package cn.com.jit.ida.util.pki.asn1.x509;

import cn.com.jit.ida.util.pki.PKIException;
import cn.com.jit.ida.util.pki.Parser;
import cn.com.jit.ida.util.pki.asn1.ASN1EncodableVector;
import cn.com.jit.ida.util.pki.asn1.DERBitString;
import cn.com.jit.ida.util.pki.asn1.DEREncodable;
import cn.com.jit.ida.util.pki.asn1.DERObject;
import cn.com.jit.ida.util.pki.asn1.DERObjectIdentifier;
import cn.com.jit.ida.util.pki.asn1.DERSequence;
import cn.com.jit.ida.util.pki.asn1.pkcs.PKCSObjectIdentifiers;
import cn.com.jit.ida.util.pki.cipher.JKey;
import cn.com.jit.ida.util.pki.cipher.Mechanism;
import cn.com.jit.ida.util.pki.cipher.Session;
import java.math.BigInteger;

/* loaded from: classes2.dex */
public class AttributeCertificate implements DEREncodable {
    AttributeCertificateInfo acinfo;
    AlgorithmIdentifier signatureAlgorithm;
    DERBitString signatureValue;

    public AttributeCertificate(byte[] bArr) throws PKIException {
        DERSequence dERSequence = (DERSequence) Parser.writeBytes2DERObj(bArr);
        this.acinfo = new AttributeCertificateInfo((DERSequence) dERSequence.getObjectAt(0));
        this.signatureAlgorithm = new AlgorithmIdentifier((DERSequence) dERSequence.getObjectAt(1));
        this.signatureValue = (DERBitString) dERSequence.getObjectAt(2);
    }

    public AttributeCertificateInfo getAcinfo() {
        return this.acinfo;
    }

    @Override // cn.com.jit.ida.util.pki.asn1.DEREncodable
    public DERObject getDERObject() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(this.acinfo);
        aSN1EncodableVector.add(this.signatureAlgorithm);
        aSN1EncodableVector.add(this.signatureValue);
        return new DERSequence(aSN1EncodableVector);
    }

    public BigInteger getSerialNumber() {
        return this.acinfo.getSerialNumber().getValue();
    }

    public byte[] getSignature() {
        return this.signatureValue.getBytes();
    }

    public AlgorithmIdentifier getSignatureAlgorithm() {
        return this.signatureAlgorithm;
    }

    public DERBitString getSignatureValue() {
        return this.signatureValue;
    }

    public int getVersion() {
        return this.acinfo.getAttCertVersion().getValue().intValue();
    }

    public boolean verify(JKey jKey, Session session) throws PKIException {
        Mechanism mechanism;
        DERObjectIdentifier objectId = this.signatureAlgorithm.getObjectId();
        if (objectId.equals(PKCSObjectIdentifiers.md2WithRSAEncryption)) {
            mechanism = new Mechanism("MD2withRSAEncryption");
        } else if (objectId.equals(PKCSObjectIdentifiers.md5WithRSAEncryption)) {
            mechanism = new Mechanism("MD5withRSAEncryption");
        } else if (objectId.equals(PKCSObjectIdentifiers.sha1WithRSAEncryption) || objectId.equals(PKCSObjectIdentifiers.sha1WithRSAEncryption_v1)) {
            mechanism = new Mechanism("SHA1withRSAEncryption");
        } else if (objectId.equals(PKCSObjectIdentifiers.sha1WithECEncryption)) {
            mechanism = new Mechanism("SHA1withECDSA");
        } else if (objectId.equals(PKCSObjectIdentifiers.sha1WithDSA)) {
            mechanism = new Mechanism("SHA1withDSA");
        } else {
            if (!objectId.equals(PKCSObjectIdentifiers.sm2_with_sm3)) {
                throw new PKIException(PKIException.NONSUPPORT_SIGALG, "不支持的签名算法:" + objectId.getId());
            }
            mechanism = new Mechanism("SM3withSM2Encryption");
        }
        try {
            return session.verifySign(mechanism, jKey, Parser.writeDERObj2Bytes(this.acinfo.getDERObject()), this.signatureValue.getBytes());
        } catch (Exception e) {
            throw new PKIException("6", PKIException.VERIFY_SIGN_DES, e);
        }
    }
}
