package org.jscep.util;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.cert.CRLException;
import java.security.cert.CertStore;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import kotlin.stringifyIP;
import kotlin.writeWindowUpdateLaterokhttp;
import org.bouncycastle.cert.X509CRLHolder;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.DefaultCMSSignatureAlgorithmNameGenerator;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.SignerInformationVerifier;
import org.bouncycastle.cms.jcajce.JcaSignerId;
import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.bouncycastle.util.Store;

/* loaded from: classes3.dex */
public final class SignedDataUtils {
    private static final stringifyIP LOGGER = writeWindowUpdateLaterokhttp.for_mul(SignedDataUtils.class);

    private SignedDataUtils() {
    }

    public static CertStore fromSignedData(CMSSignedData cMSSignedData) {
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
            Store<X509CertificateHolder> certificates = cMSSignedData.getCertificates();
            Store<X509CRLHolder> cRLs = cMSSignedData.getCRLs();
            Collection<X509CertificateHolder> matches = certificates.getMatches(null);
            Collection<X509CRLHolder> matches2 = cRLs.getMatches(null);
            ArrayList arrayList = new ArrayList();
            Iterator<X509CertificateHolder> it = matches.iterator();
            while (it.hasNext()) {
                try {
                    try {
                        arrayList.add(certificateFactory.generateCertificate(new ByteArrayInputStream(it.next().getEncoded())));
                    } catch (CertificateException e) {
                        LOGGER.RequestMethod("Error generating certificate", e);
                    }
                } catch (IOException e2) {
                    LOGGER.RequestMethod("Error encoding certificate", e2);
                }
            }
            Iterator<X509CRLHolder> it2 = matches2.iterator();
            while (it2.hasNext()) {
                try {
                    try {
                        arrayList.add(certificateFactory.generateCRL(new ByteArrayInputStream(it2.next().getEncoded())));
                    } catch (CRLException e3) {
                        LOGGER.RequestMethod("Error generating certificate", e3);
                    }
                } catch (IOException e4) {
                    LOGGER.RequestMethod("Error encoding crl", e4);
                }
            }
            try {
                return CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList));
            } catch (GeneralSecurityException e5) {
                throw new RuntimeException(e5);
            }
        } catch (CertificateException e6) {
            throw new RuntimeException(e6);
        }
    }

    public static boolean isSignedBy(CMSSignedData cMSSignedData, X509Certificate x509Certificate) {
        SignerInformation signerInformation = cMSSignedData.getSignerInfos().get(new JcaSignerId(x509Certificate));
        if (signerInformation == null) {
            return false;
        }
        try {
            try {
                try {
                    return signerInformation.verify(new SignerInformationVerifier(new DefaultCMSSignatureAlgorithmNameGenerator(), new DefaultSignatureAlgorithmIdentifierFinder(), new JcaContentVerifierProviderBuilder().build(x509Certificate), new JcaDigestCalculatorProviderBuilder().build()));
                } catch (CMSException unused) {
                    return false;
                }
            } catch (OperatorCreationException e) {
                throw new RuntimeException(e);
            }
        } catch (OperatorCreationException e2) {
            throw new RuntimeException(e2);
        }
    }
}
