package org.monet.encrypt;

import es.mityc.firmaJava.libreria.ConstantesXADES;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.cms.SignedData;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:org/monet/encrypt/CertificateVerifier.class */
public class CertificateVerifier {

    /* loaded from: input_file:org/monet/encrypt/CertificateVerifier$TYPE_PKCS.class */
    public enum TYPE_PKCS {
        PKCS7,
        PKCS12;

        /* renamed from: values, reason: to resolve conflict with enum method */
        public static TYPE_PKCS[] valuesCustom() {
            TYPE_PKCS[] valuesCustom = values();
            int length = valuesCustom.length;
            TYPE_PKCS[] type_pkcsArr = new TYPE_PKCS[length];
            System.arraycopy(valuesCustom, 0, type_pkcsArr, 0, length);
            return type_pkcsArr;
        }
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    public static String getOriginalContentFromSignature(byte[] bArr) throws Exception {
        return new String((byte[]) new CMSSignedData(bArr).getSignedContent().getContent());
    }

    public static X509Certificate getCertificateFromBytes(byte[] bArr) throws Exception {
        return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
    }

    public static X509Certificate getCertificateFromSignature(byte[] bArr) throws Exception {
        CMSSignedData cMSSignedData = new CMSSignedData(bArr);
        CertStore certificatesAndCRLs = cMSSignedData.getCertificatesAndCRLs(ConstantesXADES.COLLECTION, "BC");
        for (SignerInformation signerInformation : cMSSignedData.getSignerInfos().getSigners()) {
            Collection<? extends Certificate> certificates = certificatesAndCRLs.getCertificates(signerInformation.getSID());
            if (!certificates.isEmpty()) {
                X509Certificate x509Certificate = (X509Certificate) certificates.iterator().next();
                if (signerInformation.verify(x509Certificate.getPublicKey(), "BC")) {
                    return x509Certificate;
                }
            }
        }
        return null;
    }

    public static CertPath getCertificatePathFromSignature(byte[] bArr) {
        CertPath certPath = null;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            Enumeration objects = SignedData.getInstance(ContentInfo.getInstance(new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject()).getContent()).getCertificates().getObjects();
            ArrayList arrayList = new ArrayList();
            while (objects.hasMoreElements()) {
                arrayList.add(certificateFactory.generateCertificate(new ByteArrayInputStream(((DERObject) objects.nextElement()).getDEREncoded())));
            }
            certPath = certificateFactory.generateCertPath(arrayList);
            return certPath;
        } catch (Exception e) {
            e.printStackTrace();
            return certPath;
        }
    }

    public static boolean checkRootCertificate(byte[] bArr, String str, TYPE_PKCS type_pkcs, String str2, String str3) {
        KeyStore keyStore;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            Enumeration objects = SignedData.getInstance(ContentInfo.getInstance(new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject()).getContent()).getCertificates().getObjects();
            ArrayList arrayList = new ArrayList();
            while (objects.hasMoreElements()) {
                arrayList.add(certificateFactory.generateCertificate(new ByteArrayInputStream(((DERObject) objects.nextElement()).getDEREncoded())));
            }
            CertPath generateCertPath = certificateFactory.generateCertPath(arrayList);
            if (type_pkcs == TYPE_PKCS.PKCS7) {
                Collection<? extends Certificate> generateCertificates = certificateFactory.generateCertificates(new FileInputStream(str));
                keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null, null);
                Iterator<? extends Certificate> it = generateCertificates.iterator();
                while (it.hasNext()) {
                    X509Certificate x509Certificate = (X509Certificate) it.next();
                    keyStore.setCertificateEntry(x509Certificate.getSerialNumber().toString(36), x509Certificate);
                }
            } else {
                keyStore = KeyStore.getInstance(ConstantesXADES.PKCS12);
                keyStore.load(new FileInputStream(str), null);
            }
            PKIXParameters pKIXParameters = new PKIXParameters(keyStore);
            pKIXParameters.setRevocationEnabled(false);
            CertPathValidator.getInstance("PKIX").validate(generateCertPath, pKIXParameters);
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }
}
