package es.gob.afirma.signers.pades;

import com.aowagie.text.pdf.PdfDictionary;
import com.aowagie.text.pdf.PdfName;
import com.aowagie.text.pdf.PdfSignatureAppearance;
import com.aowagie.text.pdf.PdfString;
import es.gob.afirma.core.AOException;
import es.gob.afirma.core.misc.AOUtil;
import es.gob.afirma.core.signers.SignEnhancer;
import es.gob.afirma.signers.cades.CAdESParameters;
import es.gob.afirma.signers.cades.CAdESSignerMetadata;
import es.gob.afirma.signers.cades.CAdESTriPhaseSigner;
import es.gob.afirma.signers.tsp.pkcs7.CMSTimestamper;
import es.gob.afirma.signers.tsp.pkcs7.TsaParams;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.Properties;
import java.util.logging.Logger;

/* loaded from: input_file:es/gob/afirma/signers/pades/PAdESTriPhaseSigner.class */
public final class PAdESTriPhaseSigner {
    public static final int LAST_PAGE = -1;
    private static final int CSIZE = 27000;

    private PAdESTriPhaseSigner() {
    }

    public static PdfSignResult preSign(String str, byte[] bArr, Certificate[] certificateArr, GregorianCalendar gregorianCalendar, Properties properties) throws IOException, AOException, InvalidPdfException {
        Properties properties2 = properties != null ? properties : new Properties();
        PdfTriPhaseSession sessionData = PdfSessionManager.getSessionData(bArr, certificateArr, gregorianCalendar, properties2);
        byte[] dataFromInputStream = AOUtil.getDataFromInputStream(sessionData.getSAP().getRangeStream());
        CAdESParameters load = CAdESParameters.load((byte[]) null, str, properties2);
        try {
            load.setDataDigest(MessageDigest.getInstance(load.getDigestAlgorithm()).digest(dataFromInputStream));
            load.setMetadata((CAdESSignerMetadata) null);
            load.setContentTypeOid((String) null);
            load.setContentDescription((String) null);
            load.setSigningTime((Date) null);
            return new PdfSignResult(sessionData.getFileID(), CAdESTriPhaseSigner.preSign(certificateArr, gregorianCalendar.getTime(), load), null, gregorianCalendar, properties2);
        } catch (NoSuchAlgorithmException e) {
            throw new AOException("El algoritmo de huella digital no es valido: " + e, e);
        }
    }

    public static byte[] postSign(String str, byte[] bArr, Certificate[] certificateArr, byte[] bArr2, PdfSignResult pdfSignResult, SignEnhancer signEnhancer, Properties properties) throws AOException, IOException, NoSuchAlgorithmException {
        return insertSignatureOnPdf(bArr, certificateArr, generatePdfSignature(str, certificateArr, pdfSignResult.getExtraParams(), bArr2, pdfSignResult.getSign(), pdfSignResult.getFileID(), pdfSignResult.getTimestamp(), pdfSignResult.getSignTime(), signEnhancer, properties));
    }

    private static PdfSignResult generatePdfSignature(String str, Certificate[] certificateArr, Properties properties, byte[] bArr, byte[] bArr2, String str2, byte[] bArr3, GregorianCalendar gregorianCalendar, SignEnhancer signEnhancer, Properties properties2) throws AOException, IOException, NoSuchAlgorithmException {
        TsaParams tsaParams;
        byte[] postSign = CAdESTriPhaseSigner.postSign(str, (byte[]) null, certificateArr, bArr, bArr2);
        Properties properties3 = properties != null ? properties : new Properties();
        if (!"2".equals(properties3.getProperty("tsType")) && properties3.getProperty("tsaURL") != null) {
            try {
                tsaParams = new TsaParams(properties3);
            } catch (Exception e) {
                Logger.getLogger("es.gob.afirma").warning("Se ha pedido aplicar sello de tiempo, pero falta informacion necesaria: " + e);
                tsaParams = null;
            }
            if (tsaParams != null) {
                postSign = new CMSTimestamper(tsaParams).addTimestamp(postSign, tsaParams.getTsaHashAlgorithm(), gregorianCalendar);
            }
        }
        if (signEnhancer != null) {
            postSign = signEnhancer.enhance(postSign, properties2 != null ? properties2 : properties3);
        }
        return new PdfSignResult(str2, postSign, bArr3, gregorianCalendar, properties != null ? properties : new Properties());
    }

    private static byte[] insertSignatureOnPdf(byte[] bArr, Certificate[] certificateArr, PdfSignResult pdfSignResult) throws AOException, IOException {
        byte[] bArr2 = new byte[CSIZE];
        if (pdfSignResult.getSign().length > CSIZE) {
            throw new AOException("El tamano de la firma (" + pdfSignResult.getSign().length + ") supera el maximo permitido para un PDF (" + CSIZE + ")");
        }
        PdfDictionary pdfDictionary = new PdfDictionary();
        System.arraycopy(pdfSignResult.getSign(), 0, bArr2, 0, pdfSignResult.getSign().length);
        pdfDictionary.put(PdfName.CONTENTS, new PdfString(bArr2).setHexWriting(true));
        try {
            PdfTriPhaseSession sessionData = PdfSessionManager.getSessionData(bArr, certificateArr, pdfSignResult.getSignTime(), pdfSignResult.getExtraParams());
            PdfSignatureAppearance sap = sessionData.getSAP();
            ByteArrayOutputStream baos = sessionData.getBAOS();
            Throwable th = null;
            try {
                String fileID = sessionData.getFileID();
                try {
                    sap.close(pdfDictionary);
                    byte[] bytes = new String(baos.toByteArray(), StandardCharsets.ISO_8859_1).replace(fileID, pdfSignResult.getFileID()).getBytes(StandardCharsets.ISO_8859_1);
                    if (baos != null) {
                        if (0 != 0) {
                            try {
                                baos.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            baos.close();
                        }
                    }
                    return bytes;
                } catch (Exception e) {
                    baos.close();
                    throw new AOException("Error al cerrar el PDF para finalizar el proceso de firma", e);
                }
            } catch (Throwable th3) {
                if (baos != null) {
                    if (0 != 0) {
                        try {
                            baos.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        baos.close();
                    }
                }
                throw th3;
            }
        } catch (InvalidPdfException e2) {
            throw new IOException((Throwable) e2);
        }
    }
}
