package es.gob.afirma.signers.pades;

import com.aowagie.text.pdf.C0039ay;
import com.aowagie.text.pdf.C0045bd;
import com.aowagie.text.pdf.C0069ca;
import com.aowagie.text.pdf.bQ;
import es.gob.afirma.core.AOException;
import es.gob.afirma.core.misc.AOUtil;
import es.gob.afirma.core.signers.AOSignConstants;
import es.gob.afirma.core.signers.AdESPolicy;
import es.gob.afirma.signers.cades.CAdESExtraParams;
import es.gob.afirma.signers.cades.CAdESSignerMetadataHelper;
import es.gob.afirma.signers.cades.CAdESTriPhaseSigner;
import es.gob.afirma.signers.cades.CommitmentTypeIndicationsHelper;
import es.gob.afirma.signers.tsp.pkcs7.CMSTimestamper;
import es.gob.afirma.signers.tsp.pkcs7.TsaParams;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.util.GregorianCalendar;
import java.util.Properties;

/* loaded from: input_file:es/gob/afirma/signers/pades/PAdESTriPhaseSigner.class */
public final class PAdESTriPhaseSigner {
    public static final int LAST_PAGE = -666;
    public static final String ITEXT_VERSION = "2.1.7";

    private PAdESTriPhaseSigner() {
    }

    public static PdfSignResult preSign(String str, byte[] bArr, Certificate[] certificateArr, GregorianCalendar gregorianCalendar, Properties properties) {
        boolean z;
        Properties properties2 = properties != null ? properties : new Properties();
        PdfTriPhaseSession sessionData = PdfSessionManager.getSessionData(bArr, certificateArr, gregorianCalendar, properties2);
        if (properties2.containsKey(CAdESExtraParams.SIGNING_CERTIFICATE_V2)) {
            z = Boolean.parseBoolean(properties2.getProperty(CAdESExtraParams.SIGNING_CERTIFICATE_V2));
        } else {
            z = !"SHA1".equals(AOSignConstants.getDigestAlgorithmName(str));
        }
        try {
            return new PdfSignResult(sessionData.getFileID(), CAdESTriPhaseSigner.preSign(AOSignConstants.getDigestAlgorithmName(str), null, certificateArr, AdESPolicy.buildAdESPolicy(properties2), z, MessageDigest.getInstance(AOSignConstants.getDigestAlgorithmName(str)).digest(AOUtil.getDataFromInputStream(sessionData.getSAP().p())), gregorianCalendar.getTime(), false, true, "1.2.826.0.1089.1.5", "Documento en formato PDF", CommitmentTypeIndicationsHelper.getCommitmentTypeIndications(properties2), CAdESSignerMetadataHelper.getCAdESSignerMetadata(properties2), Boolean.parseBoolean(properties2.getProperty(CAdESExtraParams.DO_NOT_INCLUDE_POLICY_ON_SIGNING_CERTIFICATE, "false"))), null, gregorianCalendar, properties2);
        } catch (NoSuchAlgorithmException e) {
            throw new AOException("El algoritmo de huella digital no es valido: " + e, e);
        }
    }

    public static byte[] postSign(String str, byte[] bArr, Certificate[] certificateArr, byte[] bArr2, PdfSignResult pdfSignResult, SignEnhancer signEnhancer, Properties properties) {
        return a(bArr, certificateArr, a(str, certificateArr, pdfSignResult.a(), bArr2, pdfSignResult.getSign(), pdfSignResult.getFileID(), pdfSignResult.getTimestamp(), pdfSignResult.b(), signEnhancer, properties));
    }

    private static PdfSignResult a(String str, Certificate[] certificateArr, Properties properties, byte[] bArr, byte[] bArr2, String str2, byte[] bArr3, GregorianCalendar gregorianCalendar, SignEnhancer signEnhancer, Properties properties2) {
        TsaParams tsaParams;
        byte[] postSign = CAdESTriPhaseSigner.postSign(AOSignConstants.getDigestAlgorithmName(str), null, certificateArr, bArr, bArr2);
        Properties properties3 = properties != null ? properties : new Properties();
        if (!TsaParams.TS_DOC.equals(properties3.getProperty("tsType"))) {
            try {
                tsaParams = new TsaParams(properties3);
            } catch (Exception e) {
                tsaParams = null;
            }
            if (tsaParams != null) {
                postSign = new CMSTimestamper(tsaParams).addTimestamp(postSign, tsaParams.getTsaHashAlgorithm(), gregorianCalendar);
            }
        }
        if (signEnhancer != null) {
            postSign = signEnhancer.enhance(postSign, properties2);
        }
        return new PdfSignResult(str2, postSign, bArr3, gregorianCalendar, properties != null ? properties : new Properties());
    }

    private static byte[] a(byte[] bArr, Certificate[] certificateArr, PdfSignResult pdfSignResult) {
        byte[] bArr2 = new byte[27000];
        if (pdfSignResult.getSign().length > 27000) {
            throw new AOException("El tamano de la firma (" + pdfSignResult.getSign().length + ") supera el maximo permitido para un PDF (27000)");
        }
        C0039ay c0039ay = new C0039ay();
        System.arraycopy(pdfSignResult.getSign(), 0, bArr2, 0, pdfSignResult.getSign().length);
        c0039ay.a(C0045bd.be, new C0069ca(bArr2).a(true));
        try {
            PdfTriPhaseSession sessionData = PdfSessionManager.getSessionData(bArr, certificateArr, pdfSignResult.b(), pdfSignResult.a());
            bQ sap = sessionData.getSAP();
            ByteArrayOutputStream baos = sessionData.getBAOS();
            String fileID = sessionData.getFileID();
            try {
                sap.a(c0039ay);
                byte[] bytes = new String(baos.toByteArray(), "ISO-8859-1").replace(fileID, pdfSignResult.getFileID()).getBytes("ISO-8859-1");
                baos.close();
                return bytes;
            } catch (Exception e) {
                baos.close();
                throw new AOException("Error al cerrar el PDF para finalizar el proceso de firma", e);
            }
        } catch (InvalidPdfException e2) {
            throw new IOException(e2);
        }
    }
}
