package cn.unitid.easypki.pkcs7;

import a.a.h.a.b.a.q2.m;
import a.a.h.a.b.c.b;
import a.a.h.a.b.c.g1.f;
import a.a.h.a.b.c.h;
import a.a.h.a.b.c.i;
import a.a.h.a.b.c.k0;
import a.a.h.a.b.c.l;
import a.a.h.a.b.c.x0;
import a.a.h.a.b.h.n;
import cn.unitid.easypki.pkcs7.envelope.EPKeyTransEnvelopedRecipient;
import cn.unitid.easypki.pkcs7.envelope.EPKeyTransRecipientInfoGenerator;
import cn.unitid.easypki.pkcs7.envelope.IssuerAndSerialNumber;
import java.io.IOException;
import java.math.BigInteger;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class EnvelopedDataGenerator {
    private IssuerAndSerialNumber issuerAndSerialNumber;
    private X509Certificate recipient = null;
    private PrivateKey recipientPrivateKey;

    private byte[] envelopeOpenImpl(byte[] bArr, Object obj) throws l, IOException {
        EPKeyTransEnvelopedRecipient ePKeyTransEnvelopedRecipient = obj instanceof PrivateKey ? new EPKeyTransEnvelopedRecipient((PrivateKey) obj) : new EPKeyTransEnvelopedRecipient((n) obj);
        Iterator<x0> it = new i(bArr).a().d().iterator();
        if (!it.hasNext()) {
            return null;
        }
        x0 next = it.next();
        k0 k0Var = (k0) next.a();
        m mVar = new m(k0Var.a(), k0Var.c());
        this.issuerAndSerialNumber = new IssuerAndSerialNumber(mVar.getName(), mVar.h().m());
        return next.a(ePKeyTransEnvelopedRecipient);
    }

    public byte[] envelopeOpen(byte[] bArr) throws l, IOException {
        if (this.recipient == null) {
            throw new RuntimeException("接收者的公钥证书不能为空");
        }
        if (this.recipientPrivateKey == null) {
            throw new RuntimeException("接收者的私钥未初始化，不能为空");
        }
        byte[] bArr2 = null;
        Iterator<x0> it = new i(bArr).a().d().iterator();
        boolean z = false;
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            x0 next = it.next();
            k0 k0Var = (k0) next.a();
            m mVar = new m(k0Var.a(), k0Var.c());
            BigInteger serialNumber = this.recipient.getSerialNumber();
            BigInteger m = mVar.h().m();
            X500Principal x500Principal = new X500Principal(mVar.getName().getEncoded());
            X500Principal issuerX500Principal = this.recipient.getIssuerX500Principal();
            if (serialNumber.equals(m) && x500Principal.equals(issuerX500Principal)) {
                z = true;
                this.issuerAndSerialNumber = new IssuerAndSerialNumber(mVar.getName(), mVar.h().m());
                bArr2 = next.a(new EPKeyTransEnvelopedRecipient(this.recipientPrivateKey));
                break;
            }
        }
        if (z) {
            return bArr2;
        }
        throw new l("接收者证书与数字信封不匹配，无法解包数字信封");
    }

    public byte[] envelopeOpen(byte[] bArr, n nVar) throws l, IOException {
        return envelopeOpenImpl(bArr, nVar);
    }

    public byte[] envelopeSeal(byte[] bArr) throws IOException, l, CertificateEncodingException {
        X509Certificate x509Certificate = this.recipient;
        if (x509Certificate != null) {
            return envelopeSeal(bArr, x509Certificate);
        }
        throw new RuntimeException("接收者的公钥证书不能为空");
    }

    public byte[] envelopeSeal(byte[] bArr, X509Certificate x509Certificate) throws IOException, l, CertificateEncodingException {
        this.recipient = x509Certificate;
        a.a.h.a.b.c.n nVar = new a.a.h.a.b.c.n(bArr);
        h hVar = new h();
        hVar.a(new EPKeyTransRecipientInfoGenerator(this.recipient));
        return hVar.a(nVar, new f(b.f627e).a()).getEncoded();
    }

    public IssuerAndSerialNumber getIssuer() {
        return this.issuerAndSerialNumber;
    }

    public void initRecipient(X509Certificate x509Certificate) {
        this.recipient = x509Certificate;
    }

    public void initRecipient(X509Certificate x509Certificate, PrivateKey privateKey) {
        this.recipient = x509Certificate;
        this.recipientPrivateKey = privateKey;
    }
}
