection<X509AuxCertificate> collection, Collection<SignerInfoWithPkey> collection2, int i) throws PKCS7Exception {
        if (!isSigned()) {
            throw new PKCS7Exception(124, 113);
        }
        if (collection2 == null || collection2.size() == 0) {
            throw new PKCS7Exception(124, 142);
        }
        ArrayList arrayList = new ArrayList(collection2.size());
        Iterator<SignerInfoWithPkey> it = collection2.iterator();
        while (it.hasNext()) {
            IssuerAndSerialNumber issuerAndSerialNumber = it.next().getIssuerAndSerialNumber();
            X509AuxCertificate x509AuxCertificate = null;
            if (collection != null) {
                x509AuxCertificate = findByIssuerAndSerial(collection, issuerAndSerialNumber.getName(), issuerAndSerialNumber.getCertificateSerialNumber().getValue());
            }
            if (x509AuxCertificate == null && (i & 16) == 0 && getSign().getCert() != null) {
                x509AuxCertificate = findByIssuerAndSerial(getSign().getCert(), issuerAndSerialNumber.getName(), issuerAndSerialNumber.getCertificateSerialNumber().getValue());
            }
            if (x509AuxCertificate == null) {
                throw new PKCS7Exception(124, 128);
            }
            arrayList.add(x509AuxCertificate);
        }
        return arrayList;
    }

    public ASN1OctetString digestFromAttributes(ASN1Set aSN1Set) {
        return (ASN1OctetString) SignerInfoWithPkey.getAttribute(aSN1Set, 51);
    }

    public void signatureVerify(BIO bio, SignerInfoWithPkey signerInfoWithPkey, X509AuxCertificate x509AuxCertificate) throws PKCS7Exception {
        BIO findType;
        if (!isSigned() && !isSignedAndEnveloped()) {
            throw new PKCS7Exception(113, 114);
        }
        int intValue = ASN1Registry.oid2nid(signerInfoWithPkey.getDigestAlgorithm().getAlgorithm()).intValue();
        BIO bio2 = bio;
        while (bio2 != null && (findType = bio.findType(520)) != null) {
            MessageDigest messageDigest = ((MessageDigestBIOFilter) findType).getMessageDigest();
            if (null == messageDigest) {
                throw new PKCS7Exception(113, -1);
            }
            if (EVP.type(messageDigest) == intValue) {
                MessageDigest messageDigest2 = null;
                try {
                    messageDigest2 = (MessageDigest) messageDigest.clone();
                } catch (Exception e) {
                }
                byte[] bArr = new byte[0];
                ASN1Set authenticatedAttributes = signerInfoWithPkey.getAuthenticatedAttributes();
                if (authenticatedAttributes != null) {
                    try {
                        if (authenticatedAttributes.size() > 0) {
                            byte[] digest = messageDigest2.digest();
                            ASN1OctetString digestFromAttributes = digestFromAttributes(authenticatedAttributes);
                            if (digestFromAttributes == null) {
                                throw new PKCS7Exception(113, 108);
                            }
                            if (!Arrays.equals(digest, digestFromAttributes.getOctets())) {
                                throw new NotVerifiedPKCS7Exception();
                            }
                            bArr = authenticatedAttributes.getEncoded();
                        }
                    } catch (IOException | GeneralSecurityException e2) {
                        throw new NotVerifiedPKCS7Exception(e2);
                    } catch (NotVerifiedPKCS7Exception e3) {
                        throw e3;
                    }
                }
                ASN1OctetString encryptedDigest = signerInfoWithPkey.getEncryptedDigest();
                PublicKey publicKey = x509AuxCertificate.getPublicKey();
                Signature signature = SecurityHelper.getSignature(EVP.signatureAlgorithm(messageDigest2, publicKey));
                signature.initVerify(publicKey);
                if (bArr.length > 0) {
                    signature.update(bArr);
                }
                if (!signature.verify(encryptedDigest.getOctets())) {
                    throw new NotVerifiedPKCS7Exception();
                }
                return;
            }
            bio2 = findType.next();
        }
        throw new PKCS7Exception(113, 108);
    }

    public void verify(Collection<X509AuxCertificate> collection, Store store, BIO bio, BIO bio2, int i) throws PKCS7Exception {
        if (!isSigned()) {
            throw new PKCS7Exception(117, 113);
        }
        if (getDetached() != 0 && bio == null) {
            throw new PKCS7Exception(117, 122);
        }
        Collection<SignerInfoWithPkey> signerInfo = getSignerInfo();
        if (signerInfo == null || signerInfo.size() == 0) {
            throw new PKCS7Exception(117, 123);
        }
        List<X509AuxCertificate> signers = getSigners(collection, signerInfo, i);
        if (signers == null) {
            throw new NotVerifiedPKCS7Exception();
        }
        if ((i & 32) == 0) {
            for (X509AuxCertificate x509AuxCertificate : signers) {
                StoreContext storeContext = new StoreContext(store);
                if ((i & 8) == 0) {
                    if (storeContext.init(x509AuxCertificate, new ArrayList(getSign().getCert())) == 0) {
                        throw new PKCS7Exception(117, -1);
                    }
                    storeContext.setPurpose(4);
                } else if (storeContext.init(x509AuxCertificate, null) == 0) {
                    throw new PKCS7Exception(117, -1);
                }
                storeContext.setExtraData(1, store.getExtraData(1));
                if ((i & 8192) == 0) {
                    storeContext.setCRLs((List) getSign().getCrl());
                }
                try {
                    int verifyCertificate = storeContext.verifyCertificate();
                    int error = verifyCertificate <= 0 ? storeContext.getError() : 0;
                    storeContext.cleanup();
                    if (verifyCertificate <= 0) {
                        throw new PKCS7Exception(117, 117, "Verify error:" + X509Utils.verifyCertificateErrorString(error));
                    }
                } catch (PKCS7Exception e) {
                    throw e;
                } catch (Exception e2) {
                    throw new PKCS7Exception(117, 117, e2);
                }
            }
        }
        BIO dataInit = dataInit(bio);
        BIO mem = (i & 1) != 0 ? BIO.mem() : bio2;
        byte[] bArr = new byte[4096];
        while (true) {
            try {
                int read = dataInit.read(bArr, 0, bArr.length);
                if (read <= 0) {
                    break;
                } else if (mem != null) {
                    mem.write(bArr, 0, read);
                }
            } catch (IOException e3) {
                throw new PKCS7Exception(117, -1, e3);
            }
        }
        if ((i & 1) != 0) {
            new SMIME(Mime.DEFAULT).text(mem, bio2);
        }
        if ((i & 4) == 0) {
            int i2 = 0;
            Iterator<SignerInfoWithPkey> it = signerInfo.iterator();
            while (it.hasNext()) {
                int i3 = i2;
                i2++;
                signatureVerify(dataInit, it.next(), signers.get(i3));
            }
        }
        if (bio != bio || bio == null) {
            return;
        }
        dataInit.pop();
    }

    public static PKCS7 sign(X509AuxCertificate x509AuxCertificate, PrivateKey privateKey, Collection<X509AuxCertificate> collection, BIO bio, int i) throws PKCS7Exception {
        PKCS7 pkcs7 = new PKCS7();
        pkcs7.setType(22);
        pkcs7.contentNew(21);
        SignerInfoWithPkey addSignature = pkcs7.addSignature(x509AuxCertificate, privateKey, EVP.sha1());
        if ((i & 2) == 0) {
            pkcs7.addCertificate(x509AuxCertificate);
            if (collection != null) {
                Iterator<X509AuxCertificate> it = collection.iterator();
                while (it.hasNext()) {
                    pkcs7.addCertificate(it.next());
                }
            }
        }
        if ((i & 256) == 0) {
            addSignature.addSignedAttribute(50, OID_pkcs7_data);
            if ((i & 512) == 0) {
                ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                aSN1EncodableVector.add(new AlgorithmIdentifier(OID_des_ede3_cbc));
                aSN1EncodableVector.add(new AlgorithmIdentifier(OID_rc2_cbc, new ASN1Integer(BI_128)));
                aSN1EncodableVector.add(new AlgorithmIdentifier(OID_rc2_cbc, new ASN1Integer(BI_64)));
                aSN1EncodableVector.add(new AlgorithmIdentifier(OID_rc2_cbc, new ASN1Integer(BI_40)));
                aSN1EncodableVector.add(new AlgorithmIdentifier(OID_des_cbc));
                addSignature.addSignedAttribute(167, new DLSequence(aSN1EncodableVector));
            }
        }
        if ((i & 4096) != 0) {
            return pkcs7;
        }
        BIO dataInit = pkcs7.dataInit(null);
        try {
            bio.crlfCopy(dataInit, i);
            if ((i & 64) != 0) {
                pkcs7.setDetached(1);
            }
            pkcs7.dataFinal(dataInit);
            return pkcs7;
        } catch (IOException e) {
            throw new PKCS7Exception(116, 125, e);
        }
    }

    public static PKCS7 encrypt(Collection<X509AuxCertificate> collection, byte[] bArr, CipherSpec cipherSpec, int i) throws PKCS7Exception {
        PKCS7 pkcs7 = new PKCS7();
        pkcs7.setType(23);
        try {
            pkcs7.setCipher(cipherSpec);
            Iterator<X509AuxCertificate> it = collection.iterator();
            while (it.hasNext()) {
                pkcs7.addRecipient(it.next());
            }
            BIO dataInit = pkcs7.dataInit(null);
            BIO.memBuf(bArr).crlfCopy(dataInit, i);
            dataInit.flush();
            pkcs7.dataFinal(dataInit);
            return pkcs7;
        } catch (IOException e) {
            throw new PKCS7Exception(115, 125, e);
        }
    }

    public void decrypt(PrivateKey privateKey, X509AuxCertificate x509AuxCertificate, BIO bio, int i) throws PKCS7Exception {
        if (!isEnveloped()) {
            throw new PKCS7Exception(114, 113);
        }
        try {
            BIO dataDecode = dataDecode(privateKey, null, x509AuxCertificate);
            if ((i & 1) != 1) {
                byte[] bArr = new byte[4096];
                while (true) {
                    int read = dataDecode.read(bArr, 0, 4096);
                    if (read <= 0) {
                        break;
                    } else {
                        bio.write(bArr, 0, read);
                    }
                }
            } else {
                new SMIME(Mime.DEFAULT).text(BIO.buffered().push(dataDecode), bio);
            }
        } catch (IOException e) {
            throw new PKCS7Exception(114, 119, e);
        }
    }

    public void setType(int i) throws PKCS7Exception {
        switch (i) {
            case 0:
                this.data = null;
                return;
            case 21:
                this.data = new PKCS7DataData();
                return;
            case 22:
                this.data = new PKCS7DataSigned();
                return;
            case 23:
                this.data = new PKCS7DataEnveloped();
                return;
            case 24:
                this.data = new PKCS7DataSignedAndEnveloped();
                return;
            case 25:
                this.data = new PKCS7DataDigest();
                return;
            case 26:
                this.data = new PKCS7DataEncrypted();
                return;
            default:
                throw new PKCS7Exception(110, 112);
        }
    }

    public void setCipher(CipherSpec cipherSpec) throws PKCS7Exception {
        this.data.setCipher(cipherSpec);
    }

    public RecipInfo addRecipient(X509AuxCertificate x509AuxCertificate) throws PKCS7Exception {
        RecipInfo recipInfo = new RecipInfo();
        recipInfo.set(x509AuxCertificate);
        addRecipientInfo(recipInfo);
        return recipInfo;
    }

    public void contentNew(int i) throws PKCS7Exception {
        PKCS7 pkcs7 = new PKCS7();
        pkcs7.setType(i);
        setContent(pkcs7);
    }

    public void addSigner(SignerInfoWithPkey signerInfoWithPkey) throws PKCS7Exception {
        this.data.addSigner(signerInfoWithPkey);
    }

    public void addCertificate(X509AuxCertificate x509AuxCertificate) throws PKCS7Exception {
        this.data.addCertificate(x509AuxCertificate);
    }

    public void addCRL(X509CRL x509crl) throws PKCS7Exception {
        this.data.addCRL(x509crl);
    }

    public void addRecipientInfo(RecipInfo recipInfo) throws PKCS7Exception {
        this.data.addRecipientInfo(recipInfo);
    }

    public void setContent(PKCS7 pkcs7) throws PKCS7Exception {
        this.data.setContent(pkcs7);
    }

    public Collection<SignerInfoWithPkey> getSignerInfo() {
        return this.data.getSignerInfo();
    }

    public static PKCS7 readPEM(BIO bio) throws PKCS7Exception {
        try {
            byte[] bArr = new byte[1024];
            if (bio.gets(bArr, 1024) <= PEM_STRING_PKCS7_START.length) {
                return null;
            }
            byte[] bArr2 = new byte[PEM_STRING_PKCS7_START.length];
            System.arraycopy(bArr, 0, bArr2, 0, bArr2.length);
            if (Arrays.equals(PEM_STRING_PKCS7_START, bArr2)) {
                return fromASN1(BIO.base64Filter(bio));
            }
            return null;
        } catch (IOException e) {
            return null;
        }
    }

    public BIO bioAddDigest(BIO bio, AlgorithmIdentifier algorithmIdentifier) throws PKCS7Exception {
        try {
            BIO mdFilter = BIO.mdFilter(EVP.getDigest(algorithmIdentifier.getAlgorithm()));
            if (bio == null) {
                return mdFilter;
            }
            bio.push(mdFilter);
            return bio;
        } catch (Exception e) {
            throw new PKCS7Exception(125, 109, e);
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:37:0x0181  */
    /* JADX WARN: Removed duplicated region for block: B:53:0x01e4  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.jruby.ext.openssl.impl.BIO dataDecode(java.security.PrivateKey r8, org.jruby.ext.openssl.impl.BIO r9, org.jruby.ext.openssl.x509store.X509AuxCertificate r10) throws org.jruby.ext.openssl.impl.PKCS7Exception {
        /*
            Method dump skipped, instructions count: 796
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.impl.PKCS7.dataDecode(java.security.PrivateKey, org.jruby.ext.openssl.impl.BIO, org.jruby.ext.openssl.x509store.X509AuxCertificate):org.jruby.ext.openssl.impl.BIO");
    }

    public BIO dataInit(BIO bio) throws PKCS7Exception {
        Set<AlgorithmIdentifier> set = null;
        ASN1OctetString aSN1OctetString = null;
        Collection<RecipInfo> collection = null;
        AlgorithmIdentifier algorithmIdentifier = null;
        CipherSpec cipherSpec = null;
        BIO bio2 = null;
        EncContent encContent = null;
        switch (this.data.getType()) {
            case 22:
                set = getSign().getMdAlgs();
                aSN1OctetString = getSign().getContents().getOctetString();
                break;
            case 23:
                collection = getEnveloped().getRecipientInfo();
                encContent = getEnveloped().getEncData();
                cipherSpec = getEnveloped().getEncData().getCipher();
                if (null == cipherSpec) {
                    throw new PKCS7Exception(105, 116);
                }
                break;
            case 24:
                collection = getSignedAndEnveloped().getRecipientInfo();
                set = getSignedAndEnveloped().getMdAlgs();
                encContent = getSignedAndEnveloped().getEncData();
                cipherSpec = getSignedAndEnveloped().getEncData().getCipher();
                if (null == cipherSpec) {
                    throw new PKCS7Exception(105, 116);
                }
                break;
            case 25:
                algorithmIdentifier = getDigest().getMd();
                aSN1OctetString = getDigest().getContents().getOctetString();
                break;
            default:
                throw new PKCS7Exception(105, 112);
        }
        if (set != null) {
            Iterator<AlgorithmIdentifier> it = set.iterator();
            while (it.hasNext()) {
                BIO bioAddDigest = bioAddDigest(bio2, it.next());
                bio2 = bioAddDigest;
                if (bioAddDigest == null) {
                    return null;
                }
            }
        }
        if (algorithmIdentifier != null) {
            BIO bioAddDigest2 = bioAddDigest(bio2, algorithmIdentifier);
            bio2 = bioAddDigest2;
            if (bioAddDigest2 == null) {
                return null;
            }
        }
        if (cipherSpec != null) {
            BIO cipherFilter = BIO.cipherFilter(cipherSpec.getCipher());
            String algorithm = cipherSpec.getCipher().getAlgorithm();
            if (algorithm.indexOf(47) != -1) {
                algorithm = algorithm.split(AntPathMatcher.DEFAULT_PATH_SEPARATOR)[0];
            }
            try {
                KeyGenerator keyGenerator = SecurityHelper.getKeyGenerator(algorithm);
                keyGenerator.init(cipherSpec.getKeyLenInBits(), SecurityHelper.getSecureRandom());
                SecretKey generateKey = keyGenerator.generateKey();
                cipherSpec.getCipher().init(1, generateKey);
                if (null != collection) {
                    for (RecipInfo recipInfo : collection) {
                        PublicKey publicKey = recipInfo.getCert().getPublicKey();
                        Cipher cipher = SecurityHelper.getCipher(CipherSpec.getWrappingAlgorithm(publicKey.getAlgorithm()));
                        cipher.init(1, publicKey);
                        recipInfo.setEncKey(new DEROctetString(cipher.doFinal(generateKey.getEncoded())));
                    }
                }
                ASN1ObjectIdentifier sym2oid = ASN1Registry.sym2oid(cipherSpec.getOsslName());
                if (sym2oid == null) {
                    throw new PKCS7Exception(105, 144);
                }
                if (cipherSpec.getCipher().getIV() != null) {
                    encContent.setAlgorithm(new AlgorithmIdentifier(sym2oid, new DEROctetString(cipherSpec.getCipher().getIV())));
                } else {
                    encContent.setAlgorithm(new AlgorithmIdentifier(sym2oid));
                }
                if (bio2 == null) {
                    bio2 = cipherFilter;
                } else {
                    bio2.push(cipherFilter);
                }
            } catch (Exception e) {
                throw new PKCS7Exception(105, 121, e);
            }
        }
        if (bio == null) {
            if (isDetached()) {
                bio = BIO.nullSink();
            } else if (aSN1OctetString != null && aSN1OctetString.getOctets().length > 0) {
                bio = BIO.memBuf(aSN1OctetString.getOctets());
            }
            if (bio == null) {
                bio = BIO.mem();
                bio.setMemEofReturn(0);
            }
        }
        if (bio2 != null) {
            bio2.push(bio);
        } else {
            bio2 = bio;
        }
        return bio2;
    }

    public BIO findDigest(MessageDigest[] messageDigestArr, BIO bio, int i) throws PKCS7Exception {
        while (true) {
            BIO findType = bio.findType(520);
            if (findType == null) {
                throw new PKCS7Exception(127, 108);
            }
            messageDigestArr[0] = ((MessageDigestBIOFilter) findType).getMessageDigest();
            if (messageDigestArr[0] == null) {
                throw new PKCS7Exception(127, -1);
            }
            if (i == EVP.type(messageDigestArr[0])) {
                return findType;
            }
            bio = findType.next();
        }
    }

    public int dataFinal(BIO bio) throws PKCS7Exception {
        Collection<SignerInfoWithPkey> collection = null;
        MessageDigest messageDigest = null;
        int type = this.data.getType();
        switch (type) {
            case 22:
                collection = getSign().getSignerInfo();
                break;
            case 24:
                collection = getSignedAndEnveloped().getSignerInfo();
                break;
        }
        if (collection != null) {
            for (SignerInfoWithPkey signerInfoWithPkey : collection) {
                if (signerInfoWithPkey.getPkey() != null) {
                    int intValue = ASN1Registry.oid2nid(signerInfoWithPkey.getDigestAlgorithm().getAlgorithm()).intValue();
                    MessageDigest[] messageDigestArr = {messageDigest};
                    BIO findDigest = findDigest(messageDigestArr, bio, intValue);
                    messageDigest = messageDigestArr[0];
                    if (findDigest == null) {
                        return 0;
                    }
                    try {
                        MessageDigest messageDigest2 = (MessageDigest) messageDigest.clone();
                        ASN1Set authenticatedAttributes = signerInfoWithPkey.getAuthenticatedAttributes();
                        Signature signature = null;
                        if (authenticatedAttributes != null) {
                            try {
                                if (authenticatedAttributes.size() > 0) {
                                    if (null == signerInfoWithPkey.getSignedAttribute(52)) {
                                        signerInfoWithPkey.addSignedAttribute(52, new DERUTCTime(Calendar.getInstance(TimeZone.getTimeZone(RubyTime.UTC)).getTime()));
                                    }
                                    signerInfoWithPkey.addSignedAttribute(51, new DEROctetString(messageDigest2.digest()));
                                    ASN1Set authenticatedAttributes2 = signerInfoWithPkey.getAuthenticatedAttributes();
                                    signature = SecurityHelper.getSignature(EVP.signatureAlgorithm(messageDigest2, signerInfoWithPkey.getPkey()));
                                    signature.initSign(signerInfoWithPkey.getPkey());
                                    signature.update(authenticatedAttributes2.getEncoded());
                                }
                            } catch (Exception e) {
                                throw new PKCS7Exception(128, -1, e);
                            }
                        }
                        if (signature != null) {
                            signerInfoWithPkey.setEncryptedDigest(new DEROctetString(signature.sign()));
                        }
                    } catch (CloneNotSupportedException e2) {
                        throw new RuntimeException(e2);
                    }
                }
            }
        } else if (type == 25) {
            MessageDigest[] messageDigestArr2 = {null};
            bio = findDigest(messageDigestArr2, bio, ASN1Registry.oid2nid(getDigest().getMd().getAlgorithm()).intValue());
            getDigest().setDigest(new DEROctetString(messageDigestArr2[0].digest()));
        }
        if (isDetached()) {
            return 1;
        }
        BIO findType = bio.findType(1025);
        if (null == findType) {
            throw new PKCS7Exception(128, 107);
        }
        byte[] memCopy = ((MemBIO) findType).getMemCopy();
        switch (type) {
            case 22:
                if (!getSign().getContents().isData() || getDetached() == 0) {
                    getSign().getContents().setData(new DEROctetString(memCopy));
                    return 1;
                }
                getSign().getContents().setData(null);
                return 1;
            case 23:
                getEnveloped().getEncData().setEncData(new DEROctetString(memCopy));
                return 1;
            case 24:
                getSignedAndEnveloped().getEncData().setEncData(new DEROctetString(memCopy));
                return 1;
            case 25:
                if (!getDigest().getContents().isData() || getDetached() == 0) {
                    getDigest().getContents().setData(new DEROctetString(memCopy));
                    return 1;
                }
                getDigest().getContents().setData(null);
                return 1;
            default:
                return 1;
        }
    }

    public String toString() {
        return "#<PKCS7 " + this.data + ">";
    }

    public Envelope getEnveloped() {
        return this.data.getEnveloped();
    }

    public SignEnvelope getSignedAndEnveloped() {
        return this.data.getSignedAndEnveloped();
    }

    public Digest getDigest() {
        return this.data.getDigest();
    }

    public Encrypt getEncrypted() {
        return this.data.getEncrypted();
    }

    public ASN1Encodable getOther() {
        return this.data.getOther();
    }

    public void setSign(Signed signed) {
        this.data.setSign(signed);
    }

    public Signed getSign() {
        return this.data.getSign();
    }

    public void setData(ASN1OctetString aSN1OctetString) {
        this.data.setData(aSN1OctetString);
    }

    public ASN1OctetString getData() {
        return this.data.getData();
    }

    public boolean isSigned() {
        return this.data.isSigned();
    }

    public boolean isEncrypted() {
        return this.data.isEncrypted();
    }

    public boolean isEnveloped() {
        return this.data.isEnveloped();
    }

    public boolean isSignedAndEnveloped() {
        return this.data.isSignedAndEnveloped();
    }

    public boolean isData() {
        return this.data.isData();
    }

    public boolean isDigest() {
        return this.data.isDigest();
    }

    public boolean isOther() {
        return this.data.isOther();
    }

    public int getType() {
        return this.data.getType();
    }

    public ASN1OctetString getOctetString() {
        if (isData()) {
            return getData();
        }
        if (!isOther()) {
            return null;
        }
        ASN1Encodable other = getOther();
        if (other instanceof ASN1OctetString) {
            return (ASN1OctetString) other;
        }
        return null;
    }
}
