package sun.security.pkcs;

import java.io.IOException;
import java.security.IdentityScope;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import sun.security.util.BigInt;
import sun.security.util.DerInputStream;
import sun.security.util.DerOutputStream;
import sun.security.util.DerValue;
import sun.security.x509.AlgorithmId;
import sun.security.x509.X500Name;
import sun.security.x509.X509Cert;
import sunw.hotjava.doc.DocConstants;

/* loaded from: input_file:sun/security/pkcs/SignerInfo.class */
public class SignerInfo {
    BigInt version;
    X500Name issuerName;
    BigInt certificateSerialNumber;
    AlgorithmId digestAlgorithmId;
    AlgorithmId digestEncryptionAlgorithmId;
    byte[] encryptedDigest;

    public SignerInfo(X500Name x500Name, BigInt bigInt, AlgorithmId algorithmId, AlgorithmId algorithmId2, byte[] bArr) {
        this.version = new BigInt(1);
        this.issuerName = x500Name;
        this.certificateSerialNumber = bigInt;
        this.digestAlgorithmId = algorithmId;
        this.digestEncryptionAlgorithmId = algorithmId2;
        this.encryptedDigest = bArr;
    }

    public SignerInfo(DerInputStream derInputStream) throws IOException, ParsingException {
        this.version = derInputStream.getInteger();
        DerValue[] sequence = derInputStream.getSequence(2);
        this.issuerName = new X500Name(new DerValue((byte) 48, sequence[0].toByteArray()));
        this.certificateSerialNumber = sequence[1].getInteger();
        this.digestAlgorithmId = AlgorithmId.parse(derInputStream.getDerValue());
        derInputStream.getSet(0);
        this.digestEncryptionAlgorithmId = AlgorithmId.parse(derInputStream.getDerValue());
        this.encryptedDigest = derInputStream.getOctetString();
        derInputStream.getSet(0);
        if (derInputStream.available() != 0) {
            throw new ParsingException("extra data at the end");
        }
    }

    public void encode(DerOutputStream derOutputStream) throws IOException {
        DerOutputStream derOutputStream2 = new DerOutputStream();
        derOutputStream2.putInteger(this.version);
        DerOutputStream derOutputStream3 = new DerOutputStream();
        this.issuerName.emit(derOutputStream3);
        derOutputStream3.putInteger(this.certificateSerialNumber);
        derOutputStream2.write((byte) 48, derOutputStream3);
        this.digestAlgorithmId.encode(derOutputStream2);
        DerOutputStream derOutputStream4 = new DerOutputStream();
        derOutputStream2.write((byte) 49, derOutputStream4);
        this.digestEncryptionAlgorithmId.encode(derOutputStream2);
        derOutputStream2.putOctetString(this.encryptedDigest);
        derOutputStream2.write((byte) 49, derOutputStream4);
        derOutputStream.write((byte) 48, derOutputStream2);
    }

    public X509Cert getCertificate(PKCS7 pkcs7) {
        return pkcs7.getCertificate(this.certificateSerialNumber, this.issuerName);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignerInfo verify(PKCS7 pkcs7, byte[] bArr) throws NoSuchAlgorithmException, SignatureException {
        IdentityScope.getSystemScope();
        if (bArr == null) {
            try {
                bArr = pkcs7.getContentInfo().getContentBytes();
            } catch (IOException e) {
                throw new SignatureException(new StringBuffer("IO error verifying signature:\n").append(e.getMessage()).toString());
            } catch (InvalidKeyException e2) {
                throw new SignatureException(new StringBuffer("InvalidKey: ").append(e2.getMessage()).toString());
            }
        }
        Signature signature = Signature.getInstance(getDigestEncryptionAlgorithmId().getName());
        X509Cert certificate = getCertificate(pkcs7);
        if (certificate == null) {
            throw new SignatureException(new StringBuffer("No cert for ").append(this.issuerName).toString());
        }
        signature.initVerify(certificate.getPublicKey());
        signature.update(bArr);
        if (signature.verify(this.encryptedDigest)) {
            return this;
        }
        return null;
    }

    SignerInfo verify(PKCS7 pkcs7) throws NoSuchAlgorithmException, SignatureException {
        return verify(pkcs7, null);
    }

    public BigInt getVersion() {
        return this.version;
    }

    public X500Name getIssuerName() {
        return this.issuerName;
    }

    public BigInt getCertificateSerialNumber() {
        return this.certificateSerialNumber;
    }

    public AlgorithmId getDigestAlgorithmId() {
        return this.digestAlgorithmId;
    }

    public AlgorithmId getDigestEncryptionAlgorithmId() {
        return this.digestEncryptionAlgorithmId;
    }

    public byte[] getEncryptedDigest() {
        return this.encryptedDigest;
    }

    public String toString() {
        return new StringBuffer(String.valueOf(new StringBuffer(String.valueOf(new StringBuffer(String.valueOf(new StringBuffer(String.valueOf(new StringBuffer(String.valueOf(new StringBuffer(String.valueOf("")).append("Signer Info for (issuer): ").append(this.issuerName).append(DocConstants.NEWLINE).toString())).append("\tversion: ").append(this.version).append(DocConstants.NEWLINE).toString())).append("\tcertificateSerialNumber: ").append(this.certificateSerialNumber).append(DocConstants.NEWLINE).toString())).append("\tdigestAlgorithmId: ").append(this.digestAlgorithmId).append(DocConstants.NEWLINE).toString())).append("\tdigestEncryptionAlgorithmId: ").append(this.digestEncryptionAlgorithmId).append(DocConstants.NEWLINE).toString())).append("\tencryptedDigest: ").append(this.encryptedDigest).append(DocConstants.NEWLINE).toString();
    }
}
