package ru.bitel.common.security;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.Security;
import java.security.SignatureException;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.Store;
import org.bouncycastle.util.io.pem.PemReader;
import ru.bitel.common.Utils;

/* loaded from: input_file:WEB-INF/lib/client.jar:ru/bitel/common/security/PKCS7.class */
public class PKCS7 {
    public static byte[] decode(InputStream inputStream, InputStream inputStream2) throws SignatureException, IOException {
        try {
            CMSSignedData cMSSignedData = new CMSSignedData(new PemReader(new InputStreamReader(inputStream)).readPemObject().getContent());
            byte[] bArr = (byte[]) cMSSignedData.getSignedContent().getContent();
            try {
                Store certificates = cMSSignedData.getCertificates();
                for (SignerInformation signerInformation : cMSSignedData.getSignerInfos().getSigners()) {
                    if (!signerInformation.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build((X509CertificateHolder) certificates.getMatches(signerInformation.getSID()).iterator().next()))) {
                        throw new SignatureException("verification signature failed");
                    }
                }
                return bArr;
            } catch (Exception e) {
                throw new SignatureException("error verification signature", e);
            }
        } catch (CMSException e2) {
            throw new IOException("error parse CMS signed data", e2);
        }
    }

    public static String _sun_decode(InputStream inputStream, InputStream inputStream2) throws IOException, GeneralSecurityException {
        return null;
    }

    protected static String _openssl_decode(InputStream inputStream, InputStream inputStream2) throws IOException, InterruptedException {
        File createTempFile = File.createTempFile("bgbilling", String.valueOf(System.currentTimeMillis()));
        FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
        Utils.flush(inputStream2, fileOutputStream);
        fileOutputStream.close();
        Process exec = Runtime.getRuntime().exec("/usr/bin/openssl smime -verify -inform PEM -nointern -certfile " + createTempFile.getAbsolutePath() + " -CAfile " + createTempFile.getAbsolutePath());
        OutputStream outputStream = exec.getOutputStream();
        Utils.flush(inputStream, outputStream);
        outputStream.close();
        exec.waitFor();
        InputStream inputStream3 = exec.getInputStream();
        String str = new String(Utils.readByBlock(inputStream3));
        inputStream3.close();
        exec.destroy();
        return str;
    }

    public static void main(String[] strArr) throws Exception {
        Security.addProvider(new BouncyCastleProvider());
        System.out.println("sun:\t" + _sun_decode(new FileInputStream("/home/dimon/projects/yandex/request4.txt"), new FileInputStream("/home/dimon/projects/yandex/payment_center_2014.pem")));
        System.out.println("opnssl:\t" + _openssl_decode(new FileInputStream("/home/dimon/projects/yandex/request4.txt"), new FileInputStream("/home/dimon/projects/yandex/payment_center_2014.pem")));
        System.out.println("bc:\t" + new String(decode(new FileInputStream("/home/dimon/projects/yandex/request4.txt"), new FileInputStream("/home/dimon/projects/yandex/payment_center_2014.pem")), "UTF-8"));
    }
}
