package io.intino.amidas.util;

import com.itextpdf.text.pdf.AcroFields;
import com.itextpdf.text.pdf.PdfDate;
import com.itextpdf.text.pdf.PdfDictionary;
import com.itextpdf.text.pdf.PdfName;
import com.itextpdf.text.pdf.PdfPKCS7;
import com.itextpdf.text.pdf.PdfReader;
import com.itextpdf.text.pdf.PdfSignature;
import com.itextpdf.text.pdf.PdfSignatureAppearance;
import com.itextpdf.text.pdf.PdfStamper;
import com.itextpdf.text.pdf.PdfString;
import cotton.signatory.core.StreamHelper;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.SignatureException;
import java.security.cert.CRL;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.Calendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.UUID;
import javax.xml.parsers.DocumentBuilderFactory;
import org.w3c.dom.Node;

/* loaded from: input_file:io/intino/amidas/util/PdfSigner.class */
public class PdfSigner {
    private static final int ENCODED_SIGNATURE_LENGTH = 15000;

    /* loaded from: input_file:io/intino/amidas/util/PdfSigner$PreparedDocument.class */
    public interface PreparedDocument {
        String hash();

        InputStream document();
    }

    public static PreparedDocument prepareDocument(InputStream inputStream, String str, byte[] bArr, String str2, String str3, String str4) {
        try {
            return prepareDocument(inputStream, str, CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr)), str2, str3, str4);
        } catch (CertificateException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static InputStream signDocument(InputStream inputStream, byte[] bArr) {
        InputStream doSignDocument = doSignDocument(inputStream, bArr);
        if (doSignDocument != null && checkSignedDocument(doSignDocument)) {
            return doSignDocument;
        }
        return null;
    }

    private static boolean checkSignedDocument(InputStream inputStream) {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            StreamHelper.copyData(inputStream, byteArrayOutputStream);
            return verifyDocument(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    private static InputStream doSignDocument(InputStream inputStream, byte[] bArr) {
        File file = null;
        try {
            try {
                String byteArrayToHexString = PdfSignerUtils.byteArrayToHexString(bArr);
                byte[] bytes = PdfSignerUtils.byteArrayToHexString(PdfSignerUtils.getPlaceHolderArr(ENCODED_SIGNATURE_LENGTH)).getBytes();
                byte[] bArr2 = new byte[bytes.length];
                for (int i = 0; i < bArr2.length; i++) {
                    bArr2[i] = 48;
                }
                System.arraycopy(byteArrayToHexString.getBytes(), 0, bArr2, 0, byteArrayToHexString.getBytes().length);
                file = File.createTempFile(UUID.randomUUID().toString(), ".sign");
                new FileOutputStream(file).write(StreamHelper.readBytes(inputStream));
                PdfSignerUtils.replace(file, bytes, bArr2);
                FileInputStream fileInputStream = new FileInputStream(file);
                if (file != null) {
                    file.delete();
                }
                return fileInputStream;
            } catch (Exception e) {
                e.printStackTrace();
                if (file == null) {
                    return null;
                }
                file.delete();
                return null;
            }
        } catch (Throwable th) {
            if (file != null) {
                file.delete();
            }
            throw th;
        }
    }

    private static PreparedDocument prepareDocument(InputStream inputStream, String str, Certificate certificate, String str2, String str3, String str4) {
        try {
            final File createTempFile = File.createTempFile(UUID.randomUUID().toString(), ".presign");
            final byte[] documentHash = getDocumentHash(inputStream, new FileOutputStream(createTempFile), str, certificate, str2, str3, str4);
            return new PreparedDocument() { // from class: io.intino.amidas.util.PdfSigner.1
                @Override // io.intino.amidas.util.PdfSigner.PreparedDocument
                public String hash() {
                    return Base64.getEncoder().encodeToString(documentHash);
                }

                @Override // io.intino.amidas.util.PdfSigner.PreparedDocument
                public InputStream document() {
                    try {
                        return new FileInputStream(createTempFile);
                    } catch (FileNotFoundException e) {
                        return null;
                    } finally {
                        createTempFile.delete();
                    }
                }
            };
        } catch (IOException e) {
            return null;
        }
    }

    private static byte[] getDocumentHash(InputStream inputStream, OutputStream outputStream, String str, Certificate certificate, String str2, String str3, String str4) {
        try {
            PdfReader pdfReader = new PdfReader(inputStream);
            PdfStamper createSignature = PdfStamper.createSignature(pdfReader, outputStream, (char) 0, (File) null, true);
            if (getPDFXConformance(pdfReader) == 4) {
                createSignature.getWriter().setPDFXConformance(4);
            }
            PdfSignatureAppearance signatureAppearance = createSignature.getSignatureAppearance();
            signatureAppearance.setCrypto((PrivateKey) null, new Certificate[]{certificate}, (CRL[]) null, PdfSignatureAppearance.WINCER_SIGNED);
            if (pdfReader.getAcroFields().getField(str) != null) {
                signatureAppearance.setVisibleSignature(str);
            }
            signatureAppearance.setCertificationLevel(0);
            addSignMetadata(certificate, signatureAppearance, str2, str3, str4);
            HashMap hashMap = new HashMap();
            hashMap.put(PdfName.CONTENTS, 15002);
            signatureAppearance.preClose(hashMap);
            MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
            byte[] bArr = new byte[8192];
            InputStream rangeStream = signatureAppearance.getRangeStream();
            while (true) {
                int read = rangeStream.read(bArr);
                if (read <= 0) {
                    byte[] digest = messageDigest.digest();
                    PdfDictionary pdfDictionary = new PdfDictionary();
                    pdfDictionary.put(PdfName.CONTENTS, new PdfString(PdfSignerUtils.getPlaceHolderArr(ENCODED_SIGNATURE_LENGTH)).setHexWriting(true));
                    signatureAppearance.close(pdfDictionary);
                    return digest;
                }
                messageDigest.update(bArr, 0, read);
            }
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private static int getPDFXConformance(PdfReader pdfReader) {
        try {
            if (pdfReader.getMetadata() == null) {
                return 0;
            }
            Node item = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new ByteArrayInputStream(pdfReader.getMetadata())).getElementsByTagName("pdfaid:conformance").item(0);
            if (item.getTextContent().equals("A")) {
                return 3;
            }
            return item.getTextContent().equals("B") ? 4 : 0;
        } catch (Exception e) {
            e.printStackTrace();
            return 0;
        }
    }

    private static void addSignMetadata(Certificate certificate, PdfSignatureAppearance pdfSignatureAppearance, String str, String str2, String str3) {
        Calendar calendar = Calendar.getInstance();
        pdfSignatureAppearance.setSignDate(calendar);
        if (str != null && !str.isEmpty()) {
            pdfSignatureAppearance.setReason(str);
        }
        if (str2 != null && !str2.isEmpty()) {
            pdfSignatureAppearance.setLocation(str2);
        }
        if (str3 != null && !str3.isEmpty()) {
            pdfSignatureAppearance.setContact(str3);
        }
        pdfSignatureAppearance.setAcro6Layers(true);
        pdfSignatureAppearance.setRenderingMode(PdfSignatureAppearance.RenderingMode.DESCRIPTION);
        PdfSignature pdfSignature = new PdfSignature(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1);
        pdfSignature.setDate(new PdfDate(calendar));
        pdfSignature.setName(PdfPKCS7.getSubjectFields((X509Certificate) certificate).getField("CN"));
        pdfSignature.setReason(str);
        pdfSignature.setLocation(str2);
        pdfSignature.setContact(str3);
        pdfSignatureAppearance.setCryptoDictionary(pdfSignature);
    }

    private static boolean verifyDocument(InputStream inputStream) throws IOException, SignatureException {
        PdfReader pdfReader = null;
        try {
            pdfReader = new PdfReader(inputStream);
            AcroFields acroFields = pdfReader.getAcroFields();
            boolean z = true;
            Iterator it = acroFields.getSignatureNames().iterator();
            while (it.hasNext()) {
                z &= acroFields.verifySignature((String) it.next()).verify();
            }
            if (pdfReader != null) {
                pdfReader.close();
            }
            return z;
        } catch (Throwable th) {
            if (pdfReader != null) {
                pdfReader.close();
            }
            throw th;
        }
    }
}
