package com.ibm.bcg.util;

import com.ibm.bcg.server.DocumentState;
import com.ibm.bcg.server.Message;
import com.ibm.bcg.server.MessageConst;
import com.ibm.bcg.server.VMSLog;
import com.ibm.bcg.server.event.EventTextId;
import com.ibm.bcg.server.util.DebugMgr;
import com.ibm.bcg.server.util.RouterProperty;
import com.ibm.security.pkcs7.ContentInfo;
import com.ibm.security.pkcs7.Data;
import com.ibm.security.pkcs7.DigestedData;
import com.ibm.security.pkcs7.EncapsulatedContentInfo;
import com.ibm.security.pkcs7.EncryptedContentInfo;
import com.ibm.security.pkcs7.EnvelopedData;
import com.ibm.security.pkcs7.RecipientInfo;
import com.ibm.security.pkcs7.SignedData;
import com.ibm.security.pkcs7.SignerInfo;
import com.ibm.security.pkcsutil.PKCSAttributes;
import com.ibm.security.x509.AlgorithmId;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CRL;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Vector;
import org.apache.log4j.Category;

/* loaded from: input_file:com/ibm/bcg/util/PKCS7Util.class */
public class PKCS7Util {
    public static final String COPYRIGHT = "Licensed Material - Property of IBM , 5724-E75,5724-E87,5724-L68,5724-L69.  (C) Copyright IBM Corp. 2001,2004 - All Rights Reserved. The source code for this program is not published or otherwisedivested of its trade secrets, irrespective of what has beendeposited with the U.S. Copyright Office. ";
    private static boolean m_verifySignerFlag = false;
    public static final int CERIFICATE_EXPIRED = 1;
    public static final int CERIFICATE_FAIL_CERT_PATH = 2;
    public static final int CERIFICATE_FAIL_BUILD_CERT_PATH = 3;
    public static final int CERIFICATE_CERT_NOT_YET_VALID = 4;
    public static final int CERIFICATE_FAIL_VALIDATE_CERT_PATH = 5;
    public static final int PRIMARY_SET_TO_NOT_IN_USE = 6;
    private static final String SHA1OID = "1.3.14.3.2.26";
    private static final String SHAOID = "1.3.14.3.2.18";
    public static final int CERIFICATE_VALID = -1;
    public static final int SIGVER_SUCCESS = 0;
    public static final int SIGVER_FAIL_DECODE = 1;
    public static final int SIGVER_FAIL_PARTNER = 2;
    public static final int ENCRYPT_ALG_DES = 1;
    public static final int ENCRYPT_ALG_3DES = 2;
    public static final int ENCRYPT_ALG_RC2 = 3;
    public static final int ENCRYPT_ALG_AES = 4;
    public static final int ENCRYPT_KEYSIZE_DES_56 = 56;
    public static final int ENCRYPT_KEYSIZE_DESEDE_168 = 168;
    public static final int ENCRYPT_KEYSIZE_DESEDE_112 = 112;
    public static final int ENCRYPT_KEYSIZE_AES_128 = 128;
    public static final int ENCRYPT_KEYSIZE_AES_192 = 192;
    public static final int ENCRYPT_KEYSIZE_AES_256 = 256;
    protected static Category m_logger;
    protected static RouterProperty vcp;
    protected byte[] m_lastVerifiedDigest = null;
    protected String m_lastDigestAlgorithm = null;
    protected byte[] m_lastSignedDigest = null;
    protected String m_lastSignedDigestAlg = null;
    private int encryptPublicCertId = -1;
    private int decryptPublicCertId = -1;
    private int signaturePublicCertId = -1;
    private int signatureVerificationPublicCertId = -1;
    protected static String m_def_digestAlgorithm;
    private static String m_def_encryption_alg;
    private static VMSLog vmsLog;
    static Class class$0;

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.lang.Throwable] */
    static {
        m_logger = null;
        vcp = null;
        m_def_digestAlgorithm = "SHA1";
        m_def_encryption_alg = null;
        vmsLog = null;
        Class<?> cls = class$0;
        if (cls == null) {
            try {
                cls = Class.forName("com.ibm.bcg.util.PKCS7Util");
                class$0 = cls;
            } catch (ClassNotFoundException unused) {
                throw new NoClassDefFoundError(cls.getMessage());
            }
        }
        m_logger = Category.getInstance(cls.getName());
        vmsLog = new VMSLog(m_logger);
        try {
            vcp = RouterProperty.getInstance();
            m_def_digestAlgorithm = vcp.getProperties().getProperty("bcg.rosettanet.signature.DigestAlgorithm", "SHA1");
            debug(new StringBuffer("signature algo=").append(m_def_digestAlgorithm).toString());
            m_def_encryption_alg = vcp.getProperties().getProperty("bcg.rosettanet.encrypt.Algorithm", "DES");
            debug(new StringBuffer("Default Encryption algo=").append(m_def_encryption_alg).toString());
        } catch (Exception e) {
            m_logger.error("Unable to load router property file", e);
        }
    }

    public static boolean checkCRLStatus(X509Certificate x509Certificate, boolean z) throws Exception {
        return CertPathUtil.validateCertPathWithReset(x509Certificate, z);
    }

    public EncryptInfo encryptBytesS(byte[] bArr, String str, int i, int i2) throws BcgException {
        if (bArr == null || bArr.length == 0 || str == null) {
            throw new BcgException("Argument passed in the method is wrong", null, null, null);
        }
        debug(" Starting the Method encryptBytesS");
        try {
            Vector validEncryptionCertInfos = getValidEncryptionCertInfos(new StringBuffer().append(Integer.parseInt(str)).toString());
            CertInfo certInfo = null;
            int i3 = 0;
            while (true) {
                if (i3 >= validEncryptionCertInfos.size()) {
                    break;
                }
                certInfo = (CertInfo) validEncryptionCertInfos.elementAt(i3);
                X509Certificate cert = certInfo.getCert();
                if (cert == null) {
                    debug("The certificate is null");
                } else {
                    debug("The certificate is Not null");
                    int checkCertificateValidity = checkCertificateValidity(cert, true);
                    if (checkCertificateValidity == -1) {
                        debug(new StringBuffer("The Certificate with certId ").append(certInfo.getCertId()).append(" is Valid .").toString());
                        break;
                    }
                    if (checkCertificateValidity == 3) {
                        throw new BcgException("Could not get Valid encryption Certificate ", "Could not get Valid encryption Certificate ", EventTextId.EVENT_NO_VALID_ENCRYPTION_CERT, null);
                    }
                    if (checkCertificateValidity == 4) {
                        throw new BcgException("Could not get valid encryption certificate ", "Could not get valid encryption certificate ", EventTextId.EVENT_NO_VALID_SIGNING_CERT, null);
                    }
                    if (checkCertificateValidity == 5) {
                        throw new BcgException("Could not get valid encryption certificate ", "Could not get valid encryption certificate ", EventTextId.EVENT_NO_VALID_ENCRYPTION_CERT, null);
                    }
                    certInfo = null;
                }
                i3++;
            }
            if (validEncryptionCertInfos != null) {
                validEncryptionCertInfos.clear();
            }
            if (certInfo == null || certInfo.getCert() == null) {
                throw new BcgException("There is no valid encryption certificate for the partner ", "There is no valid encryption certificate for the partner ", EventTextId.EVENT_NO_VALID_ENCRYPTION_CERT, null);
            }
            X509Certificate[] x509CertificateArr = {certInfo.getCert()};
            Vector encryptionAlgoNameAndKeyLength = getEncryptionAlgoNameAndKeyLength(i, i2);
            String str2 = (String) encryptionAlgoNameAndKeyLength.get(0);
            int intValue = ((Integer) encryptionAlgoNameAndKeyLength.get(1)).intValue();
            debug(new StringBuffer("The encryption is going to use ").append(str2).append(" With keylength = ").append(intValue).toString());
            try {
                Data data = new Data();
                data.setData(bArr);
                ContentInfo contentInfo = new ContentInfo(new EnvelopedData(x509CertificateArr, new ContentInfo(data), str2, intValue, (PKCSAttributes) null));
                this.encryptPublicCertId = certInfo.getCertId();
                EncryptInfo encryptInfo = new EncryptInfo();
                encryptInfo.setAlgoName(str2);
                encryptInfo.setData(contentInfo.encode());
                encryptInfo.setEncryptPublicCertId(this.encryptPublicCertId);
                debug(new StringBuffer("The encryption done with Certificate ").append(this.encryptPublicCertId).toString());
                return encryptInfo;
            } catch (Exception e) {
                e.printStackTrace();
                debug(new StringBuffer("There is error while encrypting Data ").append(e.getMessage()).toString());
                throw new BcgException(new StringBuffer("There is error while encrypting Data ").append(e.getMessage()).toString(), null, null, null);
            }
        } catch (NumberFormatException e2) {
            throw new BcgException("The partner id should be a Integer", null, null, null);
        }
    }

    public int getEncryptPublicCertId() {
        return this.encryptPublicCertId;
    }

    private Vector getEncryptionAlgoNameAndKeyLength(int i, int i2) throws BcgException {
        String str;
        debug(new StringBuffer(" Starting the Method getEncryptionAlgoNameAndKeyLength encryptAlg = ").append(i).append(" And keyLength = ").append(i2).toString());
        if (i == 2) {
            str = "DESede";
            if (i2 != 112 || i2 != 168) {
                i2 = 168;
            }
        } else if (i == 1) {
            str = "DES";
            i2 = 56;
        } else if (i == 3) {
            str = "RC2";
        } else {
            if (i != 4) {
                throw new BcgException("Illegal algorithm ID has been provided", null, null, null);
            }
            str = "AES";
            if (i2 != 128 || i2 != 192 || i2 != 256) {
                i2 = 128;
            }
        }
        debug(new StringBuffer(" KeyLength = ").append(i2).append(" for the Algorithm = ").append(str).toString());
        Vector vector = new Vector();
        vector.add(str);
        vector.add(new Integer(i2));
        return vector;
    }

    private Vector getValidEncryptionCertInfos(String str) throws BcgException {
        debug(new StringBuffer(" Starting the Method getValidEncryptionCertInfos where partnerId = ").append(str).toString());
        Vector vector = new Vector();
        addValidCertInfo(WBICSecurityManager.getInstance().getEncryptionCertInfo(str, true), vector);
        addValidCertInfo(WBICSecurityManager.getInstance().getEncryptionCertInfo(str, false), vector);
        if (vector.size() != 0) {
            return vector;
        }
        debug(new StringBuffer("No encryption Certificate for the partner Id  ").append(str).toString());
        throw new BcgException("No encryption certificate for the partner ", "No encryption certificate for the partner ", EventTextId.EVENT_CERT_NOT_FOUND, null);
    }

    public static String getDefaultEncryptionAlgo() {
        return m_def_encryption_alg;
    }

    public EncryptInfo decryptBytes(byte[] bArr) throws BcgException {
        if (bArr == null || bArr.length == 0) {
            throw new BcgException("The Argument passed in the method is wrong", null, null, null);
        }
        debug(" Starting the method decryptBytes");
        Vector decryptCertInfos = getDecryptCertInfos();
        try {
            EnvelopedData envelopedData = (EnvelopedData) new ContentInfo(bArr).getContent();
            OwnerCertInfo validDecryptCertInfo = getValidDecryptCertInfo(envelopedData, decryptCertInfos);
            if (validDecryptCertInfo == null) {
                throw new BcgException("There is No RecipientInfo object related to the certificates in Data Base", "The Message is not a Der encoded Enveloped Data.", EventTextId.EVENT_NO_VALID_ENCRYPTION_CERT, null);
            }
            validDecryptCertInfo.getKey();
            validDecryptCertInfo.getCert();
            EncryptedContentInfo encryptedContentInfo = envelopedData.getEncryptedContentInfo();
            try {
                try {
                    ContentInfo decrypt = envelopedData.decrypt(validDecryptCertInfo.getKey(), validDecryptCertInfo.getCert());
                    debug("Its able to Decrypt the data!!!");
                    Data content = decrypt.getContent();
                    this.decryptPublicCertId = validDecryptCertInfo.getCertId();
                    EncryptInfo encryptInfo = new EncryptInfo();
                    String name = encryptedContentInfo.getContentEncryptionAlgorithm().getName();
                    encryptInfo.setAlgoName(name);
                    encryptInfo.setData(content.getData());
                    encryptInfo.setEncryptPublicCertId(this.decryptPublicCertId);
                    debug(new StringBuffer(" The Algo used for it is ").append(name).append(" And Cert Id = ").append(this.decryptPublicCertId).toString());
                    return encryptInfo;
                } catch (Exception e) {
                    e.printStackTrace();
                    throw new BcgException("Some problem while decrypting the data", "Some problem while decrypting the data", null, null);
                }
            } finally {
            }
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new BcgException("The Message is not a Der encoded Enveloped Data.", "The Message is not a Der encoded Enveloped Data.", null, null);
        }
    }

    private OwnerCertInfo getValidDecryptCertInfo(EnvelopedData envelopedData, Vector vector) {
        OwnerCertInfo ownerCertInfo = null;
        RecipientInfo recipientInfo = null;
        debug(new StringBuffer(" No Of certificates = ").append(vector.size()).toString());
        for (int i = 0; i < vector.size(); i++) {
            ownerCertInfo = (OwnerCertInfo) vector.get(i);
            X509Certificate cert = ownerCertInfo.getCert();
            debug(new StringBuffer("x509Certificate Issuer = ").append(cert.getIssuerDN().toString()).toString());
            try {
                recipientInfo = envelopedData.getRecipientInfo(ownerCertInfo.getCert());
                if (recipientInfo == null) {
                    continue;
                } else {
                    if (checkCertificateValidity(cert, false) == -1) {
                        debug(new StringBuffer("Got RecipientInfo with Cert Id = ").append(ownerCertInfo.getCertId()).toString());
                        break;
                    }
                    ownerCertInfo = null;
                }
            } catch (Exception e) {
                ownerCertInfo = null;
                recipientInfo = null;
                error(new StringBuffer("Error while getting recipientInfo object with Certificate Id =").append(ownerCertInfo.getCertId()).toString(), e);
            }
        }
        if (recipientInfo == null) {
            ownerCertInfo = null;
        }
        return ownerCertInfo;
    }

    public int getDecryptPublicCertId() {
        return this.decryptPublicCertId;
    }

    private Vector getDecryptCertInfos() throws BcgException {
        new Vector();
        Vector decryptCertInfo = WBICSecurityManager.getInstance().getPKCSOwnerInfo().getDecryptCertInfo();
        if (decryptCertInfo.size() == 0) {
            throw new BcgException("There is no certificate in the database", "There is no certificate in the database", EventTextId.EVENT_CERT_NOT_FOUND, null);
        }
        return decryptCertInfo;
    }

    public byte[] generateSignature(byte[] bArr) throws BcgException {
        return generateSignature(bArr, "SHA1withRSA");
    }

    public byte[] generateSignature(byte[] bArr, String str) throws BcgException {
        if (str == null) {
            throw new BcgException("digital Signature Algo can't be null", null, null, null);
        }
        if (bArr == null || bArr.length == 0) {
            throw new BcgException("Message Content can't be null", null, null, null);
        }
        debug(new StringBuffer(" In Method generateSignature digAndSigAlgo = ").append(str).toString());
        if (str.toUpperCase().indexOf("withRSA".toUpperCase()) == -1) {
            str = new StringBuffer(String.valueOf(str)).append("withRSA").toString();
        }
        OwnerCertInfo ownerCertInfo = null;
        CRL[] crlArr = (CRL[]) null;
        debug(" Starting method generateSignature");
        if (bArr == null || bArr.length == 0) {
            throw new BcgException("No Message has been found ", null, null, null);
        }
        Vector signingCertInfos = getSigningCertInfos();
        int i = 0;
        while (true) {
            if (i < signingCertInfos.size()) {
                ownerCertInfo = (OwnerCertInfo) signingCertInfos.get(i);
                int checkCertificateValidity = checkCertificateValidity(ownerCertInfo.getCert(), true);
                if (checkCertificateValidity == -1) {
                    break;
                }
                if (checkCertificateValidity == 3) {
                    ownerCertInfo = null;
                    break;
                }
                if (checkCertificateValidity == 4) {
                    ownerCertInfo = null;
                    break;
                }
                if (checkCertificateValidity == 5) {
                    ownerCertInfo = null;
                    break;
                }
                ownerCertInfo = null;
                i++;
            } else {
                break;
            }
        }
        if (ownerCertInfo == null) {
            throw new BcgException("Could not get Valid Signing Certificate ", "Could not get Valid Signing Certificate ", EventTextId.EVENT_NO_VALID_SIGNING_CERT, null);
        }
        signingCertInfos.clear();
        X509Certificate cert = ownerCertInfo.getCert();
        PrivateKey key = ownerCertInfo.getKey();
        debug(new StringBuffer("In PKCS7Util Found a key with Algorithm =").append(key.getAlgorithm()).toString());
        try {
            Data data = new Data();
            data.setData(bArr);
            SignedData signedData = new SignedData(new Certificate[]{cert}, crlArr, new ContentInfo(data), str, new PrivateKey[]{key}, (PKCSAttributes) null, (PKCSAttributes) null, false);
            debug(" Created a proper Signature");
            signedData.removeContent();
            byte[] encode = new ContentInfo(signedData).encode();
            try {
                debug("Now will try to get the Digest and set the algorithm name");
                SignerInfo signerInfo = signedData.getSignerInfo(cert);
                byte[] messageDigest = signerInfo.getMessageDigest();
                String digestAlgorithmName = getDigestAlgorithmName(signerInfo.getDigestAlgorithm());
                Vector vector = new Vector();
                vector.add(messageDigest);
                vector.add(digestAlgorithmName);
                this.m_lastSignedDigest = messageDigest;
                this.m_lastSignedDigestAlg = digestAlgorithmName;
                debug(new StringBuffer("lastSignedDigest=").append(this.m_lastSignedDigest).append(", lastSignedDigestAlg=").append(this.m_lastSignedDigestAlg).toString());
                vector.clear();
                this.signaturePublicCertId = ownerCertInfo.getCertId();
                return encode;
            } catch (IOException e) {
                e.printStackTrace();
                throw new BcgException("Error while retreiving the Message Digest", null, null, null);
            }
        } catch (IOException e2) {
            error("IOException ", e2);
            throw new BcgException("IOException ", null, null, null);
        } catch (NoSuchAlgorithmException e3) {
            error("NoSuchAlgorithmException ", e3);
            throw new BcgException(new StringBuffer("The signature Algorithm").append(str).append("is not supported ").toString(), null, null, null);
        } catch (Exception e4) {
            error("Exception ", e4);
            throw new BcgException("Some internal problem while generating Signature. Could not create the PKCS Object ", null, null, null, e4);
        }
    }

    public String getLastSignedDigestAlg() {
        return this.m_lastSignedDigestAlg;
    }

    public int getSignatureId() {
        return this.signaturePublicCertId;
    }

    private Vector getSigningCertInfos() throws BcgException {
        Vector vector = new Vector();
        addValidOwnetCertInfo(WBICSecurityManager.getInstance().getPKCSOwnerInfo().getSigningCertInfo(true), vector);
        addValidOwnetCertInfo(WBICSecurityManager.getInstance().getPKCSOwnerInfo().getSigningCertInfo(false), vector);
        if (vector.size() == 0) {
            throw new BcgException("There is no Signing Certificate ", "There is no Signing Certificate", EventTextId.EVENT_CERT_NOT_FOUND, null);
        }
        return vector;
    }

    private void addValidOwnetCertInfo(OwnerCertInfo ownerCertInfo, Vector vector) {
        if (ownerCertInfo != null) {
            X509Certificate cert = ownerCertInfo.getCert();
            if (ownerCertInfo.getKey() == null || cert == null) {
                return;
            }
            vector.add(ownerCertInfo);
        }
    }

    public int verifySignature(byte[] bArr, byte[] bArr2, String str) throws BcgException {
        return verifySignatureS(bArr, bArr2, str, m_verifySignerFlag)[0];
    }

    public int verifySignature(byte[] bArr, byte[] bArr2, String str, boolean z) throws BcgException {
        return verifySignatureS(bArr, bArr2, str, z)[0];
    }

    private int[] verifySignatureS(byte[] bArr, byte[] bArr2, String str, boolean z) throws BcgException {
        int verifySignatureWithOutSenderAuthentication;
        if (bArr == null || bArr2 == null) {
            throw new BcgException("The parameters passed in the Method are wrong", null, null, null);
        }
        if (!z) {
            verifySignatureWithOutSenderAuthentication = verifySignatureWithOutSenderAuthentication(bArr, bArr2);
        } else {
            if (str == null || str.trim().length() == 0) {
                throw new BcgException("for verify the Signer Sender id is Mendatory parameter", "for verify the Signer Sender id is Mendatory parameter", null, null);
            }
            try {
                Integer.parseInt(str);
                verifySignatureWithOutSenderAuthentication = verifySignatureWithSenderAuthentication(bArr, bArr2, str);
            } catch (NumberFormatException e) {
                throw new BcgException("for verify the Signer Sender id must be an Integer value", "for verify the Signer Sender id must be an Integer value", null, null);
            }
        }
        return new int[]{verifySignatureWithOutSenderAuthentication, this.signatureVerificationPublicCertId};
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private int verifySignatureWithSenderAuthentication(byte[] bArr, byte[] bArr2, String str) throws BcgException {
        int i = 1;
        this.m_lastVerifiedDigest = null;
        SignerInfo signerInfo = null;
        CertInfo certInfo = null;
        debug(" Starting method verifySignatureWithSenderAuthentication ");
        Vector signatureVerificationCertInfos = getSignatureVerificationCertInfos(str);
        if (signatureVerificationCertInfos == null || signatureVerificationCertInfos.size() == 0) {
            debug(" There is no certificate info to verify the Signatute");
            throw new BcgException("No Signature Certificate for the partner ", "No Signature Certificate for the partner ", EventTextId.EVENT_CERT_NOT_FOUND, null);
        }
        try {
            SignedData content = new ContentInfo(bArr).getContent();
            debug(" Got Perfect Signed Data");
            for (int i2 = 0; i2 < signatureVerificationCertInfos.size(); i2++) {
                certInfo = (CertInfo) signatureVerificationCertInfos.get(i2);
                X509Certificate cert = certInfo.getCert();
                try {
                    signerInfo = content.getSignerInfo(cert);
                    if (signerInfo != null) {
                        debug(new StringBuffer(" Got Signer for the certificate Id =").append(certInfo.getCertId()).toString());
                        if (checkCertificateValidity(cert, false) == -1) {
                            i = 0;
                            certInfo.getCertId();
                            break;
                        }
                        certInfo = null;
                    } else {
                        certInfo = null;
                    }
                } catch (Exception e) {
                    error(" Exception ", e);
                    certInfo = null;
                }
            }
            if (certInfo == null) {
                debug(" Could not get any Signer from the Certificate Store");
                throw new BcgException("No Valid Signature Certificate for the partner ", "No Valid Signature Certificate for the partner", EventTextId.EVENT_NO_VALID_SIGNING_CERT, null);
            }
            boolean verify = signerInfo.verify(certInfo.getCert(), bArr2);
            debug(new StringBuffer(" IS The Signature Valid = ").append(verify).toString());
            if (!verify) {
                return 2;
            }
            debug(new StringBuffer(" Algo Name  = ").append(getDigestAlgorithmName(signerInfo.getDigestAlgorithm())).toString());
            Vector digestAndAlgorithm = getDigestAndAlgorithm(signerInfo, bArr2);
            if (digestAndAlgorithm == null) {
                throw new BcgException("Not a Valid Signature Format ", "Unsupported Signature Format", "240419", null);
            }
            if (i == 0) {
                if (digestAndAlgorithm == null || digestAndAlgorithm.elementAt(0) == null) {
                    m_logger.error("Signed messages has no \"MESSAGE_DIGEST\" attribute: non-repudiation of receipt impossible");
                    throw new BcgException("Could not Retrive the Digest", "Could not Retrive the Digest", "240419", null);
                }
                this.m_lastVerifiedDigest = (byte[]) digestAndAlgorithm.elementAt(0);
                this.m_lastDigestAlgorithm = (String) digestAndAlgorithm.elementAt(1);
            }
            this.signatureVerificationPublicCertId = certInfo.getCertId();
            return i;
        } catch (BcgException e2) {
            throw e2;
        } catch (Exception e3) {
            e3.printStackTrace();
            throw new BcgException("Could not Decode the Signature ", "Could not Decode the Signature ", "240419", null);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private int verifySignatureWithOutSenderAuthentication(byte[] bArr, byte[] bArr2) throws BcgException {
        SignerInfo signerInfo;
        int i = -1;
        debug(" Starting method verifySignatureWithOutSenderAuthentication ");
        try {
            ContentInfo contentInfo = new ContentInfo(bArr);
            debug(" Created ContentInfo Object");
            SignedData content = contentInfo.getContent();
            debug(" Got Signed Data ");
            Certificate[] certificates = content.getCertificates();
            if (certificates == null || certificates.length == 0) {
                error("There is no Certificate with the PKCS7 Format Signatue", null);
                throw new BcgException("Not a Valid Signature Format ", "Not a Valid Signature Format ", "240419", null);
            }
            debug(new StringBuffer(" No of Certs in the Signed Data = ").append(certificates.length).toString());
            boolean z = false;
            BcgException bcgException = null;
            int i2 = 0;
            while (true) {
                if (i2 >= certificates.length) {
                    break;
                }
                try {
                    signerInfo = content.getSignerInfo(certificates[i2]);
                    debug(new StringBuffer("Got the Signer info for the Certificate ").append(certificates[i2]).toString());
                } catch (Exception e) {
                    debug(new StringBuffer("Could not get the perfect Signer for the cert ").append(certificates[i2]).toString());
                    signerInfo = null;
                }
                if (signerInfo != null) {
                    if (!z) {
                        z = true;
                    }
                    if (getCertId(certificates[i2]) != -1) {
                        if (z) {
                            z = 2;
                        }
                        if (checkCertificateValidity((X509Certificate) certificates[i2], false) == -1) {
                            if (z == 2) {
                                z = 3;
                            }
                            try {
                                boolean verify = signerInfo.verify(certificates[i2], bArr2);
                                debug(new StringBuffer("The Result of verification = ").append(verify).toString());
                                if (z == 3) {
                                    z = 4;
                                }
                                if (!verify) {
                                    debug(new StringBuffer("In the False path= ").append(verify).toString());
                                    i = 2;
                                    break;
                                }
                                Vector digestAndAlgorithm = getDigestAndAlgorithm(signerInfo, bArr2);
                                debug(new StringBuffer("In the True path= ").append(verify).toString());
                                if (digestAndAlgorithm == null && i2 == certificates.length - 1) {
                                    bcgException = new BcgException("Could not generate Digest ", "Could not generate Digest ", "240419", null);
                                }
                                if (z == 4) {
                                    z = 5;
                                }
                                this.m_lastVerifiedDigest = (byte[]) digestAndAlgorithm.elementAt(0);
                                this.m_lastDigestAlgorithm = (String) digestAndAlgorithm.elementAt(1);
                                i = 0;
                            } catch (Exception e2) {
                                e2.printStackTrace();
                            }
                        } else if (i2 == certificates.length - 1 && z == 2) {
                            bcgException = new BcgException("Not a Valid Signature Format ", "Not a Valid Signature Format ", "240419", null);
                        }
                    } else if (i2 == certificates.length - 1 && z) {
                        bcgException = new BcgException("Certificate is not in the database to verify the signature", "Certificate is not in the database to verify the signature", EventTextId.EVENT_CERT_NOT_FOUND, null);
                    }
                } else if (i2 == certificates.length - 1 && !z) {
                    bcgException = new BcgException("Not a Valid Signature Format ", "Not a Valid Signature Format ", "240419", null);
                }
                i2++;
            }
            if (bcgException == null) {
                return i;
            }
            bcgException.printStackTrace();
            throw bcgException;
        } catch (Exception e3) {
            throw new BcgException("Not a Valid Signature Format ", "Not a Valid Signature Format ", "240419", null);
        }
    }

    private Vector getDigestAndAlgorithm(SignerInfo signerInfo, byte[] bArr) {
        try {
            String digestAlgorithmName = getDigestAlgorithmName(signerInfo.getDigestAlgorithm());
            debug(new StringBuffer(" Algo Name  = ").append(digestAlgorithmName).toString());
            Vector digestAndAlgFromSigner = getDigestAndAlgFromSigner(signerInfo);
            if (digestAndAlgFromSigner != null && digestAndAlgFromSigner.get(0) != null) {
                return digestAndAlgFromSigner;
            }
            byte[] digestFromContent = getDigestFromContent(bArr, digestAlgorithmName);
            if (digestFromContent == null) {
                debug("Could not get Digest from Conttent");
                logEvent("240419", "3", null, null);
                return null;
            }
            Vector vector = new Vector();
            vector.add(0, digestFromContent);
            vector.add(1, digestAlgorithmName);
            debug("Got the Message Digest and adding to the Vector");
            return vector;
        } catch (IOException e) {
            debug(new StringBuffer("Error while getting the algo Name ").append(e).toString());
            return null;
        }
    }

    private int getCertId(Certificate certificate) {
        try {
            Vector allCerts = WBICSecurityManager.getInstance().getAllCerts(certificate, WBICSecurityManager.CERT_TYPE_SIGN);
            if (allCerts != null && allCerts.size() != 0) {
                return allCerts.get(0) instanceof CertificateInfo ? ((CertificateInfo) allCerts.get(0)).getCertId() : ((CertInfo) allCerts.get(0)).getCertId();
            }
            debug("There is no Certificate in the database ");
            return -1;
        } catch (Exception e) {
            e.printStackTrace();
            return -1;
        }
    }

    private byte[] getDigestFromContent(byte[] bArr, String str) {
        debug(" In Method getDigestFromContent");
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str, "IBMJCE");
            messageDigest.reset();
            messageDigest.update(bArr);
            byte[] digest = messageDigest.digest();
            debug(new StringBuffer(" Got The Digest from the actual Message using Algo = ").append(str).toString());
            return digest;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public String getLastDigestAlgorithm() {
        return this.m_lastDigestAlgorithm;
    }

    public byte[] getLastVerifiedDigest() {
        return this.m_lastVerifiedDigest;
    }

    public byte[] generateDigest(byte[] bArr, String str) throws BcgException {
        if (bArr == null || bArr.length == 0 || str == null || str.trim().length() == 0) {
            throw new BcgException("The content passed in the method is wrong", null, null, null);
        }
        debug("Starting the method generateDigest");
        try {
            Data data = new Data();
            data.setData(bArr);
            EncapsulatedContentInfo encapsulatedContentInfo = new EncapsulatedContentInfo(new ContentInfo(data));
            debug("Created the EncapsulatedContentInfo ");
            DigestedData digestedData = new DigestedData(str, encapsulatedContentInfo);
            debug(new StringBuffer("Created the Message Digest using  ").append(str).toString());
            return digestedData.getDigest();
        } catch (NoSuchAlgorithmException e) {
            error(new StringBuffer(String.valueOf(str)).append(" does not supported ").toString(), e);
            throw new BcgException(new StringBuffer(String.valueOf(str)).append(" does not supported ").toString(), null, null, null, e);
        } catch (Exception e2) {
            error("Error while Creating Message Digest", e2);
            throw new BcgException("Error while Creating Message Digest", "Error while Creating Message Digest", null, null, e2);
        }
    }

    public byte[] generateDigest(byte[] bArr) throws BcgException {
        return generateDigest(bArr, m_def_digestAlgorithm);
    }

    public boolean verifySigner(String str, byte[] bArr) throws BcgException {
        try {
            SignedData content = new ContentInfo(bArr).getContent();
            debug(new StringBuffer("\n\n\nThe sender id = ").append(str).toString());
            Vector signatureVerificationCertInfos = getSignatureVerificationCertInfos(str);
            if (signatureVerificationCertInfos == null || signatureVerificationCertInfos.size() == 0) {
                m_logger.debug(new StringBuffer("Error: verify sender, sender id not configured:").append(str).toString());
                throw new BcgException("No Valid Signing Certificate for the partner ", "No Valid Signing Certificate for the partner ", EventTextId.EVENT_CERT_NOT_FOUND, null);
            }
            for (int i = 0; i < signatureVerificationCertInfos.size(); i++) {
                CertInfo certInfo = (CertInfo) signatureVerificationCertInfos.get(i);
                X509Certificate cert = certInfo.getCert();
                if (cert == null) {
                    debug("There is one wrong data for CertInfo ");
                } else {
                    SignerInfo signerInfo = content.getSignerInfo(cert);
                    if (signerInfo != null) {
                        Vector digestAndAlgFromSigner = getDigestAndAlgFromSigner(signerInfo);
                        if (digestAndAlgFromSigner == null || digestAndAlgFromSigner.elementAt(0) == null) {
                            m_logger.error("Signed messages has no \"MESSAGE_DIGEST\" attribute");
                            this.signatureVerificationPublicCertId = certInfo.getCertId();
                            return true;
                        }
                        this.m_lastVerifiedDigest = (byte[]) digestAndAlgFromSigner.elementAt(0);
                        this.m_lastDigestAlgorithm = (String) digestAndAlgFromSigner.elementAt(1);
                        this.signatureVerificationPublicCertId = certInfo.getCertId();
                        return true;
                    }
                }
            }
            return false;
        } catch (IOException e) {
            throw new BcgException(" The Signature is not a DER encoded Signature", null, null, null);
        } catch (Exception e2) {
            m_logger.debug("verifySigner failed", e2);
            return false;
        }
    }

    private Vector getSignatureVerificationCertInfos(String str) throws BcgException {
        Vector vector = new Vector();
        Vector signatureVerificationCertInfo = WBICSecurityManager.getInstance().getSignatureVerificationCertInfo(str);
        if (signatureVerificationCertInfo != null && signatureVerificationCertInfo.size() > 0) {
            vector.addAll(signatureVerificationCertInfo);
        }
        Vector vTPCertStore = WBICSecurityManager.getInstance().getVTPCertStore();
        if (vTPCertStore != null && vTPCertStore.size() > 0) {
            vector.addAll(vTPCertStore);
        }
        return vector;
    }

    private void addValidCertInfo(CertInfo certInfo, Vector vector) {
        if (certInfo == null || certInfo.getCert() == null) {
            return;
        }
        vector.add(certInfo);
    }

    private Vector getDigestAndAlgFromSigner(SignerInfo signerInfo) {
        byte[] bArr = (byte[]) null;
        String str = null;
        debug("Starting the Method getDigestAndAlgFromSigner");
        if (signerInfo == null) {
            debug("null signer");
            return null;
        }
        try {
            bArr = signerInfo.getMessageDigest();
            str = getDigestAlgorithmName(signerInfo.getDigestAlgorithm());
            debug(new StringBuffer("algoName  = ").append(str).toString());
            if (bArr == null) {
                debug("Please get the MessageDigest from Actual Content. Its not there in the SignerInfo object");
            }
        } catch (IOException e) {
            error("Got IOException ", e);
        } catch (Exception e2) {
            error("Got Exception ", e2);
        }
        Vector vector = new Vector();
        vector.add(bArr);
        vector.add(str);
        return vector;
    }

    public static String getDefaultDigestAlgorithm() {
        return m_def_digestAlgorithm;
    }

    public static int checkCertificateValidity(X509Certificate x509Certificate, boolean z) {
        int i = -1;
        try {
            debug("In the method checkCertificateValidity");
            if (!CertPathUtil.validateCertPathWithReset(x509Certificate, z)) {
                i = 6;
            }
        } catch (BcgException e) {
            error("Got exception ", e);
            if (e.getEventCode().equalsIgnoreCase(EventTextId.EVENT_CERT_PATH_NOT_BUILT)) {
                debug(" Got the exception due to the build path");
                i = 3;
            } else {
                i = e.getEventCode().equalsIgnoreCase(EventTextId.EVENT_CERT_NOT_YET_VALID) ? 4 : e.getEventCode().equalsIgnoreCase(EventTextId.EVENT_CERT_PATH_NOT_VALID) ? 5 : 2;
            }
        }
        return i;
    }

    public byte[] getLastSignedDigest() {
        return this.m_lastSignedDigest;
    }

    public int getSignatureVerificationId() {
        return this.signatureVerificationPublicCertId;
    }

    private static void debug(String str) {
        if (m_logger.isDebugEnabled()) {
            m_logger.debug(str);
        }
    }

    private static void error(String str, Throwable th) {
        m_logger.error(str);
        if (th != null) {
            th.printStackTrace();
        }
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable, com.ibm.bcg.server.Message] */
    private void logEvent(String str, String str2, String str3, Throwable th) {
        try {
            ?? message = new Message(str, DocumentState.DOC_IN_PROCESS, str2);
            Class<?> cls = class$0;
            if (cls == null) {
                try {
                    cls = Class.forName("com.ibm.bcg.util.PKCS7Util");
                    class$0 = cls;
                } catch (ClassNotFoundException unused) {
                    throw new NoClassDefFoundError(message.getMessage());
                }
            }
            message.setValue(MessageConst.SOURCECLASS, cls.getName());
            message.setValue(MessageConst.FAULTTYPE, "3");
            if (th != null) {
                message.setValue(MessageConst.STACKTRACE, DebugMgr.getStackTrace(th));
            }
            if (str3 != null) {
                message.setValue(MessageConst.ARGSTRING, str3);
            }
        } catch (Exception e) {
            m_logger.error(new StringBuffer("Exception:").append(e.getMessage()).toString(), e);
        }
    }

    public static void main(String[] strArr) throws Exception {
        new PKCS7Util().encryptBytesS("xyz".getBytes(), "22", 0, 0);
    }

    private String getDigestAlgorithmName(AlgorithmId algorithmId) {
        String objectIdentifier = algorithmId.getOID().toString();
        return objectIdentifier.equals(SHA1OID) ? "SHA1" : objectIdentifier.equals(SHAOID) ? "SHA" : algorithmId.getName();
    }
}
