package com.mulesoft.connectors.as2.internal.crypto;

import com.mulesoft.connectors.as2.internal.error.AS2ErrorType;
import com.mulesoft.connectors.as2.internal.error.DispositionType;
import com.mulesoft.connectors.as2.internal.error.exception.AS2ExtensionException;
import java.security.PublicKey;
import java.util.HashMap;
import java.util.Iterator;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.SignerInformationStore;
import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
import org.bouncycastle.jcajce.provider.util.DigestFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.OperatorCreationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/mulesoft/connectors/as2/internal/crypto/SignedMessageVerifier.class */
public class SignedMessageVerifier {
    private static final Logger LOGGER = LoggerFactory.getLogger(SignedMessageVerifier.class);
    private PublicKey publicKey;

    public SignedMessageVerifier(PublicKey publicKey) {
        this.publicKey = publicKey;
    }

    public boolean validateSignature(byte[] bArr, AS2Digest aS2Digest) {
        LOGGER.info("Validating PKCS7 signature against digest");
        HashMap hashMap = new HashMap();
        hashMap.put(DigestFactory.getOID(aS2Digest.getAlgorithm().algorithm()).getId(), aS2Digest.getHash());
        try {
            SignerInformationStore signerInfos = new CMSSignedData(hashMap, bArr).getSignerInfos();
            if (signerInfos.size() < 1) {
                throw new AS2ExtensionException(DispositionType.PROCESSED_ERROR_AUTHENTICATION_FAILED, "Signature had no signer information!", AS2ErrorType.SECURITY);
            }
            Iterator it = signerInfos.getSigners().iterator();
            while (it.hasNext()) {
                try {
                    if (((SignerInformation) it.next()).verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(new BouncyCastleProvider()).build(this.publicKey))) {
                        return true;
                    }
                } catch (OperatorCreationException | CMSException e) {
                    throw new AS2ExtensionException(DispositionType.PROCESSED_ERROR_AUTHENTICATION_FAILED, "Error verifying signature", AS2ErrorType.SECURITY, e);
                }
            }
            return false;
        } catch (CMSException e2) {
            throw new AS2ExtensionException(DispositionType.PROCESSED_ERROR_AUTHENTICATION_FAILED, "Unable to parse PKCS7 signature block", AS2ErrorType.SECURITY, e2);
        }
    }
}
