package org.bjca.jce;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.CRL;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bjca.asn1.ASN1InputStream;
import org.bjca.asn1.ASN1Sequence;
import org.bjca.asn1.DERConstructedSequence;
import org.bjca.asn1.DERConstructedSet;
import org.bjca.asn1.DERInputStream;
import org.bjca.asn1.DERInteger;
import org.bjca.asn1.DERObject;
import org.bjca.asn1.DERObjectIdentifier;
import org.bjca.asn1.DEROctetString;
import org.bjca.asn1.DEROctetString_;
import org.bjca.asn1.DEROutputStream;
import org.bjca.asn1.DERSet;
import org.bjca.asn1.DERTaggedObject;
import org.bjca.asn1.pkcs.PKCSObjectIdentifiers;
import org.bjca.asn1.x509.AlgorithmIdentifier;
import org.bjca.asn1.x509.X509Name;
import org.bjca.jce.exception.AlgorithmNotFoundException;
import org.bjca.jce.exception.CertificateNotMatchException;
import org.bjca.jce.exception.DecryptDataException;
import org.bjca.jce.exception.DecryptKeyException;
import org.bjca.jce.exception.EncryptAlgException;
import org.bjca.jce.exception.EncryptDataException;
import org.bjca.jce.exception.EncryptKeyException;
import org.bjca.jce.fastparser.DerUtil;
import org.bjca.jce.fastparser.EncryptedContentInfo;
import org.bjca.jce.fastparser.FastPkcs7;
import org.bjca.jce.fastparser.IssuerAndSerialNumber;
import org.bjca.jce.fastparser.Item;
import org.bjca.jce.fastparser.RecipientInfo;
import org.bjca.jce.fastparser.SignedAndEnvelopedData;
import org.bjca.jce.fastparser.SignerInfo;
import org.bjca.jce.interfaces.P11Interface;
import org.bjca.sm4soft.util.ByteUtil;

/* loaded from: classes.dex */
public class PKCS7SignedAndEnvelopedData implements PKCSObjectIdentifiers {
    private static final String ID_SHA1 = "1.3.14.3.2.26";
    private static final int IV_LENGTH = 8;
    private static final String OID_ENCRYPTCONTENT = "1.2.840.113549.1.7.1";
    private Collection certs;
    private Collection crls;
    private Set digestalgos;
    private FastPkcs7 fxPKCS7;
    private X509Certificate signCert;
    private final String OID_RSA_ECB_PKCS1PADDING = "1.2.840.113549.1.1.1";
    private final String ID_PKCS7_SIGNED_AND_ENVELOPE_DATA = "1.2.840.113549.1.7.4";

    public PKCS7SignedAndEnvelopedData() {
        this.fxPKCS7 = null;
        this.fxPKCS7 = new FastPkcs7();
    }

    private static String getAlgorithmFromAllName(String str) {
        return str.substring(0, str.indexOf("/"));
    }

    private static AlgorithmIdentifier getAlgorithmIdentifier_bjca(int i) {
        String str;
        DEROctetString dEROctetString = null;
        boolean z = false;
        if (i == 10) {
            str = "1.2.840.113549.3.4";
        } else if (i == 13) {
            str = "1.2.840.113549.3.2";
            z = true;
        } else if (i == 12) {
            str = "1.2.840.113549.3.7";
            z = true;
        } else if (i == 11) {
            str = "1.3.14.3.2.7";
            z = true;
        } else if (i == 14) {
            str = "2.16.840.1.101.3.4.2";
            z = true;
        } else {
            str = null;
        }
        if (z) {
            byte[] bArr = new byte[8];
            new SecureRandom().nextBytes(bArr);
            dEROctetString = new DEROctetString(bArr);
        }
        DERConstructedSequence dERConstructedSequence = new DERConstructedSequence();
        dERConstructedSequence.addObject(dEROctetString);
        return new AlgorithmIdentifier(new DERObjectIdentifier(str), dERConstructedSequence);
    }

    private static String getAlgorithmNameByOid(String str) {
        String trim = str.trim();
        if (trim.equals("1.2.840.113549.3.7")) {
            return JceProperties.BCA_DESede;
        }
        if (trim.equals("1.3.14.3.2.7")) {
            return "DES/CBC/PKCS5Padding";
        }
        if (trim.equals("1.3.14.3.2.26")) {
            return "SHA1";
        }
        if (trim.equals("1.2.840.113549.1.1.1")) {
            return JceProperties.BCA_RSA;
        }
        throw new AlgorithmNotFoundException("暂时不支持此种算法 oid: " + trim);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public byte[] decrypt(byte[] bArr, Certificate certificate, PrivateKey privateKey) {
        String str;
        IvParameterSpec ivParameterSpec;
        if (!this.fxPKCS7.pkcs7Data(bArr)) {
            throw new SecurityException("can't decode PKCS7EnvlopedData object");
        }
        SignedAndEnvelopedData signedAndEnvelopedData = this.fxPKCS7.getSignedAndEnvelopedData();
        RecipientInfo recipientInfo = (RecipientInfo) signedAndEnvelopedData.getRecipientInfo().get(0);
        IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(bArr, recipientInfo.getIssuerAndSerialNumber());
        Item issuer = issuerAndSerialNumber.getIssuer();
        byte[] bArr2 = new byte[issuer.length];
        ASN1InputStream aSN1InputStream = new ASN1InputStream(DerUtil.getItemDataAndTag(bArr, issuer));
        try {
            new X509Name(ASN1Sequence.getInstance(aSN1InputStream.readObject())).toString();
            aSN1InputStream.close();
        } catch (Exception e) {
            e.printStackTrace();
        }
        String bigInteger = issuerAndSerialNumber.getSerialNumber().getSerialNumber().toString(16);
        ((X509Certificate) certificate).getIssuerDN().toString();
        if (!((X509Certificate) certificate).getSerialNumber().toString(16).equals(bigInteger)) {
            throw new CertificateNotMatchException("Certification is not match");
        }
        byte[] encKey = recipientInfo.getEncKey();
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, privateKey);
            byte[] doFinal = cipher.doFinal(encKey);
            EncryptedContentInfo encryptedContentInfo = signedAndEnvelopedData.getEncryptedContentInfo();
            Item contentEncryptionAlgorithm = encryptedContentInfo.getContentEncryptionAlgorithm();
            byte[] bArr3 = new byte[contentEncryptionAlgorithm.length];
            System.arraycopy(bArr, contentEncryptionAlgorithm.offset, bArr3, 0, bArr3.length);
            try {
                str = getAlgorithmNameByOid(AlgorithmIdentifier.getInstance(new ASN1InputStream(bArr3).readObject()).getObjectId().getId());
            } catch (Exception e2) {
                e2.printStackTrace();
                str = ByteUtil.delimiter;
            }
            byte[] itemDataAndTag = DerUtil.getItemDataAndTag(bArr, encryptedContentInfo.getIvParameter());
            if (itemDataAndTag.length == 0 || (itemDataAndTag[2] == 5 && itemDataAndTag[3] == 0)) {
                ivParameterSpec = null;
            } else {
                byte[] bArr4 = new byte[itemDataAndTag[3]];
                System.arraycopy(itemDataAndTag, 4, bArr4, 0, bArr4.length);
                ivParameterSpec = new IvParameterSpec(bArr4);
            }
            Item encryptedContent = encryptedContentInfo.getEncryptedContent();
            byte[] bArr5 = new byte[encryptedContent.length];
            System.arraycopy(bArr, encryptedContent.offset, bArr5, 0, bArr5.length);
            try {
                Cipher cipher2 = Cipher.getInstance(str);
                cipher2.init(2, new SecretKeySpec(doFinal, getAlgorithmFromAllName(str)), ivParameterSpec);
                byte[] doFinal2 = cipher2.doFinal(bArr5);
                MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
                messageDigest.update(doFinal2);
                messageDigest.digest();
                Item certificates = signedAndEnvelopedData.getCertificates();
                ArrayList arrayList = new ArrayList();
                DerUtil.parseSequence(bArr, certificates, arrayList);
                Item item = (Item) arrayList.get(0);
                byte[] bArr6 = new byte[item.length];
                System.arraycopy(bArr, item.offset, bArr6, 0, item.length);
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr6));
                x509Certificate.getIssuerDN().getName();
                String bigInteger2 = x509Certificate.getSerialNumber().toString(16);
                signedAndEnvelopedData.getCrls();
                Item signerInfos = signedAndEnvelopedData.getSignerInfos();
                SignerInfo signerInfo = new SignerInfo(bArr, signerInfos.offset, signerInfos.length);
                IssuerAndSerialNumber issuerAndSerialNumber2 = new IssuerAndSerialNumber(bArr, signerInfo.getIssuerAndSerialNumber());
                Item issuer2 = issuerAndSerialNumber2.getIssuer();
                byte[] bArr7 = new byte[issuer2.length];
                ASN1InputStream aSN1InputStream2 = new ASN1InputStream(DerUtil.getItemDataAndTag(bArr, issuer2));
                try {
                    new X509Name(ASN1Sequence.getInstance(aSN1InputStream2.readObject())).toString();
                    aSN1InputStream2.close();
                } catch (Exception e3) {
                    e3.printStackTrace();
                }
                if (!issuerAndSerialNumber2.getSerialNumber().getSerialNumber().toString(16).equals(bigInteger2)) {
                    throw new CertificateNotMatchException("signer's Certificate is not match");
                }
                Item digestAlgorithm = signerInfo.getDigestAlgorithm();
                String dERObjectIdentifier = DerUtil.toDERObjectIdentifier(bArr, digestAlgorithm.offset, digestAlgorithm.length);
                Item digestEncryptionAlgorithm = signerInfo.getDigestEncryptionAlgorithm();
                String dERObjectIdentifier2 = DerUtil.toDERObjectIdentifier(bArr, digestEncryptionAlgorithm.offset, digestEncryptionAlgorithm.length);
                Item encryptedDigest = signerInfo.getEncryptedDigest();
                byte[] bArr8 = new byte[encryptedDigest.length];
                System.arraycopy(bArr, encryptedDigest.offset, bArr8, 0, encryptedDigest.length);
                if ("SHA1".equals(getAlgorithmNameByOid(dERObjectIdentifier)) && JceProperties.BCA_RSA.equals(getAlgorithmNameByOid(dERObjectIdentifier2))) {
                    Signature signature = Signature.getInstance("SHA1withRSA");
                    signature.initVerify(x509Certificate);
                    signature.update(doFinal2);
                    if (!signature.verify(bArr8)) {
                        throw new Exception("signer's Certificate is not right !");
                    }
                }
                return doFinal2;
            } catch (Exception e4) {
                e4.printStackTrace();
                throw new DecryptDataException(e4.getMessage());
            }
        } catch (Exception e5) {
            throw new DecryptKeyException(e5.getMessage());
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public byte[] decrypt(byte[] bArr, Certificate certificate, P11Interface p11Interface, String str, String str2) {
        String str3;
        IvParameterSpec ivParameterSpec;
        if (!this.fxPKCS7.pkcs7Data(bArr)) {
            throw new SecurityException("can't decode PKCS7EnvlopedData object");
        }
        SignedAndEnvelopedData signedAndEnvelopedData = this.fxPKCS7.getSignedAndEnvelopedData();
        RecipientInfo recipientInfo = (RecipientInfo) signedAndEnvelopedData.getRecipientInfo().get(0);
        IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(bArr, recipientInfo.getIssuerAndSerialNumber());
        Item issuer = issuerAndSerialNumber.getIssuer();
        byte[] bArr2 = new byte[issuer.length];
        ASN1InputStream aSN1InputStream = new ASN1InputStream(DerUtil.getItemDataAndTag(bArr, issuer));
        try {
            new X509Name(ASN1Sequence.getInstance(aSN1InputStream.readObject())).toString();
            aSN1InputStream.close();
        } catch (Exception e) {
            e.printStackTrace();
        }
        String bigInteger = issuerAndSerialNumber.getSerialNumber().getSerialNumber().toString(16);
        ((X509Certificate) certificate).getIssuerDN().toString();
        if (!((X509Certificate) certificate).getSerialNumber().toString(16).equals(bigInteger)) {
            throw new CertificateNotMatchException("Certification is not match");
        }
        byte[] encKey = recipientInfo.getEncKey();
        byte[] priKeyDecryptByRsa = p11Interface.priKeyDecryptByRsa(str2, Integer.parseInt(str), encKey);
        EncryptedContentInfo encryptedContentInfo = signedAndEnvelopedData.getEncryptedContentInfo();
        Item contentEncryptionAlgorithm = encryptedContentInfo.getContentEncryptionAlgorithm();
        byte[] bArr3 = new byte[contentEncryptionAlgorithm.length];
        System.arraycopy(bArr, contentEncryptionAlgorithm.offset, bArr3, 0, bArr3.length);
        try {
            str3 = getAlgorithmNameByOid(AlgorithmIdentifier.getInstance(new ASN1InputStream(bArr3).readObject()).getObjectId().getId());
        } catch (Exception e2) {
            e2.printStackTrace();
            str3 = ByteUtil.delimiter;
        }
        byte[] itemDataAndTag = DerUtil.getItemDataAndTag(bArr, encryptedContentInfo.getIvParameter());
        if (itemDataAndTag.length == 0 || (itemDataAndTag[2] == 5 && itemDataAndTag[3] == 0)) {
            ivParameterSpec = null;
        } else {
            byte[] bArr4 = new byte[itemDataAndTag[3]];
            System.arraycopy(itemDataAndTag, 4, bArr4, 0, bArr4.length);
            ivParameterSpec = new IvParameterSpec(bArr4);
        }
        Item encryptedContent = encryptedContentInfo.getEncryptedContent();
        byte[] bArr5 = new byte[encryptedContent.length];
        System.arraycopy(bArr, encryptedContent.offset, bArr5, 0, bArr5.length);
        try {
            Cipher cipher = Cipher.getInstance(str3);
            cipher.init(2, new SecretKeySpec(priKeyDecryptByRsa, getAlgorithmFromAllName(str3)), ivParameterSpec);
            byte[] doFinal = cipher.doFinal(bArr5);
            MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
            messageDigest.update(doFinal);
            messageDigest.digest();
            Item certificates = signedAndEnvelopedData.getCertificates();
            ArrayList arrayList = new ArrayList();
            DerUtil.parseSequence(bArr, certificates, arrayList);
            Item item = (Item) arrayList.get(0);
            byte[] bArr6 = new byte[item.length];
            System.arraycopy(bArr, item.offset, bArr6, 0, item.length);
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr6));
            x509Certificate.getIssuerDN().getName();
            String bigInteger2 = x509Certificate.getSerialNumber().toString(16);
            signedAndEnvelopedData.getCrls();
            Item signerInfos = signedAndEnvelopedData.getSignerInfos();
            SignerInfo signerInfo = new SignerInfo(bArr, signerInfos.offset, signerInfos.length);
            IssuerAndSerialNumber issuerAndSerialNumber2 = new IssuerAndSerialNumber(bArr, signerInfo.getIssuerAndSerialNumber());
            Item issuer2 = issuerAndSerialNumber2.getIssuer();
            byte[] bArr7 = new byte[issuer2.length];
            ASN1InputStream aSN1InputStream2 = new ASN1InputStream(DerUtil.getItemDataAndTag(bArr, issuer2));
            try {
                new X509Name(ASN1Sequence.getInstance(aSN1InputStream2.readObject())).toString();
                aSN1InputStream2.close();
            } catch (Exception e3) {
                e3.printStackTrace();
            }
            if (!issuerAndSerialNumber2.getSerialNumber().getSerialNumber().toString(16).equals(bigInteger2)) {
                throw new CertificateNotMatchException("signer's Certificate is not match");
            }
            Item digestAlgorithm = signerInfo.getDigestAlgorithm();
            String dERObjectIdentifier = DerUtil.toDERObjectIdentifier(bArr, digestAlgorithm.offset, digestAlgorithm.length);
            Item digestEncryptionAlgorithm = signerInfo.getDigestEncryptionAlgorithm();
            String dERObjectIdentifier2 = DerUtil.toDERObjectIdentifier(bArr, digestEncryptionAlgorithm.offset, digestEncryptionAlgorithm.length);
            Item encryptedDigest = signerInfo.getEncryptedDigest();
            byte[] bArr8 = new byte[encryptedDigest.length];
            System.arraycopy(bArr, encryptedDigest.offset, bArr8, 0, encryptedDigest.length);
            if ("SHA1".equals(getAlgorithmNameByOid(dERObjectIdentifier)) && JceProperties.BCA_RSA.equals(getAlgorithmNameByOid(dERObjectIdentifier2))) {
                Signature signature = Signature.getInstance("SHA1withRSA");
                signature.initVerify(x509Certificate);
                signature.update(doFinal);
                if (!signature.verify(bArr8)) {
                    throw new Exception("signer's Certificate is not right !");
                }
            }
            return doFinal;
        } catch (Exception e4) {
            e4.printStackTrace();
            throw new DecryptDataException(e4.getMessage());
        }
    }

    public byte[] encrypt(PrivateKey privateKey, Certificate[] certificateArr, CRL[] crlArr, byte[] bArr, Certificate certificate, PublicKey publicKey) {
        try {
            DERInteger dERInteger = new DERInteger(1);
            DERInteger dERInteger2 = new DERInteger(0);
            org.bjca.asn1.pkcs.IssuerAndSerialNumber issuerAndSerialNumber = new org.bjca.asn1.pkcs.IssuerAndSerialNumber(new X509Name(((X509Certificate) certificate).getIssuerDN().toString()), new DERInteger(((X509Certificate) certificate).getSerialNumber()));
            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(new DERObjectIdentifier("1.2.840.113549.1.1.1"), null);
            try {
                SecretKey generateKey = KeyGenerator.getInstance("DESede").generateKey();
                byte[] encoded = generateKey.getEncoded();
                try {
                    Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                    cipher.init(1, publicKey);
                    DEROctetString dEROctetString = new DEROctetString(cipher.doFinal(encoded));
                    DERConstructedSequence dERConstructedSequence = new DERConstructedSequence();
                    dERConstructedSequence.addObject(dERInteger2);
                    dERConstructedSequence.addObject(issuerAndSerialNumber);
                    dERConstructedSequence.addObject(algorithmIdentifier);
                    dERConstructedSequence.addObject(dEROctetString);
                    DERSet dERSet = new DERSet(dERConstructedSequence);
                    Signature signature = Signature.getInstance("SHA1withRSA");
                    signature.initSign(privateKey);
                    signature.update(bArr);
                    byte[] sign = signature.sign();
                    AlgorithmIdentifier algorithmIdentifier_bjca = getAlgorithmIdentifier_bjca(12);
                    DERObject dERObject = (DERObject) algorithmIdentifier_bjca.getParameters();
                    IvParameterSpec ivParameterSpec = dERObject != null ? new IvParameterSpec(((DEROctetString) ((DERConstructedSequence) dERObject).getObjectAt(0)).getOctets()) : null;
                    try {
                        Cipher cipher2 = Cipher.getInstance(JceProperties.BCA_DESede);
                        cipher2.init(1, generateKey, ivParameterSpec);
                        cipher2.doFinal(sign);
                        DERConstructedSet dERConstructedSet = new DERConstructedSet();
                        DERConstructedSequence dERConstructedSequence2 = new DERConstructedSequence();
                        dERConstructedSequence2.addObject(new DERInteger(1));
                        this.signCert = (X509Certificate) certificateArr[0];
                        ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(this.signCert.getIssuerX500Principal().getEncoded()).readObject();
                        this.signCert = (X509Certificate) certificateArr[0];
                        dERConstructedSequence2.addObject(new org.bjca.asn1.pkcs.IssuerAndSerialNumber(new X509Name(aSN1Sequence), new DERInteger(this.signCert.getSerialNumber())));
                        dERConstructedSequence2.addObject(new AlgorithmIdentifier(new DERObjectIdentifier("1.3.14.3.2.26"), null));
                        dERConstructedSequence2.addObject(new AlgorithmIdentifier(new DERObjectIdentifier("1.2.840.113549.1.1.1"), null));
                        dERConstructedSequence2.addObject(new DEROctetString(sign));
                        dERConstructedSet.addObject(dERConstructedSequence2);
                        try {
                            Cipher cipher3 = Cipher.getInstance(JceProperties.BCA_DESede);
                            cipher3.init(1, generateKey, ivParameterSpec);
                            byte[] doFinal = cipher3.doFinal(bArr);
                            DERConstructedSequence dERConstructedSequence3 = new DERConstructedSequence();
                            DERObjectIdentifier dERObjectIdentifier = new DERObjectIdentifier("1.2.840.113549.1.7.1");
                            DEROctetString_ dEROctetString_ = new DEROctetString_(doFinal);
                            dERConstructedSequence3.addObject(dERObjectIdentifier);
                            dERConstructedSequence3.addObject(algorithmIdentifier_bjca);
                            dERConstructedSequence3.addObject(dEROctetString_);
                            DERConstructedSequence dERConstructedSequence4 = new DERConstructedSequence();
                            this.digestalgos = new HashSet();
                            this.digestalgos.add("1.3.14.3.2.26");
                            DERConstructedSet dERConstructedSet2 = new DERConstructedSet();
                            Iterator it = this.digestalgos.iterator();
                            while (it.hasNext()) {
                                dERConstructedSet2.addObject(new AlgorithmIdentifier(new DERObjectIdentifier((String) it.next()), null));
                            }
                            dERConstructedSequence4.addObject(dERInteger);
                            dERConstructedSequence4.addObject(dERSet);
                            dERConstructedSequence4.addObject(dERConstructedSet2);
                            dERConstructedSequence4.addObject(dERConstructedSequence3);
                            this.certs = new ArrayList();
                            this.crls = new ArrayList();
                            this.signCert = (X509Certificate) certificateArr[0];
                            for (Certificate certificate2 : certificateArr) {
                                this.certs.add(certificate2);
                            }
                            DERConstructedSet dERConstructedSet3 = new DERConstructedSet();
                            Iterator it2 = this.certs.iterator();
                            while (it2.hasNext()) {
                                dERConstructedSet3.addObject(new DERInputStream(new ByteArrayInputStream(((X509Certificate) it2.next()).getEncoded())).readObject());
                            }
                            dERConstructedSequence4.addObject(new DERTaggedObject(false, 0, dERConstructedSet3));
                            if (crlArr != null) {
                                for (CRL crl : crlArr) {
                                    this.crls.add(crl);
                                }
                            }
                            dERConstructedSequence4.addObject(dERConstructedSet);
                            DERConstructedSequence dERConstructedSequence5 = new DERConstructedSequence();
                            dERConstructedSequence5.addObject(new DERObjectIdentifier("1.2.840.113549.1.7.4"));
                            dERConstructedSequence5.addObject(new DERTaggedObject(0, dERConstructedSequence4));
                            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                            DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
                            dEROutputStream.writeObject(dERConstructedSequence5);
                            dEROutputStream.close();
                            return byteArrayOutputStream.toByteArray();
                        } catch (Exception e) {
                            throw new EncryptDataException("encrypt data error");
                        }
                    } catch (Exception e2) {
                        throw new EncryptDataException("encrypt data error");
                    }
                } catch (Exception e3) {
                    throw new EncryptKeyException("enc key exception");
                }
            } catch (NoSuchAlgorithmException e4) {
                throw new EncryptAlgException("AlgException");
            }
        } catch (Exception e5) {
            e5.printStackTrace();
            throw new RuntimeException(e5.toString());
        }
    }

    public byte[] encrypt(P11Interface p11Interface, String str, String str2, Certificate[] certificateArr, CRL[] crlArr, byte[] bArr, Certificate certificate, PublicKey publicKey) {
        DERInteger dERInteger = new DERInteger(1);
        DERInteger dERInteger2 = new DERInteger(0);
        org.bjca.asn1.pkcs.IssuerAndSerialNumber issuerAndSerialNumber = new org.bjca.asn1.pkcs.IssuerAndSerialNumber(new X509Name(((X509Certificate) certificate).getIssuerDN().toString()), new DERInteger(((X509Certificate) certificate).getSerialNumber()));
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(new DERObjectIdentifier("1.2.840.113549.1.1.1"), null);
        try {
            SecretKey generateKey = KeyGenerator.getInstance("DESede").generateKey();
            byte[] encoded = generateKey.getEncoded();
            try {
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(1, publicKey);
                DEROctetString dEROctetString = new DEROctetString(cipher.doFinal(encoded));
                DERConstructedSequence dERConstructedSequence = new DERConstructedSequence();
                dERConstructedSequence.addObject(dERInteger2);
                dERConstructedSequence.addObject(issuerAndSerialNumber);
                dERConstructedSequence.addObject(algorithmIdentifier);
                dERConstructedSequence.addObject(dEROctetString);
                DERSet dERSet = new DERSet(dERConstructedSequence);
                byte[] signByRsaSha1 = p11Interface.signByRsaSha1(bArr, str2, Integer.parseInt(str));
                AlgorithmIdentifier algorithmIdentifier_bjca = getAlgorithmIdentifier_bjca(12);
                DERObject dERObject = (DERObject) algorithmIdentifier_bjca.getParameters();
                IvParameterSpec ivParameterSpec = dERObject != null ? new IvParameterSpec(((DEROctetString) ((DERConstructedSequence) dERObject).getObjectAt(0)).getOctets()) : null;
                try {
                    Cipher cipher2 = Cipher.getInstance(JceProperties.BCA_DESede);
                    cipher2.init(1, generateKey, ivParameterSpec);
                    cipher2.doFinal(signByRsaSha1);
                    DERConstructedSet dERConstructedSet = new DERConstructedSet();
                    DERConstructedSequence dERConstructedSequence2 = new DERConstructedSequence();
                    dERConstructedSequence2.addObject(new DERInteger(1));
                    this.signCert = (X509Certificate) certificateArr[0];
                    ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(this.signCert.getIssuerX500Principal().getEncoded()).readObject();
                    this.signCert = (X509Certificate) certificateArr[0];
                    dERConstructedSequence2.addObject(new org.bjca.asn1.pkcs.IssuerAndSerialNumber(new X509Name(aSN1Sequence), new DERInteger(this.signCert.getSerialNumber())));
                    dERConstructedSequence2.addObject(new AlgorithmIdentifier(new DERObjectIdentifier("1.3.14.3.2.26"), null));
                    dERConstructedSequence2.addObject(new AlgorithmIdentifier(new DERObjectIdentifier("1.2.840.113549.1.1.1"), null));
                    dERConstructedSequence2.addObject(new DEROctetString(signByRsaSha1));
                    dERConstructedSet.addObject(dERConstructedSequence2);
                    try {
                        Cipher cipher3 = Cipher.getInstance(JceProperties.BCA_DESede);
                        cipher3.init(1, generateKey, ivParameterSpec);
                        byte[] doFinal = cipher3.doFinal(bArr);
                        DERConstructedSequence dERConstructedSequence3 = new DERConstructedSequence();
                        DERObjectIdentifier dERObjectIdentifier = new DERObjectIdentifier("1.2.840.113549.1.7.1");
                        DEROctetString_ dEROctetString_ = new DEROctetString_(doFinal);
                        dERConstructedSequence3.addObject(dERObjectIdentifier);
                        dERConstructedSequence3.addObject(algorithmIdentifier_bjca);
                        dERConstructedSequence3.addObject(dEROctetString_);
                        DERConstructedSequence dERConstructedSequence4 = new DERConstructedSequence();
                        this.digestalgos = new HashSet();
                        this.digestalgos.add("1.3.14.3.2.26");
                        DERConstructedSet dERConstructedSet2 = new DERConstructedSet();
                        Iterator it = this.digestalgos.iterator();
                        while (it.hasNext()) {
                            dERConstructedSet2.addObject(new AlgorithmIdentifier(new DERObjectIdentifier((String) it.next()), null));
                        }
                        dERConstructedSequence4.addObject(dERInteger);
                        dERConstructedSequence4.addObject(dERSet);
                        dERConstructedSequence4.addObject(dERConstructedSet2);
                        dERConstructedSequence4.addObject(dERConstructedSequence3);
                        this.certs = new ArrayList();
                        this.crls = new ArrayList();
                        this.signCert = (X509Certificate) certificateArr[0];
                        for (Certificate certificate2 : certificateArr) {
                            this.certs.add(certificate2);
                        }
                        DERConstructedSet dERConstructedSet3 = new DERConstructedSet();
                        Iterator it2 = this.certs.iterator();
                        while (it2.hasNext()) {
                            dERConstructedSet3.addObject(new DERInputStream(new ByteArrayInputStream(((X509Certificate) it2.next()).getEncoded())).readObject());
                        }
                        dERConstructedSequence4.addObject(new DERTaggedObject(false, 0, dERConstructedSet3));
                        if (crlArr != null) {
                            for (CRL crl : crlArr) {
                                this.crls.add(crl);
                            }
                        }
                        dERConstructedSequence4.addObject(dERConstructedSet);
                        DERConstructedSequence dERConstructedSequence5 = new DERConstructedSequence();
                        dERConstructedSequence5.addObject(new DERObjectIdentifier("1.2.840.113549.1.7.4"));
                        dERConstructedSequence5.addObject(new DERTaggedObject(0, dERConstructedSequence4));
                        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                        DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
                        dEROutputStream.writeObject(dERConstructedSequence5);
                        dEROutputStream.close();
                        return byteArrayOutputStream.toByteArray();
                    } catch (Exception e) {
                        throw new EncryptDataException("encrypt data error");
                    }
                } catch (Exception e2) {
                    throw new EncryptDataException("encrypt data error");
                }
            } catch (Exception e3) {
                throw new EncryptKeyException("enc key exception");
            }
        } catch (NoSuchAlgorithmException e4) {
            throw new EncryptAlgException("AlgException");
        }
    }
}
