package com.timevale.esign.paas.tech.util;

import com.timevale.o;
import com.timevale.tgpdfsign.e.h;
import com.timevale.tgtext.bouncycastle.cert.X509CertificateHolder;
import com.timevale.tgtext.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import com.timevale.tgtext.bouncycastle.cms.CMSSignedData;
import com.timevale.tgtext.bouncycastle.cms.SignerInformation;
import com.timevale.tgtext.bouncycastle.jce.provider.BouncyCastleProvider;
import com.timevale.tgtext.bouncycastle.util.CollectionStore;
import com.timevale.timestamp.utils.d;
import java.io.ByteArrayInputStream;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:com/timevale/esign/paas/tech/util/SignatureVerifyUtils.class */
public final class SignatureVerifyUtils {
    public static Map<String, String> SIGNATURE_ALGO_PROVIDER_MAP;
    private static final String SIGNATURE_ALGO_SPLIT_PATTERN = "with";
    private static final String SIGNATURE_ALGO_SPLIT_PATTERN_CAPTIAL = "With";
    private static final String SIGNATURE_SM3_WITH_SM2_ALGO = "SM3withSM2";
    private static final String SIGNATURE_SHA256_WITH_RSA_ALGO = "SHA256WithRSA";
    static final /* synthetic */ boolean $assertionsDisabled;

    public static boolean verify(String str, String str2, byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        byte[] calculateHash = calculateHash(str, str2.contains(SIGNATURE_ALGO_SPLIT_PATTERN) ? str2.split(SIGNATURE_ALGO_SPLIT_PATTERN)[0] : str2.split(SIGNATURE_ALGO_SPLIT_PATTERN_CAPTIAL)[0]);
        Certificate certificate = null;
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr2);
        while (byteArrayInputStream.available() > 0) {
            certificate = certificateFactory.generateCertificate(byteArrayInputStream);
        }
        if (certificate == null) {
            throw new RuntimeException("证书信息失败");
        }
        Signature signature = Signature.getInstance(str2, SIGNATURE_ALGO_PROVIDER_MAP.get(str2));
        signature.initVerify("SM3withSM2".equals(str2) ? h.getPublicKeyByCert((X509Certificate) certificate) : certificate.getPublicKey());
        signature.update(calculateHash);
        return signature.verify(bArr) & d.n(bArr, bArr3);
    }

    public static boolean verify(String str, byte[] bArr) throws Exception {
        byte[] bArr2 = null;
        String str2 = null;
        CMSSignedData cMSSignedData = new CMSSignedData(new ByteArrayInputStream(bArr));
        for (SignerInformation signerInformation : cMSSignedData.getSignerInfos().getSigners()) {
            bArr2 = signerInformation.getSignature();
            str2 = StringUtils.equals("1.2.156.10197.1.401", signerInformation.getDigestAlgOID()) ? "SM3withSM2" : SIGNATURE_SHA256_WITH_RSA_ALGO;
        }
        Certificate generateCertificate = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME).generateCertificate(new ByteArrayInputStream(new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider()).getCertificate((X509CertificateHolder) ((CollectionStore) cMSSignedData.getCertificates()).iterator().next()).getEncoded()));
        if (!$assertionsDisabled && str2 == null) {
            throw new AssertionError();
        }
        byte[] calculateHash = calculateHash(str, str2.contains(SIGNATURE_ALGO_SPLIT_PATTERN) ? str2.split(SIGNATURE_ALGO_SPLIT_PATTERN)[0] : str2.split(SIGNATURE_ALGO_SPLIT_PATTERN_CAPTIAL)[0]);
        Signature signature = Signature.getInstance(str2, SIGNATURE_ALGO_PROVIDER_MAP.get(str2));
        signature.initVerify("SM3withSM2".equals(str2) ? h.getPublicKeyByCert((X509Certificate) generateCertificate) : generateCertificate.getPublicKey());
        signature.update(calculateHash);
        return signature.verify(bArr2);
    }

    private static byte[] calculateHash(String str, String str2) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        MessageDigest messageDigest = MessageDigest.getInstance(str2);
        byte[] bytes = str.getBytes("utf-8");
        messageDigest.update(bytes, 0, bytes.length);
        return messageDigest.digest();
    }

    static {
        $assertionsDisabled = !SignatureVerifyUtils.class.desiredAssertionStatus();
        SIGNATURE_ALGO_PROVIDER_MAP = null;
        HashMap hashMap = new HashMap();
        hashMap.put("SM3withSM2", "SM");
        hashMap.put(SIGNATURE_SHA256_WITH_RSA_ALGO, BouncyCastleProvider.PROVIDER_NAME);
        SIGNATURE_ALGO_PROVIDER_MAP = Collections.unmodifiableMap(hashMap);
        Security.addProvider(new BouncyCastleProvider());
        Security.addProvider(new o());
    }
}
