package org.jmrtd.lds;

import com.airbnb.android.utils.AirbnbConstants;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import java.util.TreeMap;
import java.util.logging.Logger;
import javax.security.auth.x500.X500Principal;
import org.jmrtd.JMRTDSecurityProvider;
import org.spongycastle.asn1.ASN1Encodable;
import org.spongycastle.asn1.ASN1EncodableVector;
import org.spongycastle.asn1.ASN1Encoding;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.ASN1Object;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.ASN1Primitive;
import org.spongycastle.asn1.ASN1Sequence;
import org.spongycastle.asn1.ASN1Set;
import org.spongycastle.asn1.ASN1TaggedObject;
import org.spongycastle.asn1.BERTaggedObject;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.asn1.DERTaggedObject;
import org.spongycastle.asn1.DLSequence;
import org.spongycastle.asn1.DLSet;
import org.spongycastle.asn1.DLTaggedObject;
import org.spongycastle.asn1.cms.Attribute;
import org.spongycastle.asn1.cms.ContentInfo;
import org.spongycastle.asn1.cms.IssuerAndSerialNumber;
import org.spongycastle.asn1.cms.SignedData;
import org.spongycastle.asn1.cms.SignerIdentifier;
import org.spongycastle.asn1.cms.SignerInfo;
import org.spongycastle.asn1.icao.DataGroupHash;
import org.spongycastle.asn1.icao.LDSSecurityObject;
import org.spongycastle.asn1.icao.LDSVersionInfo;
import org.spongycastle.asn1.nist.NISTObjectIdentifiers;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x509.AlgorithmIdentifier;
import org.spongycastle.asn1.x509.X509ObjectIdentifiers;
import org.spongycastle.jce.provider.X509CertificateObject;
import org.spongycastle.pqc.jcajce.spec.McElieceCCA2ParameterSpec;

/* loaded from: classes3.dex */
public class SODFile extends DataGroup {
    private static final String ICAO_LDS_SOD_ALT_OID = "1.3.27.1.1.1";
    private static final String ICAO_LDS_SOD_OID = "2.23.136.1.1.1";
    private static final String IEEE_P1363_SHA1_OID = "1.3.14.3.2.26";
    private static final String PKCS1_MD2_WITH_RSA_OID = "1.2.840.113549.1.1.2";
    private static final String PKCS1_MD4_WITH_RSA_OID = "1.2.840.113549.1.1.3";
    private static final String PKCS1_MD5_WITH_RSA_OID = "1.2.840.113549.1.1.4";
    private static final String PKCS1_RSASSA_PSS_OID = "1.2.840.113549.1.1.10";
    private static final String PKCS1_RSA_OID = "1.2.840.113549.1.1.1";
    private static final String PKCS1_SHA1_WITH_RSA_OID = "1.2.840.113549.1.1.5";
    private static final String PKCS1_SHA224_WITH_RSA_OID = "1.2.840.113549.1.1.14";
    private static final String PKCS1_SHA256_WITH_RSA_AND_MGF1 = "1.2.840.113549.1.1.8";
    private static final String PKCS1_SHA256_WITH_RSA_OID = "1.2.840.113549.1.1.11";
    private static final String PKCS1_SHA384_WITH_RSA_OID = "1.2.840.113549.1.1.12";
    private static final String PKCS1_SHA512_WITH_RSA_OID = "1.2.840.113549.1.1.13";
    private static final String RFC_3369_CONTENT_TYPE_OID = "1.2.840.113549.1.9.3";
    private static final String RFC_3369_MESSAGE_DIGEST_OID = "1.2.840.113549.1.9.4";
    private static final String RFC_3369_SIGNED_DATA_OID = "1.2.840.113549.1.7.2";
    private static final String SDU_LDS_SOD_OID = "1.2.528.1.1006.1.20.1";
    private static final String X9_SHA1_WITH_ECDSA_OID = "1.2.840.10045.4.1";
    private static final String X9_SHA224_WITH_ECDSA_OID = "1.2.840.10045.4.3.1";
    private static final String X9_SHA256_WITH_ECDSA_OID = "1.2.840.10045.4.3.2";
    private static final long serialVersionUID = -1081347374739311111L;
    private SignedData signedData;
    private static final Provider BC_PROVIDER = JMRTDSecurityProvider.getBouncyCastleProvider();
    private static final Logger LOGGER = Logger.getLogger("org.jmrtd");

    public SODFile(InputStream inputStream) throws IOException {
        super(LDSFile.EF_SOD_TAG, inputStream);
    }

    public SODFile(String str, String str2, Map<Integer, byte[]> map, PrivateKey privateKey, X509Certificate x509Certificate) throws NoSuchAlgorithmException, CertificateException {
        super(LDSFile.EF_SOD_TAG);
        try {
            this.signedData = createSignedData(str, str2, map, privateKey, x509Certificate, null);
        } catch (IOException e) {
            LOGGER.severe("Error creating signedData: " + e.getMessage());
            throw new IllegalArgumentException(e.getMessage());
        }
    }

    public SODFile(String str, String str2, Map<Integer, byte[]> map, PrivateKey privateKey, X509Certificate x509Certificate, String str3) throws NoSuchAlgorithmException, CertificateException {
        super(LDSFile.EF_SOD_TAG);
        try {
            this.signedData = createSignedData(str, str2, map, privateKey, x509Certificate, str3);
        } catch (IOException e) {
            LOGGER.severe("Error creating signedData: " + e.getMessage());
            throw new IllegalArgumentException(e.getMessage());
        }
    }

    public SODFile(String str, String str2, Map<Integer, byte[]> map, PrivateKey privateKey, X509Certificate x509Certificate, String str3, String str4, String str5) throws NoSuchAlgorithmException, CertificateException {
        super(LDSFile.EF_SOD_TAG);
        try {
            this.signedData = createSignedData(str, str2, map, privateKey, x509Certificate, str3, str4, str5);
        } catch (IOException e) {
            LOGGER.severe("Error creating signedData: " + e.getMessage());
            throw new IllegalArgumentException(e.getMessage());
        }
    }

    public SODFile(String str, String str2, Map<Integer, byte[]> map, byte[] bArr, X509Certificate x509Certificate) throws NoSuchAlgorithmException, CertificateException {
        super(LDSFile.EF_SOD_TAG);
        try {
            this.signedData = createSignedData(str, str2, map, bArr, x509Certificate);
        } catch (IOException e) {
            LOGGER.severe("Error creating signedData: " + e.getMessage());
            throw new IllegalArgumentException(e.getMessage());
        }
    }

    private static ASN1Set createAuthenticatedAttributes(String str, byte[] bArr) throws NoSuchAlgorithmException {
        if (McElieceCCA2ParameterSpec.DEFAULT_MD.equals(str)) {
            str = "SHA-256";
        }
        return new DLSet(new ASN1Object[]{new Attribute(new ASN1ObjectIdentifier(RFC_3369_CONTENT_TYPE_OID), createSingletonSet(new ASN1ObjectIdentifier(ICAO_LDS_SOD_OID))).toASN1Primitive(), new Attribute(new ASN1ObjectIdentifier(RFC_3369_MESSAGE_DIGEST_OID), createSingletonSet(new DEROctetString(MessageDigest.getInstance(str).digest(bArr)))).toASN1Primitive()});
    }

    private static ASN1Sequence createCertificate(X509Certificate x509Certificate) throws CertificateException {
        try {
            ASN1InputStream aSN1InputStream = new ASN1InputStream(x509Certificate.getEncoded());
            try {
                return (ASN1Sequence) aSN1InputStream.readObject();
            } finally {
                aSN1InputStream.close();
            }
        } catch (IOException e) {
            throw new CertificateException("Could not construct certificate byte stream");
        }
    }

    private static ContentInfo createContentInfo(String str, Map<Integer, byte[]> map) throws NoSuchAlgorithmException, IOException {
        return createContentInfo(str, map, null, null);
    }

    private static ContentInfo createContentInfo(String str, Map<Integer, byte[]> map, String str2, String str3) throws NoSuchAlgorithmException, IOException {
        DataGroupHash[] dataGroupHashArr = new DataGroupHash[map.size()];
        int i = 0;
        Iterator<Integer> it = map.keySet().iterator();
        while (true) {
            int i2 = i;
            if (!it.hasNext()) {
                break;
            }
            int intValue = it.next().intValue();
            i = i2 + 1;
            dataGroupHashArr[i2] = new DataGroupHash(intValue, new DEROctetString(map.get(Integer.valueOf(intValue))));
        }
        AlgorithmIdentifier algorithmIdentifier = AlgorithmIdentifier.getInstance(lookupOIDByMnemonic(str));
        return new ContentInfo(new ASN1ObjectIdentifier(ICAO_LDS_SOD_OID), new DEROctetString(str2 == null ? new LDSSecurityObject(algorithmIdentifier, dataGroupHashArr) : new LDSSecurityObject(algorithmIdentifier, dataGroupHashArr, new LDSVersionInfo(str2, str3))));
    }

    private static ASN1Sequence createDigestAlgorithms(String str) throws NoSuchAlgorithmException {
        ASN1ObjectIdentifier aSN1ObjectIdentifier = new ASN1ObjectIdentifier(lookupOIDByMnemonic(str));
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(aSN1ObjectIdentifier);
        return new DLSequence(aSN1EncodableVector);
    }

    private static SignedData createSignedData(String str, String str2, Map<Integer, byte[]> map, PrivateKey privateKey, X509Certificate x509Certificate, String str3) throws NoSuchAlgorithmException, CertificateException, IOException {
        return createSignedData(str, str2, map, privateKey, x509Certificate, str3, null, null);
    }

    private static SignedData createSignedData(String str, String str2, Map<Integer, byte[]> map, PrivateKey privateKey, X509Certificate x509Certificate, String str3, String str4, String str5) throws NoSuchAlgorithmException, CertificateException, IOException {
        ASN1Set createSingletonSet = createSingletonSet(createDigestAlgorithms(str));
        ContentInfo createContentInfo = createContentInfo(str, map, str4, str5);
        byte[] octets = ((DEROctetString) createContentInfo.getContent()).getOctets();
        try {
            byte[] encoded = createAuthenticatedAttributes(str, octets).getEncoded(ASN1Encoding.DER);
            Signature signature = str3 != null ? Signature.getInstance(str2, str3) : Signature.getInstance(str2);
            signature.initSign(privateKey);
            signature.update(encoded);
            return new SignedData(createSingletonSet, createContentInfo, createSingletonSet(createCertificate(x509Certificate)), null, createSingletonSet(createSignerInfo(str, str2, octets, signature.sign(), x509Certificate).toASN1Object()));
        } catch (Exception e) {
            LOGGER.severe("Exception: " + e.getMessage());
            return null;
        }
    }

    private static SignedData createSignedData(String str, String str2, Map<Integer, byte[]> map, byte[] bArr, X509Certificate x509Certificate) throws NoSuchAlgorithmException, CertificateException, IOException {
        ASN1Set createSingletonSet = createSingletonSet(createDigestAlgorithms(str));
        ContentInfo createContentInfo = createContentInfo(str, map);
        return new SignedData(createSingletonSet, createContentInfo, createSingletonSet(createCertificate(x509Certificate)), null, createSingletonSet(createSignerInfo(str, str2, ((DEROctetString) createContentInfo.getContent()).getOctets(), bArr, x509Certificate).toASN1Object()));
    }

    private static SignerInfo createSignerInfo(String str, String str2, byte[] bArr, byte[] bArr2, X509Certificate x509Certificate) throws NoSuchAlgorithmException {
        return new SignerInfo(new SignerIdentifier(new IssuerAndSerialNumber(new X500Name(x509Certificate.getIssuerX500Principal().getName("RFC2253")), x509Certificate.getSerialNumber())), new AlgorithmIdentifier(lookupOIDByMnemonic(str)), createAuthenticatedAttributes(str, bArr), new AlgorithmIdentifier(lookupOIDByMnemonic(str2)), new DEROctetString(bArr2), (ASN1Set) null);
    }

    private static ASN1Set createSingletonSet(ASN1Object aSN1Object) {
        return new DLSet(new ASN1Encodable[]{aSN1Object});
    }

    private static byte[] getEContent(SignedData signedData) {
        byte[] bArr;
        NoSuchAlgorithmException noSuchAlgorithmException;
        byte[] bArr2;
        IOException iOException;
        byte[] bArr3;
        byte[] bArr4 = null;
        SignerInfo signerInfo = getSignerInfo(signedData);
        ASN1Set authenticatedAttributes = signerInfo.getAuthenticatedAttributes();
        byte[] octets = ((DEROctetString) signedData.getEncapContentInfo().getContent()).getOctets();
        if (authenticatedAttributes.size() == 0) {
            return octets;
        }
        String id = signerInfo.getDigestAlgorithm().getAlgorithm().getId();
        try {
            byte[] encoded = authenticatedAttributes.getEncoded(ASN1Encoding.DER);
            try {
                Enumeration objects = authenticatedAttributes.getObjects();
                while (objects.hasMoreElements()) {
                    Attribute attribute = Attribute.getInstance((ASN1Sequence) objects.nextElement());
                    if (RFC_3369_MESSAGE_DIGEST_OID.equals(attribute.getAttrType().getId())) {
                        ASN1Set attrValues = attribute.getAttrValues();
                        if (attrValues.size() != 1) {
                            LOGGER.warning("Expected only one attribute value in signedAttribute message digest in eContent!");
                        }
                        bArr3 = ((DEROctetString) attrValues.getObjectAt(0)).getOctets();
                    } else {
                        bArr3 = bArr4;
                    }
                    bArr4 = bArr3;
                }
                if (bArr4 == null) {
                    LOGGER.warning("Error extracting signedAttribute message digest in eContent!");
                }
                if (!Arrays.equals(bArr4, MessageDigest.getInstance(id).digest(octets))) {
                    LOGGER.warning("Error checking signedAttribute message digest in eContent!");
                }
                return encoded;
            } catch (IOException e) {
                iOException = e;
                bArr2 = encoded;
                LOGGER.severe("Error getting signedAttributes: " + iOException.getMessage());
                return bArr2;
            } catch (NoSuchAlgorithmException e2) {
                noSuchAlgorithmException = e2;
                bArr = encoded;
                LOGGER.warning("Error checking signedAttributes in eContent! No such algorithm: \"" + id + "\": " + noSuchAlgorithmException.getMessage());
                return bArr;
            }
        } catch (IOException e3) {
            bArr2 = null;
            iOException = e3;
        } catch (NoSuchAlgorithmException e4) {
            bArr = null;
            noSuchAlgorithmException = e4;
        }
    }

    private static byte[] getEncryptedDigest(SignedData signedData) {
        return getSignerInfo(signedData).getEncryptedDigest().getOctets();
    }

    private IssuerAndSerialNumber getIssuerAndSerialNumber() {
        IssuerAndSerialNumber issuerAndSerialNumber = IssuerAndSerialNumber.getInstance(getSignerInfo(this.signedData).getSID().getId());
        return new IssuerAndSerialNumber(issuerAndSerialNumber.getName(), issuerAndSerialNumber.getSerialNumber().getValue());
    }

    private static LDSSecurityObject getLDSSecurityObject(SignedData signedData) {
        try {
            ContentInfo encapContentInfo = signedData.getEncapContentInfo();
            String id = encapContentInfo.getContentType().getId();
            DEROctetString dEROctetString = (DEROctetString) encapContentInfo.getContent();
            if (!ICAO_LDS_SOD_OID.equals(id) && !SDU_LDS_SOD_OID.equals(id) && !ICAO_LDS_SOD_ALT_OID.equals(id)) {
                LOGGER.warning("SignedData does not appear to contain an LDS SOd. (content type is " + id + ", was expecting " + ICAO_LDS_SOD_OID + ")");
            }
            ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(dEROctetString.getOctets()));
            ASN1Primitive readObject = aSN1InputStream.readObject();
            if (!(readObject instanceof ASN1Sequence)) {
                throw new IllegalStateException("Expected ASN1Sequence, found " + readObject.getClass().getSimpleName());
            }
            LDSSecurityObject lDSSecurityObject = LDSSecurityObject.getInstance(readObject);
            if (aSN1InputStream.readObject() != null) {
                LOGGER.warning("Ignoring extra object found after LDSSecurityObject...");
            }
            return lDSSecurityObject;
        } catch (IOException e) {
            throw new IllegalStateException("Could not read security object in signedData");
        }
    }

    private static SignerInfo getSignerInfo(SignedData signedData) {
        ASN1Set signerInfos = signedData.getSignerInfos();
        if (signerInfos.size() > 1) {
            LOGGER.warning("Found " + signerInfos.size() + " signerInfos");
        }
        if (0 < signerInfos.size()) {
            return new SignerInfo((ASN1Sequence) signerInfos.getObjectAt(0));
        }
        return null;
    }

    private static String lookupMnemonicByOID(String str) throws NoSuchAlgorithmException {
        if (str == null) {
            return null;
        }
        if (str.equals(X509ObjectIdentifiers.organization.getId())) {
            return "O";
        }
        if (str.equals(X509ObjectIdentifiers.organizationalUnitName.getId())) {
            return "OU";
        }
        if (str.equals(X509ObjectIdentifiers.commonName.getId())) {
            return AirbnbConstants.COUNTRY_CODE_CHINA;
        }
        if (str.equals(X509ObjectIdentifiers.countryName.getId())) {
            return "C";
        }
        if (str.equals(X509ObjectIdentifiers.stateOrProvinceName.getId())) {
            return "ST";
        }
        if (str.equals(X509ObjectIdentifiers.localityName.getId())) {
            return "L";
        }
        if (str.equals(X509ObjectIdentifiers.id_SHA1.getId())) {
            return "SHA-1";
        }
        if (str.equals(NISTObjectIdentifiers.id_sha224.getId())) {
            return "SHA-224";
        }
        if (str.equals(NISTObjectIdentifiers.id_sha256.getId())) {
            return "SHA-256";
        }
        if (str.equals(NISTObjectIdentifiers.id_sha384.getId())) {
            return "SHA-384";
        }
        if (str.equals(NISTObjectIdentifiers.id_sha512.getId())) {
            return "SHA-512";
        }
        if (str.equals(X9_SHA1_WITH_ECDSA_OID)) {
            return "SHA1withECDSA";
        }
        if (str.equals(X9_SHA224_WITH_ECDSA_OID)) {
            return "SHA224withECDSA";
        }
        if (str.equals(X9_SHA256_WITH_ECDSA_OID)) {
            return "SHA256withECDSA";
        }
        if (str.equals(PKCS1_RSA_OID)) {
            return "RSA";
        }
        if (str.equals(PKCS1_MD2_WITH_RSA_OID)) {
            return "MD2withRSA";
        }
        if (str.equals(PKCS1_MD4_WITH_RSA_OID)) {
            return "MD4withRSA";
        }
        if (str.equals(PKCS1_MD5_WITH_RSA_OID)) {
            return "MD5withRSA";
        }
        if (str.equals(PKCS1_SHA1_WITH_RSA_OID)) {
            return "SHA1withRSA";
        }
        if (str.equals(PKCS1_SHA256_WITH_RSA_OID)) {
            return "SHA256withRSA";
        }
        if (str.equals(PKCS1_SHA384_WITH_RSA_OID)) {
            return "SHA384withRSA";
        }
        if (str.equals(PKCS1_SHA512_WITH_RSA_OID)) {
            return "SHA512withRSA";
        }
        if (str.equals(PKCS1_SHA224_WITH_RSA_OID)) {
            return "SHA224withRSA";
        }
        if (str.equals(IEEE_P1363_SHA1_OID)) {
            return "SHA-1";
        }
        if (str.equals(PKCS1_RSASSA_PSS_OID)) {
            return "SSAwithRSA/PSS";
        }
        if (str.equals(PKCS1_SHA256_WITH_RSA_AND_MGF1)) {
            return "SHA256withRSAandMGF1";
        }
        throw new NoSuchAlgorithmException("Unknown OID " + str);
    }

    private static String lookupOIDByMnemonic(String str) throws NoSuchAlgorithmException {
        if (str.equals("O")) {
            return X509ObjectIdentifiers.organization.getId();
        }
        if (str.equals("OU")) {
            return X509ObjectIdentifiers.organizationalUnitName.getId();
        }
        if (str.equals(AirbnbConstants.COUNTRY_CODE_CHINA)) {
            return X509ObjectIdentifiers.commonName.getId();
        }
        if (str.equals("C")) {
            return X509ObjectIdentifiers.countryName.getId();
        }
        if (str.equals("ST")) {
            return X509ObjectIdentifiers.stateOrProvinceName.getId();
        }
        if (str.equals("L")) {
            return X509ObjectIdentifiers.localityName.getId();
        }
        if (str.equalsIgnoreCase("SHA-1") || str.equalsIgnoreCase("SHA1")) {
            return X509ObjectIdentifiers.id_SHA1.getId();
        }
        if (str.equalsIgnoreCase("SHA-224") || str.equalsIgnoreCase("SHA224")) {
            return NISTObjectIdentifiers.id_sha224.getId();
        }
        if (str.equalsIgnoreCase("SHA-256") || str.equalsIgnoreCase(McElieceCCA2ParameterSpec.DEFAULT_MD)) {
            return NISTObjectIdentifiers.id_sha256.getId();
        }
        if (str.equalsIgnoreCase("SHA-384") || str.equalsIgnoreCase("SHA384")) {
            return NISTObjectIdentifiers.id_sha384.getId();
        }
        if (str.equalsIgnoreCase("SHA-512") || str.equalsIgnoreCase("SHA512")) {
            return NISTObjectIdentifiers.id_sha512.getId();
        }
        if (str.equalsIgnoreCase("RSA")) {
            return PKCS1_RSA_OID;
        }
        if (str.equalsIgnoreCase("MD2withRSA")) {
            return PKCS1_MD2_WITH_RSA_OID;
        }
        if (str.equalsIgnoreCase("MD4withRSA")) {
            return PKCS1_MD4_WITH_RSA_OID;
        }
        if (str.equalsIgnoreCase("MD5withRSA")) {
            return PKCS1_MD5_WITH_RSA_OID;
        }
        if (str.equalsIgnoreCase("SHA1withRSA")) {
            return PKCS1_SHA1_WITH_RSA_OID;
        }
        if (str.equalsIgnoreCase("SHA256withRSA")) {
            return PKCS1_SHA256_WITH_RSA_OID;
        }
        if (str.equalsIgnoreCase("SHA384withRSA")) {
            return PKCS1_SHA384_WITH_RSA_OID;
        }
        if (str.equalsIgnoreCase("SHA512withRSA")) {
            return PKCS1_SHA512_WITH_RSA_OID;
        }
        if (str.equalsIgnoreCase("SHA224withRSA")) {
            return PKCS1_SHA224_WITH_RSA_OID;
        }
        if (str.equalsIgnoreCase("SHA1withECDSA")) {
            return X9_SHA1_WITH_ECDSA_OID;
        }
        if (str.equalsIgnoreCase("SHA224withECDSA")) {
            return X9_SHA224_WITH_ECDSA_OID;
        }
        if (str.equalsIgnoreCase("SHA256withECDSA")) {
            return X9_SHA256_WITH_ECDSA_OID;
        }
        if (str.equalsIgnoreCase("SAwithRSA/PSS") || str.equalsIgnoreCase("SSAwithRSA/PSS") || str.equalsIgnoreCase("RSASSA-PSS")) {
            return PKCS1_RSASSA_PSS_OID;
        }
        if (str.equalsIgnoreCase("SHA256withRSAandMGF1")) {
            return PKCS1_SHA256_WITH_RSA_AND_MGF1;
        }
        throw new NoSuchAlgorithmException("Unknown name " + str);
    }

    public boolean checkDocSignature(Certificate certificate) throws GeneralSecurityException {
        String str;
        Signature signature;
        MessageDigest messageDigest;
        byte[] eContent = getEContent();
        byte[] encryptedDigest = getEncryptedDigest();
        try {
            str = getDigestEncryptionAlgorithm();
        } catch (Exception e) {
            str = null;
        }
        if (str == null) {
            String signerInfoDigestAlgorithm = getSignerInfoDigestAlgorithm();
            try {
                messageDigest = MessageDigest.getInstance(signerInfoDigestAlgorithm);
            } catch (Exception e2) {
                messageDigest = MessageDigest.getInstance(signerInfoDigestAlgorithm, BC_PROVIDER);
            }
            messageDigest.update(eContent);
            return Arrays.equals(messageDigest.digest(), encryptedDigest);
        }
        if ("SSAwithRSA/PSS".equals(str)) {
            str = getSignerInfoDigestAlgorithm().replace("-", "") + "withRSA/PSS";
        }
        if ("RSA".equals(str)) {
            str = getSignerInfoDigestAlgorithm().replace("-", "") + "withRSA";
        }
        LOGGER.info("digestEncryptionAlgorithm = " + str);
        try {
            signature = Signature.getInstance(str);
        } catch (Exception e3) {
            signature = Signature.getInstance(str, BC_PROVIDER);
        }
        signature.initVerify(certificate);
        signature.update(eContent);
        return signature.verify(encryptedDigest);
    }

    public boolean equals(Object obj) {
        if (obj == null) {
            return false;
        }
        if (obj == this) {
            return true;
        }
        if (obj.getClass().equals(getClass())) {
            return Arrays.equals(getEncoded(), ((SODFile) obj).getEncoded());
        }
        return false;
    }

    public Map<Integer, byte[]> getDataGroupHashes() {
        DataGroupHash[] datagroupHash = getLDSSecurityObject(this.signedData).getDatagroupHash();
        TreeMap treeMap = new TreeMap();
        for (DataGroupHash dataGroupHash : datagroupHash) {
            treeMap.put(Integer.valueOf(dataGroupHash.getDataGroupNumber()), dataGroupHash.getDataGroupHashValue().getOctets());
        }
        return treeMap;
    }

    public String getDigestAlgorithm() {
        try {
            return lookupMnemonicByOID(getLDSSecurityObject(this.signedData).getDigestAlgorithmIdentifier().getAlgorithm().getId());
        } catch (NoSuchAlgorithmException e) {
            LOGGER.severe("Exception: " + e.getMessage());
            return null;
        }
    }

    public String getDigestEncryptionAlgorithm() {
        try {
            String id = getSignerInfo(this.signedData).getDigestEncryptionAlgorithm().getAlgorithm().getId();
            if (id == null) {
                return null;
            }
            return lookupMnemonicByOID(id);
        } catch (NoSuchAlgorithmException e) {
            LOGGER.severe("Exception: " + e.getMessage());
            return null;
        }
    }

    public X509Certificate getDocSigningCertificate() throws CertificateException {
        ASN1Set certificates = this.signedData.getCertificates();
        if (certificates == null || certificates.size() <= 0) {
            return null;
        }
        if (certificates.size() != 1) {
            LOGGER.warning("Found " + certificates.size() + " certificates");
        }
        X509CertificateObject x509CertificateObject = null;
        byte[] bArr = null;
        int i = 0;
        while (i < certificates.size()) {
            x509CertificateObject = new X509CertificateObject(org.spongycastle.asn1.x509.Certificate.getInstance((ASN1Sequence) certificates.getObjectAt(i)));
            i++;
            bArr = x509CertificateObject.getEncoded();
        }
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
        } catch (Exception e) {
            return x509CertificateObject;
        }
    }

    public byte[] getEContent() {
        return getEContent(this.signedData);
    }

    public byte[] getEncryptedDigest() {
        return getEncryptedDigest(this.signedData);
    }

    public X500Principal getIssuerX500Principal() {
        try {
            return new X500Principal(getIssuerAndSerialNumber().getName().getEncoded(ASN1Encoding.DER));
        } catch (IOException e) {
            LOGGER.severe("Could not get issuer: " + e.getMessage());
            return null;
        }
    }

    public String getLDSVersion() {
        LDSVersionInfo versionInfo = getLDSSecurityObject(this.signedData).getVersionInfo();
        if (versionInfo == null) {
            return null;
        }
        return versionInfo.getLdsVersion();
    }

    public BigInteger getSerialNumber() {
        return getIssuerAndSerialNumber().getSerialNumber().getValue();
    }

    public String getSignerInfoDigestAlgorithm() {
        try {
            return lookupMnemonicByOID(getSignerInfo(this.signedData).getDigestAlgorithm().getAlgorithm().getId());
        } catch (NoSuchAlgorithmException e) {
            LOGGER.severe("Exception: " + e.getMessage());
            return null;
        }
    }

    public String getUnicodeVersion() {
        LDSVersionInfo versionInfo = getLDSSecurityObject(this.signedData).getVersionInfo();
        if (versionInfo == null) {
            return null;
        }
        return versionInfo.getUnicodeVersion();
    }

    public int hashCode() {
        return (Arrays.hashCode(getEncoded()) * 11) + 111;
    }

    @Override // org.jmrtd.lds.DataGroup
    protected void readContent(InputStream inputStream) throws IOException {
        int tagNo;
        ASN1Primitive object;
        ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(inputStream).readObject();
        if (aSN1Sequence.size() != 2) {
            throw new IOException("Was expecting a DER sequence of length 2, found a DER sequence of length " + aSN1Sequence.size());
        }
        String id = ((ASN1ObjectIdentifier) aSN1Sequence.getObjectAt(0)).getId();
        if (!RFC_3369_SIGNED_DATA_OID.equals(id)) {
            throw new IOException("Was expecting signed-data content type OID (1.2.840.113549.1.7.2), found " + id);
        }
        ASN1Encodable objectAt = aSN1Sequence.getObjectAt(1);
        if (objectAt instanceof DERTaggedObject) {
            DERTaggedObject dERTaggedObject = (DERTaggedObject) objectAt;
            tagNo = dERTaggedObject.getTagNo();
            object = dERTaggedObject.getObject();
        } else if (objectAt instanceof BERTaggedObject) {
            BERTaggedObject bERTaggedObject = (BERTaggedObject) objectAt;
            tagNo = bERTaggedObject.getTagNo();
            object = bERTaggedObject.getObject();
        } else if (objectAt instanceof ASN1TaggedObject) {
            DLTaggedObject dLTaggedObject = (DLTaggedObject) objectAt;
            tagNo = dLTaggedObject.getTagNo();
            object = dLTaggedObject.getObject();
        } else {
            if (!(objectAt instanceof ASN1TaggedObject)) {
                throw new IOException("Was expecting an ASN1TaggedObject, found " + objectAt.getClass().getCanonicalName());
            }
            ASN1TaggedObject aSN1TaggedObject = (ASN1TaggedObject) objectAt;
            tagNo = aSN1TaggedObject.getTagNo();
            object = aSN1TaggedObject.getObject();
        }
        if (tagNo != 0) {
            throw new IOException("Was expecting tag 0, found " + Integer.toHexString(tagNo));
        }
        if (!(object instanceof ASN1Sequence)) {
            throw new IOException("Was expecting an ASN.1 sequence as content");
        }
        this.signedData = SignedData.getInstance((ASN1Sequence) object);
    }

    @Override // org.jmrtd.lds.DataGroup
    public String toString() {
        try {
            return "SODFile " + getDocSigningCertificate().getIssuerX500Principal();
        } catch (Exception e) {
            return "SODFile";
        }
    }

    @Override // org.jmrtd.lds.DataGroup
    protected void writeContent(OutputStream outputStream) throws IOException {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ASN1ObjectIdentifier(RFC_3369_SIGNED_DATA_OID));
        aSN1EncodableVector.add(new DERTaggedObject(0, this.signedData));
        outputStream.write(new DLSequence(aSN1EncodableVector).getEncoded(ASN1Encoding.DER));
    }
}
